]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
basic/unit-file: fix use-after-free
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
4f5dd394
LP		 15#include "bus-common-errors.h"
16#include "bus-util.h"
fdb3deca 17#include "cgroup-setup.h"
c6c18be3 18#include "cgroup-util.h"
e30bbc90 19#include "core-varlink.h"
4f5dd394
LP		 20#include "dbus-unit.h"
21#include "dbus.h"
22#include "dropin.h"
23#include "escape.h"
24#include "execute.h"
6a48d82f 25#include "fd-util.h"
a5c32cff 26#include "fileio-label.h"
ee228be1 27#include "fileio.h"
f97b34a6 28#include "format-util.h"
4b58153d 29#include "id128-util.h"
5cfa33e0 30#include "install.h"
2d3b784d 31#include "io-util.h"
a3f5fd96 32#include "label.h"
4f5dd394
LP		 33#include "load-dropin.h"
34#include "load-fragment.h"
35#include "log.h"
36#include "macro.h"
f5947a5e 37#include "missing_audit.h"
4f5dd394
LP		 38#include "mkdir.h"
39#include "path-util.h"
0b452006 40#include "process-util.h"
810ef318 41#include "rm-rf.h"
4f5dd394 42#include "set.h"
6eb7c172 43#include "signal-util.h"
91ce91c7 44#include "socket-bind.h"
d3070fbd 45#include "sparse-endian.h"
e9db43d5 46#include "special.h"
2e59b241 47#include "specifier.h"
8fcde012 48#include "stat-util.h"
d054f0a4 49#include "stdio-util.h"
5afe510c 50#include "string-table.h"
07630cea 51#include "string-util.h"
4f5dd394 52#include "strv.h"
5b262f74 53#include "terminal-util.h"
e4de7287 54#include "tmpfile-util.h"
4f4afc88 55#include "umask-util.h"
4f5dd394 56#include "unit-name.h"
e9db43d5 57#include "unit.h"
b1d4f8e1
LP		 58#include "user-util.h"
59#include "virt.h"
91ce91c7
JK		 60#if BPF_FRAMEWORK
61#include "bpf-link.h"
62#endif
87f0e418 63
37109b85
ZJS		 64/* Thresholds for logging at INFO level about resource consumption */
65#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
66#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
67#define MENTIONWORTHY_IP_BYTES (0ULL)
68
69/* Thresholds for logging at INFO level about resource consumption */
70#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
71#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
72#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
73
87f0e418
LP		 74const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
75 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 76 [UNIT_SOCKET] = &socket_vtable,
77 [UNIT_TARGET] = &target_vtable,
78 [UNIT_DEVICE] = &device_vtable,
79 [UNIT_MOUNT] = &mount_vtable,
80 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 81 [UNIT_SWAP] = &swap_vtable,
e821075a 82 [UNIT_TIMER] = &timer_vtable,
a016b922 83 [UNIT_PATH] = &path_vtable,
6c12b52e 84 [UNIT_SLICE] = &slice_vtable,
5afe510c 85 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 86};
87
75db809a 88Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 89 Unit *u;
90
91 assert(m);
ac155bb8 92 assert(size >= sizeof(Unit));
87f0e418 93
7d17cfbc
MS		 94 u = malloc0(size);
95 if (!u)
87f0e418
LP		 96 return NULL;
97
ac155bb8
MS		 98 u->manager = m;
99 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 100 u->default_dependencies = true;
101 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 102 u->unit_file_preset = -1;
d420282b 103 u->on_failure_job_mode = JOB_REPLACE;
294446dc 104 u->on_success_job_mode = JOB_FAIL;
0bb814c2 105 u->cgroup_control_inotify_wd = -1;
afcfaa69 106 u->cgroup_memory_inotify_wd = -1;
36c16a7c 107 u->job_timeout = USEC_INFINITY;
a2df3ea4 108 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 109 u->ref_uid = UID_INVALID;
110 u->ref_gid = GID_INVALID;
fe700f46 111 u->cpu_usage_last = NSEC_INFINITY;
17f14955 112 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 113 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 114
6a48d82f
DM		 115 u->ip_accounting_ingress_map_fd = -1;
116 u->ip_accounting_egress_map_fd = -1;
117 u->ipv4_allow_map_fd = -1;
118 u->ipv6_allow_map_fd = -1;
119 u->ipv4_deny_map_fd = -1;
120 u->ipv6_deny_map_fd = -1;
121
2e59b241
LP		 122 u->last_section_private = -1;
123
7bf081a1 124 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 125 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 126
fbe14fc9
LP		 127 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
128 u->io_accounting_last[i] = UINT64_MAX;
129
87f0e418
LP		 130 return u;
131}
132
a581e45a 133int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 134 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 135 int r;
136
137 u = unit_new(m, size);
138 if (!u)
139 return -ENOMEM;
140
141 r = unit_add_name(u, name);
dc409696 142 if (r < 0)
a581e45a 143 return r;
a581e45a 144
1cc6c93a
YW		 145 *ret = TAKE_PTR(u);
146
a581e45a
LP		 147 return r;
148}
149
303ee601 150bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 151 assert(u);
152 assert(name);
153
4562c355
ZJS		 154 return streq_ptr(name, u->id) ||
155 set_contains(u->aliases, name);
f278026d
LP		 156}
157
598459ce
LP		 158static void unit_init(Unit *u) {
159 CGroupContext *cc;
160 ExecContext *ec;
161 KillContext *kc;
162
163 assert(u);
164 assert(u->manager);
165 assert(u->type >= 0);
166
167 cc = unit_get_cgroup_context(u);
168 if (cc) {
169 cgroup_context_init(cc);
170
171 /* Copy in the manager defaults into the cgroup
172 * context, _before_ the rest of the settings have
173 * been initialized */
174
175 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 176 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 177 cc->blockio_accounting = u->manager->default_blockio_accounting;
178 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 179 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 180 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 181
182 if (u->type != UNIT_SLICE)
183 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 184 }
185
186 ec = unit_get_exec_context(u);
b1edf445 187 if (ec) {
598459ce
LP		 188 exec_context_init(ec);
189
5e37d193
FB		 190 if (MANAGER_IS_SYSTEM(u->manager))
191 ec->keyring_mode = EXEC_KEYRING_SHARED;
192 else {
193 ec->keyring_mode = EXEC_KEYRING_INHERIT;
194
195 /* User manager might have its umask redefined by PAM or UMask=. In this
196 * case let the units it manages inherit this value by default. They can
197 * still tune this value through their own unit file */
198 (void) get_process_umask(getpid_cached(), &ec->umask);
199 }
b1edf445
LP		 200 }
201
598459ce
LP		 202 kc = unit_get_kill_context(u);
203 if (kc)
204 kill_context_init(kc);
205
206 if (UNIT_VTABLE(u)->init)
207 UNIT_VTABLE(u)->init(u);
208}
209
4562c355
ZJS		 210static int unit_add_alias(Unit *u, char *donated_name) {
211 int r;
212
213 /* Make sure that u->names is allocated. We may leave u->names
214 * empty if we fail later, but this is not a problem. */
973bc32a 215 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 216 if (r < 0)
217 return r;
218 assert(r > 0);
219
220 return 0;
221}
222
87f0e418 223int unit_add_name(Unit *u, const char *text) {
4562c355 224 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 225 UnitType t;
87f0e418
LP		 226 int r;
227
228 assert(u);
229 assert(text);
230
7410616c 231 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 232 if (!u->instance)
acd1987a
WY		 233 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
234 "instance is not set when adding name '%s': %m", text);
87f0e418 235
4562c355 236 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 237 if (r < 0)
acd1987a
WY		 238 return log_unit_debug_errno(u, r,
239 "failed to build instance name from '%s': %m", text);
7410616c 240 } else {
4562c355
ZJS		 241 name = strdup(text);
242 if (!name)
7410616c
LP		 243 return -ENOMEM;
244 }
87f0e418 245
4562c355 246 if (unit_has_name(u, name))
7410616c 247 return 0;
4562c355
ZJS		 248
249 if (hashmap_contains(u->manager->units, name))
acd1987a 250 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 251 "unit already exist when adding name '%s': %m", name);
7410616c 252
4562c355 253 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 254 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 255 "name '%s' is invalid: %m", name);
e537352b 256
4562c355 257 t = unit_name_to_type(name);
7410616c 258 if (t < 0)
acd1987a 259 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 260 "failed to derive unit type from name '%s': %m", name);
87f0e418 261
598459ce 262 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 263 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
264 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 265 u->type, t, name);
87f0e418 266
4562c355 267 r = unit_name_to_instance(name, &instance);
e48614c4 268 if (r < 0)
4562c355 269 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 270
4562c355
ZJS		 271 if (instance && !unit_type_may_template(t))
272 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 273
d383acad
ZJS		 274 /* Ensure that this unit either has no instance, or that the instance matches. */
275 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 276 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 277 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
278 name, instance, u->instance);
9e2f7c11 279
4562c355 280 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 281 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
282 "cannot add name %s, aliases are not allowed for %s units.",
283 name, unit_type_to_string(t));
9e2f7c11 284
598459ce 285 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 286 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 287
4562c355
ZJS		 288 /* Add name to the global hashmap first, because that's easier to undo */
289 r = hashmap_put(u->manager->units, name, u);
7410616c 290 if (r < 0)
acd1987a 291 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 292
4562c355
ZJS		 293 if (u->id) {
294 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
295 if (r < 0) {
296 hashmap_remove(u->manager->units, name);
297 return r;
298 }
299 TAKE_PTR(name);
300
301 } else {
302 /* A new name, we don't need the set yet. */
303 assert(u->type == _UNIT_TYPE_INVALID);
304 assert(!u->instance);
305
ac155bb8 306 u->type = t;
4562c355
ZJS		 307 u->id = TAKE_PTR(name);
308 u->instance = TAKE_PTR(instance);
9e2f7c11 309
71fda00f 310 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 311 unit_init(u);
598459ce 312 }
9e2f7c11 313
598459ce
LP		 314 unit_add_to_dbus_queue(u);
315 return 0;
87f0e418
LP		 316}
317
0ae97ec1 318int unit_choose_id(Unit *u, const char *name) {
68eda4bd 319 _cleanup_free_ char *t = NULL;
4562c355 320 char *s;
276c3e78 321 int r;
0ae97ec1
LP		 322
323 assert(u);
324 assert(name);
325
7410616c 326 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 327 if (!u->instance)
9e2f7c11
LP		 328 return -EINVAL;
329
7410616c
LP		 330 r = unit_name_replace_instance(name, u->instance, &t);
331 if (r < 0)
332 return r;
9e2f7c11
LP		 333
334 name = t;
335 }
336
4562c355
ZJS		 337 if (streq_ptr(u->id, name))
338 return 0; /* Nothing to do. */
339
340 /* Selects one of the aliases of this unit as the id */
341 s = set_get(u->aliases, (char*) name);
9e2f7c11 342 if (!s)
0ae97ec1
LP		 343 return -ENOENT;
344
4562c355
ZJS		 345 if (u->id) {
346 r = set_remove_and_put(u->aliases, name, u->id);
347 if (r < 0)
348 return r;
349 } else
350 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 351
4562c355 352 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 353 unit_add_to_dbus_queue(u);
9e2f7c11 354
0ae97ec1
LP		 355 return 0;
356}
357
f50e0a01 358int unit_set_description(Unit *u, const char *description) {
84b26d51 359 int r;
f50e0a01
LP		 360
361 assert(u);
362
84b26d51
LP		 363 r = free_and_strdup(&u->description, empty_to_null(description));
364 if (r < 0)
365 return r;
366 if (r > 0)
367 unit_add_to_dbus_queue(u);
c1e1601e 368
f50e0a01
LP		 369 return 0;
370}
371
f2f725e5 372bool unit_may_gc(Unit *u) {
a354329f 373 UnitActiveState state;
e98b2fbb 374 int r;
5afe510c 375
701cc384
LP		 376 assert(u);
377
f2f725e5
ZJS		 378 /* Checks whether the unit is ready to be unloaded for garbage collection.
379 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 380 * reason to keep it loaded.
381 *
382 * References from other units are *not* checked here. Instead, this is done
383 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
384 */
5afe510c 385
a354329f 386 if (u->job)
f2f725e5 387 return false;
701cc384 388
a354329f 389 if (u->nop_job)
f2f725e5 390 return false;
6c073082 391
a354329f
LP		 392 state = unit_active_state(u);
393
7eb2a8a1 394 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 395 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
396 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 397 UNIT_VTABLE(u)->release_resources(u);
a354329f 398
f5869324 399 if (u->perpetual)
f2f725e5 400 return false;
9d576438 401
05a98afd 402 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 403 return false;
05a98afd 404
5afe510c
LP		 405 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
406 switch (u->collect_mode) {
407
408 case COLLECT_INACTIVE:
409 if (state != UNIT_INACTIVE)
f2f725e5 410 return false;
5afe510c
LP		 411
412 break;
413
414 case COLLECT_INACTIVE_OR_FAILED:
415 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 416 return false;
5afe510c
LP		 417
418 break;
419
420 default:
421 assert_not_reached("Unknown garbage collection mode");
422 }
423
e98b2fbb
LP		 424 if (u->cgroup_path) {
425 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
426 * around. Units with active processes should never be collected. */
427
428 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
429 if (r < 0)
430 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
431 if (r <= 0)
f2f725e5 432 return false;
e98b2fbb
LP		 433 }
434
f2f725e5
ZJS		 435 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
436 return false;
701cc384 437
f2f725e5 438 return true;
701cc384
LP		 439}
440
87f0e418
LP		 441void unit_add_to_load_queue(Unit *u) {
442 assert(u);
ac155bb8 443 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 444
ac155bb8 445 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 446 return;
447
71fda00f 448 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 449 u->in_load_queue = true;
87f0e418
LP		 450}
451
23a177ef
LP		 452void unit_add_to_cleanup_queue(Unit *u) {
453 assert(u);
454
ac155bb8 455 if (u->in_cleanup_queue)
23a177ef
LP		 456 return;
457
71fda00f 458 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 459 u->in_cleanup_queue = true;
23a177ef
LP		 460}
461
701cc384
LP		 462void unit_add_to_gc_queue(Unit *u) {
463 assert(u);
464
ac155bb8 465 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 466 return;
467
f2f725e5 468 if (!unit_may_gc(u))
701cc384
LP		 469 return;
470
c5a97ed1 471 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 472 u->in_gc_queue = true;
701cc384
LP		 473}
474
c1e1601e
LP		 475void unit_add_to_dbus_queue(Unit *u) {
476 assert(u);
ac155bb8 477 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 478
ac155bb8 479 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 480 return;
481
a567261a 482 /* Shortcut things if nobody cares */
8f8f05a9 483 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 484 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 485 set_isempty(u->manager->private_buses)) {
ac155bb8 486 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 487 return;
488 }
489
71fda00f 490 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 491 u->in_dbus_queue = true;
c1e1601e
LP		 492}
493
fda09318 494void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 495 assert(u);
496
497 if (u->in_stop_when_unneeded_queue)
498 return;
499
500 if (!u->stop_when_unneeded)
501 return;
502
503 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
504 return;
505
506 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
507 u->in_stop_when_unneeded_queue = true;
508}
509
0bc488c9
LP		 510void unit_submit_to_start_when_upheld_queue(Unit *u) {
511 assert(u);
512
513 if (u->in_start_when_upheld_queue)
514 return;
515
516 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
517 return;
518
519 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
520 return;
521
522 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
523 u->in_start_when_upheld_queue = true;
524}
525
56c59592
LP		 526void unit_submit_to_stop_when_bound_queue(Unit *u) {
527 assert(u);
528
529 if (u->in_stop_when_bound_queue)
530 return;
531
532 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
533 return;
534
535 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
536 return;
537
538 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
539 u->in_stop_when_bound_queue = true;
540}
541
15ed3c3a 542static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 543 assert(u);
544
15ed3c3a
LP		 545 /* Removes all dependencies configured on u and their reverse dependencies. */
546
547 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 548
15ed3c3a
LP		 549 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
550 Hashmap *other_deps;
701cc384 551
15ed3c3a
LP		 552 HASHMAP_FOREACH(other_deps, other->dependencies)
553 hashmap_remove(other_deps, u);
554
555 unit_add_to_gc_queue(other);
556 }
557
558 hashmap_free(deps);
87f0e418
LP		 559 }
560
15ed3c3a 561 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 562}
563
c2756a68
LP		 564static void unit_remove_transient(Unit *u) {
565 char **i;
566
567 assert(u);
568
569 if (!u->transient)
570 return;
571
572 if (u->fragment_path)
3f5e8115 573 (void) unlink(u->fragment_path);
c2756a68
LP		 574
575 STRV_FOREACH(i, u->dropin_paths) {
39591351 576 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 577
39591351
LP		 578 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
579 if (!p)
580 continue;
581
