]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tree-wide: use ASSERT_PTR more
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394
LP		 16#include "bus-common-errors.h"
17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f4351959 20#include "chase-symlinks.h"
e30bbc90 21#include "core-varlink.h"
4f5dd394
LP		 22#include "dbus-unit.h"
23#include "dbus.h"
24#include "dropin.h"
25#include "escape.h"
26#include "execute.h"
6a48d82f 27#include "fd-util.h"
a5c32cff 28#include "fileio-label.h"
ee228be1 29#include "fileio.h"
f97b34a6 30#include "format-util.h"
4b58153d 31#include "id128-util.h"
5cfa33e0 32#include "install.h"
2d3b784d 33#include "io-util.h"
a3f5fd96 34#include "label.h"
4f5dd394
LP		 35#include "load-dropin.h"
36#include "load-fragment.h"
37#include "log.h"
38#include "macro.h"
f5947a5e 39#include "missing_audit.h"
35cd0ba5 40#include "mkdir-label.h"
4f5dd394 41#include "path-util.h"
0b452006 42#include "process-util.h"
810ef318 43#include "rm-rf.h"
48b92b37 44#include "serialize.h"
4f5dd394 45#include "set.h"
6eb7c172 46#include "signal-util.h"
d3070fbd 47#include "sparse-endian.h"
e9db43d5 48#include "special.h"
2e59b241 49#include "specifier.h"
8fcde012 50#include "stat-util.h"
d054f0a4 51#include "stdio-util.h"
5afe510c 52#include "string-table.h"
07630cea 53#include "string-util.h"
4f5dd394 54#include "strv.h"
5b262f74 55#include "terminal-util.h"
e4de7287 56#include "tmpfile-util.h"
4f4afc88 57#include "umask-util.h"
4f5dd394 58#include "unit-name.h"
e9db43d5 59#include "unit.h"
b1d4f8e1
LP		 60#include "user-util.h"
61#include "virt.h"
91ce91c7
JK		 62#if BPF_FRAMEWORK
63#include "bpf-link.h"
64#endif
87f0e418 65
37109b85
ZJS		 66/* Thresholds for logging at INFO level about resource consumption */
67#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
68#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
69#define MENTIONWORTHY_IP_BYTES (0ULL)
70
71/* Thresholds for logging at INFO level about resource consumption */
72#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
73#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
74#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
75
87f0e418
LP		 76const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
77 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 78 [UNIT_SOCKET] = &socket_vtable,
79 [UNIT_TARGET] = &target_vtable,
80 [UNIT_DEVICE] = &device_vtable,
81 [UNIT_MOUNT] = &mount_vtable,
82 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 83 [UNIT_SWAP] = &swap_vtable,
e821075a 84 [UNIT_TIMER] = &timer_vtable,
a016b922 85 [UNIT_PATH] = &path_vtable,
6c12b52e 86 [UNIT_SLICE] = &slice_vtable,
5afe510c 87 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 88};
89
75db809a 90Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 91 Unit *u;
92
93 assert(m);
ac155bb8 94 assert(size >= sizeof(Unit));
87f0e418 95
7d17cfbc
MS		 96 u = malloc0(size);
97 if (!u)
87f0e418
LP		 98 return NULL;
99
ac155bb8
MS		 100 u->manager = m;
101 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 102 u->default_dependencies = true;
103 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 104 u->unit_file_preset = -1;
d420282b 105 u->on_failure_job_mode = JOB_REPLACE;
294446dc 106 u->on_success_job_mode = JOB_FAIL;
0bb814c2 107 u->cgroup_control_inotify_wd = -1;
afcfaa69 108 u->cgroup_memory_inotify_wd = -1;
36c16a7c 109 u->job_timeout = USEC_INFINITY;
a2df3ea4 110 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 111 u->ref_uid = UID_INVALID;
112 u->ref_gid = GID_INVALID;
fe700f46 113 u->cpu_usage_last = NSEC_INFINITY;
17f14955 114 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 115 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 116
6a48d82f
DM		 117 u->ip_accounting_ingress_map_fd = -1;
118 u->ip_accounting_egress_map_fd = -1;
0fd9c28c
LP		 119 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
120 u->io_accounting_last[i] = UINT64_MAX;
121
6a48d82f
DM		 122 u->ipv4_allow_map_fd = -1;
123 u->ipv6_allow_map_fd = -1;
124 u->ipv4_deny_map_fd = -1;
125 u->ipv6_deny_map_fd = -1;
126
2e59b241
LP		 127 u->last_section_private = -1;
128
7bf081a1 129 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 130 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 131
87f0e418
LP		 132 return u;
133}
134
a581e45a 135int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 136 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 137 int r;
138
139 u = unit_new(m, size);
140 if (!u)
141 return -ENOMEM;
142
143 r = unit_add_name(u, name);
dc409696 144 if (r < 0)
a581e45a 145 return r;
a581e45a 146
1cc6c93a
YW		 147 *ret = TAKE_PTR(u);
148
a581e45a
LP		 149 return r;
150}
151
303ee601 152bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 153 assert(u);
154 assert(name);
155
4562c355
ZJS		 156 return streq_ptr(name, u->id) ||
157 set_contains(u->aliases, name);
f278026d
LP		 158}
159
598459ce
LP		 160static void unit_init(Unit *u) {
161 CGroupContext *cc;
162 ExecContext *ec;
163 KillContext *kc;
164
165 assert(u);
166 assert(u->manager);
167 assert(u->type >= 0);
168
169 cc = unit_get_cgroup_context(u);
170 if (cc) {
171 cgroup_context_init(cc);
172
173 /* Copy in the manager defaults into the cgroup
174 * context, _before_ the rest of the settings have
175 * been initialized */
176
177 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 178 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 179 cc->blockio_accounting = u->manager->default_blockio_accounting;
180 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 181 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 182 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 183
184 if (u->type != UNIT_SLICE)
185 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 186 }
187
188 ec = unit_get_exec_context(u);
b1edf445 189 if (ec) {
598459ce
LP		 190 exec_context_init(ec);
191
d4a402e4
LP		 192 if (u->manager->default_oom_score_adjust_set) {
193 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
194 ec->oom_score_adjust_set = true;
195 }
196
5e37d193
FB		 197 if (MANAGER_IS_SYSTEM(u->manager))
198 ec->keyring_mode = EXEC_KEYRING_SHARED;
199 else {
200 ec->keyring_mode = EXEC_KEYRING_INHERIT;
201
202 /* User manager might have its umask redefined by PAM or UMask=. In this
203 * case let the units it manages inherit this value by default. They can
204 * still tune this value through their own unit file */
205 (void) get_process_umask(getpid_cached(), &ec->umask);
206 }
b1edf445
LP		 207 }
208
598459ce
LP		 209 kc = unit_get_kill_context(u);
210 if (kc)
211 kill_context_init(kc);
212
213 if (UNIT_VTABLE(u)->init)
214 UNIT_VTABLE(u)->init(u);
215}
216
4562c355
ZJS		 217static int unit_add_alias(Unit *u, char *donated_name) {
218 int r;
219
220 /* Make sure that u->names is allocated. We may leave u->names
221 * empty if we fail later, but this is not a problem. */
973bc32a 222 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 223 if (r < 0)
224 return r;
225 assert(r > 0);
226
227 return 0;
228}
229
87f0e418 230int unit_add_name(Unit *u, const char *text) {
4562c355 231 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 232 UnitType t;
87f0e418
LP		 233 int r;
234
235 assert(u);
236 assert(text);
237
7410616c 238 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 239 if (!u->instance)
acd1987a
WY		 240 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
241 "instance is not set when adding name '%s': %m", text);
87f0e418 242
4562c355 243 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 244 if (r < 0)
acd1987a
WY		 245 return log_unit_debug_errno(u, r,
246 "failed to build instance name from '%s': %m", text);
7410616c 247 } else {
4562c355
ZJS		 248 name = strdup(text);
249 if (!name)
7410616c
LP		 250 return -ENOMEM;
251 }
87f0e418 252
4562c355 253 if (unit_has_name(u, name))
7410616c 254 return 0;
4562c355
ZJS		 255
256 if (hashmap_contains(u->manager->units, name))
acd1987a 257 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 258 "unit already exist when adding name '%s': %m", name);
7410616c 259
4562c355 260 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 261 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 262 "name '%s' is invalid: %m", name);
e537352b 263
4562c355 264 t = unit_name_to_type(name);
7410616c 265 if (t < 0)
acd1987a 266 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 267 "failed to derive unit type from name '%s': %m", name);
87f0e418 268
598459ce 269 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 270 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
271 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 272 u->type, t, name);
87f0e418 273
4562c355 274 r = unit_name_to_instance(name, &instance);
e48614c4 275 if (r < 0)
4562c355 276 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 277
4562c355
ZJS		 278 if (instance && !unit_type_may_template(t))
279 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 280
d383acad
ZJS		 281 /* Ensure that this unit either has no instance, or that the instance matches. */
282 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 283 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 284 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
285 name, instance, u->instance);
9e2f7c11 286
4562c355 287 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 288 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
289 "cannot add name %s, aliases are not allowed for %s units.",
290 name, unit_type_to_string(t));
9e2f7c11 291
598459ce 292 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 293 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 294
4562c355
ZJS		 295 /* Add name to the global hashmap first, because that's easier to undo */
296 r = hashmap_put(u->manager->units, name, u);
7410616c 297 if (r < 0)
acd1987a 298 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 299
4562c355
ZJS		 300 if (u->id) {
301 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
302 if (r < 0) {
303 hashmap_remove(u->manager->units, name);
304 return r;
305 }
306 TAKE_PTR(name);
307
308 } else {
309 /* A new name, we don't need the set yet. */
310 assert(u->type == _UNIT_TYPE_INVALID);
311 assert(!u->instance);
312
ac155bb8 313 u->type = t;
4562c355
ZJS		 314 u->id = TAKE_PTR(name);
315 u->instance = TAKE_PTR(instance);
9e2f7c11 316
71fda00f 317 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 318 unit_init(u);
598459ce 319 }
9e2f7c11 320
598459ce
LP		 321 unit_add_to_dbus_queue(u);
322 return 0;
87f0e418
LP		 323}
324
0ae97ec1 325int unit_choose_id(Unit *u, const char *name) {
68eda4bd 326 _cleanup_free_ char *t = NULL;
4562c355 327 char *s;
276c3e78 328 int r;
0ae97ec1
LP		 329
330 assert(u);
331 assert(name);
332
7410616c 333 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 334 if (!u->instance)
9e2f7c11
LP		 335 return -EINVAL;
336
7410616c
LP		 337 r = unit_name_replace_instance(name, u->instance, &t);
338 if (r < 0)
339 return r;
9e2f7c11
LP		 340
341 name = t;
342 }
343
4562c355
ZJS		 344 if (streq_ptr(u->id, name))
345 return 0; /* Nothing to do. */
346
347 /* Selects one of the aliases of this unit as the id */
348 s = set_get(u->aliases, (char*) name);
9e2f7c11 349 if (!s)
0ae97ec1
LP		 350 return -ENOENT;
351
4562c355
ZJS		 352 if (u->id) {
353 r = set_remove_and_put(u->aliases, name, u->id);
354 if (r < 0)
355 return r;
356 } else
357 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 358
4562c355 359 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 360 unit_add_to_dbus_queue(u);
9e2f7c11 361
0ae97ec1
LP		 362 return 0;
363}
364
f50e0a01 365int unit_set_description(Unit *u, const char *description) {
84b26d51 366 int r;
f50e0a01
LP		 367
368 assert(u);
369
84b26d51
LP		 370 r = free_and_strdup(&u->description, empty_to_null(description));
371 if (r < 0)
372 return r;
373 if (r > 0)
374 unit_add_to_dbus_queue(u);
c1e1601e 375
f50e0a01
LP		 376 return 0;
377}
378
02de9614
ZJS		 379static bool unit_success_failure_handler_has_jobs(Unit *unit) {
380 Unit *other;
381
382 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
383 if (other->job || other->nop_job)
384 return true;
385
386 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
387 if (other->job || other->nop_job)
388 return true;
389
390 return false;
391}
392
f2f725e5 393bool unit_may_gc(Unit *u) {
a354329f 394 UnitActiveState state;
e98b2fbb 395 int r;
5afe510c 396
701cc384
LP		 397 assert(u);
398
f2f725e5
ZJS		 399 /* Checks whether the unit is ready to be unloaded for garbage collection.
400 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 401 * reason to keep it loaded.
402 *
403 * References from other units are *not* checked here. Instead, this is done
404 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
405 */
5afe510c 406
02de9614 407 if (u->job || u->nop_job)
f2f725e5 408 return false;
6c073082 409
a354329f
LP		 410 state = unit_active_state(u);
411
7eb2a8a1 412 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 413 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
414 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 415 UNIT_VTABLE(u)->release_resources(u);
a354329f 416
f5869324 417 if (u->perpetual)
f2f725e5 418 return false;
9d576438 419
05a98afd 420 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 421 return false;
05a98afd 422
5afe510c
LP		 423 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
424 switch (u->collect_mode) {
425
426 case COLLECT_INACTIVE:
427 if (state != UNIT_INACTIVE)
f2f725e5 428 return false;
5afe510c
LP		 429
430 break;
431
432 case COLLECT_INACTIVE_OR_FAILED:
433 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 434 return false;
5afe510c
LP		 435
436 break;
437
438 default:
04499a70 439 assert_not_reached();
5afe510c
LP		 440 }
441
02de9614
ZJS		 442 /* Check if any OnFailure= or on Success= jobs may be pending */
443 if (unit_success_failure_handler_has_jobs(u))
444 return false;
445
e98b2fbb
LP		 446 if (u->cgroup_path) {
447 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
448 * around. Units with active processes should never be collected. */
449
450 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
451 if (r < 0)
6178e2f8 452 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 453 if (r <= 0)
f2f725e5 454 return false;
e98b2fbb
LP		 455 }
456
f2f725e5
ZJS		 457 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
458 return false;
701cc384 459
f2f725e5 460 return true;
701cc384
LP		 461}
462
87f0e418
LP		 463void unit_add_to_load_queue(Unit *u) {
464 assert(u);
ac155bb8 465 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 466
ac155bb8 467 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 468 return;
469
71fda00f 470 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 471 u->in_load_queue = true;
87f0e418
LP		 472}
473
23a177ef
LP		 474void unit_add_to_cleanup_queue(Unit *u) {
475 assert(u);
476
ac155bb8 477 if (u->in_cleanup_queue)
23a177ef
LP		 478 return;
479
71fda00f 480 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 481 u->in_cleanup_queue = true;
23a177ef
LP		 482}
483
701cc384
LP		 484void unit_add_to_gc_queue(Unit *u) {
485 assert(u);
486
ac155bb8 487 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 488 return;
489
f2f725e5 490 if (!unit_may_gc(u))
701cc384
LP		 491 return;
492
c5a97ed1 493 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 494 u->in_gc_queue = true;
701cc384
LP		 495}
496
c1e1601e
LP		 497void unit_add_to_dbus_queue(Unit *u) {
498 assert(u);
ac155bb8 499 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 500
ac155bb8 501 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 502 return;
503
a567261a 504 /* Shortcut things if nobody cares */
8f8f05a9 505 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 506 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 507 set_isempty(u->manager->private_buses)) {
ac155bb8 508 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 509 return;
510 }
511
71fda00f 512 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 513 u->in_dbus_queue = true;
c1e1601e
LP		 514}
515
fda09318 516void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 517 assert(u);
518
519 if (u->in_stop_when_unneeded_queue)
520 return;
521
522 if (!u->stop_when_unneeded)
523 return;
524
525 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
526 return;
527
528 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
529 u->in_stop_when_unneeded_queue = true;
530}
531
0bc488c9
LP		 532void unit_submit_to_start_when_upheld_queue(Unit *u) {
533 assert(u);
534
535 if (u->in_start_when_upheld_queue)
536 return;
537
538 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
539 return;
540
541 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
542 return;
543
544 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
545 u->in_start_when_upheld_queue = true;
546}
547
56c59592
LP		 548void unit_submit_to_stop_when_bound_queue(Unit *u) {
549 assert(u);
550
551 if (u->in_stop_when_bound_queue)
552 return;
553
554 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
555 return;
556
557 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
558 return;
559
560 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
561 u->in_stop_when_bound_queue = true;
562}
563
15ed3c3a 564static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 565 assert(u);
566
15ed3c3a
LP		 567 /* Removes all dependencies configured on u and their reverse dependencies. */
568
569 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 570
15ed3c3a
LP		 571 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
572 Hashmap *other_deps;
701cc384 573
15ed3c3a
LP		 574 HASHMAP_FOREACH(other_deps, other->dependencies)
575 hashmap_remove(other_deps, u);
576
577 unit_add_to_gc_queue(other);
578 }
579
580 hashmap_free(deps);
87f0e418
LP		 581 }
582
15ed3c3a 583 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 584}
585
c2756a68 586static void unit_remove_transient(Unit *u) {
c2756a68
LP		 587 assert(u);
588
589 if (!u->transient)
590 return;
591
592 if (u->fragment_path)
3f5e8115 593 (void) unlink(u->fragment_path);
c2756a68
LP		 594
595 STRV_FOREACH(i, u->dropin_paths) {
39591351 596 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 597
45519d13 598 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 599 continue;
600
45519d13 601 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 602 continue;
603
604 /* Only drop transient drop-ins */
605 if (!path_equal(u->manager->lookup_paths.transient, pp))
606 continue;
c2756a68 607
39591351
LP		 608 (void) unlink(*i);
609 (void) rmdir(p);
c2756a68
LP		 610 }
611}
612
a57f7e2c 613static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 614 assert(u);
a57f7e2c 615
eef85c4a 616 for (;;) {
c2b2df60 617 _cleanup_free_ char *path = NULL;
a57f7e2c 618
eef85c4a
LP		 619 path = hashmap_steal_first_key(u->requires_mounts_for);
620 if (!path)
621 break;
622 else {
623 char s[strlen(path) + 1];
a57f7e2c 624
eef85c4a
LP		 625 PATH_FOREACH_PREFIX_MORE(s, path) {
626 char *y;
627 Set *x;
628
629 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
630 if (!x)
631 continue;
a57f7e2c 632
eef85c4a 633 (void) set_remove(x, u);
a57f7e2c 634
eef85c4a
LP		 635 if (set_isempty(x)) {
636 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
637 free(y);
638 set_free(x);
639 }
a57f7e2c
LP		 640 }
641 }
642 }
643
eef85c4a 644 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 645}
646
598459ce
LP		 647static void unit_done(Unit *u) {
648 ExecContext *ec;
649 CGroupContext *cc;
650
651 assert(u);
652
653 if (u->type < 0)
654 return;
655
656 if (UNIT_VTABLE(u)->done)
657 UNIT_VTABLE(u)->done(u);
658
659 ec = unit_get_exec_context(u);
660 if (ec)
661 exec_context_done(ec);
662
663 cc = unit_get_cgroup_context(u);
664 if (cc)
665 cgroup_context_done(cc);
666}
667
75db809a 668Unit* unit_free(Unit *u) {
12f64221 669 Unit *slice;
87f0e418
LP		 670 char *t;
671
c9d5c9c0 672 if (!u)
75db809a 673 return NULL;
87f0e418 674
50fb00b7 675 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 676
2c289ea8 677 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 678 unit_remove_transient(u);
679
c1e1601e
LP		 680 bus_unit_send_removed_signal(u);
681
598459ce 682 unit_done(u);
a013b84b 683
50be4f4a 684 unit_dequeue_rewatch_pids(u);
cf9fd508 685
73458283
YW		 686 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
687 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 688 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 689 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 690
a57f7e2c
LP		 691 unit_free_requires_mounts_for(u);
692
90e74a66 693 SET_FOREACH(t, u->aliases)
ac155bb8 694 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 695 if (u->id)
696 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 697
4b58153d
LP		 698 if (!sd_id128_is_null(u->invocation_id))
699 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
700
97e7d748
MS		 701 if (u->job) {
702 Job *j = u->job;
703 job_uninstall(j);
704 job_free(j);
705 }
964e0949 706
e0209d83
MS		 707 if (u->nop_job) {
708 Job *j = u->nop_job;
709 job_uninstall(j);
710 job_free(j);
711 }
712
4c591f39
MK		 713 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
714 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 715 slice = UNIT_GET_SLICE(u);
d219a2b0 716 unit_clear_dependencies(u);
12f64221
LP		 717 if (slice)
718 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 719
adefcf28
LP		 720 if (u->on_console)
721 manager_unref_console(u->manager);
722
3d027d4d
JK		 723
724 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 725#if BPF_FRAMEWORK
726 bpf_link_free(u->ipv4_socket_bind_link);
727 bpf_link_free(u->ipv6_socket_bind_link);
728#endif
729
efdb0237 730 unit_release_cgroup(u);
72673e86 731
d3070fbd
LP		 732 if (!MANAGER_IS_RELOADING(u->manager))
733 unit_unlink_state_files(u);
734
00d9ef85
LP		 735 unit_unref_uid_gid(u, false);
736
5269eb6b 737 (void) manager_update_failed_units(u->manager, u, false);
db785129 738 set_remove(u->manager->startup_units, u);
f755e3b7 739
a911bb9a
LP		 740 unit_unwatch_all_pids(u);
741
7f7d01ed
ZJS		 742 while (u->refs_by_target)
743 unit_ref_unset(u->refs_by_target);
57020a3a 744
ac155bb8 745 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 746 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 747
ac155bb8 748 if (u->in_load_queue)
71fda00f 749 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 750
ac155bb8 751 if (u->in_dbus_queue)
71fda00f 752 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 753
13e72103
MK		 754 if (u->in_cleanup_queue)
755 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
756
a2d72e26 757 if (u->in_gc_queue)
c5a97ed1 758 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 759
91a6073e
LP		 760 if (u->in_cgroup_realize_queue)
761 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 762
09e24654
LP		 763 if (u->in_cgroup_empty_queue)
764 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
765
13e72103
MK		 766 if (u->in_cgroup_oom_queue)
767 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 768
19496554
MS		 769 if (u->in_target_deps_queue)
770 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
771
a3c1168a
LP		 772 if (u->in_stop_when_unneeded_queue)
773 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
774
0bc488c9
LP		 775 if (u->in_start_when_upheld_queue)
776 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
777
56c59592
LP		 778 if (u->in_stop_when_bound_queue)
779 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
780
0fd9c28c 781 bpf_firewall_close(u);
fab34748 782
5f8ba20d
JK		 783 hashmap_free(u->bpf_foreign_by_key);
784
76dc1725 785 bpf_program_free(u->bpf_device_control_installed);
084c7007 786
6f50d4f7
MV		 787#if BPF_FRAMEWORK
788 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
789 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
790#endif
791 fdset_free(u->initial_restric_ifaces_link_fds);
792
a946fa9b
ZJS		 793 condition_free_list(u->conditions);
794 condition_free_list(u->asserts);
f755e3b7 795
ac155bb8 796 free(u->description);
49dbfa7b 797 strv_free(u->documentation);
ac155bb8 798 free(u->fragment_path);
1b64d026 799 free(u->source_path);
ae7a7182 800 strv_free(u->dropin_paths);
ac155bb8 801 free(u->instance);
87f0e418 802
f189ab18 803 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 804 free(u->reboot_arg);
805
23e9a7dd
LP		 806 free(u->access_selinux_context);
807
4562c355
ZJS		 808 set_free_free(u->aliases);
809 free(u->id);
810
48b92b37
LB		 811 activation_details_unref(u->activation_details);
812
75db809a 813 return mfree(u);
87f0e418
LP		 814}
815
d9e45bc3
MS		 816FreezerState unit_freezer_state(Unit *u) {
817 assert(u);
818
819 return u->freezer_state;
820}
821
822int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
823 char *values[1] = {};
824 int r;
825
826 assert(u);
827
828 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
829 STRV_MAKE("frozen"), values);
830 if (r < 0)
831 return r;
832
833 r = _FREEZER_STATE_INVALID;
834
835 if (values[0]) {
836 if (streq(values[0], "0"))
837 r = FREEZER_RUNNING;
838 else if (streq(values[0], "1"))
839 r = FREEZER_FROZEN;
840 }
841
842 free(values[0]);
843 *ret = r;
844
845 return 0;
846}
847
87f0e418
LP		 848UnitActiveState unit_active_state(Unit *u) {
849 assert(u);
850
ac155bb8 851 if (u->load_state == UNIT_MERGED)
6124958c
LP		 852 return unit_active_state(unit_follow_merge(u));
853
854 /* After a reload it might happen that a unit is not correctly
855 * loaded but still has a process around. That's why we won't
fdf20a31 856 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 857
858 return UNIT_VTABLE(u)->active_state(u);
859}
860
10a94420
LP		 861const char* unit_sub_state_to_string(Unit *u) {
862 assert(u);
863
864 return UNIT_VTABLE(u)->sub_state_to_string(u);
865}
866
15ed3c3a 867static int unit_merge_names(Unit *u, Unit *other) {
4562c355 868 char *name;
7c0b05e5 869 int r;
87f0e418 870
23a177ef
LP		 871 assert(u);
872 assert(other);
873
4562c355 874 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 875 if (r < 0)
876 return r;
23a177ef 877
4562c355
ZJS		 878 r = set_move(u->aliases, other->aliases);
879 if (r < 0) {
880 set_remove(u->aliases, other->id);
881 return r;
882 }
23a177ef 883
4562c355
ZJS		 884 TAKE_PTR(other->id);
885 other->aliases = set_free_free(other->aliases);
23a177ef 886
90e74a66 887 SET_FOREACH(name, u->aliases)
4562c355 888 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 889
890 return 0;
87f0e418
LP		 891}
892
15ed3c3a
LP		 893static int unit_reserve_dependencies(Unit *u, Unit *other) {
894 size_t n_reserve;
895 Hashmap* deps;
896 void *d;
897 int r;
09a65f92
MS		 898
899 assert(u);
900 assert(other);
09a65f92 901
15ed3c3a
LP		 902 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
903 * fail.
