]>
Commit | Line | Data |
---|---|---|
1 | /* SPDX-License-Identifier: LGPL-2.1+ */ | |
2 | /*** | |
3 | Copyright © 2012 Holger Hans Peter Freyther | |
4 | ***/ | |
5 | ||
6 | #include <errno.h> | |
7 | #include <fcntl.h> | |
8 | #include <linux/fs.h> | |
9 | #include <linux/oom.h> | |
10 | #if HAVE_SECCOMP | |
11 | #include <seccomp.h> | |
12 | #endif | |
13 | #include <sched.h> | |
14 | #include <sys/resource.h> | |
15 | ||
16 | #include "sd-messages.h" | |
17 | ||
18 | #include "af-list.h" | |
19 | #include "alloc-util.h" | |
20 | #include "all-units.h" | |
21 | #include "bpf-firewall.h" | |
22 | #include "bus-error.h" | |
23 | #include "bus-internal.h" | |
24 | #include "bus-util.h" | |
25 | #include "cap-list.h" | |
26 | #include "capability-util.h" | |
27 | #include "cgroup-setup.h" | |
28 | #include "conf-parser.h" | |
29 | #include "cpu-set-util.h" | |
30 | #include "env-util.h" | |
31 | #include "errno-list.h" | |
32 | #include "escape.h" | |
33 | #include "fd-util.h" | |
34 | #include "fileio.h" | |
35 | #include "fs-util.h" | |
36 | #include "hexdecoct.h" | |
37 | #include "io-util.h" | |
38 | #include "ioprio.h" | |
39 | #include "ip-protocol-list.h" | |
40 | #include "journal-util.h" | |
41 | #include "limits-util.h" | |
42 | #include "load-fragment.h" | |
43 | #include "log.h" | |
44 | #include "mountpoint-util.h" | |
45 | #include "nulstr-util.h" | |
46 | #include "parse-util.h" | |
47 | #include "path-util.h" | |
48 | #include "process-util.h" | |
49 | #if HAVE_SECCOMP | |
50 | #include "seccomp-util.h" | |
51 | #endif | |
52 | #include "securebits-util.h" | |
53 | #include "signal-util.h" | |
54 | #include "socket-netlink.h" | |
55 | #include "stat-util.h" | |
56 | #include "string-util.h" | |
57 | #include "strv.h" | |
58 | #include "syslog-util.h" | |
59 | #include "time-util.h" | |
60 | #include "unit-name.h" | |
61 | #include "unit-printf.h" | |
62 | #include "user-util.h" | |
63 | #include "web-util.h" | |
64 | ||
65 | static int parse_socket_protocol(const char *s) { | |
66 | int r; | |
67 | ||
68 | r = parse_ip_protocol(s); | |
69 | if (r < 0) | |
70 | return r; | |
71 | if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP)) | |
72 | return -EPROTONOSUPPORT; | |
73 | ||
74 | return r; | |
75 | } | |
76 | ||
77 | int parse_crash_chvt(const char *value, int *data) { | |
78 | int b; | |
79 | ||
80 | if (safe_atoi(value, data) >= 0) | |
81 | return 0; | |
82 | ||
83 | b = parse_boolean(value); | |
84 | if (b < 0) | |
85 | return b; | |
86 | ||
87 | if (b > 0) | |
88 | *data = 0; /* switch to where kmsg goes */ | |
89 | else | |
90 | *data = -1; /* turn off switching */ | |
91 | ||
92 | return 0; | |
93 | } | |
94 | ||
95 | int parse_confirm_spawn(const char *value, char **console) { | |
96 | char *s; | |
97 | int r; | |
98 | ||
99 | r = value ? parse_boolean(value) : 1; | |
100 | if (r == 0) { | |
101 | *console = NULL; | |
102 | return 0; | |
103 | } else if (r > 0) /* on with default tty */ | |
104 | s = strdup("/dev/console"); | |
105 | else if (is_path(value)) /* on with fully qualified path */ | |
106 | s = strdup(value); | |
107 | else /* on with only a tty file name, not a fully qualified path */ | |
108 | s = path_join("/dev/", value); | |
109 | if (!s) | |
110 | return -ENOMEM; | |
111 | ||
112 | *console = s; | |
113 | return 0; | |
114 | } | |
115 | ||
116 | DEFINE_CONFIG_PARSE(config_parse_socket_protocol, parse_socket_protocol, "Failed to parse socket protocol"); | |
117 | DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits"); | |
118 | DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode"); | |
119 | DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy"); | |
120 | DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode"); | |
121 | DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode"); | |
122 | DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode"); | |
123 | DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier"); | |
124 | DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home, ProtectHome, "Failed to parse protect home value"); | |
125 | DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system, ProtectSystem, "Failed to parse protect system value"); | |
126 | DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode"); | |
127 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type"); | |
128 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier"); | |
129 | DEFINE_CONFIG_PARSE_ENUM(config_parse_service_timeout_failure_mode, service_timeout_failure_mode, ServiceTimeoutFailureMode, "Failed to parse timeout failure mode"); | |
130 | DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value"); | |
131 | DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy, oom_policy, OOMPolicy, "Failed to parse OOM policy"); | |
132 | DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value"); | |
133 | DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight"); | |
134 | DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight"); | |
135 | DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares"); | |
136 | DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag"); | |
137 | DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type"); | |
138 | DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format"); | |
139 | ||
140 | int config_parse_unit_deps( | |
141 | const char *unit, | |
142 | const char *filename, | |
143 | unsigned line, | |
144 | const char *section, | |
145 | unsigned section_line, | |
146 | const char *lvalue, | |
147 | int ltype, | |
148 | const char *rvalue, | |
149 | void *data, | |
150 | void *userdata) { | |
151 | ||
152 | UnitDependency d = ltype; | |
153 | Unit *u = userdata; | |
154 | const char *p; | |
155 | ||
156 | assert(filename); | |
157 | assert(lvalue); | |
158 | assert(rvalue); | |
159 | ||
160 | p = rvalue; | |
161 | for (;;) { | |
162 | _cleanup_free_ char *word = NULL, *k = NULL; | |
163 | int r; | |
164 | ||
165 | r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE); | |
166 | if (r == 0) | |
167 | break; | |
168 | if (r == -ENOMEM) | |
169 | return log_oom(); | |
170 | if (r < 0) { | |
171 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
172 | break; | |
173 | } | |
174 | ||
175 | r = unit_name_printf(u, word, &k); | |
176 | if (r < 0) { | |
177 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); | |
178 | continue; | |
179 | } | |
180 | ||
181 | r = unit_add_dependency_by_name(u, d, k, true, UNIT_DEPENDENCY_FILE); | |
182 | if (r < 0) | |
183 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); | |
184 | } | |
185 | ||
186 | return 0; | |
187 | } | |
188 | ||
189 | int config_parse_obsolete_unit_deps( | |
190 | const char *unit, | |
191 | const char *filename, | |
192 | unsigned line, | |
193 | const char *section, | |
194 | unsigned section_line, | |
195 | const char *lvalue, | |
196 | int ltype, | |
197 | const char *rvalue, | |
198 | void *data, | |
199 | void *userdata) { | |
200 | ||
201 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
202 | "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype)); | |
203 | ||
204 | return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata); | |
205 | } | |
206 | ||
207 | int config_parse_unit_string_printf( | |
208 | const char *unit, | |
209 | const char *filename, | |
210 | unsigned line, | |
211 | const char *section, | |
212 | unsigned section_line, | |
213 | const char *lvalue, | |
214 | int ltype, | |
215 | const char *rvalue, | |
216 | void *data, | |
217 | void *userdata) { | |
218 | ||
219 | _cleanup_free_ char *k = NULL; | |
220 | const Unit *u = userdata; | |
221 | int r; | |
222 | ||
223 | assert(filename); | |
224 | assert(lvalue); | |
225 | assert(rvalue); | |
226 | assert(u); | |
227 | ||
228 | r = unit_full_printf(u, rvalue, &k); | |
229 | if (r < 0) { | |
230 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
231 | return 0; | |
232 | } | |
233 | ||
234 | return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); | |
235 | } | |
236 | ||
237 | int config_parse_unit_strv_printf( | |
238 | const char *unit, | |
239 | const char *filename, | |
240 | unsigned line, | |
241 | const char *section, | |
242 | unsigned section_line, | |
243 | const char *lvalue, | |
244 | int ltype, | |
245 | const char *rvalue, | |
246 | void *data, | |
247 | void *userdata) { | |
248 | ||
249 | const Unit *u = userdata; | |
250 | _cleanup_free_ char *k = NULL; | |
251 | int r; | |
252 | ||
253 | assert(filename); | |
254 | assert(lvalue); | |
255 | assert(rvalue); | |
256 | assert(u); | |
257 | ||
258 | r = unit_full_printf(u, rvalue, &k); | |
259 | if (r < 0) { | |
260 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
261 | return 0; | |
262 | } | |
263 | ||
264 | return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); | |
265 | } | |
266 | ||
267 | int config_parse_unit_path_printf( | |
268 | const char *unit, | |
269 | const char *filename, | |
270 | unsigned line, | |
271 | const char *section, | |
272 | unsigned section_line, | |
273 | const char *lvalue, | |
274 | int ltype, | |
275 | const char *rvalue, | |
276 | void *data, | |
277 | void *userdata) { | |
278 | ||
279 | _cleanup_free_ char *k = NULL; | |
280 | const Unit *u = userdata; | |
281 | int r; | |
282 | bool fatal = ltype; | |
283 | ||
284 | assert(filename); | |
285 | assert(lvalue); | |
286 | assert(rvalue); | |
287 | assert(u); | |
288 | ||
289 | /* Let's not bother with anything that is too long */ | |
290 | if (strlen(rvalue) >= PATH_MAX) { | |
291 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
292 | "%s value too long%s.", | |
293 | lvalue, fatal ? "" : ", ignoring"); | |
294 | return fatal ? -ENAMETOOLONG : 0; | |
295 | } | |
296 | ||
297 | r = unit_full_printf(u, rvalue, &k); | |
298 | if (r < 0) { | |
299 | log_syntax(unit, LOG_ERR, filename, line, r, | |
300 | "Failed to resolve unit specifiers in '%s'%s: %m", | |
301 | rvalue, fatal ? "" : ", ignoring"); | |
302 | return fatal ? -ENOEXEC : 0; | |
303 | } | |
304 | ||
305 | return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); | |
306 | } | |
307 | ||
308 | int config_parse_unit_path_strv_printf( | |
309 | const char *unit, | |
310 | const char *filename, | |
311 | unsigned line, | |
312 | const char *section, | |
313 | unsigned section_line, | |
314 | const char *lvalue, | |
315 | int ltype, | |
316 | const char *rvalue, | |
317 | void *data, | |
318 | void *userdata) { | |
319 | ||
320 | char ***x = data; | |
321 | const Unit *u = userdata; | |
322 | int r; | |
323 | const char *p; | |
324 | ||
325 | assert(filename); | |
326 | assert(lvalue); | |
327 | assert(rvalue); | |
328 | assert(u); | |
329 | ||
330 | if (isempty(rvalue)) { | |
331 | *x = strv_free(*x); | |
332 | return 0; | |
333 | } | |
334 | ||
335 | for (p = rvalue;;) { | |
336 | _cleanup_free_ char *word = NULL, *k = NULL; | |
337 | ||
338 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
339 | if (r == 0) | |
340 | return 0; | |
341 | if (r == -ENOMEM) | |
342 | return log_oom(); | |
343 | if (r < 0) { | |
344 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
345 | "Invalid syntax, ignoring: %s", rvalue); | |
346 | return 0; | |
347 | } | |
348 | ||
349 | r = unit_full_printf(u, word, &k); | |
350 | if (r < 0) { | |
351 | log_syntax(unit, LOG_ERR, filename, line, r, | |
352 | "Failed to resolve unit specifiers in '%s', ignoring: %m", word); | |
353 | return 0; | |
354 | } | |
355 | ||
356 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
357 | if (r < 0) | |
358 | return 0; | |
359 | ||
360 | r = strv_consume(x, TAKE_PTR(k)); | |
361 | if (r < 0) | |
362 | return log_oom(); | |
363 | } | |
364 | } | |
365 | ||
366 | static int patch_var_run( | |
367 | const char *unit, | |
368 | const char *filename, | |
369 | unsigned line, | |
370 | const char *lvalue, | |
371 | char **path) { | |
372 | ||
373 | const char *e; | |
374 | char *z; | |
375 | ||
376 | e = path_startswith(*path, "/var/run/"); | |
377 | if (!e) | |
378 | return 0; | |
379 | ||
380 | z = path_join("/run/", e); | |
381 | if (!z) | |
382 | return log_oom(); | |
383 | ||
384 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
385 | "%s= references a path below legacy directory /var/run/, updating %s → %s; " | |
386 | "please update the unit file accordingly.", lvalue, *path, z); | |
387 | ||
388 | free_and_replace(*path, z); | |
389 | ||
390 | return 1; | |
391 | } | |
392 | ||
393 | int config_parse_socket_listen( | |
394 | const char *unit, | |
395 | const char *filename, | |
396 | unsigned line, | |
397 | const char *section, | |
398 | unsigned section_line, | |
399 | const char *lvalue, | |
400 | int ltype, | |
401 | const char *rvalue, | |
402 | void *data, | |
403 | void *userdata) { | |
404 | ||
405 | _cleanup_free_ SocketPort *p = NULL; | |
406 | SocketPort *tail; | |
407 | Socket *s; | |
408 | int r; | |
409 | ||
410 | assert(filename); | |
411 | assert(lvalue); | |
412 | assert(rvalue); | |
413 | assert(data); | |
414 | ||
415 | s = SOCKET(data); | |
416 | ||
417 | if (isempty(rvalue)) { | |
418 | /* An empty assignment removes all ports */ | |
419 | socket_free_ports(s); | |
420 | return 0; | |
421 | } | |
422 | ||
423 | p = new0(SocketPort, 1); | |
424 | if (!p) | |
425 | return log_oom(); | |
426 | ||
427 | if (ltype != SOCKET_SOCKET) { | |
428 | _cleanup_free_ char *k = NULL; | |
429 | ||
430 | r = unit_full_printf(UNIT(s), rvalue, &k); | |
431 | if (r < 0) { | |
432 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
433 | return 0; | |
434 | } | |
435 | ||
436 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
437 | if (r < 0) | |
438 | return 0; | |
439 | ||
440 | if (ltype == SOCKET_FIFO) { | |
441 | r = patch_var_run(unit, filename, line, lvalue, &k); | |
442 | if (r < 0) | |
443 | return r; | |
444 | } | |
445 | ||
446 | free_and_replace(p->path, k); | |
447 | p->type = ltype; | |
448 | ||
449 | } else if (streq(lvalue, "ListenNetlink")) { | |
450 | _cleanup_free_ char *k = NULL; | |
451 | ||
452 | r = unit_full_printf(UNIT(s), rvalue, &k); | |
453 | if (r < 0) { | |
454 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
455 | return 0; | |
456 | } | |
457 | ||
458 | r = socket_address_parse_netlink(&p->address, k); | |
459 | if (r < 0) { | |
460 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k); | |
461 | return 0; | |
462 | } | |
463 | ||
464 | p->type = SOCKET_SOCKET; | |
465 | ||
466 | } else { | |
467 | _cleanup_free_ char *k = NULL; | |
468 | ||
469 | r = unit_full_printf(UNIT(s), rvalue, &k); | |
470 | if (r < 0) { | |
471 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
472 | return 0; | |
473 | } | |
474 | ||
475 | if (k[0] == '/') { /* Only for AF_UNIX file system sockets… */ | |
476 | r = patch_var_run(unit, filename, line, lvalue, &k); | |
477 | if (r < 0) | |
478 | return r; | |
479 | } | |
480 | ||
481 | r = socket_address_parse_and_warn(&p->address, k); | |
482 | if (r < 0) { | |
483 | if (r != -EAFNOSUPPORT) | |
484 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k); | |
485 | return 0; | |
486 | } | |
487 | ||
488 | if (streq(lvalue, "ListenStream")) | |
489 | p->address.type = SOCK_STREAM; | |
490 | else if (streq(lvalue, "ListenDatagram")) | |
491 | p->address.type = SOCK_DGRAM; | |
492 | else { | |
493 | assert(streq(lvalue, "ListenSequentialPacket")); | |
494 | p->address.type = SOCK_SEQPACKET; | |
495 | } | |
496 | ||
497 | if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) { | |
498 | log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue); | |
499 | return 0; | |
500 | } | |
501 | ||
502 | p->type = SOCKET_SOCKET; | |
503 | } | |
504 | ||
505 | p->fd = -1; | |
506 | p->auxiliary_fds = NULL; | |
507 | p->n_auxiliary_fds = 0; | |
508 | p->socket = s; | |
509 | ||
510 | LIST_FIND_TAIL(port, s->ports, tail); | |
511 | LIST_INSERT_AFTER(port, s->ports, tail, p); | |
512 | ||
513 | p = NULL; | |
514 | ||
515 | return 0; | |
516 | } | |
517 | ||
518 | int config_parse_exec_nice( | |
519 | const char *unit, | |
520 | const char *filename, | |
521 | unsigned line, | |
522 | const char *section, | |
523 | unsigned section_line, | |
524 | const char *lvalue, | |
525 | int ltype, | |
526 | const char *rvalue, | |
527 | void *data, | |
528 | void *userdata) { | |
529 | ||
530 | ExecContext *c = data; | |
531 | int priority, r; | |
532 | ||
533 | assert(filename); | |
534 | assert(lvalue); | |
535 | assert(rvalue); | |
536 | assert(data); | |
537 | ||
538 | if (isempty(rvalue)) { | |
539 | c->nice_set = false; | |
540 | return 0; | |
541 | } | |
542 | ||
543 | r = parse_nice(rvalue, &priority); | |
544 | if (r < 0) { | |
545 | if (r == -ERANGE) | |
546 | log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue); | |
547 | else | |
548 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue); | |
549 | return 0; | |
550 | } | |
551 | ||
552 | c->nice = priority; | |
553 | c->nice_set = true; | |
554 | ||
555 | return 0; | |
556 | } | |
557 | ||
558 | int config_parse_exec_oom_score_adjust( | |
559 | const char* unit, | |
560 | const char *filename, | |
561 | unsigned line, | |
562 | const char *section, | |
563 | unsigned section_line, | |
564 | const char *lvalue, | |
565 | int ltype, | |
566 | const char *rvalue, | |
567 | void *data, | |
568 | void *userdata) { | |
569 | ||
570 | ExecContext *c = data; | |
571 | int oa, r; | |
572 | ||
573 | assert(filename); | |
574 | assert(lvalue); | |
575 | assert(rvalue); | |
576 | assert(data); | |
577 | ||
578 | if (isempty(rvalue)) { | |
579 | c->oom_score_adjust_set = false; | |
580 | return 0; | |
581 | } | |
582 | ||
583 | r = parse_oom_score_adjust(rvalue, &oa); | |
584 | if (r < 0) { | |
585 | if (r == -ERANGE) | |
586 | log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue); | |
587 | else | |
588 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue); | |
589 | return 0; | |
590 | } | |
591 | ||
592 | c->oom_score_adjust = oa; | |
593 | c->oom_score_adjust_set = true; | |
594 | ||
595 | return 0; | |
596 | } | |
597 | ||
598 | int config_parse_exec_coredump_filter( | |
599 | const char* unit, | |
600 | const char *filename, | |
601 | unsigned line, | |
602 | const char *section, | |
603 | unsigned section_line, | |
604 | const char *lvalue, | |
605 | int ltype, | |
606 | const char *rvalue, | |
607 | void *data, | |
608 | void *userdata) { | |
609 | ||
610 | ExecContext *c = data; | |
611 | int r; | |
612 | ||
613 | assert(filename); | |
614 | assert(lvalue); | |
615 | assert(rvalue); | |
616 | assert(data); | |
617 | ||
618 | if (isempty(rvalue)) { | |
619 | c->coredump_filter = 0; | |
620 | c->coredump_filter_set = false; | |
621 | return 0; | |
622 | } | |
623 | ||
624 | uint64_t f; | |
625 | r = coredump_filter_mask_from_string(rvalue, &f); | |
626 | if (r < 0) { | |
627 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
628 | "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue); | |
629 | return 0; | |
630 | } | |
631 | ||
632 | c->coredump_filter |= f; | |
633 | c->oom_score_adjust_set = true; | |
634 | return 0; | |
635 | } | |
636 | ||
637 | int config_parse_kill_mode( | |
638 | const char* unit, | |
639 | const char *filename, | |
640 | unsigned line, | |
641 | const char *section, | |
642 | unsigned section_line, | |
643 | const char *lvalue, | |
644 | int ltype, | |
645 | const char *rvalue, | |
646 | void *data, | |
647 | void *userdata) { | |
648 | ||
649 | KillMode *k = data, m; | |
650 | ||
651 | assert(filename); | |
652 | assert(lvalue); | |
653 | assert(rvalue); | |
654 | assert(data); | |
655 | ||
656 | if (isempty(rvalue)) { | |
657 | *k = KILL_CONTROL_GROUP; | |
658 | return 0; | |
659 | } | |
660 | ||
661 | m = kill_mode_from_string(rvalue); | |
662 | if (m < 0) { | |
663 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
664 | "Failed to parse kill mode specification, ignoring: %s", rvalue); | |
665 | return 0; | |
666 | } | |
667 | ||
668 | if (m == KILL_NONE) | |
669 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
670 | "Unit configured to use KillMode=none. " | |
671 | "This is unsafe, as it disables systemd's process lifecycle management for the service. " | |
672 | "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. " | |