582 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
583 if (!pp)
584 continue;
585
586 /* Only drop transient drop-ins */
587 if (!path_equal(u->manager->lookup_paths.transient, pp))
588 continue;
c2756a68 589
39591351
LP		 590 (void) unlink(*i);
591 (void) rmdir(p);
c2756a68
LP		 592 }
593}
594
a57f7e2c 595static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 596 assert(u);
a57f7e2c 597
eef85c4a 598 for (;;) {
c2b2df60 599 _cleanup_free_ char *path = NULL;
a57f7e2c 600
eef85c4a
LP		 601 path = hashmap_steal_first_key(u->requires_mounts_for);
602 if (!path)
603 break;
604 else {
605 char s[strlen(path) + 1];
a57f7e2c 606
eef85c4a
LP		 607 PATH_FOREACH_PREFIX_MORE(s, path) {
608 char *y;
609 Set *x;
610
611 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
612 if (!x)
613 continue;
a57f7e2c 614
eef85c4a 615 (void) set_remove(x, u);
a57f7e2c 616
eef85c4a
LP		 617 if (set_isempty(x)) {
618 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
619 free(y);
620 set_free(x);
621 }
a57f7e2c
LP		 622 }
623 }
624 }
625
eef85c4a 626 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 627}
628
598459ce
LP		 629static void unit_done(Unit *u) {
630 ExecContext *ec;
631 CGroupContext *cc;
632
633 assert(u);
634
635 if (u->type < 0)
636 return;
637
638 if (UNIT_VTABLE(u)->done)
639 UNIT_VTABLE(u)->done(u);
640
641 ec = unit_get_exec_context(u);
642 if (ec)
643 exec_context_done(ec);
644
645 cc = unit_get_cgroup_context(u);
646 if (cc)
647 cgroup_context_done(cc);
648}
649
75db809a 650Unit* unit_free(Unit *u) {
12f64221 651 Unit *slice;
87f0e418
LP		 652 char *t;
653
c9d5c9c0 654 if (!u)
75db809a 655 return NULL;
87f0e418 656
50fb00b7 657 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 658
2c289ea8 659 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 660 unit_remove_transient(u);
661
c1e1601e
LP		 662 bus_unit_send_removed_signal(u);
663
598459ce 664 unit_done(u);
a013b84b 665
50be4f4a 666 unit_dequeue_rewatch_pids(u);
cf9fd508 667
50be4f4a 668 sd_bus_slot_unref(u->match_bus_slot);
05a98afd
LP		 669 sd_bus_track_unref(u->bus_track);
670 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 671 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 672
a57f7e2c
LP		 673 unit_free_requires_mounts_for(u);
674
90e74a66 675 SET_FOREACH(t, u->aliases)
ac155bb8 676 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 677 if (u->id)
678 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 679
4b58153d
LP		 680 if (!sd_id128_is_null(u->invocation_id))
681 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
682
97e7d748
MS		 683 if (u->job) {
684 Job *j = u->job;
685 job_uninstall(j);
686 job_free(j);
687 }
964e0949 688
e0209d83
MS		 689 if (u->nop_job) {
690 Job *j = u->nop_job;
691 job_uninstall(j);
692 job_free(j);
693 }
694
4c591f39
MK		 695 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
696 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 697 slice = UNIT_GET_SLICE(u);
d219a2b0 698 unit_clear_dependencies(u);
12f64221
LP		 699 if (slice)
700 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 701
adefcf28
LP		 702 if (u->on_console)
703 manager_unref_console(u->manager);
704
3d027d4d
JK		 705
706 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 707#if BPF_FRAMEWORK
708 bpf_link_free(u->ipv4_socket_bind_link);
709 bpf_link_free(u->ipv6_socket_bind_link);
710#endif
711
efdb0237 712 unit_release_cgroup(u);
72673e86 713
d3070fbd
LP		 714 if (!MANAGER_IS_RELOADING(u->manager))
715 unit_unlink_state_files(u);
716
00d9ef85
LP		 717 unit_unref_uid_gid(u, false);
718
5269eb6b 719 (void) manager_update_failed_units(u->manager, u, false);
db785129 720 set_remove(u->manager->startup_units, u);
f755e3b7 721
a911bb9a
LP		 722 unit_unwatch_all_pids(u);
723
7f7d01ed
ZJS		 724 while (u->refs_by_target)
725 unit_ref_unset(u->refs_by_target);
57020a3a 726
ac155bb8 727 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 728 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 729
ac155bb8 730 if (u->in_load_queue)
71fda00f 731 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 732
ac155bb8 733 if (u->in_dbus_queue)
71fda00f 734 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 735
a2d72e26 736 if (u->in_gc_queue)
c5a97ed1 737 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 738
91a6073e
LP		 739 if (u->in_cgroup_realize_queue)
740 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 741
09e24654
LP		 742 if (u->in_cgroup_empty_queue)
743 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
744
1bdf2790
ZJS		 745 if (u->in_cleanup_queue)
746 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
adefcf28 747
19496554
MS		 748 if (u->in_target_deps_queue)
749 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
750
a3c1168a
LP		 751 if (u->in_stop_when_unneeded_queue)
752 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
753
0bc488c9
LP		 754 if (u->in_start_when_upheld_queue)
755 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
756
56c59592
LP		 757 if (u->in_stop_when_bound_queue)
758 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
759
6a48d82f
DM		 760 safe_close(u->ip_accounting_ingress_map_fd);
761 safe_close(u->ip_accounting_egress_map_fd);
72673e86 762
6a48d82f
DM		 763 safe_close(u->ipv4_allow_map_fd);
764 safe_close(u->ipv6_allow_map_fd);
765 safe_close(u->ipv4_deny_map_fd);
766 safe_close(u->ipv6_deny_map_fd);
d3070fbd 767
6a48d82f 768 bpf_program_unref(u->ip_bpf_ingress);
aa2b6f1d 769 bpf_program_unref(u->ip_bpf_ingress_installed);
6a48d82f 770 bpf_program_unref(u->ip_bpf_egress);
aa2b6f1d 771 bpf_program_unref(u->ip_bpf_egress_installed);
00d9ef85 772
fab34748
KL		 773 set_free(u->ip_bpf_custom_ingress);
774 set_free(u->ip_bpf_custom_egress);
775 set_free(u->ip_bpf_custom_ingress_installed);
776 set_free(u->ip_bpf_custom_egress_installed);
777
5f8ba20d
JK		 778 hashmap_free(u->bpf_foreign_by_key);
779
084c7007
RG		 780 bpf_program_unref(u->bpf_device_control_installed);
781
a946fa9b
ZJS		 782 condition_free_list(u->conditions);
783 condition_free_list(u->asserts);
f755e3b7 784
ac155bb8 785 free(u->description);
49dbfa7b 786 strv_free(u->documentation);
ac155bb8 787 free(u->fragment_path);
1b64d026 788 free(u->source_path);
ae7a7182 789 strv_free(u->dropin_paths);
ac155bb8 790 free(u->instance);
87f0e418 791
f189ab18 792 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 793 free(u->reboot_arg);
794
4562c355
ZJS		 795 set_free_free(u->aliases);
796 free(u->id);
797
75db809a 798 return mfree(u);
87f0e418
LP		 799}
800
d9e45bc3
MS		 801FreezerState unit_freezer_state(Unit *u) {
802 assert(u);
803
804 return u->freezer_state;
805}
806
807int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
808 char *values[1] = {};
809 int r;
810
811 assert(u);
812
813 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
814 STRV_MAKE("frozen"), values);
815 if (r < 0)
816 return r;
817
818 r = _FREEZER_STATE_INVALID;
819
820 if (values[0]) {
821 if (streq(values[0], "0"))
822 r = FREEZER_RUNNING;
823 else if (streq(values[0], "1"))
824 r = FREEZER_FROZEN;
825 }
826
827 free(values[0]);
828 *ret = r;
829
830 return 0;
831}
832
87f0e418
LP		 833UnitActiveState unit_active_state(Unit *u) {
834 assert(u);
835
ac155bb8 836 if (u->load_state == UNIT_MERGED)
6124958c
LP		 837 return unit_active_state(unit_follow_merge(u));
838
839 /* After a reload it might happen that a unit is not correctly
840 * loaded but still has a process around. That's why we won't
fdf20a31 841 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 842
843 return UNIT_VTABLE(u)->active_state(u);
844}
845
10a94420
LP		 846const char* unit_sub_state_to_string(Unit *u) {
847 assert(u);
848
849 return UNIT_VTABLE(u)->sub_state_to_string(u);
850}
851
15ed3c3a 852static int unit_merge_names(Unit *u, Unit *other) {
4562c355 853 char *name;
7c0b05e5 854 int r;
87f0e418 855
23a177ef
LP		 856 assert(u);
857 assert(other);
858
4562c355 859 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 860 if (r < 0)
861 return r;
23a177ef 862
4562c355
ZJS		 863 r = set_move(u->aliases, other->aliases);
864 if (r < 0) {
865 set_remove(u->aliases, other->id);
866 return r;
867 }
23a177ef 868
4562c355
ZJS		 869 TAKE_PTR(other->id);
870 other->aliases = set_free_free(other->aliases);
23a177ef 871
90e74a66 872 SET_FOREACH(name, u->aliases)
4562c355 873 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 874
875 return 0;
87f0e418
LP		 876}
877
15ed3c3a
LP		 878static int unit_reserve_dependencies(Unit *u, Unit *other) {
879 size_t n_reserve;
880 Hashmap* deps;
881 void *d;
882 int r;
09a65f92
MS		 883
884 assert(u);
885 assert(other);
09a65f92 886
15ed3c3a
LP		 887 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
888 * fail.
889 *
890 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
891 * hashmaps is an estimate that is likely too high since they probably use some of the same
892 * types. But it's never too low, and that's all we need. */
893
894 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
895 if (n_reserve > 0) {
896 r = hashmap_ensure_allocated(&u->dependencies, NULL);
897 if (r < 0)
898 return r;
899
900 r = hashmap_reserve(u->dependencies, n_reserve);
901 if (r < 0)
902 return r;
903 }
904
905 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
906 * other unit's dependencies.
907 *
908 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
909 * reserve anything for. In that case other's set will be transferred as a whole to u by
910 * complete_move(). */
911
912 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
913 Hashmap *other_deps;
914
915 other_deps = hashmap_get(other->dependencies, d);
916
917 r = hashmap_reserve(deps, hashmap_size(other_deps));
918 if (r < 0)
919 return r;
920 }
921
922 return 0;
923}
924
925static void unit_maybe_warn_about_dependency(
926 Unit *u,
927 const char *other_id,
928 UnitDependency dependency) {
929
930 assert(u);
931
932 /* Only warn about some unit types */
933 if (!IN_SET(dependency,
934 UNIT_CONFLICTS,
935 UNIT_CONFLICTED_BY,
936 UNIT_BEFORE,
937 UNIT_AFTER,
294446dc 938 UNIT_ON_SUCCESS,
15ed3c3a
LP		 939 UNIT_ON_FAILURE,
940 UNIT_TRIGGERS,
941 UNIT_TRIGGERED_BY))
942 return;
943
944 if (streq_ptr(u->id, other_id))
945 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
946 else
947 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
948}
949
950static int unit_per_dependency_type_hashmap_update(
951 Hashmap *per_type,
952 Unit *other,
953 UnitDependencyMask origin_mask,
954 UnitDependencyMask destination_mask) {
955
956 UnitDependencyInfo info;
957 int r;
958
959 assert(other);
960 assert_cc(sizeof(void*) == sizeof(info));
961
962 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
963 * exists, or insert it anew if not. */
09a65f92 964
15ed3c3a
LP		 965 info.data = hashmap_get(per_type, other);
966 if (info.data) {
967 /* Entry already exists. Add in our mask. */
968
969 if (FLAGS_SET(origin_mask, info.origin_mask) &&
970 FLAGS_SET(destination_mask, info.destination_mask))
971 return 0; /* NOP */
972
973 info.origin_mask |= origin_mask;
974 info.destination_mask |= destination_mask;
975
976 r = hashmap_update(per_type, other, info.data);
977 } else {
978 info = (UnitDependencyInfo) {
979 .origin_mask = origin_mask,
980 .destination_mask = destination_mask,
981 };
09a65f92 982
15ed3c3a
LP		 983 r = hashmap_put(per_type, other, info.data);
984 }
985 if (r < 0)
986 return r;
987
988
989 return 1;
09a65f92
MS		 990}
991
15ed3c3a
LP		 992static int unit_add_dependency_hashmap(
993 Hashmap **dependencies,
994 UnitDependency d,
995 Unit *other,
996 UnitDependencyMask origin_mask,
997 UnitDependencyMask destination_mask) {
998
999 Hashmap *per_type;
87f0e418 1000 int r;
23a177ef 1001
15ed3c3a
LP		 1002 assert(dependencies);
1003 assert(other);
1004 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1005 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1006 assert(origin_mask > 0 || destination_mask > 0);
1007
1008 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1009 * UnitDependencyInfo) */
1010 r = hashmap_ensure_allocated(dependencies, NULL);
1011 if (r < 0)
1012 return r;
1013
1014 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1015 * type, and if it's missing allocate it and insert it. */
1016 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1017 if (!per_type) {
1018 per_type = hashmap_new(NULL);
1019 if (!per_type)
1020 return -ENOMEM;
1021
1022 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1023 if (r < 0) {
1024 hashmap_free(per_type);
1025 return r;
1026 }
1027 }
1028
1029 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1030}
1031
1032static void unit_merge_dependencies(
1033 Unit *u,
1034 Unit *other) {
1035
1036 int r;
eef85c4a 1037
23a177ef
LP		 1038 assert(u);
1039 assert(other);
23a177ef 1040
15ed3c3a
LP		 1041 if (u == other)
1042 return;
1043
1044 for (;;) {
1045 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1046 UnitDependencyInfo di_back;
1047 Unit *back;
1048 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1049 * since the hashmaps all want it as void pointer. */
1050
1051 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1052 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1053 if (!other_deps)
1054 break; /* done! */
1055
1056 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1057 * referenced units as 'back'. */
1058 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1059 Hashmap *back_deps;
1060 void *back_dt;
eef85c4a 1061
e66047ff 1062 if (back == u) {
15ed3c3a
LP		 1063 /* This is a dependency pointing back to the unit we want to merge with?
1064 * Suppress it (but warn) */
1065 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1066 continue;
1067 }
eef85c4a 1068
15ed3c3a
LP		 1069 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1070 * point to 'u' instead. */
1071 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1072 UnitDependencyInfo di_move;
eef85c4a 1073
15ed3c3a
LP		 1074 di_move.data = hashmap_remove(back_deps, other);
1075 if (!di_move.data)
1076 continue;
eef85c4a 1077
15ed3c3a
LP		 1078 assert_se(unit_per_dependency_type_hashmap_update(
1079 back_deps,
1080 u,
1081 di_move.origin_mask,
1082 di_move.destination_mask) >= 0);
1083 }
1084 }
eef85c4a 1085
15ed3c3a
LP		 1086 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1087 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1088 * them per type wholesale. */
1089 r = hashmap_put(u->dependencies, dt, other_deps);
1090 if (r == -EEXIST) {
1091 Hashmap *deps;
eef85c4a 1092
15ed3c3a 1093 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1094
15ed3c3a
LP		 1095 assert_se(deps = hashmap_get(u->dependencies, dt));
1096
1097 for (;;) {
1098 UnitDependencyInfo di_move;
1099
1100 /* Get first dep */
1101 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1102 if (!di_move.data)
1103 break; /* done */
1104 if (back == u) {
1105 /* Would point back to us, ignore */
1106 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1107 continue;
1108 }
23a177ef 1109
15ed3c3a
LP		 1110 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1111 }
1112 } else {
1113 assert_se(r >= 0);
1114 TAKE_PTR(other_deps);
e66047ff 1115
15ed3c3a
LP		 1116 if (hashmap_remove(other_deps, u))
1117 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1118 }
1119 }
23a177ef 1120
15ed3c3a 1121 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1122}
1123
1124int unit_merge(Unit *u, Unit *other) {
09a65f92 1125 int r;
87f0e418
LP		 1126
1127 assert(u);
1128 assert(other);
ac155bb8
MS		 1129 assert(u->manager == other->manager);
1130 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1131
cc916967
LP		 1132 other = unit_follow_merge(other);
1133
23a177ef
LP		 1134 if (other == u)
1135 return 0;
1136
ac155bb8 1137 if (u->type != other->type)
9e2f7c11
LP		 1138 return -EINVAL;
1139
8a993b61 1140 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1141 return -EEXIST;
1142
ec2ce0c5 1143 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1144 return -EEXIST;
87f0e418 1145
d383acad
ZJS		 1146 if (!streq_ptr(u->instance, other->instance))
1147 return -EINVAL;
1148
ac155bb8 1149 if (other->job)
819e213f
LP		 1150 return -EEXIST;
1151
e0209d83
MS		 1152 if (other->nop_job)
1153 return -EEXIST;
1154
fdf20a31 1155 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1156 return -EEXIST;
1157
15ed3c3a
LP		 1158 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1159 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1160 r = unit_reserve_dependencies(u, other);
1161 if (r < 0)
1162 return r;
09a65f92 1163
87f0e418 1164 /* Merge names */
15ed3c3a 1165 r = unit_merge_names(u, other);
7c0b05e5
MS		 1166 if (r < 0)
1167 return r;
87f0e418 1168
57020a3a 1169 /* Redirect all references */
7f7d01ed
ZJS		 1170 while (other->refs_by_target)
1171 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1172
87f0e418 1173 /* Merge dependencies */
15ed3c3a 1174 unit_merge_dependencies(u, other);
87f0e418 1175
ac155bb8
MS		 1176 other->load_state = UNIT_MERGED;
1177 other->merged_into = u;
23a177ef 1178
3616a49c
LP		 1179 /* If there is still some data attached to the other node, we
1180 * don't need it anymore, and can free it. */
ac155bb8 1181 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1182 if (UNIT_VTABLE(other)->done)
1183 UNIT_VTABLE(other)->done(other);
1184
1185 unit_add_to_dbus_queue(u);
23a177ef
LP		 1186 unit_add_to_cleanup_queue(other);
1187
1188 return 0;
1189}
1190
1191int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1192 _cleanup_free_ char *s = NULL;
23a177ef 1193 Unit *other;
9e2f7c11 1194 int r;
23a177ef 1195
e8630e69
ZJS		 1196 /* Either add name to u, or if a unit with name already exists, merge it with u.