904 *
905 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
906 * hashmaps is an estimate that is likely too high since they probably use some of the same
907 * types. But it's never too low, and that's all we need. */
908
909 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
910 if (n_reserve > 0) {
911 r = hashmap_ensure_allocated(&u->dependencies, NULL);
912 if (r < 0)
913 return r;
914
915 r = hashmap_reserve(u->dependencies, n_reserve);
916 if (r < 0)
917 return r;
918 }
919
920 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
921 * other unit's dependencies.
922 *
923 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
924 * reserve anything for. In that case other's set will be transferred as a whole to u by
925 * complete_move(). */
926
927 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
928 Hashmap *other_deps;
929
930 other_deps = hashmap_get(other->dependencies, d);
931
932 r = hashmap_reserve(deps, hashmap_size(other_deps));
933 if (r < 0)
934 return r;
935 }
936
937 return 0;
938}
939
940static void unit_maybe_warn_about_dependency(
941 Unit *u,
942 const char *other_id,
943 UnitDependency dependency) {
944
945 assert(u);
946
947 /* Only warn about some unit types */
948 if (!IN_SET(dependency,
949 UNIT_CONFLICTS,
950 UNIT_CONFLICTED_BY,
951 UNIT_BEFORE,
952 UNIT_AFTER,
294446dc 953 UNIT_ON_SUCCESS,
15ed3c3a
LP		 954 UNIT_ON_FAILURE,
955 UNIT_TRIGGERS,
956 UNIT_TRIGGERED_BY))
957 return;
958
959 if (streq_ptr(u->id, other_id))
960 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
961 else
962 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
963}
964
965static int unit_per_dependency_type_hashmap_update(
966 Hashmap *per_type,
967 Unit *other,
968 UnitDependencyMask origin_mask,
969 UnitDependencyMask destination_mask) {
970
971 UnitDependencyInfo info;
972 int r;
973
974 assert(other);
975 assert_cc(sizeof(void*) == sizeof(info));
976
977 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
978 * exists, or insert it anew if not. */
09a65f92 979
15ed3c3a
LP		 980 info.data = hashmap_get(per_type, other);
981 if (info.data) {
982 /* Entry already exists. Add in our mask. */
983
984 if (FLAGS_SET(origin_mask, info.origin_mask) &&
985 FLAGS_SET(destination_mask, info.destination_mask))
986 return 0; /* NOP */
987
988 info.origin_mask |= origin_mask;
989 info.destination_mask |= destination_mask;
990
991 r = hashmap_update(per_type, other, info.data);
992 } else {
993 info = (UnitDependencyInfo) {
994 .origin_mask = origin_mask,
995 .destination_mask = destination_mask,
996 };
09a65f92 997
15ed3c3a
LP		 998 r = hashmap_put(per_type, other, info.data);
999 }
1000 if (r < 0)
1001 return r;
1002
1003
1004 return 1;
09a65f92
MS		 1005}
1006
15ed3c3a
LP		 1007static int unit_add_dependency_hashmap(
1008 Hashmap **dependencies,
1009 UnitDependency d,
1010 Unit *other,
1011 UnitDependencyMask origin_mask,
1012 UnitDependencyMask destination_mask) {
1013
1014 Hashmap *per_type;
87f0e418 1015 int r;
23a177ef 1016
15ed3c3a
LP		 1017 assert(dependencies);
1018 assert(other);
1019 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1020 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1021 assert(origin_mask > 0 || destination_mask > 0);
1022
1023 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1024 * UnitDependencyInfo) */
1025 r = hashmap_ensure_allocated(dependencies, NULL);
1026 if (r < 0)
1027 return r;
1028
1029 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1030 * type, and if it's missing allocate it and insert it. */
1031 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1032 if (!per_type) {
1033 per_type = hashmap_new(NULL);
1034 if (!per_type)
1035 return -ENOMEM;
1036
1037 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1038 if (r < 0) {
1039 hashmap_free(per_type);
1040 return r;
1041 }
1042 }
1043
1044 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1045}
1046
1047static void unit_merge_dependencies(
1048 Unit *u,
1049 Unit *other) {
1050
1051 int r;
eef85c4a 1052
23a177ef
LP		 1053 assert(u);
1054 assert(other);
23a177ef 1055
15ed3c3a
LP		 1056 if (u == other)
1057 return;
1058
1059 for (;;) {
1060 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1061 UnitDependencyInfo di_back;
1062 Unit *back;
1063 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1064 * since the hashmaps all want it as void pointer. */
1065
1066 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1067 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1068 if (!other_deps)
1069 break; /* done! */
1070
1071 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1072 * referenced units as 'back'. */
1073 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1074 Hashmap *back_deps;
1075 void *back_dt;
eef85c4a 1076
e66047ff 1077 if (back == u) {
15ed3c3a
LP		 1078 /* This is a dependency pointing back to the unit we want to merge with?
1079 * Suppress it (but warn) */
1080 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1081 continue;
1082 }
eef85c4a 1083
15ed3c3a
LP		 1084 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1085 * point to 'u' instead. */
1086 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1087 UnitDependencyInfo di_move;
eef85c4a 1088
15ed3c3a
LP		 1089 di_move.data = hashmap_remove(back_deps, other);
1090 if (!di_move.data)
1091 continue;
eef85c4a 1092
15ed3c3a
LP		 1093 assert_se(unit_per_dependency_type_hashmap_update(
1094 back_deps,
1095 u,
1096 di_move.origin_mask,
1097 di_move.destination_mask) >= 0);
1098 }
1099 }
eef85c4a 1100
15ed3c3a
LP		 1101 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1102 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1103 * them per type wholesale. */
1104 r = hashmap_put(u->dependencies, dt, other_deps);
1105 if (r == -EEXIST) {
1106 Hashmap *deps;
eef85c4a 1107
15ed3c3a 1108 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1109
15ed3c3a
LP		 1110 assert_se(deps = hashmap_get(u->dependencies, dt));
1111
1112 for (;;) {
1113 UnitDependencyInfo di_move;
1114
1115 /* Get first dep */
1116 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1117 if (!di_move.data)
1118 break; /* done */
1119 if (back == u) {
1120 /* Would point back to us, ignore */
1121 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1122 continue;
1123 }
23a177ef 1124
15ed3c3a
LP		 1125 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1126 }
1127 } else {
1128 assert_se(r >= 0);
1129 TAKE_PTR(other_deps);
e66047ff 1130
15ed3c3a
LP		 1131 if (hashmap_remove(other_deps, u))
1132 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1133 }
1134 }
23a177ef 1135
15ed3c3a 1136 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1137}
1138
1139int unit_merge(Unit *u, Unit *other) {
09a65f92 1140 int r;
87f0e418
LP		 1141
1142 assert(u);
1143 assert(other);
ac155bb8
MS		 1144 assert(u->manager == other->manager);
1145 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1146
cc916967
LP		 1147 other = unit_follow_merge(other);
1148
23a177ef
LP		 1149 if (other == u)
1150 return 0;
1151
ac155bb8 1152 if (u->type != other->type)
9e2f7c11
LP		 1153 return -EINVAL;
1154
8a993b61 1155 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1156 return -EEXIST;
1157
ec2ce0c5 1158 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1159 return -EEXIST;
87f0e418 1160
d383acad
ZJS		 1161 if (!streq_ptr(u->instance, other->instance))
1162 return -EINVAL;
1163
ac155bb8 1164 if (other->job)
819e213f
LP		 1165 return -EEXIST;
1166
e0209d83
MS		 1167 if (other->nop_job)
1168 return -EEXIST;
1169
fdf20a31 1170 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1171 return -EEXIST;
1172
15ed3c3a
LP		 1173 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1174 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1175 r = unit_reserve_dependencies(u, other);
1176 if (r < 0)
1177 return r;
09a65f92 1178
87f0e418 1179 /* Merge names */
15ed3c3a 1180 r = unit_merge_names(u, other);
7c0b05e5
MS		 1181 if (r < 0)
1182 return r;
87f0e418 1183
57020a3a 1184 /* Redirect all references */
7f7d01ed
ZJS		 1185 while (other->refs_by_target)
1186 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1187
87f0e418 1188 /* Merge dependencies */
15ed3c3a 1189 unit_merge_dependencies(u, other);
87f0e418 1190
ac155bb8
MS		 1191 other->load_state = UNIT_MERGED;
1192 other->merged_into = u;
23a177ef 1193
48b92b37
LB		 1194 if (!u->activation_details)
1195 u->activation_details = activation_details_ref(other->activation_details);
1196
3616a49c
LP		 1197 /* If there is still some data attached to the other node, we
1198 * don't need it anymore, and can free it. */
ac155bb8 1199 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1200 if (UNIT_VTABLE(other)->done)
1201 UNIT_VTABLE(other)->done(other);
1202
1203 unit_add_to_dbus_queue(u);
23a177ef
LP		 1204 unit_add_to_cleanup_queue(other);
1205
1206 return 0;
1207}
1208
1209int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1210 _cleanup_free_ char *s = NULL;
23a177ef 1211 Unit *other;
9e2f7c11 1212 int r;
23a177ef 1213
e8630e69
ZJS		 1214 /* Either add name to u, or if a unit with name already exists, merge it with u.
1215 * If name is a template, do the same for name@instance, where instance is u's instance. */
1216
23a177ef
LP		 1217 assert(u);
1218 assert(name);
1219
7410616c 1220 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1221 if (!u->instance)
9e2f7c11
LP		 1222 return -EINVAL;
1223
7410616c
LP		 1224 r = unit_name_replace_instance(name, u->instance, &s);
1225 if (r < 0)
1226 return r;
9e2f7c11
LP		 1227
1228 name = s;
1229 }
1230
c2756a68 1231 other = manager_get_unit(u->manager, name);
7410616c
LP		 1232 if (other)
1233 return unit_merge(u, other);
23a177ef 1234
7410616c 1235 return unit_add_name(u, name);
23a177ef
LP		 1236}
1237
1238Unit* unit_follow_merge(Unit *u) {
1239 assert(u);
1240
ac155bb8
MS		 1241 while (u->load_state == UNIT_MERGED)
1242 assert_se(u = u->merged_into);
23a177ef
LP		 1243
1244 return u;
1245}
1246
1247int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1248 int r;
1249
1250 assert(u);
1251 assert(c);
1252
a8c5a4c6
YW		 1253 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1254
e1e74614 1255 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1256 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1257 if (r < 0)
1258 return r;
1259 }
1260
1261 if (c->root_directory) {
eef85c4a 1262 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1263 if (r < 0)
1264 return r;
1265 }
1266
915e6d16 1267 if (c->root_image) {
eef85c4a 1268 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1269 if (r < 0)
1270 return r;
1271 }
1272
12375b95 1273 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1274 if (!u->manager->prefix[dt])
1275 continue;
1276
211a3d87 1277 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1278 _cleanup_free_ char *p = NULL;
ada5e276 1279
211a3d87 1280 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1281 if (!p)
1282 return -ENOMEM;
1283
eef85c4a 1284 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1285 if (r < 0)
1286 return r;
1287 }
1288 }
1289
463d0d15 1290 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1291 return 0;
1292
f3b7a79b
LP		 1293 /* For the following three directory types we need write access, and /var/ is possibly on the root
1294 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1295 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1296 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1297 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1298 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1299 if (r < 0)
1300 return r;
1301 }
1302
b46a529c 1303 if (c->private_tmp) {
d71f0505 1304
b2c7d1bb
FB		 1305 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1306 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1307 * /tmp specifically and masking other mount units should be handled more
1308 * gracefully too, see PR#16894. */
1309 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1310 if (r < 0)
1311 return r;
1312
1313 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1314 if (r < 0)
1315 return r;
b46a529c 1316
35d8c19a 1317 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1318 if (r < 0)
1319 return r;
1320 }
1321
33b58dfb
LP		 1322 if (c->root_image) {
1323 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1324 * implicit dependency on udev */
1325
1326 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1327 if (r < 0)
1328 return r;
1329 }
1330
52c239d7
LB		 1331 if (!IN_SET(c->std_output,
1332 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1333 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1334 !IN_SET(c->std_error,
1335 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1336 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1337 !c->log_namespace)
23a177ef
LP		 1338 return 0;
1339
91dd5f7c
LP		 1340 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1341 * is run first. */
1342
1343 if (c->log_namespace) {
dc5437c7 1344 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1345
91dd5f7c
LP		 1346 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1347 if (r < 0)
1348 return r;
1349
1350 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1351 if (r < 0)
1352 return r;
dc5437c7
LP		 1353
1354 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1355 if (r < 0)
1356 return r;
1357
1358 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1359 if (r < 0)
1360 return r;
91dd5f7c
LP		 1361 } else
1362 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1363 if (r < 0)
1364 return r;
23a177ef 1365
87f0e418
LP		 1366 return 0;
1367}
1368
04d232d8 1369const char* unit_description(Unit *u) {
87f0e418
LP		 1370 assert(u);
1371
ac155bb8
MS		 1372 if (u->description)
1373 return u->description;
87f0e418 1374
ac155bb8 1375 return strna(u->id);
87f0e418
LP		 1376}
1377
e6a16a82 1378const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1379 assert(u);
04d232d8 1380 assert(u->id);
2a8f53c6 1381
04d232d8
ZJS		 1382 /* Return u->id, u->description, or "{u->id} - {u->description}".
1383 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1384 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1385 * pointer.
