]> git.ipfire.org Git - thirdparty/systemd.git/blame_incremental - src/core/load-fragment.c
projects / thirdparty / systemd.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Merge pull request #16338 from keszybz/spelling2
[thirdparty/systemd.git] / src / core / load-fragment.c
... / ...
CommitLineData
1/* SPDX-License-Identifier: LGPL-2.1+ */
2/***
3 Copyright © 2012 Holger Hans Peter Freyther
4***/
5
6#include <errno.h>
7#include <fcntl.h>
8#include <linux/fs.h>
9#include <linux/oom.h>
10#if HAVE_SECCOMP
11#include <seccomp.h>
12#endif
13#include <sched.h>
14#include <sys/resource.h>
15
16#include "sd-messages.h"
17
18#include "af-list.h"
19#include "alloc-util.h"
20#include "all-units.h"
21#include "bpf-firewall.h"
22#include "bus-error.h"
23#include "bus-internal.h"
24#include "bus-util.h"
25#include "cap-list.h"
26#include "capability-util.h"
27#include "cgroup-setup.h"
28#include "conf-parser.h"
29#include "cpu-set-util.h"
30#include "env-util.h"
31#include "errno-list.h"
32#include "escape.h"
33#include "fd-util.h"
34#include "fileio.h"
35#include "fs-util.h"
36#include "hexdecoct.h"
37#include "io-util.h"
38#include "ioprio.h"
39#include "ip-protocol-list.h"
40#include "journal-util.h"
41#include "limits-util.h"
42#include "load-fragment.h"
43#include "log.h"
44#include "mountpoint-util.h"
45#include "nulstr-util.h"
46#include "parse-util.h"
47#include "path-util.h"
48#include "process-util.h"
49#if HAVE_SECCOMP
50#include "seccomp-util.h"
51#endif
52#include "securebits-util.h"
53#include "signal-util.h"
54#include "socket-netlink.h"
55#include "stat-util.h"
56#include "string-util.h"
57#include "strv.h"
58#include "syslog-util.h"
59#include "time-util.h"
60#include "unit-name.h"
61#include "unit-printf.h"
62#include "user-util.h"
63#include "web-util.h"
64
65static int parse_socket_protocol(const char *s) {
66 int r;
67
68 r = parse_ip_protocol(s);
69 if (r < 0)
70 return r;
71 if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP))
72 return -EPROTONOSUPPORT;
73
74 return r;
75}
76
77int parse_crash_chvt(const char *value, int *data) {
78 int b;
79
80 if (safe_atoi(value, data) >= 0)
81 return 0;
82
83 b = parse_boolean(value);
84 if (b < 0)
85 return b;
86
87 if (b > 0)
88 *data = 0; /* switch to where kmsg goes */
89 else
90 *data = -1; /* turn off switching */
91
92 return 0;
93}
94
95int parse_confirm_spawn(const char *value, char **console) {
96 char *s;
97 int r;
98
99 r = value ? parse_boolean(value) : 1;
100 if (r == 0) {
101 *console = NULL;
102 return 0;
103 } else if (r > 0) /* on with default tty */
104 s = strdup("/dev/console");
105 else if (is_path(value)) /* on with fully qualified path */
106 s = strdup(value);
107 else /* on with only a tty file name, not a fully qualified path */
108 s = path_join("/dev/", value);
109 if (!s)
110 return -ENOMEM;
111
112 *console = s;
113 return 0;
114}
115
116DEFINE_CONFIG_PARSE(config_parse_socket_protocol, parse_socket_protocol, "Failed to parse socket protocol");
117DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits");
118DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
119DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
120DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
121DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
122DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
123DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
124DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home, ProtectHome, "Failed to parse protect home value");
125DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system, ProtectSystem, "Failed to parse protect system value");
126DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
127DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
128DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
129DEFINE_CONFIG_PARSE_ENUM(config_parse_service_timeout_failure_mode, service_timeout_failure_mode, ServiceTimeoutFailureMode, "Failed to parse timeout failure mode");
130DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value");
131DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy, oom_policy, OOMPolicy, "Failed to parse OOM policy");
132DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value");
133DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight");
134DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight");
135DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
136DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
137DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy, mpol, int, -1, "Invalid NUMA policy type");
138DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format, status_unit_format, StatusUnitFormat, "Failed to parse status unit format");
139
140int config_parse_unit_deps(
141 const char *unit,
142 const char *filename,
143 unsigned line,
144 const char *section,
145 unsigned section_line,
146 const char *lvalue,
147 int ltype,
148 const char *rvalue,
149 void *data,
150 void *userdata) {
151
152 UnitDependency d = ltype;
153 Unit *u = userdata;
154 const char *p;
155
156 assert(filename);
157 assert(lvalue);
158 assert(rvalue);
159
160 p = rvalue;
161 for (;;) {
162 _cleanup_free_ char *word = NULL, *k = NULL;
163 int r;
164
165 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
166 if (r == 0)
167 break;
168 if (r == -ENOMEM)
169 return log_oom();
170 if (r < 0) {
171 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
172 break;
173 }
174
175 r = unit_name_printf(u, word, &k);
176 if (r < 0) {
177 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
178 continue;
179 }
180
181 r = unit_add_dependency_by_name(u, d, k, true, UNIT_DEPENDENCY_FILE);
182 if (r < 0)
183 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
184 }
185
186 return 0;
187}
188
189int config_parse_obsolete_unit_deps(
190 const char *unit,
191 const char *filename,
192 unsigned line,
193 const char *section,
194 unsigned section_line,
195 const char *lvalue,
196 int ltype,
197 const char *rvalue,
198 void *data,
199 void *userdata) {
200
201 log_syntax(unit, LOG_WARNING, filename, line, 0,
202 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
203
204 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
205}
206
207int config_parse_unit_string_printf(
208 const char *unit,
209 const char *filename,
210 unsigned line,
211 const char *section,
212 unsigned section_line,
213 const char *lvalue,
214 int ltype,
215 const char *rvalue,
216 void *data,
217 void *userdata) {
218
219 _cleanup_free_ char *k = NULL;
220 const Unit *u = userdata;
221 int r;
222
223 assert(filename);
224 assert(lvalue);
225 assert(rvalue);
226 assert(u);
227
228 r = unit_full_printf(u, rvalue, &k);
229 if (r < 0) {
230 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
231 return 0;
232 }
233
234 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
235}
236
237int config_parse_unit_strv_printf(
238 const char *unit,
239 const char *filename,
240 unsigned line,
241 const char *section,
242 unsigned section_line,
243 const char *lvalue,
244 int ltype,
245 const char *rvalue,
246 void *data,
247 void *userdata) {
248
249 const Unit *u = userdata;
250 _cleanup_free_ char *k = NULL;
251 int r;
252
253 assert(filename);
254 assert(lvalue);
255 assert(rvalue);
256 assert(u);
257
258 r = unit_full_printf(u, rvalue, &k);
259 if (r < 0) {
260 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
261 return 0;
262 }
263
264 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
265}
266
267int config_parse_unit_path_printf(
268 const char *unit,
269 const char *filename,
270 unsigned line,
271 const char *section,
272 unsigned section_line,
273 const char *lvalue,
274 int ltype,
275 const char *rvalue,
276 void *data,
277 void *userdata) {
278
279 _cleanup_free_ char *k = NULL;
280 const Unit *u = userdata;
281 int r;
282 bool fatal = ltype;
283
284 assert(filename);
285 assert(lvalue);
286 assert(rvalue);
287 assert(u);
288
289 /* Let's not bother with anything that is too long */
290 if (strlen(rvalue) >= PATH_MAX) {
291 log_syntax(unit, LOG_ERR, filename, line, 0,
292 "%s value too long%s.",
293 lvalue, fatal ? "" : ", ignoring");
294 return fatal ? -ENAMETOOLONG : 0;
295 }
296
297 r = unit_full_printf(u, rvalue, &k);
298 if (r < 0) {
299 log_syntax(unit, LOG_ERR, filename, line, r,
300 "Failed to resolve unit specifiers in '%s'%s: %m",
301 rvalue, fatal ? "" : ", ignoring");
302 return fatal ? -ENOEXEC : 0;
303 }
304
305 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
306}
307
308int config_parse_unit_path_strv_printf(
309 const char *unit,
310 const char *filename,
311 unsigned line,
312 const char *section,
313 unsigned section_line,
314 const char *lvalue,
315 int ltype,
316 const char *rvalue,
317 void *data,
318 void *userdata) {
319
320 char ***x = data;
321 const Unit *u = userdata;
322 int r;
323 const char *p;
324
325 assert(filename);
326 assert(lvalue);
327 assert(rvalue);
328 assert(u);
329
330 if (isempty(rvalue)) {
331 *x = strv_free(*x);
332 return 0;
333 }
334
335 for (p = rvalue;;) {
336 _cleanup_free_ char *word = NULL, *k = NULL;
337
338 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
339 if (r == 0)
340 return 0;
341 if (r == -ENOMEM)
342 return log_oom();
343 if (r < 0) {
344 log_syntax(unit, LOG_WARNING, filename, line, r,
345 "Invalid syntax, ignoring: %s", rvalue);
346 return 0;
347 }
348
349 r = unit_full_printf(u, word, &k);
350 if (r < 0) {
351 log_syntax(unit, LOG_ERR, filename, line, r,
352 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
353 return 0;
354 }
355
356 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
357 if (r < 0)
358 return 0;
359
360 r = strv_consume(x, TAKE_PTR(k));
361 if (r < 0)
362 return log_oom();
363 }
364}
365
366static int patch_var_run(
367 const char *unit,
368 const char *filename,
369 unsigned line,
370 const char *lvalue,
371 char **path) {
372
373 const char *e;
374 char *z;
375
376 e = path_startswith(*path, "/var/run/");
377 if (!e)
378 return 0;
379
380 z = path_join("/run/", e);
381 if (!z)
382 return log_oom();
383
384 log_syntax(unit, LOG_NOTICE, filename, line, 0,
385 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
386 "please update the unit file accordingly.", lvalue, *path, z);
387
388 free_and_replace(*path, z);
389
390 return 1;
391}
392
393int config_parse_socket_listen(
394 const char *unit,
395 const char *filename,
396 unsigned line,
397 const char *section,
398 unsigned section_line,
399 const char *lvalue,
400 int ltype,
401 const char *rvalue,
402 void *data,
403 void *userdata) {
404
405 _cleanup_free_ SocketPort *p = NULL;
406 SocketPort *tail;
407 Socket *s;
408 int r;
409
410 assert(filename);
411 assert(lvalue);
412 assert(rvalue);
413 assert(data);
414
415 s = SOCKET(data);
416
417 if (isempty(rvalue)) {
418 /* An empty assignment removes all ports */
419 socket_free_ports(s);
420 return 0;
421 }
422
423 p = new0(SocketPort, 1);
424 if (!p)
425 return log_oom();
426
427 if (ltype != SOCKET_SOCKET) {
428 _cleanup_free_ char *k = NULL;
429
430 r = unit_full_printf(UNIT(s), rvalue, &k);
431 if (r < 0) {
432 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
433 return 0;
434 }
435
436 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
437 if (r < 0)
438 return 0;
439
440 if (ltype == SOCKET_FIFO) {