1197 * If name is a template, do the same for name@instance, where instance is u's instance. */
1198
23a177ef
LP		 1199 assert(u);
1200 assert(name);
1201
7410616c 1202 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1203 if (!u->instance)
9e2f7c11
LP		 1204 return -EINVAL;
1205
7410616c
LP		 1206 r = unit_name_replace_instance(name, u->instance, &s);
1207 if (r < 0)
1208 return r;
9e2f7c11
LP		 1209
1210 name = s;
1211 }
1212
c2756a68 1213 other = manager_get_unit(u->manager, name);
7410616c
LP		 1214 if (other)
1215 return unit_merge(u, other);
23a177ef 1216
7410616c 1217 return unit_add_name(u, name);
23a177ef
LP		 1218}
1219
1220Unit* unit_follow_merge(Unit *u) {
1221 assert(u);
1222
ac155bb8
MS		 1223 while (u->load_state == UNIT_MERGED)
1224 assert_se(u = u->merged_into);
23a177ef
LP		 1225
1226 return u;
1227}
1228
1229int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1230 int r;
1231
1232 assert(u);
1233 assert(c);
1234
e1e74614 1235 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1236 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1237 if (r < 0)
1238 return r;
1239 }
1240
1241 if (c->root_directory) {
eef85c4a 1242 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1243 if (r < 0)
1244 return r;
1245 }
1246
915e6d16 1247 if (c->root_image) {
eef85c4a 1248 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1249 if (r < 0)
1250 return r;
1251 }
1252
12375b95 1253 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1254 if (!u->manager->prefix[dt])
1255 continue;
1256
12375b95 1257 char **dp;
ada5e276 1258 STRV_FOREACH(dp, c->directories[dt].paths) {
c2b2df60 1259 _cleanup_free_ char *p = NULL;
ada5e276 1260
657ee2d8 1261 p = path_join(u->manager->prefix[dt], *dp);
ada5e276
YW		 1262 if (!p)
1263 return -ENOMEM;
1264
eef85c4a 1265 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1266 if (r < 0)
1267 return r;
1268 }
1269 }
1270
463d0d15 1271 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1272 return 0;
1273
f3b7a79b
LP		 1274 /* For the following three directory types we need write access, and /var/ is possibly on the root
1275 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1276 if (!strv_isempty(c->directories[EXEC_DIRECTORY_STATE].paths) ||
1277 !strv_isempty(c->directories[EXEC_DIRECTORY_CACHE].paths) ||
1278 !strv_isempty(c->directories[EXEC_DIRECTORY_LOGS].paths)) {
1279 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1280 if (r < 0)
1281 return r;
1282 }
1283
b46a529c 1284 if (c->private_tmp) {
d71f0505
LP		 1285 const char *p;
1286
1287 FOREACH_STRING(p, "/tmp", "/var/tmp") {
eef85c4a 1288 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
d71f0505
LP		 1289 if (r < 0)
1290 return r;
1291 }
b46a529c 1292
35d8c19a 1293 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1294 if (r < 0)
1295 return r;
1296 }
1297
33b58dfb
LP		 1298 if (c->root_image) {
1299 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1300 * implicit dependency on udev */
1301
1302 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1303 if (r < 0)
1304 return r;
1305 }
1306
52c239d7
LB		 1307 if (!IN_SET(c->std_output,
1308 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1309 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1310 !IN_SET(c->std_error,
1311 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1312 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1313 !c->log_namespace)
23a177ef
LP		 1314 return 0;
1315
91dd5f7c
LP		 1316 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1317 * is run first. */
1318
1319 if (c->log_namespace) {
dc5437c7 1320 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1321
91dd5f7c
LP		 1322 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1323 if (r < 0)
1324 return r;
1325
1326 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1327 if (r < 0)
1328 return r;
dc5437c7
LP		 1329
1330 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1331 if (r < 0)
1332 return r;
1333
1334 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1335 if (r < 0)
1336 return r;
91dd5f7c
LP		 1337 } else
1338 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1339 if (r < 0)
1340 return r;
23a177ef 1341
87f0e418
LP		 1342 return 0;
1343}
1344
87f0e418
LP		 1345const char *unit_description(Unit *u) {
1346 assert(u);
1347
ac155bb8
MS		 1348 if (u->description)
1349 return u->description;
87f0e418 1350
ac155bb8 1351 return strna(u->id);
87f0e418
LP		 1352}
1353
2a8f53c6
ZJS		 1354const char *unit_status_string(Unit *u) {
1355 assert(u);
1356
1357 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME && u->id)
1358 return u->id;
1359
1360 return unit_description(u);
1361}
1362
87f0e418 1363/* Common implementation for multiple backends */
c3620770 1364int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1365 int r;
1366
1367 assert(u);
23a177ef 1368
e48614c4 1369 /* Load a .{service,socket,...} file */
4ad49000
LP		 1370 r = unit_load_fragment(u);
1371 if (r < 0)
23a177ef
LP		 1372 return r;
1373
c3620770
ZJS		 1374 if (u->load_state == UNIT_STUB) {
1375 if (fragment_required)
1376 return -ENOENT;
1377
1378 u->load_state = UNIT_LOADED;
1379 }
23a177ef 1380
9e4ea9cc
ZJS		 1381 /* Load drop-in directory data. If u is an alias, we might be reloading the
1382 * target unit needlessly. But we cannot be sure which drops-ins have already
1383 * been loaded and which not, at least without doing complicated book-keeping,
1384 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1385 r = unit_load_dropin(unit_follow_merge(u));
1386 if (r < 0)
1387 return r;
1388
1389 if (u->source_path) {
1390 struct stat st;
1391
1392 if (stat(u->source_path, &st) >= 0)
1393 u->source_mtime = timespec_load(&st.st_mtim);
1394 else
1395 u->source_mtime = 0;
1396 }
1397
1398 return 0;
23a177ef
LP		 1399}
1400
19496554
MS		 1401void unit_add_to_target_deps_queue(Unit *u) {
1402 Manager *m = u->manager;
1403
1404 assert(u);
1405
1406 if (u->in_target_deps_queue)
1407 return;
1408
1409 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1410 u->in_target_deps_queue = true;
1411}
1412
bba34eed 1413int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1414 assert(u);
1415 assert(target);
1416
ac155bb8 1417 if (target->type != UNIT_TARGET)
98bc2000
LP		 1418 return 0;
1419
35b8ca3a 1420 /* Only add the dependency if both units are loaded, so that
bba34eed 1421 * that loop check below is reliable */
ac155bb8
MS		 1422 if (u->load_state != UNIT_LOADED ||
1423 target->load_state != UNIT_LOADED)
bba34eed
LP		 1424 return 0;
1425
21256a2b
LP		 1426 /* If either side wants no automatic dependencies, then let's
1427 * skip this */
ac155bb8
MS		 1428 if (!u->default_dependencies ||
1429 !target->default_dependencies)
21256a2b
LP		 1430 return 0;
1431
98bc2000 1432 /* Don't create loops */
15ed3c3a 1433 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1434 return 0;
1435
eef85c4a 1436 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1437}
1438
e954c9cf 1439static int unit_add_slice_dependencies(Unit *u) {
12f64221 1440 Unit *slice;
e954c9cf 1441 assert(u);
b81884e7 1442
35b7ff80 1443 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1444 return 0;
1445
eef85c4a
LP		 1446 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1447 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1448 relationship). */
f6173cb9 1449 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1450
12f64221
LP		 1451 slice = UNIT_GET_SLICE(u);
1452 if (slice)
1453 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1454
8c8da0e0 1455 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1456 return 0;
1457
5a724170 1458 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1459}
1460
e954c9cf 1461static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1462 UnitDependencyInfo di;
1463 const char *path;
9588bc32
LP		 1464 int r;
1465
1466 assert(u);
1467
90e74a66 1468 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1469 char prefix[strlen(path) + 1];
9588bc32 1470
eef85c4a 1471 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1472 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1473 Unit *m;
1474
c7c89abb 1475 r = unit_name_from_path(prefix, ".mount", &p);
9588bc32
LP		 1476 if (r < 0)
1477 return r;
c7c89abb
FB		 1478
1479 m = manager_get_unit(u->manager, p);
1480 if (!m) {
1481 /* Make sure to load the mount unit if
1482 * it exists. If so the dependencies
1483 * on this unit will be added later
1484 * during the loading of the mount
1485 * unit. */
1486 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1487 continue;
c7c89abb 1488 }
9588bc32
LP		 1489 if (m == u)
1490 continue;
1491
1492 if (m->load_state != UNIT_LOADED)
1493 continue;
1494
eef85c4a 1495 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1496 if (r < 0)
1497 return r;
1498
1499 if (m->fragment_path) {
eef85c4a 1500 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1501 if (r < 0)
1502 return r;
1503 }
1504 }
1505 }
1506
1507 return 0;
1508}
1509
a2db0225
AZ		 1510static int unit_add_oomd_dependencies(Unit *u) {
1511 CGroupContext *c;
1512 bool wants_oomd;
1513 int r;
1514
1515 assert(u);
1516
1517 if (!u->default_dependencies)
1518 return 0;
1519
1520 c = unit_get_cgroup_context(u);
1521 if (!c)
1522 return 0;
1523
1524 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1525 if (!wants_oomd)
1526 return 0;
1527
1528 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1529 if (r < 0)
1530 return r;
1531
1532 return 0;
1533}
1534
95ae05c0
WC		 1535static int unit_add_startup_units(Unit *u) {
1536 CGroupContext *c;
95ae05c0
WC		 1537
1538 c = unit_get_cgroup_context(u);
db785129
LP		 1539 if (!c)
1540 return 0;
1541
d53d9474 1542 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
13c31542 1543 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
d53d9474 1544 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
db785129
LP		 1545 return 0;
1546
de7fef4b 1547 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1548}
1549
294446dc
LP		 1550static int unit_validate_on_failure_job_mode(
1551 Unit *u,
1552 const char *job_mode_setting,
1553 JobMode job_mode,
1554 const char *dependency_name,
1555 UnitDependencyAtom atom) {
1556
1557 Unit *other, *found = NULL;
1558
1559 if (job_mode != JOB_ISOLATE)
1560 return 0;
1561
1562 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1563 if (!found)
1564 found = other;
1565 else if (found != other)
1566 return log_unit_error_errno(
1567 u, SYNTHETIC_ERRNO(ENOEXEC),
1568 "More than one %s dependencies specified but %sisolate set. Refusing.",
1569 dependency_name, job_mode_setting);
1570 }
1571
1572 return 0;
1573}
1574
87f0e418
LP		 1575int unit_load(Unit *u) {
1576 int r;
1577
1578 assert(u);
1579
ac155bb8 1580 if (u->in_load_queue) {
71fda00f 1581 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1582 u->in_load_queue = false;
87f0e418
LP		 1583 }
1584
ac155bb8 1585 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1586 return -EINVAL;
1587
ac155bb8 1588 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1589 return 0;
1590
4f4afc88 1591 if (u->transient_file) {
66fa4bdd
LP		 1592 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1593 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1594
4f4afc88
LP		 1595 r = fflush_and_check(u->transient_file);
1596 if (r < 0)
1597 goto fail;
1598
50fb00b7 1599 u->transient_file = safe_fclose(u->transient_file);
f76707da 1600 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1601 }
1602
c3784a7d
ZJS		 1603 r = UNIT_VTABLE(u)->load(u);
1604 if (r < 0)
23a177ef 1605 goto fail;
c3784a7d
ZJS		 1606
1607 assert(u->load_state != UNIT_STUB);
23a177ef 1608
7c8fa05c 1609 if (u->load_state == UNIT_LOADED) {
19496554 1610 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1611
1612 r = unit_add_slice_dependencies(u);
1613 if (r < 0)
1614 goto fail;
c2756a68 1615
e954c9cf 1616 r = unit_add_mount_dependencies(u);
7c8fa05c 1617 if (r < 0)
c2756a68 1618 goto fail;
7c8fa05c 1619
a2db0225
AZ		 1620 r = unit_add_oomd_dependencies(u);
1621 if (r < 0)
1622 goto fail;
1623
95ae05c0
WC		 1624 r = unit_add_startup_units(u);
1625 if (r < 0)
1626 goto fail;
1627
294446dc
LP		 1628 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1629 if (r < 0)
1630 goto fail;
15ed3c3a 1631
294446dc
LP		 1632 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1633 if (r < 0)
1634 goto fail;
bc432dc7 1635
a2df3ea4
MK		 1636 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1637 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1638
5af88058
LP		 1639 /* We finished loading, let's ensure our parents recalculate the members mask */
1640 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1641 }
1642
ac155bb8 1643 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1644
1645 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1646 unit_add_to_gc_queue(u);
f561e8c6 1647 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1648
87f0e418
LP		 1649 return 0;
1650
1651fail:
81be2388
ZJS		 1652 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1653 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1654
1655 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1656 r == -ENOEXEC ? UNIT_BAD_SETTING :
1657 UNIT_ERROR;
ac155bb8 1658 u->load_error = r;
c4555ad8 1659
c149d2b4
ZJS		 1660 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1661 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1662 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1663 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1664
c1e1601e 1665 unit_add_to_dbus_queue(u);
9a46fc3b 1666 unit_add_to_gc_queue(u);
23a177ef 1667
c4555ad8 1668 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1669}
1670
f9f88198
YW		 1671_printf_(7, 8)
1672static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1673 Unit *u = userdata;
1674 va_list ap;
1675 int r;
49365733 1676
c2503e35
RH		 1677 if (u && !unit_log_level_test(u, level))
1678 return -ERRNO_VALUE(error);
1679
f9f88198
YW		 1680 va_start(ap, format);
1681 if (u)
1682 r = log_object_internalv(level, error, file, line, func,
1683 u->manager->unit_log_field,
1684 u->id,
1685 u->manager->invocation_log_field,
1686 u->invocation_id_string,
1687 format, ap);
1688 else
1689 r = log_internalv(level, error, file, line, func, format, ap);
1690 va_end(ap);
49365733 1691
f9f88198 1692 return r;
49365733
LP		 1693}
1694
97a3f4ee 1695static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1696 _cleanup_strv_free_ char **env = NULL;
1697 int r;
1698
90bbc946
LP		 1699 assert(u);
1700
ac155bb8 1701 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1702
a0b191b7
LP		 1703 r = manager_get_effective_environment(u->manager, &env);
1704 if (r < 0) {
1705 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1706 u->condition_result = CONDITION_ERROR;
1707 } else
1708 u->condition_result = condition_test_list(
1709 u->conditions,
1710 env,
1711 condition_type_to_string,
1712 log_unit_internal,
1713 u);
e18f8852 1714
a0b191b7 1715 unit_add_to_dbus_queue(u);
ac155bb8 1716 return u->condition_result;
90bbc946
LP		 1717}
1718
97a3f4ee 1719static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1720 _cleanup_strv_free_ char **env = NULL;
1721 int r;
1722
59fccdc5
LP		 1723 assert(u);
1724
1725 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1726
a0b191b7
LP		 1727 r = manager_get_effective_environment(u->manager, &env);
1728 if (r < 0) {
1729 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1730 u->assert_result = CONDITION_ERROR;
1731 } else
1732 u->assert_result = condition_test_list(
1733 u->asserts,
1734 env,
1735 assert_type_to_string,
1736 log_unit_internal,
1737 u);
e18f8852 1738
a0b191b7 1739 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1740 return u->assert_result;
1741}
1742
5bcf34eb 1743void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *unit_status_msg_format) {
5b262f74
LP		 1744 const char *d;
1745
2a8f53c6 1746 d = unit_status_string(u);
5b262f74
LP		 1747 if (log_get_show_color())
1748 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1749
df446f96 1750 DISABLE_WARNING_FORMAT_NONLITERAL;
5bcf34eb 1751 manager_status_printf(u->manager, status_type, status, unit_status_msg_format, d);
df446f96
LP		 1752 REENABLE_WARNING;
1753}
1754
97a3f4ee 1755int unit_test_start_limit(Unit *u) {
429926e9
TR		 1756 const char *reason;
1757
6bf0f408
LP		 1758 assert(u);
1759
7bf081a1 1760 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1761 u->start_limit_hit = false;
1762 return 0;
1763 }
1764
1765 log_unit_warning(u, "Start request repeated too quickly.");
1766 u->start_limit_hit = true;
1767
429926e9
TR		 1768 reason = strjoina("unit ", u->id, " failed");
1769
36c4dc08
LP		 1770 emergency_action(u->manager, u->start_limit_action,
1771 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1772 u->reboot_arg, -1, reason);
1773
1774 return -ECANCELED;
6bf0f408
LP		 1775}
1776
c891efaf 1777bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1778 assert(u);
c891efaf
FB		 1779
1780 if (manager_is_confirm_spawn_disabled(u->manager))
1781 return false;
1782
1783 /* For some reasons units remaining in the same process group
1784 * as PID 1 fail to acquire the console even if it's not used
1785 * by any process. So skip the confirmation question for them. */
1786 return !unit_get_exec_context(u)->same_pgrp;
1787}
1788
631b676b
LP		 1789static bool unit_verify_deps(Unit *u) {
1790 Unit *other;
631b676b
LP		 1791
1792 assert(u);
1793
defe63b0
LP		 1794 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1795 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1796 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1797 * that are not used in conjunction with After= as for them any such check would make things entirely
1798 * racy. */
631b676b 1799
15ed3c3a 1800 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1801
15ed3c3a 1802 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1803 continue;
1804
1805 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1806 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1807 return false;
1808 }
1809 }
1810
1811 return true;
1812}
1813
9adb6959 1814/* Errors that aren't really errors:
6bf0f408 1815 * -EALREADY: Unit is already started.
9adb6959 1816 * -ECOMM: Condition failed
6bf0f408 1817 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1818 *
1819 * Errors that are real errors:
1820 * -EBADR: This unit type does not support starting.
2de9b979 1821 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1822 * -EPROTO: Assert failed
1823 * -EINVAL: Unit not loaded
1824 * -EOPNOTSUPP: Unit type not supported
631b676b 1825 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1826 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1827 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418
LP		 1828 */
1829int unit_start(Unit *u) {
1830 UnitActiveState state;
92ab323c 1831 Unit *following;
87f0e418
LP		 1832
1833 assert(u);
1834
5766aca8
LP		 1835 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1836 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1837 * waiting is finished. */
87f0e418
LP		 1838 state = unit_active_state(u);
1839 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1840 return -EALREADY;
380dc8b0
LP		 1841 if (state == UNIT_MAINTENANCE)
1842 return -EAGAIN;
87f0e418 1843
6bf0f408
LP		 1844 /* Units that aren't loaded cannot be started */
1845 if (u->load_state != UNIT_LOADED)
1846 return -EINVAL;
1847
d4fd1cf2
LP		 1848 /* Refuse starting scope units more than once */
1849 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1850 return -ESTALE;
1851
5766aca8
LP		 1852 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1853 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1854 * recheck the condition in that case. */
a82e5507 1855 if (state != UNIT_ACTIVATING &&
5af6aa58 1856 !unit_test_condition(u))
5766aca8 1857 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1858
59fccdc5
LP		 1859 /* If the asserts failed, fail the entire job */
1860 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1861 !unit_test_assert(u))
1862 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1863
5766aca8
LP		 1864 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1865 * condition checks, so that we rather return condition check errors (which are usually not
1866 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1867 */
96cf3ec9 1868 if (!unit_type_supported(u->type))
d11a7645
LP		 1869 return -EOPNOTSUPP;
1870
5766aca8
LP		 1871 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1872 * should have taken care of this already, but let's check this here again. After all, our
1873 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
631b676b
LP		 1874 if (!unit_verify_deps(u))
1875 return -ENOLINK;
1876
92ab323c 1877 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1878 following = unit_following(u);
1879 if (following) {
f2341e0a 1880 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
92ab323c
LP		 1881 return unit_start(following);
1882 }
1883
1884 /* If it is stopped, but we cannot start it, then fail */
1885 if (!UNIT_VTABLE(u)->start)
1886 return -EBADR;
1887
5766aca8
LP		 1888 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1889 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1890 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1891
c1e1601e 1892 unit_add_to_dbus_queue(u);
d9e45bc3 1893 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1894
d1a34ae9 1895 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1896}
1897
1898bool unit_can_start(Unit *u) {
1899 assert(u);
1900
8ff4d2ab
LP		 1901 if (u->load_state != UNIT_LOADED)
1902 return false;
1903
96cf3ec9 1904 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1905 return false;
1906
d4fd1cf2
LP		 1907 /* Scope units may be started only once */
1908 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1909 return false;
1910
87f0e418
LP		 1911 return !!UNIT_VTABLE(u)->start;
1912}
1913
2528a7a6
LP		 1914bool unit_can_isolate(Unit *u) {
1915 assert(u);
1916
1917 return unit_can_start(u) &&
ac155bb8 1918 u->allow_isolate;
2528a7a6
LP		 1919}
1920
87f0e418
LP		 1921/* Errors:
1922 * -EBADR: This unit type does not support stopping.
1923 * -EALREADY: Unit is already stopped.
1924 * -EAGAIN: An operation is already in progress. Retry later.
1925 */
1926int unit_stop(Unit *u) {
1927 UnitActiveState state;
92ab323c 1928 Unit *following;
87f0e418
LP		 1929
1930 assert(u);
1931
87f0e418 1932 state = unit_active_state(u);
fdf20a31 1933 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1934 return -EALREADY;
1935
0faacd47
LP		 1936 following = unit_following(u);
1937 if (following) {
f2341e0a 1938 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1939 return unit_stop(following);
1940 }
1941
7898b0cf
LP		 1942 if (!UNIT_VTABLE(u)->stop)
1943 return -EBADR;
1944
c1e1601e 1945 unit_add_to_dbus_queue(u);
d9e45bc3 1946 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1947
d1a34ae9 1948 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 1949}
1950
f5869324
LP		 1951bool unit_can_stop(Unit *u) {
1952 assert(u);
1953
39c79477
ZJS		 1954 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1955 * Extrinsic units follow external state and they may stop following external state changes
1956 * (hence we return true here), but an attempt to do this through the manager will fail. */
1957
96cf3ec9 1958 if (!unit_type_supported(u->type))
f5869324
LP		 1959 return false;
1960
1961 if (u->perpetual)
1962 return false;
1963
1964 return !!UNIT_VTABLE(u)->stop;
1965}
1966
87f0e418
LP		 1967/* Errors:
1968 * -EBADR: This unit type does not support reloading.
1969 * -ENOEXEC: Unit is not started.
1970 * -EAGAIN: An operation is already in progress. Retry later.