673 | "Support for KillMode=none is deprecated and will eventually be removed."); | |
674 | ||
675 | *k = m; | |
676 | return 0; | |
677 | } | |
678 | ||
679 | int config_parse_exec( | |
680 | const char *unit, | |
681 | const char *filename, | |
682 | unsigned line, | |
683 | const char *section, | |
684 | unsigned section_line, | |
685 | const char *lvalue, | |
686 | int ltype, | |
687 | const char *rvalue, | |
688 | void *data, | |
689 | void *userdata) { | |
690 | ||
691 | ExecCommand **e = data; | |
692 | const Unit *u = userdata; | |
693 | const char *p; | |
694 | bool semicolon; | |
695 | int r; | |
696 | ||
697 | assert(filename); | |
698 | assert(lvalue); | |
699 | assert(rvalue); | |
700 | assert(e); | |
701 | ||
702 | e += ltype; | |
703 | ||
704 | if (isempty(rvalue)) { | |
705 | /* An empty assignment resets the list */ | |
706 | *e = exec_command_free_list(*e); | |
707 | return 0; | |
708 | } | |
709 | ||
710 | p = rvalue; | |
711 | do { | |
712 | _cleanup_free_ char *path = NULL, *firstword = NULL; | |
713 | ExecCommandFlags flags = 0; | |
714 | bool ignore = false, separate_argv0 = false; | |
715 | _cleanup_free_ ExecCommand *nce = NULL; | |
716 | _cleanup_strv_free_ char **n = NULL; | |
717 | size_t nlen = 0, nbufsize = 0; | |
718 | const char *f; | |
719 | ||
720 | semicolon = false; | |
721 | ||
722 | r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue); | |
723 | if (r <= 0) | |
724 | return 0; | |
725 | ||
726 | f = firstword; | |
727 | for (;;) { | |
728 | /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't | |
729 | * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of | |
730 | * argv[0]; if it's prefixed with :, we will not do environment variable substitution; | |
731 | * if it's prefixed with +, it will be run with full privileges and no sandboxing; if | |
732 | * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if | |
733 | * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient | |
734 | * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most | |
735 | * other sandboxing, with some special exceptions for changing UID. | |
736 | * | |
737 | * The idea is that '!!' may be used to write services that can take benefit of systemd's | |
738 | * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to | |
739 | * privilege dropping within the daemon if the kernel does not offer that. */ | |
740 | ||
741 | if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) { | |
742 | flags |= EXEC_COMMAND_IGNORE_FAILURE; | |
743 | ignore = true; | |
744 | } else if (*f == '@' && !separate_argv0) | |
745 | separate_argv0 = true; | |
746 | else if (*f == ':' && !(flags & EXEC_COMMAND_NO_ENV_EXPAND)) | |
747 | flags |= EXEC_COMMAND_NO_ENV_EXPAND; | |
748 | else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC))) | |
749 | flags |= EXEC_COMMAND_FULLY_PRIVILEGED; | |
750 | else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC))) | |
751 | flags |= EXEC_COMMAND_NO_SETUID; | |
752 | else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) { | |
753 | flags &= ~EXEC_COMMAND_NO_SETUID; | |
754 | flags |= EXEC_COMMAND_AMBIENT_MAGIC; | |
755 | } else | |
756 | break; | |
757 | f++; | |
758 | } | |
759 | ||
760 | r = unit_full_printf(u, f, &path); | |
761 | if (r < 0) { | |
762 | log_syntax(unit, LOG_ERR, filename, line, r, | |
763 | "Failed to resolve unit specifiers in '%s'%s: %m", | |
764 | f, ignore ? ", ignoring" : ""); | |
765 | return ignore ? 0 : -ENOEXEC; | |
766 | } | |
767 | ||
768 | if (isempty(path)) { | |
769 | /* First word is either "-" or "@" with no command. */ | |
770 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
771 | "Empty path in command line%s: '%s'", | |
772 | ignore ? ", ignoring" : "", rvalue); | |
773 | return ignore ? 0 : -ENOEXEC; | |
774 | } | |
775 | if (!string_is_safe(path)) { | |
776 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
777 | "Executable name contains special characters%s: %s", | |
778 | ignore ? ", ignoring" : "", path); | |
779 | return ignore ? 0 : -ENOEXEC; | |
780 | } | |
781 | if (endswith(path, "/")) { | |
782 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
783 | "Executable path specifies a directory%s: %s", | |
784 | ignore ? ", ignoring" : "", path); | |
785 | return ignore ? 0 : -ENOEXEC; | |
786 | } | |
787 | ||
788 | if (!path_is_absolute(path)) { | |
789 | const char *prefix; | |
790 | bool found = false; | |
791 | ||
792 | if (!filename_is_valid(path)) { | |
793 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
794 | "Neither a valid executable name nor an absolute path%s: %s", | |
795 | ignore ? ", ignoring" : "", path); | |
796 | return ignore ? 0 : -ENOEXEC; | |
797 | } | |
798 | ||
799 | /* Resolve a single-component name to a full path */ | |
800 | NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) { | |
801 | _cleanup_free_ char *fullpath = NULL; | |
802 | ||
803 | fullpath = path_join(prefix, path); | |
804 | if (!fullpath) | |
805 | return log_oom(); | |
806 | ||
807 | if (access(fullpath, F_OK) >= 0) { | |
808 | free_and_replace(path, fullpath); | |
809 | found = true; | |
810 | break; | |
811 | } | |
812 | } | |
813 | ||
814 | if (!found) { | |
815 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
816 | "Executable \"%s\" not found in path \"%s\"%s", | |
817 | path, DEFAULT_PATH, ignore ? ", ignoring" : ""); | |
818 | return ignore ? 0 : -ENOEXEC; | |
819 | } | |
820 | } | |
821 | ||
822 | if (!separate_argv0) { | |
823 | char *w = NULL; | |
824 | ||
825 | if (!GREEDY_REALLOC(n, nbufsize, nlen + 2)) | |
826 | return log_oom(); | |
827 | ||
828 | w = strdup(path); | |
829 | if (!w) | |
830 | return log_oom(); | |
831 | n[nlen++] = w; | |
832 | n[nlen] = NULL; | |
833 | } | |
834 | ||
835 | path_simplify(path, false); | |
836 | ||
837 | while (!isempty(p)) { | |
838 | _cleanup_free_ char *word = NULL, *resolved = NULL; | |
839 | ||
840 | /* Check explicitly for an unquoted semicolon as | |
841 | * command separator token. */ | |
842 | if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) { | |
843 | p++; | |
844 | p += strspn(p, WHITESPACE); | |
845 | semicolon = true; | |
846 | break; | |
847 | } | |
848 | ||
849 | /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc. | |
850 | * extract_first_word() would return the same for all of those. */ | |
851 | if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) { | |
852 | char *w; | |
853 | ||
854 | p += 2; | |
855 | p += strspn(p, WHITESPACE); | |
856 | ||
857 | if (!GREEDY_REALLOC(n, nbufsize, nlen + 2)) | |
858 | return log_oom(); | |
859 | ||
860 | w = strdup(";"); | |
861 | if (!w) | |
862 | return log_oom(); | |
863 | n[nlen++] = w; | |
864 | n[nlen] = NULL; | |
865 | continue; | |
866 | } | |
867 | ||
868 | r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue); | |
869 | if (r == 0) | |
870 | break; | |
871 | if (r < 0) | |
872 | return ignore ? 0 : -ENOEXEC; | |
873 | ||
874 | r = unit_full_printf(u, word, &resolved); | |
875 | if (r < 0) { | |
876 | log_syntax(unit, LOG_ERR, filename, line, r, | |
877 | "Failed to resolve unit specifiers in %s%s: %m", | |
878 | word, ignore ? ", ignoring" : ""); | |
879 | return ignore ? 0 : -ENOEXEC; | |
880 | } | |
881 | ||
882 | if (!GREEDY_REALLOC(n, nbufsize, nlen + 2)) | |
883 | return log_oom(); | |
884 | ||
885 | n[nlen++] = TAKE_PTR(resolved); | |
886 | n[nlen] = NULL; | |
887 | } | |
888 | ||
889 | if (!n || !n[0]) { | |
890 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
891 | "Empty executable name or zeroeth argument%s: %s", | |
892 | ignore ? ", ignoring" : "", rvalue); | |
893 | return ignore ? 0 : -ENOEXEC; | |
894 | } | |
895 | ||
896 | nce = new0(ExecCommand, 1); | |
897 | if (!nce) | |
898 | return log_oom(); | |
899 | ||
900 | nce->argv = TAKE_PTR(n); | |
901 | nce->path = TAKE_PTR(path); | |
902 | nce->flags = flags; | |
903 | ||
904 | exec_command_append_list(e, nce); | |
905 | ||
906 | /* Do not _cleanup_free_ these. */ | |
907 | nce = NULL; | |
908 | ||
909 | rvalue = p; | |
910 | } while (semicolon); | |
911 | ||
912 | return 0; | |
913 | } | |
914 | ||
915 | int config_parse_socket_bindtodevice( | |
916 | const char* unit, | |
917 | const char *filename, | |
918 | unsigned line, | |
919 | const char *section, | |
920 | unsigned section_line, | |
921 | const char *lvalue, | |
922 | int ltype, | |
923 | const char *rvalue, | |
924 | void *data, | |
925 | void *userdata) { | |
926 | ||
927 | Socket *s = data; | |
928 | ||
929 | assert(filename); | |
930 | assert(lvalue); | |
931 | assert(rvalue); | |
932 | assert(data); | |
933 | ||
934 | if (isempty(rvalue) || streq(rvalue, "*")) { | |
935 | s->bind_to_device = mfree(s->bind_to_device); | |
936 | return 0; | |
937 | } | |
938 | ||
939 | if (!ifname_valid(rvalue)) { | |
940 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue); | |
941 | return 0; | |
942 | } | |
943 | ||
944 | if (free_and_strdup(&s->bind_to_device, rvalue) < 0) | |
945 | return log_oom(); | |
946 | ||
947 | return 0; | |
948 | } | |
949 | ||
950 | int config_parse_exec_input( | |
951 | const char *unit, | |
952 | const char *filename, | |
953 | unsigned line, | |
954 | const char *section, | |
955 | unsigned section_line, | |
956 | const char *lvalue, | |
957 | int ltype, | |
958 | const char *rvalue, | |
959 | void *data, | |
960 | void *userdata) { | |
961 | ||
962 | ExecContext *c = data; | |
963 | const Unit *u = userdata; | |
964 | const char *n; | |
965 | ExecInput ei; | |
966 | int r; | |
967 | ||
968 | assert(data); | |
969 | assert(filename); | |
970 | assert(line); | |
971 | assert(rvalue); | |
972 | ||
973 | n = startswith(rvalue, "fd:"); | |
974 | if (n) { | |
975 | _cleanup_free_ char *resolved = NULL; | |
976 | ||
977 | r = unit_full_printf(u, n, &resolved); | |
978 | if (r < 0) | |
979 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n); | |
980 | ||
981 | if (isempty(resolved)) | |
982 | resolved = mfree(resolved); | |
983 | else if (!fdname_is_valid(resolved)) { | |
984 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved); | |
985 | return -ENOEXEC; | |
986 | } | |
987 | ||
988 | free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved); | |
989 | ||
990 | ei = EXEC_INPUT_NAMED_FD; | |
991 | ||
992 | } else if ((n = startswith(rvalue, "file:"))) { | |
993 | _cleanup_free_ char *resolved = NULL; | |
994 | ||
995 | r = unit_full_printf(u, n, &resolved); | |
996 | if (r < 0) | |
997 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n); | |
998 | ||
999 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); | |
1000 | if (r < 0) | |
1001 | return -ENOEXEC; | |
1002 | ||
1003 | free_and_replace(c->stdio_file[STDIN_FILENO], resolved); | |
1004 | ||
1005 | ei = EXEC_INPUT_FILE; | |
1006 | ||
1007 | } else { | |
1008 | ei = exec_input_from_string(rvalue); | |
1009 | if (ei < 0) { | |
1010 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue); | |
1011 | return 0; | |
1012 | } | |
1013 | } | |
1014 | ||
1015 | c->std_input = ei; | |
1016 | return 0; | |
1017 | } | |
1018 | ||
1019 | int config_parse_exec_input_text( | |
1020 | const char *unit, | |
1021 | const char *filename, | |
1022 | unsigned line, | |
1023 | const char *section, | |
1024 | unsigned section_line, | |
1025 | const char *lvalue, | |
1026 | int ltype, | |
1027 | const char *rvalue, | |
1028 | void *data, | |
1029 | void *userdata) { | |
1030 | ||
1031 | _cleanup_free_ char *unescaped = NULL, *resolved = NULL; | |
1032 | ExecContext *c = data; | |
1033 | const Unit *u = userdata; | |
1034 | size_t sz; | |
1035 | void *p; | |
1036 | int r; | |
1037 | ||
1038 | assert(data); | |
1039 | assert(filename); | |
1040 | assert(line); | |
1041 | assert(rvalue); | |
1042 | ||
1043 | if (isempty(rvalue)) { | |
1044 | /* Reset if the empty string is assigned */ | |
1045 | c->stdin_data = mfree(c->stdin_data); | |
1046 | c->stdin_data_size = 0; | |
1047 | return 0; | |
1048 | } | |
1049 | ||
1050 | r = cunescape(rvalue, 0, &unescaped); | |
1051 | if (r < 0) | |
1052 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue); | |
1053 | ||
1054 | r = unit_full_printf(u, unescaped, &resolved); | |
1055 | if (r < 0) | |
1056 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped); | |
1057 | ||
1058 | sz = strlen(resolved); | |
1059 | if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */ | |
1060 | c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) { | |
1061 | log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX); | |
1062 | return -E2BIG; | |
1063 | } | |
1064 | ||
1065 | p = realloc(c->stdin_data, c->stdin_data_size + sz + 1); | |
1066 | if (!p) | |
1067 | return log_oom(); | |
1068 | ||
1069 | *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n'; | |
1070 | ||
1071 | c->stdin_data = p; | |
1072 | c->stdin_data_size += sz + 1; | |
1073 | ||
1074 | return 0; | |
1075 | } | |
1076 | ||
1077 | int config_parse_exec_input_data( | |
1078 | const char *unit, | |
1079 | const char *filename, | |
1080 | unsigned line, | |
1081 | const char *section, | |
1082 | unsigned section_line, | |
1083 | const char *lvalue, | |
1084 | int ltype, | |
1085 | const char *rvalue, | |
1086 | void *data, | |
1087 | void *userdata) { | |
1088 | ||
1089 | _cleanup_free_ void *p = NULL; | |
1090 | ExecContext *c = data; | |
1091 | size_t sz; | |
1092 | void *q; | |
1093 | int r; | |
1094 | ||
1095 | assert(data); | |
1096 | assert(filename); | |
1097 | assert(line); | |
1098 | assert(rvalue); | |
1099 | ||
1100 | if (isempty(rvalue)) { | |
1101 | /* Reset if the empty string is assigned */ | |
1102 | c->stdin_data = mfree(c->stdin_data); | |
1103 | c->stdin_data_size = 0; | |
1104 | return 0; | |
1105 | } | |
1106 | ||
1107 | r = unbase64mem(rvalue, (size_t) -1, &p, &sz); | |
1108 | if (r < 0) | |
1109 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue); | |
1110 | ||
1111 | assert(sz > 0); | |
1112 | ||
1113 | if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */ | |
1114 | c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) { | |
1115 | log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX); | |
1116 | return -E2BIG; | |
1117 | } | |
1118 | ||
1119 | q = realloc(c->stdin_data, c->stdin_data_size + sz); | |
1120 | if (!q) | |
1121 | return log_oom(); | |
1122 | ||
1123 | memcpy((uint8_t*) q + c->stdin_data_size, p, sz); | |
1124 | ||
1125 | c->stdin_data = q; | |
1126 | c->stdin_data_size += sz; | |
1127 | ||
1128 | return 0; | |
1129 | } | |
1130 | ||
1131 | int config_parse_exec_output( | |
1132 | const char *unit, | |
1133 | const char *filename, | |
1134 | unsigned line, | |
1135 | const char *section, | |
1136 | unsigned section_line, | |
1137 | const char *lvalue, | |
1138 | int ltype, | |
1139 | const char *rvalue, | |
1140 | void *data, | |
1141 | void *userdata) { | |
1142 | ||
1143 | _cleanup_free_ char *resolved = NULL; | |
1144 | const char *n; | |
1145 | ExecContext *c = data; | |
1146 | const Unit *u = userdata; | |
1147 | bool obsolete = false; | |
1148 | ExecOutput eo; | |
1149 | int r; | |
1150 | ||
1151 | assert(data); | |
1152 | assert(filename); | |
1153 | assert(line); | |
1154 | assert(lvalue); | |
1155 | assert(rvalue); | |
1156 | ||
1157 | n = startswith(rvalue, "fd:"); | |
1158 | if (n) { | |
1159 | r = unit_full_printf(u, n, &resolved); | |
1160 | if (r < 0) | |
1161 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n); | |
1162 | ||
1163 | if (isempty(resolved)) | |
1164 | resolved = mfree(resolved); | |
1165 | else if (!fdname_is_valid(resolved)) { | |
1166 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved); | |
1167 | return -ENOEXEC; | |
1168 | } | |
1169 | ||
1170 | eo = EXEC_OUTPUT_NAMED_FD; | |
1171 | ||
1172 | } else if (streq(rvalue, "syslog")) { | |
1173 | eo = EXEC_OUTPUT_JOURNAL; | |
1174 | obsolete = true; | |
1175 | ||
1176 | } else if (streq(rvalue, "syslog+console")) { | |
1177 | eo = EXEC_OUTPUT_JOURNAL_AND_CONSOLE; | |
1178 | obsolete = true; | |
1179 | ||
1180 | } else if ((n = startswith(rvalue, "file:"))) { | |
1181 | ||
1182 | r = unit_full_printf(u, n, &resolved); | |
1183 | if (r < 0) | |
1184 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n); | |
1185 | ||
1186 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); | |
1187 | if (r < 0) | |
1188 | return -ENOEXEC; | |
1189 | ||
1190 | eo = EXEC_OUTPUT_FILE; | |
1191 | ||
1192 | } else if ((n = startswith(rvalue, "append:"))) { | |
1193 | ||
1194 | r = unit_full_printf(u, n, &resolved); | |
1195 | if (r < 0) | |
1196 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n); | |
1197 | ||
1198 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue); | |
1199 | if (r < 0) | |
1200 | return -ENOEXEC; | |
1201 | ||
1202 | eo = EXEC_OUTPUT_FILE_APPEND; | |
1203 | } else { | |
1204 | eo = exec_output_from_string(rvalue); | |
1205 | if (eo < 0) { | |
1206 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue); | |
1207 | return 0; | |
1208 | } | |
1209 | } | |
1210 | ||
1211 | if (obsolete) | |
1212 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
1213 | "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.", | |
1214 | rvalue, exec_output_to_string(eo)); | |
1215 | ||
1216 | if (streq(lvalue, "StandardOutput")) { | |
1217 | if (eo == EXEC_OUTPUT_NAMED_FD) | |
1218 | free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved); | |
1219 | else | |
1220 | free_and_replace(c->stdio_file[STDOUT_FILENO], resolved); | |
1221 | ||
1222 | c->std_output = eo; | |
1223 | ||
1224 | } else { | |
1225 | assert(streq(lvalue, "StandardError")); | |
1226 | ||
1227 | if (eo == EXEC_OUTPUT_NAMED_FD) | |
1228 | free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved); | |
1229 | else | |
1230 | free_and_replace(c->stdio_file[STDERR_FILENO], resolved); | |
1231 | ||
1232 | c->std_error = eo; | |
1233 | } | |
1234 | ||
1235 | return 0; | |
1236 | } | |
1237 | ||
1238 | int config_parse_exec_io_class(const char *unit, | |
1239 | const char *filename, | |
1240 | unsigned line, | |
1241 | const char *section, | |
1242 | unsigned section_line, | |
1243 | const char *lvalue, | |
1244 | int ltype, | |
1245 | const char *rvalue, | |
1246 | void *data, | |
1247 | void *userdata) { | |
1248 | ||
1249 | ExecContext *c = data; | |
1250 | int x; | |
1251 | ||
1252 | assert(filename); | |
1253 | assert(lvalue); | |
1254 | assert(rvalue); | |
1255 | assert(data); | |
1256 | ||
1257 | if (isempty(rvalue)) { | |
1258 | c->ioprio_set = false; | |
1259 | c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0); | |
1260 | return 0; | |
1261 | } | |
1262 | ||
1263 | x = ioprio_class_from_string(rvalue); | |
1264 | if (x < 0) { | |
1265 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue); | |
1266 | return 0; | |
1267 | } | |
1268 | ||
1269 | c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio)); | |
1270 | c->ioprio_set = true; | |
1271 | ||
1272 | return 0; | |
1273 | } | |
1274 | ||
1275 | int config_parse_exec_io_priority(const char *unit, | |
1276 | const char *filename, | |
1277 | unsigned line, | |
1278 | const char *section, | |
1279 | unsigned section_line, | |
1280 | const char *lvalue, | |
1281 | int ltype, | |
1282 | const char *rvalue, | |
1283 | void *data, | |
1284 | void *userdata) { | |
1285 | ||
1286 | ExecContext *c = data; | |
1287 | int i, r; | |
1288 | ||
1289 | assert(filename); | |
1290 | assert(lvalue); | |
1291 | assert(rvalue); | |
1292 | assert(data); | |
1293 | ||
1294 | if (isempty(rvalue)) { | |
1295 | c->ioprio_set = false; | |
1296 | c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0); | |
1297 | return 0; | |
1298 | } | |
1299 | ||
1300 | r = ioprio_parse_priority(rvalue, &i); | |
1301 | if (r < 0) { | |
1302 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue); | |
1303 | return 0; | |
1304 | } | |
1305 | ||
1306 | c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i); | |
1307 | c->ioprio_set = true; | |
1308 | ||
1309 | return 0; | |
1310 | } | |
1311 | ||
1312 | int config_parse_exec_cpu_sched_policy(const char *unit, | |
1313 | const char *filename, | |
1314 | unsigned line, | |
1315 | const char *section, | |
1316 | unsigned section_line, | |
1317 | const char *lvalue, | |
1318 | int ltype, | |
1319 | const char *rvalue, | |
1320 | void *data, | |
1321 | void *userdata) { | |
1322 | ||
1323 | ExecContext *c = data; | |