441 r = patch_var_run(unit, filename, line, lvalue, &k);
442 if (r < 0)
443 return r;
444 }
445
446 free_and_replace(p->path, k);
447 p->type = ltype;
448
449 } else if (streq(lvalue, "ListenNetlink")) {
450 _cleanup_free_ char *k = NULL;
451
452 r = unit_full_printf(UNIT(s), rvalue, &k);
453 if (r < 0) {
454 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
455 return 0;
456 }
457
458 r = socket_address_parse_netlink(&p->address, k);
459 if (r < 0) {
460 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
461 return 0;
462 }
463
464 p->type = SOCKET_SOCKET;
465
466 } else {
467 _cleanup_free_ char *k = NULL;
468
469 r = unit_full_printf(UNIT(s), rvalue, &k);
470 if (r < 0) {
471 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
472 return 0;
473 }
474
475 if (k[0] == '/') { /* Only for AF_UNIX file system sockets… */
476 r = patch_var_run(unit, filename, line, lvalue, &k);
477 if (r < 0)
478 return r;
479 }
480
481 r = socket_address_parse_and_warn(&p->address, k);
482 if (r < 0) {
483 if (r != -EAFNOSUPPORT)
484 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
485 return 0;
486 }
487
488 if (streq(lvalue, "ListenStream"))
489 p->address.type = SOCK_STREAM;
490 else if (streq(lvalue, "ListenDatagram"))
491 p->address.type = SOCK_DGRAM;
492 else {
493 assert(streq(lvalue, "ListenSequentialPacket"));
494 p->address.type = SOCK_SEQPACKET;
495 }
496
497 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
498 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
499 return 0;
500 }
501
502 p->type = SOCKET_SOCKET;
503 }
504
505 p->fd = -1;
506 p->auxiliary_fds = NULL;
507 p->n_auxiliary_fds = 0;
508 p->socket = s;
509
510 LIST_FIND_TAIL(port, s->ports, tail);
511 LIST_INSERT_AFTER(port, s->ports, tail, p);
512
513 p = NULL;
514
515 return 0;
516}
517
518int config_parse_exec_nice(
519 const char *unit,
520 const char *filename,
521 unsigned line,
522 const char *section,
523 unsigned section_line,
524 const char *lvalue,
525 int ltype,
526 const char *rvalue,
527 void *data,
528 void *userdata) {
529
530 ExecContext *c = data;
531 int priority, r;
532
533 assert(filename);
534 assert(lvalue);
535 assert(rvalue);
536 assert(data);
537
538 if (isempty(rvalue)) {
539 c->nice_set = false;
540 return 0;
541 }
542
543 r = parse_nice(rvalue, &priority);
544 if (r < 0) {
545 if (r == -ERANGE)
546 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
547 else
548 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
549 return 0;
550 }
551
552 c->nice = priority;
553 c->nice_set = true;
554
555 return 0;
556}
557
558int config_parse_exec_oom_score_adjust(
559 const char* unit,
560 const char *filename,
561 unsigned line,
562 const char *section,
563 unsigned section_line,
564 const char *lvalue,
565 int ltype,
566 const char *rvalue,
567 void *data,
568 void *userdata) {
569
570 ExecContext *c = data;
571 int oa, r;
572
573 assert(filename);
574 assert(lvalue);
575 assert(rvalue);
576 assert(data);
577
578 if (isempty(rvalue)) {
579 c->oom_score_adjust_set = false;
580 return 0;
581 }
582
583 r = parse_oom_score_adjust(rvalue, &oa);
584 if (r < 0) {
585 if (r == -ERANGE)
586 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
587 else
588 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
589 return 0;
590 }
591
592 c->oom_score_adjust = oa;
593 c->oom_score_adjust_set = true;
594
595 return 0;
596}
597
598int config_parse_exec_coredump_filter(
599 const char* unit,
600 const char *filename,
601 unsigned line,
602 const char *section,
603 unsigned section_line,
604 const char *lvalue,
605 int ltype,
606 const char *rvalue,
607 void *data,
608 void *userdata) {
609
610 ExecContext *c = data;
611 int r;
612
613 assert(filename);
614 assert(lvalue);
615 assert(rvalue);
616 assert(data);
617
618 if (isempty(rvalue)) {
619 c->coredump_filter = 0;
620 c->coredump_filter_set = false;
621 return 0;
622 }
623
624 uint64_t f;
625 r = coredump_filter_mask_from_string(rvalue, &f);
626 if (r < 0) {
627 log_syntax(unit, LOG_WARNING, filename, line, r,
628 "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue);
629 return 0;
630 }
631
632 c->coredump_filter |= f;
633 c->oom_score_adjust_set = true;
634 return 0;
635}
636
637int config_parse_kill_mode(
638 const char* unit,
639 const char *filename,
640 unsigned line,
641 const char *section,
642 unsigned section_line,
643 const char *lvalue,
644 int ltype,
645 const char *rvalue,
646 void *data,
647 void *userdata) {
648
649 KillMode *k = data, m;
650
651 assert(filename);
652 assert(lvalue);
653 assert(rvalue);
654 assert(data);
655
656 if (isempty(rvalue)) {
657 *k = KILL_CONTROL_GROUP;
658 return 0;
659 }
660
661 m = kill_mode_from_string(rvalue);
662 if (m < 0) {
663 log_syntax(unit, LOG_WARNING, filename, line, 0,
664 "Failed to parse kill mode specification, ignoring: %s", rvalue);
665 return 0;
666 }
667
668 if (m == KILL_NONE)
669 log_syntax(unit, LOG_WARNING, filename, line, 0,
670 "Unit configured to use KillMode=none. "
671 "This is unsafe, as it disables systemd's process lifecycle management for the service. "
672 "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. "
673 "Support for KillMode=none is deprecated and will eventually be removed.");
674
675 *k = m;
676 return 0;
677}
678
679int config_parse_exec(
680 const char *unit,
681 const char *filename,
682 unsigned line,
683 const char *section,
684 unsigned section_line,
685 const char *lvalue,
686 int ltype,
687 const char *rvalue,
688 void *data,
689 void *userdata) {
690
691 ExecCommand **e = data;
692 const Unit *u = userdata;
693 const char *p;
694 bool semicolon;
695 int r;
696
697 assert(filename);
698 assert(lvalue);
699 assert(rvalue);
700 assert(e);
701
702 e += ltype;
703
704 if (isempty(rvalue)) {
705 /* An empty assignment resets the list */
706 *e = exec_command_free_list(*e);
707 return 0;
708 }
709
710 p = rvalue;
711 do {
712 _cleanup_free_ char *path = NULL, *firstword = NULL;
713 ExecCommandFlags flags = 0;
714 bool ignore = false, separate_argv0 = false;
715 _cleanup_free_ ExecCommand *nce = NULL;
716 _cleanup_strv_free_ char **n = NULL;
717 size_t nlen = 0, nbufsize = 0;
718 const char *f;
719
720 semicolon = false;
721
722 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
723 if (r <= 0)
724 return 0;
725
726 f = firstword;
727 for (;;) {
728 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
729 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
730 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
731 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
732 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
733 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
734 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
735 * other sandboxing, with some special exceptions for changing UID.
736 *
737 * The idea is that '!!' may be used to write services that can take benefit of systemd's
738 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
739 * privilege dropping within the daemon if the kernel does not offer that. */
740
741 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
742 flags |= EXEC_COMMAND_IGNORE_FAILURE;
743 ignore = true;
744 } else if (*f == '@' && !separate_argv0)
745 separate_argv0 = true;
746 else if (*f == ':' && !(flags & EXEC_COMMAND_NO_ENV_EXPAND))
747 flags |= EXEC_COMMAND_NO_ENV_EXPAND;
748 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
749 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
750 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
751 flags |= EXEC_COMMAND_NO_SETUID;
752 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
753 flags &= ~EXEC_COMMAND_NO_SETUID;
754 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
755 } else
756 break;
757 f++;
758 }
759
760 r = unit_full_printf(u, f, &path);
761 if (r < 0) {
762 log_syntax(unit, LOG_ERR, filename, line, r,
763 "Failed to resolve unit specifiers in '%s'%s: %m",
764 f, ignore ? ", ignoring" : "");
765 return ignore ? 0 : -ENOEXEC;
766 }
767
768 if (isempty(path)) {
769 /* First word is either "-" or "@" with no command. */
770 log_syntax(unit, LOG_ERR, filename, line, 0,
771 "Empty path in command line%s: '%s'",
772 ignore ? ", ignoring" : "", rvalue);
773 return ignore ? 0 : -ENOEXEC;
774 }
775 if (!string_is_safe(path)) {
776 log_syntax(unit, LOG_ERR, filename, line, 0,
777 "Executable name contains special characters%s: %s",
778 ignore ? ", ignoring" : "", path);
779 return ignore ? 0 : -ENOEXEC;
780 }
781 if (endswith(path, "/")) {
782 log_syntax(unit, LOG_ERR, filename, line, 0,
783 "Executable path specifies a directory%s: %s",
784 ignore ? ", ignoring" : "", path);
785 return ignore ? 0 : -ENOEXEC;
786 }
787
788 if (!path_is_absolute(path)) {
789 const char *prefix;
790 bool found = false;
791
792 if (!filename_is_valid(path)) {
793 log_syntax(unit, LOG_ERR, filename, line, 0,
794 "Neither a valid executable name nor an absolute path%s: %s",
795 ignore ? ", ignoring" : "", path);
796 return ignore ? 0 : -ENOEXEC;
797 }
798
799 /* Resolve a single-component name to a full path */
800 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
801 _cleanup_free_ char *fullpath = NULL;
802
803 fullpath = path_join(prefix, path);
804 if (!fullpath)
805 return log_oom();
806
807 if (access(fullpath, F_OK) >= 0) {
808 free_and_replace(path, fullpath);
809 found = true;
810 break;
811 }
812 }
813
814 if (!found) {
815 log_syntax(unit, LOG_ERR, filename, line, 0,
816 "Executable \"%s\" not found in path \"%s\"%s",
817 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
818 return ignore ? 0 : -ENOEXEC;
819 }
820 }
821
822 if (!separate_argv0) {
823 char *w = NULL;
824
825 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
826 return log_oom();
827
828 w = strdup(path);
829 if (!w)
830 return log_oom();
831 n[nlen++] = w;
832 n[nlen] = NULL;
833 }
834
835 path_simplify(path, false);
836
837 while (!isempty(p)) {
838 _cleanup_free_ char *word = NULL, *resolved = NULL;
839
840 /* Check explicitly for an unquoted semicolon as
841 * command separator token. */
842 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
843 p++;
844 p += strspn(p, WHITESPACE);
845 semicolon = true;
846 break;
847 }
848
849 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
850 * extract_first_word() would return the same for all of those. */
851 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
852 char *w;
853
854 p += 2;
855 p += strspn(p, WHITESPACE);
856
857 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
858 return log_oom();
859
860 w = strdup(";");
861 if (!w)
862 return log_oom();
863 n[nlen++] = w;
864 n[nlen] = NULL;
865 continue;
866 }
867
868 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_UNQUOTE|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
869 if (r == 0)
870 break;
871 if (r < 0)
872 return ignore ? 0 : -ENOEXEC;
873
874 r = unit_full_printf(u, word, &resolved);
875 if (r < 0) {
876 log_syntax(unit, LOG_ERR, filename, line, r,
877 "Failed to resolve unit specifiers in %s%s: %m",
878 word, ignore ? ", ignoring" : "");
879 return ignore ? 0 : -ENOEXEC;
880 }
881
882 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
883 return log_oom();
884
885 n[nlen++] = TAKE_PTR(resolved);
886 n[nlen] = NULL;
887 }
888
889 if (!n || !n[0]) {