1971 */
1972int unit_reload(Unit *u) {
1973 UnitActiveState state;
92ab323c 1974 Unit *following;
87f0e418
LP		 1975
1976 assert(u);
1977
ac155bb8 1978 if (u->load_state != UNIT_LOADED)
6124958c
LP		 1979 return -EINVAL;
1980
87f0e418
LP		 1981 if (!unit_can_reload(u))
1982 return -EBADR;
1983
1984 state = unit_active_state(u);
e364ad06 1985 if (state == UNIT_RELOADING)
6255af75 1986 return -EAGAIN;
87f0e418 1987
d85ff944
YW		 1988 if (state != UNIT_ACTIVE)
1989 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 1990
e48614c4
ZJS		 1991 following = unit_following(u);
1992 if (following) {
f2341e0a 1993 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 1994 return unit_reload(following);
1995 }
1996
c1e1601e 1997 unit_add_to_dbus_queue(u);
82a2b6bb 1998
f54bcca5
JR		 1999 if (!UNIT_VTABLE(u)->reload) {
2000 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2001 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2002 return 0;
2003 }
2004
d9e45bc3
MS		 2005 unit_cgroup_freezer_action(u, FREEZER_THAW);
2006
d1a34ae9 2007 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2008}
2009
2010bool unit_can_reload(Unit *u) {
2011 assert(u);
2012
f54bcca5
JR		 2013 if (UNIT_VTABLE(u)->can_reload)
2014 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2015
15ed3c3a 2016 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2017 return true;
2018
f54bcca5 2019 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2020}
2021
a3c1168a 2022bool unit_is_unneeded(Unit *u) {
15ed3c3a 2023 Unit *other;
f3bff0eb
LP		 2024 assert(u);
2025
ac155bb8 2026 if (!u->stop_when_unneeded)
a3c1168a 2027 return false;
f3bff0eb 2028
a3c1168a 2029 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2030 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2031 return false;
2032 if (u->job)
2033 return false;
f3bff0eb 2034
15ed3c3a 2035 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2036 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2037 * restart, then don't clean this one up. */
b81884e7 2038
15ed3c3a
LP		 2039 if (other->job)
2040 return false;
a3c1168a 2041
15ed3c3a
LP		 2042 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2043 return false;
a3c1168a 2044
15ed3c3a
LP		 2045 if (unit_will_restart(other))
2046 return false;
bea355da
LP		 2047 }
2048
a3c1168a
LP		 2049 return true;
2050}
f3bff0eb 2051
0bc488c9
LP		 2052bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2053 Unit *other;
2054
2055 assert(u);
2056
2057 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2058 * that is active declared an Uphold= dependencies on it */
2059
2060 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2061 if (ret_culprit)
2062 *ret_culprit = NULL;
2063 return false;
2064 }
2065
2066 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2067 if (other->job)
2068 continue;
2069
2070 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2071 if (ret_culprit)
2072 *ret_culprit = other;
2073 return true;
2074 }
2075 }
2076
2077 if (ret_culprit)
2078 *ret_culprit = NULL;
2079 return false;
2080}
2081
56c59592
LP		 2082bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2083 Unit *other;
2084
2085 assert(u);
2086
2087 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2088 * because the other unit is down.*/
2089
2090 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2091 /* Don't clean up while the unit is transitioning or is even inactive. */
2092 if (ret_culprit)
2093 *ret_culprit = NULL;
2094 return false;
2095 }
2096
2097 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2098 if (other->job)
2099 continue;
2100
2101 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
2102 if (*ret_culprit)
2103 *ret_culprit = other;
2104
2105 return true;
2106 }
2107 }
2108
2109 if (ret_culprit)
2110 *ret_culprit = NULL;
2111 return false;
2112}
2113
a3c1168a 2114static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2115 Unit *other;
a3c1168a
LP		 2116 assert(u);
2117
2118 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2119
15ed3c3a
LP		 2120 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2121 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2122}
2123
0bc488c9
LP		 2124static void check_uphold_dependencies(Unit *u) {
2125 Unit *other;
2126 assert(u);
2127
2128 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2129
2130 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2131 unit_submit_to_start_when_upheld_queue(other);
2132}
2133
56c59592 2134static void check_bound_by_dependencies(Unit *u) {
ff502445 2135 Unit *other;
ff502445
LP		 2136 assert(u);
2137
56c59592 2138 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2139
56c59592
LP		 2140 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2141 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2142}
2143
87f0e418 2144static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2145 Unit *other;
2146
2147 assert(u);
2148 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2149
15ed3c3a
LP		 2150 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2151 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2152 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2153 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2154
15ed3c3a
LP		 2155 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2156 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2157 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2158 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2159
15ed3c3a 2160 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2161 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2162 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2163}
2164
2165static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2166 Unit *other;
2167
2168 assert(u);
2169 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2170
b81884e7 2171 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2172 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2173 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2174 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2175}
2176
294446dc
LP		 2177void unit_start_on_failure(
2178 Unit *u,
2179 const char *dependency_name,
2180 UnitDependencyAtom atom,
2181 JobMode job_mode) {
2182
15ed3c3a 2183 bool logged = false;
c0daa706 2184 Unit *other;
7f66b026 2185 int r;
c0daa706
LP		 2186
2187 assert(u);
294446dc
LP		 2188 assert(dependency_name);
2189 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2190
2191 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2192
294446dc 2193 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2194 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2195
15ed3c3a 2196 if (!logged) {
294446dc 2197 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
15ed3c3a
LP		 2198 logged = true;
2199 }
2200
294446dc 2201 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2202 if (r < 0)
294446dc
LP		 2203 log_unit_warning_errno(
2204 u, r, "Failed to enqueue %s job, ignoring: %s",
2205 dependency_name, bus_error_message(&error, r));
222ae6a8 2206 }
294446dc
LP		 2207
2208 if (logged)
2209 log_unit_debug(u, "Triggering %s dependencies done.", dependency_name);
c0daa706
LP		 2210}
2211
3ecaa09b
LP		 2212void unit_trigger_notify(Unit *u) {
2213 Unit *other;
3ecaa09b
LP		 2214
2215 assert(u);
2216
15ed3c3a 2217 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2218 if (UNIT_VTABLE(other)->trigger_notify)
2219 UNIT_VTABLE(other)->trigger_notify(other, u);
2220}
2221
37109b85
ZJS		 2222static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2223 if (condition_notice && log_level > LOG_NOTICE)
2224 return LOG_NOTICE;
2225 if (condition_info && log_level > LOG_INFO)
2226 return LOG_INFO;
2227 return log_level;
2228}
2229
915b1d01 2230static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2231 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2232 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2233 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2234 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2235 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2236 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2237 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2238 int r;
2239 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2240 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2241 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2242 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2243 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2244 };
bc40a20e
LP		 2245 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2246 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2247 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2248 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2249 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2250 };
915b1d01
LP		 2251
2252 assert(u);
2253
2254 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2255 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2256 * information and the complete data in structured fields. */
2257
2258 (void) unit_get_cpu_usage(u, &nsec);
2259 if (nsec != NSEC_INFINITY) {
2260 char buf[FORMAT_TIMESPAN_MAX] = "";
2261
2262 /* Format the CPU time for inclusion in the structured log message */
2263 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2264 r = log_oom();
2265 goto finish;
2266 }
2267 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2268
2269 /* Format the CPU time for inclusion in the human language message string */
2270 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
ec9d636b 2271 t = strjoin("consumed ", buf, " CPU time");
915b1d01
LP		 2272 if (!t) {
2273 r = log_oom();
2274 goto finish;
2275 }
2276
2277 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2278
2279 log_level = raise_level(log_level,
2280 nsec > NOTICEWORTHY_CPU_NSEC,
2281 nsec > MENTIONWORTHY_CPU_NSEC);
915b1d01
LP		 2282 }
2283
bc40a20e
LP		 2284 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2285 char buf[FORMAT_BYTES_MAX] = "";
2286 uint64_t value = UINT64_MAX;
2287
2288 assert(io_fields[k]);
2289
2290 (void) unit_get_io_accounting(u, k, k > 0, &value);
2291 if (value == UINT64_MAX)
2292 continue;
2293
2294 have_io_accounting = true;
2295 if (value > 0)
2296 any_io = true;
2297
2298 /* Format IO accounting data for inclusion in the structured log message */
2299 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2300 r = log_oom();
2301 goto finish;
2302 }
2303 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2304
2305 /* Format the IO accounting data for inclusion in the human language message string, but only
2306 * for the bytes counters (and not for the operations counters) */
2307 if (k == CGROUP_IO_READ_BYTES) {
2308 assert(!rr);
2309 rr = strjoin("read ", format_bytes(buf, sizeof(buf), value), " from disk");
2310 if (!rr) {
2311 r = log_oom();
2312 goto finish;
2313 }
2314 } else if (k == CGROUP_IO_WRITE_BYTES) {
2315 assert(!wr);
2316 wr = strjoin("written ", format_bytes(buf, sizeof(buf), value), " to disk");
2317 if (!wr) {
2318 r = log_oom();
2319 goto finish;
2320 }
2321 }
37109b85
ZJS		 2322
2323 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2324 log_level = raise_level(log_level,
2325 value > MENTIONWORTHY_IO_BYTES,
2326 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2327 }
2328
2329 if (have_io_accounting) {
2330 if (any_io) {
2331 if (rr)
2332 message_parts[n_message_parts++] = TAKE_PTR(rr);
2333 if (wr)
2334 message_parts[n_message_parts++] = TAKE_PTR(wr);
2335
2336 } else {
2337 char *k;
2338
2339 k = strdup("no IO");
2340 if (!k) {
2341 r = log_oom();
2342 goto finish;
2343 }
2344
2345 message_parts[n_message_parts++] = k;
2346 }
2347 }
2348
12375b95 2349 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2350 char buf[FORMAT_BYTES_MAX] = "";
2351 uint64_t value = UINT64_MAX;
2352
2353 assert(ip_fields[m]);
2354
2355 (void) unit_get_ip_accounting(u, m, &value);
2356 if (value == UINT64_MAX)
2357 continue;
82044702
LP		 2358
2359 have_ip_accounting = true;
a87b1faa
LP		 2360 if (value > 0)
2361 any_traffic = true;
915b1d01
LP		 2362
2363 /* Format IP accounting data for inclusion in the structured log message */
2364 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2365 r = log_oom();
2366 goto finish;
2367 }
2368 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2369
2370 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2371 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2372 if (m == CGROUP_IP_INGRESS_BYTES) {
2373 assert(!igress);
ec9d636b 2374 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
a87b1faa
LP		 2375 if (!igress) {
2376 r = log_oom();
2377 goto finish;
2378 }
2379 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2380 assert(!egress);
ec9d636b 2381 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
a87b1faa
LP		 2382 if (!egress) {
2383 r = log_oom();
2384 goto finish;
2385 }
2386 }
37109b85
ZJS		 2387
2388 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2389 log_level = raise_level(log_level,
2390 value > MENTIONWORTHY_IP_BYTES,
2391 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2392 }
2393
c2503e35
RH		 2394 /* This check is here because it is the earliest point following all possible log_level assignments. If
2395 * log_level is assigned anywhere after this point, move this check. */
2396 if (!unit_log_level_test(u, log_level)) {
2397 r = 0;
2398 goto finish;
2399 }
2400
82044702
LP		 2401 if (have_ip_accounting) {
2402 if (any_traffic) {
2403 if (igress)
2404 message_parts[n_message_parts++] = TAKE_PTR(igress);
2405 if (egress)
2406 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2407
82044702
LP		 2408 } else {
2409 char *k;
915b1d01 2410
82044702
LP		 2411 k = strdup("no IP traffic");
2412 if (!k) {
2413 r = log_oom();
2414 goto finish;
2415 }
2416
2417 message_parts[n_message_parts++] = k;
2418 }
915b1d01
LP		 2419 }
2420
2421 /* Is there any accounting data available at all? */
2422 if (n_iovec == 0) {
2423 r = 0;
2424 goto finish;
2425 }
2426
2427 if (n_message_parts == 0)
a87b1faa 2428 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2429 else {
c2b2df60 2430 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2431
2432 message_parts[n_message_parts] = NULL;
2433
2434 joined = strv_join(message_parts, ", ");
2435 if (!joined) {
2436 r = log_oom();
2437 goto finish;
2438 }
2439
ec9d636b 2440 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2441 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2442 }
2443
2444 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2445 * and hence don't increase n_iovec for them */
2446 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2447 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2448
2449 t = strjoina(u->manager->unit_log_field, u->id);
2450 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2451
2452 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2453 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2454
c2503e35 2455 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2456 r = 0;
2457
2458finish:
12375b95 2459 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2460 free(message_parts[i]);
2461
12375b95 2462 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2463 free(iovec[i].iov_base);
2464
2465 return r;
2466
2467}
2468
adefcf28
LP		 2469static void unit_update_on_console(Unit *u) {
2470 bool b;
2471
2472 assert(u);
2473
2474 b = unit_needs_console(u);
2475 if (u->on_console == b)
2476 return;
2477
2478 u->on_console = b;
2479 if (b)
2480 manager_ref_console(u->manager);
2481 else
2482 manager_unref_console(u->manager);
adefcf28
LP		 2483}
2484
6eb65e7c
LP		 2485static void unit_emit_audit_start(Unit *u) {
2486 assert(u);
2487
2488 if (u->type != UNIT_SERVICE)
2489 return;
2490
2491 /* Write audit record if we have just finished starting up */
2492 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2493 u->in_audit = true;
2494}
2495
2496static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2497 assert(u);
2498
2499 if (u->type != UNIT_SERVICE)
2500 return;
2501
2502 if (u->in_audit) {
2503 /* Write audit record if we have just finished shutting down */
2504 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2505 u->in_audit = false;
2506 } else {
2507 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2508 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2509
2510 if (state == UNIT_INACTIVE)
2511 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2512 }
2513}
2514
16c74914
LP		 2515static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2516 bool unexpected = false;
31cd5f63 2517 JobResult result;
16c74914
LP		 2518
2519 assert(j);
2520
2521 if (j->state == JOB_WAITING)
2522
2523 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2524 * due to EAGAIN. */
2525 job_add_to_run_queue(j);
2526
2527 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2528 * hence needs to invalidate jobs. */
2529
2530 switch (j->type) {
2531
2532 case JOB_START:
2533 case JOB_VERIFY_ACTIVE:
2534
2535 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2536 job_finish_and_invalidate(j, JOB_DONE, true, false);
2537 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2538 unexpected = true;
2539
31cd5f63
AZ		 2540 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2541 if (ns == UNIT_FAILED)
2542 result = JOB_FAILED;
31cd5f63
AZ		 2543 else
2544 result = JOB_DONE;
2545
2546 job_finish_and_invalidate(j, result, true, false);
2547 }
16c74914
LP		 2548 }
2549
2550 break;
2551
2552 case JOB_RELOAD:
2553 case JOB_RELOAD_OR_START:
2554 case JOB_TRY_RELOAD:
2555
2556 if (j->state == JOB_RUNNING) {
2557 if (ns == UNIT_ACTIVE)
2558 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2559 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2560 unexpected = true;
2561
2562 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2563 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2564 }
2565 }
2566
2567 break;
2568
2569 case JOB_STOP:
2570 case JOB_RESTART:
2571 case JOB_TRY_RESTART:
2572
2573 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2574 job_finish_and_invalidate(j, JOB_DONE, true, false);
2575 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2576 unexpected = true;
2577 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2578 }
2579
2580 break;
2581
2582 default:
2583 assert_not_reached("Job type unknown");
2584 }
2585
2586 return unexpected;
2587}
2588
2ad2e41a 2589void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2590 const char *reason;
8559b3b7 2591 Manager *m;
a096ed36 2592
87f0e418
LP		 2593 assert(u);
2594 assert(os < _UNIT_ACTIVE_STATE_MAX);
2595 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2596
8559b3b7
LP		 2597 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2598 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2599 * remounted this function will be called too! */
87f0e418 2600
546ac4f0
MS		 2601 m = u->manager;
2602
3c4832ad
LP		 2603 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2604 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2605 unit_add_to_dbus_queue(u);
2606
e30bbc90
AZ		 2607 /* Update systemd-oomd on the property/state change */
2608 if (os != ns) {
2609 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2610 * monitoring.
2611 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2612 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2613 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2614 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2615 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2616 (void) manager_varlink_send_managed_oom_update(u);
2617 }
2618
f755e3b7 2619 /* Update timestamps for state changes */
2c289ea8 2620 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2621 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2622
bdbf9951 2623 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2624 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2625 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2626 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2627
2628 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2629 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2630 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2631 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2632 }
87f0e418 2633
865cc19a 2634 /* Keep track of failed units */
8724defe 2635 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2636
d3070fbd
LP		 2637 /* Make sure the cgroup and state files are always removed when we become inactive */
2638 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2639 SET_FLAG(u->markers,
2640 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2641 false);
efdb0237 2642 unit_prune_cgroup(u);
d3070fbd 2643 unit_unlink_state_files(u);
ff68472a
ZJS		 2644 } else if (ns != os && ns == UNIT_RELOADING)
2645 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2646
adefcf28 2647 unit_update_on_console(u);
7ed9f6cd 2648
2c289ea8 2649 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2650 bool unexpected;
2651
2652 /* Let's propagate state changes to the job */
2653 if (u->job)
2654 unexpected = unit_process_job(u->job, ns, flags);
2655 else
2656 unexpected = true;
f3bff0eb 2657
a1c7334b
LP		 2658 /* If this state change happened without being requested by a job, then let's retroactively start or
2659 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2660 * additional jobs just because something is already activated. */
bdbf9951
LP		 2661
2662 if (unexpected) {
2663 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2664 retroactively_start_dependencies(u);
2665 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2666 retroactively_stop_dependencies(u);
2667 }
5de9682c 2668
bdbf9951 2669 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2670 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2671
2672 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2673 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2674 }
e537352b 2675
256f65d0
LP		 2676 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2677 /* This unit just finished starting up */
3b2775c5 2678
6eb65e7c 2679 unit_emit_audit_start(u);
546ac4f0 2680 manager_send_unit_plymouth(m, u);
256f65d0 2681 }
bdbf9951 2682
256f65d0 2683 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2684 /* This unit just stopped/failed. */
256f65d0 2685
6eb65e7c 2686 unit_emit_audit_stop(u, ns);
915b1d01 2687 unit_log_resources(u);
cd6d0a45 2688 }
294446dc
LP		 2689
2690 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2691 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2692 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2693 }
2694
31dc1ca3
LP		 2695 manager_recheck_journal(m);
2696 manager_recheck_dbus(m);
e63ebf71 2697
3ecaa09b 2698 unit_trigger_notify(u);
3b2775c5 2699
8724defe 2700 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2701 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2702 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2703 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2704 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2705 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2706 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2707 }
ff502445
LP		 2708 }
2709
99e9af25
LP		 2710 /* And now, add the unit or depending units to various queues that will act on the new situation if