1324 | int x; | |
1325 | ||
1326 | assert(filename); | |
1327 | assert(lvalue); | |
1328 | assert(rvalue); | |
1329 | assert(data); | |
1330 | ||
1331 | if (isempty(rvalue)) { | |
1332 | c->cpu_sched_set = false; | |
1333 | c->cpu_sched_policy = SCHED_OTHER; | |
1334 | c->cpu_sched_priority = 0; | |
1335 | return 0; | |
1336 | } | |
1337 | ||
1338 | x = sched_policy_from_string(rvalue); | |
1339 | if (x < 0) { | |
1340 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue); | |
1341 | return 0; | |
1342 | } | |
1343 | ||
1344 | c->cpu_sched_policy = x; | |
1345 | /* Moving to or from real-time policy? We need to adjust the priority */ | |
1346 | c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x)); | |
1347 | c->cpu_sched_set = true; | |
1348 | ||
1349 | return 0; | |
1350 | } | |
1351 | ||
1352 | int config_parse_numa_mask(const char *unit, | |
1353 | const char *filename, | |
1354 | unsigned line, | |
1355 | const char *section, | |
1356 | unsigned section_line, | |
1357 | const char *lvalue, | |
1358 | int ltype, | |
1359 | const char *rvalue, | |
1360 | void *data, | |
1361 | void *userdata) { | |
1362 | int r; | |
1363 | NUMAPolicy *p = data; | |
1364 | ||
1365 | assert(filename); | |
1366 | assert(lvalue); | |
1367 | assert(rvalue); | |
1368 | assert(data); | |
1369 | ||
1370 | r = parse_cpu_set_extend(rvalue, &p->nodes, true, unit, filename, line, lvalue); | |
1371 | if (r < 0) { | |
1372 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse NUMA node mask, ignoring: %s", rvalue); | |
1373 | return 0; | |
1374 | } | |
1375 | ||
1376 | return r; | |
1377 | } | |
1378 | ||
1379 | int config_parse_exec_cpu_sched_prio(const char *unit, | |
1380 | const char *filename, | |
1381 | unsigned line, | |
1382 | const char *section, | |
1383 | unsigned section_line, | |
1384 | const char *lvalue, | |
1385 | int ltype, | |
1386 | const char *rvalue, | |
1387 | void *data, | |
1388 | void *userdata) { | |
1389 | ||
1390 | ExecContext *c = data; | |
1391 | int i, min, max, r; | |
1392 | ||
1393 | assert(filename); | |
1394 | assert(lvalue); | |
1395 | assert(rvalue); | |
1396 | assert(data); | |
1397 | ||
1398 | r = safe_atoi(rvalue, &i); | |
1399 | if (r < 0) { | |
1400 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue); | |
1401 | return 0; | |
1402 | } | |
1403 | ||
1404 | /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */ | |
1405 | min = sched_get_priority_min(c->cpu_sched_policy); | |
1406 | max = sched_get_priority_max(c->cpu_sched_policy); | |
1407 | ||
1408 | if (i < min || i > max) { | |
1409 | log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue); | |
1410 | return 0; | |
1411 | } | |
1412 | ||
1413 | c->cpu_sched_priority = i; | |
1414 | c->cpu_sched_set = true; | |
1415 | ||
1416 | return 0; | |
1417 | } | |
1418 | ||
1419 | int config_parse_exec_root_hash( | |
1420 | const char *unit, | |
1421 | const char *filename, | |
1422 | unsigned line, | |
1423 | const char *section, | |
1424 | unsigned section_line, | |
1425 | const char *lvalue, | |
1426 | int ltype, | |
1427 | const char *rvalue, | |
1428 | void *data, | |
1429 | void *userdata) { | |
1430 | ||
1431 | _cleanup_free_ void *roothash_decoded = NULL; | |
1432 | ExecContext *c = data; | |
1433 | size_t roothash_decoded_size = 0; | |
1434 | int r; | |
1435 | ||
1436 | assert(data); | |
1437 | assert(filename); | |
1438 | assert(line); | |
1439 | assert(rvalue); | |
1440 | ||
1441 | if (isempty(rvalue)) { | |
1442 | /* Reset if the empty string is assigned */ | |
1443 | c->root_hash_path = mfree(c->root_hash_path); | |
1444 | c->root_hash = mfree(c->root_hash); | |
1445 | c->root_hash_size = 0; | |
1446 | return 0; | |
1447 | } | |
1448 | ||
1449 | if (path_is_absolute(rvalue)) { | |
1450 | /* We have the path to a roothash to load and decode, eg: RootHash=/foo/bar.roothash */ | |
1451 | _cleanup_free_ char *p = NULL; | |
1452 | ||
1453 | p = strdup(rvalue); | |
1454 | if (!p) | |
1455 | return -ENOMEM; | |
1456 | ||
1457 | free_and_replace(c->root_hash_path, p); | |
1458 | c->root_hash = mfree(c->root_hash); | |
1459 | c->root_hash_size = 0; | |
1460 | return 0; | |
1461 | } | |
1462 | ||
1463 | /* We have a roothash to decode, eg: RootHash=012345789abcdef */ | |
1464 | r = unhexmem(rvalue, strlen(rvalue), &roothash_decoded, &roothash_decoded_size); | |
1465 | if (r < 0) | |
1466 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue); | |
1467 | if (roothash_decoded_size < sizeof(sd_id128_t)) | |
1468 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "RootHash= is too short, ignoring: %s", rvalue); | |
1469 | ||
1470 | free_and_replace(c->root_hash, roothash_decoded); | |
1471 | c->root_hash_size = roothash_decoded_size; | |
1472 | c->root_hash_path = mfree(c->root_hash_path); | |
1473 | ||
1474 | return 0; | |
1475 | } | |
1476 | ||
1477 | int config_parse_exec_root_hash_sig( | |
1478 | const char *unit, | |
1479 | const char *filename, | |
1480 | unsigned line, | |
1481 | const char *section, | |
1482 | unsigned section_line, | |
1483 | const char *lvalue, | |
1484 | int ltype, | |
1485 | const char *rvalue, | |
1486 | void *data, | |
1487 | void *userdata) { | |
1488 | ||
1489 | _cleanup_free_ void *roothash_sig_decoded = NULL; | |
1490 | char *value; | |
1491 | ExecContext *c = data; | |
1492 | size_t roothash_sig_decoded_size = 0; | |
1493 | int r; | |
1494 | ||
1495 | assert(data); | |
1496 | assert(filename); | |
1497 | assert(line); | |
1498 | assert(rvalue); | |
1499 | ||
1500 | if (isempty(rvalue)) { | |
1501 | /* Reset if the empty string is assigned */ | |
1502 | c->root_hash_sig_path = mfree(c->root_hash_sig_path); | |
1503 | c->root_hash_sig = mfree(c->root_hash_sig); | |
1504 | c->root_hash_sig_size = 0; | |
1505 | return 0; | |
1506 | } | |
1507 | ||
1508 | if (path_is_absolute(rvalue)) { | |
1509 | /* We have the path to a roothash signature to load and decode, eg: RootHashSignature=/foo/bar.roothash.p7s */ | |
1510 | _cleanup_free_ char *p = NULL; | |
1511 | ||
1512 | p = strdup(rvalue); | |
1513 | if (!p) | |
1514 | return -ENOMEM; | |
1515 | ||
1516 | free_and_replace(c->root_hash_sig_path, p); | |
1517 | c->root_hash_sig = mfree(c->root_hash_sig); | |
1518 | c->root_hash_sig_size = 0; | |
1519 | return 0; | |
1520 | } | |
1521 | ||
1522 | if (!(value = startswith(rvalue, "base64:"))) | |
1523 | return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "Failed to decode RootHashSignature=, not a path but doesn't start with 'base64:', ignoring: %s", rvalue); | |
1524 | ||
1525 | /* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */ | |
1526 | r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size); | |
1527 | if (r < 0) | |
1528 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue); | |
1529 | ||
1530 | free_and_replace(c->root_hash_sig, roothash_sig_decoded); | |
1531 | c->root_hash_sig_size = roothash_sig_decoded_size; | |
1532 | c->root_hash_sig_path = mfree(c->root_hash_sig_path); | |
1533 | ||
1534 | return 0; | |
1535 | } | |
1536 | ||
1537 | int config_parse_exec_cpu_affinity(const char *unit, | |
1538 | const char *filename, | |
1539 | unsigned line, | |
1540 | const char *section, | |
1541 | unsigned section_line, | |
1542 | const char *lvalue, | |
1543 | int ltype, | |
1544 | const char *rvalue, | |
1545 | void *data, | |
1546 | void *userdata) { | |
1547 | ||
1548 | ExecContext *c = data; | |
1549 | int r; | |
1550 | ||
1551 | assert(filename); | |
1552 | assert(lvalue); | |
1553 | assert(rvalue); | |
1554 | assert(data); | |
1555 | ||
1556 | if (streq(rvalue, "numa")) { | |
1557 | c->cpu_affinity_from_numa = true; | |
1558 | cpu_set_reset(&c->cpu_set); | |
1559 | ||
1560 | return 0; | |
1561 | } | |
1562 | ||
1563 | r = parse_cpu_set_extend(rvalue, &c->cpu_set, true, unit, filename, line, lvalue); | |
1564 | if (r >= 0) | |
1565 | c->cpu_affinity_from_numa = false; | |
1566 | ||
1567 | return r; | |
1568 | } | |
1569 | ||
1570 | int config_parse_capability_set( | |
1571 | const char *unit, | |
1572 | const char *filename, | |
1573 | unsigned line, | |
1574 | const char *section, | |
1575 | unsigned section_line, | |
1576 | const char *lvalue, | |
1577 | int ltype, | |
1578 | const char *rvalue, | |
1579 | void *data, | |
1580 | void *userdata) { | |
1581 | ||
1582 | uint64_t *capability_set = data; | |
1583 | uint64_t sum = 0, initial = 0; | |
1584 | bool invert = false; | |
1585 | int r; | |
1586 | ||
1587 | assert(filename); | |
1588 | assert(lvalue); | |
1589 | assert(rvalue); | |
1590 | assert(data); | |
1591 | ||
1592 | if (rvalue[0] == '~') { | |
1593 | invert = true; | |
1594 | rvalue++; | |
1595 | } | |
1596 | ||
1597 | if (streq(lvalue, "CapabilityBoundingSet")) | |
1598 | initial = CAP_ALL; /* initialized to all bits on */ | |
1599 | /* else "AmbientCapabilities" initialized to all bits off */ | |
1600 | ||
1601 | r = capability_set_from_string(rvalue, &sum); | |
1602 | if (r < 0) { | |
1603 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue); | |
1604 | return 0; | |
1605 | } | |
1606 | ||
1607 | if (sum == 0 || *capability_set == initial) | |
1608 | /* "", "~" or uninitialized data -> replace */ | |
1609 | *capability_set = invert ? ~sum : sum; | |
1610 | else { | |
1611 | /* previous data -> merge */ | |
1612 | if (invert) | |
1613 | *capability_set &= ~sum; | |
1614 | else | |
1615 | *capability_set |= sum; | |
1616 | } | |
1617 | ||
1618 | return 0; | |
1619 | } | |
1620 | ||
1621 | int config_parse_exec_selinux_context( | |
1622 | const char *unit, | |
1623 | const char *filename, | |
1624 | unsigned line, | |
1625 | const char *section, | |
1626 | unsigned section_line, | |
1627 | const char *lvalue, | |
1628 | int ltype, | |
1629 | const char *rvalue, | |
1630 | void *data, | |
1631 | void *userdata) { | |
1632 | ||
1633 | ExecContext *c = data; | |
1634 | const Unit *u = userdata; | |
1635 | bool ignore; | |
1636 | char *k; | |
1637 | int r; | |
1638 | ||
1639 | assert(filename); | |
1640 | assert(lvalue); | |
1641 | assert(rvalue); | |
1642 | assert(data); | |
1643 | ||
1644 | if (isempty(rvalue)) { | |
1645 | c->selinux_context = mfree(c->selinux_context); | |
1646 | c->selinux_context_ignore = false; | |
1647 | return 0; | |
1648 | } | |
1649 | ||
1650 | if (rvalue[0] == '-') { | |
1651 | ignore = true; | |
1652 | rvalue++; | |
1653 | } else | |
1654 | ignore = false; | |
1655 | ||
1656 | r = unit_full_printf(u, rvalue, &k); | |
1657 | if (r < 0) { | |
1658 | log_syntax(unit, LOG_ERR, filename, line, r, | |
1659 | "Failed to resolve unit specifiers in '%s'%s: %m", | |
1660 | rvalue, ignore ? ", ignoring" : ""); | |
1661 | return ignore ? 0 : -ENOEXEC; | |
1662 | } | |
1663 | ||
1664 | free_and_replace(c->selinux_context, k); | |
1665 | c->selinux_context_ignore = ignore; | |
1666 | ||
1667 | return 0; | |
1668 | } | |
1669 | ||
1670 | int config_parse_exec_apparmor_profile( | |
1671 | const char *unit, | |
1672 | const char *filename, | |
1673 | unsigned line, | |
1674 | const char *section, | |
1675 | unsigned section_line, | |
1676 | const char *lvalue, | |
1677 | int ltype, | |
1678 | const char *rvalue, | |
1679 | void *data, | |
1680 | void *userdata) { | |
1681 | ||
1682 | ExecContext *c = data; | |
1683 | const Unit *u = userdata; | |
1684 | bool ignore; | |
1685 | char *k; | |
1686 | int r; | |
1687 | ||
1688 | assert(filename); | |
1689 | assert(lvalue); | |
1690 | assert(rvalue); | |
1691 | assert(data); | |
1692 | ||
1693 | if (isempty(rvalue)) { | |
1694 | c->apparmor_profile = mfree(c->apparmor_profile); | |
1695 | c->apparmor_profile_ignore = false; | |
1696 | return 0; | |
1697 | } | |
1698 | ||
1699 | if (rvalue[0] == '-') { | |
1700 | ignore = true; | |
1701 | rvalue++; | |
1702 | } else | |
1703 | ignore = false; | |
1704 | ||
1705 | r = unit_full_printf(u, rvalue, &k); | |
1706 | if (r < 0) { | |
1707 | log_syntax(unit, LOG_ERR, filename, line, r, | |
1708 | "Failed to resolve unit specifiers in '%s'%s: %m", | |
1709 | rvalue, ignore ? ", ignoring" : ""); | |
1710 | return ignore ? 0 : -ENOEXEC; | |
1711 | } | |
1712 | ||
1713 | free_and_replace(c->apparmor_profile, k); | |
1714 | c->apparmor_profile_ignore = ignore; | |
1715 | ||
1716 | return 0; | |
1717 | } | |
1718 | ||
1719 | int config_parse_exec_smack_process_label( | |
1720 | const char *unit, | |
1721 | const char *filename, | |
1722 | unsigned line, | |
1723 | const char *section, | |
1724 | unsigned section_line, | |
1725 | const char *lvalue, | |
1726 | int ltype, | |
1727 | const char *rvalue, | |
1728 | void *data, | |
1729 | void *userdata) { | |
1730 | ||
1731 | ExecContext *c = data; | |
1732 | const Unit *u = userdata; | |
1733 | bool ignore; | |
1734 | char *k; | |
1735 | int r; | |
1736 | ||
1737 | assert(filename); | |
1738 | assert(lvalue); | |
1739 | assert(rvalue); | |
1740 | assert(data); | |
1741 | ||
1742 | if (isempty(rvalue)) { | |
1743 | c->smack_process_label = mfree(c->smack_process_label); | |
1744 | c->smack_process_label_ignore = false; | |
1745 | return 0; | |
1746 | } | |
1747 | ||
1748 | if (rvalue[0] == '-') { | |
1749 | ignore = true; | |
1750 | rvalue++; | |
1751 | } else | |
1752 | ignore = false; | |
1753 | ||
1754 | r = unit_full_printf(u, rvalue, &k); | |
1755 | if (r < 0) { | |
1756 | log_syntax(unit, LOG_ERR, filename, line, r, | |
1757 | "Failed to resolve unit specifiers in '%s'%s: %m", | |
1758 | rvalue, ignore ? ", ignoring" : ""); | |
1759 | return ignore ? 0 : -ENOEXEC; | |
1760 | } | |
1761 | ||
1762 | free_and_replace(c->smack_process_label, k); | |
1763 | c->smack_process_label_ignore = ignore; | |
1764 | ||
1765 | return 0; | |
1766 | } | |
1767 | ||
1768 | int config_parse_timer( | |
1769 | const char *unit, | |
1770 | const char *filename, | |
1771 | unsigned line, | |
1772 | const char *section, | |
1773 | unsigned section_line, | |
1774 | const char *lvalue, | |
1775 | int ltype, | |
1776 | const char *rvalue, | |
1777 | void *data, | |
1778 | void *userdata) { | |
1779 | ||
1780 | _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL; | |
1781 | _cleanup_free_ char *k = NULL; | |
1782 | const Unit *u = userdata; | |
1783 | Timer *t = data; | |
1784 | usec_t usec = 0; | |
1785 | TimerValue *v; | |
1786 | int r; | |
1787 | ||
1788 | assert(filename); | |
1789 | assert(lvalue); | |
1790 | assert(rvalue); | |
1791 | assert(data); | |
1792 | ||
1793 | if (isempty(rvalue)) { | |
1794 | /* Empty assignment resets list */ | |
1795 | timer_free_values(t); | |
1796 | return 0; | |
1797 | } | |
1798 | ||
1799 | r = unit_full_printf(u, rvalue, &k); | |
1800 | if (r < 0) { | |
1801 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
1802 | return 0; | |
1803 | } | |
1804 | ||
1805 | if (ltype == TIMER_CALENDAR) { | |
1806 | r = calendar_spec_from_string(k, &c); | |
1807 | if (r < 0) { | |
1808 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse calendar specification, ignoring: %s", k); | |
1809 | return 0; | |
1810 | } | |
1811 | } else { | |
1812 | r = parse_sec(k, &usec); | |
1813 | if (r < 0) { | |
1814 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse timer value, ignoring: %s", k); | |
1815 | return 0; | |
1816 | } | |
1817 | } | |
1818 | ||
1819 | v = new(TimerValue, 1); | |
1820 | if (!v) | |
1821 | return log_oom(); | |
1822 | ||
1823 | *v = (TimerValue) { | |
1824 | .base = ltype, | |
1825 | .value = usec, | |
1826 | .calendar_spec = TAKE_PTR(c), | |
1827 | }; | |
1828 | ||
1829 | LIST_PREPEND(value, t->values, v); | |
1830 | ||
1831 | return 0; | |
1832 | } | |
1833 | ||
1834 | int config_parse_trigger_unit( | |
1835 | const char *unit, | |
1836 | const char *filename, | |
1837 | unsigned line, | |
1838 | const char *section, | |
1839 | unsigned section_line, | |
1840 | const char *lvalue, | |
1841 | int ltype, | |
1842 | const char *rvalue, | |
1843 | void *data, | |
1844 | void *userdata) { | |
1845 | ||
1846 | _cleanup_free_ char *p = NULL; | |
1847 | Unit *u = data; | |
1848 | UnitType type; | |
1849 | int r; | |
1850 | ||
1851 | assert(filename); | |
1852 | assert(lvalue); | |
1853 | assert(rvalue); | |
1854 | assert(data); | |
1855 | ||
1856 | if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) { | |
1857 | log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue); | |
1858 | return 0; | |
1859 | } | |
1860 | ||
1861 | r = unit_name_printf(u, rvalue, &p); | |
1862 | if (r < 0) { | |
1863 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
1864 | return 0; | |
1865 | } | |
1866 | ||
1867 | type = unit_name_to_type(p); | |
1868 | if (type < 0) { | |
1869 | log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue); | |
1870 | return 0; | |
1871 | } | |
1872 | if (unit_has_name(u, p)) { | |
1873 | log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue); | |
1874 | return 0; | |
1875 | } | |
1876 | ||
1877 | r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, true, UNIT_DEPENDENCY_FILE); | |
1878 | if (r < 0) { | |
1879 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p); | |
1880 | return 0; | |
1881 | } | |
1882 | ||
1883 | return 0; | |
1884 | } | |
1885 | ||
1886 | int config_parse_path_spec(const char *unit, | |
1887 | const char *filename, | |
1888 | unsigned line, | |
1889 | const char *section, | |
1890 | unsigned section_line, | |
1891 | const char *lvalue, | |
1892 | int ltype, | |
1893 | const char *rvalue, | |
1894 | void *data, | |
1895 | void *userdata) { | |
1896 | ||
1897 | Path *p = data; | |
1898 | PathSpec *s; | |
1899 | PathType b; | |
1900 | _cleanup_free_ char *k = NULL; | |
1901 | int r; | |
1902 | ||
1903 | assert(filename); | |
1904 | assert(lvalue); | |
1905 | assert(rvalue); | |
1906 | assert(data); | |
1907 | ||
1908 | if (isempty(rvalue)) { | |
1909 | /* Empty assignment clears list */ | |
1910 | path_free_specs(p); | |
1911 | return 0; | |
1912 | } | |
1913 | ||
1914 | b = path_type_from_string(lvalue); | |
1915 | if (b < 0) { | |
1916 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue); | |
1917 | return 0; | |
1918 | } | |
1919 | ||
1920 | r = unit_full_printf(UNIT(p), rvalue, &k); | |
1921 | if (r < 0) { | |
1922 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
1923 | return 0; | |
1924 | } | |
1925 | ||
1926 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
1927 | if (r < 0) | |
1928 | return 0; | |
1929 | ||
1930 | s = new0(PathSpec, 1); | |
1931 | if (!s) | |
1932 | return log_oom(); | |
1933 | ||
1934 | s->unit = UNIT(p); | |
1935 | s->path = TAKE_PTR(k); | |
1936 | s->type = b; | |
1937 | s->inotify_fd = -1; | |
1938 | ||
1939 | LIST_PREPEND(spec, p->specs, s); | |
1940 | ||
1941 | return 0; | |
1942 | } | |
1943 | ||
1944 | int config_parse_socket_service( | |
1945 | const char *unit, | |
1946 | const char *filename, | |
1947 | unsigned line, | |
1948 | const char *section, | |
1949 | unsigned section_line, | |
1950 | const char *lvalue, | |
1951 | int ltype, | |
1952 | const char *rvalue, | |
1953 | void *data, | |
1954 | void *userdata) { | |
1955 | ||
1956 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
1957 | _cleanup_free_ char *p = NULL; | |
1958 | Socket *s = data; | |
1959 | Unit *x; | |
1960 | int r; | |
1961 | ||
1962 | assert(filename); | |
1963 | assert(lvalue); | |
1964 | assert(rvalue); | |
1965 | assert(data); | |
1966 | ||
1967 | r = unit_name_printf(UNIT(s), rvalue, &p); | |
1968 | if (r < 0) { | |
1969 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue); | |
1970 | return -ENOEXEC; | |
1971 | } | |
1972 | ||
1973 | if (!endswith(p, ".service")) { | |
1974 | log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue); | |
1975 | return -ENOEXEC; | |
1976 | } | |
1977 | ||
1978 | r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x); | |
1979 | if (r < 0) { | |
1980 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r)); | |
1981 | return -ENOEXEC; | |
1982 | } | |
1983 | ||
1984 | unit_ref_set(&s->service, UNIT(s), x); | |
1985 | ||
1986 | return 0; | |
1987 | } | |
1988 | ||
1989 | int config_parse_fdname( | |
1990 | const char *unit, | |
1991 | const char *filename, | |
1992 | unsigned line, | |
1993 | const char *section, | |
1994 | unsigned section_line, | |
1995 | const char *lvalue, | |
1996 | int ltype, | |
1997 | const char *rvalue, | |
1998 | void *data, | |