1386 *
1387 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1388
1389 if (!u->description ||
1390 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1391 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1392 streq(u->description, u->id)) {
1393
1394 if (ret_combined_buffer)
1395 *ret_combined_buffer = NULL;
2a8f53c6 1396 return u->id;
e6a16a82 1397 }
2a8f53c6 1398
e6a16a82
ZJS		 1399 if (ret_combined_buffer) {
1400 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1401 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1402 if (*ret_combined_buffer)
1403 return *ret_combined_buffer;
1404 log_oom(); /* Fall back to ->description */
04d232d8 1405 } else
e6a16a82 1406 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1407 }
1408
1409 return u->description;
2a8f53c6
ZJS		 1410}
1411
87f0e418 1412/* Common implementation for multiple backends */
c3620770 1413int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1414 int r;
1415
1416 assert(u);
23a177ef 1417
e48614c4 1418 /* Load a .{service,socket,...} file */
4ad49000
LP		 1419 r = unit_load_fragment(u);
1420 if (r < 0)
23a177ef
LP		 1421 return r;
1422
c3620770
ZJS		 1423 if (u->load_state == UNIT_STUB) {
1424 if (fragment_required)
1425 return -ENOENT;
1426
1427 u->load_state = UNIT_LOADED;
1428 }
23a177ef 1429
9e4ea9cc
ZJS		 1430 /* Load drop-in directory data. If u is an alias, we might be reloading the
1431 * target unit needlessly. But we cannot be sure which drops-ins have already
1432 * been loaded and which not, at least without doing complicated book-keeping,
1433 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1434 r = unit_load_dropin(unit_follow_merge(u));
1435 if (r < 0)
1436 return r;
1437
1438 if (u->source_path) {
1439 struct stat st;
1440
1441 if (stat(u->source_path, &st) >= 0)
1442 u->source_mtime = timespec_load(&st.st_mtim);
1443 else
1444 u->source_mtime = 0;
1445 }
1446
1447 return 0;
23a177ef
LP		 1448}
1449
19496554
MS		 1450void unit_add_to_target_deps_queue(Unit *u) {
1451 Manager *m = u->manager;
1452
1453 assert(u);
1454
1455 if (u->in_target_deps_queue)
1456 return;
1457
1458 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1459 u->in_target_deps_queue = true;
1460}
1461
bba34eed 1462int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1463 assert(u);
1464 assert(target);
1465
ac155bb8 1466 if (target->type != UNIT_TARGET)
98bc2000
LP		 1467 return 0;
1468
35b8ca3a 1469 /* Only add the dependency if both units are loaded, so that
bba34eed 1470 * that loop check below is reliable */
ac155bb8
MS		 1471 if (u->load_state != UNIT_LOADED ||
1472 target->load_state != UNIT_LOADED)
bba34eed
LP		 1473 return 0;
1474
21256a2b
LP		 1475 /* If either side wants no automatic dependencies, then let's
1476 * skip this */
ac155bb8
MS		 1477 if (!u->default_dependencies ||
1478 !target->default_dependencies)
21256a2b
LP		 1479 return 0;
1480
98bc2000 1481 /* Don't create loops */
15ed3c3a 1482 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1483 return 0;
1484
eef85c4a 1485 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1486}
1487
e954c9cf 1488static int unit_add_slice_dependencies(Unit *u) {
12f64221 1489 Unit *slice;
e954c9cf 1490 assert(u);
b81884e7 1491
35b7ff80 1492 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1493 return 0;
1494
eef85c4a
LP		 1495 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1496 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1497 relationship). */
f6173cb9 1498 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1499
12f64221
LP		 1500 slice = UNIT_GET_SLICE(u);
1501 if (slice)
1502 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1503
8c8da0e0 1504 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1505 return 0;
1506
5a724170 1507 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1508}
1509
e954c9cf 1510static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1511 UnitDependencyInfo di;
1512 const char *path;
a8c5a4c6 1513 bool changed = false;
9588bc32
LP		 1514 int r;
1515
1516 assert(u);
1517
90e74a66 1518 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1519 char prefix[strlen(path) + 1];
9588bc32 1520
eef85c4a 1521 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1522 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1523 Unit *m;
1524
c7c89abb 1525 r = unit_name_from_path(prefix, ".mount", &p);
03e52e8c 1526 if (r == -EINVAL)
598a6a84 1527 continue; /* If the path cannot be converted to a mount unit name, then it's
4076ad9d 1528 * not manageable as a unit by systemd, and hence we don't need a
598a6a84 1529 * dependency on it. Let's thus silently ignore the issue. */
9588bc32
LP		 1530 if (r < 0)
1531 return r;
c7c89abb
FB		 1532
1533 m = manager_get_unit(u->manager, p);
1534 if (!m) {
598a6a84
LP		 1535 /* Make sure to load the mount unit if it exists. If so the dependencies on
1536 * this unit will be added later during the loading of the mount unit. */
c7c89abb 1537 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1538 continue;
c7c89abb 1539 }
9588bc32
LP		 1540 if (m == u)
1541 continue;
1542
1543 if (m->load_state != UNIT_LOADED)
1544 continue;
1545
eef85c4a 1546 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1547 if (r < 0)
1548 return r;
a8c5a4c6 1549 changed = changed || r > 0;
9588bc32
LP		 1550
1551 if (m->fragment_path) {
eef85c4a 1552 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1553 if (r < 0)
1554 return r;
a8c5a4c6 1555 changed = changed || r > 0;
9588bc32
LP		 1556 }
1557 }
1558 }
1559
a8c5a4c6 1560 return changed;
9588bc32
LP		 1561}
1562
a2db0225
AZ		 1563static int unit_add_oomd_dependencies(Unit *u) {
1564 CGroupContext *c;
1565 bool wants_oomd;
a2db0225
AZ		 1566
1567 assert(u);
1568
1569 if (!u->default_dependencies)
1570 return 0;
1571
1572 c = unit_get_cgroup_context(u);
1573 if (!c)
1574 return 0;
1575
1576 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1577 if (!wants_oomd)
1578 return 0;
1579
a8c5a4c6 1580 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1581}
1582
95ae05c0 1583static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1584 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1585 return 0;
1586
de7fef4b 1587 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1588}
1589
294446dc
LP		 1590static int unit_validate_on_failure_job_mode(
1591 Unit *u,
1592 const char *job_mode_setting,
1593 JobMode job_mode,
1594 const char *dependency_name,
1595 UnitDependencyAtom atom) {
1596
1597 Unit *other, *found = NULL;
1598
1599 if (job_mode != JOB_ISOLATE)
1600 return 0;
1601
1602 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1603 if (!found)
1604 found = other;
1605 else if (found != other)
1606 return log_unit_error_errno(
1607 u, SYNTHETIC_ERRNO(ENOEXEC),
1608 "More than one %s dependencies specified but %sisolate set. Refusing.",
1609 dependency_name, job_mode_setting);
1610 }
1611
1612 return 0;
1613}
1614
87f0e418
LP		 1615int unit_load(Unit *u) {
1616 int r;
1617
1618 assert(u);
1619
ac155bb8 1620 if (u->in_load_queue) {
71fda00f 1621 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1622 u->in_load_queue = false;
87f0e418
LP		 1623 }
1624
ac155bb8 1625 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1626 return -EINVAL;
1627
ac155bb8 1628 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1629 return 0;
1630
4f4afc88 1631 if (u->transient_file) {
66fa4bdd
LP		 1632 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1633 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1634
4f4afc88
LP		 1635 r = fflush_and_check(u->transient_file);
1636 if (r < 0)
1637 goto fail;
1638
50fb00b7 1639 u->transient_file = safe_fclose(u->transient_file);
f76707da 1640 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1641 }
1642
c3784a7d
ZJS		 1643 r = UNIT_VTABLE(u)->load(u);
1644 if (r < 0)
23a177ef 1645 goto fail;
c3784a7d
ZJS		 1646
1647 assert(u->load_state != UNIT_STUB);
23a177ef 1648
7c8fa05c 1649 if (u->load_state == UNIT_LOADED) {
19496554 1650 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1651
1652 r = unit_add_slice_dependencies(u);
1653 if (r < 0)
1654 goto fail;
c2756a68 1655
e954c9cf 1656 r = unit_add_mount_dependencies(u);
7c8fa05c 1657 if (r < 0)
c2756a68 1658 goto fail;
7c8fa05c 1659
a2db0225
AZ		 1660 r = unit_add_oomd_dependencies(u);
1661 if (r < 0)
1662 goto fail;
1663
95ae05c0
WC		 1664 r = unit_add_startup_units(u);
1665 if (r < 0)
1666 goto fail;
1667
294446dc
LP		 1668 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1669 if (r < 0)
1670 goto fail;
15ed3c3a 1671
294446dc
LP		 1672 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1673 if (r < 0)
1674 goto fail;
bc432dc7 1675
a2df3ea4
MK		 1676 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1677 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1678
5af88058
LP		 1679 /* We finished loading, let's ensure our parents recalculate the members mask */
1680 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1681 }
1682
ac155bb8 1683 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1684
1685 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1686 unit_add_to_gc_queue(u);
f561e8c6 1687 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1688
87f0e418
LP		 1689 return 0;
1690
1691fail:
81be2388
ZJS		 1692 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1693 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1694
1695 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1696 r == -ENOEXEC ? UNIT_BAD_SETTING :
1697 UNIT_ERROR;
ac155bb8 1698 u->load_error = r;
c4555ad8 1699
c149d2b4
ZJS		 1700 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1701 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1702 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1703 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1704
c1e1601e 1705 unit_add_to_dbus_queue(u);
9a46fc3b 1706 unit_add_to_gc_queue(u);
23a177ef 1707
c4555ad8 1708 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1709}
1710
f9f88198
YW		 1711_printf_(7, 8)
1712static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1713 Unit *u = userdata;
1714 va_list ap;
1715 int r;
49365733 1716
c2503e35
RH		 1717 if (u && !unit_log_level_test(u, level))
1718 return -ERRNO_VALUE(error);
1719
f9f88198
YW		 1720 va_start(ap, format);
1721 if (u)
1722 r = log_object_internalv(level, error, file, line, func,
1723 u->manager->unit_log_field,
1724 u->id,
1725 u->manager->invocation_log_field,
1726 u->invocation_id_string,
1727 format, ap);
1728 else
1729 r = log_internalv(level, error, file, line, func, format, ap);
1730 va_end(ap);
49365733 1731
f9f88198 1732 return r;
49365733
LP		 1733}
1734
97a3f4ee 1735static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1736 _cleanup_strv_free_ char **env = NULL;
1737 int r;
1738
90bbc946
LP		 1739 assert(u);
1740
ac155bb8 1741 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1742
a0b191b7
LP		 1743 r = manager_get_effective_environment(u->manager, &env);
1744 if (r < 0) {
1745 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1746 u->condition_result = true;
a0b191b7
LP		 1747 } else
1748 u->condition_result = condition_test_list(
1749 u->conditions,
1750 env,
1751 condition_type_to_string,
1752 log_unit_internal,
1753 u);
e18f8852 1754
a0b191b7 1755 unit_add_to_dbus_queue(u);
ac155bb8 1756 return u->condition_result;
90bbc946
LP		 1757}
1758
97a3f4ee 1759static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1760 _cleanup_strv_free_ char **env = NULL;
1761 int r;
1762
59fccdc5
LP		 1763 assert(u);
1764
1765 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1766
a0b191b7
LP		 1767 r = manager_get_effective_environment(u->manager, &env);
1768 if (r < 0) {
1769 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1770 u->assert_result = CONDITION_ERROR;
1771 } else
1772 u->assert_result = condition_test_list(
1773 u->asserts,
1774 env,
1775 assert_type_to_string,
1776 log_unit_internal,
1777 u);
e18f8852 1778
a0b191b7 1779 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1780 return u->assert_result;
1781}
1782
04d232d8
ZJS		 1783void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1784 if (log_get_show_color()) {
1785 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1786 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1787 else
1788 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1789 }
5b262f74 1790
df446f96 1791 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1792 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1793 REENABLE_WARNING;
1794}
1795
97a3f4ee 1796int unit_test_start_limit(Unit *u) {
429926e9
TR		 1797 const char *reason;
1798
6bf0f408
LP		 1799 assert(u);
1800
7bf081a1 1801 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1802 u->start_limit_hit = false;
1803 return 0;
1804 }
1805
1806 log_unit_warning(u, "Start request repeated too quickly.");
1807 u->start_limit_hit = true;
1808
429926e9
TR		 1809 reason = strjoina("unit ", u->id, " failed");
1810
36c4dc08
LP		 1811 emergency_action(u->manager, u->start_limit_action,
1812 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1813 u->reboot_arg, -1, reason);
1814
1815 return -ECANCELED;
6bf0f408
LP		 1816}
1817
c891efaf 1818bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1819 assert(u);
c891efaf
FB		 1820
1821 if (manager_is_confirm_spawn_disabled(u->manager))
1822 return false;
1823
1824 /* For some reasons units remaining in the same process group
1825 * as PID 1 fail to acquire the console even if it's not used
1826 * by any process. So skip the confirmation question for them. */
1827 return !unit_get_exec_context(u)->same_pgrp;
1828}
1829
631b676b
LP		 1830static bool unit_verify_deps(Unit *u) {
1831 Unit *other;
631b676b
LP		 1832
1833 assert(u);
1834
defe63b0
LP		 1835 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1836 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1837 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1838 * that are not used in conjunction with After= as for them any such check would make things entirely
1839 * racy. */
631b676b 1840
15ed3c3a 1841 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1842
15ed3c3a 1843 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1844 continue;
1845
1846 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1847 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1848 return false;
1849 }
1850 }
1851
1852 return true;
1853}
1854
9adb6959 1855/* Errors that aren't really errors:
6bf0f408 1856 * -EALREADY: Unit is already started.
9adb6959 1857 * -ECOMM: Condition failed
6bf0f408 1858 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1859 *
1860 * Errors that are real errors:
1861 * -EBADR: This unit type does not support starting.
2de9b979 1862 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1863 * -EPROTO: Assert failed
1864 * -EINVAL: Unit not loaded
1865 * -EOPNOTSUPP: Unit type not supported
631b676b 1866 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1867 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1868 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418 1869 */
48b92b37 1870int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1871 UnitActiveState state;
92ab323c 1872 Unit *following;
5f37c1a9 1873 int r;
87f0e418
LP		 1874
1875 assert(u);
1876
b161bc39
MS		 1877 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is rate limited. */
1878 if (u->type == UNIT_MOUNT && sd_event_source_is_ratelimited(u->manager->mount_event_source))
1879 return -EAGAIN;
1880
5766aca8
LP		 1881 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1882 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1883 * waiting is finished. */
87f0e418
LP		 1884 state = unit_active_state(u);
1885 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1886 return -EALREADY;
380dc8b0
LP		 1887 if (state == UNIT_MAINTENANCE)
1888 return -EAGAIN;
87f0e418 1889
6bf0f408
LP		 1890 /* Units that aren't loaded cannot be started */
1891 if (u->load_state != UNIT_LOADED)
1892 return -EINVAL;
1893
d4fd1cf2
LP		 1894 /* Refuse starting scope units more than once */
1895 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1896 return -ESTALE;
1897
5766aca8
LP		 1898 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1899 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1900 * recheck the condition in that case. */
a82e5507 1901 if (state != UNIT_ACTIVATING &&
5af6aa58 1902 !unit_test_condition(u))
5766aca8 1903 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1904
59fccdc5
LP		 1905 /* If the asserts failed, fail the entire job */
1906 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1907 !unit_test_assert(u))
1908 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1909
5766aca8
LP		 1910 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1911 * condition checks, so that we rather return condition check errors (which are usually not
1912 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1913 */
96cf3ec9 1914 if (!unit_type_supported(u->type))
d11a7645
LP		 1915 return -EOPNOTSUPP;
1916
5766aca8
LP		 1917 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1918 * should have taken care of this already, but let's check this here again. After all, our
413e8650 1919 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
631b676b
LP		 1920 if (!unit_verify_deps(u))
1921 return -ENOLINK;
1922
92ab323c 1923 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1924 following = unit_following(u);
1925 if (following) {
f2341e0a 1926 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1927 return unit_start(following, details);
92ab323c
LP		 1928 }
1929
705578c3
MS		 1930 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1931 if (UNIT_VTABLE(u)->can_start) {
1932 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1933 if (r < 0)
1934 return r;
1935 }
1936
92ab323c
LP		 1937 /* If it is stopped, but we cannot start it, then fail */
1938 if (!UNIT_VTABLE(u)->start)
1939 return -EBADR;
1940
5766aca8
LP		 1941 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1942 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1943 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1944
c1e1601e 1945 unit_add_to_dbus_queue(u);
d9e45bc3 1946 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1947
48b92b37
LB		 1948 if (!u->activation_details) /* Older details object wins */
1949 u->activation_details = activation_details_ref(details);
1950
d1a34ae9 1951 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1952}
1953
1954bool unit_can_start(Unit *u) {
1955 assert(u);
1956
8ff4d2ab
LP		 1957 if (u->load_state != UNIT_LOADED)
1958 return false;
1959
96cf3ec9 1960 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1961 return false;
1962
d4fd1cf2
LP		 1963 /* Scope units may be started only once */
1964 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1965 return false;
1966
87f0e418
LP		 1967 return !!UNIT_VTABLE(u)->start;
1968}
1969
2528a7a6
LP		 1970bool unit_can_isolate(Unit *u) {
1971 assert(u);
1972
1973 return unit_can_start(u) &&
ac155bb8 1974 u->allow_isolate;
2528a7a6
LP		 1975}
1976
87f0e418
LP		 1977/* Errors:
1978 * -EBADR: This unit type does not support stopping.
1979 * -EALREADY: Unit is already stopped.
1980 * -EAGAIN: An operation is already in progress. Retry later.
1981 */
1982int unit_stop(Unit *u) {
1983 UnitActiveState state;
92ab323c 1984 Unit *following;
87f0e418
LP		 1985
1986 assert(u);
1987
87f0e418 1988 state = unit_active_state(u);
fdf20a31 1989 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1990 return -EALREADY;
1991
0faacd47
LP		 1992 following = unit_following(u);
1993 if (following) {
f2341e0a 1994 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1995 return unit_stop(following);
1996 }
1997
7898b0cf
LP		 1998 if (!UNIT_VTABLE(u)->stop)
1999 return -EBADR;
2000
c1e1601e 2001 unit_add_to_dbus_queue(u);
d9e45bc3 2002 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 2003
d1a34ae9 2004 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2005}
2006
f5869324
LP		 2007bool unit_can_stop(Unit *u) {
2008 assert(u);
2009
39c79477
ZJS		 2010 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2011 * Extrinsic units follow external state and they may stop following external state changes
2012 * (hence we return true here), but an attempt to do this through the manager will fail. */
2013
96cf3ec9 2014 if (!unit_type_supported(u->type))
f5869324
LP		 2015 return false;
2016
2017 if (u->perpetual)
2018 return false;
2019
2020 return !!UNIT_VTABLE(u)->stop;
2021}
2022
87f0e418
LP		 2023/* Errors:
2024 * -EBADR: This unit type does not support reloading.
2025 * -ENOEXEC: Unit is not started.
2026 * -EAGAIN: An operation is already in progress. Retry later.