2711 * needed. These queues generally check for continous state changes rather than events (like most of
2712 * the state propagation above), and do work deferred instead of instantly, since they typically
2713 * don't want to run during reloading, and usually involve checking combined state of multiple units
2714 * at once. */
2715
2716 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2717 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2718 check_unneeded_dependencies(u);
2719 check_bound_by_dependencies(u);
2720
2721 /* Maybe someone wants us to remain up? */
2722 unit_submit_to_start_when_upheld_queue(u);
2723
2724 /* Maybe the unit should be GC'ed now? */
2725 unit_add_to_gc_queue(u);
2726 }
2727
2728 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2729 /* Start uphold units regardless if going up was expected or not */
2730 check_uphold_dependencies(u);
2731
2732 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2733 unit_submit_to_stop_when_unneeded_queue(u);
2734
2735 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2736 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2737 * inactive, without ever entering started.) */
2738 unit_submit_to_stop_when_bound_queue(u);
2739 }
87f0e418
LP		 2740}
2741
f75f613d 2742int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2743 int r;
a911bb9a 2744
87f0e418 2745 assert(u);
62a76913 2746 assert(pid_is_valid(pid));
87f0e418 2747
62a76913 2748 /* Watch a specific PID */
5ba6985b 2749
f75f613d
FB		 2750 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2751 * opportunity to remove any stalled references to this PID as they can be created
2752 * easily (when watching a process which is not our direct child). */
2753 if (exclusive)
2754 manager_unwatch_pid(u->manager, pid);
2755
d5099efc 2756 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2757 if (r < 0)
2758 return r;
2759
62a76913 2760 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2761 if (r < 0)
2762 return r;
2763
62a76913
LP		 2764 /* First try, let's add the unit keyed by "pid". */
2765 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2766 if (r == -EEXIST) {
2767 Unit **array;
2768 bool found = false;
2769 size_t n = 0;
05e343b7 2770
62a76913
LP		 2771 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2772 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2773
62a76913
LP		 2774 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2775 if (array)
2776 for (; array[n]; n++)
2777 if (array[n] == u)
2778 found = true;
a911bb9a 2779
62a76913
LP		 2780 if (found) /* Found it already? if so, do nothing */
2781 r = 0;
2782 else {
2783 Unit **new_array;
2784
2785 /* Allocate a new array */
2786 new_array = new(Unit*, n + 2);
2787 if (!new_array)
2788 return -ENOMEM;
2789
2790 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2791 new_array[n] = u;
2792 new_array[n+1] = NULL;
2793
2794 /* Add or replace the old array */
2795 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2796 if (r < 0) {
2797 free(new_array);
2798 return r;
2799 }
2800
2801 free(array);
2802 }
2803 } else if (r < 0)
2804 return r;
2805
2806 r = set_put(u->pids, PID_TO_PTR(pid));
2807 if (r < 0)
2808 return r;
2809
2810 return 0;
87f0e418
LP		 2811}
2812
2813void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2814 Unit **array;
2815
87f0e418 2816 assert(u);
62a76913
LP		 2817 assert(pid_is_valid(pid));
2818
2819 /* First let's drop the unit in case it's keyed as "pid". */
2820 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2821
2822 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2823 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2824 if (array) {
62a76913 2825 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2826
2827 size_t m = 0;
2828 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2829 if (array[n] != u)
2830 array[m++] = array[n];
2831 array[m] = NULL;
2832
2833 if (m == 0) {
2834 /* The array is now empty, remove the entire entry */
20c3acfa 2835 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2836 free(array);
2837 }
2838 }
87f0e418 2839
fea72cc0 2840 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2841}
2842
bd44e61b
LP		 2843void unit_unwatch_all_pids(Unit *u) {
2844 assert(u);
2845
2846 while (!set_isempty(u->pids))
fea72cc0 2847 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2848
efdb0237 2849 u->pids = set_free(u->pids);
a911bb9a
LP		 2850}
2851
50be4f4a
LP		 2852static void unit_tidy_watch_pids(Unit *u) {
2853 pid_t except1, except2;
a911bb9a
LP		 2854 void *e;
2855
2856 assert(u);
2857
2858 /* Cleans dead PIDs from our list */
2859
50be4f4a
LP		 2860 except1 = unit_main_pid(u);
2861 except2 = unit_control_pid(u);
2862
90e74a66 2863 SET_FOREACH(e, u->pids) {
fea72cc0 2864 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2865
2866 if (pid == except1 || pid == except2)
2867 continue;
2868
9f5650ae 2869 if (!pid_is_unwaited(pid))
bd44e61b 2870 unit_unwatch_pid(u, pid);
a911bb9a 2871 }
87f0e418
LP		 2872}
2873
50be4f4a
LP		 2874static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2875 Unit *u = userdata;
2876
2877 assert(s);
2878 assert(u);
2879
2880 unit_tidy_watch_pids(u);
2881 unit_watch_all_pids(u);
2882
2883 /* If the PID set is empty now, then let's finish this off. */
2884 unit_synthesize_cgroup_empty_event(u);
2885
2886 return 0;
2887}
2888
2889int unit_enqueue_rewatch_pids(Unit *u) {
2890 int r;
2891
2892 assert(u);
2893
2894 if (!u->cgroup_path)
2895 return -ENOENT;
2896
2897 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2898 if (r < 0)
2899 return r;
2900 if (r > 0) /* On unified we can use proper notifications */
2901 return 0;
2902
2903 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2904 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2905 * involves issuing kill(pid, 0) on all processes we watch. */
2906
2907 if (!u->rewatch_pids_event_source) {
2908 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2909
2910 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2911 if (r < 0)
2912 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2913
2914 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2915 if (r < 0)
28b77ab2 2916 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2917
2918 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2919
2920 u->rewatch_pids_event_source = TAKE_PTR(s);
2921 }
2922
2923 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2924 if (r < 0)
2925 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2926
2927 return 0;
2928}
2929
2930void unit_dequeue_rewatch_pids(Unit *u) {
2931 int r;
2932 assert(u);
2933
2934 if (!u->rewatch_pids_event_source)
2935 return;
2936
2937 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2938 if (r < 0)
2939 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2940
2941 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2942}
2943
87f0e418
LP		 2944bool unit_job_is_applicable(Unit *u, JobType j) {
2945 assert(u);
2946 assert(j >= 0 && j < _JOB_TYPE_MAX);
2947
2948 switch (j) {
2949
2950 case JOB_VERIFY_ACTIVE:
2951 case JOB_START:
e0209d83 2952 case JOB_NOP:
f5869324 2953 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 2954 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 2955 * jobs for it. */
87f0e418
LP		 2956 return true;
2957
f5869324
LP		 2958 case JOB_STOP:
2959 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 2960 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 2961 return !u->perpetual;
2962
87f0e418
LP		 2963 case JOB_RESTART:
2964 case JOB_TRY_RESTART:
f5869324 2965 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 2966
2967 case JOB_RELOAD:
3282591d 2968 case JOB_TRY_RELOAD:
87f0e418
LP		 2969 return unit_can_reload(u);
2970
2971 case JOB_RELOAD_OR_START:
2972 return unit_can_reload(u) && unit_can_start(u);
2973
2974 default:
2975 assert_not_reached("Invalid job type");
2976 }
2977}
2978
eef85c4a
LP		 2979int unit_add_dependency(
2980 Unit *u,
2981 UnitDependency d,
2982 Unit *other,
2983 bool add_reference,
2984 UnitDependencyMask mask) {
87f0e418
LP		 2985
2986 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2987 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
be7d9ff7 2988 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
7e9212bf 2989 [UNIT_WANTS] = UNIT_WANTED_BY,
7f2cddae 2990 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
60649f17 2991 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
0bc488c9 2992 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
be7d9ff7 2993 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
be7d9ff7 2994 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
be7d9ff7 2995 [UNIT_WANTED_BY] = UNIT_WANTS,
7f2cddae 2996 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
60649f17 2997 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
0bc488c9 2998 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
69dd2852
LP		 2999 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3000 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
87f0e418 3001 [UNIT_BEFORE] = UNIT_AFTER,
701cc384 3002 [UNIT_AFTER] = UNIT_BEFORE,
294446dc
LP		 3003 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3004 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
629b2a6f
LP		 3005 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3006 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
57020a3a 3007 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
4dcc1cb4 3008 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
7f2cddae 3009 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3010 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
ffec78c0
LP		 3011 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3012 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
defe63b0 3013 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
7e9212bf
LP		 3014 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3015 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
d219a2b0
LP		 3016 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3017 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3018 };
eef85c4a 3019 Unit *original_u = u, *original_other = other;
15ed3c3a 3020 UnitDependencyAtom a;
eef85c4a 3021 int r;
15ed3c3a
LP		 3022
3023 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3024 * there, no need to notify! */
3025 bool noop;
87f0e418
LP		 3026
3027 assert(u);
3028 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3029 assert(other);
3030
9f151f29
LP		 3031 u = unit_follow_merge(u);
3032 other = unit_follow_merge(other);
15ed3c3a
LP		 3033 a = unit_dependency_to_atom(d);
3034 assert(a >= 0);
9f151f29 3035
15ed3c3a 3036 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3037 if (u == other) {
15ed3c3a 3038 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3039 return 0;
d1fab3fe 3040 }
87f0e418 3041
15ed3c3a
LP		 3042 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3043 * running timeout at a specific time. */
3044 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3045 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3046 return 0;
3047 }
3048
15ed3c3a 3049 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3050 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3051 return 0;
3052 }
3053
15ed3c3a 3054 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3055 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3056 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3057 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3058 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3059 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3060
d219a2b0
LP		 3061 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3062 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3063 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3064 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3065 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3066 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3067
3068 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3069 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3070 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3071
3072 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3073 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3074 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3075
15ed3c3a 3076 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3077 if (r < 0)
87f0e418 3078 return r;
15ed3c3a 3079 noop = !r;
87f0e418 3080
eef85c4a 3081 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3082 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3083 if (r < 0)
3084 return r;
15ed3c3a 3085 if (r)
5177cb0a 3086 noop = false;
613b411c
LP		 3087 }
3088
3089 if (add_reference) {
15ed3c3a 3090 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3091 if (r < 0)
5de9682c 3092 return r;
15ed3c3a 3093 if (r)
5177cb0a 3094 noop = false;
5de9682c 3095
15ed3c3a 3096 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3097 if (r < 0)
701cc384 3098 return r;
15ed3c3a 3099 if (r)
5177cb0a 3100 noop = false;
613b411c 3101 }
87f0e418 3102
5177cb0a
RM		 3103 if (!noop)
3104 unit_add_to_dbus_queue(u);
15ed3c3a 3105
87f0e418
LP		 3106 return 0;
3107}
0301abf4 3108
eef85c4a 3109int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2c966c03
LP		 3110 int r;
3111
3112 assert(u);
3113
eef85c4a 3114 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3115 if (r < 0)
2c966c03
LP		 3116 return r;
3117
eef85c4a 3118 return unit_add_dependency(u, e, other, add_reference, mask);
2c966c03
LP		 3119}
3120
23e8c796 3121static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3122 int r;
9e2f7c11
LP		 3123
3124 assert(u);
23e8c796 3125 assert(name);
7410616c
LP		 3126 assert(buf);
3127 assert(ret);
9e2f7c11 3128
7410616c
LP		 3129 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3130 *buf = NULL;
3131 *ret = name;
3132 return 0;
9e2f7c11
LP		 3133 }
3134
ac155bb8 3135 if (u->instance)
7410616c 3136 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3137 else {
ae018d9b 3138 _cleanup_free_ char *i = NULL;
9e2f7c11 3139
7410616c
LP		 3140 r = unit_name_to_prefix(u->id, &i);
3141 if (r < 0)
3142 return r;
9e2f7c11 3143
7410616c 3144 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3145 }
7410616c
LP		 3146 if (r < 0)
3147 return r;
9e2f7c11 3148
7410616c
LP		 3149 *ret = *buf;
3150 return 0;
9e2f7c11
LP		 3151}
3152
35d8c19a 3153int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3154 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3155 Unit *other;
3156 int r;
3157
9e2f7c11 3158 assert(u);
35d8c19a 3159 assert(name);
09b6b09f 3160
23e8c796 3161 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3162 if (r < 0)
3163 return r;
09b6b09f 3164
35d8c19a 3165 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3166 if (r < 0)
3167 return r;
9e2f7c11 3168
eef85c4a 3169 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3170}
3171
5a724170 3172int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3173 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3174 Unit *other;
3175 int r;
2c966c03
LP		 3176
3177 assert(u);
5a724170 3178 assert(name);
2c966c03 3179
23e8c796 3180 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3181 if (r < 0)
3182 return r;
2c966c03 3183
5a724170 3184 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3185 if (r < 0)
68eda4bd 3186 return r;
2c966c03 3187
eef85c4a 3188 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3189}
3190
0301abf4 3191int set_unit_path(const char *p) {
0301abf4 3192 /* This is mostly for debug purposes */
cbe46ead 3193 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
26d04f86 3194 return -errno;
0301abf4
LP		 3195
3196 return 0;
3197}
88066b3a 3198
ea430986 3199char *unit_dbus_path(Unit *u) {
ea430986
LP		 3200 assert(u);
3201
ac155bb8 3202 if (!u->id)
04ade7d2
LP		 3203 return NULL;
3204
48899192 3205 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3206}
3207
4b58153d
LP		 3208char *unit_dbus_path_invocation_id(Unit *u) {
3209 assert(u);
3210
3211 if (sd_id128_is_null(u->invocation_id))
3212 return NULL;
3213
3214 return unit_dbus_path_from_name(u->invocation_id_string);
3215}
3216
2d3b784d 3217int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3218 int r;
3219
3220 assert(u);
3221
3222 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3223
3224 if (sd_id128_equal(u->invocation_id, id))
3225 return 0;
3226
3227 if (!sd_id128_is_null(u->invocation_id))
3228 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3229
3230 if (sd_id128_is_null(id)) {
3231 r = 0;
3232 goto reset;
3233 }
3234
3235 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3236 if (r < 0)
3237 goto reset;
3238
3239 u->invocation_id = id;
3240 sd_id128_to_string(id, u->invocation_id_string);
3241
3242 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3243 if (r < 0)
3244 goto reset;
3245
3246 return 0;
3247
3248reset:
3249 u->invocation_id = SD_ID128_NULL;
3250 u->invocation_id_string[0] = 0;
3251 return r;
3252}
3253
d219a2b0
LP		 3254int unit_set_slice(Unit *u, Unit *slice, UnitDependencyMask mask) {
3255 int r;
3256
d79200e2
LP		 3257 assert(u);
3258 assert(slice);
3259
d219a2b0
LP		 3260 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3261 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3262 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3263
3264 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3265 return -EOPNOTSUPP;
3266
3267 if (u->type == UNIT_SLICE)
3268 return -EINVAL;
3269
102ef982
LP		 3270 if (unit_active_state(u) != UNIT_INACTIVE)
3271 return -EBUSY;
3272
d79200e2
LP		 3273 if (slice->type != UNIT_SLICE)
3274 return -EINVAL;
3275
efdb0237
LP		 3276 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3277 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3278 return -EPERM;
3279
12f64221 3280 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3281 return 0;
3282
99e66921 3283 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3284 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3285 return -EBUSY;
3286
d219a2b0
LP		 3287 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, mask);
3288 if (r < 0)
3289 return r;
3290
d79200e2
LP		 3291 return 1;
3292}
3293
3294int unit_set_default_slice(Unit *u) {
a8833944 3295 const char *slice_name;
a016b922
LP		 3296 Unit *slice;
3297 int r;
3298
3299 assert(u);
3300
12f64221 3301 if (UNIT_GET_SLICE(u))
a016b922
LP		 3302 return 0;
3303
a8833944
LP		 3304 if (u->instance) {
3305 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3306
a8833944
LP		 3307 /* Implicitly place all instantiated units in their
3308 * own per-template slice */
3309
7410616c
LP		 3310 r = unit_name_to_prefix(u->id, &prefix);
3311 if (r < 0)
3312 return r;
a8833944
LP		 3313
3314 /* The prefix is already escaped, but it might include
3315 * "-" which has a special meaning for slice units,
3316 * hence escape it here extra. */
7410616c 3317 escaped = unit_name_escape(prefix);
a8833944
LP		 3318 if (!escaped)
3319 return -ENOMEM;
3320
463d0d15 3321 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3322 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3323 else
7f3b86a4 3324 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3325
3326 } else if (unit_is_extrinsic(u))
3327 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3328 * the root slice. They don't really belong in one of the subslices. */
3329 slice_name = SPECIAL_ROOT_SLICE;
3330
3331 else if (MANAGER_IS_SYSTEM(u->manager))
3332 slice_name = SPECIAL_SYSTEM_SLICE;
3333 else
3334 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3335
3336 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3337 if (r < 0)
3338 return r;
3339
d219a2b0 3340 return unit_set_slice(u, slice, UNIT_DEPENDENCY_FILE);
a016b922
LP		 3341}
3342
9444b1f2 3343const char *unit_slice_name(Unit *u) {
12f64221 3344 Unit *slice;
9444b1f2
LP		 3345 assert(u);
3346
12f64221
LP		 3347 slice = UNIT_GET_SLICE(u);
3348 if (!slice)
9444b1f2
LP		 3349 return NULL;
3350
12f64221 3351 return slice->id;
9444b1f2
LP		 3352}
3353
f6ff8c29 3354int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3355 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3356 int r;
3357
3358 assert(u);
3359 assert(type);
3360 assert(_found);
3361
7410616c
LP		 3362 r = unit_name_change_suffix(u->id, type, &t);
3363 if (r < 0)
3364 return r;
3365 if (unit_has_name(u, t))
3366 return -EINVAL;
f6ff8c29 3367
ac155bb8 3368 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3369 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3370 return r;
3371}
3372
bbc29086 3373static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3374 const char *new_owner;
bbc29086
DM		 3375 Unit *u = userdata;
3376 int r;
3377
3378 assert(message);
3379 assert(u);
3380
fc67a943 3381 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3382 if (r < 0) {
3383 bus_log_parse_error(r);
3384 return 0;
3385 }
3386
3387 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3388 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3389
3390 return 0;
3391}
3392
3393static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3394 const sd_bus_error *e;
3395 const char *new_owner;
3396 Unit *u = userdata;
3397 int r;
3398
3399 assert(message);
3400 assert(u);
3401
3402 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3403
a5a8776a 3404 e = sd_bus_message_get_error(message);
a5a8776a 3405 if (e) {
a54654ba
LP		 3406 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3407 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
a5a8776a 3408
fc67a943
LP		 3409 new_owner = NULL;
3410 } else {
3411 r = sd_bus_message_read(message, "s", &new_owner);
3412 if (r < 0)
3413 return bus_log_parse_error(r);
a5a8776a 3414
fc67a943
LP		 3415 assert(!isempty(new_owner));
3416 }
a5a8776a
MJ		 3417
3418 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3419 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3420
3421 return 0;
3422}
3423
9806e87d
LP		 3424int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3425 const char *match;
a5b07847 3426 int r;
bbc29086 3427
9806e87d
LP		 3428 assert(u);
3429 assert(bus);
3430 assert(name);
bbc29086 3431
a5b07847 3432 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3433 return -EBUSY;
3434
9806e87d 3435 match = strjoina("type='signal',"
81d62103
ZJS		 3436 "sender='org.freedesktop.DBus',"
3437 "path='/org/freedesktop/DBus',"
3438 "interface='org.freedesktop.DBus',"
3439 "member='NameOwnerChanged',"
3440 "arg0='", name, "'");
bbc29086 3441
a5b07847 3442 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3443 if (r < 0)
3444 return r;
3445
a5b07847
LP		 3446 r = sd_bus_call_method_async(
3447 bus,
3448 &u->get_name_owner_slot,
3449 "org.freedesktop.DBus",
3450 "/org/freedesktop/DBus",
3451 "org.freedesktop.DBus",
3452 "GetNameOwner",
3453 get_name_owner_handler,
3454 u,
3455 "s", name);
3456 if (r < 0) {
3457 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3458 return r;
3459 }
3460
3461 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3462 return 0;
bbc29086
DM		 3463}
3464
05e343b7 3465int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3466 int r;
3467
05e343b7
LP		 3468 assert(u);
3469 assert(name);
3470
3471 /* Watch a specific name on the bus. We only support one unit
3472 * watching each name for now. */
3473
bbc29086
DM		 3474 if (u->manager->api_bus) {
3475 /* If the bus is already available, install the match directly.