890 log_syntax(unit, LOG_ERR, filename, line, 0,
891 "Empty executable name or zeroeth argument%s: %s",
892 ignore ? ", ignoring" : "", rvalue);
893 return ignore ? 0 : -ENOEXEC;
894 }
895
896 nce = new0(ExecCommand, 1);
897 if (!nce)
898 return log_oom();
899
900 nce->argv = TAKE_PTR(n);
901 nce->path = TAKE_PTR(path);
902 nce->flags = flags;
903
904 exec_command_append_list(e, nce);
905
906 /* Do not _cleanup_free_ these. */
907 nce = NULL;
908
909 rvalue = p;
910 } while (semicolon);
911
912 return 0;
913}
914
915int config_parse_socket_bindtodevice(
916 const char* unit,
917 const char *filename,
918 unsigned line,
919 const char *section,
920 unsigned section_line,
921 const char *lvalue,
922 int ltype,
923 const char *rvalue,
924 void *data,
925 void *userdata) {
926
927 Socket *s = data;
928
929 assert(filename);
930 assert(lvalue);
931 assert(rvalue);
932 assert(data);
933
934 if (isempty(rvalue) || streq(rvalue, "*")) {
935 s->bind_to_device = mfree(s->bind_to_device);
936 return 0;
937 }
938
939 if (!ifname_valid(rvalue)) {
940 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
941 return 0;
942 }
943
944 if (free_and_strdup(&s->bind_to_device, rvalue) < 0)
945 return log_oom();
946
947 return 0;
948}
949
950int config_parse_exec_input(
951 const char *unit,
952 const char *filename,
953 unsigned line,
954 const char *section,
955 unsigned section_line,
956 const char *lvalue,
957 int ltype,
958 const char *rvalue,
959 void *data,
960 void *userdata) {
961
962 ExecContext *c = data;
963 const Unit *u = userdata;
964 const char *n;
965 ExecInput ei;
966 int r;
967
968 assert(data);
969 assert(filename);
970 assert(line);
971 assert(rvalue);
972
973 n = startswith(rvalue, "fd:");
974 if (n) {
975 _cleanup_free_ char *resolved = NULL;
976
977 r = unit_full_printf(u, n, &resolved);
978 if (r < 0)
979 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
980
981 if (isempty(resolved))
982 resolved = mfree(resolved);
983 else if (!fdname_is_valid(resolved)) {
984 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
985 return -ENOEXEC;
986 }
987
988 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
989
990 ei = EXEC_INPUT_NAMED_FD;
991
992 } else if ((n = startswith(rvalue, "file:"))) {
993 _cleanup_free_ char *resolved = NULL;
994
995 r = unit_full_printf(u, n, &resolved);
996 if (r < 0)
997 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
998
999 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1000 if (r < 0)
1001 return -ENOEXEC;
1002
1003 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
1004
1005 ei = EXEC_INPUT_FILE;
1006
1007 } else {
1008 ei = exec_input_from_string(rvalue);
1009 if (ei < 0) {
1010 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
1011 return 0;
1012 }
1013 }
1014
1015 c->std_input = ei;
1016 return 0;
1017}
1018
1019int config_parse_exec_input_text(
1020 const char *unit,
1021 const char *filename,
1022 unsigned line,
1023 const char *section,
1024 unsigned section_line,
1025 const char *lvalue,
1026 int ltype,
1027 const char *rvalue,
1028 void *data,
1029 void *userdata) {
1030
1031 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
1032 ExecContext *c = data;
1033 const Unit *u = userdata;
1034 size_t sz;
1035 void *p;
1036 int r;
1037
1038 assert(data);
1039 assert(filename);
1040 assert(line);
1041 assert(rvalue);
1042
1043 if (isempty(rvalue)) {
1044 /* Reset if the empty string is assigned */
1045 c->stdin_data = mfree(c->stdin_data);
1046 c->stdin_data_size = 0;
1047 return 0;
1048 }
1049
1050 r = cunescape(rvalue, 0, &unescaped);
1051 if (r < 0)
1052 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
1053
1054 r = unit_full_printf(u, unescaped, &resolved);
1055 if (r < 0)
1056 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
1057
1058 sz = strlen(resolved);
1059 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
1060 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
1061 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
1062 return -E2BIG;
1063 }
1064
1065 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
1066 if (!p)
1067 return log_oom();
1068
1069 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
1070
1071 c->stdin_data = p;
1072 c->stdin_data_size += sz + 1;
1073
1074 return 0;
1075}
1076
1077int config_parse_exec_input_data(
1078 const char *unit,
1079 const char *filename,
1080 unsigned line,
1081 const char *section,
1082 unsigned section_line,
1083 const char *lvalue,
1084 int ltype,
1085 const char *rvalue,
1086 void *data,
1087 void *userdata) {
1088
1089 _cleanup_free_ void *p = NULL;
1090 ExecContext *c = data;
1091 size_t sz;
1092 void *q;
1093 int r;
1094
1095 assert(data);
1096 assert(filename);
1097 assert(line);
1098 assert(rvalue);
1099
1100 if (isempty(rvalue)) {
1101 /* Reset if the empty string is assigned */
1102 c->stdin_data = mfree(c->stdin_data);
1103 c->stdin_data_size = 0;
1104 return 0;
1105 }
1106
1107 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
1108 if (r < 0)
1109 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
1110
1111 assert(sz > 0);
1112
1113 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
1114 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
1115 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
1116 return -E2BIG;
1117 }
1118
1119 q = realloc(c->stdin_data, c->stdin_data_size + sz);
1120 if (!q)
1121 return log_oom();
1122
1123 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
1124
1125 c->stdin_data = q;
1126 c->stdin_data_size += sz;
1127
1128 return 0;
1129}
1130
1131int config_parse_exec_output(
1132 const char *unit,
1133 const char *filename,
1134 unsigned line,
1135 const char *section,
1136 unsigned section_line,
1137 const char *lvalue,
1138 int ltype,
1139 const char *rvalue,
1140 void *data,
1141 void *userdata) {
1142
1143 _cleanup_free_ char *resolved = NULL;
1144 const char *n;
1145 ExecContext *c = data;
1146 const Unit *u = userdata;
1147 bool obsolete = false;
1148 ExecOutput eo;
1149 int r;
1150
1151 assert(data);
1152 assert(filename);
1153 assert(line);
1154 assert(lvalue);
1155 assert(rvalue);
1156
1157 n = startswith(rvalue, "fd:");
1158 if (n) {
1159 r = unit_full_printf(u, n, &resolved);
1160 if (r < 0)
1161 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1162
1163 if (isempty(resolved))
1164 resolved = mfree(resolved);
1165 else if (!fdname_is_valid(resolved)) {
1166 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1167 return -ENOEXEC;
1168 }
1169
1170 eo = EXEC_OUTPUT_NAMED_FD;
1171
1172 } else if (streq(rvalue, "syslog")) {
1173 eo = EXEC_OUTPUT_JOURNAL;
1174 obsolete = true;
1175
1176 } else if (streq(rvalue, "syslog+console")) {
1177 eo = EXEC_OUTPUT_JOURNAL_AND_CONSOLE;
1178 obsolete = true;
1179
1180 } else if ((n = startswith(rvalue, "file:"))) {
1181
1182 r = unit_full_printf(u, n, &resolved);
1183 if (r < 0)
1184 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1185
1186 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1187 if (r < 0)
1188 return -ENOEXEC;
1189
1190 eo = EXEC_OUTPUT_FILE;
1191
1192 } else if ((n = startswith(rvalue, "append:"))) {
1193
1194 r = unit_full_printf(u, n, &resolved);
1195 if (r < 0)
1196 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1197
1198 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE | PATH_CHECK_FATAL, unit, filename, line, lvalue);
1199 if (r < 0)
1200 return -ENOEXEC;
1201
1202 eo = EXEC_OUTPUT_FILE_APPEND;
1203 } else {
1204 eo = exec_output_from_string(rvalue);
1205 if (eo < 0) {
1206 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1207 return 0;
1208 }
1209 }
1210
1211 if (obsolete)
1212 log_syntax(unit, LOG_NOTICE, filename, line, 0,
1213 "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.",
1214 rvalue, exec_output_to_string(eo));
1215
1216 if (streq(lvalue, "StandardOutput")) {
1217 if (eo == EXEC_OUTPUT_NAMED_FD)
1218 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1219 else
1220 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1221
1222 c->std_output = eo;
1223
1224 } else {
1225 assert(streq(lvalue, "StandardError"));
1226
1227 if (eo == EXEC_OUTPUT_NAMED_FD)
1228 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1229 else
1230 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1231
1232 c->std_error = eo;
1233 }
1234
1235 return 0;
1236}
1237
1238int config_parse_exec_io_class(const char *unit,
1239 const char *filename,
1240 unsigned line,
1241 const char *section,
1242 unsigned section_line,
1243 const char *lvalue,
1244 int ltype,
1245 const char *rvalue,
1246 void *data,
1247 void *userdata) {
1248
1249 ExecContext *c = data;
1250 int x;
1251
1252 assert(filename);
1253 assert(lvalue);
1254 assert(rvalue);
1255 assert(data);
1256
1257 if (isempty(rvalue)) {
1258 c->ioprio_set = false;
1259 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1260 return 0;
1261 }
1262
1263 x = ioprio_class_from_string(rvalue);
1264 if (x < 0) {
1265 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1266 return 0;
1267 }
1268
1269 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1270 c->ioprio_set = true;
1271
1272 return 0;
1273}
1274
1275int config_parse_exec_io_priority(const char *unit,
1276 const char *filename,
1277 unsigned line,
1278 const char *section,
1279 unsigned section_line,
1280 const char *lvalue,
1281 int ltype,
1282 const char *rvalue,
1283 void *data,
1284 void *userdata) {
1285
1286 ExecContext *c = data;
1287 int i, r;
1288
1289 assert(filename);
1290 assert(lvalue);
1291 assert(rvalue);
1292 assert(data);
1293
1294 if (isempty(rvalue)) {
1295 c->ioprio_set = false;
1296 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1297 return 0;
1298 }
1299
1300 r = ioprio_parse_priority(rvalue, &i);
1301 if (r < 0) {
1302 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1303 return 0;
1304 }
1305
1306 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1307 c->ioprio_set = true;
1308
1309 return 0;
1310}
1311
1312int config_parse_exec_cpu_sched_policy(const char *unit,
1313 const char *filename,
1314 unsigned line,
1315 const char *section,
1316 unsigned section_line,
1317 const char *lvalue,
1318 int ltype,
1319 const char *rvalue,
1320 void *data,
1321 void *userdata) {
1322
1323 ExecContext *c = data;
1324 int x;
1325
1326 assert(filename);
1327 assert(lvalue);
1328 assert(rvalue);
1329 assert(data);
1330
1331 if (isempty(rvalue)) {
1332 c->cpu_sched_set = false;
1333 c->cpu_sched_policy = SCHED_OTHER;
1334 c->cpu_sched_priority = 0;
1335 return 0;
1336 }
1337
1338 x = sched_policy_from_string(rvalue);
1339 if (x < 0) {
1340 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1341 return 0;
1342 }
1343
1344 c->cpu_sched_policy = x;
1345 /* Moving to or from real-time policy? We need to adjust the priority */
1346 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1347 c->cpu_sched_set = true;
1348
1349 return 0;
1350}
1351
1352int config_parse_numa_mask(const char *unit,
1353 const char *filename,
1354 unsigned line,
1355 const char *section,
1356 unsigned section_line,
1357 const char *lvalue,
1358 int ltype,
1359 const char *rvalue,
1360 void *data,
1361 void *userdata) {
1362 int r;
1363 NUMAPolicy *p = data;
1364
1365 assert(filename);
1366 assert(lvalue);
1367 assert(rvalue);
1368 assert(data);
1369