2027 */
2028int unit_reload(Unit *u) {
2029 UnitActiveState state;
92ab323c 2030 Unit *following;
87f0e418
LP		 2031
2032 assert(u);
2033
ac155bb8 2034 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2035 return -EINVAL;
2036
87f0e418
LP		 2037 if (!unit_can_reload(u))
2038 return -EBADR;
2039
2040 state = unit_active_state(u);
e364ad06 2041 if (state == UNIT_RELOADING)
6255af75 2042 return -EAGAIN;
87f0e418 2043
d85ff944
YW		 2044 if (state != UNIT_ACTIVE)
2045 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2046
e48614c4
ZJS		 2047 following = unit_following(u);
2048 if (following) {
f2341e0a 2049 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2050 return unit_reload(following);
2051 }
2052
c1e1601e 2053 unit_add_to_dbus_queue(u);
82a2b6bb 2054
f54bcca5
JR		 2055 if (!UNIT_VTABLE(u)->reload) {
2056 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2057 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2058 return 0;
2059 }
2060
d9e45bc3
MS		 2061 unit_cgroup_freezer_action(u, FREEZER_THAW);
2062
d1a34ae9 2063 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2064}
2065
2066bool unit_can_reload(Unit *u) {
2067 assert(u);
2068
f54bcca5
JR		 2069 if (UNIT_VTABLE(u)->can_reload)
2070 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2071
15ed3c3a 2072 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2073 return true;
2074
f54bcca5 2075 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2076}
2077
a3c1168a 2078bool unit_is_unneeded(Unit *u) {
15ed3c3a 2079 Unit *other;
f3bff0eb
LP		 2080 assert(u);
2081
ac155bb8 2082 if (!u->stop_when_unneeded)
a3c1168a 2083 return false;
f3bff0eb 2084
a3c1168a 2085 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2086 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2087 return false;
2088 if (u->job)
2089 return false;
f3bff0eb 2090
15ed3c3a 2091 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2092 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2093 * restart, then don't clean this one up. */
b81884e7 2094
15ed3c3a
LP		 2095 if (other->job)
2096 return false;
a3c1168a 2097
15ed3c3a
LP		 2098 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2099 return false;
a3c1168a 2100
15ed3c3a
LP		 2101 if (unit_will_restart(other))
2102 return false;
bea355da
LP		 2103 }
2104
a3c1168a
LP		 2105 return true;
2106}
f3bff0eb 2107
0bc488c9
LP		 2108bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2109 Unit *other;
2110
2111 assert(u);
2112
2113 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2114 * that is active declared an Uphold= dependencies on it */
2115
2116 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2117 if (ret_culprit)
2118 *ret_culprit = NULL;
2119 return false;
2120 }
2121
2122 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2123 if (other->job)
2124 continue;
2125
2126 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2127 if (ret_culprit)
2128 *ret_culprit = other;
2129 return true;
2130 }
2131 }
2132
2133 if (ret_culprit)
2134 *ret_culprit = NULL;
2135 return false;
2136}
2137
56c59592
LP		 2138bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2139 Unit *other;
2140
2141 assert(u);
2142
2143 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2144 * because the other unit is down. */
56c59592
LP		 2145
2146 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2147 /* Don't clean up while the unit is transitioning or is even inactive. */
2148 if (ret_culprit)
2149 *ret_culprit = NULL;
2150 return false;
2151 }
2152
2153 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2154 if (other->job)
2155 continue;
2156
2157 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2158 if (ret_culprit)
56c59592
LP		 2159 *ret_culprit = other;
2160
2161 return true;
2162 }
2163 }
2164
2165 if (ret_culprit)
2166 *ret_culprit = NULL;
2167 return false;
2168}
2169
a3c1168a 2170static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2171 Unit *other;
a3c1168a
LP		 2172 assert(u);
2173
2174 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2175
15ed3c3a
LP		 2176 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2177 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2178}
2179
0bc488c9
LP		 2180static void check_uphold_dependencies(Unit *u) {
2181 Unit *other;
2182 assert(u);
2183
2184 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2185
2186 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2187 unit_submit_to_start_when_upheld_queue(other);
2188}
2189
56c59592 2190static void check_bound_by_dependencies(Unit *u) {
ff502445 2191 Unit *other;
ff502445
LP		 2192 assert(u);
2193
56c59592 2194 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2195
56c59592
LP		 2196 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2197 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2198}
2199
87f0e418 2200static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2201 Unit *other;
2202
2203 assert(u);
2204 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2205
15ed3c3a
LP		 2206 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2207 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2208 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2209 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2210
15ed3c3a
LP		 2211 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2212 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2213 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2214 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2215
15ed3c3a 2216 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2217 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2218 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2219}
2220
2221static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2222 Unit *other;
2223
2224 assert(u);
2225 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2226
b81884e7 2227 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2228 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2229 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2230 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2231}
2232
294446dc
LP		 2233void unit_start_on_failure(
2234 Unit *u,
2235 const char *dependency_name,
2236 UnitDependencyAtom atom,
2237 JobMode job_mode) {
2238
82acee14 2239 int n_jobs = -1;
c0daa706 2240 Unit *other;
7f66b026 2241 int r;
c0daa706
LP		 2242
2243 assert(u);
294446dc
LP		 2244 assert(dependency_name);
2245 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2246
2247 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2248
294446dc 2249 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2250 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2251
82acee14 2252 if (n_jobs < 0) {
294446dc 2253 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
82acee14 2254 n_jobs = 0;
15ed3c3a
LP		 2255 }
2256
95c81c55 2257 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2258 if (r < 0)
294446dc
LP		 2259 log_unit_warning_errno(
2260 u, r, "Failed to enqueue %s job, ignoring: %s",
2261 dependency_name, bus_error_message(&error, r));
82acee14 2262 n_jobs ++;
222ae6a8 2263 }
294446dc 2264
82acee14 2265 if (n_jobs >= 0)
c0f86d66 2266 log_unit_debug(u, "Triggering %s dependencies done (%i %s).",
82acee14 2267 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2268}
2269
3ecaa09b
LP		 2270void unit_trigger_notify(Unit *u) {
2271 Unit *other;
3ecaa09b
LP		 2272
2273 assert(u);
2274
15ed3c3a 2275 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2276 if (UNIT_VTABLE(other)->trigger_notify)
2277 UNIT_VTABLE(other)->trigger_notify(other, u);
2278}
2279
37109b85
ZJS		 2280static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2281 if (condition_notice && log_level > LOG_NOTICE)
2282 return LOG_NOTICE;
2283 if (condition_info && log_level > LOG_INFO)
2284 return LOG_INFO;
2285 return log_level;
2286}
2287
915b1d01 2288static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2289 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2290 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2291 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2292 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2293 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2294 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2295 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2296 int r;
2297 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2298 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2299 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2300 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2301 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2302 };
bc40a20e
LP		 2303 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2304 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2305 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2306 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2307 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2308 };
915b1d01
LP		 2309
2310 assert(u);
2311
2312 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2313 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2314 * information and the complete data in structured fields. */
2315
2316 (void) unit_get_cpu_usage(u, &nsec);
2317 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2318 /* Format the CPU time for inclusion in the structured log message */
2319 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2320 r = log_oom();
2321 goto finish;
2322 }
2323 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2324
2325 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2326 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2327 if (!t) {
2328 r = log_oom();
2329 goto finish;
2330 }
2331
2332 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2333
2334 log_level = raise_level(log_level,
ef6bb4dd
CG		 2335 nsec > MENTIONWORTHY_CPU_NSEC,
2336 nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2337 }
2338
bc40a20e 2339 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2340 uint64_t value = UINT64_MAX;
2341
2342 assert(io_fields[k]);
2343
2344 (void) unit_get_io_accounting(u, k, k > 0, &value);
2345 if (value == UINT64_MAX)
2346 continue;
2347
2348 have_io_accounting = true;
2349 if (value > 0)
2350 any_io = true;
2351
2352 /* Format IO accounting data for inclusion in the structured log message */
2353 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2354 r = log_oom();
2355 goto finish;
2356 }
2357 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2358
2359 /* Format the IO accounting data for inclusion in the human language message string, but only
2360 * for the bytes counters (and not for the operations counters) */
2361 if (k == CGROUP_IO_READ_BYTES) {
2362 assert(!rr);
2b59bf51 2363 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2364 if (!rr) {
2365 r = log_oom();
2366 goto finish;
2367 }
2368 } else if (k == CGROUP_IO_WRITE_BYTES) {
2369 assert(!wr);
2b59bf51 2370 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2371 if (!wr) {
2372 r = log_oom();
2373 goto finish;
2374 }
2375 }
37109b85
ZJS		 2376
2377 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2378 log_level = raise_level(log_level,
2379 value > MENTIONWORTHY_IO_BYTES,
2380 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2381 }
2382
2383 if (have_io_accounting) {
2384 if (any_io) {
2385 if (rr)
2386 message_parts[n_message_parts++] = TAKE_PTR(rr);
2387 if (wr)
2388 message_parts[n_message_parts++] = TAKE_PTR(wr);
2389
2390 } else {
2391 char *k;
2392
2393 k = strdup("no IO");
2394 if (!k) {
2395 r = log_oom();
2396 goto finish;
2397 }
2398
2399 message_parts[n_message_parts++] = k;
2400 }
2401 }
2402
12375b95 2403 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2404 uint64_t value = UINT64_MAX;
2405
2406 assert(ip_fields[m]);
2407
2408 (void) unit_get_ip_accounting(u, m, &value);
2409 if (value == UINT64_MAX)
2410 continue;
82044702
LP		 2411
2412 have_ip_accounting = true;
a87b1faa
LP		 2413 if (value > 0)
2414 any_traffic = true;
915b1d01
LP		 2415
2416 /* Format IP accounting data for inclusion in the structured log message */
2417 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2418 r = log_oom();
2419 goto finish;
2420 }
2421 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2422
2423 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2424 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2425 if (m == CGROUP_IP_INGRESS_BYTES) {
2426 assert(!igress);
2b59bf51 2427 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2428 if (!igress) {
2429 r = log_oom();
2430 goto finish;
2431 }
2432 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2433 assert(!egress);
2b59bf51 2434 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2435 if (!egress) {
2436 r = log_oom();
2437 goto finish;
2438 }
2439 }
37109b85
ZJS		 2440
2441 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2442 log_level = raise_level(log_level,
2443 value > MENTIONWORTHY_IP_BYTES,
2444 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2445 }
2446
c2503e35
RH		 2447 /* This check is here because it is the earliest point following all possible log_level assignments. If
2448 * log_level is assigned anywhere after this point, move this check. */
2449 if (!unit_log_level_test(u, log_level)) {
2450 r = 0;
2451 goto finish;
2452 }
2453
82044702
LP		 2454 if (have_ip_accounting) {
2455 if (any_traffic) {
2456 if (igress)
2457 message_parts[n_message_parts++] = TAKE_PTR(igress);
2458 if (egress)
2459 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2460
82044702
LP		 2461 } else {
2462 char *k;
915b1d01 2463
82044702
LP		 2464 k = strdup("no IP traffic");
2465 if (!k) {
2466 r = log_oom();
2467 goto finish;
2468 }
2469
2470 message_parts[n_message_parts++] = k;
2471 }
915b1d01
LP		 2472 }
2473
2474 /* Is there any accounting data available at all? */
2475 if (n_iovec == 0) {
2476 r = 0;
2477 goto finish;
2478 }
2479
2480 if (n_message_parts == 0)
a87b1faa 2481 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2482 else {
c2b2df60 2483 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2484
2485 message_parts[n_message_parts] = NULL;
2486
2487 joined = strv_join(message_parts, ", ");
2488 if (!joined) {
2489 r = log_oom();
2490 goto finish;
2491 }
2492
ec9d636b 2493 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2494 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2495 }
2496
2497 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2498 * and hence don't increase n_iovec for them */
2499 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2500 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2501
2502 t = strjoina(u->manager->unit_log_field, u->id);
2503 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2504
2505 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2506 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2507
c2503e35 2508 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2509 r = 0;
2510
2511finish:
12375b95 2512 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2513 free(message_parts[i]);
2514
12375b95 2515 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2516 free(iovec[i].iov_base);
2517
2518 return r;
2519
2520}
2521
adefcf28
LP		 2522static void unit_update_on_console(Unit *u) {
2523 bool b;
2524
2525 assert(u);
2526
2527 b = unit_needs_console(u);
2528 if (u->on_console == b)
2529 return;
2530
2531 u->on_console = b;
2532 if (b)
2533 manager_ref_console(u->manager);
2534 else
2535 manager_unref_console(u->manager);
adefcf28
LP		 2536}
2537
6eb65e7c
LP		 2538static void unit_emit_audit_start(Unit *u) {
2539 assert(u);
2540
2541 if (u->type != UNIT_SERVICE)
2542 return;
2543
2544 /* Write audit record if we have just finished starting up */
2545 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2546 u->in_audit = true;
2547}
2548
2549static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2550 assert(u);
2551
2552 if (u->type != UNIT_SERVICE)
2553 return;
2554
2555 if (u->in_audit) {
2556 /* Write audit record if we have just finished shutting down */
2557 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2558 u->in_audit = false;
2559 } else {
2560 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2561 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2562
2563 if (state == UNIT_INACTIVE)
2564 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2565 }
2566}
2567
16c74914
LP		 2568static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2569 bool unexpected = false;
31cd5f63 2570 JobResult result;
16c74914
LP		 2571
2572 assert(j);
2573
2574 if (j->state == JOB_WAITING)
2575
2576 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2577 * due to EAGAIN. */
2578 job_add_to_run_queue(j);
2579
2580 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2581 * hence needs to invalidate jobs. */
2582
2583 switch (j->type) {
2584
2585 case JOB_START:
2586 case JOB_VERIFY_ACTIVE:
2587
2588 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2589 job_finish_and_invalidate(j, JOB_DONE, true, false);
2590 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2591 unexpected = true;
2592
31cd5f63
AZ		 2593 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2594 if (ns == UNIT_FAILED)
2595 result = JOB_FAILED;
31cd5f63
AZ		 2596 else
2597 result = JOB_DONE;
2598
2599 job_finish_and_invalidate(j, result, true, false);
2600 }
16c74914
LP		 2601 }
2602
2603 break;
2604
2605 case JOB_RELOAD:
2606 case JOB_RELOAD_OR_START:
2607 case JOB_TRY_RELOAD:
2608
2609 if (j->state == JOB_RUNNING) {
2610 if (ns == UNIT_ACTIVE)
2611 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2612 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2613 unexpected = true;
2614
2615 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2616 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2617 }
2618 }
2619
2620 break;
2621
2622 case JOB_STOP:
2623 case JOB_RESTART:
2624 case JOB_TRY_RESTART:
2625
2626 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2627 job_finish_and_invalidate(j, JOB_DONE, true, false);
2628 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2629 unexpected = true;
2630 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2631 }
2632
2633 break;
2634
2635 default:
04499a70 2636 assert_not_reached();
16c74914
LP		 2637 }
2638
2639 return unexpected;
2640}
2641
2ad2e41a 2642void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2643 const char *reason;
8559b3b7 2644 Manager *m;
a096ed36 2645
87f0e418
LP		 2646 assert(u);
2647 assert(os < _UNIT_ACTIVE_STATE_MAX);
2648 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2649
8559b3b7
LP		 2650 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2651 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2652 * remounted this function will be called too! */
87f0e418 2653
546ac4f0
MS		 2654 m = u->manager;
2655
3c4832ad
LP		 2656 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2657 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2658 unit_add_to_dbus_queue(u);
2659
e30bbc90
AZ		 2660 /* Update systemd-oomd on the property/state change */
2661 if (os != ns) {
2662 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2663 * monitoring.
2664 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2665 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2666 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2667 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2668 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2669 (void) manager_varlink_send_managed_oom_update(u);
2670 }
2671
f755e3b7 2672 /* Update timestamps for state changes */
2c289ea8 2673 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2674 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2675
bdbf9951 2676 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2677 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2678 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2679 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2680
2681 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2682 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2683 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2684 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2685 }
87f0e418 2686
865cc19a 2687 /* Keep track of failed units */
8724defe 2688 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2689
d3070fbd
LP		 2690 /* Make sure the cgroup and state files are always removed when we become inactive */
2691 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2692 SET_FLAG(u->markers,
2693 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2694 false);
efdb0237 2695 unit_prune_cgroup(u);
d3070fbd 2696 unit_unlink_state_files(u);
ff68472a
ZJS		 2697 } else if (ns != os && ns == UNIT_RELOADING)
2698 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2699
adefcf28 2700 unit_update_on_console(u);
7ed9f6cd 2701
2c289ea8 2702 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2703 bool unexpected;
2704
2705 /* Let's propagate state changes to the job */
2706 if (u->job)
2707 unexpected = unit_process_job(u->job, ns, flags);
2708 else
2709 unexpected = true;
f3bff0eb 2710
a1c7334b
LP		 2711 /* If this state change happened without being requested by a job, then let's retroactively start or
2712 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2713 * additional jobs just because something is already activated. */
bdbf9951
LP		 2714
2715 if (unexpected) {
2716 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2717 retroactively_start_dependencies(u);
2718 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2719 retroactively_stop_dependencies(u);
2720 }
5de9682c 2721
bdbf9951 2722 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2723 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2724
2725 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2726 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2727 }
e537352b 2728
256f65d0
LP		 2729 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2730 /* This unit just finished starting up */
3b2775c5 2731
6eb65e7c 2732 unit_emit_audit_start(u);
546ac4f0 2733 manager_send_unit_plymouth(m, u);
256f65d0 2734 }
bdbf9951 2735
256f65d0 2736 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2737 /* This unit just stopped/failed. */
256f65d0 2738
6eb65e7c 2739 unit_emit_audit_stop(u, ns);
915b1d01 2740 unit_log_resources(u);
cd6d0a45 2741 }
294446dc
LP		 2742
2743 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2744 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2745 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2746 }
2747
31dc1ca3
LP		 2748 manager_recheck_journal(m);
2749 manager_recheck_dbus(m);
e63ebf71 2750
3ecaa09b 2751 unit_trigger_notify(u);
3b2775c5 2752
8724defe 2753 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2754 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2755 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2756 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2757 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2758 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2759 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2760 }
ff502445
LP		 2761 }
2762
99e9af25 2763 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2764 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2765 * the state propagation above), and do work deferred instead of instantly, since they typically
2766 * don't want to run during reloading, and usually involve checking combined state of multiple units
2767 * at once. */
2768
2769 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2770 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2771 check_unneeded_dependencies(u);
2772 check_bound_by_dependencies(u);
2773
2774 /* Maybe someone wants us to remain up? */
2775 unit_submit_to_start_when_upheld_queue(u);
2776
2777 /* Maybe the unit should be GC'ed now? */
2778 unit_add_to_gc_queue(u);
2779 }
2780
2781 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2782 /* Start uphold units regardless if going up was expected or not */
2783 check_uphold_dependencies(u);
2784
2785 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2786 unit_submit_to_stop_when_unneeded_queue(u);
2787
2788 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2789 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2790 * inactive, without ever entering started.) */
2791 unit_submit_to_stop_when_bound_queue(u);
2792 }
87f0e418
LP		 2793}
2794
f75f613d 2795int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2796 int r;
a911bb9a 2797
87f0e418 2798 assert(u);
62a76913 2799 assert(pid_is_valid(pid));
87f0e418 2800
62a76913 2801 /* Watch a specific PID */
5ba6985b 2802
f75f613d
FB		 2803 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2804 * opportunity to remove any stalled references to this PID as they can be created
2805 * easily (when watching a process which is not our direct child). */
2806 if (exclusive)
2807 manager_unwatch_pid(u->manager, pid);
2808
d5099efc 2809 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2810 if (r < 0)
2811 return r;
2812
62a76913 2813 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2814 if (r < 0)