3476 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3477 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3478 if (r < 0)
8ea823b6 3479 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3480 }
3481
3482 r = hashmap_put(u->manager->watch_bus, name, u);
3483 if (r < 0) {
3484 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3485 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3486 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3487 }
3488
3489 return 0;
05e343b7
LP		 3490}
3491
3492void unit_unwatch_bus_name(Unit *u, const char *name) {
3493 assert(u);
3494 assert(name);
3495
8367fea5 3496 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3497 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3498 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3499}
3500
a16e1123
LP		 3501bool unit_can_serialize(Unit *u) {
3502 assert(u);
3503
3504 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3505}
3506
d336ba9f 3507int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3508 _cleanup_free_ char *e = NULL;
44b0d1fd 3509 Unit *device;
6e2ef85b
LP		 3510 int r;
3511
3512 assert(u);
3513
6e2ef85b 3514 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3515 if (isempty(what))
3516 return 0;
6e2ef85b 3517
8407a5d0 3518 if (!is_device_path(what))
6e2ef85b
LP		 3519 return 0;
3520
44b0d1fd 3521 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3522 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3523 return 0;
3524
7410616c
LP		 3525 r = unit_name_from_path(what, ".device", &e);
3526 if (r < 0)
3527 return r;
6e2ef85b 3528
ac155bb8 3529 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3530 if (r < 0)
3531 return r;
3532
ebc8968b
FB		 3533 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3534 dep = UNIT_BINDS_TO;
3535
d336ba9f
FB		 3536 return unit_add_two_dependencies(u, UNIT_AFTER,
3537 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3538 device, true, mask);
6e2ef85b 3539}
a16e1123 3540
44b0d1fd
LP		 3541int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3542 _cleanup_free_ char *escaped = NULL, *target = NULL;
3543 int r;
3544
3545 assert(u);
3546
3547 if (isempty(what))
3548 return 0;
3549
3550 if (!path_startswith(what, "/dev/"))
3551 return 0;
3552
3553 /* If we don't support devices, then also don't bother with blockdev@.target */
3554 if (!unit_type_supported(UNIT_DEVICE))
3555 return 0;
3556
3557 r = unit_name_path_escape(what, &escaped);
3558 if (r < 0)
3559 return r;
3560
3561 r = unit_name_build("blockdev", escaped, ".target", &target);
3562 if (r < 0)
3563 return r;
3564
3565 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3566}
3567
be847e82 3568int unit_coldplug(Unit *u) {
05a98afd
LP		 3569 int r = 0, q;
3570 char **i;
b49e14d5 3571 Job *uj;
cca098b0
LP		 3572
3573 assert(u);
3574
f0831ed2 3575 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3576 if (u->coldplugged)
3577 return 0;
3578
3579 u->coldplugged = true;
3580
05a98afd
LP		 3581 STRV_FOREACH(i, u->deserialized_refs) {
3582 q = bus_unit_track_add_name(u, *i);
3583 if (q < 0 && r >= 0)
3584 r = q;
3585 }
3586 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3587
05a98afd
LP		 3588 if (UNIT_VTABLE(u)->coldplug) {
3589 q = UNIT_VTABLE(u)->coldplug(u);
3590 if (q < 0 && r >= 0)
3591 r = q;
3592 }
5a6158b6 3593
b49e14d5 3594 uj = u->job ?: u->nop_job;
3595 if (uj) {
3596 q = job_coldplug(uj);
05a98afd
LP		 3597 if (q < 0 && r >= 0)
3598 r = q;
3599 }
cca098b0 3600
05a98afd 3601 return r;
cca098b0
LP		 3602}
3603
f0831ed2
LP		 3604void unit_catchup(Unit *u) {
3605 assert(u);
3606
3607 if (UNIT_VTABLE(u)->catchup)
3608 UNIT_VTABLE(u)->catchup(u);
3609}
3610
ba25d39e 3611static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3612 struct stat st;
3613
3614 if (!path)
3615 return false;
3616
77969722
LP		 3617 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3618 * are never out-of-date. */
3619 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3620 return false;
3621
21b95806
ZJS		 3622 if (stat(path, &st) < 0)
3623 /* What, cannot access this anymore? */
3624 return true;
3625
ba25d39e
ZJS		 3626 if (path_masked)
3627 /* For masked files check if they are still so */
3628 return !null_or_empty(&st);
3629 else
3a8db9fe 3630 /* For non-empty files check the mtime */
87ec20ef 3631 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3632
3633 return false;
3634}
3635
45fb0699 3636bool unit_need_daemon_reload(Unit *u) {
ae7a7182
OS		 3637 _cleanup_strv_free_ char **t = NULL;
3638 char **path;
1b64d026 3639
45fb0699
LP		 3640 assert(u);
3641
ba25d39e
ZJS		 3642 /* For unit files, we allow masking… */
3643 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3644 u->load_state == UNIT_MASKED))
21b95806 3645 return true;
5f4b19f4 3646
ba25d39e
ZJS		 3647 /* Source paths should not be masked… */
3648 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3649 return true;
ae7a7182 3650
19a44dfe
LR		 3651 if (u->load_state == UNIT_LOADED)
3652 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3653 if (!strv_equal(u->dropin_paths, t))
3654 return true;
6d10d308 3655
ba25d39e 3656 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3657 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3658 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3659 return true;
21b95806 3660
ab932a62 3661 return false;
45fb0699
LP		 3662}
3663
fdf20a31 3664void unit_reset_failed(Unit *u) {
5632e374
LP		 3665 assert(u);
3666
fdf20a31
MM		 3667 if (UNIT_VTABLE(u)->reset_failed)
3668 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3669
7bf081a1 3670 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3671 u->start_limit_hit = false;
5632e374
LP		 3672}
3673
a7f241db
LP		 3674Unit *unit_following(Unit *u) {
3675 assert(u);
3676
3677 if (UNIT_VTABLE(u)->following)
3678 return UNIT_VTABLE(u)->following(u);
3679
3680 return NULL;
3681}
3682
31afa0a4 3683bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3684 assert(u);
3685
31afa0a4
LP		 3686 /* This call does check the current state of the unit. It's
3687 * hence useful to be called from state change calls of the
3688 * unit itself, where the state isn't updated yet. This is
3689 * different from unit_inactive_or_pending() which checks both
3690 * the current state and for a queued job. */
18ffdfda 3691
28a2dfe8 3692 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3693}
3694
3695bool unit_inactive_or_pending(Unit *u) {
3696 assert(u);
3697
3698 /* Returns true if the unit is inactive or going down */
18ffdfda 3699
d956ac29
LP		 3700 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3701 return true;
3702
31afa0a4 3703 if (unit_stop_pending(u))
18ffdfda
LP		 3704 return true;
3705
3706 return false;
3707}
3708
31afa0a4 3709bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3710 assert(u);
3711
f60c2665 3712 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3713
3714 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3715 return true;
3716
ac155bb8 3717 if (u->job &&
3742095b 3718 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3719 return true;
3720
3721 return false;
3722}
3723
52a12341
YW		 3724bool unit_will_restart_default(Unit *u) {
3725 assert(u);
3726
28a2dfe8 3727 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3728}
3729
deb4e708
MK		 3730bool unit_will_restart(Unit *u) {
3731 assert(u);
3732
3733 if (!UNIT_VTABLE(u)->will_restart)
3734 return false;
3735
3736 return UNIT_VTABLE(u)->will_restart(u);
3737}
3738
718db961 3739int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3740 assert(u);
3741 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3742 assert(SIGNAL_VALID(signo));
8a0867d6 3743
8a0867d6 3744 if (!UNIT_VTABLE(u)->kill)
15411c0c 3745 return -EOPNOTSUPP;
8a0867d6 3746
c74f17d9 3747 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3748}
3749
82659fd7 3750static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3751 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3752 int r;
3753
d5099efc 3754 pid_set = set_new(NULL);
82659fd7
LP		 3755 if (!pid_set)
3756 return NULL;
3757
3758 /* Exclude the main/control pids from being killed via the cgroup */
3759 if (main_pid > 0) {
fea72cc0 3760 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3761 if (r < 0)
95f14a3e 3762 return NULL;
82659fd7
LP		 3763 }
3764
3765 if (control_pid > 0) {
fea72cc0 3766 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3767 if (r < 0)
95f14a3e 3768 return NULL;
82659fd7
LP		 3769 }
3770
95f14a3e 3771 return TAKE_PTR(pid_set);
82659fd7
LP		 3772}
3773
d9911002
LP		 3774static int kill_common_log(pid_t pid, int signo, void *userdata) {
3775 _cleanup_free_ char *comm = NULL;
3776 Unit *u = userdata;
3777
3778 assert(u);
3779
3780 (void) get_process_comm(pid, &comm);
3781 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3782 signal_to_string(signo), pid, strna(comm));
3783
3784 return 1;
3785}
3786
d91c34f2
LP		 3787int unit_kill_common(
3788 Unit *u,
3789 KillWho who,
3790 int signo,
3791 pid_t main_pid,
3792 pid_t control_pid,
718db961 3793 sd_bus_error *error) {
d91c34f2 3794
814cc562 3795 int r = 0;
ac5e3a50 3796 bool killed = false;
814cc562 3797
8aff7ac4
LP		 3798 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3799 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3800 * stop a service ourselves. */
3801
ac5e3a50 3802 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3803 if (main_pid < 0)
7358dc02 3804 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3805 if (main_pid == 0)
7358dc02 3806 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3807 }
3808
ac5e3a50 3809 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3810 if (control_pid < 0)
7358dc02 3811 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3812 if (control_pid == 0)
7358dc02 3813 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3814 }
3815
ac5e3a50
JS		 3816 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3817 if (control_pid > 0) {
d9911002
LP		 3818 _cleanup_free_ char *comm = NULL;
3819 (void) get_process_comm(control_pid, &comm);
3820
3821 if (kill(control_pid, signo) < 0) {
3822 /* Report this failure both to the logs and to the client */
3823 sd_bus_error_set_errnof(
3824 error, errno,
3825 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3826 signal_to_string(signo), control_pid, strna(comm));
3827 r = log_unit_warning_errno(
3828 u, errno,
3829 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3830 signal_to_string(signo), control_pid, strna(comm));
3831 } else {
3832 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3833 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3834 killed = true;
d9911002 3835 }
ac5e3a50 3836 }
814cc562 3837
ac5e3a50
JS		 3838 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3839 if (main_pid > 0) {
d9911002
LP		 3840 _cleanup_free_ char *comm = NULL;
3841 (void) get_process_comm(main_pid, &comm);
3842
3843 if (kill(main_pid, signo) < 0) {
3844 if (r == 0)
3845 sd_bus_error_set_errnof(
3846 error, errno,
3847 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3848 signal_to_string(signo), main_pid, strna(comm));
3849
3850 r = log_unit_warning_errno(
3851 u, errno,
3852 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3853 signal_to_string(signo), main_pid, strna(comm));
3854 } else {
3855 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3856 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3857 killed = true;
d9911002 3858 }
ac5e3a50 3859 }
814cc562 3860
ac5e3a50 3861 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3862 _cleanup_set_free_ Set *pid_set = NULL;
3863 int q;
3864
82659fd7
LP		 3865 /* Exclude the main/control pids from being killed via the cgroup */
3866 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3867 if (!pid_set)
d9911002
LP		 3868 return log_oom();
3869
3870 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3871 if (q < 0) {
3872 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3873 if (r == 0)
3874 sd_bus_error_set_errnof(
3875 error, q,
3876 "Failed to send signal SIG%s to auxiliary processes: %m",
3877 signal_to_string(signo));
3878
3879 r = log_unit_warning_errno(
3880 u, q,
3881 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3882 signal_to_string(signo));
3883 }
3884 } else
ac5e3a50 3885 killed = true;
814cc562
MS		 3886 }
3887
2ae0508e
LP		 3888 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3889 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3890 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3891
814cc562
MS		 3892 return r;
3893}
3894
6210e7fc
LP		 3895int unit_following_set(Unit *u, Set **s) {
3896 assert(u);
3897 assert(s);
3898
3899 if (UNIT_VTABLE(u)->following_set)
3900 return UNIT_VTABLE(u)->following_set(u, s);
3901
3902 *s = NULL;
3903 return 0;
3904}
3905
a4375746 3906UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3907 int r;
3908
a4375746
LP		 3909 assert(u);
3910
0ec0deaa
LP		 3911 if (u->unit_file_state < 0 && u->fragment_path) {
3912 r = unit_file_get_state(
463d0d15 3913 u->manager->unit_file_scope,
0ec0deaa 3914 NULL,
9ea3a0e7 3915 u->id,
0ec0deaa
LP		 3916 &u->unit_file_state);
3917 if (r < 0)
3918 u->unit_file_state = UNIT_FILE_BAD;
3919 }
a4375746 3920
ac155bb8 3921 return u->unit_file_state;
a4375746
LP		 3922}
3923
d2dc52db
LP		 3924int unit_get_unit_file_preset(Unit *u) {
3925 assert(u);
3926
3927 if (u->unit_file_preset < 0 && u->fragment_path)
3928 u->unit_file_preset = unit_file_query_preset(
463d0d15 3929 u->manager->unit_file_scope,
0ec0deaa 3930 NULL,
8f7b2566
ZJS		 3931 basename(u->fragment_path),
3932 NULL);
d2dc52db
LP		 3933
3934 return u->unit_file_preset;
3935}
3936
7f7d01ed 3937Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 3938 assert(ref);
7f7d01ed
ZJS		 3939 assert(source);
3940 assert(target);
57020a3a 3941
7f7d01ed 3942 if (ref->target)
57020a3a
LP		 3943 unit_ref_unset(ref);
3944
7f7d01ed
ZJS		 3945 ref->source = source;
3946 ref->target = target;
3947 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3948 return target;
57020a3a
LP		 3949}
3950
3951void unit_ref_unset(UnitRef *ref) {
3952 assert(ref);
3953
7f7d01ed 3954 if (!ref->target)
57020a3a
LP		 3955 return;
3956
b75102e5
LP		 3957 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3958 * be unreferenced now. */
7f7d01ed 3959 unit_add_to_gc_queue(ref->target);
b75102e5 3960
7f7d01ed
ZJS		 3961 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3962 ref->source = ref->target = NULL;
57020a3a
LP		 3963}
3964
29206d46
LP		 3965static int user_from_unit_name(Unit *u, char **ret) {
3966
3967 static const uint8_t hash_key[] = {
3968 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3969 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3970 };
3971
3972 _cleanup_free_ char *n = NULL;
3973 int r;
3974
3975 r = unit_name_to_prefix(u->id, &n);
3976 if (r < 0)
3977 return r;
3978
7a8867ab 3979 if (valid_user_group_name(n, 0)) {
ae2a15bc 3980 *ret = TAKE_PTR(n);
29206d46
LP		 3981 return 0;
3982 }
3983
3984 /* If we can't use the unit name as a user name, then let's hash it and use that */
3985 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3986 return -ENOMEM;
3987
3988 return 0;
3989}
3990
598459ce
LP		 3991int unit_patch_contexts(Unit *u) {
3992 CGroupContext *cc;
3993 ExecContext *ec;
cba6e062
LP		 3994 int r;
3995
e06c73cc 3996 assert(u);
e06c73cc 3997
598459ce
LP		 3998 /* Patch in the manager defaults into the exec and cgroup
3999 * contexts, _after_ the rest of the settings have been
4000 * initialized */
085afe36 4001
598459ce
LP		 4002 ec = unit_get_exec_context(u);
4003 if (ec) {
4004 /* This only copies in the ones that need memory */
12375b95 4005 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4006 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4007 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4008 if (!ec->rlimit[i])
4009 return -ENOMEM;
4010 }
4011
463d0d15 4012 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4013 !ec->working_directory) {
4014
4015 r = get_home_dir(&ec->working_directory);
4016 if (r < 0)
4017 return r;
4c08c824
LP		 4018
4019 /* Allow user services to run, even if the
4020 * home directory is missing */
4021 ec->working_directory_missing_ok = true;
cba6e062
LP		 4022 }
4023
598459ce 4024 if (ec->private_devices)
2cd0a735 4025 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4026
4027 if (ec->protect_kernel_modules)
4028 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4029
84703040
KK		 4030 if (ec->protect_kernel_logs)
4031 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4032
fc64760d
KK		 4033 if (ec->protect_clock)
4034 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4035
29206d46
LP		 4036 if (ec->dynamic_user) {
4037 if (!ec->user) {
4038 r = user_from_unit_name(u, &ec->user);
4039 if (r < 0)
4040 return r;
4041 }
4042
4043 if (!ec->group) {
4044 ec->group = strdup(ec->user);
4045 if (!ec->group)
4046 return -ENOMEM;
4047 }
4048
bf65b7e0
LP		 4049 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4050 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4051 * sandbox. */
63bb64a0 4052
29206d46 4053 ec->private_tmp = true;
00d9ef85 4054 ec->remove_ipc = true;
63bb64a0
LP		 4055 ec->protect_system = PROTECT_SYSTEM_STRICT;
4056 if (ec->protect_home == PROTECT_HOME_NO)
4057 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4058
4059 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4060 * them. */
4061 ec->no_new_privileges = true;
4062 ec->restrict_suid_sgid = true;
29206d46 4063 }
cba6e062
LP		 4064 }
4065
598459ce 4066 cc = unit_get_cgroup_context(u);
fe65e88b 4067 if (cc && ec) {
f513e420 4068
fe65e88b 4069 if (ec->private_devices &&
084870f9
ZJS		 4070 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4071 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4072
b3d13314 4073 if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
084870f9 4074 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
0cffae95 4075 const char *p;
fe65e88b 4076
b3d13314 4077 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4078 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4079 r = cgroup_add_device_allow(cc, p, "rw");
4080 if (r < 0)
4081 return r;
4082 }
4083 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4084 r = cgroup_add_device_allow(cc, p, "rwm");
4085 if (r < 0)
4086 return r;
4087 }
867af728 4088
0cffae95
LB		 4089 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4090 * Same for mapper and verity. */
4091 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4092 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4093 if (r < 0)
4094 return r;
4095 }
fe65e88b 4096 }
fc64760d
KK		 4097
4098 if (ec->protect_clock) {
4099 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4100 if (r < 0)
4101 return r;
4102 }
598459ce 4103 }
f1660f96 4104
cba6e062 4105 return 0;
e06c73cc
LP		 4106}
4107
c2503e35 4108ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4109 size_t offset;
4110 assert(u);
4111
598459ce
LP		 4112 if (u->type < 0)
4113 return NULL;
4114
3ef63c31
LP		 4115 offset = UNIT_VTABLE(u)->exec_context_offset;
4116 if (offset <= 0)
4117 return NULL;
4118
4119 return (ExecContext*) ((uint8_t*) u + offset);
4120}
4121
718db961
LP		 4122KillContext *unit_get_kill_context(Unit *u) {
4123 size_t offset;
4124 assert(u);
4125
598459ce
LP		 4126 if (u->type < 0)
4127 return NULL;
4128
718db961
LP		 4129 offset = UNIT_VTABLE(u)->kill_context_offset;
4130 if (offset <= 0)
4131 return NULL;
4132
4133 return (KillContext*) ((uint8_t*) u + offset);
4134}
4135
4ad49000
LP		 4136CGroupContext *unit_get_cgroup_context(Unit *u) {
4137 size_t offset;
4138
598459ce
LP		 4139 if (u->type < 0)
4140 return NULL;
4141
4ad49000
LP		 4142 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4143 if (offset <= 0)
4144 return NULL;
4145
4146 return (CGroupContext*) ((uint8_t*) u + offset);
4147}
4148
613b411c
LP		 4149ExecRuntime *unit_get_exec_runtime(Unit *u) {
4150 size_t offset;
4151
598459ce
LP		 4152 if (u->type < 0)
4153 return NULL;
4154