1999 | void *userdata) { | |
2000 | ||
2001 | _cleanup_free_ char *p = NULL; | |
2002 | Socket *s = data; | |
2003 | int r; | |
2004 | ||
2005 | assert(filename); | |
2006 | assert(lvalue); | |
2007 | assert(rvalue); | |
2008 | assert(data); | |
2009 | ||
2010 | if (isempty(rvalue)) { | |
2011 | s->fdname = mfree(s->fdname); | |
2012 | return 0; | |
2013 | } | |
2014 | ||
2015 | r = unit_full_printf(UNIT(s), rvalue, &p); | |
2016 | if (r < 0) { | |
2017 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
2018 | return 0; | |
2019 | } | |
2020 | ||
2021 | if (!fdname_is_valid(p)) { | |
2022 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p); | |
2023 | return 0; | |
2024 | } | |
2025 | ||
2026 | return free_and_replace(s->fdname, p); | |
2027 | } | |
2028 | ||
2029 | int config_parse_service_sockets( | |
2030 | const char *unit, | |
2031 | const char *filename, | |
2032 | unsigned line, | |
2033 | const char *section, | |
2034 | unsigned section_line, | |
2035 | const char *lvalue, | |
2036 | int ltype, | |
2037 | const char *rvalue, | |
2038 | void *data, | |
2039 | void *userdata) { | |
2040 | ||
2041 | Service *s = data; | |
2042 | const char *p; | |
2043 | int r; | |
2044 | ||
2045 | assert(filename); | |
2046 | assert(lvalue); | |
2047 | assert(rvalue); | |
2048 | assert(data); | |
2049 | ||
2050 | p = rvalue; | |
2051 | for (;;) { | |
2052 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2053 | ||
2054 | r = extract_first_word(&p, &word, NULL, 0); | |
2055 | if (r == 0) | |
2056 | break; | |
2057 | if (r == -ENOMEM) | |
2058 | return log_oom(); | |
2059 | if (r < 0) { | |
2060 | log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue); | |
2061 | break; | |
2062 | } | |
2063 | ||
2064 | r = unit_name_printf(UNIT(s), word, &k); | |
2065 | if (r < 0) { | |
2066 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); | |
2067 | continue; | |
2068 | } | |
2069 | ||
2070 | if (!endswith(k, ".socket")) { | |
2071 | log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k); | |
2072 | continue; | |
2073 | } | |
2074 | ||
2075 | r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, true, UNIT_DEPENDENCY_FILE); | |
2076 | if (r < 0) | |
2077 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); | |
2078 | ||
2079 | r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, true, UNIT_DEPENDENCY_FILE); | |
2080 | if (r < 0) | |
2081 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k); | |
2082 | } | |
2083 | ||
2084 | return 0; | |
2085 | } | |
2086 | ||
2087 | int config_parse_bus_name( | |
2088 | const char *unit, | |
2089 | const char *filename, | |
2090 | unsigned line, | |
2091 | const char *section, | |
2092 | unsigned section_line, | |
2093 | const char *lvalue, | |
2094 | int ltype, | |
2095 | const char *rvalue, | |
2096 | void *data, | |
2097 | void *userdata) { | |
2098 | ||
2099 | _cleanup_free_ char *k = NULL; | |
2100 | const Unit *u = userdata; | |
2101 | int r; | |
2102 | ||
2103 | assert(filename); | |
2104 | assert(lvalue); | |
2105 | assert(rvalue); | |
2106 | assert(u); | |
2107 | ||
2108 | r = unit_full_printf(u, rvalue, &k); | |
2109 | if (r < 0) { | |
2110 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
2111 | return 0; | |
2112 | } | |
2113 | ||
2114 | if (!sd_bus_service_name_is_valid(k)) { | |
2115 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k); | |
2116 | return 0; | |
2117 | } | |
2118 | ||
2119 | return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata); | |
2120 | } | |
2121 | ||
2122 | int config_parse_service_timeout( | |
2123 | const char *unit, | |
2124 | const char *filename, | |
2125 | unsigned line, | |
2126 | const char *section, | |
2127 | unsigned section_line, | |
2128 | const char *lvalue, | |
2129 | int ltype, | |
2130 | const char *rvalue, | |
2131 | void *data, | |
2132 | void *userdata) { | |
2133 | ||
2134 | Service *s = userdata; | |
2135 | usec_t usec; | |
2136 | int r; | |
2137 | ||
2138 | assert(filename); | |
2139 | assert(lvalue); | |
2140 | assert(rvalue); | |
2141 | assert(s); | |
2142 | ||
2143 | /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */ | |
2144 | ||
2145 | /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens | |
2146 | * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle | |
2147 | * all other timeouts. */ | |
2148 | r = parse_sec_fix_0(rvalue, &usec); | |
2149 | if (r < 0) { | |
2150 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue); | |
2151 | return 0; | |
2152 | } | |
2153 | ||
2154 | s->start_timeout_defined = true; | |
2155 | s->timeout_start_usec = usec; | |
2156 | ||
2157 | if (streq(lvalue, "TimeoutSec")) | |
2158 | s->timeout_stop_usec = usec; | |
2159 | ||
2160 | return 0; | |
2161 | } | |
2162 | ||
2163 | int config_parse_timeout_abort( | |
2164 | const char *unit, | |
2165 | const char *filename, | |
2166 | unsigned line, | |
2167 | const char *section, | |
2168 | unsigned section_line, | |
2169 | const char *lvalue, | |
2170 | int ltype, | |
2171 | const char *rvalue, | |
2172 | void *data, | |
2173 | void *userdata) { | |
2174 | ||
2175 | usec_t *ret = data; | |
2176 | int r; | |
2177 | ||
2178 | assert(filename); | |
2179 | assert(lvalue); | |
2180 | assert(rvalue); | |
2181 | assert(ret); | |
2182 | ||
2183 | /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */ | |
2184 | ||
2185 | if (isempty(rvalue)) { | |
2186 | *ret = 0; | |
2187 | return 0; /* "not set" */ | |
2188 | } | |
2189 | ||
2190 | r = parse_sec(rvalue, ret); | |
2191 | if (r < 0) | |
2192 | return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= setting, ignoring: %s", lvalue, rvalue); | |
2193 | ||
2194 | return 1; /* "set" */ | |
2195 | } | |
2196 | ||
2197 | int config_parse_service_timeout_abort( | |
2198 | const char *unit, | |
2199 | const char *filename, | |
2200 | unsigned line, | |
2201 | const char *section, | |
2202 | unsigned section_line, | |
2203 | const char *lvalue, | |
2204 | int ltype, | |
2205 | const char *rvalue, | |
2206 | void *data, | |
2207 | void *userdata) { | |
2208 | ||
2209 | Service *s = userdata; | |
2210 | int r; | |
2211 | ||
2212 | assert(s); | |
2213 | ||
2214 | r = config_parse_timeout_abort(unit, filename, line, section, section_line, lvalue, ltype, rvalue, | |
2215 | &s->timeout_abort_usec, s); | |
2216 | if (r >= 0) | |
2217 | s->timeout_abort_set = r; | |
2218 | return 0; | |
2219 | } | |
2220 | ||
2221 | int config_parse_sec_fix_0( | |
2222 | const char *unit, | |
2223 | const char *filename, | |
2224 | unsigned line, | |
2225 | const char *section, | |
2226 | unsigned section_line, | |
2227 | const char *lvalue, | |
2228 | int ltype, | |
2229 | const char *rvalue, | |
2230 | void *data, | |
2231 | void *userdata) { | |
2232 | ||
2233 | usec_t *usec = data; | |
2234 | int r; | |
2235 | ||
2236 | assert(filename); | |
2237 | assert(lvalue); | |
2238 | assert(rvalue); | |
2239 | assert(usec); | |
2240 | ||
2241 | /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for | |
2242 | * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a | |
2243 | * timeout. */ | |
2244 | ||
2245 | r = parse_sec_fix_0(rvalue, usec); | |
2246 | if (r < 0) { | |
2247 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue); | |
2248 | return 0; | |
2249 | } | |
2250 | ||
2251 | return 0; | |
2252 | } | |
2253 | ||
2254 | int config_parse_user_group_compat( | |
2255 | const char *unit, | |
2256 | const char *filename, | |
2257 | unsigned line, | |
2258 | const char *section, | |
2259 | unsigned section_line, | |
2260 | const char *lvalue, | |
2261 | int ltype, | |
2262 | const char *rvalue, | |
2263 | void *data, | |
2264 | void *userdata) { | |
2265 | ||
2266 | _cleanup_free_ char *k = NULL; | |
2267 | char **user = data; | |
2268 | const Unit *u = userdata; | |
2269 | int r; | |
2270 | ||
2271 | assert(filename); | |
2272 | assert(lvalue); | |
2273 | assert(rvalue); | |
2274 | assert(u); | |
2275 | ||
2276 | if (isempty(rvalue)) { | |
2277 | *user = mfree(*user); | |
2278 | return 0; | |
2279 | } | |
2280 | ||
2281 | r = unit_full_printf(u, rvalue, &k); | |
2282 | if (r < 0) { | |
2283 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue); | |
2284 | return -ENOEXEC; | |
2285 | } | |
2286 | ||
2287 | if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) { | |
2288 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k); | |
2289 | return -ENOEXEC; | |
2290 | } | |
2291 | ||
2292 | if (strstr(lvalue, "User") && streq(k, NOBODY_USER_NAME)) | |
2293 | log_struct(LOG_NOTICE, | |
2294 | "MESSAGE=%s:%u: Special user %s configured, this is not safe!", filename, line, k, | |
2295 | "UNIT=%s", unit, | |
2296 | "MESSAGE_ID=" SD_MESSAGE_NOBODY_USER_UNSUITABLE_STR, | |
2297 | "OFFENDING_USER=%s", k, | |
2298 | "CONFIG_FILE=%s", filename, | |
2299 | "CONFIG_LINE=%u", line); | |
2300 | ||
2301 | return free_and_replace(*user, k); | |
2302 | } | |
2303 | ||
2304 | int config_parse_user_group_strv_compat( | |
2305 | const char *unit, | |
2306 | const char *filename, | |
2307 | unsigned line, | |
2308 | const char *section, | |
2309 | unsigned section_line, | |
2310 | const char *lvalue, | |
2311 | int ltype, | |
2312 | const char *rvalue, | |
2313 | void *data, | |
2314 | void *userdata) { | |
2315 | ||
2316 | char ***users = data; | |
2317 | const Unit *u = userdata; | |
2318 | const char *p = rvalue; | |
2319 | int r; | |
2320 | ||
2321 | assert(filename); | |
2322 | assert(lvalue); | |
2323 | assert(rvalue); | |
2324 | assert(u); | |
2325 | ||
2326 | if (isempty(rvalue)) { | |
2327 | *users = strv_free(*users); | |
2328 | return 0; | |
2329 | } | |
2330 | ||
2331 | for (;;) { | |
2332 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2333 | ||
2334 | r = extract_first_word(&p, &word, NULL, 0); | |
2335 | if (r == 0) | |
2336 | break; | |
2337 | if (r == -ENOMEM) | |
2338 | return log_oom(); | |
2339 | if (r < 0) { | |
2340 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue); | |
2341 | return -ENOEXEC; | |
2342 | } | |
2343 | ||
2344 | r = unit_full_printf(u, word, &k); | |
2345 | if (r < 0) { | |
2346 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word); | |
2347 | return -ENOEXEC; | |
2348 | } | |
2349 | ||
2350 | if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) { | |
2351 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k); | |
2352 | return -ENOEXEC; | |
2353 | } | |
2354 | ||
2355 | r = strv_push(users, k); | |
2356 | if (r < 0) | |
2357 | return log_oom(); | |
2358 | ||
2359 | k = NULL; | |
2360 | } | |
2361 | ||
2362 | return 0; | |
2363 | } | |
2364 | ||
2365 | int config_parse_working_directory( | |
2366 | const char *unit, | |
2367 | const char *filename, | |
2368 | unsigned line, | |
2369 | const char *section, | |
2370 | unsigned section_line, | |
2371 | const char *lvalue, | |
2372 | int ltype, | |
2373 | const char *rvalue, | |
2374 | void *data, | |
2375 | void *userdata) { | |
2376 | ||
2377 | ExecContext *c = data; | |
2378 | const Unit *u = userdata; | |
2379 | bool missing_ok; | |
2380 | int r; | |
2381 | ||
2382 | assert(filename); | |
2383 | assert(lvalue); | |
2384 | assert(rvalue); | |
2385 | assert(c); | |
2386 | assert(u); | |
2387 | ||
2388 | if (isempty(rvalue)) { | |
2389 | c->working_directory_home = false; | |
2390 | c->working_directory = mfree(c->working_directory); | |
2391 | return 0; | |
2392 | } | |
2393 | ||
2394 | if (rvalue[0] == '-') { | |
2395 | missing_ok = true; | |
2396 | rvalue++; | |
2397 | } else | |
2398 | missing_ok = false; | |
2399 | ||
2400 | if (streq(rvalue, "~")) { | |
2401 | c->working_directory_home = true; | |
2402 | c->working_directory = mfree(c->working_directory); | |
2403 | } else { | |
2404 | _cleanup_free_ char *k = NULL; | |
2405 | ||
2406 | r = unit_full_printf(u, rvalue, &k); | |
2407 | if (r < 0) { | |
2408 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2409 | "Failed to resolve unit specifiers in working directory path '%s'%s: %m", | |
2410 | rvalue, missing_ok ? ", ignoring" : ""); | |
2411 | return missing_ok ? 0 : -ENOEXEC; | |
2412 | } | |
2413 | ||
2414 | r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE | (missing_ok ? 0 : PATH_CHECK_FATAL), unit, filename, line, lvalue); | |
2415 | if (r < 0) | |
2416 | return missing_ok ? 0 : -ENOEXEC; | |
2417 | ||
2418 | c->working_directory_home = false; | |
2419 | free_and_replace(c->working_directory, k); | |
2420 | } | |
2421 | ||
2422 | c->working_directory_missing_ok = missing_ok; | |
2423 | return 0; | |
2424 | } | |
2425 | ||
2426 | int config_parse_unit_env_file(const char *unit, | |
2427 | const char *filename, | |
2428 | unsigned line, | |
2429 | const char *section, | |
2430 | unsigned section_line, | |
2431 | const char *lvalue, | |
2432 | int ltype, | |
2433 | const char *rvalue, | |
2434 | void *data, | |
2435 | void *userdata) { | |
2436 | ||
2437 | char ***env = data; | |
2438 | const Unit *u = userdata; | |
2439 | _cleanup_free_ char *n = NULL; | |
2440 | int r; | |
2441 | ||
2442 | assert(filename); | |
2443 | assert(lvalue); | |
2444 | assert(rvalue); | |
2445 | assert(data); | |
2446 | ||
2447 | if (isempty(rvalue)) { | |
2448 | /* Empty assignment frees the list */ | |
2449 | *env = strv_free(*env); | |
2450 | return 0; | |
2451 | } | |
2452 | ||
2453 | r = unit_full_printf(u, rvalue, &n); | |
2454 | if (r < 0) { | |
2455 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
2456 | return 0; | |
2457 | } | |
2458 | ||
2459 | r = path_simplify_and_warn(n[0] == '-' ? n + 1 : n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
2460 | if (r < 0) | |
2461 | return 0; | |
2462 | ||
2463 | r = strv_push(env, n); | |
2464 | if (r < 0) | |
2465 | return log_oom(); | |
2466 | ||
2467 | n = NULL; | |
2468 | ||
2469 | return 0; | |
2470 | } | |
2471 | ||
2472 | int config_parse_environ( | |
2473 | const char *unit, | |
2474 | const char *filename, | |
2475 | unsigned line, | |
2476 | const char *section, | |
2477 | unsigned section_line, | |
2478 | const char *lvalue, | |
2479 | int ltype, | |
2480 | const char *rvalue, | |
2481 | void *data, | |
2482 | void *userdata) { | |
2483 | ||
2484 | const Unit *u = userdata; | |
2485 | char ***env = data; | |
2486 | const char *p; | |
2487 | int r; | |
2488 | ||
2489 | assert(filename); | |
2490 | assert(lvalue); | |
2491 | assert(rvalue); | |
2492 | assert(data); | |
2493 | ||
2494 | if (isempty(rvalue)) { | |
2495 | /* Empty assignment resets the list */ | |
2496 | *env = strv_free(*env); | |
2497 | return 0; | |
2498 | } | |
2499 | ||
2500 | for (p = rvalue;; ) { | |
2501 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2502 | ||
2503 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); | |
2504 | if (r == 0) | |
2505 | return 0; | |
2506 | if (r == -ENOMEM) | |
2507 | return log_oom(); | |
2508 | if (r < 0) { | |
2509 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
2510 | "Invalid syntax, ignoring: %s", rvalue); | |
2511 | return 0; | |
2512 | } | |
2513 | ||
2514 | if (u) { | |
2515 | r = unit_full_printf(u, word, &k); | |
2516 | if (r < 0) { | |
2517 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2518 | "Failed to resolve unit specifiers in %s, ignoring: %m", word); | |
2519 | continue; | |
2520 | } | |
2521 | } else | |
2522 | k = TAKE_PTR(word); | |
2523 | ||
2524 | if (!env_assignment_is_valid(k)) { | |
2525 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
2526 | "Invalid environment assignment, ignoring: %s", k); | |
2527 | continue; | |
2528 | } | |
2529 | ||
2530 | r = strv_env_replace(env, k); | |
2531 | if (r < 0) | |
2532 | return log_oom(); | |
2533 | ||
2534 | k = NULL; | |
2535 | } | |
2536 | } | |
2537 | ||
2538 | int config_parse_pass_environ( | |
2539 | const char *unit, | |
2540 | const char *filename, | |
2541 | unsigned line, | |
2542 | const char *section, | |
2543 | unsigned section_line, | |
2544 | const char *lvalue, | |
2545 | int ltype, | |
2546 | const char *rvalue, | |
2547 | void *data, | |
2548 | void *userdata) { | |
2549 | ||
2550 | _cleanup_strv_free_ char **n = NULL; | |
2551 | size_t nlen = 0, nbufsize = 0; | |
2552 | char*** passenv = data; | |
2553 | const char *p = rvalue; | |
2554 | const Unit *u = userdata; | |
2555 | int r; | |
2556 | ||
2557 | assert(filename); | |
2558 | assert(lvalue); | |
2559 | assert(rvalue); | |
2560 | assert(data); | |
2561 | ||
2562 | if (isempty(rvalue)) { | |
2563 | /* Empty assignment resets the list */ | |
2564 | *passenv = strv_free(*passenv); | |
2565 | return 0; | |
2566 | } | |
2567 | ||
2568 | for (;;) { | |
2569 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2570 | ||
2571 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
2572 | if (r == 0) | |
2573 | break; | |
2574 | if (r == -ENOMEM) | |
2575 | return log_oom(); | |
2576 | if (r < 0) { | |
2577 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2578 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); | |
2579 | break; | |
2580 | } | |
2581 | ||
2582 | if (u) { | |
2583 | r = unit_full_printf(u, word, &k); | |
2584 | if (r < 0) { | |
2585 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2586 | "Failed to resolve specifiers in %s, ignoring: %m", word); | |
2587 | continue; | |
2588 | } | |
2589 | } else | |
2590 | k = TAKE_PTR(word); | |
2591 | ||
2592 | if (!env_name_is_valid(k)) { | |
2593 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
2594 | "Invalid environment name for %s, ignoring: %s", lvalue, k); | |
2595 | continue; | |
2596 | } | |
2597 | ||
2598 | if (!GREEDY_REALLOC(n, nbufsize, nlen + 2)) | |
2599 | return log_oom(); | |
2600 | ||
2601 | n[nlen++] = TAKE_PTR(k); | |
2602 | n[nlen] = NULL; | |
2603 | } | |
2604 | ||
2605 | if (n) { | |
2606 | r = strv_extend_strv(passenv, n, true); | |
2607 | if (r < 0) | |
2608 | return r; | |
2609 | } | |
2610 | ||
2611 | return 0; | |
2612 | } | |
2613 | ||
2614 | int config_parse_unset_environ( | |
2615 | const char *unit, | |
2616 | const char *filename, | |
2617 | unsigned line, | |
2618 | const char *section, | |
2619 | unsigned section_line, | |
2620 | const char *lvalue, | |
2621 | int ltype, | |
2622 | const char *rvalue, | |
2623 | void *data, | |
2624 | void *userdata) { | |
2625 | ||
2626 | _cleanup_strv_free_ char **n = NULL; | |
2627 | size_t nlen = 0, nbufsize = 0; | |
2628 | char*** unsetenv = data; | |
2629 | const char *p = rvalue; | |
2630 | const Unit *u = userdata; | |
2631 | int r; | |
2632 | ||
2633 | assert(filename); | |
2634 | assert(lvalue); | |
2635 | assert(rvalue); | |
2636 | assert(data); | |
2637 | ||
2638 | if (isempty(rvalue)) { | |
2639 | /* Empty assignment resets the list */ | |
2640 | *unsetenv = strv_free(*unsetenv); | |
2641 | return 0; | |
2642 | } | |
2643 | ||
2644 | for (;;) { | |
2645 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2646 | ||
2647 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); | |
2648 | if (r == 0) | |
2649 | break; | |
2650 | if (r == -ENOMEM) | |
2651 | return log_oom(); | |
2652 | if (r < 0) { | |
2653 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2654 | "Trailing garbage in %s, ignoring: %s", lvalue, rvalue); | |
2655 | break; | |
2656 | } | |
2657 | ||
2658 | if (u) { | |
2659 | r = unit_full_printf(u, word, &k); | |
2660 | if (r < 0) { | |
2661 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2662 | "Failed to resolve unit specifiers in %s, ignoring: %m", word); | |
2663 | continue; | |
2664 | } | |
2665 | } else | |
2666 | k = TAKE_PTR(word); | |
2667 | ||
2668 | if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) { | |
2669 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
2670 | "Invalid environment name or assignment %s, ignoring: %s", lvalue, k); | |
2671 | continue; | |
2672 | } | |
2673 | ||
2674 | if (!GREEDY_REALLOC(n, nbufsize, nlen + 2)) | |
2675 | return log_oom(); | |
2676 | ||
2677 | n[nlen++] = TAKE_PTR(k); | |
2678 | n[nlen] = NULL; | |
2679 | } | |
2680 | ||
2681 | if (n) { | |
2682 | r = strv_extend_strv(unsetenv, n, true); | |
2683 | if (r < 0) | |
2684 | return r; | |
2685 | } | |
2686 | ||
2687 | return 0; | |
2688 | } | |
2689 | ||
2690 | int config_parse_log_extra_fields( | |
2691 | const char *unit, | |
2692 | const char *filename, | |
2693 | unsigned line, | |
2694 | const char *section, | |
2695 | unsigned section_line, | |