2815 return r;
2816
62a76913
LP		 2817 /* First try, let's add the unit keyed by "pid". */
2818 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2819 if (r == -EEXIST) {
2820 Unit **array;
2821 bool found = false;
2822 size_t n = 0;
05e343b7 2823
62a76913
LP		 2824 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2825 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2826
62a76913
LP		 2827 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2828 if (array)
2829 for (; array[n]; n++)
2830 if (array[n] == u)
2831 found = true;
a911bb9a 2832
62a76913
LP		 2833 if (found) /* Found it already? if so, do nothing */
2834 r = 0;
2835 else {
2836 Unit **new_array;
2837
2838 /* Allocate a new array */
2839 new_array = new(Unit*, n + 2);
2840 if (!new_array)
2841 return -ENOMEM;
2842
2843 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2844 new_array[n] = u;
2845 new_array[n+1] = NULL;
2846
2847 /* Add or replace the old array */
2848 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2849 if (r < 0) {
2850 free(new_array);
2851 return r;
2852 }
2853
2854 free(array);
2855 }
2856 } else if (r < 0)
2857 return r;
2858
2859 r = set_put(u->pids, PID_TO_PTR(pid));
2860 if (r < 0)
2861 return r;
2862
2863 return 0;
87f0e418
LP		 2864}
2865
2866void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2867 Unit **array;
2868
87f0e418 2869 assert(u);
62a76913
LP		 2870 assert(pid_is_valid(pid));
2871
2872 /* First let's drop the unit in case it's keyed as "pid". */
2873 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2874
2875 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2876 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2877 if (array) {
62a76913 2878 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2879
2880 size_t m = 0;
2881 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2882 if (array[n] != u)
2883 array[m++] = array[n];
2884 array[m] = NULL;
2885
2886 if (m == 0) {
2887 /* The array is now empty, remove the entire entry */
20c3acfa 2888 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2889 free(array);
2890 }
2891 }
87f0e418 2892
fea72cc0 2893 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2894}
2895
bd44e61b
LP		 2896void unit_unwatch_all_pids(Unit *u) {
2897 assert(u);
2898
2899 while (!set_isempty(u->pids))
fea72cc0 2900 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2901
efdb0237 2902 u->pids = set_free(u->pids);
a911bb9a
LP		 2903}
2904
50be4f4a
LP		 2905static void unit_tidy_watch_pids(Unit *u) {
2906 pid_t except1, except2;
a911bb9a
LP		 2907 void *e;
2908
2909 assert(u);
2910
2911 /* Cleans dead PIDs from our list */
2912
50be4f4a
LP		 2913 except1 = unit_main_pid(u);
2914 except2 = unit_control_pid(u);
2915
90e74a66 2916 SET_FOREACH(e, u->pids) {
fea72cc0 2917 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2918
2919 if (pid == except1 || pid == except2)
2920 continue;
2921
9f5650ae 2922 if (!pid_is_unwaited(pid))
bd44e61b 2923 unit_unwatch_pid(u, pid);
a911bb9a 2924 }
87f0e418
LP		 2925}
2926
50be4f4a 2927static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
99534007 2928 Unit *u = ASSERT_PTR(userdata);
50be4f4a
LP		 2929
2930 assert(s);
50be4f4a
LP		 2931
2932 unit_tidy_watch_pids(u);
2933 unit_watch_all_pids(u);
2934
2935 /* If the PID set is empty now, then let's finish this off. */
2936 unit_synthesize_cgroup_empty_event(u);
2937
2938 return 0;
2939}
2940
2941int unit_enqueue_rewatch_pids(Unit *u) {
2942 int r;
2943
2944 assert(u);
2945
2946 if (!u->cgroup_path)
2947 return -ENOENT;
2948
2949 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2950 if (r < 0)
2951 return r;
2952 if (r > 0) /* On unified we can use proper notifications */
2953 return 0;
2954
2955 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2956 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2957 * involves issuing kill(pid, 0) on all processes we watch. */
2958
2959 if (!u->rewatch_pids_event_source) {
2960 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2961
2962 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2963 if (r < 0)
2964 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2965
2966 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2967 if (r < 0)
28b77ab2 2968 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2969
2970 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2971
2972 u->rewatch_pids_event_source = TAKE_PTR(s);
2973 }
2974
2975 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2976 if (r < 0)
2977 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2978
2979 return 0;
2980}
2981
2982void unit_dequeue_rewatch_pids(Unit *u) {
2983 int r;
2984 assert(u);
2985
2986 if (!u->rewatch_pids_event_source)
2987 return;
2988
2989 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2990 if (r < 0)
2991 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2992
5dcadb4c 2993 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 2994}
2995
87f0e418
LP		 2996bool unit_job_is_applicable(Unit *u, JobType j) {
2997 assert(u);
2998 assert(j >= 0 && j < _JOB_TYPE_MAX);
2999
3000 switch (j) {
3001
3002 case JOB_VERIFY_ACTIVE:
3003 case JOB_START:
e0209d83 3004 case JOB_NOP:
f5869324 3005 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 3006 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 3007 * jobs for it. */
87f0e418
LP		 3008 return true;
3009
f5869324
LP		 3010 case JOB_STOP:
3011 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3012 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3013 return !u->perpetual;
3014
87f0e418
LP		 3015 case JOB_RESTART:
3016 case JOB_TRY_RESTART:
f5869324 3017 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3018
3019 case JOB_RELOAD:
3282591d 3020 case JOB_TRY_RELOAD:
87f0e418
LP		 3021 return unit_can_reload(u);
3022
3023 case JOB_RELOAD_OR_START:
3024 return unit_can_reload(u) && unit_can_start(u);
3025
3026 default:
04499a70 3027 assert_not_reached();
87f0e418
LP		 3028 }
3029}
3030
eef85c4a
LP		 3031int unit_add_dependency(
3032 Unit *u,
3033 UnitDependency d,
3034 Unit *other,
3035 bool add_reference,
3036 UnitDependencyMask mask) {
87f0e418
LP		 3037
3038 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3039 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3040 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3041 [UNIT_WANTS] = UNIT_WANTED_BY,
3042 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3043 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3044 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3045 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3046 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3047 [UNIT_WANTED_BY] = UNIT_WANTS,
3048 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3049 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3050 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3051 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3052 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3053 [UNIT_BEFORE] = UNIT_AFTER,
3054 [UNIT_AFTER] = UNIT_BEFORE,
3055 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3056 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3057 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3058 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3059 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3060 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3061 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3062 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3063 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3064 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3065 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3066 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3067 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3068 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3069 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3070 };
eef85c4a 3071 Unit *original_u = u, *original_other = other;
15ed3c3a 3072 UnitDependencyAtom a;
eef85c4a 3073 int r;
15ed3c3a
LP		 3074
3075 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3076 * there, no need to notify! */
ac17080c 3077 bool notify, notify_other = false;
87f0e418
LP		 3078
3079 assert(u);
3080 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3081 assert(other);
3082
9f151f29
LP		 3083 u = unit_follow_merge(u);
3084 other = unit_follow_merge(other);
15ed3c3a
LP		 3085 a = unit_dependency_to_atom(d);
3086 assert(a >= 0);
9f151f29 3087
15ed3c3a 3088 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3089 if (u == other) {
15ed3c3a 3090 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3091 return 0;
d1fab3fe 3092 }
87f0e418 3093
f14d6810
MG		 3094 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3095 return 0;
3096
15ed3c3a
LP		 3097 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3098 * running timeout at a specific time. */
3099 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3100 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3101 return 0;
3102 }
3103
15ed3c3a 3104 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3105 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3106 return 0;
3107 }
3108
15ed3c3a 3109 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3110 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3111 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3112 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3113 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3114 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3115
d219a2b0
LP		 3116 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3117 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3118 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3119 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3120 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3121 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3122
3123 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3124 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3125 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3126
3127 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3128 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3129 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3130
15ed3c3a 3131 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3132 if (r < 0)
87f0e418 3133 return r;
ac17080c 3134 notify = r > 0;
87f0e418 3135
eef85c4a 3136 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3137 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3138 if (r < 0)
3139 return r;
ac17080c 3140 notify_other = r > 0;
613b411c
LP		 3141 }
3142
3143 if (add_reference) {
15ed3c3a 3144 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3145 if (r < 0)
5de9682c 3146 return r;
ac17080c 3147 notify = notify || r > 0;
5de9682c 3148
15ed3c3a 3149 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3150 if (r < 0)
701cc384 3151 return r;
ac17080c 3152 notify_other = notify_other || r > 0;
613b411c 3153 }
87f0e418 3154
ac17080c 3155 if (notify)
5177cb0a 3156 unit_add_to_dbus_queue(u);
ac17080c
YW		 3157 if (notify_other)
3158 unit_add_to_dbus_queue(other);
15ed3c3a 3159
ac17080c 3160 return notify || notify_other;
87f0e418 3161}
0301abf4 3162
eef85c4a 3163int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
a8c5a4c6 3164 int r, s;
2c966c03
LP		 3165
3166 assert(u);
3167
eef85c4a 3168 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3169 if (r < 0)
2c966c03
LP		 3170 return r;
3171
a8c5a4c6
YW		 3172 s = unit_add_dependency(u, e, other, add_reference, mask);
3173 if (s < 0)
3174 return s;
3175
3176 return r > 0 || s > 0;
2c966c03
LP		 3177}
3178
23e8c796 3179static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3180 int r;
9e2f7c11
LP		 3181
3182 assert(u);
23e8c796 3183 assert(name);
7410616c
LP		 3184 assert(buf);
3185 assert(ret);
9e2f7c11 3186
7410616c
LP		 3187 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3188 *buf = NULL;
3189 *ret = name;
3190 return 0;
9e2f7c11
LP		 3191 }
3192
ac155bb8 3193 if (u->instance)
7410616c 3194 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3195 else {
ae018d9b 3196 _cleanup_free_ char *i = NULL;
9e2f7c11 3197
7410616c
LP		 3198 r = unit_name_to_prefix(u->id, &i);
3199 if (r < 0)
3200 return r;
9e2f7c11 3201
7410616c 3202 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3203 }
7410616c
LP		 3204 if (r < 0)
3205 return r;
9e2f7c11 3206
7410616c
LP		 3207 *ret = *buf;
3208 return 0;
9e2f7c11
LP		 3209}
3210
35d8c19a 3211int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3212 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3213 Unit *other;
3214 int r;
3215
9e2f7c11 3216 assert(u);
35d8c19a 3217 assert(name);
09b6b09f 3218
23e8c796 3219 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3220 if (r < 0)
3221 return r;
09b6b09f 3222
f14d6810
MG		 3223 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3224 return 0;
3225
35d8c19a 3226 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3227 if (r < 0)
3228 return r;
9e2f7c11 3229
eef85c4a 3230 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3231}
3232
5a724170 3233int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3234 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3235 Unit *other;
3236 int r;
2c966c03
LP		 3237
3238 assert(u);
5a724170 3239 assert(name);
2c966c03 3240
23e8c796 3241 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3242 if (r < 0)
3243 return r;
2c966c03 3244
f14d6810
MG		 3245 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3246 return 0;
3247
5a724170 3248 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3249 if (r < 0)
68eda4bd 3250 return r;
2c966c03 3251
eef85c4a 3252 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3253}
3254
0301abf4 3255int set_unit_path(const char *p) {
0301abf4 3256 /* This is mostly for debug purposes */
7c248223 3257 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
0301abf4 3258}
88066b3a 3259
ea430986 3260char *unit_dbus_path(Unit *u) {
ea430986
LP		 3261 assert(u);
3262
ac155bb8 3263 if (!u->id)
04ade7d2
LP		 3264 return NULL;
3265
48899192 3266 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3267}
3268
4b58153d
LP		 3269char *unit_dbus_path_invocation_id(Unit *u) {
3270 assert(u);
3271
3272 if (sd_id128_is_null(u->invocation_id))
3273 return NULL;
3274
3275 return unit_dbus_path_from_name(u->invocation_id_string);
3276}
3277
2d3b784d 3278int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3279 int r;
3280
3281 assert(u);
3282
3283 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3284
3285 if (sd_id128_equal(u->invocation_id, id))
3286 return 0;
3287
3288 if (!sd_id128_is_null(u->invocation_id))
3289 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3290
3291 if (sd_id128_is_null(id)) {
3292 r = 0;
3293 goto reset;
3294 }
3295
3296 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3297 if (r < 0)
3298 goto reset;
3299
3300 u->invocation_id = id;
3301 sd_id128_to_string(id, u->invocation_id_string);
3302
3303 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3304 if (r < 0)
3305 goto reset;
3306
3307 return 0;
3308
3309reset:
3310 u->invocation_id = SD_ID128_NULL;
3311 u->invocation_id_string[0] = 0;
3312 return r;
3313}
3314
899acf5c 3315int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3316 int r;
3317
d79200e2
LP		 3318 assert(u);
3319 assert(slice);
3320
d219a2b0
LP		 3321 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3322 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3323 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3324
3325 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3326 return -EOPNOTSUPP;
3327
3328 if (u->type == UNIT_SLICE)
3329 return -EINVAL;
3330
102ef982
LP		 3331 if (unit_active_state(u) != UNIT_INACTIVE)
3332 return -EBUSY;
3333
d79200e2
LP		 3334 if (slice->type != UNIT_SLICE)
3335 return -EINVAL;
3336
efdb0237
LP		 3337 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3338 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3339 return -EPERM;
3340
12f64221 3341 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3342 return 0;
3343
99e66921 3344 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3345 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3346 return -EBUSY;
3347
899acf5c
AZ		 3348 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3349 if (UNIT_GET_SLICE(u))
3350 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3351
3352 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3353 if (r < 0)
3354 return r;
3355
d79200e2
LP		 3356 return 1;
3357}
3358
3359int unit_set_default_slice(Unit *u) {
a8833944 3360 const char *slice_name;
a016b922
LP		 3361 Unit *slice;
3362 int r;
3363
3364 assert(u);
3365
f14d6810
MG		 3366 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3367 return 0;
3368
12f64221 3369 if (UNIT_GET_SLICE(u))
a016b922
LP		 3370 return 0;
3371
a8833944
LP		 3372 if (u->instance) {
3373 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3374
a8833944
LP		 3375 /* Implicitly place all instantiated units in their
3376 * own per-template slice */
3377
7410616c
LP		 3378 r = unit_name_to_prefix(u->id, &prefix);
3379 if (r < 0)
3380 return r;
a8833944
LP		 3381
3382 /* The prefix is already escaped, but it might include
3383 * "-" which has a special meaning for slice units,
3384 * hence escape it here extra. */
7410616c 3385 escaped = unit_name_escape(prefix);
a8833944
LP		 3386 if (!escaped)
3387 return -ENOMEM;
3388
463d0d15 3389 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3390 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3391 else
7f3b86a4 3392 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3393
3394 } else if (unit_is_extrinsic(u))
3395 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3396 * the root slice. They don't really belong in one of the subslices. */
3397 slice_name = SPECIAL_ROOT_SLICE;
3398
3399 else if (MANAGER_IS_SYSTEM(u->manager))
3400 slice_name = SPECIAL_SYSTEM_SLICE;
3401 else
3402 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3403
3404 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3405 if (r < 0)
3406 return r;
3407
899acf5c 3408 return unit_set_slice(u, slice);
a016b922
LP		 3409}
3410
9444b1f2 3411const char *unit_slice_name(Unit *u) {
12f64221 3412 Unit *slice;
9444b1f2
LP		 3413 assert(u);
3414
12f64221
LP		 3415 slice = UNIT_GET_SLICE(u);
3416 if (!slice)
9444b1f2
LP		 3417 return NULL;
3418
12f64221 3419 return slice->id;
9444b1f2
LP		 3420}
3421
f6ff8c29 3422int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3423 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3424 int r;
3425
3426 assert(u);
3427 assert(type);
3428 assert(_found);
3429
7410616c
LP		 3430 r = unit_name_change_suffix(u->id, type, &t);
3431 if (r < 0)
3432 return r;
3433 if (unit_has_name(u, t))
3434 return -EINVAL;
f6ff8c29 3435
ac155bb8 3436 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3437 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3438 return r;
3439}
3440
bbc29086 3441static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3442 const char *new_owner;
99534007 3443 Unit *u = ASSERT_PTR(userdata);
bbc29086
DM		 3444 int r;
3445
3446 assert(message);
bbc29086 3447
fc67a943 3448 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3449 if (r < 0) {
3450 bus_log_parse_error(r);
3451 return 0;
3452 }
3453
3454 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3455 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3456
3457 return 0;
3458}
3459
3460static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3461 const sd_bus_error *e;
3462 const char *new_owner;
99534007 3463 Unit *u = ASSERT_PTR(userdata);
a5a8776a
MJ		 3464 int r;
3465
3466 assert(message);
a5a8776a
MJ		 3467
3468 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3469
a5a8776a 3470 e = sd_bus_message_get_error(message);
a5a8776a 3471 if (e) {
33322185
YW		 3472 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
3473 r = sd_bus_error_get_errno(e);
3474 log_unit_error_errno(u, r,
3475 "Unexpected error response from GetNameOwner(): %s",
3476 bus_error_message(e, r));
3477 }
a5a8776a 3478
fc67a943
LP		 3479 new_owner = NULL;
3480 } else {
3481 r = sd_bus_message_read(message, "s", &new_owner);
3482 if (r < 0)
3483 return bus_log_parse_error(r);
a5a8776a 3484
fc67a943
LP		 3485 assert(!isempty(new_owner));
3486 }
a5a8776a
MJ		 3487
3488 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3489 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3490
3491 return 0;
3492}
3493
9806e87d
LP		 3494int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3495 const char *match;
a5b07847 3496 int r;
bbc29086 3497
9806e87d
LP		 3498 assert(u);
3499 assert(bus);
3500 assert(name);
bbc29086 3501
a5b07847 3502 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3503 return -EBUSY;
3504
9806e87d 3505 match = strjoina("type='signal',"
81d62103
ZJS		 3506 "sender='org.freedesktop.DBus',"
3507 "path='/org/freedesktop/DBus',"
3508 "interface='org.freedesktop.DBus',"
3509 "member='NameOwnerChanged',"
3510 "arg0='", name, "'");
bbc29086 3511
a5b07847 3512 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3513 if (r < 0)
3514 return r;
3515
a5b07847
LP		 3516 r = sd_bus_call_method_async(
3517 bus,
3518 &u->get_name_owner_slot,
3519 "org.freedesktop.DBus",
3520 "/org/freedesktop/DBus",
3521 "org.freedesktop.DBus",
3522 "GetNameOwner",
3523 get_name_owner_handler,
3524 u,
3525 "s", name);
3526 if (r < 0) {
3527 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3528 return r;
3529 }
3530
3531 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3532 return 0;
bbc29086
DM		 3533}
3534
05e343b7 3535int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3536 int r;
3537
05e343b7
LP		 3538 assert(u);
3539 assert(name);
3540
3541 /* Watch a specific name on the bus. We only support one unit
3542 * watching each name for now. */
3543
bbc29086
DM		 3544 if (u->manager->api_bus) {
3545 /* If the bus is already available, install the match directly.
3546 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3547 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3548 if (r < 0)
8ea823b6 3549 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3550 }
3551
3552 r = hashmap_put(u->manager->watch_bus, name, u);
3553 if (r < 0) {
3554 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3555 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3556 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3557 }
3558
3559 return 0;
05e343b7
LP		 3560}
3561
3562void unit_unwatch_bus_name(Unit *u, const char *name) {
3563 assert(u);
3564 assert(name);
3565
8367fea5 3566 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3567 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3568 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3569}
3570
d336ba9f 3571int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3572 _cleanup_free_ char *e = NULL;
44b0d1fd 3573 Unit *device;
6e2ef85b
LP		 3574 int r;
3575
3576 assert(u);
3577
6e2ef85b 3578 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3579 if (isempty(what))
3580 return 0;
6e2ef85b 3581
8407a5d0 3582 if (!is_device_path(what))
6e2ef85b
LP		 3583 return 0;
3584
44b0d1fd 3585 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3586 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3587 return 0;
3588
7410616c
LP		 3589 r = unit_name_from_path(what, ".device", &e);
3590 if (r < 0)
3591 return r;
6e2ef85b 3592
ac155bb8 3593 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3594 if (r < 0)
3595 return r;
3596
ebc8968b
FB		 3597 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3598 dep = UNIT_BINDS_TO;
3599
d336ba9f
FB		 3600 return unit_add_two_dependencies(u, UNIT_AFTER,
3601 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3602 device, true, mask);
6e2ef85b 3603}
a16e1123 3604
44b0d1fd
LP		 3605int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3606 _cleanup_free_ char *escaped = NULL, *target = NULL;
3607 int r;
3608
3609 assert(u);
3610
3611 if (isempty(what))
3612 return 0;
3613
3614 if (!path_startswith(what, "/dev/"))
3615 return 0;
3616
3617 /* If we don't support devices, then also don't bother with blockdev@.target */
3618 if (!unit_type_supported(UNIT_DEVICE))
3619 return 0;
3620
3621 r = unit_name_path_escape(what, &escaped);
3622 if (r < 0)
3623 return r;
3624
3625 r = unit_name_build("blockdev", escaped, ".target", &target);
3626 if (r < 0)
3627 return r;
3628
3629 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3630}
3631
be847e82 3632int unit_coldplug(Unit *u) {
05a98afd 3633 int r = 0, q;
cca098b0
LP		 3634
3635 assert(u);
3636
f0831ed2 3637 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3638 if (u->coldplugged)
3639 return 0;
3640
3641 u->coldplugged = true;
3642
05a98afd
LP		 3643 STRV_FOREACH(i, u->deserialized_refs) {
3644 q = bus_unit_track_add_name(u, *i);
3645 if (q < 0 && r >= 0)
3646 r = q;
3647 }
3648 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3649
05a98afd
LP		 3650 if (UNIT_VTABLE(u)->coldplug) {
3651 q = UNIT_VTABLE(u)->coldplug(u);
3652 if (q < 0 && r >= 0)
3653 r = q;