1370 r = parse_cpu_set_extend(rvalue, &p->nodes, true, unit, filename, line, lvalue);
1371 if (r < 0) {
1372 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse NUMA node mask, ignoring: %s", rvalue);
1373 return 0;
1374 }
1375
1376 return r;
1377}
1378
1379int config_parse_exec_cpu_sched_prio(const char *unit,
1380 const char *filename,
1381 unsigned line,
1382 const char *section,
1383 unsigned section_line,
1384 const char *lvalue,
1385 int ltype,
1386 const char *rvalue,
1387 void *data,
1388 void *userdata) {
1389
1390 ExecContext *c = data;
1391 int i, min, max, r;
1392
1393 assert(filename);
1394 assert(lvalue);
1395 assert(rvalue);
1396 assert(data);
1397
1398 r = safe_atoi(rvalue, &i);
1399 if (r < 0) {
1400 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1401 return 0;
1402 }
1403
1404 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1405 min = sched_get_priority_min(c->cpu_sched_policy);
1406 max = sched_get_priority_max(c->cpu_sched_policy);
1407
1408 if (i < min || i > max) {
1409 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1410 return 0;
1411 }
1412
1413 c->cpu_sched_priority = i;
1414 c->cpu_sched_set = true;
1415
1416 return 0;
1417}
1418
1419int config_parse_exec_root_hash(
1420 const char *unit,
1421 const char *filename,
1422 unsigned line,
1423 const char *section,
1424 unsigned section_line,
1425 const char *lvalue,
1426 int ltype,
1427 const char *rvalue,
1428 void *data,
1429 void *userdata) {
1430
1431 _cleanup_free_ void *roothash_decoded = NULL;
1432 ExecContext *c = data;
1433 size_t roothash_decoded_size = 0;
1434 int r;
1435
1436 assert(data);
1437 assert(filename);
1438 assert(line);
1439 assert(rvalue);
1440
1441 if (isempty(rvalue)) {
1442 /* Reset if the empty string is assigned */
1443 c->root_hash_path = mfree(c->root_hash_path);
1444 c->root_hash = mfree(c->root_hash);
1445 c->root_hash_size = 0;
1446 return 0;
1447 }
1448
1449 if (path_is_absolute(rvalue)) {
1450 /* We have the path to a roothash to load and decode, eg: RootHash=/foo/bar.roothash */
1451 _cleanup_free_ char *p = NULL;
1452
1453 p = strdup(rvalue);
1454 if (!p)
1455 return -ENOMEM;
1456
1457 free_and_replace(c->root_hash_path, p);
1458 c->root_hash = mfree(c->root_hash);
1459 c->root_hash_size = 0;
1460 return 0;
1461 }
1462
1463 /* We have a roothash to decode, eg: RootHash=012345789abcdef */
1464 r = unhexmem(rvalue, strlen(rvalue), &roothash_decoded, &roothash_decoded_size);
1465 if (r < 0)
1466 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode RootHash=, ignoring: %s", rvalue);
1467 if (roothash_decoded_size < sizeof(sd_id128_t))
1468 return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "RootHash= is too short, ignoring: %s", rvalue);
1469
1470 free_and_replace(c->root_hash, roothash_decoded);
1471 c->root_hash_size = roothash_decoded_size;
1472 c->root_hash_path = mfree(c->root_hash_path);
1473
1474 return 0;
1475}
1476
1477int config_parse_exec_root_hash_sig(
1478 const char *unit,
1479 const char *filename,
1480 unsigned line,
1481 const char *section,
1482 unsigned section_line,
1483 const char *lvalue,
1484 int ltype,
1485 const char *rvalue,
1486 void *data,
1487 void *userdata) {
1488
1489 _cleanup_free_ void *roothash_sig_decoded = NULL;
1490 char *value;
1491 ExecContext *c = data;
1492 size_t roothash_sig_decoded_size = 0;
1493 int r;
1494
1495 assert(data);
1496 assert(filename);
1497 assert(line);
1498 assert(rvalue);
1499
1500 if (isempty(rvalue)) {
1501 /* Reset if the empty string is assigned */
1502 c->root_hash_sig_path = mfree(c->root_hash_sig_path);
1503 c->root_hash_sig = mfree(c->root_hash_sig);
1504 c->root_hash_sig_size = 0;
1505 return 0;
1506 }
1507
1508 if (path_is_absolute(rvalue)) {
1509 /* We have the path to a roothash signature to load and decode, eg: RootHashSignature=/foo/bar.roothash.p7s */
1510 _cleanup_free_ char *p = NULL;
1511
1512 p = strdup(rvalue);
1513 if (!p)
1514 return -ENOMEM;
1515
1516 free_and_replace(c->root_hash_sig_path, p);
1517 c->root_hash_sig = mfree(c->root_hash_sig);
1518 c->root_hash_sig_size = 0;
1519 return 0;
1520 }
1521
1522 if (!(value = startswith(rvalue, "base64:")))
1523 return log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "Failed to decode RootHashSignature=, not a path but doesn't start with 'base64:', ignoring: %s", rvalue);
1524
1525 /* We have a roothash signature to decode, eg: RootHashSignature=base64:012345789abcdef */
1526 r = unbase64mem(value, strlen(value), &roothash_sig_decoded, &roothash_sig_decoded_size);
1527 if (r < 0)
1528 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode RootHashSignature=, ignoring: %s", rvalue);
1529
1530 free_and_replace(c->root_hash_sig, roothash_sig_decoded);
1531 c->root_hash_sig_size = roothash_sig_decoded_size;
1532 c->root_hash_sig_path = mfree(c->root_hash_sig_path);
1533
1534 return 0;
1535}
1536
1537int config_parse_exec_cpu_affinity(const char *unit,
1538 const char *filename,
1539 unsigned line,
1540 const char *section,
1541 unsigned section_line,
1542 const char *lvalue,
1543 int ltype,
1544 const char *rvalue,
1545 void *data,
1546 void *userdata) {
1547
1548 ExecContext *c = data;
1549 int r;
1550
1551 assert(filename);
1552 assert(lvalue);
1553 assert(rvalue);
1554 assert(data);
1555
1556 if (streq(rvalue, "numa")) {
1557 c->cpu_affinity_from_numa = true;
1558 cpu_set_reset(&c->cpu_set);
1559
1560 return 0;
1561 }
1562
1563 r = parse_cpu_set_extend(rvalue, &c->cpu_set, true, unit, filename, line, lvalue);
1564 if (r >= 0)
1565 c->cpu_affinity_from_numa = false;
1566
1567 return r;
1568}
1569
1570int config_parse_capability_set(
1571 const char *unit,
1572 const char *filename,
1573 unsigned line,
1574 const char *section,
1575 unsigned section_line,
1576 const char *lvalue,
1577 int ltype,
1578 const char *rvalue,
1579 void *data,
1580 void *userdata) {
1581
1582 uint64_t *capability_set = data;
1583 uint64_t sum = 0, initial = 0;
1584 bool invert = false;
1585 int r;
1586
1587 assert(filename);
1588 assert(lvalue);
1589 assert(rvalue);
1590 assert(data);
1591
1592 if (rvalue[0] == '~') {
1593 invert = true;
1594 rvalue++;
1595 }
1596
1597 if (streq(lvalue, "CapabilityBoundingSet"))
1598 initial = CAP_ALL; /* initialized to all bits on */
1599 /* else "AmbientCapabilities" initialized to all bits off */
1600
1601 r = capability_set_from_string(rvalue, &sum);
1602 if (r < 0) {
1603 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1604 return 0;
1605 }
1606
1607 if (sum == 0 || *capability_set == initial)
1608 /* "", "~" or uninitialized data -> replace */
1609 *capability_set = invert ? ~sum : sum;
1610 else {
1611 /* previous data -> merge */
1612 if (invert)
1613 *capability_set &= ~sum;
1614 else
1615 *capability_set |= sum;
1616 }
1617
1618 return 0;
1619}
1620
1621int config_parse_exec_selinux_context(
1622 const char *unit,
1623 const char *filename,
1624 unsigned line,
1625 const char *section,
1626 unsigned section_line,
1627 const char *lvalue,
1628 int ltype,
1629 const char *rvalue,
1630 void *data,
1631 void *userdata) {
1632
1633 ExecContext *c = data;
1634 const Unit *u = userdata;
1635 bool ignore;
1636 char *k;
1637 int r;
1638
1639 assert(filename);
1640 assert(lvalue);
1641 assert(rvalue);
1642 assert(data);
1643
1644 if (isempty(rvalue)) {
1645 c->selinux_context = mfree(c->selinux_context);
1646 c->selinux_context_ignore = false;
1647 return 0;
1648 }
1649
1650 if (rvalue[0] == '-') {
1651 ignore = true;
1652 rvalue++;
1653 } else
1654 ignore = false;
1655
1656 r = unit_full_printf(u, rvalue, &k);
1657 if (r < 0) {
1658 log_syntax(unit, LOG_ERR, filename, line, r,
1659 "Failed to resolve unit specifiers in '%s'%s: %m",
1660 rvalue, ignore ? ", ignoring" : "");
1661 return ignore ? 0 : -ENOEXEC;
1662 }
1663
1664 free_and_replace(c->selinux_context, k);
1665 c->selinux_context_ignore = ignore;
1666
1667 return 0;
1668}
1669
1670int config_parse_exec_apparmor_profile(
1671 const char *unit,
1672 const char *filename,
1673 unsigned line,
1674 const char *section,
1675 unsigned section_line,
1676 const char *lvalue,
1677 int ltype,
1678 const char *rvalue,
1679 void *data,
1680 void *userdata) {
1681
1682 ExecContext *c = data;
1683 const Unit *u = userdata;
1684 bool ignore;
1685 char *k;
1686 int r;
1687
1688 assert(filename);
1689 assert(lvalue);
1690 assert(rvalue);
1691 assert(data);
1692
1693 if (isempty(rvalue)) {
1694 c->apparmor_profile = mfree(c->apparmor_profile);
1695 c->apparmor_profile_ignore = false;
1696 return 0;
1697 }
1698
1699 if (rvalue[0] == '-') {
1700 ignore = true;
1701 rvalue++;
1702 } else
1703 ignore = false;
1704
1705 r = unit_full_printf(u, rvalue, &k);
1706 if (r < 0) {
1707 log_syntax(unit, LOG_ERR, filename, line, r,
1708 "Failed to resolve unit specifiers in '%s'%s: %m",
1709 rvalue, ignore ? ", ignoring" : "");
1710 return ignore ? 0 : -ENOEXEC;
1711 }
1712
1713 free_and_replace(c->apparmor_profile, k);
1714 c->apparmor_profile_ignore = ignore;
1715
1716 return 0;
1717}
1718
1719int config_parse_exec_smack_process_label(
1720 const char *unit,
1721 const char *filename,
1722 unsigned line,
1723 const char *section,
1724 unsigned section_line,
1725 const char *lvalue,
1726 int ltype,
1727 const char *rvalue,
1728 void *data,
1729 void *userdata) {
1730
1731 ExecContext *c = data;
1732 const Unit *u = userdata;
1733 bool ignore;
1734 char *k;
1735 int r;
1736
1737 assert(filename);
1738 assert(lvalue);
1739 assert(rvalue);
1740 assert(data);
1741
1742 if (isempty(rvalue)) {
1743 c->smack_process_label = mfree(c->smack_process_label);
1744 c->smack_process_label_ignore = false;
1745 return 0;
1746 }
1747
1748 if (rvalue[0] == '-') {
1749 ignore = true;
1750 rvalue++;
1751 } else
1752 ignore = false;
1753
1754 r = unit_full_printf(u, rvalue, &k);
1755 if (r < 0) {
1756 log_syntax(unit, LOG_ERR, filename, line, r,
1757 "Failed to resolve unit specifiers in '%s'%s: %m",
1758 rvalue, ignore ? ", ignoring" : "");
1759 return ignore ? 0 : -ENOEXEC;
1760 }
1761
1762 free_and_replace(c->smack_process_label, k);
1763 c->smack_process_label_ignore = ignore;
1764
1765 return 0;
1766}
1767
1768int config_parse_timer(
1769 const char *unit,
1770 const char *filename,
1771 unsigned line,
1772 const char *section,
1773 unsigned section_line,
1774 const char *lvalue,
1775 int ltype,
1776 const char *rvalue,
1777 void *data,
1778 void *userdata) {
1779
1780 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1781 _cleanup_free_ char *k = NULL;
1782 const Unit *u = userdata;
1783 Timer *t = data;
1784 usec_t usec = 0;
1785 TimerValue *v;
1786 int r;
1787
1788 assert(filename);
1789 assert(lvalue);
1790 assert(rvalue);
1791 assert(data);
1792
1793 if (isempty(rvalue)) {
1794 /* Empty assignment resets list */
1795 timer_free_values(t);
1796 return 0;
1797 }
1798
1799 r = unit_full_printf(u, rvalue, &k);
1800 if (r < 0) {
1801 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1802 return 0;
1803 }
1804
1805 if (ltype == TIMER_CALENDAR) {
1806 r = calendar_spec_from_string(k, &c);
1807 if (r < 0) {
1808 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse calendar specification, ignoring: %s", k);
1809 return 0;
1810 }
1811 } else {
1812 r = parse_sec(k, &usec);
1813 if (r < 0) {
1814 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse timer value, ignoring: %s", k);