2696 | const char *lvalue, | |
2697 | int ltype, | |
2698 | const char *rvalue, | |
2699 | void *data, | |
2700 | void *userdata) { | |
2701 | ||
2702 | ExecContext *c = data; | |
2703 | const Unit *u = userdata; | |
2704 | const char *p = rvalue; | |
2705 | int r; | |
2706 | ||
2707 | assert(filename); | |
2708 | assert(lvalue); | |
2709 | assert(rvalue); | |
2710 | assert(c); | |
2711 | ||
2712 | if (isempty(rvalue)) { | |
2713 | exec_context_free_log_extra_fields(c); | |
2714 | return 0; | |
2715 | } | |
2716 | ||
2717 | for (;;) { | |
2718 | _cleanup_free_ char *word = NULL, *k = NULL; | |
2719 | struct iovec *t; | |
2720 | const char *eq; | |
2721 | ||
2722 | r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE); | |
2723 | if (r == 0) | |
2724 | return 0; | |
2725 | if (r == -ENOMEM) | |
2726 | return log_oom(); | |
2727 | if (r < 0) { | |
2728 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
2729 | return 0; | |
2730 | } | |
2731 | ||
2732 | r = unit_full_printf(u, word, &k); | |
2733 | if (r < 0) { | |
2734 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word); | |
2735 | continue; | |
2736 | } | |
2737 | ||
2738 | eq = strchr(k, '='); | |
2739 | if (!eq) { | |
2740 | log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k); | |
2741 | continue; | |
2742 | } | |
2743 | ||
2744 | if (!journal_field_valid(k, eq-k, false)) { | |
2745 | log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k); | |
2746 | continue; | |
2747 | } | |
2748 | ||
2749 | t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec)); | |
2750 | if (!t) | |
2751 | return log_oom(); | |
2752 | ||
2753 | c->log_extra_fields = t; | |
2754 | c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k); | |
2755 | ||
2756 | k = NULL; | |
2757 | } | |
2758 | } | |
2759 | ||
2760 | int config_parse_log_namespace( | |
2761 | const char *unit, | |
2762 | const char *filename, | |
2763 | unsigned line, | |
2764 | const char *section, | |
2765 | unsigned section_line, | |
2766 | const char *lvalue, | |
2767 | int ltype, | |
2768 | const char *rvalue, | |
2769 | void *data, | |
2770 | void *userdata) { | |
2771 | ||
2772 | _cleanup_free_ char *k = NULL; | |
2773 | ExecContext *c = data; | |
2774 | const Unit *u = userdata; | |
2775 | int r; | |
2776 | ||
2777 | assert(filename); | |
2778 | assert(lvalue); | |
2779 | assert(rvalue); | |
2780 | assert(c); | |
2781 | ||
2782 | if (isempty(rvalue)) { | |
2783 | c->log_namespace = mfree(c->log_namespace); | |
2784 | return 0; | |
2785 | } | |
2786 | ||
2787 | r = unit_full_printf(u, rvalue, &k); | |
2788 | if (r < 0) { | |
2789 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
2790 | return 0; | |
2791 | } | |
2792 | ||
2793 | if (!log_namespace_name_valid(k)) { | |
2794 | log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "Specified log namespace name is not valid: %s", k); | |
2795 | return 0; | |
2796 | } | |
2797 | ||
2798 | free_and_replace(c->log_namespace, k); | |
2799 | return 0; | |
2800 | } | |
2801 | ||
2802 | int config_parse_unit_condition_path( | |
2803 | const char *unit, | |
2804 | const char *filename, | |
2805 | unsigned line, | |
2806 | const char *section, | |
2807 | unsigned section_line, | |
2808 | const char *lvalue, | |
2809 | int ltype, | |
2810 | const char *rvalue, | |
2811 | void *data, | |
2812 | void *userdata) { | |
2813 | ||
2814 | _cleanup_free_ char *p = NULL; | |
2815 | Condition **list = data, *c; | |
2816 | ConditionType t = ltype; | |
2817 | bool trigger, negate; | |
2818 | const Unit *u = userdata; | |
2819 | int r; | |
2820 | ||
2821 | assert(filename); | |
2822 | assert(lvalue); | |
2823 | assert(rvalue); | |
2824 | assert(data); | |
2825 | ||
2826 | if (isempty(rvalue)) { | |
2827 | /* Empty assignment resets the list */ | |
2828 | *list = condition_free_list(*list); | |
2829 | return 0; | |
2830 | } | |
2831 | ||
2832 | trigger = rvalue[0] == '|'; | |
2833 | if (trigger) | |
2834 | rvalue++; | |
2835 | ||
2836 | negate = rvalue[0] == '!'; | |
2837 | if (negate) | |
2838 | rvalue++; | |
2839 | ||
2840 | r = unit_full_printf(u, rvalue, &p); | |
2841 | if (r < 0) { | |
2842 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
2843 | return 0; | |
2844 | } | |
2845 | ||
2846 | r = path_simplify_and_warn(p, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
2847 | if (r < 0) | |
2848 | return 0; | |
2849 | ||
2850 | c = condition_new(t, p, trigger, negate); | |
2851 | if (!c) | |
2852 | return log_oom(); | |
2853 | ||
2854 | LIST_PREPEND(conditions, *list, c); | |
2855 | return 0; | |
2856 | } | |
2857 | ||
2858 | int config_parse_unit_condition_string( | |
2859 | const char *unit, | |
2860 | const char *filename, | |
2861 | unsigned line, | |
2862 | const char *section, | |
2863 | unsigned section_line, | |
2864 | const char *lvalue, | |
2865 | int ltype, | |
2866 | const char *rvalue, | |
2867 | void *data, | |
2868 | void *userdata) { | |
2869 | ||
2870 | _cleanup_free_ char *s = NULL; | |
2871 | Condition **list = data, *c; | |
2872 | ConditionType t = ltype; | |
2873 | bool trigger, negate; | |
2874 | const Unit *u = userdata; | |
2875 | int r; | |
2876 | ||
2877 | assert(filename); | |
2878 | assert(lvalue); | |
2879 | assert(rvalue); | |
2880 | assert(data); | |
2881 | ||
2882 | if (isempty(rvalue)) { | |
2883 | /* Empty assignment resets the list */ | |
2884 | *list = condition_free_list(*list); | |
2885 | return 0; | |
2886 | } | |
2887 | ||
2888 | trigger = *rvalue == '|'; | |
2889 | if (trigger) | |
2890 | rvalue += 1 + strspn(rvalue + 1, WHITESPACE); | |
2891 | ||
2892 | negate = *rvalue == '!'; | |
2893 | if (negate) | |
2894 | rvalue += 1 + strspn(rvalue + 1, WHITESPACE); | |
2895 | ||
2896 | r = unit_full_printf(u, rvalue, &s); | |
2897 | if (r < 0) { | |
2898 | log_syntax(unit, LOG_ERR, filename, line, r, | |
2899 | "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
2900 | return 0; | |
2901 | } | |
2902 | ||
2903 | c = condition_new(t, s, trigger, negate); | |
2904 | if (!c) | |
2905 | return log_oom(); | |
2906 | ||
2907 | LIST_PREPEND(conditions, *list, c); | |
2908 | return 0; | |
2909 | } | |
2910 | ||
2911 | int config_parse_unit_condition_null( | |
2912 | const char *unit, | |
2913 | const char *filename, | |
2914 | unsigned line, | |
2915 | const char *section, | |
2916 | unsigned section_line, | |
2917 | const char *lvalue, | |
2918 | int ltype, | |
2919 | const char *rvalue, | |
2920 | void *data, | |
2921 | void *userdata) { | |
2922 | ||
2923 | Condition **list = data, *c; | |
2924 | bool trigger, negate; | |
2925 | int b; | |
2926 | ||
2927 | assert(filename); | |
2928 | assert(lvalue); | |
2929 | assert(rvalue); | |
2930 | assert(data); | |
2931 | ||
2932 | log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is deprecated, please do not use.", lvalue); | |
2933 | ||
2934 | if (isempty(rvalue)) { | |
2935 | /* Empty assignment resets the list */ | |
2936 | *list = condition_free_list(*list); | |
2937 | return 0; | |
2938 | } | |
2939 | ||
2940 | trigger = rvalue[0] == '|'; | |
2941 | if (trigger) | |
2942 | rvalue++; | |
2943 | ||
2944 | negate = rvalue[0] == '!'; | |
2945 | if (negate) | |
2946 | rvalue++; | |
2947 | ||
2948 | b = parse_boolean(rvalue); | |
2949 | if (b < 0) { | |
2950 | log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue); | |
2951 | return 0; | |
2952 | } | |
2953 | ||
2954 | if (!b) | |
2955 | negate = !negate; | |
2956 | ||
2957 | c = condition_new(CONDITION_NULL, NULL, trigger, negate); | |
2958 | if (!c) | |
2959 | return log_oom(); | |
2960 | ||
2961 | LIST_PREPEND(conditions, *list, c); | |
2962 | return 0; | |
2963 | } | |
2964 | ||
2965 | int config_parse_unit_requires_mounts_for( | |
2966 | const char *unit, | |
2967 | const char *filename, | |
2968 | unsigned line, | |
2969 | const char *section, | |
2970 | unsigned section_line, | |
2971 | const char *lvalue, | |
2972 | int ltype, | |
2973 | const char *rvalue, | |
2974 | void *data, | |
2975 | void *userdata) { | |
2976 | ||
2977 | const char *p = rvalue; | |
2978 | Unit *u = userdata; | |
2979 | int r; | |
2980 | ||
2981 | assert(filename); | |
2982 | assert(lvalue); | |
2983 | assert(rvalue); | |
2984 | assert(data); | |
2985 | ||
2986 | for (;;) { | |
2987 | _cleanup_free_ char *word = NULL, *resolved = NULL; | |
2988 | ||
2989 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
2990 | if (r == 0) | |
2991 | return 0; | |
2992 | if (r == -ENOMEM) | |
2993 | return log_oom(); | |
2994 | if (r < 0) { | |
2995 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
2996 | "Invalid syntax, ignoring: %s", rvalue); | |
2997 | return 0; | |
2998 | } | |
2999 | ||
3000 | r = unit_full_printf(u, word, &resolved); | |
3001 | if (r < 0) { | |
3002 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word); | |
3003 | continue; | |
3004 | } | |
3005 | ||
3006 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
3007 | if (r < 0) | |
3008 | continue; | |
3009 | ||
3010 | r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE); | |
3011 | if (r < 0) { | |
3012 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved); | |
3013 | continue; | |
3014 | } | |
3015 | } | |
3016 | } | |
3017 | ||
3018 | int config_parse_documentation(const char *unit, | |
3019 | const char *filename, | |
3020 | unsigned line, | |
3021 | const char *section, | |
3022 | unsigned section_line, | |
3023 | const char *lvalue, | |
3024 | int ltype, | |
3025 | const char *rvalue, | |
3026 | void *data, | |
3027 | void *userdata) { | |
3028 | ||
3029 | Unit *u = userdata; | |
3030 | int r; | |
3031 | char **a, **b; | |
3032 | ||
3033 | assert(filename); | |
3034 | assert(lvalue); | |
3035 | assert(rvalue); | |
3036 | assert(u); | |
3037 | ||
3038 | if (isempty(rvalue)) { | |
3039 | /* Empty assignment resets the list */ | |
3040 | u->documentation = strv_free(u->documentation); | |
3041 | return 0; | |
3042 | } | |
3043 | ||
3044 | r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype, | |
3045 | rvalue, data, userdata); | |
3046 | if (r < 0) | |
3047 | return r; | |
3048 | ||
3049 | for (a = b = u->documentation; a && *a; a++) { | |
3050 | ||
3051 | if (documentation_url_is_valid(*a)) | |
3052 | *(b++) = *a; | |
3053 | else { | |
3054 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a); | |
3055 | free(*a); | |
3056 | } | |
3057 | } | |
3058 | if (b) | |
3059 | *b = NULL; | |
3060 | ||
3061 | return r; | |
3062 | } | |
3063 | ||
3064 | #if HAVE_SECCOMP | |
3065 | int config_parse_syscall_filter( | |
3066 | const char *unit, | |
3067 | const char *filename, | |
3068 | unsigned line, | |
3069 | const char *section, | |
3070 | unsigned section_line, | |
3071 | const char *lvalue, | |
3072 | int ltype, | |
3073 | const char *rvalue, | |
3074 | void *data, | |
3075 | void *userdata) { | |
3076 | ||
3077 | ExecContext *c = data; | |
3078 | _unused_ const Unit *u = userdata; | |
3079 | bool invert = false; | |
3080 | const char *p; | |
3081 | int r; | |
3082 | ||
3083 | assert(filename); | |
3084 | assert(lvalue); | |
3085 | assert(rvalue); | |
3086 | assert(u); | |
3087 | ||
3088 | if (isempty(rvalue)) { | |
3089 | /* Empty assignment resets the list */ | |
3090 | c->syscall_filter = hashmap_free(c->syscall_filter); | |
3091 | c->syscall_allow_list = false; | |
3092 | return 0; | |
3093 | } | |
3094 | ||
3095 | if (rvalue[0] == '~') { | |
3096 | invert = true; | |
3097 | rvalue++; | |
3098 | } | |
3099 | ||
3100 | if (!c->syscall_filter) { | |
3101 | c->syscall_filter = hashmap_new(NULL); | |
3102 | if (!c->syscall_filter) | |
3103 | return log_oom(); | |
3104 | ||
3105 | if (invert) | |
3106 | /* Allow everything but the ones listed */ | |
3107 | c->syscall_allow_list = false; | |
3108 | else { | |
3109 | /* Allow nothing but the ones listed */ | |
3110 | c->syscall_allow_list = true; | |
3111 | ||
3112 | /* Accept default syscalls if we are on a allow_list */ | |
3113 | r = seccomp_parse_syscall_filter( | |
3114 | "@default", -1, c->syscall_filter, | |
3115 | SECCOMP_PARSE_PERMISSIVE|SECCOMP_PARSE_ALLOW_LIST, | |
3116 | unit, | |
3117 | NULL, 0); | |
3118 | if (r < 0) | |
3119 | return r; | |
3120 | } | |
3121 | } | |
3122 | ||
3123 | p = rvalue; | |
3124 | for (;;) { | |
3125 | _cleanup_free_ char *word = NULL, *name = NULL; | |
3126 | int num; | |
3127 | ||
3128 | r = extract_first_word(&p, &word, NULL, 0); | |
3129 | if (r == 0) | |
3130 | return 0; | |
3131 | if (r == -ENOMEM) | |
3132 | return log_oom(); | |
3133 | if (r < 0) { | |
3134 | log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
3135 | return 0; | |
3136 | } | |
3137 | ||
3138 | r = parse_syscall_and_errno(word, &name, &num); | |
3139 | if (r < 0) { | |
3140 | log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word); | |
3141 | continue; | |
3142 | } | |
3143 | ||
3144 | r = seccomp_parse_syscall_filter( | |
3145 | name, num, c->syscall_filter, | |
3146 | SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE| | |
3147 | (invert ? SECCOMP_PARSE_INVERT : 0)| | |
3148 | (c->syscall_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0), | |
3149 | unit, filename, line); | |
3150 | if (r < 0) | |
3151 | return r; | |
3152 | } | |
3153 | } | |
3154 | ||
3155 | int config_parse_syscall_archs( | |
3156 | const char *unit, | |
3157 | const char *filename, | |
3158 | unsigned line, | |
3159 | const char *section, | |
3160 | unsigned section_line, | |
3161 | const char *lvalue, | |
3162 | int ltype, | |
3163 | const char *rvalue, | |
3164 | void *data, | |
3165 | void *userdata) { | |
3166 | ||
3167 | const char *p = rvalue; | |
3168 | Set **archs = data; | |
3169 | int r; | |
3170 | ||
3171 | if (isempty(rvalue)) { | |
3172 | *archs = set_free(*archs); | |
3173 | return 0; | |
3174 | } | |
3175 | ||
3176 | for (;;) { | |
3177 | _cleanup_free_ char *word = NULL; | |
3178 | uint32_t a; | |
3179 | ||
3180 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
3181 | if (r == 0) | |
3182 | return 0; | |
3183 | if (r == -ENOMEM) | |
3184 | return log_oom(); | |
3185 | if (r < 0) { | |
3186 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3187 | "Invalid syntax, ignoring: %s", rvalue); | |
3188 | return 0; | |
3189 | } | |
3190 | ||
3191 | r = seccomp_arch_from_string(word, &a); | |
3192 | if (r < 0) { | |
3193 | log_syntax(unit, LOG_ERR, filename, line, r, | |
3194 | "Failed to parse system call architecture \"%s\", ignoring: %m", word); | |
3195 | continue; | |
3196 | } | |
3197 | ||
3198 | r = set_ensure_put(archs, NULL, UINT32_TO_PTR(a + 1)); | |
3199 | if (r < 0) | |
3200 | return log_oom(); | |
3201 | } | |
3202 | } | |
3203 | ||
3204 | int config_parse_syscall_errno( | |
3205 | const char *unit, | |
3206 | const char *filename, | |
3207 | unsigned line, | |
3208 | const char *section, | |
3209 | unsigned section_line, | |
3210 | const char *lvalue, | |
3211 | int ltype, | |
3212 | const char *rvalue, | |
3213 | void *data, | |
3214 | void *userdata) { | |
3215 | ||
3216 | ExecContext *c = data; | |
3217 | int e; | |
3218 | ||
3219 | assert(filename); | |
3220 | assert(lvalue); | |
3221 | assert(rvalue); | |
3222 | ||
3223 | if (isempty(rvalue)) { | |
3224 | /* Empty assignment resets to KILL */ | |
3225 | c->syscall_errno = 0; | |
3226 | return 0; | |
3227 | } | |
3228 | ||
3229 | e = parse_errno(rvalue); | |
3230 | if (e <= 0) { | |
3231 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue); | |
3232 | return 0; | |
3233 | } | |
3234 | ||
3235 | c->syscall_errno = e; | |
3236 | return 0; | |
3237 | } | |
3238 | ||
3239 | int config_parse_address_families( | |
3240 | const char *unit, | |
3241 | const char *filename, | |
3242 | unsigned line, | |
3243 | const char *section, | |
3244 | unsigned section_line, | |
3245 | const char *lvalue, | |
3246 | int ltype, | |
3247 | const char *rvalue, | |
3248 | void *data, | |
3249 | void *userdata) { | |
3250 | ||
3251 | ExecContext *c = data; | |
3252 | bool invert = false; | |
3253 | const char *p; | |
3254 | int r; | |
3255 | ||
3256 | assert(filename); | |
3257 | assert(lvalue); | |
3258 | assert(rvalue); | |
3259 | ||
3260 | if (isempty(rvalue)) { | |
3261 | /* Empty assignment resets the list */ | |
3262 | c->address_families = set_free(c->address_families); | |
3263 | c->address_families_allow_list = false; | |
3264 | return 0; | |
3265 | } | |
3266 | ||
3267 | if (rvalue[0] == '~') { | |
3268 | invert = true; | |
3269 | rvalue++; | |
3270 | } | |
3271 | ||
3272 | if (!c->address_families) { | |
3273 | c->address_families = set_new(NULL); | |
3274 | if (!c->address_families) | |
3275 | return log_oom(); | |
3276 | ||
3277 | c->address_families_allow_list = !invert; | |
3278 | } | |
3279 | ||
3280 | for (p = rvalue;;) { | |
3281 | _cleanup_free_ char *word = NULL; | |
3282 | int af; | |
3283 | ||
3284 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
3285 | if (r == 0) | |
3286 | return 0; | |
3287 | if (r == -ENOMEM) | |
3288 | return log_oom(); | |
3289 | if (r < 0) { | |
3290 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3291 | "Invalid syntax, ignoring: %s", rvalue); | |
3292 | return 0; | |
3293 | } | |
3294 | ||
3295 | af = af_from_name(word); | |
3296 | if (af < 0) { | |
3297 | log_syntax(unit, LOG_ERR, filename, line, af, | |
3298 | "Failed to parse address family, ignoring: %s", word); | |
3299 | continue; | |
3300 | } | |
3301 | ||
3302 | /* If we previously wanted to forbid an address family and now | |
3303 | * we want to allow it, then just remove it from the list. | |
3304 | */ | |
3305 | if (!invert == c->address_families_allow_list) { | |
3306 | r = set_put(c->address_families, INT_TO_PTR(af)); | |
3307 | if (r < 0) | |
3308 | return log_oom(); | |
3309 | } else | |
3310 | set_remove(c->address_families, INT_TO_PTR(af)); | |
3311 | } | |
3312 | } | |
3313 | ||
3314 | int config_parse_restrict_namespaces( | |
3315 | const char *unit, | |
3316 | const char *filename, | |
3317 | unsigned line, | |
3318 | const char *section, | |
3319 | unsigned section_line, | |
3320 | const char *lvalue, | |
3321 | int ltype, | |
3322 | const char *rvalue, | |
3323 | void *data, | |
3324 | void *userdata) { | |
3325 | ||
3326 | ExecContext *c = data; | |
3327 | unsigned long flags; | |
3328 | bool invert = false; | |
3329 | int r; | |
3330 | ||
3331 | if (isempty(rvalue)) { | |
3332 | /* Reset to the default. */ | |
3333 | c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL; | |
3334 | return 0; | |
3335 | } | |
3336 | ||
3337 | /* Boolean parameter ignores the previous settings */ | |
3338 | r = parse_boolean(rvalue); | |
3339 | if (r > 0) { | |
3340 | c->restrict_namespaces = 0; | |
3341 | return 0; | |
3342 | } else if (r == 0) { | |
3343 | c->restrict_namespaces = NAMESPACE_FLAGS_ALL; | |
3344 | return 0; | |
3345 | } | |
3346 | ||
3347 | if (rvalue[0] == '~') { | |
3348 | invert = true; | |
3349 | rvalue++; | |
3350 | } | |
3351 | ||
3352 | /* Not a boolean argument, in this case it's a list of namespace types. */ | |
3353 | r = namespace_flags_from_string(rvalue, &flags); | |
3354 | if (r < 0) { | |
3355 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue); | |
3356 | return 0; | |
3357 | } | |
3358 | ||
3359 | if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL) | |
3360 | /* Initial assignment. Just set the value. */ | |
3361 | c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags; | |
3362 | else | |
3363 | /* Merge the value with the previous one. */ | |
3364 | SET_FLAG(c->restrict_namespaces, flags, !invert); | |
3365 | ||
3366 | return 0; | |
3367 | } | |
3368 | #endif | |
3369 | ||
3370 | int config_parse_unit_slice( | |
3371 | const char *unit, | |
3372 | const char *filename, | |
3373 | unsigned line, | |
3374 | const char *section, | |
3375 | unsigned section_line, | |
3376 | const char *lvalue, | |
3377 | int ltype, | |
3378 | const char *rvalue, | |
3379 | void *data, | |
3380 | void *userdata) { | |
3381 | ||
3382 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
3383 | _cleanup_free_ char *k = NULL; | |
3384 | Unit *u = userdata, *slice; | |
3385 | int r; | |
3386 | ||
3387 | assert(filename); | |
3388 | assert(lvalue); | |
3389 | assert(rvalue); | |
3390 | assert(u); | |
3391 | ||
3392 | r = unit_name_printf(u, rvalue, &k); | |
3393 | if (r < 0) { | |