613b411c
LP		 4155 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4156 if (offset <= 0)
4157 return NULL;
4158
4159 return *(ExecRuntime**) ((uint8_t*) u + offset);
4160}
4161
2e59b241 4162static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4163 assert(u);
4164
2e59b241 4165 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4166 return NULL;
4167
39591351
LP		 4168 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4169 return u->manager->lookup_paths.transient;
26d04f86 4170
2e59b241 4171 if (flags & UNIT_PERSISTENT)
4f4afc88 4172 return u->manager->lookup_paths.persistent_control;
26d04f86 4173
2e59b241
LP		 4174 if (flags & UNIT_RUNTIME)
4175 return u->manager->lookup_paths.runtime_control;
4176
39591351 4177 return NULL;
71645aca
LP		 4178}
4179
2e59b241
LP		 4180char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4181 char *ret = NULL;
4182
4183 if (!s)
4184 return NULL;
4185
4186 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4187 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4188 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4189 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4190 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4191 * allocations. */
4192
4193 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4194 ret = specifier_escape(s);
4195 if (!ret)
4196 return NULL;
4197
4198 s = ret;
4199 }
4200
4201 if (flags & UNIT_ESCAPE_C) {
4202 char *a;
4203
4204 a = cescape(s);
4205 free(ret);
4206 if (!a)
4207 return NULL;
4208
4209 ret = a;
4210 }
4211
4212 if (buf) {
4213 *buf = ret;
4214 return ret ?: (char*) s;
4215 }
4216
4217 return ret ?: strdup(s);
4218}
4219
4220char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4221 _cleanup_free_ char *result = NULL;
319a4f4b 4222 size_t n = 0;
ae2a15bc 4223 char **i;
2e59b241
LP		 4224
4225 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4226 * way suitable for ExecStart= stanzas */
4227
4228 STRV_FOREACH(i, l) {
4229 _cleanup_free_ char *buf = NULL;
4230 const char *p;
4231 size_t a;
4232 char *q;
4233
4234 p = unit_escape_setting(*i, flags, &buf);
4235 if (!p)
4236 return NULL;
4237
4238 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4239 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4240 return NULL;
4241
4242 q = result + n;
4243 if (n > 0)
4244 *(q++) = ' ';
4245
4246 *(q++) = '"';
4247 q = stpcpy(q, p);
4248 *(q++) = '"';
4249
4250 n += a;
4251 }
4252
319a4f4b 4253 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4254 return NULL;
4255
4256 result[n] = 0;
4257
ae2a15bc 4258 return TAKE_PTR(result);
2e59b241
LP		 4259}
4260
4261int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4262 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4263 const char *dir, *wrapped;
26d04f86 4264 int r;
71645aca
LP		 4265
4266 assert(u);
2e59b241
LP		 4267 assert(name);
4268 assert(data);
4269
4270 if (UNIT_WRITE_FLAGS_NOOP(flags))
4271 return 0;
4272
4273 data = unit_escape_setting(data, flags, &escaped);
4274 if (!data)
4275 return -ENOMEM;
4276
4277 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4278 * previous section header is the same */
4279
4280 if (flags & UNIT_PRIVATE) {
4281 if (!UNIT_VTABLE(u)->private_section)
4282 return -EINVAL;
4283
4284 if (!u->transient_file || u->last_section_private < 0)
4285 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4286 else if (u->last_section_private == 0)
4287 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4288 } else {
4289 if (!u->transient_file || u->last_section_private < 0)
4290 data = strjoina("[Unit]\n", data);
4291 else if (u->last_section_private > 0)
4292 data = strjoina("\n[Unit]\n", data);
4293 }
71645aca 4294
4f4afc88
LP		 4295 if (u->transient_file) {
4296 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4297 * write to the transient unit file. */
4298 fputs(data, u->transient_file);
4f4afc88 4299
2e59b241
LP		 4300 if (!endswith(data, "\n"))
4301 fputc('\n', u->transient_file);
4302
4303 /* Remember which section we wrote this entry to */
4304 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4305 return 0;
2e59b241 4306 }
8e2af478 4307
2e59b241 4308 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4309 if (!dir)
4310 return -EINVAL;
71645aca 4311
2a9a6f8a 4312 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4313 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4314 data,
4315 "\n");
e20b2a86 4316
815b09d3 4317 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4318 if (r < 0)
4319 return r;
4320
45639f1b 4321 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4322
4323 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4324 * recreate the cache after every drop-in we write. */
4325 if (u->manager->unit_path_cache) {
be327321 4326 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4327 if (r < 0)
4328 return r;
4329 }
4330
2a9a6f8a 4331 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4332 if (r < 0)
4333 return r;
4334
815b09d3 4335 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4336 if (r < 0)
4337 return r;
815b09d3 4338 q = NULL;
adb76a70 4339
adb76a70
WC		 4340 strv_uniq(u->dropin_paths);
4341
4342 u->dropin_mtime = now(CLOCK_REALTIME);
4343
4344 return 0;
26d04f86 4345}
71645aca 4346
2e59b241 4347int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4348 _cleanup_free_ char *p = NULL;
4349 va_list ap;
4350 int r;
4351
4352 assert(u);
4353 assert(name);
4354 assert(format);
4355
2e59b241 4356 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4357 return 0;
4358
4359 va_start(ap, format);
4360 r = vasprintf(&p, format, ap);
4361 va_end(ap);
4362
4363 if (r < 0)
4364 return -ENOMEM;
4365
2e59b241 4366 return unit_write_setting(u, flags, name, p);
b9ec9359 4367}
71645aca 4368
c2756a68 4369int unit_make_transient(Unit *u) {
0126c8f3 4370 _cleanup_free_ char *path = NULL;
4f4afc88 4371 FILE *f;
4f4afc88 4372
c2756a68
LP		 4373 assert(u);
4374
3f5e8115
LP		 4375 if (!UNIT_VTABLE(u)->can_transient)
4376 return -EOPNOTSUPP;
4377
45639f1b
LP		 4378 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4379
657ee2d8 4380 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4381 if (!path)
4382 return -ENOMEM;
4383
4384 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4385 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4386
78e334b5 4387 RUN_WITH_UMASK(0022) {
4f4afc88 4388 f = fopen(path, "we");
0126c8f3 4389 if (!f)
78e334b5 4390 return -errno;
4f4afc88
LP		 4391 }
4392
0126c8f3 4393 safe_fclose(u->transient_file);
4f4afc88
LP		 4394 u->transient_file = f;
4395
0126c8f3 4396 free_and_replace(u->fragment_path, path);
7c65093a 4397
7c65093a
LP		 4398 u->source_path = mfree(u->source_path);
4399 u->dropin_paths = strv_free(u->dropin_paths);
4400 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4401
4f4afc88
LP		 4402 u->load_state = UNIT_STUB;
4403 u->load_error = 0;
4404 u->transient = true;
4405
7c65093a
LP		 4406 unit_add_to_dbus_queue(u);
4407 unit_add_to_gc_queue(u);
c2756a68 4408
4f4afc88
LP		 4409 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4410 u->transient_file);
4411
3f5e8115 4412 return 0;
c2756a68
LP		 4413}
4414
c53d2d54 4415static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4416 _cleanup_free_ char *comm = NULL;
4417
4418 (void) get_process_comm(pid, &comm);
4419
4420 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4421 only, like for example systemd's own PAM stub process. */
4422 if (comm && comm[0] == '(')
c53d2d54 4423 return 0;
1d98fef1
LP		 4424
4425 log_unit_notice(userdata,
4426 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4427 pid,
4428 strna(comm),
4429 signal_to_string(sig));
c53d2d54
DB		 4430
4431 return 1;
1d98fef1
LP		 4432}
4433
4ab1670f 4434static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4435 assert(c);
4436
4437 switch (k) {
4438
4439 case KILL_TERMINATE:
4440 case KILL_TERMINATE_AND_LOG:
4ab1670f 4441 *noteworthy = false;
1d98fef1
LP		 4442 return c->kill_signal;
4443
a232ebcc 4444 case KILL_RESTART:
4ab1670f 4445 *noteworthy = false;
a232ebcc
ZJS		 4446 return restart_kill_signal(c);
4447
1d98fef1 4448 case KILL_KILL:
4ab1670f 4449 *noteworthy = true;
fbb48d4c 4450 return c->final_kill_signal;
1d98fef1 4451
c87700a1 4452 case KILL_WATCHDOG:
4ab1670f 4453 *noteworthy = true;
c87700a1 4454 return c->watchdog_signal;
1d98fef1
LP		 4455
4456 default:
4457 assert_not_reached("KillOperation unknown");
4458 }
4459}
4460
cd2086fe
LP		 4461int unit_kill_context(
4462 Unit *u,
4463 KillContext *c,
db2cb23b 4464 KillOperation k,
cd2086fe
LP		 4465 pid_t main_pid,
4466 pid_t control_pid,
4467 bool main_pid_alien) {
4468
1d98fef1 4469 bool wait_for_exit = false, send_sighup;
59ec09a8 4470 cg_kill_log_func_t log_func = NULL;
b821a397 4471 int sig, r;
cd2086fe
LP		 4472
4473 assert(u);
4474 assert(c);
4475
8aff7ac4
LP		 4476 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4477 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4478 * which is used for user-requested killing of unit processes. */
1d98fef1 4479
cd2086fe
LP		 4480 if (c->kill_mode == KILL_NONE)
4481 return 0;
4482
4ab1670f
ZJS		 4483 bool noteworthy;
4484 sig = operation_to_signal(c, k, &noteworthy);
4485 if (noteworthy)
4486 log_func = log_kill;
1d98fef1
LP		 4487
4488 send_sighup =
4489 c->send_sighup &&
4490 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4491 sig != SIGHUP;
4492
cd2086fe 4493 if (main_pid > 0) {
1d98fef1
LP		 4494 if (log_func)
4495 log_func(main_pid, sig, u);
cd2086fe 4496
1d98fef1 4497 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4498 if (r < 0 && r != -ESRCH) {
4499 _cleanup_free_ char *comm = NULL;
1d98fef1 4500 (void) get_process_comm(main_pid, &comm);
cd2086fe 4501
b821a397 4502 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4503 } else {
bc6aed7b
LP		 4504 if (!main_pid_alien)
4505 wait_for_exit = true;
82659fd7 4506
1d98fef1 4507 if (r != -ESRCH && send_sighup)
d0667321 4508 (void) kill(main_pid, SIGHUP);
82659fd7 4509 }
cd2086fe
LP		 4510 }
4511
4512 if (control_pid > 0) {
1d98fef1
LP		 4513 if (log_func)
4514 log_func(control_pid, sig, u);
cd2086fe 4515
1d98fef1 4516 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4517 if (r < 0 && r != -ESRCH) {
4518 _cleanup_free_ char *comm = NULL;
1d98fef1 4519 (void) get_process_comm(control_pid, &comm);
cd2086fe 4520
b821a397 4521 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4522 } else {
cd2086fe 4523 wait_for_exit = true;
82659fd7 4524
1d98fef1 4525 if (r != -ESRCH && send_sighup)
d0667321 4526 (void) kill(control_pid, SIGHUP);
82659fd7 4527 }
cd2086fe
LP		 4528 }
4529
b821a397
LP		 4530 if (u->cgroup_path &&
4531 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4532 _cleanup_set_free_ Set *pid_set = NULL;
4533
82659fd7
LP		 4534 /* Exclude the main/control pids from being killed via the cgroup */
4535 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4536 if (!pid_set)
4537 return -ENOMEM;
4538
1d98fef1
LP		 4539 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4540 sig,
4541 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4542 pid_set,
4543 log_func, u);
cd2086fe 4544 if (r < 0) {
4c701096 4545 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
b821a397
LP		 4546 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4547
82659fd7 4548 } else if (r > 0) {
bc6aed7b 4549
1d9cc876
LP		 4550 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4551 * we are running in a container or if this is a delegation unit, simply because cgroup
4552 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4553 * of containers it can be confused easily by left-over directories in the cgroup — which
4554 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4555 * there we get proper events. Hence rely on them. */
efdb0237 4556
c22800e4 4557 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4558 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4559 wait_for_exit = true;
58ea275a 4560
1d98fef1 4561 if (send_sighup) {
82659fd7
LP		 4562 set_free(pid_set);
4563
4564 pid_set = unit_pid_set(main_pid, control_pid);
4565 if (!pid_set)
4566 return -ENOMEM;
4567
c8aa4b5b
LP		 4568 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4569 SIGHUP,
4570 CGROUP_IGNORE_SELF,
4571 pid_set,
4572 NULL, NULL);
82659fd7
LP		 4573 }
4574 }
cd2086fe
LP		 4575 }
4576
4577 return wait_for_exit;
4578}
4579
eef85c4a 4580int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
ca8700e9 4581 _cleanup_free_ char *p = NULL;
eef85c4a 4582 UnitDependencyInfo di;
a57f7e2c
LP		 4583 int r;
4584
4585 assert(u);
4586 assert(path);
4587
eef85c4a
LP		 4588 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4589 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4590 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4591 * determine which units to make themselves a dependency of. */
a57f7e2c 4592
70b64bd3
ZJS		 4593 if (!path_is_absolute(path))
4594 return -EINVAL;
4595
548f6937 4596 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
eef85c4a
LP		 4597 if (r < 0)
4598 return r;
4599
a57f7e2c
LP		 4600 p = strdup(path);
4601 if (!p)
4602 return -ENOMEM;
4603
4ff361cc 4604 path = path_simplify(p);
a57f7e2c 4605
ca8700e9 4606 if (!path_is_normalized(path))
a57f7e2c 4607 return -EPERM;
a57f7e2c 4608
ca8700e9 4609 if (hashmap_contains(u->requires_mounts_for, path))
a57f7e2c 4610 return 0;
a57f7e2c 4611
eef85c4a
LP		 4612 di = (UnitDependencyInfo) {
4613 .origin_mask = mask
4614 };
4615
ca8700e9
ZJS		 4616 r = hashmap_put(u->requires_mounts_for, path, di.data);
4617 if (r < 0)
a57f7e2c 4618 return r;
ca8700e9 4619 p = NULL;
a57f7e2c 4620
4cb06c59 4621 char prefix[strlen(path) + 1];
ca8700e9 4622 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4623 Set *x;
4624
4625 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4626 if (!x) {
ca8700e9 4627 _cleanup_free_ char *q = NULL;
a57f7e2c 4628
548f6937 4629 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4630 if (r < 0)
4631 return r;
a57f7e2c
LP		 4632
4633 q = strdup(prefix);
4634 if (!q)
4635 return -ENOMEM;
4636
d5099efc 4637 x = set_new(NULL);
ca8700e9 4638 if (!x)
a57f7e2c 4639 return -ENOMEM;
a57f7e2c
LP		 4640
4641 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4642 if (r < 0) {
a57f7e2c
LP		 4643 set_free(x);
4644 return r;
4645 }
ca8700e9 4646 q = NULL;
a57f7e2c
LP		 4647 }
4648
4649 r = set_put(x, u);
4650 if (r < 0)
4651 return r;
4652 }
4653
4654 return 0;
4655}
4656
613b411c
LP		 4657int unit_setup_exec_runtime(Unit *u) {
4658 ExecRuntime **rt;
4659 size_t offset;
613b411c 4660 Unit *other;
e8a565cb 4661 int r;
613b411c
LP		 4662
4663 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4664 assert(offset > 0);
4665
06b643e7 4666 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4667 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4668 if (*rt)
4669 return 0;
4670
4671 /* Try to get it from somebody else */
15ed3c3a 4672 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4673 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4674 if (r == 1)
4675 return 1;
613b411c
LP		 4676 }
4677
e8a565cb 4678 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4679}
4680
29206d46
LP		 4681int unit_setup_dynamic_creds(Unit *u) {
4682 ExecContext *ec;
4683 DynamicCreds *dcreds;
4684 size_t offset;
4685
4686 assert(u);
4687
4688 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4689 assert(offset > 0);
4690 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4691
4692 ec = unit_get_exec_context(u);
4693 assert(ec);
4694
4695 if (!ec->dynamic_user)
4696 return 0;
4697
4698 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4699}
4700
1c2e9646
LP		 4701bool unit_type_supported(UnitType t) {
4702 if (_unlikely_(t < 0))
4703 return false;
4704 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4705 return false;
4706
4707 if (!unit_vtable[t]->supported)
4708 return true;
4709
4710 return unit_vtable[t]->supported();
4711}
4712
8b4305c7
LP		 4713void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4714 int r;
4715
4716 assert(u);
4717 assert(where);
4718
c2503e35
RH		 4719 if (!unit_log_level_test(u, LOG_NOTICE))
4720 return;
4721
8b4305c7 4722 r = dir_is_empty(where);
3f602115 4723 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4724 return;
4725 if (r < 0) {
4726 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4727 return;
4728 }
4729
c2503e35
RH		 4730 log_unit_struct(u, LOG_NOTICE,
4731 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4732 LOG_UNIT_INVOCATION_ID(u),
4733 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4734 "WHERE=%s", where);
8b4305c7
LP		 4735}
4736
25cd4964 4737int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4738 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4739 int r;
4740
4741 assert(u);
4742 assert(where);
4743
a5648b80 4744 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4745 if (r < 0) {
25cd4964 4746 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4747 return 0;
4748 }
25cd4964
AJ		 4749
4750 /* We will happily ignore a trailing slash (or any redundant slashes) */
4751 if (path_equal(where, canonical_where))
8b4305c7
LP		 4752 return 0;
4753
25cd4964 4754 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4755 log_unit_struct(u, LOG_ERR,
4756 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4757 LOG_UNIT_INVOCATION_ID(u),
4758 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4759 "WHERE=%s", where);
8b4305c7
LP		 4760
4761 return -ELOOP;
4762}
0f13f3bd
LP		 4763
4764bool unit_is_pristine(Unit *u) {
4765 assert(u);
4766
7c65093a 4767 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4768 * in a number of different ways. Note that to cater for unit
4769 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4770 * are marked UNIT_LOADED even though nothing was actually
4771 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4772
4773 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4774 u->fragment_path ||
4775 u->source_path ||
4776 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4777 u->job ||
4778 u->merged_into);
4779}
291d565a
LP		 4780
4781pid_t unit_control_pid(Unit *u) {
4782 assert(u);
4783
4784 if (UNIT_VTABLE(u)->control_pid)
4785 return UNIT_VTABLE(u)->control_pid(u);
4786
4787 return 0;
4788}
4789
4790pid_t unit_main_pid(Unit *u) {
4791 assert(u);
4792
4793 if (UNIT_VTABLE(u)->main_pid)
4794 return UNIT_VTABLE(u)->main_pid(u);
4795
4796 return 0;
4797}
00d9ef85
LP		 4798
4799static void unit_unref_uid_internal(
4800 Unit *u,
4801 uid_t *ref_uid,
4802 bool destroy_now,
4803 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4804
4805 assert(u);
4806 assert(ref_uid);
4807 assert(_manager_unref_uid);
4808
4809 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4810 * gid_t are actually the same time, with the same validity rules.
4811 *
4812 * Drops a reference to UID/GID from a unit. */
4813
4814 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4815 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4816
4817 if (!uid_is_valid(*ref_uid))
4818 return;
4819
4820 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4821 *ref_uid = UID_INVALID;
4822}
4823
b90cf102 4824static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4825 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4826}
4827
b90cf102 4828static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4829 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4830}
4831
b90cf102
LP		 4832void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4833 assert(u);
4834
4835 unit_unref_uid(u, destroy_now);
4836 unit_unref_gid(u, destroy_now);
4837}
4838
00d9ef85
LP		 4839static int unit_ref_uid_internal(
4840 Unit *u,
4841 uid_t *ref_uid,
4842 uid_t uid,
4843 bool clean_ipc,
4844 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4845
4846 int r;
4847
4848 assert(u);
4849 assert(ref_uid);
4850 assert(uid_is_valid(uid));
4851 assert(_manager_ref_uid);
4852
4853 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4854 * are actually the same type, and have the same validity rules.