1815 return 0;
1816 }
1817 }
1818
1819 v = new(TimerValue, 1);
1820 if (!v)
1821 return log_oom();
1822
1823 *v = (TimerValue) {
1824 .base = ltype,
1825 .value = usec,
1826 .calendar_spec = TAKE_PTR(c),
1827 };
1828
1829 LIST_PREPEND(value, t->values, v);
1830
1831 return 0;
1832}
1833
1834int config_parse_trigger_unit(
1835 const char *unit,
1836 const char *filename,
1837 unsigned line,
1838 const char *section,
1839 unsigned section_line,
1840 const char *lvalue,
1841 int ltype,
1842 const char *rvalue,
1843 void *data,
1844 void *userdata) {
1845
1846 _cleanup_free_ char *p = NULL;
1847 Unit *u = data;
1848 UnitType type;
1849 int r;
1850
1851 assert(filename);
1852 assert(lvalue);
1853 assert(rvalue);
1854 assert(data);
1855
1856 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1857 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1858 return 0;
1859 }
1860
1861 r = unit_name_printf(u, rvalue, &p);
1862 if (r < 0) {
1863 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1864 return 0;
1865 }
1866
1867 type = unit_name_to_type(p);
1868 if (type < 0) {
1869 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1870 return 0;
1871 }
1872 if (unit_has_name(u, p)) {
1873 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1874 return 0;
1875 }
1876
1877 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, true, UNIT_DEPENDENCY_FILE);
1878 if (r < 0) {
1879 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1880 return 0;
1881 }
1882
1883 return 0;
1884}
1885
1886int config_parse_path_spec(const char *unit,
1887 const char *filename,
1888 unsigned line,
1889 const char *section,
1890 unsigned section_line,
1891 const char *lvalue,
1892 int ltype,
1893 const char *rvalue,
1894 void *data,
1895 void *userdata) {
1896
1897 Path *p = data;
1898 PathSpec *s;
1899 PathType b;
1900 _cleanup_free_ char *k = NULL;
1901 int r;
1902
1903 assert(filename);
1904 assert(lvalue);
1905 assert(rvalue);
1906 assert(data);
1907
1908 if (isempty(rvalue)) {
1909 /* Empty assignment clears list */
1910 path_free_specs(p);
1911 return 0;
1912 }
1913
1914 b = path_type_from_string(lvalue);
1915 if (b < 0) {
1916 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1917 return 0;
1918 }
1919
1920 r = unit_full_printf(UNIT(p), rvalue, &k);
1921 if (r < 0) {
1922 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1923 return 0;
1924 }
1925
1926 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
1927 if (r < 0)
1928 return 0;
1929
1930 s = new0(PathSpec, 1);
1931 if (!s)
1932 return log_oom();
1933
1934 s->unit = UNIT(p);
1935 s->path = TAKE_PTR(k);
1936 s->type = b;
1937 s->inotify_fd = -1;
1938
1939 LIST_PREPEND(spec, p->specs, s);
1940
1941 return 0;
1942}
1943
1944int config_parse_socket_service(
1945 const char *unit,
1946 const char *filename,
1947 unsigned line,
1948 const char *section,
1949 unsigned section_line,
1950 const char *lvalue,
1951 int ltype,
1952 const char *rvalue,
1953 void *data,
1954 void *userdata) {
1955
1956 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1957 _cleanup_free_ char *p = NULL;
1958 Socket *s = data;
1959 Unit *x;
1960 int r;
1961
1962 assert(filename);
1963 assert(lvalue);
1964 assert(rvalue);
1965 assert(data);
1966
1967 r = unit_name_printf(UNIT(s), rvalue, &p);
1968 if (r < 0) {
1969 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1970 return -ENOEXEC;
1971 }
1972
1973 if (!endswith(p, ".service")) {
1974 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1975 return -ENOEXEC;
1976 }
1977
1978 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1979 if (r < 0) {
1980 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1981 return -ENOEXEC;
1982 }
1983
1984 unit_ref_set(&s->service, UNIT(s), x);
1985
1986 return 0;
1987}
1988
1989int config_parse_fdname(
1990 const char *unit,
1991 const char *filename,
1992 unsigned line,
1993 const char *section,
1994 unsigned section_line,
1995 const char *lvalue,
1996 int ltype,
1997 const char *rvalue,
1998 void *data,
1999 void *userdata) {
2000
2001 _cleanup_free_ char *p = NULL;
2002 Socket *s = data;
2003 int r;
2004
2005 assert(filename);
2006 assert(lvalue);
2007 assert(rvalue);
2008 assert(data);
2009
2010 if (isempty(rvalue)) {
2011 s->fdname = mfree(s->fdname);
2012 return 0;
2013 }
2014
2015 r = unit_full_printf(UNIT(s), rvalue, &p);
2016 if (r < 0) {
2017 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2018 return 0;
2019 }
2020
2021 if (!fdname_is_valid(p)) {
2022 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
2023 return 0;
2024 }
2025
2026 return free_and_replace(s->fdname, p);
2027}
2028
2029int config_parse_service_sockets(
2030 const char *unit,
2031 const char *filename,
2032 unsigned line,
2033 const char *section,
2034 unsigned section_line,
2035 const char *lvalue,
2036 int ltype,
2037 const char *rvalue,
2038 void *data,
2039 void *userdata) {
2040
2041 Service *s = data;
2042 const char *p;
2043 int r;
2044
2045 assert(filename);
2046 assert(lvalue);
2047 assert(rvalue);
2048 assert(data);
2049
2050 p = rvalue;
2051 for (;;) {
2052 _cleanup_free_ char *word = NULL, *k = NULL;
2053
2054 r = extract_first_word(&p, &word, NULL, 0);
2055 if (r == 0)
2056 break;
2057 if (r == -ENOMEM)
2058 return log_oom();
2059 if (r < 0) {
2060 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
2061 break;
2062 }
2063
2064 r = unit_name_printf(UNIT(s), word, &k);
2065 if (r < 0) {
2066 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2067 continue;
2068 }
2069
2070 if (!endswith(k, ".socket")) {
2071 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
2072 continue;
2073 }
2074
2075 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, true, UNIT_DEPENDENCY_FILE);
2076 if (r < 0)
2077 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
2078
2079 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, true, UNIT_DEPENDENCY_FILE);
2080 if (r < 0)
2081 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
2082 }
2083
2084 return 0;
2085}
2086
2087int config_parse_bus_name(
2088 const char *unit,
2089 const char *filename,
2090 unsigned line,
2091 const char *section,
2092 unsigned section_line,
2093 const char *lvalue,
2094 int ltype,
2095 const char *rvalue,
2096 void *data,
2097 void *userdata) {
2098
2099 _cleanup_free_ char *k = NULL;
2100 const Unit *u = userdata;
2101 int r;
2102
2103 assert(filename);
2104 assert(lvalue);
2105 assert(rvalue);
2106 assert(u);
2107
2108 r = unit_full_printf(u, rvalue, &k);
2109 if (r < 0) {
2110 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2111 return 0;
2112 }
2113
2114 if (!sd_bus_service_name_is_valid(k)) {
2115 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
2116 return 0;
2117 }
2118
2119 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
2120}
2121
2122int config_parse_service_timeout(
2123 const char *unit,
2124 const char *filename,
2125 unsigned line,
2126 const char *section,
2127 unsigned section_line,
2128 const char *lvalue,
2129 int ltype,
2130 const char *rvalue,
2131 void *data,
2132 void *userdata) {
2133
2134 Service *s = userdata;
2135 usec_t usec;
2136 int r;
2137
2138 assert(filename);
2139 assert(lvalue);
2140 assert(rvalue);
2141 assert(s);
2142
2143 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
2144
2145 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
2146 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
2147 * all other timeouts. */
2148 r = parse_sec_fix_0(rvalue, &usec);
2149 if (r < 0) {
2150 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
2151 return 0;
2152 }
2153
2154 s->start_timeout_defined = true;
2155 s->timeout_start_usec = usec;
2156
2157 if (streq(lvalue, "TimeoutSec"))
2158 s->timeout_stop_usec = usec;
2159
2160 return 0;
2161}
2162
2163int config_parse_timeout_abort(
2164 const char *unit,
2165 const char *filename,
2166 unsigned line,
2167 const char *section,
2168 unsigned section_line,
2169 const char *lvalue,
2170 int ltype,
2171 const char *rvalue,
2172 void *data,
2173 void *userdata) {
2174
2175 usec_t *ret = data;
2176 int r;
2177
2178 assert(filename);
2179 assert(lvalue);
2180 assert(rvalue);
2181 assert(ret);
2182
2183 /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */
2184
2185 if (isempty(rvalue)) {
2186 *ret = 0;
2187 return 0; /* "not set" */
2188 }
2189
2190 r = parse_sec(rvalue, ret);
2191 if (r < 0)
2192 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= setting, ignoring: %s", lvalue, rvalue);
2193
2194 return 1; /* "set" */
2195}
2196
2197int config_parse_service_timeout_abort(
2198 const char *unit,
2199 const char *filename,
2200 unsigned line,
2201 const char *section,
2202 unsigned section_line,
2203 const char *lvalue,
2204 int ltype,
2205 const char *rvalue,
2206 void *data,
2207 void *userdata) {
2208
2209 Service *s = userdata;
2210 int r;
2211
2212 assert(s);
2213
2214 r = config_parse_timeout_abort(unit, filename, line, section, section_line, lvalue, ltype, rvalue,
2215 &s->timeout_abort_usec, s);
2216 if (r >= 0)
2217 s->timeout_abort_set = r;
2218 return 0;
2219}
2220
2221int config_parse_sec_fix_0(
2222 const char *unit,
2223 const char *filename,
2224 unsigned line,
2225 const char *section,
2226 unsigned section_line,
2227 const char *lvalue,
2228 int ltype,
2229 const char *rvalue,
2230 void *data,
2231 void *userdata) {
2232
2233 usec_t *usec = data;
2234 int r;
2235
2236 assert(filename);
2237 assert(lvalue);
2238 assert(rvalue);
2239 assert(usec);
2240
2241 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2242 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2243 * timeout. */
2244
2245 r = parse_sec_fix_0(rvalue, usec);
2246 if (r < 0) {
2247 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
2248 return 0;
2249 }
2250
2251 return 0;
2252}
2253
2254int config_parse_user_group_compat(
2255 const char *unit,
2256 const char *filename,
2257 unsigned line,
2258 const char *section,
2259 unsigned section_line,
2260 const char *lvalue,
2261 int ltype,
2262 const char *rvalue,
2263 void *data,
2264 void *userdata) {
2265
2266 _cleanup_free_ char *k = NULL;
2267 char **user = data;
2268 const Unit *u = userdata;
2269 int r;
2270
2271 assert(filename);
2272 assert(lvalue);
2273 assert(rvalue);
2274 assert(u);
2275
2276 if (isempty(rvalue)) {
2277 *user = mfree(*user);
2278 return 0;
2279 }
2280
2281 r = unit_full_printf(u, rvalue, &k);
2282 if (r < 0) {
2283 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
2284 return -ENOEXEC;
2285 }
2286
2287 if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
2288 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2289 return -ENOEXEC;
2290 }
2291
2292 if (strstr(lvalue, "User") && streq(k, NOBODY_USER_NAME))
2293 log_struct(LOG_NOTICE,
2294 "MESSAGE=%s:%u: Special user %s configured, this is not safe!", filename, line, k,
2295 "UNIT=%s", unit,
2296 "MESSAGE_ID=" SD_MESSAGE_NOBODY_USER_UNSUITABLE_STR,
2297 "OFFENDING_USER=%s", k,
2298 "CONFIG_FILE=%s", filename,
2299 "CONFIG_LINE=%u", line);
2300
2301 return free_and_replace(*user, k);
2302}
2303
2304int config_parse_user_group_strv_compat(
2305 const char *unit,
2306 const char *filename,
2307 unsigned line,
2308 const char *section,
2309 unsigned section_line,
2310 const char *lvalue,
2311 int ltype,
2312 const char *rvalue,
2313 void *data,
2314 void *userdata) {