3394 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue); | |
3395 | return 0; | |
3396 | } | |
3397 | ||
3398 | r = manager_load_unit(u->manager, k, NULL, &error, &slice); | |
3399 | if (r < 0) { | |
3400 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r)); | |
3401 | return 0; | |
3402 | } | |
3403 | ||
3404 | r = unit_set_slice(u, slice); | |
3405 | if (r < 0) { | |
3406 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id); | |
3407 | return 0; | |
3408 | } | |
3409 | ||
3410 | return 0; | |
3411 | } | |
3412 | ||
3413 | int config_parse_cpu_quota( | |
3414 | const char *unit, | |
3415 | const char *filename, | |
3416 | unsigned line, | |
3417 | const char *section, | |
3418 | unsigned section_line, | |
3419 | const char *lvalue, | |
3420 | int ltype, | |
3421 | const char *rvalue, | |
3422 | void *data, | |
3423 | void *userdata) { | |
3424 | ||
3425 | CGroupContext *c = data; | |
3426 | int r; | |
3427 | ||
3428 | assert(filename); | |
3429 | assert(lvalue); | |
3430 | assert(rvalue); | |
3431 | ||
3432 | if (isempty(rvalue)) { | |
3433 | c->cpu_quota_per_sec_usec = USEC_INFINITY; | |
3434 | return 0; | |
3435 | } | |
3436 | ||
3437 | r = parse_permille_unbounded(rvalue); | |
3438 | if (r <= 0) { | |
3439 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue); | |
3440 | return 0; | |
3441 | } | |
3442 | ||
3443 | c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 1000U; | |
3444 | return 0; | |
3445 | } | |
3446 | ||
3447 | int config_parse_allowed_cpus( | |
3448 | const char *unit, | |
3449 | const char *filename, | |
3450 | unsigned line, | |
3451 | const char *section, | |
3452 | unsigned section_line, | |
3453 | const char *lvalue, | |
3454 | int ltype, | |
3455 | const char *rvalue, | |
3456 | void *data, | |
3457 | void *userdata) { | |
3458 | ||
3459 | CGroupContext *c = data; | |
3460 | ||
3461 | (void) parse_cpu_set_extend(rvalue, &c->cpuset_cpus, true, unit, filename, line, lvalue); | |
3462 | ||
3463 | return 0; | |
3464 | } | |
3465 | ||
3466 | int config_parse_allowed_mems( | |
3467 | const char *unit, | |
3468 | const char *filename, | |
3469 | unsigned line, | |
3470 | const char *section, | |
3471 | unsigned section_line, | |
3472 | const char *lvalue, | |
3473 | int ltype, | |
3474 | const char *rvalue, | |
3475 | void *data, | |
3476 | void *userdata) { | |
3477 | ||
3478 | CGroupContext *c = data; | |
3479 | ||
3480 | (void) parse_cpu_set_extend(rvalue, &c->cpuset_mems, true, unit, filename, line, lvalue); | |
3481 | ||
3482 | return 0; | |
3483 | } | |
3484 | ||
3485 | int config_parse_memory_limit( | |
3486 | const char *unit, | |
3487 | const char *filename, | |
3488 | unsigned line, | |
3489 | const char *section, | |
3490 | unsigned section_line, | |
3491 | const char *lvalue, | |
3492 | int ltype, | |
3493 | const char *rvalue, | |
3494 | void *data, | |
3495 | void *userdata) { | |
3496 | ||
3497 | CGroupContext *c = data; | |
3498 | uint64_t bytes = CGROUP_LIMIT_MAX; | |
3499 | int r; | |
3500 | ||
3501 | if (isempty(rvalue) && STR_IN_SET(lvalue, "DefaultMemoryLow", | |
3502 | "DefaultMemoryMin", | |
3503 | "MemoryLow", | |
3504 | "MemoryMin")) | |
3505 | bytes = CGROUP_LIMIT_MIN; | |
3506 | else if (!isempty(rvalue) && !streq(rvalue, "infinity")) { | |
3507 | ||
3508 | r = parse_permille(rvalue); | |
3509 | if (r < 0) { | |
3510 | r = parse_size(rvalue, 1024, &bytes); | |
3511 | if (r < 0) { | |
3512 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue); | |
3513 | return 0; | |
3514 | } | |
3515 | } else | |
3516 | bytes = physical_memory_scale(r, 1000U); | |
3517 | ||
3518 | if (bytes >= UINT64_MAX || | |
3519 | (bytes <= 0 && !STR_IN_SET(lvalue, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) { | |
3520 | log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue); | |
3521 | return 0; | |
3522 | } | |
3523 | } | |
3524 | ||
3525 | if (streq(lvalue, "DefaultMemoryLow")) { | |
3526 | c->default_memory_low = bytes; | |
3527 | c->default_memory_low_set = true; | |
3528 | } else if (streq(lvalue, "DefaultMemoryMin")) { | |
3529 | c->default_memory_min = bytes; | |
3530 | c->default_memory_min_set = true; | |
3531 | } else if (streq(lvalue, "MemoryMin")) { | |
3532 | c->memory_min = bytes; | |
3533 | c->memory_min_set = true; | |
3534 | } else if (streq(lvalue, "MemoryLow")) { | |
3535 | c->memory_low = bytes; | |
3536 | c->memory_low_set = true; | |
3537 | } else if (streq(lvalue, "MemoryHigh")) | |
3538 | c->memory_high = bytes; | |
3539 | else if (streq(lvalue, "MemoryMax")) | |
3540 | c->memory_max = bytes; | |
3541 | else if (streq(lvalue, "MemorySwapMax")) | |
3542 | c->memory_swap_max = bytes; | |
3543 | else if (streq(lvalue, "MemoryLimit")) | |
3544 | c->memory_limit = bytes; | |
3545 | else | |
3546 | return -EINVAL; | |
3547 | ||
3548 | return 0; | |
3549 | } | |
3550 | ||
3551 | int config_parse_tasks_max( | |
3552 | const char *unit, | |
3553 | const char *filename, | |
3554 | unsigned line, | |
3555 | const char *section, | |
3556 | unsigned section_line, | |
3557 | const char *lvalue, | |
3558 | int ltype, | |
3559 | const char *rvalue, | |
3560 | void *data, | |
3561 | void *userdata) { | |
3562 | ||
3563 | const Unit *u = userdata; | |
3564 | TasksMax *tasks_max = data; | |
3565 | uint64_t v; | |
3566 | int r; | |
3567 | ||
3568 | if (isempty(rvalue)) { | |
3569 | *tasks_max = u ? u->manager->default_tasks_max : TASKS_MAX_UNSET; | |
3570 | return 0; | |
3571 | } | |
3572 | ||
3573 | if (streq(rvalue, "infinity")) { | |
3574 | *tasks_max = TASKS_MAX_UNSET; | |
3575 | return 0; | |
3576 | } | |
3577 | ||
3578 | r = parse_permille(rvalue); | |
3579 | if (r >= 0) | |
3580 | *tasks_max = (TasksMax) { r, 1000U }; /* r‰ */ | |
3581 | else { | |
3582 | r = safe_atou64(rvalue, &v); | |
3583 | if (r < 0) { | |
3584 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue); | |
3585 | return 0; | |
3586 | } | |
3587 | ||
3588 | if (v <= 0 || v >= UINT64_MAX) { | |
3589 | log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue); | |
3590 | return 0; | |
3591 | } | |
3592 | ||
3593 | *tasks_max = (TasksMax) { v }; | |
3594 | } | |
3595 | ||
3596 | return 0; | |
3597 | } | |
3598 | ||
3599 | int config_parse_delegate( | |
3600 | const char *unit, | |
3601 | const char *filename, | |
3602 | unsigned line, | |
3603 | const char *section, | |
3604 | unsigned section_line, | |
3605 | const char *lvalue, | |
3606 | int ltype, | |
3607 | const char *rvalue, | |
3608 | void *data, | |
3609 | void *userdata) { | |
3610 | ||
3611 | CGroupContext *c = data; | |
3612 | UnitType t; | |
3613 | int r; | |
3614 | ||
3615 | t = unit_name_to_type(unit); | |
3616 | assert(t != _UNIT_TYPE_INVALID); | |
3617 | ||
3618 | if (!unit_vtable[t]->can_delegate) { | |
3619 | log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring."); | |
3620 | return 0; | |
3621 | } | |
3622 | ||
3623 | /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it | |
3624 | * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the | |
3625 | * mask to delegate. */ | |
3626 | ||
3627 | if (isempty(rvalue)) { | |
3628 | /* An empty string resets controllers and set Delegate=yes. */ | |
3629 | c->delegate = true; | |
3630 | c->delegate_controllers = 0; | |
3631 | return 0; | |
3632 | } | |
3633 | ||
3634 | r = parse_boolean(rvalue); | |
3635 | if (r < 0) { | |
3636 | const char *p = rvalue; | |
3637 | CGroupMask mask = 0; | |
3638 | ||
3639 | for (;;) { | |
3640 | _cleanup_free_ char *word = NULL; | |
3641 | CGroupController cc; | |
3642 | ||
3643 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
3644 | if (r == 0) | |
3645 | break; | |
3646 | if (r == -ENOMEM) | |
3647 | return log_oom(); | |
3648 | if (r < 0) { | |
3649 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue); | |
3650 | return 0; | |
3651 | } | |
3652 | ||
3653 | cc = cgroup_controller_from_string(word); | |
3654 | if (cc < 0) { | |
3655 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word); | |
3656 | continue; | |
3657 | } | |
3658 | ||
3659 | mask |= CGROUP_CONTROLLER_TO_MASK(cc); | |
3660 | } | |
3661 | ||
3662 | c->delegate = true; | |
3663 | c->delegate_controllers |= mask; | |
3664 | ||
3665 | } else if (r > 0) { | |
3666 | c->delegate = true; | |
3667 | c->delegate_controllers = _CGROUP_MASK_ALL; | |
3668 | } else { | |
3669 | c->delegate = false; | |
3670 | c->delegate_controllers = 0; | |
3671 | } | |
3672 | ||
3673 | return 0; | |
3674 | } | |
3675 | ||
3676 | int config_parse_device_allow( | |
3677 | const char *unit, | |
3678 | const char *filename, | |
3679 | unsigned line, | |
3680 | const char *section, | |
3681 | unsigned section_line, | |
3682 | const char *lvalue, | |
3683 | int ltype, | |
3684 | const char *rvalue, | |
3685 | void *data, | |
3686 | void *userdata) { | |
3687 | ||
3688 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
3689 | CGroupContext *c = data; | |
3690 | const char *p = rvalue; | |
3691 | int r; | |
3692 | ||
3693 | if (isempty(rvalue)) { | |
3694 | while (c->device_allow) | |
3695 | cgroup_context_free_device_allow(c, c->device_allow); | |
3696 | ||
3697 | return 0; | |
3698 | } | |
3699 | ||
3700 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
3701 | if (r == -ENOMEM) | |
3702 | return log_oom(); | |
3703 | if (r < 0) { | |
3704 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3705 | "Invalid syntax, ignoring: %s", rvalue); | |
3706 | return 0; | |
3707 | } | |
3708 | if (r == 0) { | |
3709 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
3710 | "Failed to extract device path and rights from '%s', ignoring.", rvalue); | |
3711 | return 0; | |
3712 | } | |
3713 | ||
3714 | r = unit_full_printf(userdata, path, &resolved); | |
3715 | if (r < 0) { | |
3716 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3717 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
3718 | return 0; | |
3719 | } | |
3720 | ||
3721 | if (!STARTSWITH_SET(resolved, "block-", "char-")) { | |
3722 | ||
3723 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
3724 | if (r < 0) | |
3725 | return 0; | |
3726 | ||
3727 | if (!valid_device_node_path(resolved)) { | |
3728 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved); | |
3729 | return 0; | |
3730 | } | |
3731 | } | |
3732 | ||
3733 | if (!isempty(p) && !in_charset(p, "rwm")) { | |
3734 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p); | |
3735 | return 0; | |
3736 | } | |
3737 | ||
3738 | return cgroup_add_device_allow(c, resolved, p); | |
3739 | } | |
3740 | ||
3741 | int config_parse_io_device_weight( | |
3742 | const char *unit, | |
3743 | const char *filename, | |
3744 | unsigned line, | |
3745 | const char *section, | |
3746 | unsigned section_line, | |
3747 | const char *lvalue, | |
3748 | int ltype, | |
3749 | const char *rvalue, | |
3750 | void *data, | |
3751 | void *userdata) { | |
3752 | ||
3753 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
3754 | CGroupIODeviceWeight *w; | |
3755 | CGroupContext *c = data; | |
3756 | const char *p = rvalue; | |
3757 | uint64_t u; | |
3758 | int r; | |
3759 | ||
3760 | assert(filename); | |
3761 | assert(lvalue); | |
3762 | assert(rvalue); | |
3763 | ||
3764 | if (isempty(rvalue)) { | |
3765 | while (c->io_device_weights) | |
3766 | cgroup_context_free_io_device_weight(c, c->io_device_weights); | |
3767 | ||
3768 | return 0; | |
3769 | } | |
3770 | ||
3771 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
3772 | if (r == -ENOMEM) | |
3773 | return log_oom(); | |
3774 | if (r < 0) { | |
3775 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3776 | "Invalid syntax, ignoring: %s", rvalue); | |
3777 | return 0; | |
3778 | } | |
3779 | if (r == 0 || isempty(p)) { | |
3780 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
3781 | "Failed to extract device path and weight from '%s', ignoring.", rvalue); | |
3782 | return 0; | |
3783 | } | |
3784 | ||
3785 | r = unit_full_printf(userdata, path, &resolved); | |
3786 | if (r < 0) { | |
3787 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3788 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
3789 | return 0; | |
3790 | } | |
3791 | ||
3792 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
3793 | if (r < 0) | |
3794 | return 0; | |
3795 | ||
3796 | r = cg_weight_parse(p, &u); | |
3797 | if (r < 0) { | |
3798 | log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p); | |
3799 | return 0; | |
3800 | } | |
3801 | ||
3802 | assert(u != CGROUP_WEIGHT_INVALID); | |
3803 | ||
3804 | w = new0(CGroupIODeviceWeight, 1); | |
3805 | if (!w) | |
3806 | return log_oom(); | |
3807 | ||
3808 | w->path = TAKE_PTR(resolved); | |
3809 | w->weight = u; | |
3810 | ||
3811 | LIST_PREPEND(device_weights, c->io_device_weights, w); | |
3812 | return 0; | |
3813 | } | |
3814 | ||
3815 | int config_parse_io_device_latency( | |
3816 | const char *unit, | |
3817 | const char *filename, | |
3818 | unsigned line, | |
3819 | const char *section, | |
3820 | unsigned section_line, | |
3821 | const char *lvalue, | |
3822 | int ltype, | |
3823 | const char *rvalue, | |
3824 | void *data, | |
3825 | void *userdata) { | |
3826 | ||
3827 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
3828 | CGroupIODeviceLatency *l; | |
3829 | CGroupContext *c = data; | |
3830 | const char *p = rvalue; | |
3831 | usec_t usec; | |
3832 | int r; | |
3833 | ||
3834 | assert(filename); | |
3835 | assert(lvalue); | |
3836 | assert(rvalue); | |
3837 | ||
3838 | if (isempty(rvalue)) { | |
3839 | while (c->io_device_latencies) | |
3840 | cgroup_context_free_io_device_latency(c, c->io_device_latencies); | |
3841 | ||
3842 | return 0; | |
3843 | } | |
3844 | ||
3845 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
3846 | if (r == -ENOMEM) | |
3847 | return log_oom(); | |
3848 | if (r < 0) { | |
3849 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3850 | "Invalid syntax, ignoring: %s", rvalue); | |
3851 | return 0; | |
3852 | } | |
3853 | if (r == 0 || isempty(p)) { | |
3854 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
3855 | "Failed to extract device path and latency from '%s', ignoring.", rvalue); | |
3856 | return 0; | |
3857 | } | |
3858 | ||
3859 | r = unit_full_printf(userdata, path, &resolved); | |
3860 | if (r < 0) { | |
3861 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3862 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
3863 | return 0; | |
3864 | } | |
3865 | ||
3866 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
3867 | if (r < 0) | |
3868 | return 0; | |
3869 | ||
3870 | if (parse_sec(p, &usec) < 0) { | |
3871 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", p); | |
3872 | return 0; | |
3873 | } | |
3874 | ||
3875 | l = new0(CGroupIODeviceLatency, 1); | |
3876 | if (!l) | |
3877 | return log_oom(); | |
3878 | ||
3879 | l->path = TAKE_PTR(resolved); | |
3880 | l->target_usec = usec; | |
3881 | ||
3882 | LIST_PREPEND(device_latencies, c->io_device_latencies, l); | |
3883 | return 0; | |
3884 | } | |
3885 | ||
3886 | int config_parse_io_limit( | |
3887 | const char *unit, | |
3888 | const char *filename, | |
3889 | unsigned line, | |
3890 | const char *section, | |
3891 | unsigned section_line, | |
3892 | const char *lvalue, | |
3893 | int ltype, | |
3894 | const char *rvalue, | |
3895 | void *data, | |
3896 | void *userdata) { | |
3897 | ||
3898 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
3899 | CGroupIODeviceLimit *l = NULL, *t; | |
3900 | CGroupContext *c = data; | |
3901 | CGroupIOLimitType type; | |
3902 | const char *p = rvalue; | |
3903 | uint64_t num; | |
3904 | int r; | |
3905 | ||
3906 | assert(filename); | |
3907 | assert(lvalue); | |
3908 | assert(rvalue); | |
3909 | ||
3910 | type = cgroup_io_limit_type_from_string(lvalue); | |
3911 | assert(type >= 0); | |
3912 | ||
3913 | if (isempty(rvalue)) { | |
3914 | LIST_FOREACH(device_limits, l, c->io_device_limits) | |
3915 | l->limits[type] = cgroup_io_limit_defaults[type]; | |
3916 | return 0; | |
3917 | } | |
3918 | ||
3919 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
3920 | if (r == -ENOMEM) | |
3921 | return log_oom(); | |
3922 | if (r < 0) { | |
3923 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3924 | "Invalid syntax, ignoring: %s", rvalue); | |
3925 | return 0; | |
3926 | } | |
3927 | if (r == 0 || isempty(p)) { | |
3928 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
3929 | "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue); | |
3930 | return 0; | |
3931 | } | |
3932 | ||
3933 | r = unit_full_printf(userdata, path, &resolved); | |
3934 | if (r < 0) { | |
3935 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
3936 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
3937 | return 0; | |
3938 | } | |
3939 | ||
3940 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
3941 | if (r < 0) | |
3942 | return 0; | |
3943 | ||
3944 | if (streq("infinity", p)) | |
3945 | num = CGROUP_LIMIT_MAX; | |
3946 | else { | |
3947 | r = parse_size(p, 1000, &num); | |
3948 | if (r < 0 || num <= 0) { | |
3949 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p); | |
3950 | return 0; | |
3951 | } | |
3952 | } | |
3953 | ||
3954 | LIST_FOREACH(device_limits, t, c->io_device_limits) { | |
3955 | if (path_equal(resolved, t->path)) { | |
3956 | l = t; | |
3957 | break; | |
3958 | } | |
3959 | } | |
3960 | ||
3961 | if (!l) { | |
3962 | CGroupIOLimitType ttype; | |
3963 | ||
3964 | l = new0(CGroupIODeviceLimit, 1); | |
3965 | if (!l) | |
3966 | return log_oom(); | |
3967 | ||
3968 | l->path = TAKE_PTR(resolved); | |
3969 | for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++) | |
3970 | l->limits[ttype] = cgroup_io_limit_defaults[ttype]; | |
3971 | ||
3972 | LIST_PREPEND(device_limits, c->io_device_limits, l); | |
3973 | } | |
3974 | ||
3975 | l->limits[type] = num; | |
3976 | ||
3977 | return 0; | |
3978 | } | |
3979 | ||
3980 | int config_parse_blockio_device_weight( | |
3981 | const char *unit, | |
3982 | const char *filename, | |
3983 | unsigned line, | |
3984 | const char *section, | |
3985 | unsigned section_line, | |
3986 | const char *lvalue, | |
3987 | int ltype, | |
3988 | const char *rvalue, | |
3989 | void *data, | |
3990 | void *userdata) { | |
3991 | ||
3992 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
3993 | CGroupBlockIODeviceWeight *w; | |
3994 | CGroupContext *c = data; | |
3995 | const char *p = rvalue; | |
3996 | uint64_t u; | |
3997 | int r; | |
3998 | ||
3999 | assert(filename); | |
4000 | assert(lvalue); | |
4001 | assert(rvalue); | |
4002 | ||
4003 | if (isempty(rvalue)) { | |
4004 | while (c->blockio_device_weights) | |
4005 | cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights); | |
4006 | ||
4007 | return 0; | |
4008 | } | |
4009 | ||
4010 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
4011 | if (r == -ENOMEM) | |
4012 | return log_oom(); | |
4013 | if (r < 0) { | |
4014 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4015 | "Invalid syntax, ignoring: %s", rvalue); | |
4016 | return 0; | |
4017 | } | |
4018 | if (r == 0 || isempty(p)) { | |
4019 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4020 | "Failed to extract device node and weight from '%s', ignoring.", rvalue); | |
4021 | return 0; | |
4022 | } | |
4023 | ||
4024 | r = unit_full_printf(userdata, path, &resolved); | |
4025 | if (r < 0) { | |
4026 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4027 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4028 | return 0; | |
4029 | } | |
4030 | ||
4031 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
4032 | if (r < 0) | |
4033 | return 0; | |
4034 | ||
4035 | r = cg_blkio_weight_parse(p, &u); | |
4036 | if (r < 0) { | |
4037 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p); | |
4038 | return 0; | |
4039 | } | |
4040 | ||
4041 | assert(u != CGROUP_BLKIO_WEIGHT_INVALID); | |
4042 | ||
4043 | w = new0(CGroupBlockIODeviceWeight, 1); | |
4044 | if (!w) | |
4045 | return log_oom(); | |
4046 | ||
4047 | w->path = TAKE_PTR(resolved); | |
4048 | w->weight = u; | |
4049 | ||
4050 | LIST_PREPEND(device_weights, c->blockio_device_weights, w); | |
4051 | return 0; | |
4052 | } | |
4053 | ||
4054 | int config_parse_blockio_bandwidth( | |
4055 | const char *unit, | |
4056 | const char *filename, | |
4057 | unsigned line, | |