3654 }
5a6158b6 3655
7dbd330c
GL		 3656 if (u->job) {
3657 q = job_coldplug(u->job);
3658 if (q < 0 && r >= 0)
3659 r = q;
3660 }
3661 if (u->nop_job) {
3662 q = job_coldplug(u->nop_job);
05a98afd
LP		 3663 if (q < 0 && r >= 0)
3664 r = q;
3665 }
cca098b0 3666
05a98afd 3667 return r;
cca098b0
LP		 3668}
3669
f0831ed2
LP		 3670void unit_catchup(Unit *u) {
3671 assert(u);
3672
3673 if (UNIT_VTABLE(u)->catchup)
3674 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3675
3676 unit_cgroup_catchup(u);
f0831ed2
LP		 3677}
3678
ba25d39e 3679static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3680 struct stat st;
3681
3682 if (!path)
3683 return false;
3684
77969722
LP		 3685 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3686 * are never out-of-date. */
3687 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3688 return false;
3689
21b95806
ZJS		 3690 if (stat(path, &st) < 0)
3691 /* What, cannot access this anymore? */
3692 return true;
3693
ba25d39e
ZJS		 3694 if (path_masked)
3695 /* For masked files check if they are still so */
3696 return !null_or_empty(&st);
3697 else
3a8db9fe 3698 /* For non-empty files check the mtime */
87ec20ef 3699 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3700
3701 return false;
3702}
3703
45fb0699 3704bool unit_need_daemon_reload(Unit *u) {
ae7a7182 3705 _cleanup_strv_free_ char **t = NULL;
1b64d026 3706
45fb0699
LP		 3707 assert(u);
3708
ba25d39e
ZJS		 3709 /* For unit files, we allow masking… */
3710 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3711 u->load_state == UNIT_MASKED))
21b95806 3712 return true;
5f4b19f4 3713
ba25d39e
ZJS		 3714 /* Source paths should not be masked… */
3715 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3716 return true;
ae7a7182 3717
19a44dfe
LR		 3718 if (u->load_state == UNIT_LOADED)
3719 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3720 if (!strv_equal(u->dropin_paths, t))
3721 return true;
6d10d308 3722
ba25d39e 3723 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3724 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3725 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3726 return true;
21b95806 3727
ab932a62 3728 return false;
45fb0699
LP		 3729}
3730
fdf20a31 3731void unit_reset_failed(Unit *u) {
5632e374
LP		 3732 assert(u);
3733
fdf20a31
MM		 3734 if (UNIT_VTABLE(u)->reset_failed)
3735 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3736
7bf081a1 3737 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3738 u->start_limit_hit = false;
5632e374
LP		 3739}
3740
a7f241db
LP		 3741Unit *unit_following(Unit *u) {
3742 assert(u);
3743
3744 if (UNIT_VTABLE(u)->following)
3745 return UNIT_VTABLE(u)->following(u);
3746
3747 return NULL;
3748}
3749
31afa0a4 3750bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3751 assert(u);
3752
31afa0a4
LP		 3753 /* This call does check the current state of the unit. It's
3754 * hence useful to be called from state change calls of the
3755 * unit itself, where the state isn't updated yet. This is
3756 * different from unit_inactive_or_pending() which checks both
3757 * the current state and for a queued job. */
18ffdfda 3758
28a2dfe8 3759 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3760}
3761
3762bool unit_inactive_or_pending(Unit *u) {
3763 assert(u);
3764
3765 /* Returns true if the unit is inactive or going down */
18ffdfda 3766
d956ac29
LP		 3767 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3768 return true;
3769
31afa0a4 3770 if (unit_stop_pending(u))
18ffdfda
LP		 3771 return true;
3772
3773 return false;
3774}
3775
31afa0a4 3776bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3777 assert(u);
3778
f60c2665 3779 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3780
3781 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3782 return true;
3783
ac155bb8 3784 if (u->job &&
3742095b 3785 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3786 return true;
3787
3788 return false;
3789}
3790
52a12341
YW		 3791bool unit_will_restart_default(Unit *u) {
3792 assert(u);
3793
28a2dfe8 3794 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3795}
3796
deb4e708
MK		 3797bool unit_will_restart(Unit *u) {
3798 assert(u);
3799
3800 if (!UNIT_VTABLE(u)->will_restart)
3801 return false;
3802
3803 return UNIT_VTABLE(u)->will_restart(u);
3804}
3805
718db961 3806int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3807 assert(u);
3808 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3809 assert(SIGNAL_VALID(signo));
8a0867d6 3810
8a0867d6 3811 if (!UNIT_VTABLE(u)->kill)
15411c0c 3812 return -EOPNOTSUPP;
8a0867d6 3813
c74f17d9 3814 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3815}
3816
38c41427
NK		 3817void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
3818 assert(u);
3819
3820 if (UNIT_VTABLE(u)->notify_cgroup_oom)
3821 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
3822}
3823
82659fd7 3824static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3825 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3826 int r;
3827
d5099efc 3828 pid_set = set_new(NULL);
82659fd7
LP		 3829 if (!pid_set)
3830 return NULL;
3831
3832 /* Exclude the main/control pids from being killed via the cgroup */
3833 if (main_pid > 0) {
fea72cc0 3834 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3835 if (r < 0)
95f14a3e 3836 return NULL;
82659fd7
LP		 3837 }
3838
3839 if (control_pid > 0) {
fea72cc0 3840 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3841 if (r < 0)
95f14a3e 3842 return NULL;
82659fd7
LP		 3843 }
3844
95f14a3e 3845 return TAKE_PTR(pid_set);
82659fd7
LP		 3846}
3847
d9911002
LP		 3848static int kill_common_log(pid_t pid, int signo, void *userdata) {
3849 _cleanup_free_ char *comm = NULL;
99534007 3850 Unit *u = ASSERT_PTR(userdata);
d9911002
LP		 3851
3852 (void) get_process_comm(pid, &comm);
3853 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3854 signal_to_string(signo), pid, strna(comm));
3855
3856 return 1;
3857}
3858
d91c34f2
LP		 3859int unit_kill_common(
3860 Unit *u,
3861 KillWho who,
3862 int signo,
3863 pid_t main_pid,
3864 pid_t control_pid,
718db961 3865 sd_bus_error *error) {
d91c34f2 3866
814cc562 3867 int r = 0;
ac5e3a50 3868 bool killed = false;
814cc562 3869
8aff7ac4
LP		 3870 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3871 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3872 * stop a service ourselves. */
3873
ac5e3a50 3874 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3875 if (main_pid < 0)
7358dc02 3876 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3877 if (main_pid == 0)
7358dc02 3878 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3879 }
3880
ac5e3a50 3881 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3882 if (control_pid < 0)
7358dc02 3883 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3884 if (control_pid == 0)
7358dc02 3885 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3886 }
3887
ac5e3a50
JS		 3888 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3889 if (control_pid > 0) {
d9911002
LP		 3890 _cleanup_free_ char *comm = NULL;
3891 (void) get_process_comm(control_pid, &comm);
3892
3893 if (kill(control_pid, signo) < 0) {
3894 /* Report this failure both to the logs and to the client */
3895 sd_bus_error_set_errnof(
3896 error, errno,
3897 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3898 signal_to_string(signo), control_pid, strna(comm));
3899 r = log_unit_warning_errno(
3900 u, errno,
3901 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3902 signal_to_string(signo), control_pid, strna(comm));
3903 } else {
3904 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3905 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3906 killed = true;
d9911002 3907 }
ac5e3a50 3908 }
814cc562 3909
ac5e3a50
JS		 3910 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3911 if (main_pid > 0) {
d9911002
LP		 3912 _cleanup_free_ char *comm = NULL;
3913 (void) get_process_comm(main_pid, &comm);
3914
3915 if (kill(main_pid, signo) < 0) {
3916 if (r == 0)
3917 sd_bus_error_set_errnof(
3918 error, errno,
3919 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3920 signal_to_string(signo), main_pid, strna(comm));
3921
3922 r = log_unit_warning_errno(
3923 u, errno,
3924 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3925 signal_to_string(signo), main_pid, strna(comm));
3926 } else {
3927 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3928 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3929 killed = true;
d9911002 3930 }
ac5e3a50 3931 }
814cc562 3932
ac5e3a50 3933 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3934 _cleanup_set_free_ Set *pid_set = NULL;
3935 int q;
3936
82659fd7
LP		 3937 /* Exclude the main/control pids from being killed via the cgroup */
3938 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3939 if (!pid_set)
d9911002
LP		 3940 return log_oom();
3941
3942 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3943 if (q < 0) {
3944 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3945 if (r == 0)
3946 sd_bus_error_set_errnof(
3947 error, q,
3948 "Failed to send signal SIG%s to auxiliary processes: %m",
3949 signal_to_string(signo));
3950
3951 r = log_unit_warning_errno(
3952 u, q,
3953 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3954 signal_to_string(signo));
3955 }
3956 } else
ac5e3a50 3957 killed = true;
814cc562
MS		 3958 }
3959
2ae0508e
LP		 3960 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3961 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3962 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3963
814cc562
MS		 3964 return r;
3965}
3966
6210e7fc
LP		 3967int unit_following_set(Unit *u, Set **s) {
3968 assert(u);
3969 assert(s);
3970
3971 if (UNIT_VTABLE(u)->following_set)
3972 return UNIT_VTABLE(u)->following_set(u, s);
3973
3974 *s = NULL;
3975 return 0;
3976}
3977
a4375746 3978UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3979 int r;
3980
a4375746
LP		 3981 assert(u);
3982
0ec0deaa
LP		 3983 if (u->unit_file_state < 0 && u->fragment_path) {
3984 r = unit_file_get_state(
463d0d15 3985 u->manager->unit_file_scope,
0ec0deaa 3986 NULL,
9ea3a0e7 3987 u->id,
0ec0deaa
LP		 3988 &u->unit_file_state);
3989 if (r < 0)
3990 u->unit_file_state = UNIT_FILE_BAD;
3991 }
a4375746 3992
ac155bb8 3993 return u->unit_file_state;
a4375746
LP		 3994}
3995
d2dc52db
LP		 3996int unit_get_unit_file_preset(Unit *u) {
3997 assert(u);
3998
3999 if (u->unit_file_preset < 0 && u->fragment_path)
4000 u->unit_file_preset = unit_file_query_preset(
463d0d15 4001 u->manager->unit_file_scope,
0ec0deaa 4002 NULL,
8f7b2566
ZJS		 4003 basename(u->fragment_path),
4004 NULL);
d2dc52db
LP		 4005
4006 return u->unit_file_preset;
4007}
4008
7f7d01ed 4009Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4010 assert(ref);
7f7d01ed
ZJS		 4011 assert(source);
4012 assert(target);
57020a3a 4013
7f7d01ed 4014 if (ref->target)
57020a3a
LP		 4015 unit_ref_unset(ref);
4016
7f7d01ed
ZJS		 4017 ref->source = source;
4018 ref->target = target;
4019 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4020 return target;
57020a3a
LP		 4021}
4022
4023void unit_ref_unset(UnitRef *ref) {
4024 assert(ref);
4025
7f7d01ed 4026 if (!ref->target)
57020a3a
LP		 4027 return;
4028
b75102e5
LP		 4029 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4030 * be unreferenced now. */
7f7d01ed 4031 unit_add_to_gc_queue(ref->target);
b75102e5 4032
7f7d01ed
ZJS		 4033 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4034 ref->source = ref->target = NULL;
57020a3a
LP		 4035}
4036
29206d46
LP		 4037static int user_from_unit_name(Unit *u, char **ret) {
4038
4039 static const uint8_t hash_key[] = {
4040 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4041 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4042 };
4043
4044 _cleanup_free_ char *n = NULL;
4045 int r;
4046
4047 r = unit_name_to_prefix(u->id, &n);
4048 if (r < 0)
4049 return r;
4050
7a8867ab 4051 if (valid_user_group_name(n, 0)) {
ae2a15bc 4052 *ret = TAKE_PTR(n);
29206d46
LP		 4053 return 0;
4054 }
4055
4056 /* If we can't use the unit name as a user name, then let's hash it and use that */
4057 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4058 return -ENOMEM;
4059
4060 return 0;
4061}
4062
598459ce
LP		 4063int unit_patch_contexts(Unit *u) {
4064 CGroupContext *cc;
4065 ExecContext *ec;
cba6e062
LP		 4066 int r;
4067
e06c73cc 4068 assert(u);
e06c73cc 4069
598459ce
LP		 4070 /* Patch in the manager defaults into the exec and cgroup
4071 * contexts, _after_ the rest of the settings have been
4072 * initialized */
085afe36 4073
598459ce
LP		 4074 ec = unit_get_exec_context(u);
4075 if (ec) {
4076 /* This only copies in the ones that need memory */
12375b95 4077 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4078 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4079 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4080 if (!ec->rlimit[i])
4081 return -ENOMEM;
4082 }
4083
463d0d15 4084 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4085 !ec->working_directory) {
4086
4087 r = get_home_dir(&ec->working_directory);
4088 if (r < 0)
4089 return r;
4c08c824
LP		 4090
4091 /* Allow user services to run, even if the
4092 * home directory is missing */
4093 ec->working_directory_missing_ok = true;
cba6e062
LP		 4094 }
4095
598459ce 4096 if (ec->private_devices)
2cd0a735 4097 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4098
4099 if (ec->protect_kernel_modules)
4100 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4101
84703040
KK		 4102 if (ec->protect_kernel_logs)
4103 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4104
fc64760d
KK		 4105 if (ec->protect_clock)
4106 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4107
29206d46
LP		 4108 if (ec->dynamic_user) {
4109 if (!ec->user) {
4110 r = user_from_unit_name(u, &ec->user);
4111 if (r < 0)
4112 return r;
4113 }
4114
4115 if (!ec->group) {
4116 ec->group = strdup(ec->user);
4117 if (!ec->group)
4118 return -ENOMEM;
4119 }
4120
bf65b7e0
LP		 4121 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4122 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4123 * sandbox. */
63bb64a0 4124
29206d46 4125 ec->private_tmp = true;
00d9ef85 4126 ec->remove_ipc = true;
63bb64a0
LP		 4127 ec->protect_system = PROTECT_SYSTEM_STRICT;
4128 if (ec->protect_home == PROTECT_HOME_NO)
4129 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4130
4131 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4132 * them. */
4133 ec->no_new_privileges = true;
4134 ec->restrict_suid_sgid = true;
29206d46 4135 }
cba6e062
LP		 4136 }
4137
598459ce 4138 cc = unit_get_cgroup_context(u);
fe65e88b 4139 if (cc && ec) {
f513e420 4140
fe65e88b 4141 if (ec->private_devices &&
084870f9
ZJS		 4142 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4143 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4144
64903d18 4145 if ((ec->root_image || ec->mount_images) &&
084870f9 4146 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
fe65e88b 4147
b3d13314 4148 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4149 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4150 r = cgroup_add_device_allow(cc, p, "rw");
4151 if (r < 0)
4152 return r;
4153 }
4154 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4155 r = cgroup_add_device_allow(cc, p, "rwm");
4156 if (r < 0)
4157 return r;
4158 }
867af728 4159
0cffae95
LB		 4160 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4161 * Same for mapper and verity. */
4162 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4163 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4164 if (r < 0)
4165 return r;
4166 }
fe65e88b 4167 }
fc64760d
KK		 4168
4169 if (ec->protect_clock) {
4170 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4171 if (r < 0)
4172 return r;
4173 }
598459ce 4174 }
f1660f96 4175
cba6e062 4176 return 0;
e06c73cc
LP		 4177}
4178
c2503e35 4179ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4180 size_t offset;
4181 assert(u);
4182
598459ce
LP		 4183 if (u->type < 0)
4184 return NULL;
4185
3ef63c31
LP		 4186 offset = UNIT_VTABLE(u)->exec_context_offset;
4187 if (offset <= 0)
4188 return NULL;
4189
4190 return (ExecContext*) ((uint8_t*) u + offset);
4191}
4192
718db961
LP		 4193KillContext *unit_get_kill_context(Unit *u) {
4194 size_t offset;
4195 assert(u);
4196
598459ce
LP		 4197 if (u->type < 0)
4198 return NULL;
4199
718db961
LP		 4200 offset = UNIT_VTABLE(u)->kill_context_offset;
4201 if (offset <= 0)
4202 return NULL;
4203
4204 return (KillContext*) ((uint8_t*) u + offset);
4205}
4206
4ad49000
LP		 4207CGroupContext *unit_get_cgroup_context(Unit *u) {
4208 size_t offset;
4209
598459ce
LP		 4210 if (u->type < 0)
4211 return NULL;
4212
4ad49000
LP		 4213 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4214 if (offset <= 0)
4215 return NULL;
4216
4217 return (CGroupContext*) ((uint8_t*) u + offset);
4218}
4219
613b411c
LP		 4220ExecRuntime *unit_get_exec_runtime(Unit *u) {
4221 size_t offset;
4222
598459ce
LP		 4223 if (u->type < 0)
4224 return NULL;
4225
613b411c
LP		 4226 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4227 if (offset <= 0)
4228 return NULL;
4229
4230 return *(ExecRuntime**) ((uint8_t*) u + offset);
4231}
4232
2e59b241 4233static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4234 assert(u);
4235
2e59b241 4236 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4237 return NULL;
4238
39591351
LP		 4239 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4240 return u->manager->lookup_paths.transient;
26d04f86 4241
2e59b241 4242 if (flags & UNIT_PERSISTENT)
4f4afc88 4243 return u->manager->lookup_paths.persistent_control;
26d04f86 4244
2e59b241
LP		 4245 if (flags & UNIT_RUNTIME)
4246 return u->manager->lookup_paths.runtime_control;
4247
39591351 4248 return NULL;
71645aca
LP		 4249}
4250
2e59b241 4251char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
24536beb
ZJS		 4252 assert(!FLAGS_SET(flags, UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C));
4253
4254 _cleanup_free_ char *t = NULL;
2e59b241
LP		 4255
4256 if (!s)
4257 return NULL;
4258
24536beb
ZJS		 4259 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the
4260 * allocated return buffer pointer is also written to *buf, except if no escaping was necessary, in
4261 * which case *buf is set to NULL, and the input pointer is returned as-is. This means the return
4262 * value always contains a properly escaped version, but *buf when passed only contains a pointer if
4263 * an allocation was necessary. If *buf is not specified, then the return value always needs to be
4264 * freed. Callers can use this to optimize memory allocations. */
2e59b241
LP		 4265
4266 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4267 t = specifier_escape(s);
4268 if (!t)
2e59b241
LP		 4269 return NULL;
4270
24536beb 4271 s = t;
2e59b241
LP		 4272 }
4273
24536beb
ZJS		 4274 /* We either do c-escaping or shell-escaping, to additionally escape characters that we parse for
4275 * ExecStart= and friend, i.e. '$' and ';' and quotes. */
4276
4277 if (flags & UNIT_ESCAPE_EXEC_SYNTAX) {
4278 char *t2 = shell_escape(s, "$;'\"");
4279 if (!t2)
4280 return NULL;
4281 free_and_replace(t, t2);
4282
4283 s = t;
2e59b241 4284
24536beb
ZJS		 4285 } else if (flags & UNIT_ESCAPE_C) {
4286 char *t2 = cescape(s);
4287 if (!t2)
2e59b241 4288 return NULL;
24536beb 4289 free_and_replace(t, t2);
2e59b241 4290
24536beb 4291 s = t;
2e59b241
LP		 4292 }
4293
4294 if (buf) {
24536beb
ZJS		 4295 *buf = TAKE_PTR(t);
4296 return (char*) s;
2e59b241
LP		 4297 }
4298
24536beb 4299 return TAKE_PTR(t) ?: strdup(s);
2e59b241
LP		 4300}
4301
4302char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4303 _cleanup_free_ char *result = NULL;
319a4f4b 4304 size_t n = 0;
2e59b241 4305
24536beb
ZJS		 4306 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4307 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4308
4309 STRV_FOREACH(i, l) {
4310 _cleanup_free_ char *buf = NULL;
4311 const char *p;
4312 size_t a;
4313 char *q;
4314
4315 p = unit_escape_setting(*i, flags, &buf);
4316 if (!p)
4317 return NULL;
4318
4319 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4320 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4321 return NULL;
4322
4323 q = result + n;
4324 if (n > 0)
4325 *(q++) = ' ';
4326
4327 *(q++) = '"';
4328 q = stpcpy(q, p);
4329 *(q++) = '"';
4330
4331 n += a;
4332 }
4333
319a4f4b 4334 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4335 return NULL;
4336
4337 result[n] = 0;
4338
ae2a15bc 4339 return TAKE_PTR(result);
2e59b241
LP		 4340}
4341
4342int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4343 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4344 const char *dir, *wrapped;
26d04f86 4345 int r;
71645aca
LP		 4346
4347 assert(u);
2e59b241
LP		 4348 assert(name);
4349 assert(data);
4350
4351 if (UNIT_WRITE_FLAGS_NOOP(flags))
4352 return 0;
4353
4354 data = unit_escape_setting(data, flags, &escaped);
4355 if (!data)
4356 return -ENOMEM;
4357
4358 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4359 * previous section header is the same */
4360
4361 if (flags & UNIT_PRIVATE) {
4362 if (!UNIT_VTABLE(u)->private_section)
4363 return -EINVAL;
4364
4365 if (!u->transient_file || u->last_section_private < 0)
4366 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4367 else if (u->last_section_private == 0)
4368 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4369 } else {
4370 if (!u->transient_file || u->last_section_private < 0)
4371 data = strjoina("[Unit]\n", data);
4372 else if (u->last_section_private > 0)
4373 data = strjoina("\n[Unit]\n", data);
4374 }
71645aca 4375
4f4afc88
LP		 4376 if (u->transient_file) {
4377 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4378 * write to the transient unit file. */
4379 fputs(data, u->transient_file);
4f4afc88 4380
2e59b241
LP		 4381 if (!endswith(data, "\n"))
4382 fputc('\n', u->transient_file);
4383
4384 /* Remember which section we wrote this entry to */
4385 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4386 return 0;
2e59b241 4387 }
8e2af478 4388
2e59b241 4389 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4390 if (!dir)
4391 return -EINVAL;
71645aca 4392
2a9a6f8a 4393 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4394 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4395 data,
4396 "\n");
e20b2a86 4397
815b09d3 4398 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4399 if (r < 0)
4400 return r;
4401
45639f1b 4402 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4403
4404 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4405 * recreate the cache after every drop-in we write. */
4406 if (u->manager->unit_path_cache) {
be327321 4407 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4408 if (r < 0)
4409 return r;
4410 }
4411
2a9a6f8a 4412 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4413 if (r < 0)
4414 return r;
4415
815b09d3 4416 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4417 if (r < 0)
4418 return r;
815b09d3 4419 q = NULL;
adb76a70 4420
adb76a70
WC		 4421 strv_uniq(u->dropin_paths);
4422
4423 u->dropin_mtime = now(CLOCK_REALTIME);
4424
4425 return 0;
26d04f86 4426}
71645aca 4427
2e59b241 4428int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4429 _cleanup_free_ char *p = NULL;
4430 va_list ap;
4431 int r;
4432
4433 assert(u);
4434 assert(name);
4435 assert(format);
4436
2e59b241 4437 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4438 return 0;
4439
4440 va_start(ap, format);
4441 r = vasprintf(&p, format, ap);
4442 va_end(ap);
4443
4444 if (r < 0)
4445 return -ENOMEM;
4446
2e59b241 4447 return unit_write_setting(u, flags, name, p);
b9ec9359 4448}
71645aca 4449
c2756a68 4450int unit_make_transient(Unit *u) {
0126c8f3 4451 _cleanup_free_ char *path = NULL;
4f4afc88 4452 FILE *f;
4f4afc88 4453
c2756a68
LP		 4454 assert(u);
4455
3f5e8115
LP		 4456 if (!UNIT_VTABLE(u)->can_transient)
4457 return -EOPNOTSUPP;
4458
45639f1b
LP		 4459 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4460
657ee2d8 4461 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4462 if (!path)
4463 return -ENOMEM;
4464
4465 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4466 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4467
78e334b5 4468 RUN_WITH_UMASK(0022) {
4f4afc88 4469 f = fopen(path, "we");
0126c8f3 4470 if (!f)
78e334b5 4471 return -errno;
4f4afc88
LP		 4472 }
4473
0126c8f3 4474 safe_fclose(u->transient_file);
4f4afc88
LP		 4475 u->transient_file = f;
4476
0126c8f3 4477 free_and_replace(u->fragment_path, path);
7c65093a 4478
7c65093a
LP		 4479 u->source_path = mfree(u->source_path);
4480 u->dropin_paths = strv_free(u->dropin_paths);
4481 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4482
4f4afc88
LP		 4483 u->load_state = UNIT_STUB;
4484 u->load_error = 0;
4485 u->transient = true;
4486
7c65093a
LP		 4487 unit_add_to_dbus_queue(u);
4488 unit_add_to_gc_queue(u);
c2756a68 4489
4f4afc88
LP		 4490 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4491 u->transient_file);
4492
3f5e8115 4493 return 0;
c2756a68
LP		 4494}
4495