2315
2316 char ***users = data;
2317 const Unit *u = userdata;
2318 const char *p = rvalue;
2319 int r;
2320
2321 assert(filename);
2322 assert(lvalue);
2323 assert(rvalue);
2324 assert(u);
2325
2326 if (isempty(rvalue)) {
2327 *users = strv_free(*users);
2328 return 0;
2329 }
2330
2331 for (;;) {
2332 _cleanup_free_ char *word = NULL, *k = NULL;
2333
2334 r = extract_first_word(&p, &word, NULL, 0);
2335 if (r == 0)
2336 break;
2337 if (r == -ENOMEM)
2338 return log_oom();
2339 if (r < 0) {
2340 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
2341 return -ENOEXEC;
2342 }
2343
2344 r = unit_full_printf(u, word, &k);
2345 if (r < 0) {
2346 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
2347 return -ENOEXEC;
2348 }
2349
2350 if (!valid_user_group_name(k, VALID_USER_ALLOW_NUMERIC|VALID_USER_RELAX|VALID_USER_WARN)) {
2351 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
2352 return -ENOEXEC;
2353 }
2354
2355 r = strv_push(users, k);
2356 if (r < 0)
2357 return log_oom();
2358
2359 k = NULL;
2360 }
2361
2362 return 0;
2363}
2364
2365int config_parse_working_directory(
2366 const char *unit,
2367 const char *filename,
2368 unsigned line,
2369 const char *section,
2370 unsigned section_line,
2371 const char *lvalue,
2372 int ltype,
2373 const char *rvalue,
2374 void *data,
2375 void *userdata) {
2376
2377 ExecContext *c = data;
2378 const Unit *u = userdata;
2379 bool missing_ok;
2380 int r;
2381
2382 assert(filename);
2383 assert(lvalue);
2384 assert(rvalue);
2385 assert(c);
2386 assert(u);
2387
2388 if (isempty(rvalue)) {
2389 c->working_directory_home = false;
2390 c->working_directory = mfree(c->working_directory);
2391 return 0;
2392 }
2393
2394 if (rvalue[0] == '-') {
2395 missing_ok = true;
2396 rvalue++;
2397 } else
2398 missing_ok = false;
2399
2400 if (streq(rvalue, "~")) {
2401 c->working_directory_home = true;
2402 c->working_directory = mfree(c->working_directory);
2403 } else {
2404 _cleanup_free_ char *k = NULL;
2405
2406 r = unit_full_printf(u, rvalue, &k);
2407 if (r < 0) {
2408 log_syntax(unit, LOG_ERR, filename, line, r,
2409 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2410 rvalue, missing_ok ? ", ignoring" : "");
2411 return missing_ok ? 0 : -ENOEXEC;
2412 }
2413
2414 r = path_simplify_and_warn(k, PATH_CHECK_ABSOLUTE | (missing_ok ? 0 : PATH_CHECK_FATAL), unit, filename, line, lvalue);
2415 if (r < 0)
2416 return missing_ok ? 0 : -ENOEXEC;
2417
2418 c->working_directory_home = false;
2419 free_and_replace(c->working_directory, k);
2420 }
2421
2422 c->working_directory_missing_ok = missing_ok;
2423 return 0;
2424}
2425
2426int config_parse_unit_env_file(const char *unit,
2427 const char *filename,
2428 unsigned line,
2429 const char *section,
2430 unsigned section_line,
2431 const char *lvalue,
2432 int ltype,
2433 const char *rvalue,
2434 void *data,
2435 void *userdata) {
2436
2437 char ***env = data;
2438 const Unit *u = userdata;
2439 _cleanup_free_ char *n = NULL;
2440 int r;
2441
2442 assert(filename);
2443 assert(lvalue);
2444 assert(rvalue);
2445 assert(data);
2446
2447 if (isempty(rvalue)) {
2448 /* Empty assignment frees the list */
2449 *env = strv_free(*env);
2450 return 0;
2451 }
2452
2453 r = unit_full_printf(u, rvalue, &n);
2454 if (r < 0) {
2455 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2456 return 0;
2457 }
2458
2459 r = path_simplify_and_warn(n[0] == '-' ? n + 1 : n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2460 if (r < 0)
2461 return 0;
2462
2463 r = strv_push(env, n);
2464 if (r < 0)
2465 return log_oom();
2466
2467 n = NULL;
2468
2469 return 0;
2470}
2471
2472int config_parse_environ(
2473 const char *unit,
2474 const char *filename,
2475 unsigned line,
2476 const char *section,
2477 unsigned section_line,
2478 const char *lvalue,
2479 int ltype,
2480 const char *rvalue,
2481 void *data,
2482 void *userdata) {
2483
2484 const Unit *u = userdata;
2485 char ***env = data;
2486 const char *p;
2487 int r;
2488
2489 assert(filename);
2490 assert(lvalue);
2491 assert(rvalue);
2492 assert(data);
2493
2494 if (isempty(rvalue)) {
2495 /* Empty assignment resets the list */
2496 *env = strv_free(*env);
2497 return 0;
2498 }
2499
2500 for (p = rvalue;; ) {
2501 _cleanup_free_ char *word = NULL, *k = NULL;
2502
2503 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2504 if (r == 0)
2505 return 0;
2506 if (r == -ENOMEM)
2507 return log_oom();
2508 if (r < 0) {
2509 log_syntax(unit, LOG_WARNING, filename, line, r,
2510 "Invalid syntax, ignoring: %s", rvalue);
2511 return 0;
2512 }
2513
2514 if (u) {
2515 r = unit_full_printf(u, word, &k);
2516 if (r < 0) {
2517 log_syntax(unit, LOG_ERR, filename, line, r,
2518 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2519 continue;
2520 }
2521 } else
2522 k = TAKE_PTR(word);
2523
2524 if (!env_assignment_is_valid(k)) {
2525 log_syntax(unit, LOG_ERR, filename, line, 0,
2526 "Invalid environment assignment, ignoring: %s", k);
2527 continue;
2528 }
2529
2530 r = strv_env_replace(env, k);
2531 if (r < 0)
2532 return log_oom();
2533
2534 k = NULL;
2535 }
2536}
2537
2538int config_parse_pass_environ(
2539 const char *unit,
2540 const char *filename,
2541 unsigned line,
2542 const char *section,
2543 unsigned section_line,
2544 const char *lvalue,
2545 int ltype,
2546 const char *rvalue,
2547 void *data,
2548 void *userdata) {
2549
2550 _cleanup_strv_free_ char **n = NULL;
2551 size_t nlen = 0, nbufsize = 0;
2552 char*** passenv = data;
2553 const char *p = rvalue;
2554 const Unit *u = userdata;
2555 int r;
2556
2557 assert(filename);
2558 assert(lvalue);
2559 assert(rvalue);
2560 assert(data);
2561
2562 if (isempty(rvalue)) {
2563 /* Empty assignment resets the list */
2564 *passenv = strv_free(*passenv);
2565 return 0;
2566 }
2567
2568 for (;;) {
2569 _cleanup_free_ char *word = NULL, *k = NULL;
2570
2571 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
2572 if (r == 0)
2573 break;
2574 if (r == -ENOMEM)
2575 return log_oom();
2576 if (r < 0) {
2577 log_syntax(unit, LOG_ERR, filename, line, r,
2578 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2579 break;
2580 }
2581
2582 if (u) {
2583 r = unit_full_printf(u, word, &k);
2584 if (r < 0) {
2585 log_syntax(unit, LOG_ERR, filename, line, r,
2586 "Failed to resolve specifiers in %s, ignoring: %m", word);
2587 continue;
2588 }
2589 } else
2590 k = TAKE_PTR(word);
2591
2592 if (!env_name_is_valid(k)) {
2593 log_syntax(unit, LOG_ERR, filename, line, 0,
2594 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2595 continue;
2596 }
2597
2598 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2599 return log_oom();
2600
2601 n[nlen++] = TAKE_PTR(k);
2602 n[nlen] = NULL;
2603 }
2604
2605 if (n) {
2606 r = strv_extend_strv(passenv, n, true);
2607 if (r < 0)
2608 return r;
2609 }
2610
2611 return 0;
2612}
2613
2614int config_parse_unset_environ(
2615 const char *unit,
2616 const char *filename,
2617 unsigned line,
2618 const char *section,
2619 unsigned section_line,
2620 const char *lvalue,
2621 int ltype,
2622 const char *rvalue,
2623 void *data,
2624 void *userdata) {
2625
2626 _cleanup_strv_free_ char **n = NULL;
2627 size_t nlen = 0, nbufsize = 0;
2628 char*** unsetenv = data;
2629 const char *p = rvalue;
2630 const Unit *u = userdata;
2631 int r;
2632
2633 assert(filename);
2634 assert(lvalue);
2635 assert(rvalue);
2636 assert(data);
2637
2638 if (isempty(rvalue)) {
2639 /* Empty assignment resets the list */
2640 *unsetenv = strv_free(*unsetenv);
2641 return 0;
2642 }
2643
2644 for (;;) {
2645 _cleanup_free_ char *word = NULL, *k = NULL;
2646
2647 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2648 if (r == 0)
2649 break;
2650 if (r == -ENOMEM)
2651 return log_oom();
2652 if (r < 0) {
2653 log_syntax(unit, LOG_ERR, filename, line, r,
2654 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2655 break;
2656 }
2657
2658 if (u) {
2659 r = unit_full_printf(u, word, &k);
2660 if (r < 0) {
2661 log_syntax(unit, LOG_ERR, filename, line, r,
2662 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2663 continue;
2664 }
2665 } else
2666 k = TAKE_PTR(word);
2667
2668 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2669 log_syntax(unit, LOG_ERR, filename, line, 0,
2670 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2671 continue;
2672 }
2673
2674 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2675 return log_oom();
2676
2677 n[nlen++] = TAKE_PTR(k);
2678 n[nlen] = NULL;
2679 }
2680
2681 if (n) {
2682 r = strv_extend_strv(unsetenv, n, true);
2683 if (r < 0)
2684 return r;
2685 }
2686
2687 return 0;
2688}
2689
2690int config_parse_log_extra_fields(
2691 const char *unit,
2692 const char *filename,
2693 unsigned line,
2694 const char *section,
2695 unsigned section_line,
2696 const char *lvalue,
2697 int ltype,
2698 const char *rvalue,
2699 void *data,
2700 void *userdata) {
2701
2702 ExecContext *c = data;
2703 const Unit *u = userdata;
2704 const char *p = rvalue;
2705 int r;
2706
2707 assert(filename);
2708 assert(lvalue);
2709 assert(rvalue);
2710 assert(c);
2711
2712 if (isempty(rvalue)) {
2713 exec_context_free_log_extra_fields(c);
2714 return 0;
2715 }
2716
2717 for (;;) {
2718 _cleanup_free_ char *word = NULL, *k = NULL;
2719 struct iovec *t;
2720 const char *eq;
2721
2722 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_UNQUOTE);
2723 if (r == 0)
2724 return 0;
2725 if (r == -ENOMEM)
2726 return log_oom();
2727 if (r < 0) {
2728 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2729 return 0;
2730 }
2731
2732 r = unit_full_printf(u, word, &k);
2733 if (r < 0) {
2734 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2735 continue;
2736 }
2737
2738 eq = strchr(k, '=');
2739 if (!eq) {
2740 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2741 continue;
2742 }
2743
2744 if (!journal_field_valid(k, eq-k, false)) {
2745 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2746 continue;
2747 }
2748
2749 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2750 if (!t)
2751 return log_oom();
2752
2753 c->log_extra_fields = t;
2754 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2755
2756 k = NULL;
2757 }
2758}
2759
2760int config_parse_log_namespace(
2761 const char *unit,
2762 const char *filename,
2763 unsigned line,
2764 const char *section,
2765 unsigned section_line,
2766 const char *lvalue,
2767 int ltype,
2768 const char *rvalue,
2769 void *data,
2770 void *userdata) {
2771
2772 _cleanup_free_ char *k = NULL;
2773 ExecContext *c = data;
2774 const Unit *u = userdata;
2775 int r;
2776
2777 assert(filename);
2778 assert(lvalue);
2779 assert(rvalue);
2780 assert(c);
2781
2782 if (isempty(rvalue)) {
2783 c->log_namespace = mfree(c->log_namespace);
2784 return 0;
2785 }
2786
2787 r = unit_full_printf(u, rvalue, &k);
2788 if (r < 0) {
2789 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2790 return 0;
2791 }
2792
2793 if (!log_namespace_name_valid(k)) {
2794 log_syntax(unit, LOG_ERR, filename, line, SYNTHETIC_ERRNO(EINVAL), "Specified log namespace name is not valid: %s", k);
2795 return 0;
2796 }
2797
2798 free_and_replace(c->log_namespace, k);
2799 return 0;
2800}
2801
2802int config_parse_unit_condition_path(
2803 const char *unit,
2804 const char *filename,
2805 unsigned line,
2806 const char *section,
2807 unsigned section_line,