4855 *
4856 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4857 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4858 * drops to zero. */
4859
4860 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4861 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4862
4863 if (*ref_uid == uid)
4864 return 0;
4865
4866 if (uid_is_valid(*ref_uid)) /* Already set? */
4867 return -EBUSY;
4868
4869 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4870 if (r < 0)
4871 return r;
4872
4873 *ref_uid = uid;
4874 return 1;
4875}
4876
b90cf102 4877static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4878 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4879}
4880
b90cf102 4881static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4882 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4883}
4884
4885static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4886 int r = 0, q = 0;
4887
4888 assert(u);
4889
4890 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4891
4892 if (uid_is_valid(uid)) {
4893 r = unit_ref_uid(u, uid, clean_ipc);
4894 if (r < 0)
4895 return r;
4896 }
4897
4898 if (gid_is_valid(gid)) {
4899 q = unit_ref_gid(u, gid, clean_ipc);
4900 if (q < 0) {
4901 if (r > 0)
4902 unit_unref_uid(u, false);
4903
4904 return q;
4905 }
4906 }
4907
4908 return r > 0 || q > 0;
4909}
4910
4911int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4912 ExecContext *c;
4913 int r;
4914
4915 assert(u);
4916
4917 c = unit_get_exec_context(u);
4918
4919 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4920 if (r < 0)
4921 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4922
4923 return r;
4924}
4925
00d9ef85
LP		 4926void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4927 int r;
4928
4929 assert(u);
4930
4931 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4932 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4933 * objects when no service references the UID/GID anymore. */
4934
4935 r = unit_ref_uid_gid(u, uid, gid);
4936 if (r > 0)
37d0b962 4937 unit_add_to_dbus_queue(u);
00d9ef85 4938}
4b58153d 4939
4b58153d
LP		 4940int unit_acquire_invocation_id(Unit *u) {
4941 sd_id128_t id;
4942 int r;
4943
4944 assert(u);
4945
4946 r = sd_id128_randomize(&id);
4947 if (r < 0)
4948 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4949
4950 r = unit_set_invocation_id(u, id);
4951 if (r < 0)
4952 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4953
af92c603 4954 unit_add_to_dbus_queue(u);
4b58153d
LP		 4955 return 0;
4956}
f0d47797 4957
1ad6e8b3
LP		 4958int unit_set_exec_params(Unit *u, ExecParameters *p) {
4959 int r;
4960
7960b0c7
LP		 4961 assert(u);
4962 assert(p);
f0d47797 4963
004c7f16 4964 /* Copy parameters from manager */
1ad6e8b3
LP		 4965 r = manager_get_effective_environment(u->manager, &p->environment);
4966 if (r < 0)
4967 return r;
4968
004c7f16
LP		 4969 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
4970 p->cgroup_supported = u->manager->cgroup_supported;
4971 p->prefix = u->manager->prefix;
4972 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
4973
5238e957 4974 /* Copy parameters from unit */
7960b0c7 4975 p->cgroup_path = u->cgroup_path;
1d9cc876 4976 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 4977
bb0c0d6f
LP		 4978 p->received_credentials = u->manager->received_credentials;
4979
1ad6e8b3 4980 return 0;
f0d47797 4981}
a79279c7 4982
4c253ed1 4983int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 4984 int r;
4985
4986 assert(u);
4987 assert(ret);
4988
4989 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4990 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4991
4992 (void) unit_realize_cgroup(u);
4993
4c253ed1
LP		 4994 r = safe_fork(name, FORK_REOPEN_LOG, ret);
4995 if (r != 0)
4996 return r;
a79279c7 4997
9c274488
LP		 4998 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
4999 (void) ignore_signals(SIGPIPE);
a79279c7 5000
4c253ed1 5001 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5002
4c253ed1
LP		 5003 if (u->cgroup_path) {
5004 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5005 if (r < 0) {
5006 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5007 _exit(EXIT_CGROUP);
a79279c7 5008 }
a79279c7
LP		 5009 }
5010
4c253ed1 5011 return 0;
a79279c7 5012}
c999cf38 5013
810ef318
YW		 5014int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5015 pid_t pid;
5016 int r;
5017
5018 assert(u);
5019 assert(ret_pid);
5020
5021 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5022 if (r < 0)
5023 return r;
5024 if (r == 0) {
5025 int ret = EXIT_SUCCESS;
5026 char **i;
5027
5028 STRV_FOREACH(i, paths) {
5029 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5030 if (r < 0) {
5031 log_error_errno(r, "Failed to remove '%s': %m", *i);
5032 ret = EXIT_FAILURE;
5033 }
5034 }
5035
5036 _exit(ret);
5037 }
5038
5039 r = unit_watch_pid(u, pid, true);
5040 if (r < 0)
5041 return r;
5042
5043 *ret_pid = pid;
5044 return 0;
5045}
5046
15ed3c3a
LP		 5047static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5048 assert(deps);
c999cf38
LP		 5049 assert(other);
5050
15ed3c3a 5051 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5052 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5053 assert_se(hashmap_remove(deps, other));
5054 else
c999cf38 5055 /* Mask was reduced, let's update the entry */
15ed3c3a 5056 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5057}
5058
5059void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5060 Hashmap *deps;
c999cf38
LP		 5061 assert(u);
5062
5063 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5064
5065 if (mask == 0)
5066 return;
5067
15ed3c3a 5068 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5069 bool done;
5070
5071 do {
5072 UnitDependencyInfo di;
5073 Unit *other;
c999cf38
LP		 5074
5075 done = true;
5076
15ed3c3a
LP		 5077 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5078 Hashmap *other_deps;
5079
1d6cc5d0 5080 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5081 continue;
15ed3c3a 5082
c999cf38 5083 di.origin_mask &= ~mask;
15ed3c3a 5084 unit_update_dependency_mask(deps, other, di);
c999cf38 5085
defe63b0
LP		 5086 /* We updated the dependency from our unit to the other unit now. But most
5087 * dependencies imply a reverse dependency. Hence, let's delete that one
5088 * too. For that we go through all dependency types on the other unit and
5089 * delete all those which point to us and have the right mask set. */
c999cf38 5090
15ed3c3a 5091 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5092 UnitDependencyInfo dj;
5093
15ed3c3a 5094 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5095 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5096 continue;
c999cf38 5097
15ed3c3a
LP		 5098 dj.destination_mask &= ~mask;
5099 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5100 }
5101
5102 unit_add_to_gc_queue(other);
5103
5104 done = false;
5105 break;
5106 }
5107
5108 } while (!done);
5109 }
5110}
d3070fbd 5111
2f8c48b6
AZ		 5112static int unit_get_invocation_path(Unit *u, char **ret) {
5113 char *p;
5114 int r;
5115
5116 assert(u);
5117 assert(ret);
5118
5119 if (MANAGER_IS_SYSTEM(u->manager))
5120 p = strjoin("/run/systemd/units/invocation:", u->id);
5121 else {
5122 _cleanup_free_ char *user_path = NULL;
5123 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5124 if (r < 0)
5125 return r;
5126 p = strjoin(user_path, u->id);
5127 }
5128
5129 if (!p)
5130 return -ENOMEM;
5131
5132 *ret = p;
5133 return 0;
5134}
5135
d3070fbd 5136static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5137 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5138 int r;
5139
5140 assert(u);
5141
5142 if (u->exported_invocation_id)
5143 return 0;
5144
5145 if (sd_id128_is_null(u->invocation_id))
5146 return 0;
5147
2f8c48b6
AZ		 5148 r = unit_get_invocation_path(u, &p);
5149 if (r < 0)
5150 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5151
a3f5fd96 5152 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5153 if (r < 0)
5154 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5155
5156 u->exported_invocation_id = true;
5157 return 0;
5158}
5159
5160static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5161 const char *p;
5162 char buf[2];
5163 int r;
5164
5165 assert(u);
5166 assert(c);
5167
5168 if (u->exported_log_level_max)
5169 return 0;
5170
5171 if (c->log_level_max < 0)
5172 return 0;
5173
5174 assert(c->log_level_max <= 7);
5175
5176 buf[0] = '0' + c->log_level_max;
5177 buf[1] = 0;
5178
5179 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5180 r = symlink_atomic(buf, p);
5181 if (r < 0)
5182 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5183
5184 u->exported_log_level_max = true;
5185 return 0;
5186}
5187
5188static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5189 _cleanup_close_ int fd = -1;
5190 struct iovec *iovec;
5191 const char *p;
5192 char *pattern;
5193 le64_t *sizes;
5194 ssize_t n;
d3070fbd
LP		 5195 int r;
5196
5197 if (u->exported_log_extra_fields)
5198 return 0;
5199
5200 if (c->n_log_extra_fields <= 0)
5201 return 0;
5202
5203 sizes = newa(le64_t, c->n_log_extra_fields);
5204 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5205
12375b95 5206 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5207 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5208
5209 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5210 iovec[i*2+1] = c->log_extra_fields[i];
5211 }
5212
5213 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5214 pattern = strjoina(p, ".XXXXXX");
5215
5216 fd = mkostemp_safe(pattern);
5217 if (fd < 0)
5218 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5219
5220 n = writev(fd, iovec, c->n_log_extra_fields*2);
5221 if (n < 0) {
5222 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5223 goto fail;
5224 }
5225
5226 (void) fchmod(fd, 0644);
5227
5228 if (rename(pattern, p) < 0) {
5229 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5230 goto fail;
5231 }
5232
5233 u->exported_log_extra_fields = true;
5234 return 0;
5235
5236fail:
5237 (void) unlink(pattern);
5238 return r;
5239}
5240
5ac1530e 5241static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5242 _cleanup_free_ char *buf = NULL;
5243 const char *p;
5244 int r;
5245
5246 assert(u);
5247 assert(c);
5248
5ac1530e 5249 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5250 return 0;
5251
5ac1530e 5252 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5253 return 0;
5254
5255 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5256
5ac1530e 5257 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5258 return log_oom();
5259
5260 r = symlink_atomic(buf, p);
5261 if (r < 0)
5262 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5263
5ac1530e 5264 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5265 return 0;
5266}
5267
5ac1530e 5268static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5269 _cleanup_free_ char *buf = NULL;
5270 const char *p;
5271 int r;
5272
5273 assert(u);
5274 assert(c);
5275
5ac1530e 5276 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5277 return 0;
5278
5ac1530e 5279 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5280 return 0;
5281
5282 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5283
5ac1530e 5284 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5285 return log_oom();
5286
5287 r = symlink_atomic(buf, p);
5288 if (r < 0)
5289 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5290
5ac1530e 5291 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5292 return 0;
5293}
5294
d3070fbd
LP		 5295void unit_export_state_files(Unit *u) {
5296 const ExecContext *c;
5297
5298 assert(u);
5299
5300 if (!u->id)
5301 return;
5302
638cece4 5303 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5304 return;
5305
d3070fbd
LP		 5306 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5307 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5308 * the IPC system itself and PID 1 also log to the journal.
5309 *
5310 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5311 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5312 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5313 * namespace at least.
5314 *
5315 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5316 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5317 * them with one. */
5318
5319 (void) unit_export_invocation_id(u);
5320
2f8c48b6
AZ		 5321 if (!MANAGER_IS_SYSTEM(u->manager))
5322 return;
5323
d3070fbd
LP		 5324 c = unit_get_exec_context(u);
5325 if (c) {
5326 (void) unit_export_log_level_max(u, c);
5327 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5328 (void) unit_export_log_ratelimit_interval(u, c);
5329 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5330 }
5331}
5332
5333void unit_unlink_state_files(Unit *u) {
5334 const char *p;
5335
5336 assert(u);
5337
5338 if (!u->id)
5339 return;
5340
d3070fbd
LP		 5341 /* Undoes the effect of unit_export_state() */
5342
5343 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5344 _cleanup_free_ char *invocation_path = NULL;
5345 int r = unit_get_invocation_path(u, &invocation_path);
5346 if (r >= 0) {
5347 (void) unlink(invocation_path);
5348 u->exported_invocation_id = false;
5349 }
d3070fbd
LP		 5350 }
5351
2f8c48b6
AZ		 5352 if (!MANAGER_IS_SYSTEM(u->manager))
5353 return;
5354
d3070fbd
LP		 5355 if (u->exported_log_level_max) {
5356 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5357 (void) unlink(p);
5358
5359 u->exported_log_level_max = false;
5360 }
5361
5362 if (u->exported_log_extra_fields) {
5363 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5364 (void) unlink(p);
5365
5366 u->exported_log_extra_fields = false;
5367 }
90fc172e 5368
5ac1530e 5369 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5370 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5371 (void) unlink(p);
5372
5ac1530e 5373 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5374 }
5375
5ac1530e 5376 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5377 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5378 (void) unlink(p);
5379
5ac1530e 5380 u->exported_log_ratelimit_burst = false;
90fc172e 5381 }
d3070fbd 5382}
5afe510c 5383
3c7416b6
LP		 5384int unit_prepare_exec(Unit *u) {
5385 int r;
5386
5387 assert(u);
5388
fab34748
KL		 5389 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5390 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5391 r = bpf_firewall_load_custom(u);
5392 if (r < 0)
5393 return r;
5394
3c7416b6
LP		 5395 /* Prepares everything so that we can fork of a process for this unit */
5396
5397 (void) unit_realize_cgroup(u);
5398
5399 if (u->reset_accounting) {
9b2559a1 5400 (void) unit_reset_accounting(u);
3c7416b6
LP		 5401 u->reset_accounting = false;
5402 }
5403
5404 unit_export_state_files(u);
5405
5406 r = unit_setup_exec_runtime(u);
5407 if (r < 0)
5408 return r;
5409
5410 r = unit_setup_dynamic_creds(u);
5411 if (r < 0)
5412 return r;
5413
5414 return 0;
5415}
5416
4c425434
LP		 5417static bool ignore_leftover_process(const char *comm) {
5418 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5419}
5420
5421int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5422 _cleanup_free_ char *comm = NULL;
5423
5424 (void) get_process_comm(pid, &comm);
5425
4c425434 5426 if (ignore_leftover_process(comm))
c53d2d54 5427 return 0;
a4634b21 5428
4c425434
LP		 5429 /* During start we print a warning */
5430
a4634b21
LP		 5431 log_unit_warning(userdata,
5432 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5433 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5434 pid, strna(comm));
c53d2d54
DB		 5435
5436 return 1;
a4634b21
LP		 5437}
5438
4c425434
LP		 5439int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5440 _cleanup_free_ char *comm = NULL;
5441
5442 (void) get_process_comm(pid, &comm);
5443
5444 if (ignore_leftover_process(comm))
5445 return 0;
5446
5447 /* During stop we only print an informational message */
5448
5449 log_unit_info(userdata,
5450 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5451 pid, strna(comm));
5452
5453 return 1;
5454}
5455
5456int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5457 assert(u);
5458
5459 (void) unit_pick_cgroup_path(u);
5460
5461 if (!u->cgroup_path)
c53d2d54 5462 return 0;
a4634b21 5463
4c425434 5464 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5465}
5466
bb2c7685
LP		 5467bool unit_needs_console(Unit *u) {
5468 ExecContext *ec;
5469 UnitActiveState state;
5470
5471 assert(u);
5472
5473 state = unit_active_state(u);
5474
5475 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5476 return false;
5477
5478 if (UNIT_VTABLE(u)->needs_console)
5479 return UNIT_VTABLE(u)->needs_console(u);
5480
5481 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5482 ec = unit_get_exec_context(u);
5483 if (!ec)
5484 return false;
5485
5486 return exec_context_may_touch_console(ec);
5487}
5488
f156e60c 5489const char *unit_label_path(const Unit *u) {
81e9871e
LP		 5490 const char *p;
5491
f156e60c
CG		 5492 assert(u);
5493
81e9871e
LP		 5494 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5495 * when validating access checks. */
5496
5497 p = u->source_path ?: u->fragment_path;
5498 if (!p)
5499 return NULL;
5500
5501 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
640f3b14 5502 if (null_or_empty_path(p) > 0)
81e9871e
LP		 5503 return NULL;
5504
5505 return p;
5506}
5507
6592b975
LP		 5508int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5509 int r;
5510
5511 assert(u);
5512
5513 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5514 * and not a kernel thread either */
5515
5516 /* First, a simple range check */
5517 if (!pid_is_valid(pid))
5518 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5519
5520 /* Some extra safety check */
5521 if (pid == 1 || pid == getpid_cached())
3fe91079 5522 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5523
5524 /* Don't even begin to bother with kernel threads */
5525 r = is_kernel_thread(pid);
5526 if (r == -ESRCH)
5527 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5528 if (r < 0)
5529 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5530 if (r > 0)
5531 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5532
5533 return 0;
5534}
5535
523ee2d4
LP		 5536void unit_log_success(Unit *u) {
5537 assert(u);
5538
c2503e35
RH		 5539 log_unit_struct(u, LOG_INFO,
5540 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5541 LOG_UNIT_INVOCATION_ID(u),
5542 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5543}
5544
7c047d74
LP		 5545void unit_log_failure(Unit *u, const char *result) {
5546 assert(u);
5547 assert(result);
5548
c2503e35
RH		 5549 log_unit_struct(u, LOG_WARNING,
5550 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5551 LOG_UNIT_INVOCATION_ID(u),
5552 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5553 "UNIT_RESULT=%s", result);
7c047d74
LP		 5554}
5555
31cd5f63
AZ		 5556void unit_log_skip(Unit *u, const char *result) {
5557 assert(u);
5558 assert(result);
5559
c2503e35
RH		 5560 log_unit_struct(u, LOG_INFO,
5561 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5562 LOG_UNIT_INVOCATION_ID(u),
5563 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5564 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5565}
5566
91bbd9b7
LP		 5567void unit_log_process_exit(
5568 Unit *u,
91bbd9b7
LP		 5569 const char *kind,
5570 const char *command,
5cc2cd1c 5571 bool success,
91bbd9b7
LP		 5572 int code,
5573 int status) {
5574
5cc2cd1c
ZJS		 5575 int level;
5576
91bbd9b7
LP		 5577 assert(u);
5578 assert(kind);
5579
5cc2cd1c
ZJS		 5580 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5581 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5582 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5583 * WARNING. */
5584 if (success)
5585 level = LOG_DEBUG;
5586 else if (code == CLD_EXITED)
5587 level = LOG_NOTICE;
5588 else
91bbd9b7
LP		 5589 level = LOG_WARNING;
5590
c2503e35
RH		 5591 log_unit_struct(u, level,
5592 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
5593 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
5594 kind,
5595 sigchld_code_to_string(code), status,
5596 strna(code == CLD_EXITED
5597 ? exit_status_to_string(status, EXIT_STATUS_FULL)
5598 : signal_to_string(status))),
5599 "EXIT_CODE=%s", sigchld_code_to_string(code),
5600 "EXIT_STATUS=%i", status,
5601 "COMMAND=%s", strna(command),
5602 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5603}
5604
7af67e9a
LP		 5605int unit_exit_status(Unit *u) {
5606 assert(u);
5607
5608 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5609 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5610 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5611 * service process has exited abnormally (signal/coredump). */
5612
5613 if (!UNIT_VTABLE(u)->exit_status)
5614 return -EOPNOTSUPP;
5615
5616 return UNIT_VTABLE(u)->exit_status(u);
5617}
5618
5619int unit_failure_action_exit_status(Unit *u) {
5620 int r;
5621
5622 assert(u);
5623
5624 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5625
5626 if (u->failure_action_exit_status >= 0)
5627 return u->failure_action_exit_status;
5628
5629 r = unit_exit_status(u);
5630 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5631 return 255;
5632
5633 return r;
5634}
5635
5636int unit_success_action_exit_status(Unit *u) {
5637 int r;
5638
5639 assert(u);
5640
5641 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5642
5643 if (u->success_action_exit_status >= 0)
5644 return u->success_action_exit_status;
5645
5646 r = unit_exit_status(u);
5647 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5648 return 255;
5649
5650 return r;
5651}
5652
a4191c9f
LP		 5653int unit_test_trigger_loaded(Unit *u) {
5654 Unit *trigger;
5655
5656 /* Tests whether the unit to trigger is loaded */
5657
5658 trigger = UNIT_TRIGGER(u);
5659 if (!trigger)
e7b9f4d9
ZJS		 5660 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5661 "Refusing to start, no unit to trigger.");
a4191c9f 5662 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5663 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5664 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5665
5666 return 0;
5667}
5668
bb0c0d6f
LP		 5669void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5670 assert(u);
5671 assert(context);
5672
95939aed
YW		 5673 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5674 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5675 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5676
5677 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5678}
5679
380dc8b0
LP		 5680int unit_clean(Unit *u, ExecCleanMask mask) {
5681 UnitActiveState state;
5682
5683 assert(u);
5684
5685 /* Special return values:
5686 *
5687 * -EOPNOTSUPP → cleaning not supported for this unit type
5688 * -EUNATCH → cleaning not defined for this resource type
5689 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5690 * a job queued or similar
5691 */
5692
5693 if (!UNIT_VTABLE(u)->clean)
5694 return -EOPNOTSUPP;
5695
5696 if (mask == 0)
5697 return -EUNATCH;
5698
5699 if (u->load_state != UNIT_LOADED)
5700 return -EBUSY;
5701
5702 if (u->job)
5703 return -EBUSY;
5704
5705 state = unit_active_state(u);
5706 if (!IN_SET(state, UNIT_INACTIVE))
5707 return -EBUSY;
5708
5709 return UNIT_VTABLE(u)->clean(u, mask);
5710}
5711
5712int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5713 assert(u);
5714
5715 if (!UNIT_VTABLE(u)->clean ||
5716 u->load_state != UNIT_LOADED) {
5717 *ret = 0;
5718 return 0;
5719 }
5720
5721 /* When the clean() method is set, can_clean() really should be set too */
5722 assert(UNIT_VTABLE(u)->can_clean);
5723
5724 return UNIT_VTABLE(u)->can_clean(u, ret);
5725}
5726
d9e45bc3
MS		 5727bool unit_can_freeze(Unit *u) {
5728 assert(u);
5729
5730 if (UNIT_VTABLE(u)->can_freeze)
5731 return UNIT_VTABLE(u)->can_freeze(u);
5732
5733 return UNIT_VTABLE(u)->freeze;
5734}
5735
5736void unit_frozen(Unit *u) {
5737 assert(u);
5738
5739 u->freezer_state = FREEZER_FROZEN;
5740
5741 bus_unit_send_pending_freezer_message(u);
5742}
5743
5744void unit_thawed(Unit *u) {
5745 assert(u);
5746
5747 u->freezer_state = FREEZER_RUNNING;
5748
5749 bus_unit_send_pending_freezer_message(u);
5750}
5751
5752static int unit_freezer_action(Unit *u, FreezerAction action) {
5753 UnitActiveState s;
5754 int (*method)(Unit*);
5755 int r;
5756
5757 assert(u);
5758 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5759
5760 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5761 if (!method || !cg_freezer_supported())
5762 return -EOPNOTSUPP;
5763
5764 if (u->job)
5765 return -EBUSY;
5766
5767 if (u->load_state != UNIT_LOADED)
5768 return -EHOSTDOWN;
5769
5770 s = unit_active_state(u);
5771 if (s != UNIT_ACTIVE)
5772 return -EHOSTDOWN;
5773
5774 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5775 return -EALREADY;
5776
5777 r = method(u);
5778 if (r <= 0)
5779 return r;
5780
5781 return 1;
5782}
5783
5784int unit_freeze(Unit *u) {
5785 return unit_freezer_action(u, FREEZER_FREEZE);
5786}
5787
5788int unit_thaw(Unit *u) {
5789 return unit_freezer_action(u, FREEZER_THAW);
5790}
5791
5792/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5793int unit_freeze_vtable_common(Unit *u) {
5794 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5795}
5796
5797int unit_thaw_vtable_common(Unit *u) {
5798 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5799}
5800
5afe510c
LP		 5801static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5802 [COLLECT_INACTIVE] = "inactive",
5803 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5804};
5805
5806DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5807
5808Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5809 Unit *i;
5810
5811 assert(u);
5812
5813 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5814 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5815 * is NULL the first entry found), or NULL if not found. */
5816
5817 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5818 if (!other || other == i)
5819 return i;
5820
5821 return NULL;
5822}
5823
5824int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5825 _cleanup_free_ Unit **array = NULL;
5826 size_t n = 0;
5827 Unit *other;
5828
5829 assert(u);
5830 assert(ret_array);
5831
5832 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5833 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
5834 * while the dependency table is continously updated. */
5835
5836 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5837 if (!GREEDY_REALLOC(array, n + 1))
5838 return -ENOMEM;
5839
5840 array[n++] = other;
5841 }
5842
5843 *ret_array = TAKE_PTR(array);
5844
5845 assert(n <= INT_MAX);
5846 return (int) n;
5847}
Unnamed repository; edit this file 'description' to name the repository.