4058 | const char *section, | |
4059 | unsigned section_line, | |
4060 | const char *lvalue, | |
4061 | int ltype, | |
4062 | const char *rvalue, | |
4063 | void *data, | |
4064 | void *userdata) { | |
4065 | ||
4066 | _cleanup_free_ char *path = NULL, *resolved = NULL; | |
4067 | CGroupBlockIODeviceBandwidth *b = NULL, *t; | |
4068 | CGroupContext *c = data; | |
4069 | const char *p = rvalue; | |
4070 | uint64_t bytes; | |
4071 | bool read; | |
4072 | int r; | |
4073 | ||
4074 | assert(filename); | |
4075 | assert(lvalue); | |
4076 | assert(rvalue); | |
4077 | ||
4078 | read = streq("BlockIOReadBandwidth", lvalue); | |
4079 | ||
4080 | if (isempty(rvalue)) { | |
4081 | LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) { | |
4082 | b->rbps = CGROUP_LIMIT_MAX; | |
4083 | b->wbps = CGROUP_LIMIT_MAX; | |
4084 | } | |
4085 | return 0; | |
4086 | } | |
4087 | ||
4088 | r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE); | |
4089 | if (r == -ENOMEM) | |
4090 | return log_oom(); | |
4091 | if (r < 0) { | |
4092 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4093 | "Invalid syntax, ignoring: %s", rvalue); | |
4094 | return 0; | |
4095 | } | |
4096 | if (r == 0 || isempty(p)) { | |
4097 | log_syntax(unit, LOG_WARNING, filename, line, 0, | |
4098 | "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue); | |
4099 | return 0; | |
4100 | } | |
4101 | ||
4102 | r = unit_full_printf(userdata, path, &resolved); | |
4103 | if (r < 0) { | |
4104 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4105 | "Failed to resolve unit specifiers in '%s', ignoring: %m", path); | |
4106 | return 0; | |
4107 | } | |
4108 | ||
4109 | r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue); | |
4110 | if (r < 0) | |
4111 | return 0; | |
4112 | ||
4113 | r = parse_size(p, 1000, &bytes); | |
4114 | if (r < 0 || bytes <= 0) { | |
4115 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p); | |
4116 | return 0; | |
4117 | } | |
4118 | ||
4119 | LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) { | |
4120 | if (path_equal(resolved, t->path)) { | |
4121 | b = t; | |
4122 | break; | |
4123 | } | |
4124 | } | |
4125 | ||
4126 | if (!t) { | |
4127 | b = new0(CGroupBlockIODeviceBandwidth, 1); | |
4128 | if (!b) | |
4129 | return log_oom(); | |
4130 | ||
4131 | b->path = TAKE_PTR(resolved); | |
4132 | b->rbps = CGROUP_LIMIT_MAX; | |
4133 | b->wbps = CGROUP_LIMIT_MAX; | |
4134 | ||
4135 | LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b); | |
4136 | } | |
4137 | ||
4138 | if (read) | |
4139 | b->rbps = bytes; | |
4140 | else | |
4141 | b->wbps = bytes; | |
4142 | ||
4143 | return 0; | |
4144 | } | |
4145 | ||
4146 | int config_parse_job_mode_isolate( | |
4147 | const char *unit, | |
4148 | const char *filename, | |
4149 | unsigned line, | |
4150 | const char *section, | |
4151 | unsigned section_line, | |
4152 | const char *lvalue, | |
4153 | int ltype, | |
4154 | const char *rvalue, | |
4155 | void *data, | |
4156 | void *userdata) { | |
4157 | ||
4158 | JobMode *m = data; | |
4159 | int r; | |
4160 | ||
4161 | assert(filename); | |
4162 | assert(lvalue); | |
4163 | assert(rvalue); | |
4164 | ||
4165 | r = parse_boolean(rvalue); | |
4166 | if (r < 0) { | |
4167 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue); | |
4168 | return 0; | |
4169 | } | |
4170 | ||
4171 | log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue); | |
4172 | ||
4173 | *m = r ? JOB_ISOLATE : JOB_REPLACE; | |
4174 | return 0; | |
4175 | } | |
4176 | ||
4177 | int config_parse_exec_directories( | |
4178 | const char *unit, | |
4179 | const char *filename, | |
4180 | unsigned line, | |
4181 | const char *section, | |
4182 | unsigned section_line, | |
4183 | const char *lvalue, | |
4184 | int ltype, | |
4185 | const char *rvalue, | |
4186 | void *data, | |
4187 | void *userdata) { | |
4188 | ||
4189 | char***rt = data; | |
4190 | const Unit *u = userdata; | |
4191 | const char *p; | |
4192 | int r; | |
4193 | ||
4194 | assert(filename); | |
4195 | assert(lvalue); | |
4196 | assert(rvalue); | |
4197 | assert(data); | |
4198 | ||
4199 | if (isempty(rvalue)) { | |
4200 | /* Empty assignment resets the list */ | |
4201 | *rt = strv_free(*rt); | |
4202 | return 0; | |
4203 | } | |
4204 | ||
4205 | for (p = rvalue;;) { | |
4206 | _cleanup_free_ char *word = NULL, *k = NULL; | |
4207 | ||
4208 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
4209 | if (r == -ENOMEM) | |
4210 | return log_oom(); | |
4211 | if (r < 0) { | |
4212 | log_syntax(unit, LOG_WARNING, filename, line, r, | |
4213 | "Invalid syntax, ignoring: %s", rvalue); | |
4214 | return 0; | |
4215 | } | |
4216 | if (r == 0) | |
4217 | return 0; | |
4218 | ||
4219 | r = unit_full_printf(u, word, &k); | |
4220 | if (r < 0) { | |
4221 | log_syntax(unit, LOG_ERR, filename, line, r, | |
4222 | "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word); | |
4223 | continue; | |
4224 | } | |
4225 | ||
4226 | r = path_simplify_and_warn(k, PATH_CHECK_RELATIVE, unit, filename, line, lvalue); | |
4227 | if (r < 0) | |
4228 | continue; | |
4229 | ||
4230 | if (path_startswith(k, "private")) { | |
4231 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
4232 | "%s= path can't be 'private', ignoring assignment: %s", lvalue, word); | |
4233 | continue; | |
4234 | } | |
4235 | ||
4236 | r = strv_push(rt, k); | |
4237 | if (r < 0) | |
4238 | return log_oom(); | |
4239 | k = NULL; | |
4240 | } | |
4241 | } | |
4242 | ||
4243 | int config_parse_set_status( | |
4244 | const char *unit, | |
4245 | const char *filename, | |
4246 | unsigned line, | |
4247 | const char *section, | |
4248 | unsigned section_line, | |
4249 | const char *lvalue, | |
4250 | int ltype, | |
4251 | const char *rvalue, | |
4252 | void *data, | |
4253 | void *userdata) { | |
4254 | ||
4255 | size_t l; | |
4256 | const char *word, *state; | |
4257 | int r; | |
4258 | ExitStatusSet *status_set = data; | |
4259 | ||
4260 | assert(filename); | |
4261 | assert(lvalue); | |
4262 | assert(rvalue); | |
4263 | assert(data); | |
4264 | ||
4265 | /* Empty assignment resets the list */ | |
4266 | if (isempty(rvalue)) { | |
4267 | exit_status_set_free(status_set); | |
4268 | return 0; | |
4269 | } | |
4270 | ||
4271 | FOREACH_WORD(word, l, rvalue, state) { | |
4272 | _cleanup_free_ char *temp; | |
4273 | Bitmap *bitmap; | |
4274 | ||
4275 | temp = strndup(word, l); | |
4276 | if (!temp) | |
4277 | return log_oom(); | |
4278 | ||
4279 | /* We need to call exit_status_from_string() first, because we want | |
4280 | * to parse numbers as exit statuses, not signals. */ | |
4281 | ||
4282 | r = exit_status_from_string(temp); | |
4283 | if (r >= 0) { | |
4284 | assert(r >= 0 && r < 256); | |
4285 | bitmap = &status_set->status; | |
4286 | } else { | |
4287 | r = signal_from_string(temp); | |
4288 | ||
4289 | if (r <= 0) { | |
4290 | log_syntax(unit, LOG_ERR, filename, line, 0, | |
4291 | "Failed to parse value, ignoring: %s", word); | |
4292 | continue; | |
4293 | } | |
4294 | bitmap = &status_set->signal; | |
4295 | } | |
4296 | ||
4297 | r = bitmap_set(bitmap, r); | |
4298 | if (r < 0) | |
4299 | return log_error_errno(r, "Failed to set signal or status %s: %m", word); | |
4300 | } | |
4301 | if (!isempty(state)) | |
4302 | log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring."); | |
4303 | ||
4304 | return 0; | |
4305 | } | |
4306 | ||
4307 | int config_parse_namespace_path_strv( | |
4308 | const char *unit, | |
4309 | const char *filename, | |
4310 | unsigned line, | |
4311 | const char *section, | |
4312 | unsigned section_line, | |
4313 | const char *lvalue, | |
4314 | int ltype, | |
4315 | const char *rvalue, | |
4316 | void *data, | |
4317 | void *userdata) { | |
4318 | ||
4319 | const Unit *u = userdata; | |
4320 | char*** sv = data; | |
4321 | const char *p = rvalue; | |
4322 | int r; | |
4323 | ||
4324 | assert(filename); | |
4325 | assert(lvalue); | |
4326 | assert(rvalue); | |
4327 | assert(data); | |
4328 | ||
4329 | if (isempty(rvalue)) { | |
4330 | /* Empty assignment resets the list */ | |
4331 | *sv = strv_free(*sv); | |
4332 | return 0; | |
4333 | } | |
4334 | ||
4335 | for (;;) { | |
4336 | _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL; | |
4337 | const char *w; | |
4338 | bool ignore_enoent = false, shall_prefix = false; | |
4339 | ||
4340 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
4341 | if (r == 0) | |
4342 | break; | |
4343 | if (r == -ENOMEM) | |
4344 | return log_oom(); | |
4345 | if (r < 0) { | |
4346 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); | |
4347 | return 0; | |
4348 | } | |
4349 | ||
4350 | w = word; | |
4351 | if (startswith(w, "-")) { | |
4352 | ignore_enoent = true; | |
4353 | w++; | |
4354 | } | |
4355 | if (startswith(w, "+")) { | |
4356 | shall_prefix = true; | |
4357 | w++; | |
4358 | } | |
4359 | ||
4360 | r = unit_full_printf(u, w, &resolved); | |
4361 | if (r < 0) { | |
4362 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w); | |
4363 | continue; | |
4364 | } | |
4365 | ||
4366 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4367 | if (r < 0) | |
4368 | continue; | |
4369 | ||
4370 | joined = strjoin(ignore_enoent ? "-" : "", | |
4371 | shall_prefix ? "+" : "", | |
4372 | resolved); | |
4373 | ||
4374 | r = strv_push(sv, joined); | |
4375 | if (r < 0) | |
4376 | return log_oom(); | |
4377 | ||
4378 | joined = NULL; | |
4379 | } | |
4380 | ||
4381 | return 0; | |
4382 | } | |
4383 | ||
4384 | int config_parse_temporary_filesystems( | |
4385 | const char *unit, | |
4386 | const char *filename, | |
4387 | unsigned line, | |
4388 | const char *section, | |
4389 | unsigned section_line, | |
4390 | const char *lvalue, | |
4391 | int ltype, | |
4392 | const char *rvalue, | |
4393 | void *data, | |
4394 | void *userdata) { | |
4395 | ||
4396 | const Unit *u = userdata; | |
4397 | ExecContext *c = data; | |
4398 | const char *p = rvalue; | |
4399 | int r; | |
4400 | ||
4401 | assert(filename); | |
4402 | assert(lvalue); | |
4403 | assert(rvalue); | |
4404 | assert(data); | |
4405 | ||
4406 | if (isempty(rvalue)) { | |
4407 | /* Empty assignment resets the list */ | |
4408 | temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems); | |
4409 | c->temporary_filesystems = NULL; | |
4410 | c->n_temporary_filesystems = 0; | |
4411 | return 0; | |
4412 | } | |
4413 | ||
4414 | for (;;) { | |
4415 | _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL; | |
4416 | const char *w; | |
4417 | ||
4418 | r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE); | |
4419 | if (r == 0) | |
4420 | return 0; | |
4421 | if (r == -ENOMEM) | |
4422 | return log_oom(); | |
4423 | if (r < 0) { | |
4424 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); | |
4425 | return 0; | |
4426 | } | |
4427 | ||
4428 | w = word; | |
4429 | r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS); | |
4430 | if (r == -ENOMEM) | |
4431 | return log_oom(); | |
4432 | if (r < 0) { | |
4433 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word); | |
4434 | continue; | |
4435 | } | |
4436 | if (r == 0) { | |
4437 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word); | |
4438 | continue; | |
4439 | } | |
4440 | ||
4441 | r = unit_full_printf(u, path, &resolved); | |
4442 | if (r < 0) { | |
4443 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path); | |
4444 | continue; | |
4445 | } | |
4446 | ||
4447 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4448 | if (r < 0) | |
4449 | continue; | |
4450 | ||
4451 | r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, resolved, w); | |
4452 | if (r < 0) | |
4453 | return log_oom(); | |
4454 | } | |
4455 | } | |
4456 | ||
4457 | int config_parse_bind_paths( | |
4458 | const char *unit, | |
4459 | const char *filename, | |
4460 | unsigned line, | |
4461 | const char *section, | |
4462 | unsigned section_line, | |
4463 | const char *lvalue, | |
4464 | int ltype, | |
4465 | const char *rvalue, | |
4466 | void *data, | |
4467 | void *userdata) { | |
4468 | ||
4469 | ExecContext *c = data; | |
4470 | const Unit *u = userdata; | |
4471 | const char *p; | |
4472 | int r; | |
4473 | ||
4474 | assert(filename); | |
4475 | assert(lvalue); | |
4476 | assert(rvalue); | |
4477 | assert(data); | |
4478 | ||
4479 | if (isempty(rvalue)) { | |
4480 | /* Empty assignment resets the list */ | |
4481 | bind_mount_free_many(c->bind_mounts, c->n_bind_mounts); | |
4482 | c->bind_mounts = NULL; | |
4483 | c->n_bind_mounts = 0; | |
4484 | return 0; | |
4485 | } | |
4486 | ||
4487 | p = rvalue; | |
4488 | for (;;) { | |
4489 | _cleanup_free_ char *source = NULL, *destination = NULL; | |
4490 | _cleanup_free_ char *sresolved = NULL, *dresolved = NULL; | |
4491 | char *s = NULL, *d = NULL; | |
4492 | bool rbind = true, ignore_enoent = false; | |
4493 | ||
4494 | r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS); | |
4495 | if (r == 0) | |
4496 | break; | |
4497 | if (r == -ENOMEM) | |
4498 | return log_oom(); | |
4499 | if (r < 0) { | |
4500 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue); | |
4501 | return 0; | |
4502 | } | |
4503 | ||
4504 | r = unit_full_printf(u, source, &sresolved); | |
4505 | if (r < 0) { | |
4506 | log_syntax(unit, LOG_ERR, filename, line, r, | |
4507 | "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source); | |
4508 | continue; | |
4509 | } | |
4510 | ||
4511 | s = sresolved; | |
4512 | if (s[0] == '-') { | |
4513 | ignore_enoent = true; | |
4514 | s++; | |
4515 | } | |
4516 | ||
4517 | r = path_simplify_and_warn(s, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4518 | if (r < 0) | |
4519 | continue; | |
4520 | ||
4521 | /* Optionally, the destination is specified. */ | |
4522 | if (p && p[-1] == ':') { | |
4523 | r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS); | |
4524 | if (r == -ENOMEM) | |
4525 | return log_oom(); | |
4526 | if (r < 0) { | |
4527 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue); | |
4528 | return 0; | |
4529 | } | |
4530 | if (r == 0) { | |
4531 | log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':', ignoring: %s", s); | |
4532 | continue; | |
4533 | } | |
4534 | ||
4535 | r = unit_full_printf(u, destination, &dresolved); | |
4536 | if (r < 0) { | |
4537 | log_syntax(unit, LOG_ERR, filename, line, r, | |
4538 | "Failed to resolved specifiers in \"%s\", ignoring: %m", destination); | |
4539 | continue; | |
4540 | } | |
4541 | ||
4542 | r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4543 | if (r < 0) | |
4544 | continue; | |
4545 | ||
4546 | d = dresolved; | |
4547 | ||
4548 | /* Optionally, there's also a short option string specified */ | |
4549 | if (p && p[-1] == ':') { | |
4550 | _cleanup_free_ char *options = NULL; | |
4551 | ||
4552 | r = extract_first_word(&p, &options, NULL, EXTRACT_UNQUOTE); | |
4553 | if (r == -ENOMEM) | |
4554 | return log_oom(); | |
4555 | if (r < 0) { | |
4556 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue); | |
4557 | return 0; | |
4558 | } | |
4559 | ||
4560 | if (isempty(options) || streq(options, "rbind")) | |
4561 | rbind = true; | |
4562 | else if (streq(options, "norbind")) | |
4563 | rbind = false; | |
4564 | else { | |
4565 | log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options); | |
4566 | continue; | |
4567 | } | |
4568 | } | |
4569 | } else | |
4570 | d = s; | |
4571 | ||
4572 | r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts, | |
4573 | &(BindMount) { | |
4574 | .source = s, | |
4575 | .destination = d, | |
4576 | .read_only = !!strstr(lvalue, "ReadOnly"), | |
4577 | .recursive = rbind, | |
4578 | .ignore_enoent = ignore_enoent, | |
4579 | }); | |
4580 | if (r < 0) | |
4581 | return log_oom(); | |
4582 | } | |
4583 | ||
4584 | return 0; | |
4585 | } | |
4586 | ||
4587 | int config_parse_job_timeout_sec( | |
4588 | const char* unit, | |
4589 | const char *filename, | |
4590 | unsigned line, | |
4591 | const char *section, | |
4592 | unsigned section_line, | |
4593 | const char *lvalue, | |
4594 | int ltype, | |
4595 | const char *rvalue, | |
4596 | void *data, | |
4597 | void *userdata) { | |
4598 | ||
4599 | Unit *u = data; | |
4600 | usec_t usec; | |
4601 | int r; | |
4602 | ||
4603 | assert(filename); | |
4604 | assert(lvalue); | |
4605 | assert(rvalue); | |
4606 | assert(u); | |
4607 | ||
4608 | r = parse_sec_fix_0(rvalue, &usec); | |
4609 | if (r < 0) { | |
4610 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue); | |
4611 | return 0; | |
4612 | } | |
4613 | ||
4614 | /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old | |
4615 | * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should | |
4616 | * count. */ | |
4617 | ||
4618 | if (!u->job_running_timeout_set) | |
4619 | u->job_running_timeout = usec; | |
4620 | ||
4621 | u->job_timeout = usec; | |
4622 | ||
4623 | return 0; | |
4624 | } | |
4625 | ||
4626 | int config_parse_job_running_timeout_sec( | |
4627 | const char* unit, | |
4628 | const char *filename, | |
4629 | unsigned line, | |
4630 | const char *section, | |
4631 | unsigned section_line, | |
4632 | const char *lvalue, | |
4633 | int ltype, | |
4634 | const char *rvalue, | |
4635 | void *data, | |
4636 | void *userdata) { | |
4637 | ||
4638 | Unit *u = data; | |
4639 | usec_t usec; | |
4640 | int r; | |
4641 | ||
4642 | assert(filename); | |
4643 | assert(lvalue); | |
4644 | assert(rvalue); | |
4645 | assert(u); | |
4646 | ||
4647 | r = parse_sec_fix_0(rvalue, &usec); | |
4648 | if (r < 0) { | |
4649 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue); | |
4650 | return 0; | |
4651 | } | |
4652 | ||
4653 | u->job_running_timeout = usec; | |
4654 | u->job_running_timeout_set = true; | |
4655 | ||
4656 | return 0; | |
4657 | } | |
4658 | ||
4659 | int config_parse_emergency_action( | |
4660 | const char* unit, | |
4661 | const char *filename, | |
4662 | unsigned line, | |
4663 | const char *section, | |
4664 | unsigned section_line, | |
4665 | const char *lvalue, | |
4666 | int ltype, | |
4667 | const char *rvalue, | |
4668 | void *data, | |
4669 | void *userdata) { | |
4670 | ||
4671 | Manager *m = NULL; | |
4672 | EmergencyAction *x = data; | |
4673 | int r; | |
4674 | ||
4675 | assert(filename); | |
4676 | assert(lvalue); | |
4677 | assert(rvalue); | |
4678 | assert(data); | |
4679 | ||
4680 | if (unit) | |
4681 | m = ((Unit*) userdata)->manager; | |
4682 | else | |
4683 | m = data; | |
4684 | ||
4685 | r = parse_emergency_action(rvalue, MANAGER_IS_SYSTEM(m), x); | |
4686 | if (r < 0) { | |
4687 | if (r == -EOPNOTSUPP && MANAGER_IS_USER(m)) { | |
4688 | /* Compat mode: remove for systemd 241. */ | |
4689 | ||
4690 | log_syntax(unit, LOG_INFO, filename, line, r, | |
4691 | "%s= in user mode specified as \"%s\", using \"exit-force\" instead.", | |
4692 | lvalue, rvalue); | |
4693 | *x = EMERGENCY_ACTION_EXIT_FORCE; | |
4694 | return 0; | |
4695 | } | |
4696 | ||
4697 | if (r == -EOPNOTSUPP) | |
4698 | log_syntax(unit, LOG_ERR, filename, line, r, | |
4699 | "%s= specified as %s mode action, ignoring: %s", | |
4700 | lvalue, MANAGER_IS_SYSTEM(m) ? "user" : "system", rvalue); | |
4701 | else | |
4702 | log_syntax(unit, LOG_ERR, filename, line, r, | |
4703 | "Failed to parse %s=, ignoring: %s", lvalue, rvalue); | |
4704 | return 0; | |
4705 | } | |
4706 | ||
4707 | return 0; | |
4708 | } | |
4709 | ||
4710 | int config_parse_pid_file( | |
4711 | const char *unit, | |
4712 | const char *filename, | |
4713 | unsigned line, | |
4714 | const char *section, | |
4715 | unsigned section_line, | |
4716 | const char *lvalue, | |
4717 | int ltype, | |
4718 | const char *rvalue, | |
4719 | void *data, | |
4720 | void *userdata) { | |
4721 | ||
4722 | _cleanup_free_ char *k = NULL, *n = NULL; | |
4723 | const Unit *u = userdata; | |
4724 | char **s = data; | |
4725 | int r; | |
4726 | ||
4727 | assert(filename); | |
4728 | assert(lvalue); | |
4729 | assert(rvalue); | |
4730 | assert(u); | |
4731 | ||
4732 | if (isempty(rvalue)) { | |
4733 | /* An empty assignment removes already set value. */ | |
4734 | *s = mfree(*s); | |
4735 | return 0; | |
4736 | } | |
4737 | ||
4738 | r = unit_full_printf(u, rvalue, &k); | |
4739 | if (r < 0) { | |
4740 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
4741 | return 0; | |
4742 | } | |
4743 | ||