2808 const char *lvalue,
2809 int ltype,
2810 const char *rvalue,
2811 void *data,
2812 void *userdata) {
2813
2814 _cleanup_free_ char *p = NULL;
2815 Condition **list = data, *c;
2816 ConditionType t = ltype;
2817 bool trigger, negate;
2818 const Unit *u = userdata;
2819 int r;
2820
2821 assert(filename);
2822 assert(lvalue);
2823 assert(rvalue);
2824 assert(data);
2825
2826 if (isempty(rvalue)) {
2827 /* Empty assignment resets the list */
2828 *list = condition_free_list(*list);
2829 return 0;
2830 }
2831
2832 trigger = rvalue[0] == '|';
2833 if (trigger)
2834 rvalue++;
2835
2836 negate = rvalue[0] == '!';
2837 if (negate)
2838 rvalue++;
2839
2840 r = unit_full_printf(u, rvalue, &p);
2841 if (r < 0) {
2842 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2843 return 0;
2844 }
2845
2846 r = path_simplify_and_warn(p, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
2847 if (r < 0)
2848 return 0;
2849
2850 c = condition_new(t, p, trigger, negate);
2851 if (!c)
2852 return log_oom();
2853
2854 LIST_PREPEND(conditions, *list, c);
2855 return 0;
2856}
2857
2858int config_parse_unit_condition_string(
2859 const char *unit,
2860 const char *filename,
2861 unsigned line,
2862 const char *section,
2863 unsigned section_line,
2864 const char *lvalue,
2865 int ltype,
2866 const char *rvalue,
2867 void *data,
2868 void *userdata) {
2869
2870 _cleanup_free_ char *s = NULL;
2871 Condition **list = data, *c;
2872 ConditionType t = ltype;
2873 bool trigger, negate;
2874 const Unit *u = userdata;
2875 int r;
2876
2877 assert(filename);
2878 assert(lvalue);
2879 assert(rvalue);
2880 assert(data);
2881
2882 if (isempty(rvalue)) {
2883 /* Empty assignment resets the list */
2884 *list = condition_free_list(*list);
2885 return 0;
2886 }
2887
2888 trigger = *rvalue == '|';
2889 if (trigger)
2890 rvalue += 1 + strspn(rvalue + 1, WHITESPACE);
2891
2892 negate = *rvalue == '!';
2893 if (negate)
2894 rvalue += 1 + strspn(rvalue + 1, WHITESPACE);
2895
2896 r = unit_full_printf(u, rvalue, &s);
2897 if (r < 0) {
2898 log_syntax(unit, LOG_ERR, filename, line, r,
2899 "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2900 return 0;
2901 }
2902
2903 c = condition_new(t, s, trigger, negate);
2904 if (!c)
2905 return log_oom();
2906
2907 LIST_PREPEND(conditions, *list, c);
2908 return 0;
2909}
2910
2911int config_parse_unit_condition_null(
2912 const char *unit,
2913 const char *filename,
2914 unsigned line,
2915 const char *section,
2916 unsigned section_line,
2917 const char *lvalue,
2918 int ltype,
2919 const char *rvalue,
2920 void *data,
2921 void *userdata) {
2922
2923 Condition **list = data, *c;
2924 bool trigger, negate;
2925 int b;
2926
2927 assert(filename);
2928 assert(lvalue);
2929 assert(rvalue);
2930 assert(data);
2931
2932 log_syntax(unit, LOG_WARNING, filename, line, 0, "%s= is deprecated, please do not use.", lvalue);
2933
2934 if (isempty(rvalue)) {
2935 /* Empty assignment resets the list */
2936 *list = condition_free_list(*list);
2937 return 0;
2938 }
2939
2940 trigger = rvalue[0] == '|';
2941 if (trigger)
2942 rvalue++;
2943
2944 negate = rvalue[0] == '!';
2945 if (negate)
2946 rvalue++;
2947
2948 b = parse_boolean(rvalue);
2949 if (b < 0) {
2950 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2951 return 0;
2952 }
2953
2954 if (!b)
2955 negate = !negate;
2956
2957 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2958 if (!c)
2959 return log_oom();
2960
2961 LIST_PREPEND(conditions, *list, c);
2962 return 0;
2963}
2964
2965int config_parse_unit_requires_mounts_for(
2966 const char *unit,
2967 const char *filename,
2968 unsigned line,
2969 const char *section,
2970 unsigned section_line,
2971 const char *lvalue,
2972 int ltype,
2973 const char *rvalue,
2974 void *data,
2975 void *userdata) {
2976
2977 const char *p = rvalue;
2978 Unit *u = userdata;
2979 int r;
2980
2981 assert(filename);
2982 assert(lvalue);
2983 assert(rvalue);
2984 assert(data);
2985
2986 for (;;) {
2987 _cleanup_free_ char *word = NULL, *resolved = NULL;
2988
2989 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
2990 if (r == 0)
2991 return 0;
2992 if (r == -ENOMEM)
2993 return log_oom();
2994 if (r < 0) {
2995 log_syntax(unit, LOG_WARNING, filename, line, r,
2996 "Invalid syntax, ignoring: %s", rvalue);
2997 return 0;
2998 }
2999
3000 r = unit_full_printf(u, word, &resolved);
3001 if (r < 0) {
3002 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
3003 continue;
3004 }
3005
3006 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
3007 if (r < 0)
3008 continue;
3009
3010 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
3011 if (r < 0) {
3012 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
3013 continue;
3014 }
3015 }
3016}
3017
3018int config_parse_documentation(const char *unit,
3019 const char *filename,
3020 unsigned line,
3021 const char *section,
3022 unsigned section_line,
3023 const char *lvalue,
3024 int ltype,
3025 const char *rvalue,
3026 void *data,
3027 void *userdata) {
3028
3029 Unit *u = userdata;
3030 int r;
3031 char **a, **b;
3032
3033 assert(filename);
3034 assert(lvalue);
3035 assert(rvalue);
3036 assert(u);
3037
3038 if (isempty(rvalue)) {
3039 /* Empty assignment resets the list */
3040 u->documentation = strv_free(u->documentation);
3041 return 0;
3042 }
3043
3044 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
3045 rvalue, data, userdata);
3046 if (r < 0)
3047 return r;
3048
3049 for (a = b = u->documentation; a && *a; a++) {
3050
3051 if (documentation_url_is_valid(*a))
3052 *(b++) = *a;
3053 else {
3054 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
3055 free(*a);
3056 }
3057 }
3058 if (b)
3059 *b = NULL;
3060
3061 return r;
3062}
3063
3064#if HAVE_SECCOMP
3065int config_parse_syscall_filter(
3066 const char *unit,
3067 const char *filename,
3068 unsigned line,
3069 const char *section,
3070 unsigned section_line,
3071 const char *lvalue,
3072 int ltype,
3073 const char *rvalue,
3074 void *data,
3075 void *userdata) {
3076
3077 ExecContext *c = data;
3078 _unused_ const Unit *u = userdata;
3079 bool invert = false;
3080 const char *p;
3081 int r;
3082
3083 assert(filename);
3084 assert(lvalue);
3085 assert(rvalue);
3086 assert(u);
3087
3088 if (isempty(rvalue)) {
3089 /* Empty assignment resets the list */
3090 c->syscall_filter = hashmap_free(c->syscall_filter);
3091 c->syscall_allow_list = false;
3092 return 0;
3093 }
3094
3095 if (rvalue[0] == '~') {
3096 invert = true;
3097 rvalue++;
3098 }
3099
3100 if (!c->syscall_filter) {
3101 c->syscall_filter = hashmap_new(NULL);
3102 if (!c->syscall_filter)
3103 return log_oom();
3104
3105 if (invert)
3106 /* Allow everything but the ones listed */
3107 c->syscall_allow_list = false;
3108 else {
3109 /* Allow nothing but the ones listed */
3110 c->syscall_allow_list = true;
3111
3112 /* Accept default syscalls if we are on a allow_list */
3113 r = seccomp_parse_syscall_filter(
3114 "@default", -1, c->syscall_filter,
3115 SECCOMP_PARSE_PERMISSIVE|SECCOMP_PARSE_ALLOW_LIST,
3116 unit,
3117 NULL, 0);
3118 if (r < 0)
3119 return r;
3120 }
3121 }
3122
3123 p = rvalue;
3124 for (;;) {
3125 _cleanup_free_ char *word = NULL, *name = NULL;
3126 int num;
3127
3128 r = extract_first_word(&p, &word, NULL, 0);
3129 if (r == 0)
3130 return 0;
3131 if (r == -ENOMEM)
3132 return log_oom();
3133 if (r < 0) {
3134 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3135 return 0;
3136 }
3137
3138 r = parse_syscall_and_errno(word, &name, &num);
3139 if (r < 0) {
3140 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
3141 continue;
3142 }
3143
3144 r = seccomp_parse_syscall_filter(
3145 name, num, c->syscall_filter,
3146 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|
3147 (invert ? SECCOMP_PARSE_INVERT : 0)|
3148 (c->syscall_allow_list ? SECCOMP_PARSE_ALLOW_LIST : 0),
3149 unit, filename, line);
3150 if (r < 0)
3151 return r;
3152 }
3153}
3154
3155int config_parse_syscall_archs(
3156 const char *unit,
3157 const char *filename,
3158 unsigned line,
3159 const char *section,
3160 unsigned section_line,
3161 const char *lvalue,
3162 int ltype,
3163 const char *rvalue,
3164 void *data,
3165 void *userdata) {
3166
3167 const char *p = rvalue;
3168 Set **archs = data;
3169 int r;
3170
3171 if (isempty(rvalue)) {
3172 *archs = set_free(*archs);
3173 return 0;
3174 }
3175
3176 for (;;) {
3177 _cleanup_free_ char *word = NULL;
3178 uint32_t a;
3179
3180 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3181 if (r == 0)
3182 return 0;
3183 if (r == -ENOMEM)
3184 return log_oom();
3185 if (r < 0) {
3186 log_syntax(unit, LOG_WARNING, filename, line, r,
3187 "Invalid syntax, ignoring: %s", rvalue);
3188 return 0;
3189 }
3190
3191 r = seccomp_arch_from_string(word, &a);
3192 if (r < 0) {
3193 log_syntax(unit, LOG_ERR, filename, line, r,
3194 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
3195 continue;
3196 }
3197
3198 r = set_ensure_put(archs, NULL, UINT32_TO_PTR(a + 1));
3199 if (r < 0)
3200 return log_oom();
3201 }
3202}
3203
3204int config_parse_syscall_errno(
3205 const char *unit,
3206 const char *filename,
3207 unsigned line,
3208 const char *section,
3209 unsigned section_line,
3210 const char *lvalue,
3211 int ltype,
3212 const char *rvalue,
3213 void *data,
3214 void *userdata) {
3215
3216 ExecContext *c = data;
3217 int e;
3218
3219 assert(filename);
3220 assert(lvalue);
3221 assert(rvalue);
3222
3223 if (isempty(rvalue)) {
3224 /* Empty assignment resets to KILL */
3225 c->syscall_errno = 0;
3226 return 0;
3227 }
3228
3229 e = parse_errno(rvalue);
3230 if (e <= 0) {
3231 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
3232 return 0;
3233 }
3234
3235 c->syscall_errno = e;
3236 return 0;
3237}
3238
3239int config_parse_address_families(
3240 const char *unit,
3241 const char *filename,
3242 unsigned line,
3243 const char *section,
3244 unsigned section_line,
3245 const char *lvalue,
3246 int ltype,
3247 const char *rvalue,
3248 void *data,
3249 void *userdata) {
3250
3251 ExecContext *c = data;
3252 bool invert = false;
3253 const char *p;
3254 int r;
3255
3256 assert(filename);
3257 assert(lvalue);
3258 assert(rvalue);
3259
3260 if (isempty(rvalue)) {
3261 /* Empty assignment resets the list */
3262 c->address_families = set_free(c->address_families);
3263 c->address_families_allow_list = false;
3264 return 0;
3265 }
3266
3267 if (rvalue[0] == '~') {
3268 invert = true;
3269 rvalue++;
3270 }
3271
3272 if (!c->address_families) {
3273 c->address_families = set_new(NULL);
3274 if (!c->address_families)
3275 return log_oom();
3276
3277 c->address_families_allow_list = !invert;
3278 }
3279
3280 for (p = rvalue;;) {
3281 _cleanup_free_ char *word = NULL;
3282 int af;
3283
3284 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3285 if (r == 0)
3286 return 0;
3287 if (r == -ENOMEM)
3288 return log_oom();
3289 if (r < 0) {
3290 log_syntax(unit, LOG_WARNING, filename, line, r,
3291 "Invalid syntax, ignoring: %s", rvalue);
3292 return 0;
3293 }
3294
3295 af = af_from_name(word);
3296 if (af < 0) {
3297 log_syntax(unit, LOG_ERR, filename, line, af,
3298 "Failed to parse address family, ignoring: %s", word);
3299 continue;
3300 }
3301
3302 /* If we previously wanted to forbid an address family and now
3303 * we want to allow it, then just remove it from the list.