c53d2d54 4496static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4497 _cleanup_free_ char *comm = NULL;
4498
4499 (void) get_process_comm(pid, &comm);
4500
4501 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4502 only, like for example systemd's own PAM stub process. */
4503 if (comm && comm[0] == '(')
c53d2d54 4504 return 0;
1d98fef1
LP		 4505
4506 log_unit_notice(userdata,
4507 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4508 pid,
4509 strna(comm),
4510 signal_to_string(sig));
c53d2d54
DB		 4511
4512 return 1;
1d98fef1
LP		 4513}
4514
4ab1670f 4515static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4516 assert(c);
4517
4518 switch (k) {
4519
4520 case KILL_TERMINATE:
4521 case KILL_TERMINATE_AND_LOG:
4ab1670f 4522 *noteworthy = false;
1d98fef1
LP		 4523 return c->kill_signal;
4524
a232ebcc 4525 case KILL_RESTART:
4ab1670f 4526 *noteworthy = false;
a232ebcc
ZJS		 4527 return restart_kill_signal(c);
4528
1d98fef1 4529 case KILL_KILL:
4ab1670f 4530 *noteworthy = true;
fbb48d4c 4531 return c->final_kill_signal;
1d98fef1 4532
c87700a1 4533 case KILL_WATCHDOG:
4ab1670f 4534 *noteworthy = true;
c87700a1 4535 return c->watchdog_signal;
1d98fef1
LP		 4536
4537 default:
04499a70 4538 assert_not_reached();
1d98fef1
LP		 4539 }
4540}
4541
cd2086fe
LP		 4542int unit_kill_context(
4543 Unit *u,
4544 KillContext *c,
db2cb23b 4545 KillOperation k,
cd2086fe
LP		 4546 pid_t main_pid,
4547 pid_t control_pid,
4548 bool main_pid_alien) {
4549
1d98fef1 4550 bool wait_for_exit = false, send_sighup;
59ec09a8 4551 cg_kill_log_func_t log_func = NULL;
b821a397 4552 int sig, r;
cd2086fe
LP		 4553
4554 assert(u);
4555 assert(c);
4556
8aff7ac4
LP		 4557 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4558 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4559 * which is used for user-requested killing of unit processes. */
1d98fef1 4560
cd2086fe
LP		 4561 if (c->kill_mode == KILL_NONE)
4562 return 0;
4563
4ab1670f
ZJS		 4564 bool noteworthy;
4565 sig = operation_to_signal(c, k, &noteworthy);
4566 if (noteworthy)
4567 log_func = log_kill;
1d98fef1
LP		 4568
4569 send_sighup =
4570 c->send_sighup &&
4571 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4572 sig != SIGHUP;
4573
cd2086fe 4574 if (main_pid > 0) {
1d98fef1
LP		 4575 if (log_func)
4576 log_func(main_pid, sig, u);
cd2086fe 4577
1d98fef1 4578 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4579 if (r < 0 && r != -ESRCH) {
4580 _cleanup_free_ char *comm = NULL;
1d98fef1 4581 (void) get_process_comm(main_pid, &comm);
cd2086fe 4582
b821a397 4583 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4584 } else {
bc6aed7b
LP		 4585 if (!main_pid_alien)
4586 wait_for_exit = true;
82659fd7 4587
1d98fef1 4588 if (r != -ESRCH && send_sighup)
d0667321 4589 (void) kill(main_pid, SIGHUP);
82659fd7 4590 }
cd2086fe
LP		 4591 }
4592
4593 if (control_pid > 0) {
1d98fef1
LP		 4594 if (log_func)
4595 log_func(control_pid, sig, u);
cd2086fe 4596
1d98fef1 4597 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4598 if (r < 0 && r != -ESRCH) {
4599 _cleanup_free_ char *comm = NULL;
1d98fef1 4600 (void) get_process_comm(control_pid, &comm);
cd2086fe 4601
b821a397 4602 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4603 } else {
cd2086fe 4604 wait_for_exit = true;
82659fd7 4605
1d98fef1 4606 if (r != -ESRCH && send_sighup)
d0667321 4607 (void) kill(control_pid, SIGHUP);
82659fd7 4608 }
cd2086fe
LP		 4609 }
4610
b821a397
LP		 4611 if (u->cgroup_path &&
4612 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4613 _cleanup_set_free_ Set *pid_set = NULL;
4614
82659fd7
LP		 4615 /* Exclude the main/control pids from being killed via the cgroup */
4616 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4617 if (!pid_set)
4618 return -ENOMEM;
4619
1d98fef1
LP		 4620 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4621 sig,
4622 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4623 pid_set,
4624 log_func, u);
cd2086fe 4625 if (r < 0) {
4c701096 4626 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4627 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4628
82659fd7 4629 } else if (r > 0) {
bc6aed7b 4630
1d9cc876
LP		 4631 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4632 * we are running in a container or if this is a delegation unit, simply because cgroup
4633 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4634 * of containers it can be confused easily by left-over directories in the cgroup — which
4635 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4636 * there we get proper events. Hence rely on them. */
efdb0237 4637
c22800e4 4638 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4639 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4640 wait_for_exit = true;
58ea275a 4641
1d98fef1 4642 if (send_sighup) {
82659fd7
LP		 4643 set_free(pid_set);
4644
4645 pid_set = unit_pid_set(main_pid, control_pid);
4646 if (!pid_set)
4647 return -ENOMEM;
4648
c8aa4b5b
LP		 4649 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4650 SIGHUP,
4651 CGROUP_IGNORE_SELF,
4652 pid_set,
4653 NULL, NULL);
82659fd7
LP		 4654 }
4655 }
cd2086fe
LP		 4656 }
4657
4658 return wait_for_exit;
4659}
4660
eef85c4a 4661int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
a57f7e2c
LP		 4662 int r;
4663
4664 assert(u);
4665 assert(path);
4666
ac19bdd0
ZJS		 4667 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4668 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4669 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4670 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4671
70b64bd3
ZJS		 4672 if (!path_is_absolute(path))
4673 return -EINVAL;
4674
ac19bdd0
ZJS		 4675 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4676 return 0;
eef85c4a 4677
ac19bdd0 4678 _cleanup_free_ char *p = strdup(path);
a57f7e2c
LP		 4679 if (!p)
4680 return -ENOMEM;
4681
ac19bdd0
ZJS		 4682 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4683 * only after simplification, since path_is_normalized() rejects paths with '.'.
4684 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4ff361cc 4685 path = path_simplify(p);
a57f7e2c 4686
ca8700e9 4687 if (!path_is_normalized(path))
a57f7e2c 4688 return -EPERM;
a57f7e2c 4689
ac19bdd0 4690 UnitDependencyInfo di = {
eef85c4a
LP		 4691 .origin_mask = mask
4692 };
4693
ac19bdd0 4694 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
ca8700e9 4695 if (r < 0)
a57f7e2c 4696 return r;
ac19bdd0
ZJS		 4697 assert(r > 0);
4698 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 4699
4cb06c59 4700 char prefix[strlen(path) + 1];
ca8700e9 4701 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4702 Set *x;
4703
4704 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4705 if (!x) {
ca8700e9 4706 _cleanup_free_ char *q = NULL;
a57f7e2c 4707
548f6937 4708 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4709 if (r < 0)
4710 return r;
a57f7e2c
LP		 4711
4712 q = strdup(prefix);
4713 if (!q)
4714 return -ENOMEM;
4715
d5099efc 4716 x = set_new(NULL);
ca8700e9 4717 if (!x)
a57f7e2c 4718 return -ENOMEM;
a57f7e2c
LP		 4719
4720 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4721 if (r < 0) {
a57f7e2c
LP		 4722 set_free(x);
4723 return r;
4724 }
ca8700e9 4725 q = NULL;
a57f7e2c
LP		 4726 }
4727
4728 r = set_put(x, u);
4729 if (r < 0)
4730 return r;
4731 }
4732
4733 return 0;
4734}
4735
613b411c
LP		 4736int unit_setup_exec_runtime(Unit *u) {
4737 ExecRuntime **rt;
4738 size_t offset;
613b411c 4739 Unit *other;
e8a565cb 4740 int r;
613b411c
LP		 4741
4742 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4743 assert(offset > 0);
4744
06b643e7 4745 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4746 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4747 if (*rt)
4748 return 0;
4749
4750 /* Try to get it from somebody else */
15ed3c3a 4751 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4752 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4753 if (r == 1)
4754 return 1;
613b411c
LP		 4755 }
4756
e8a565cb 4757 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4758}
4759
29206d46
LP		 4760int unit_setup_dynamic_creds(Unit *u) {
4761 ExecContext *ec;
4762 DynamicCreds *dcreds;
4763 size_t offset;
4764
4765 assert(u);
4766
4767 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4768 assert(offset > 0);
4769 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4770
4771 ec = unit_get_exec_context(u);
4772 assert(ec);
4773
4774 if (!ec->dynamic_user)
4775 return 0;
4776
4777 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4778}
4779
1c2e9646
LP		 4780bool unit_type_supported(UnitType t) {
4781 if (_unlikely_(t < 0))
4782 return false;
4783 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4784 return false;
4785
4786 if (!unit_vtable[t]->supported)
4787 return true;
4788
4789 return unit_vtable[t]->supported();
4790}
4791
8b4305c7
LP		 4792void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4793 int r;
4794
4795 assert(u);
4796 assert(where);
4797
c2503e35
RH		 4798 if (!unit_log_level_test(u, LOG_NOTICE))
4799 return;
4800
db55bbf2 4801 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 4802 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4803 return;
4804 if (r < 0) {
4805 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4806 return;
4807 }
4808
c2503e35
RH		 4809 log_unit_struct(u, LOG_NOTICE,
4810 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4811 LOG_UNIT_INVOCATION_ID(u),
4812 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4813 "WHERE=%s", where);
8b4305c7
LP		 4814}
4815
25cd4964 4816int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4817 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4818 int r;
4819
4820 assert(u);
4821 assert(where);
4822
a5648b80 4823 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4824 if (r < 0) {
25cd4964 4825 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4826 return 0;
4827 }
25cd4964
AJ		 4828
4829 /* We will happily ignore a trailing slash (or any redundant slashes) */
4830 if (path_equal(where, canonical_where))
8b4305c7
LP		 4831 return 0;
4832
25cd4964 4833 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4834 log_unit_struct(u, LOG_ERR,
4835 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4836 LOG_UNIT_INVOCATION_ID(u),
4837 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4838 "WHERE=%s", where);
8b4305c7
LP		 4839
4840 return -ELOOP;
4841}
0f13f3bd
LP		 4842
4843bool unit_is_pristine(Unit *u) {
4844 assert(u);
4845
7c65093a 4846 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4847 * in a number of different ways. Note that to cater for unit
4848 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4849 * are marked UNIT_LOADED even though nothing was actually
4850 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4851
4852 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4853 u->fragment_path ||
4854 u->source_path ||
4855 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4856 u->job ||
4857 u->merged_into);
4858}
291d565a
LP		 4859
4860pid_t unit_control_pid(Unit *u) {
4861 assert(u);
4862
4863 if (UNIT_VTABLE(u)->control_pid)
4864 return UNIT_VTABLE(u)->control_pid(u);
4865
4866 return 0;
4867}
4868
4869pid_t unit_main_pid(Unit *u) {
4870 assert(u);
4871
4872 if (UNIT_VTABLE(u)->main_pid)
4873 return UNIT_VTABLE(u)->main_pid(u);
4874
4875 return 0;
4876}
00d9ef85
LP		 4877
4878static void unit_unref_uid_internal(
4879 Unit *u,
4880 uid_t *ref_uid,
4881 bool destroy_now,
4882 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4883
4884 assert(u);
4885 assert(ref_uid);
4886 assert(_manager_unref_uid);
4887
4888 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4889 * gid_t are actually the same time, with the same validity rules.
4890 *
4891 * Drops a reference to UID/GID from a unit. */
4892
4893 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4894 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4895
4896 if (!uid_is_valid(*ref_uid))
4897 return;
4898
4899 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4900 *ref_uid = UID_INVALID;
4901}
4902
b90cf102 4903static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4904 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4905}
4906
b90cf102 4907static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4908 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4909}
4910
b90cf102
LP		 4911void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4912 assert(u);
4913
4914 unit_unref_uid(u, destroy_now);
4915 unit_unref_gid(u, destroy_now);
4916}
4917
00d9ef85
LP		 4918static int unit_ref_uid_internal(
4919 Unit *u,
4920 uid_t *ref_uid,
4921 uid_t uid,
4922 bool clean_ipc,
4923 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4924
4925 int r;
4926
4927 assert(u);
4928 assert(ref_uid);
4929 assert(uid_is_valid(uid));
4930 assert(_manager_ref_uid);
4931
4932 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4933 * are actually the same type, and have the same validity rules.
4934 *
4935 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4936 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4937 * drops to zero. */
4938
4939 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4940 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4941
4942 if (*ref_uid == uid)
4943 return 0;
4944
4945 if (uid_is_valid(*ref_uid)) /* Already set? */
4946 return -EBUSY;
4947
4948 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4949 if (r < 0)
4950 return r;
4951
4952 *ref_uid = uid;
4953 return 1;
4954}
4955
b90cf102 4956static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4957 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4958}
4959
b90cf102 4960static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4961 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4962}
4963
4964static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4965 int r = 0, q = 0;
4966
4967 assert(u);
4968
4969 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4970
4971 if (uid_is_valid(uid)) {
4972 r = unit_ref_uid(u, uid, clean_ipc);
4973 if (r < 0)
4974 return r;
4975 }
4976
4977 if (gid_is_valid(gid)) {
4978 q = unit_ref_gid(u, gid, clean_ipc);
4979 if (q < 0) {
4980 if (r > 0)
4981 unit_unref_uid(u, false);
4982
4983 return q;
4984 }
4985 }
4986
4987 return r > 0 || q > 0;
4988}
4989
4990int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4991 ExecContext *c;
4992 int r;
4993
4994 assert(u);
4995
4996 c = unit_get_exec_context(u);
4997
4998 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4999 if (r < 0)
5000 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5001
5002 return r;
5003}
5004
00d9ef85
LP		 5005void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5006 int r;
5007
5008 assert(u);
5009
5010 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5011 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5012 * objects when no service references the UID/GID anymore. */
5013
5014 r = unit_ref_uid_gid(u, uid, gid);
5015 if (r > 0)
37d0b962 5016 unit_add_to_dbus_queue(u);
00d9ef85 5017}
4b58153d 5018
4b58153d
LP		 5019int unit_acquire_invocation_id(Unit *u) {
5020 sd_id128_t id;
5021 int r;
5022
5023 assert(u);
5024
5025 r = sd_id128_randomize(&id);
5026 if (r < 0)
5027 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5028
5029 r = unit_set_invocation_id(u, id);
5030 if (r < 0)
5031 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5032
af92c603 5033 unit_add_to_dbus_queue(u);
4b58153d
LP		 5034 return 0;
5035}
f0d47797 5036
1ad6e8b3
LP		 5037int unit_set_exec_params(Unit *u, ExecParameters *p) {
5038 int r;
5039
7960b0c7
LP		 5040 assert(u);
5041 assert(p);
f0d47797 5042
004c7f16 5043 /* Copy parameters from manager */
1ad6e8b3
LP		 5044 r = manager_get_effective_environment(u->manager, &p->environment);
5045 if (r < 0)
5046 return r;
5047
004c7f16
LP		 5048 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5049 p->cgroup_supported = u->manager->cgroup_supported;
5050 p->prefix = u->manager->prefix;
5051 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5052
5238e957 5053 /* Copy parameters from unit */
7960b0c7 5054 p->cgroup_path = u->cgroup_path;
1d9cc876 5055 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5056
2ad591a3
LP		 5057 p->received_credentials_directory = u->manager->received_credentials_directory;
5058 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5059
1ad6e8b3 5060 return 0;
f0d47797 5061}
a79279c7 5062
4c253ed1 5063int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 5064 int r;
5065
5066 assert(u);
5067 assert(ret);
5068
5069 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5070 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5071
5072 (void) unit_realize_cgroup(u);
5073
4c253ed1
LP		 5074 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5075 if (r != 0)
5076 return r;
a79279c7 5077
9c274488
LP		 5078 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5079 (void) ignore_signals(SIGPIPE);
a79279c7 5080
4c253ed1 5081 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5082
4c253ed1
LP		 5083 if (u->cgroup_path) {
5084 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5085 if (r < 0) {
6178e2f8 5086 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5087 _exit(EXIT_CGROUP);
a79279c7 5088 }
a79279c7
LP		 5089 }
5090
4c253ed1 5091 return 0;
a79279c7 5092}
c999cf38 5093
810ef318
YW		 5094int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5095 pid_t pid;
5096 int r;
5097
5098 assert(u);
5099 assert(ret_pid);
5100
5101 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5102 if (r < 0)
5103 return r;
5104 if (r == 0) {
5105 int ret = EXIT_SUCCESS;
810ef318
YW		 5106
5107 STRV_FOREACH(i, paths) {
5108 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5109 if (r < 0) {
5110 log_error_errno(r, "Failed to remove '%s': %m", *i);
5111 ret = EXIT_FAILURE;
5112 }
5113 }
5114
5115 _exit(ret);
5116 }
5117
5118 r = unit_watch_pid(u, pid, true);
5119 if (r < 0)
5120 return r;
5121
5122 *ret_pid = pid;
5123 return 0;
5124}
5125
15ed3c3a
LP		 5126static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5127 assert(deps);
c999cf38
LP		 5128 assert(other);
5129
15ed3c3a 5130 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5131 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5132 assert_se(hashmap_remove(deps, other));
5133 else
c999cf38 5134 /* Mask was reduced, let's update the entry */
15ed3c3a 5135 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5136}
5137
5138void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5139 Hashmap *deps;
c999cf38
LP		 5140 assert(u);
5141
5142 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5143
5144 if (mask == 0)
5145 return;
5146
15ed3c3a 5147 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5148 bool done;
5149
5150 do {
5151 UnitDependencyInfo di;
5152 Unit *other;
c999cf38
LP		 5153
5154 done = true;
5155
15ed3c3a
LP		 5156 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5157 Hashmap *other_deps;
5158
1d6cc5d0 5159 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5160 continue;
15ed3c3a 5161
c999cf38 5162 di.origin_mask &= ~mask;
15ed3c3a 5163 unit_update_dependency_mask(deps, other, di);
c999cf38 5164
defe63b0
LP		 5165 /* We updated the dependency from our unit to the other unit now. But most
5166 * dependencies imply a reverse dependency. Hence, let's delete that one
5167 * too. For that we go through all dependency types on the other unit and
5168 * delete all those which point to us and have the right mask set. */
c999cf38 5169
15ed3c3a 5170 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5171 UnitDependencyInfo dj;
5172
15ed3c3a 5173 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5174 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5175 continue;
c999cf38 5176
15ed3c3a
LP		 5177 dj.destination_mask &= ~mask;
5178 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5179 }
5180
5181 unit_add_to_gc_queue(other);
5182
156ba52b
YW		 5183 /* The unit 'other' may not be wanted by the unit 'u'. */
5184 unit_submit_to_stop_when_unneeded_queue(other);
5185
c999cf38
LP		 5186 done = false;
5187 break;
5188 }
5189
5190 } while (!done);
5191 }
5192}
d3070fbd 5193
2f8c48b6
AZ		 5194static int unit_get_invocation_path(Unit *u, char **ret) {
5195 char *p;
5196 int r;
5197
5198 assert(u);
5199 assert(ret);
5200
5201 if (MANAGER_IS_SYSTEM(u->manager))
5202 p = strjoin("/run/systemd/units/invocation:", u->id);
5203 else {
5204 _cleanup_free_ char *user_path = NULL;
5205 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5206 if (r < 0)
5207 return r;
5208 p = strjoin(user_path, u->id);
5209 }
5210
5211 if (!p)
5212 return -ENOMEM;
5213
5214 *ret = p;
5215 return 0;
5216}
5217
d3070fbd 5218static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5219 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5220 int r;
5221
5222 assert(u);
5223
5224 if (u->exported_invocation_id)
5225 return 0;
5226
5227 if (sd_id128_is_null(u->invocation_id))
5228 return 0;
5229
2f8c48b6
AZ		 5230 r = unit_get_invocation_path(u, &p);
5231 if (r < 0)
5232 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5233
a3f5fd96 5234 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5235 if (r < 0)
5236 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5237
5238 u->exported_invocation_id = true;
5239 return 0;
5240}
5241
5242static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5243 const char *p;
5244 char buf[2];
5245 int r;
5246
5247 assert(u);
5248 assert(c);
5249
5250 if (u->exported_log_level_max)
5251 return 0;
5252
5253 if (c->log_level_max < 0)
5254 return 0;
5255
5256 assert(c->log_level_max <= 7);
5257
5258 buf[0] = '0' + c->log_level_max;
5259 buf[1] = 0;
5260
5261 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5262 r = symlink_atomic(buf, p);
5263 if (r < 0)
5264 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5265
5266 u->exported_log_level_max = true;
5267 return 0;
5268}
5269
5270static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5271 _cleanup_close_ int fd = -1;
5272 struct iovec *iovec;
5273 const char *p;
5274 char *pattern;
5275 le64_t *sizes;
5276 ssize_t n;
d3070fbd
LP		 5277 int r;
5278
5279 if (u->exported_log_extra_fields)
5280 return 0;
5281
5282 if (c->n_log_extra_fields <= 0)
5283 return 0;
5284
5285 sizes = newa(le64_t, c->n_log_extra_fields);
5286 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5287
12375b95 5288 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5289 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5290
5291 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5292 iovec[i*2+1] = c->log_extra_fields[i];
5293 }
5294
5295 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5296 pattern = strjoina(p, ".XXXXXX");
5297
5298 fd = mkostemp_safe(pattern);
5299 if (fd < 0)
5300 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5301
5302 n = writev(fd, iovec, c->n_log_extra_fields*2);
5303 if (n < 0) {
5304 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5305 goto fail;
5306 }
5307
5308 (void) fchmod(fd, 0644);
5309
5310 if (rename(pattern, p) < 0) {
5311 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5312 goto fail;
5313 }
5314
5315 u->exported_log_extra_fields = true;
5316 return 0;
5317
5318fail:
5319 (void) unlink(pattern);
5320 return r;
5321}
5322
5ac1530e 5323static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5324 _cleanup_free_ char *buf = NULL;
5325 const char *p;
5326 int r;
5327
5328 assert(u);
5329 assert(c);
5330
5ac1530e 5331 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5332 return 0;
5333
5ac1530e 5334 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5335 return 0;
5336
5337 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5338
5ac1530e 5339 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5340 return log_oom();
5341
5342 r = symlink_atomic(buf, p);
5343 if (r < 0)
5344 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5345
5ac1530e 5346 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5347 return 0;
5348}
5349
5ac1530e 5350static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5351 _cleanup_free_ char *buf = NULL;
5352 const char *p;
5353 int r;
5354
5355 assert(u);
5356 assert(c);
5357
5ac1530e 5358 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5359 return 0;
5360
5ac1530e 5361 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5362 return 0;
5363
5364 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5365
5ac1530e 5366 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5367 return log_oom();
5368
5369 r = symlink_atomic(buf, p);
5370 if (r < 0)
5371 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5372
5ac1530e 5373 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5374 return 0;
5375}
5376
d3070fbd
LP		 5377void unit_export_state_files(Unit *u) {
5378 const ExecContext *c;
5379
5380 assert(u);
5381
5382 if (!u->id)
5383 return;
5384
638cece4 5385 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5386 return;
5387
d3070fbd
LP		 5388 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5389 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5390 * the IPC system itself and PID 1 also log to the journal.