4744 | /* If this is a relative path make it absolute by prefixing the /run */ | |
4745 | n = path_make_absolute(k, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]); | |
4746 | if (!n) | |
4747 | return log_oom(); | |
4748 | ||
4749 | /* Check that the result is a sensible path */ | |
4750 | r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4751 | if (r < 0) | |
4752 | return r; | |
4753 | ||
4754 | r = patch_var_run(unit, filename, line, lvalue, &n); | |
4755 | if (r < 0) | |
4756 | return r; | |
4757 | ||
4758 | free_and_replace(*s, n); | |
4759 | return 0; | |
4760 | } | |
4761 | ||
4762 | int config_parse_exit_status( | |
4763 | const char *unit, | |
4764 | const char *filename, | |
4765 | unsigned line, | |
4766 | const char *section, | |
4767 | unsigned section_line, | |
4768 | const char *lvalue, | |
4769 | int ltype, | |
4770 | const char *rvalue, | |
4771 | void *data, | |
4772 | void *userdata) { | |
4773 | ||
4774 | int *exit_status = data, r; | |
4775 | uint8_t u; | |
4776 | ||
4777 | assert(filename); | |
4778 | assert(lvalue); | |
4779 | assert(rvalue); | |
4780 | assert(exit_status); | |
4781 | ||
4782 | if (isempty(rvalue)) { | |
4783 | *exit_status = -1; | |
4784 | return 0; | |
4785 | } | |
4786 | ||
4787 | r = safe_atou8(rvalue, &u); | |
4788 | if (r < 0) { | |
4789 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse exit status '%s', ignoring: %m", rvalue); | |
4790 | return 0; | |
4791 | } | |
4792 | ||
4793 | *exit_status = u; | |
4794 | return 0; | |
4795 | } | |
4796 | ||
4797 | int config_parse_disable_controllers( | |
4798 | const char *unit, | |
4799 | const char *filename, | |
4800 | unsigned line, | |
4801 | const char *section, | |
4802 | unsigned section_line, | |
4803 | const char *lvalue, | |
4804 | int ltype, | |
4805 | const char *rvalue, | |
4806 | void *data, | |
4807 | void *userdata) { | |
4808 | ||
4809 | int r; | |
4810 | CGroupContext *c = data; | |
4811 | CGroupMask disabled_mask; | |
4812 | ||
4813 | /* 1. If empty, make all controllers eligible for use again. | |
4814 | * 2. If non-empty, merge all listed controllers, space separated. */ | |
4815 | ||
4816 | if (isempty(rvalue)) { | |
4817 | c->disable_controllers = 0; | |
4818 | return 0; | |
4819 | } | |
4820 | ||
4821 | r = cg_mask_from_string(rvalue, &disabled_mask); | |
4822 | if (r < 0 || disabled_mask <= 0) { | |
4823 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid cgroup string: %s, ignoring", rvalue); | |
4824 | return 0; | |
4825 | } | |
4826 | ||
4827 | c->disable_controllers |= disabled_mask; | |
4828 | ||
4829 | return 0; | |
4830 | } | |
4831 | ||
4832 | int config_parse_ip_filter_bpf_progs( | |
4833 | const char *unit, | |
4834 | const char *filename, | |
4835 | unsigned line, | |
4836 | const char *section, | |
4837 | unsigned section_line, | |
4838 | const char *lvalue, | |
4839 | int ltype, | |
4840 | const char *rvalue, | |
4841 | void *data, | |
4842 | void *userdata) { | |
4843 | ||
4844 | _cleanup_free_ char *resolved = NULL; | |
4845 | const Unit *u = userdata; | |
4846 | char ***paths = data; | |
4847 | int r; | |
4848 | ||
4849 | assert(filename); | |
4850 | assert(lvalue); | |
4851 | assert(rvalue); | |
4852 | assert(paths); | |
4853 | ||
4854 | if (isempty(rvalue)) { | |
4855 | *paths = strv_free(*paths); | |
4856 | return 0; | |
4857 | } | |
4858 | ||
4859 | r = unit_full_printf(u, rvalue, &resolved); | |
4860 | if (r < 0) { | |
4861 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue); | |
4862 | return 0; | |
4863 | } | |
4864 | ||
4865 | r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue); | |
4866 | if (r < 0) | |
4867 | return 0; | |
4868 | ||
4869 | if (strv_contains(*paths, resolved)) | |
4870 | return 0; | |
4871 | ||
4872 | r = strv_extend(paths, resolved); | |
4873 | if (r < 0) | |
4874 | return log_oom(); | |
4875 | ||
4876 | r = bpf_firewall_supported(); | |
4877 | if (r < 0) | |
4878 | return r; | |
4879 | if (r != BPF_FIREWALL_SUPPORTED_WITH_MULTI) { | |
4880 | static bool warned = false; | |
4881 | ||
4882 | log_full(warned ? LOG_DEBUG : LOG_WARNING, | |
4883 | "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n" | |
4884 | "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename, line, lvalue, rvalue); | |
4885 | ||
4886 | warned = true; | |
4887 | } | |
4888 | ||
4889 | return 0; | |
4890 | } | |
4891 | ||
4892 | static int merge_by_names(Unit **u, Set *names, const char *id) { | |
4893 | char *k; | |
4894 | int r; | |
4895 | ||
4896 | assert(u); | |
4897 | assert(*u); | |
4898 | ||
4899 | /* Let's try to add in all names that are aliases of this unit */ | |
4900 | while ((k = set_steal_first(names))) { | |
4901 | _cleanup_free_ _unused_ char *free_k = k; | |
4902 | ||
4903 | /* First try to merge in the other name into our unit */ | |
4904 | r = unit_merge_by_name(*u, k); | |
4905 | if (r < 0) { | |
4906 | Unit *other; | |
4907 | ||
4908 | /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way | |
4909 | * round. */ | |
4910 | ||
4911 | other = manager_get_unit((*u)->manager, k); | |
4912 | if (!other) | |
4913 | return r; /* return previous failure */ | |
4914 | ||
4915 | r = unit_merge(other, *u); | |
4916 | if (r < 0) | |
4917 | return r; | |
4918 | ||
4919 | *u = other; | |
4920 | return merge_by_names(u, names, NULL); | |
4921 | } | |
4922 | ||
4923 | if (streq_ptr(id, k)) | |
4924 | unit_choose_id(*u, id); | |
4925 | } | |
4926 | ||
4927 | return 0; | |
4928 | } | |
4929 | ||
4930 | int unit_load_fragment(Unit *u) { | |
4931 | const char *fragment; | |
4932 | _cleanup_set_free_free_ Set *names = NULL; | |
4933 | int r; | |
4934 | ||
4935 | assert(u); | |
4936 | assert(u->load_state == UNIT_STUB); | |
4937 | assert(u->id); | |
4938 | ||
4939 | if (u->transient) { | |
4940 | u->load_state = UNIT_LOADED; | |
4941 | return 0; | |
4942 | } | |
4943 | ||
4944 | /* Possibly rebuild the fragment map to catch new units */ | |
4945 | r = unit_file_build_name_map(&u->manager->lookup_paths, | |
4946 | &u->manager->unit_cache_mtime, | |
4947 | &u->manager->unit_id_map, | |
4948 | &u->manager->unit_name_map, | |
4949 | &u->manager->unit_path_cache); | |
4950 | if (r < 0) | |
4951 | return log_error_errno(r, "Failed to rebuild name map: %m"); | |
4952 | ||
4953 | r = unit_file_find_fragment(u->manager->unit_id_map, | |
4954 | u->manager->unit_name_map, | |
4955 | u->id, | |
4956 | &fragment, | |
4957 | &names); | |
4958 | if (r < 0 && r != -ENOENT) | |
4959 | return r; | |
4960 | ||
4961 | if (fragment) { | |
4962 | /* Open the file, check if this is a mask, otherwise read. */ | |
4963 | _cleanup_fclose_ FILE *f = NULL; | |
4964 | struct stat st; | |
4965 | ||
4966 | /* Try to open the file name. A symlink is OK, for example for linked files or masks. We | |
4967 | * expect that all symlinks within the lookup paths have been already resolved, but we don't | |
4968 | * verify this here. */ | |
4969 | f = fopen(fragment, "re"); | |
4970 | if (!f) | |
4971 | return log_unit_notice_errno(u, errno, "Failed to open %s: %m", fragment); | |
4972 | ||
4973 | if (fstat(fileno(f), &st) < 0) | |
4974 | return -errno; | |
4975 | ||
4976 | r = free_and_strdup(&u->fragment_path, fragment); | |
4977 | if (r < 0) | |
4978 | return r; | |
4979 | ||
4980 | if (null_or_empty(&st)) { | |
4981 | /* Unit file is masked */ | |
4982 | ||
4983 | u->load_state = u->perpetual ? UNIT_LOADED : UNIT_MASKED; /* don't allow perpetual units to ever be masked */ | |
4984 | u->fragment_mtime = 0; | |
4985 | } else { | |
4986 | u->load_state = UNIT_LOADED; | |
4987 | u->fragment_mtime = timespec_load(&st.st_mtim); | |
4988 | ||
4989 | /* Now, parse the file contents */ | |
4990 | r = config_parse(u->id, fragment, f, | |
4991 | UNIT_VTABLE(u)->sections, | |
4992 | config_item_perf_lookup, load_fragment_gperf_lookup, | |
4993 | 0, | |
4994 | u, | |
4995 | NULL); | |
4996 | if (r == -ENOEXEC) | |
4997 | log_unit_notice_errno(u, r, "Unit configuration has fatal error, unit will not be started."); | |
4998 | if (r < 0) | |
4999 | return r; | |
5000 | } | |
5001 | } | |
5002 | ||
5003 | /* We do the merge dance here because for some unit types, the unit might have aliases which are not | |
5004 | * declared in the file system. In particular, this is true (and frequent) for device and swap units. | |
5005 | */ | |
5006 | Unit *merged; | |
5007 | const char *id = u->id; | |
5008 | _cleanup_free_ char *free_id = NULL; | |
5009 | ||
5010 | if (fragment) { | |
5011 | id = basename(fragment); | |
5012 | if (unit_name_is_valid(id, UNIT_NAME_TEMPLATE)) { | |
5013 | assert(u->instance); /* If we're not trying to use a template for non-instanced unit, | |
5014 | * this must be set. */ | |
5015 | ||
5016 | r = unit_name_replace_instance(id, u->instance, &free_id); | |
5017 | if (r < 0) | |
5018 | return log_debug_errno(r, "Failed to build id (%s + %s): %m", id, u->instance); | |
5019 | id = free_id; | |
5020 | } | |
5021 | } | |
5022 | ||
5023 | merged = u; | |
5024 | r = merge_by_names(&merged, names, id); | |
5025 | if (r < 0) | |
5026 | return r; | |
5027 | ||
5028 | if (merged != u) | |
5029 | u->load_state = UNIT_MERGED; | |
5030 | ||
5031 | return 0; | |
5032 | } | |
5033 | ||
5034 | void unit_dump_config_items(FILE *f) { | |
5035 | static const struct { | |
5036 | const ConfigParserCallback callback; | |
5037 | const char *rvalue; | |
5038 | } table[] = { | |
5039 | { config_parse_warn_compat, "NOTSUPPORTED" }, | |
5040 | { config_parse_int, "INTEGER" }, | |
5041 | { config_parse_unsigned, "UNSIGNED" }, | |
5042 | { config_parse_iec_size, "SIZE" }, | |
5043 | { config_parse_iec_uint64, "SIZE" }, | |
5044 | { config_parse_si_uint64, "SIZE" }, | |
5045 | { config_parse_bool, "BOOLEAN" }, | |
5046 | { config_parse_string, "STRING" }, | |
5047 | { config_parse_path, "PATH" }, | |
5048 | { config_parse_unit_path_printf, "PATH" }, | |
5049 | { config_parse_strv, "STRING [...]" }, | |
5050 | { config_parse_exec_nice, "NICE" }, | |
5051 | { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" }, | |
5052 | { config_parse_exec_io_class, "IOCLASS" }, | |
5053 | { config_parse_exec_io_priority, "IOPRIORITY" }, | |
5054 | { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" }, | |
5055 | { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" }, | |
5056 | { config_parse_exec_cpu_affinity, "CPUAFFINITY" }, | |
5057 | { config_parse_mode, "MODE" }, | |
5058 | { config_parse_unit_env_file, "FILE" }, | |
5059 | { config_parse_exec_output, "OUTPUT" }, | |
5060 | { config_parse_exec_input, "INPUT" }, | |
5061 | { config_parse_log_facility, "FACILITY" }, | |
5062 | { config_parse_log_level, "LEVEL" }, | |
5063 | { config_parse_exec_secure_bits, "SECUREBITS" }, | |
5064 | { config_parse_capability_set, "BOUNDINGSET" }, | |
5065 | { config_parse_rlimit, "LIMIT" }, | |
5066 | { config_parse_unit_deps, "UNIT [...]" }, | |
5067 | { config_parse_exec, "PATH [ARGUMENT [...]]" }, | |
5068 | { config_parse_service_type, "SERVICETYPE" }, | |
5069 | { config_parse_service_restart, "SERVICERESTART" }, | |
5070 | { config_parse_service_timeout_failure_mode, "TIMEOUTMODE" }, | |
5071 | { config_parse_kill_mode, "KILLMODE" }, | |
5072 | { config_parse_signal, "SIGNAL" }, | |
5073 | { config_parse_socket_listen, "SOCKET [...]" }, | |
5074 | { config_parse_socket_bind, "SOCKETBIND" }, | |
5075 | { config_parse_socket_bindtodevice, "NETWORKINTERFACE" }, | |
5076 | { config_parse_sec, "SECONDS" }, | |
5077 | { config_parse_nsec, "NANOSECONDS" }, | |
5078 | { config_parse_namespace_path_strv, "PATH [...]" }, | |
5079 | { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" }, | |
5080 | { config_parse_unit_requires_mounts_for, "PATH [...]" }, | |
5081 | { config_parse_exec_mount_flags, "MOUNTFLAG [...]" }, | |
5082 | { config_parse_unit_string_printf, "STRING" }, | |
5083 | { config_parse_trigger_unit, "UNIT" }, | |
5084 | { config_parse_timer, "TIMER" }, | |
5085 | { config_parse_path_spec, "PATH" }, | |
5086 | { config_parse_notify_access, "ACCESS" }, | |
5087 | { config_parse_ip_tos, "TOS" }, | |
5088 | { config_parse_unit_condition_path, "CONDITION" }, | |
5089 | { config_parse_unit_condition_string, "CONDITION" }, | |
5090 | { config_parse_unit_condition_null, "CONDITION" }, | |
5091 | { config_parse_unit_slice, "SLICE" }, | |
5092 | { config_parse_documentation, "URL" }, | |
5093 | { config_parse_service_timeout, "SECONDS" }, | |
5094 | { config_parse_emergency_action, "ACTION" }, | |
5095 | { config_parse_set_status, "STATUS" }, | |
5096 | { config_parse_service_sockets, "SOCKETS" }, | |
5097 | { config_parse_environ, "ENVIRON" }, | |
5098 | #if HAVE_SECCOMP | |
5099 | { config_parse_syscall_filter, "SYSCALLS" }, | |
5100 | { config_parse_syscall_archs, "ARCHS" }, | |
5101 | { config_parse_syscall_errno, "ERRNO" }, | |
5102 | { config_parse_address_families, "FAMILIES" }, | |
5103 | { config_parse_restrict_namespaces, "NAMESPACES" }, | |
5104 | #endif | |
5105 | { config_parse_cpu_shares, "SHARES" }, | |
5106 | { config_parse_cg_weight, "WEIGHT" }, | |
5107 | { config_parse_memory_limit, "LIMIT" }, | |
5108 | { config_parse_device_allow, "DEVICE" }, | |
5109 | { config_parse_device_policy, "POLICY" }, | |
5110 | { config_parse_io_limit, "LIMIT" }, | |
5111 | { config_parse_io_device_weight, "DEVICEWEIGHT" }, | |
5112 | { config_parse_io_device_latency, "DEVICELATENCY" }, | |
5113 | { config_parse_blockio_bandwidth, "BANDWIDTH" }, | |
5114 | { config_parse_blockio_weight, "WEIGHT" }, | |
5115 | { config_parse_blockio_device_weight, "DEVICEWEIGHT" }, | |
5116 | { config_parse_long, "LONG" }, | |
5117 | { config_parse_socket_service, "SERVICE" }, | |
5118 | #if HAVE_SELINUX | |
5119 | { config_parse_exec_selinux_context, "LABEL" }, | |
5120 | #endif | |
5121 | { config_parse_job_mode, "MODE" }, | |
5122 | { config_parse_job_mode_isolate, "BOOLEAN" }, | |
5123 | { config_parse_personality, "PERSONALITY" }, | |
5124 | }; | |
5125 | ||
5126 | const char *prev = NULL; | |
5127 | const char *i; | |
5128 | ||
5129 | assert(f); | |
5130 | ||
5131 | NULSTR_FOREACH(i, load_fragment_gperf_nulstr) { | |
5132 | const char *rvalue = "OTHER", *lvalue; | |
5133 | const ConfigPerfItem *p; | |
5134 | size_t prefix_len; | |
5135 | const char *dot; | |
5136 | unsigned j; | |
5137 | ||
5138 | assert_se(p = load_fragment_gperf_lookup(i, strlen(i))); | |
5139 | ||
5140 | /* Hide legacy settings */ | |
5141 | if (p->parse == config_parse_warn_compat && | |
5142 | p->ltype == DISABLED_LEGACY) | |
5143 | continue; | |
5144 | ||
5145 | for (j = 0; j < ELEMENTSOF(table); j++) | |
5146 | if (p->parse == table[j].callback) { | |
5147 | rvalue = table[j].rvalue; | |
5148 | break; | |
5149 | } | |
5150 | ||
5151 | dot = strchr(i, '.'); | |
5152 | lvalue = dot ? dot + 1 : i; | |
5153 | prefix_len = dot-i; | |
5154 | ||
5155 | if (dot) | |
5156 | if (!prev || !strneq(prev, i, prefix_len+1)) { | |
5157 | if (prev) | |
5158 | fputc('\n', f); | |
5159 | ||
5160 | fprintf(f, "[%.*s]\n", (int) prefix_len, i); | |
5161 | } | |
5162 | ||
5163 | fprintf(f, "%s=%s\n", lvalue, rvalue); | |
5164 | prev = i; | |
5165 | } | |
5166 | } | |
5167 | ||
5168 | int config_parse_cpu_affinity2( | |
5169 | const char *unit, | |
5170 | const char *filename, | |
5171 | unsigned line, | |
5172 | const char *section, | |
5173 | unsigned section_line, | |
5174 | const char *lvalue, | |
5175 | int ltype, | |
5176 | const char *rvalue, | |
5177 | void *data, | |
5178 | void *userdata) { | |
5179 | ||
5180 | CPUSet *affinity = data; | |
5181 | ||
5182 | assert(affinity); | |
5183 | ||
5184 | (void) parse_cpu_set_extend(rvalue, affinity, true, unit, filename, line, lvalue); | |
5185 | ||
5186 | return 0; | |
5187 | } | |
5188 | ||
5189 | int config_parse_show_status( | |
5190 | const char* unit, | |
5191 | const char *filename, | |
5192 | unsigned line, | |
5193 | const char *section, | |
5194 | unsigned section_line, | |
5195 | const char *lvalue, | |
5196 | int ltype, | |
5197 | const char *rvalue, | |
5198 | void *data, | |
5199 | void *userdata) { | |
5200 | ||
5201 | int k; | |
5202 | ShowStatus *b = data; | |
5203 | ||
5204 | assert(filename); | |
5205 | assert(lvalue); | |
5206 | assert(rvalue); | |
5207 | assert(data); | |
5208 | ||
5209 | k = parse_show_status(rvalue, b); | |
5210 | if (k < 0) { | |
5211 | log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue); | |
5212 | return 0; | |
5213 | } | |
5214 | ||
5215 | return 0; | |
5216 | } | |
5217 | ||
5218 | int config_parse_output_restricted( | |
5219 | const char* unit, | |
5220 | const char *filename, | |
5221 | unsigned line, | |
5222 | const char *section, | |
5223 | unsigned section_line, | |
5224 | const char *lvalue, | |
5225 | int ltype, | |
5226 | const char *rvalue, | |
5227 | void *data, | |
5228 | void *userdata) { | |
5229 | ||
5230 | ExecOutput t, *eo = data; | |
5231 | bool obsolete = false; | |
5232 | ||
5233 | assert(filename); | |
5234 | assert(lvalue); | |
5235 | assert(rvalue); | |
5236 | assert(data); | |
5237 | ||
5238 | if (streq(rvalue, "syslog")) { | |
5239 | t = EXEC_OUTPUT_JOURNAL; | |
5240 | obsolete = true; | |
5241 | } else if (streq(rvalue, "syslog+console")) { | |
5242 | t = EXEC_OUTPUT_JOURNAL_AND_CONSOLE; | |
5243 | obsolete = true; | |
5244 | } else { | |
5245 | t = exec_output_from_string(rvalue); | |
5246 | if (t < 0) { | |
5247 | log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output type, ignoring: %s", rvalue); | |
5248 | return 0; | |
5249 | } | |
5250 | ||
5251 | if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE, EXEC_OUTPUT_FILE_APPEND)) { | |
5252 | log_syntax(unit, LOG_ERR, filename, line, 0, "Standard output types socket, fd:, file:, append: are not supported as defaults, ignoring: %s", rvalue); | |
5253 | return 0; | |
5254 | } | |
5255 | } | |
5256 | ||
5257 | if (obsolete) | |
5258 | log_syntax(unit, LOG_NOTICE, filename, line, 0, | |
5259 | "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.", | |
5260 | rvalue, exec_output_to_string(t)); | |
5261 | ||
5262 | *eo = t; | |
5263 | return 0; | |
5264 | } | |
5265 | ||
5266 | int config_parse_crash_chvt( | |
5267 | const char* unit, | |
5268 | const char *filename, | |
5269 | unsigned line, | |
5270 | const char *section, | |
5271 | unsigned section_line, | |
5272 | const char *lvalue, | |
5273 | int ltype, | |
5274 | const char *rvalue, | |
5275 | void *data, | |
5276 | void *userdata) { | |
5277 | ||
5278 | int r; | |
5279 | ||
5280 | assert(filename); | |
5281 | assert(lvalue); | |
5282 | assert(rvalue); | |
5283 | assert(data); | |
5284 | ||
5285 | r = parse_crash_chvt(rvalue, data); | |
5286 | if (r < 0) { | |
5287 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue); | |
5288 | return 0; | |
5289 | } | |
5290 | ||
5291 | return 0; | |
5292 | } | |
5293 | ||
5294 | int config_parse_swap_priority( | |
5295 | const char *unit, | |
5296 | const char *filename, | |
5297 | unsigned line, | |
5298 | const char *section, | |
5299 | unsigned section_line, | |
5300 | const char *lvalue, | |
5301 | int ltype, | |
5302 | const char *rvalue, | |
5303 | void *data, | |
5304 | void *userdata) { | |
5305 | ||
5306 | Swap *s = userdata; | |
5307 | int r, priority; | |
5308 | ||
5309 | assert(s); | |
5310 | assert(filename); | |
5311 | assert(lvalue); | |
5312 | assert(rvalue); | |
5313 | assert(data); | |
5314 | ||
5315 | if (isempty(rvalue)) { | |
5316 | s->parameters_fragment.priority = -1; | |
5317 | s->parameters_fragment.priority_set = false; | |
5318 | return 0; | |
5319 | } | |
5320 | ||
5321 | r = safe_atoi(rvalue, &priority); | |
5322 | if (r < 0) { | |
5323 | log_syntax(unit, LOG_ERR, filename, line, r, "Invalid swap priority '%s', ignoring.", rvalue); | |
5324 | return 0; | |
5325 | } | |
5326 | ||
5327 | if (priority < -1) { | |
5328 | log_syntax(unit, LOG_ERR, filename, line, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue); | |
5329 | return 0; | |
5330 | } | |
5331 | ||
5332 | if (priority > 32767) { | |
5333 | log_syntax(unit, LOG_ERR, filename, line, 0, "Swap priority out of range, ignoring: %s", rvalue); | |
5334 | return 0; | |
5335 | } | |
5336 | ||
5337 | s->parameters_fragment.priority = priority; | |
5338 | s->parameters_fragment.priority_set = true; | |
5339 | return 0; | |
5340 | } |