5391 *
5392 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5393 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5394 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5395 * namespace at least.
5396 *
5397 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5398 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5399 * them with one. */
5400
5401 (void) unit_export_invocation_id(u);
5402
2f8c48b6
AZ		 5403 if (!MANAGER_IS_SYSTEM(u->manager))
5404 return;
5405
d3070fbd
LP		 5406 c = unit_get_exec_context(u);
5407 if (c) {
5408 (void) unit_export_log_level_max(u, c);
5409 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5410 (void) unit_export_log_ratelimit_interval(u, c);
5411 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5412 }
5413}
5414
5415void unit_unlink_state_files(Unit *u) {
5416 const char *p;
5417
5418 assert(u);
5419
5420 if (!u->id)
5421 return;
5422
d3070fbd
LP		 5423 /* Undoes the effect of unit_export_state() */
5424
5425 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5426 _cleanup_free_ char *invocation_path = NULL;
5427 int r = unit_get_invocation_path(u, &invocation_path);
5428 if (r >= 0) {
5429 (void) unlink(invocation_path);
5430 u->exported_invocation_id = false;
5431 }
d3070fbd
LP		 5432 }
5433
2f8c48b6
AZ		 5434 if (!MANAGER_IS_SYSTEM(u->manager))
5435 return;
5436
d3070fbd
LP		 5437 if (u->exported_log_level_max) {
5438 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5439 (void) unlink(p);
5440
5441 u->exported_log_level_max = false;
5442 }
5443
5444 if (u->exported_log_extra_fields) {
5445 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5446 (void) unlink(p);
5447
5448 u->exported_log_extra_fields = false;
5449 }
90fc172e 5450
5ac1530e 5451 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5452 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5453 (void) unlink(p);
5454
5ac1530e 5455 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5456 }
5457
5ac1530e 5458 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5459 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5460 (void) unlink(p);
5461
5ac1530e 5462 u->exported_log_ratelimit_burst = false;
90fc172e 5463 }
d3070fbd 5464}
5afe510c 5465
3c7416b6
LP		 5466int unit_prepare_exec(Unit *u) {
5467 int r;
5468
5469 assert(u);
5470
fab34748
KL		 5471 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5472 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5473 r = bpf_firewall_load_custom(u);
5474 if (r < 0)
5475 return r;
5476
3c7416b6
LP		 5477 /* Prepares everything so that we can fork of a process for this unit */
5478
5479 (void) unit_realize_cgroup(u);
5480
5481 if (u->reset_accounting) {
9b2559a1 5482 (void) unit_reset_accounting(u);
3c7416b6
LP		 5483 u->reset_accounting = false;
5484 }
5485
5486 unit_export_state_files(u);
5487
5488 r = unit_setup_exec_runtime(u);
5489 if (r < 0)
5490 return r;
5491
5492 r = unit_setup_dynamic_creds(u);
5493 if (r < 0)
5494 return r;
5495
5496 return 0;
5497}
5498
4c425434
LP		 5499static bool ignore_leftover_process(const char *comm) {
5500 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5501}
5502
5503int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5504 _cleanup_free_ char *comm = NULL;
5505
5506 (void) get_process_comm(pid, &comm);
5507
4c425434 5508 if (ignore_leftover_process(comm))
c53d2d54 5509 return 0;
a4634b21 5510
4c425434
LP		 5511 /* During start we print a warning */
5512
a4634b21
LP		 5513 log_unit_warning(userdata,
5514 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5515 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5516 pid, strna(comm));
c53d2d54
DB		 5517
5518 return 1;
a4634b21
LP		 5519}
5520
4c425434
LP		 5521int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5522 _cleanup_free_ char *comm = NULL;
5523
5524 (void) get_process_comm(pid, &comm);
5525
5526 if (ignore_leftover_process(comm))
5527 return 0;
5528
5529 /* During stop we only print an informational message */
5530
5531 log_unit_info(userdata,
5532 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5533 pid, strna(comm));
5534
5535 return 1;
5536}
5537
5538int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5539 assert(u);
5540
5541 (void) unit_pick_cgroup_path(u);
5542
5543 if (!u->cgroup_path)
c53d2d54 5544 return 0;
a4634b21 5545
4c425434 5546 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5547}
5548
bb2c7685
LP		 5549bool unit_needs_console(Unit *u) {
5550 ExecContext *ec;
5551 UnitActiveState state;
5552
5553 assert(u);
5554
5555 state = unit_active_state(u);
5556
5557 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5558 return false;
5559
5560 if (UNIT_VTABLE(u)->needs_console)
5561 return UNIT_VTABLE(u)->needs_console(u);
5562
5563 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5564 ec = unit_get_exec_context(u);
5565 if (!ec)
5566 return false;
5567
5568 return exec_context_may_touch_console(ec);
5569}
5570
6592b975
LP		 5571int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5572 int r;
5573
5574 assert(u);
5575
5576 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5577 * and not a kernel thread either */
5578
5579 /* First, a simple range check */
5580 if (!pid_is_valid(pid))
5581 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5582
5583 /* Some extra safety check */
5584 if (pid == 1 || pid == getpid_cached())
3fe91079 5585 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5586
5587 /* Don't even begin to bother with kernel threads */
5588 r = is_kernel_thread(pid);
5589 if (r == -ESRCH)
5590 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5591 if (r < 0)
5592 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5593 if (r > 0)
5594 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5595
5596 return 0;
5597}
5598
523ee2d4
LP		 5599void unit_log_success(Unit *u) {
5600 assert(u);
5601
edf2ee22
JM		 5602 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5603 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5604 * a lot of devices. */
5605 log_unit_struct(u,
5606 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 5607 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5608 LOG_UNIT_INVOCATION_ID(u),
5609 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5610}
5611
7c047d74
LP		 5612void unit_log_failure(Unit *u, const char *result) {
5613 assert(u);
5614 assert(result);
5615
c2503e35
RH		 5616 log_unit_struct(u, LOG_WARNING,
5617 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5618 LOG_UNIT_INVOCATION_ID(u),
5619 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5620 "UNIT_RESULT=%s", result);
7c047d74
LP		 5621}
5622
31cd5f63
AZ		 5623void unit_log_skip(Unit *u, const char *result) {
5624 assert(u);
5625 assert(result);
5626
c2503e35
RH		 5627 log_unit_struct(u, LOG_INFO,
5628 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5629 LOG_UNIT_INVOCATION_ID(u),
5630 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5631 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5632}
5633
91bbd9b7
LP		 5634void unit_log_process_exit(
5635 Unit *u,
91bbd9b7
LP		 5636 const char *kind,
5637 const char *command,
5cc2cd1c 5638 bool success,
91bbd9b7
LP		 5639 int code,
5640 int status) {
5641
5cc2cd1c
ZJS		 5642 int level;
5643
91bbd9b7
LP		 5644 assert(u);
5645 assert(kind);
5646
5cc2cd1c
ZJS		 5647 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5648 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5649 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5650 * WARNING. */
5651 if (success)
5652 level = LOG_DEBUG;
5653 else if (code == CLD_EXITED)
5654 level = LOG_NOTICE;
5655 else
91bbd9b7
LP		 5656 level = LOG_WARNING;
5657
c2503e35
RH		 5658 log_unit_struct(u, level,
5659 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 5660 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 5661 kind,
5662 sigchld_code_to_string(code), status,
5663 strna(code == CLD_EXITED
5664 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 5665 : signal_to_string(status)),
5666 success ? " (success)" : ""),
c2503e35
RH		 5667 "EXIT_CODE=%s", sigchld_code_to_string(code),
5668 "EXIT_STATUS=%i", status,
5669 "COMMAND=%s", strna(command),
5670 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5671}
5672
7af67e9a
LP		 5673int unit_exit_status(Unit *u) {
5674 assert(u);
5675
5676 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5677 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5678 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5679 * service process has exited abnormally (signal/coredump). */
5680
5681 if (!UNIT_VTABLE(u)->exit_status)
5682 return -EOPNOTSUPP;
5683
5684 return UNIT_VTABLE(u)->exit_status(u);
5685}
5686
5687int unit_failure_action_exit_status(Unit *u) {
5688 int r;
5689
5690 assert(u);
5691
5692 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5693
5694 if (u->failure_action_exit_status >= 0)
5695 return u->failure_action_exit_status;
5696
5697 r = unit_exit_status(u);
5698 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5699 return 255;
5700
5701 return r;
5702}
5703
5704int unit_success_action_exit_status(Unit *u) {
5705 int r;
5706
5707 assert(u);
5708
5709 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5710
5711 if (u->success_action_exit_status >= 0)
5712 return u->success_action_exit_status;
5713
5714 r = unit_exit_status(u);
5715 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5716 return 255;
5717
5718 return r;
5719}
5720
a4191c9f
LP		 5721int unit_test_trigger_loaded(Unit *u) {
5722 Unit *trigger;
5723
5724 /* Tests whether the unit to trigger is loaded */
5725
5726 trigger = UNIT_TRIGGER(u);
5727 if (!trigger)
e7b9f4d9
ZJS		 5728 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5729 "Refusing to start, no unit to trigger.");
a4191c9f 5730 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5731 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5732 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5733
5734 return 0;
5735}
5736
bb0c0d6f
LP		 5737void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5738 assert(u);
5739 assert(context);
5740
95939aed
YW		 5741 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5742 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5743 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5744
5745 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5746}
5747
380dc8b0
LP		 5748int unit_clean(Unit *u, ExecCleanMask mask) {
5749 UnitActiveState state;
5750
5751 assert(u);
5752
5753 /* Special return values:
5754 *
5755 * -EOPNOTSUPP → cleaning not supported for this unit type
5756 * -EUNATCH → cleaning not defined for this resource type
5757 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5758 * a job queued or similar
5759 */
5760
5761 if (!UNIT_VTABLE(u)->clean)
5762 return -EOPNOTSUPP;
5763
5764 if (mask == 0)
5765 return -EUNATCH;
5766
5767 if (u->load_state != UNIT_LOADED)
5768 return -EBUSY;
5769
5770 if (u->job)
5771 return -EBUSY;
5772
5773 state = unit_active_state(u);
5774 if (!IN_SET(state, UNIT_INACTIVE))
5775 return -EBUSY;
5776
5777 return UNIT_VTABLE(u)->clean(u, mask);
5778}
5779
5780int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5781 assert(u);
5782
5783 if (!UNIT_VTABLE(u)->clean ||
5784 u->load_state != UNIT_LOADED) {
5785 *ret = 0;
5786 return 0;
5787 }
5788
5789 /* When the clean() method is set, can_clean() really should be set too */
5790 assert(UNIT_VTABLE(u)->can_clean);
5791
5792 return UNIT_VTABLE(u)->can_clean(u, ret);
5793}
5794
d9e45bc3
MS		 5795bool unit_can_freeze(Unit *u) {
5796 assert(u);
5797
5798 if (UNIT_VTABLE(u)->can_freeze)
5799 return UNIT_VTABLE(u)->can_freeze(u);
5800
5801 return UNIT_VTABLE(u)->freeze;
5802}
5803
5804void unit_frozen(Unit *u) {
5805 assert(u);
5806
5807 u->freezer_state = FREEZER_FROZEN;
5808
5809 bus_unit_send_pending_freezer_message(u);
5810}
5811
5812void unit_thawed(Unit *u) {
5813 assert(u);
5814
5815 u->freezer_state = FREEZER_RUNNING;
5816
5817 bus_unit_send_pending_freezer_message(u);
5818}
5819
5820static int unit_freezer_action(Unit *u, FreezerAction action) {
5821 UnitActiveState s;
5822 int (*method)(Unit*);
5823 int r;
5824
5825 assert(u);
5826 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5827
5828 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5829 if (!method || !cg_freezer_supported())
5830 return -EOPNOTSUPP;
5831
5832 if (u->job)
5833 return -EBUSY;
5834
5835 if (u->load_state != UNIT_LOADED)
5836 return -EHOSTDOWN;
5837
5838 s = unit_active_state(u);
5839 if (s != UNIT_ACTIVE)
5840 return -EHOSTDOWN;
5841
5842 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5843 return -EALREADY;
5844
5845 r = method(u);
5846 if (r <= 0)
5847 return r;
5848
d171e72e
YW		 5849 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
5850
d9e45bc3
MS		 5851 return 1;
5852}
5853
5854int unit_freeze(Unit *u) {
5855 return unit_freezer_action(u, FREEZER_FREEZE);
5856}
5857
5858int unit_thaw(Unit *u) {
5859 return unit_freezer_action(u, FREEZER_THAW);
5860}
5861
5862/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5863int unit_freeze_vtable_common(Unit *u) {
5864 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5865}
5866
5867int unit_thaw_vtable_common(Unit *u) {
5868 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5869}
5870
6e548561 5871Condition *unit_find_failed_condition(Unit *u) {
03677889 5872 Condition *failed_trigger = NULL;
6e548561
DDM		 5873 bool has_succeeded_trigger = false;
5874
5875 if (u->condition_result)
5876 return NULL;
5877
5878 LIST_FOREACH(conditions, c, u->conditions)
5879 if (c->trigger) {
5880 if (c->result == CONDITION_SUCCEEDED)
5881 has_succeeded_trigger = true;
5882 else if (!failed_trigger)
5883 failed_trigger = c;
5884 } else if (c->result != CONDITION_SUCCEEDED)
5885 return c;
5886
5887 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5888}
5889
5afe510c
LP		 5890static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5891 [COLLECT_INACTIVE] = "inactive",
5892 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5893};
5894
5895DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5896
5897Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5898 Unit *i;
5899
5900 assert(u);
5901
5902 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5903 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5904 * is NULL the first entry found), or NULL if not found. */
5905
5906 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5907 if (!other || other == i)
5908 return i;
5909
5910 return NULL;
5911}
5912
5913int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5914 _cleanup_free_ Unit **array = NULL;
5915 size_t n = 0;
5916 Unit *other;
5917
5918 assert(u);
5919 assert(ret_array);
5920
5921 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5922 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 5923 * while the dependency table is continuously updated. */
15ed3c3a
LP		 5924
5925 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5926 if (!GREEDY_REALLOC(array, n + 1))
5927 return -ENOMEM;
5928
5929 array[n++] = other;
5930 }
5931
5932 *ret_array = TAKE_PTR(array);
5933
5934 assert(n <= INT_MAX);
5935 return (int) n;
5936}
48b92b37
LB		 5937
5938const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
4c420328 5939 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 5940 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 5941};
5942
5943ActivationDetails *activation_details_new(Unit *trigger_unit) {
5944 _cleanup_free_ ActivationDetails *details = NULL;
5945
5946 assert(trigger_unit);
5947 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
5948 assert(trigger_unit->id);
5949
5950 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
5951 if (!details)
5952 return NULL;
5953
5954 *details = (ActivationDetails) {
5955 .n_ref = 1,
5956 .trigger_unit_type = trigger_unit->type,
5957 };
5958
5959 details->trigger_unit_name = strdup(trigger_unit->id);
5960 if (!details->trigger_unit_name)
5961 return NULL;
5962
5963 if (ACTIVATION_DETAILS_VTABLE(details)->init)
5964 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
5965
5966 return TAKE_PTR(details);
5967}
5968
5969static ActivationDetails *activation_details_free(ActivationDetails *details) {
5970 if (!details)
5971 return NULL;
5972
5973 if (ACTIVATION_DETAILS_VTABLE(details)->done)
5974 ACTIVATION_DETAILS_VTABLE(details)->done(details);
5975
5976 free(details->trigger_unit_name);
5977
5978 return mfree(details);
5979}
5980
5981void activation_details_serialize(ActivationDetails *details, FILE *f) {
5982 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
5983 return;
5984
5985 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
5986 if (details->trigger_unit_name)
5987 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
5988 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
5989 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
5990}
5991
5992int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
5993 assert(key);
5994 assert(value);
5995 assert(details);
5996
5997 if (!*details) {
5998 UnitType t;
5999
6000 if (!streq(key, "activation-details-unit-type"))
6001 return -EINVAL;
6002
6003 t = unit_type_from_string(value);
6004 if (t == _UNIT_TYPE_INVALID)
6005 return -EINVAL;
6006
6007 *details = malloc0(activation_details_vtable[t]->object_size);
6008 if (!*details)
6009 return -ENOMEM;
6010
6011 **details = (ActivationDetails) {
6012 .n_ref = 1,
6013 .trigger_unit_type = t,
6014 };
6015
6016 return 0;
6017 }
6018
6019 if (streq(key, "activation-details-unit-name")) {
6020 (*details)->trigger_unit_name = strdup(value);
6021 if (!(*details)->trigger_unit_name)
6022 return -ENOMEM;
6023
6024 return 0;
6025 }
6026
6027 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6028 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6029
6030 return -EINVAL;
6031}
6032
6033int activation_details_append_env(ActivationDetails *details, char ***strv) {
6034 int r = 0;
6035
6036 assert(strv);
6037
6038 if (!details)
6039 return 0;
6040
6041 if (!isempty(details->trigger_unit_name)) {
6042 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6043 if (!s)
6044 return -ENOMEM;
6045
6046 r = strv_consume(strv, TAKE_PTR(s));
6047 if (r < 0)
6048 return r;
6049 }
6050
6051 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6052 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6053 if (r < 0)
6054 return r;
6055 }
6056
6057 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6058}
6059
6060int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6061 int r = 0;
6062
6063 assert(strv);
6064
6065 if (!details)
6066 return 0;
6067
6068 if (!isempty(details->trigger_unit_name)) {
6069 r = strv_extend(strv, "trigger_unit");
6070 if (r < 0)
6071 return r;
6072
6073 r = strv_extend(strv, details->trigger_unit_name);
6074 if (r < 0)
6075 return r;
6076 }
6077
6078 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6079 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6080 if (r < 0)
6081 return r;
6082 }
6083
6084 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6085}
6086
6087DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
Unnamed repository; edit this file 'description' to name the repository.