3304 */
3305 if (!invert == c->address_families_allow_list) {
3306 r = set_put(c->address_families, INT_TO_PTR(af));
3307 if (r < 0)
3308 return log_oom();
3309 } else
3310 set_remove(c->address_families, INT_TO_PTR(af));
3311 }
3312}
3313
3314int config_parse_restrict_namespaces(
3315 const char *unit,
3316 const char *filename,
3317 unsigned line,
3318 const char *section,
3319 unsigned section_line,
3320 const char *lvalue,
3321 int ltype,
3322 const char *rvalue,
3323 void *data,
3324 void *userdata) {
3325
3326 ExecContext *c = data;
3327 unsigned long flags;
3328 bool invert = false;
3329 int r;
3330
3331 if (isempty(rvalue)) {
3332 /* Reset to the default. */
3333 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
3334 return 0;
3335 }
3336
3337 /* Boolean parameter ignores the previous settings */
3338 r = parse_boolean(rvalue);
3339 if (r > 0) {
3340 c->restrict_namespaces = 0;
3341 return 0;
3342 } else if (r == 0) {
3343 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
3344 return 0;
3345 }
3346
3347 if (rvalue[0] == '~') {
3348 invert = true;
3349 rvalue++;
3350 }
3351
3352 /* Not a boolean argument, in this case it's a list of namespace types. */
3353 r = namespace_flags_from_string(rvalue, &flags);
3354 if (r < 0) {
3355 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
3356 return 0;
3357 }
3358
3359 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
3360 /* Initial assignment. Just set the value. */
3361 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
3362 else
3363 /* Merge the value with the previous one. */
3364 SET_FLAG(c->restrict_namespaces, flags, !invert);
3365
3366 return 0;
3367}
3368#endif
3369
3370int config_parse_unit_slice(
3371 const char *unit,
3372 const char *filename,
3373 unsigned line,
3374 const char *section,
3375 unsigned section_line,
3376 const char *lvalue,
3377 int ltype,
3378 const char *rvalue,
3379 void *data,
3380 void *userdata) {
3381
3382 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
3383 _cleanup_free_ char *k = NULL;
3384 Unit *u = userdata, *slice;
3385 int r;
3386
3387 assert(filename);
3388 assert(lvalue);
3389 assert(rvalue);
3390 assert(u);
3391
3392 r = unit_name_printf(u, rvalue, &k);
3393 if (r < 0) {
3394 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
3395 return 0;
3396 }
3397
3398 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
3399 if (r < 0) {
3400 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3401 return 0;
3402 }
3403
3404 r = unit_set_slice(u, slice);
3405 if (r < 0) {
3406 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3407 return 0;
3408 }
3409
3410 return 0;
3411}
3412
3413int config_parse_cpu_quota(
3414 const char *unit,
3415 const char *filename,
3416 unsigned line,
3417 const char *section,
3418 unsigned section_line,
3419 const char *lvalue,
3420 int ltype,
3421 const char *rvalue,
3422 void *data,
3423 void *userdata) {
3424
3425 CGroupContext *c = data;
3426 int r;
3427
3428 assert(filename);
3429 assert(lvalue);
3430 assert(rvalue);
3431
3432 if (isempty(rvalue)) {
3433 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3434 return 0;
3435 }
3436
3437 r = parse_permille_unbounded(rvalue);
3438 if (r <= 0) {
3439 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3440 return 0;
3441 }
3442
3443 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 1000U;
3444 return 0;
3445}
3446
3447int config_parse_allowed_cpus(
3448 const char *unit,
3449 const char *filename,
3450 unsigned line,
3451 const char *section,
3452 unsigned section_line,
3453 const char *lvalue,
3454 int ltype,
3455 const char *rvalue,
3456 void *data,
3457 void *userdata) {
3458
3459 CGroupContext *c = data;
3460
3461 (void) parse_cpu_set_extend(rvalue, &c->cpuset_cpus, true, unit, filename, line, lvalue);
3462
3463 return 0;
3464}
3465
3466int config_parse_allowed_mems(
3467 const char *unit,
3468 const char *filename,
3469 unsigned line,
3470 const char *section,
3471 unsigned section_line,
3472 const char *lvalue,
3473 int ltype,
3474 const char *rvalue,
3475 void *data,
3476 void *userdata) {
3477
3478 CGroupContext *c = data;
3479
3480 (void) parse_cpu_set_extend(rvalue, &c->cpuset_mems, true, unit, filename, line, lvalue);
3481
3482 return 0;
3483}
3484
3485int config_parse_memory_limit(
3486 const char *unit,
3487 const char *filename,
3488 unsigned line,
3489 const char *section,
3490 unsigned section_line,
3491 const char *lvalue,
3492 int ltype,
3493 const char *rvalue,
3494 void *data,
3495 void *userdata) {
3496
3497 CGroupContext *c = data;
3498 uint64_t bytes = CGROUP_LIMIT_MAX;
3499 int r;
3500
3501 if (isempty(rvalue) && STR_IN_SET(lvalue, "DefaultMemoryLow",
3502 "DefaultMemoryMin",
3503 "MemoryLow",
3504 "MemoryMin"))
3505 bytes = CGROUP_LIMIT_MIN;
3506 else if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3507
3508 r = parse_permille(rvalue);
3509 if (r < 0) {
3510 r = parse_size(rvalue, 1024, &bytes);
3511 if (r < 0) {
3512 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3513 return 0;
3514 }
3515 } else
3516 bytes = physical_memory_scale(r, 1000U);
3517
3518 if (bytes >= UINT64_MAX ||
3519 (bytes <= 0 && !STR_IN_SET(lvalue, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) {
3520 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3521 return 0;
3522 }
3523 }
3524
3525 if (streq(lvalue, "DefaultMemoryLow")) {
3526 c->default_memory_low = bytes;
3527 c->default_memory_low_set = true;
3528 } else if (streq(lvalue, "DefaultMemoryMin")) {
3529 c->default_memory_min = bytes;
3530 c->default_memory_min_set = true;
3531 } else if (streq(lvalue, "MemoryMin")) {
3532 c->memory_min = bytes;
3533 c->memory_min_set = true;
3534 } else if (streq(lvalue, "MemoryLow")) {
3535 c->memory_low = bytes;
3536 c->memory_low_set = true;
3537 } else if (streq(lvalue, "MemoryHigh"))
3538 c->memory_high = bytes;
3539 else if (streq(lvalue, "MemoryMax"))
3540 c->memory_max = bytes;
3541 else if (streq(lvalue, "MemorySwapMax"))
3542 c->memory_swap_max = bytes;
3543 else if (streq(lvalue, "MemoryLimit"))
3544 c->memory_limit = bytes;
3545 else
3546 return -EINVAL;
3547
3548 return 0;
3549}
3550
3551int config_parse_tasks_max(
3552 const char *unit,
3553 const char *filename,
3554 unsigned line,
3555 const char *section,
3556 unsigned section_line,
3557 const char *lvalue,
3558 int ltype,
3559 const char *rvalue,
3560 void *data,
3561 void *userdata) {
3562
3563 const Unit *u = userdata;
3564 TasksMax *tasks_max = data;
3565 uint64_t v;
3566 int r;
3567
3568 if (isempty(rvalue)) {
3569 *tasks_max = u ? u->manager->default_tasks_max : TASKS_MAX_UNSET;
3570 return 0;
3571 }
3572
3573 if (streq(rvalue, "infinity")) {
3574 *tasks_max = TASKS_MAX_UNSET;
3575 return 0;
3576 }
3577
3578 r = parse_permille(rvalue);
3579 if (r >= 0)
3580 *tasks_max = (TasksMax) { r, 1000U }; /* r‰ */
3581 else {
3582 r = safe_atou64(rvalue, &v);
3583 if (r < 0) {
3584 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3585 return 0;
3586 }
3587
3588 if (v <= 0 || v >= UINT64_MAX) {
3589 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3590 return 0;
3591 }
3592
3593 *tasks_max = (TasksMax) { v };
3594 }
3595
3596 return 0;
3597}
3598
3599int config_parse_delegate(
3600 const char *unit,
3601 const char *filename,
3602 unsigned line,
3603 const char *section,
3604 unsigned section_line,
3605 const char *lvalue,
3606 int ltype,
3607 const char *rvalue,
3608 void *data,
3609 void *userdata) {
3610
3611 CGroupContext *c = data;
3612 UnitType t;
3613 int r;
3614
3615 t = unit_name_to_type(unit);
3616 assert(t != _UNIT_TYPE_INVALID);
3617
3618 if (!unit_vtable[t]->can_delegate) {
3619 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3620 return 0;
3621 }
3622
3623 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3624 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3625 * mask to delegate. */
3626
3627 if (isempty(rvalue)) {
3628 /* An empty string resets controllers and set Delegate=yes. */
3629 c->delegate = true;
3630 c->delegate_controllers = 0;
3631 return 0;
3632 }
3633
3634 r = parse_boolean(rvalue);
3635 if (r < 0) {
3636 const char *p = rvalue;
3637 CGroupMask mask = 0;
3638
3639 for (;;) {
3640 _cleanup_free_ char *word = NULL;
3641 CGroupController cc;
3642
3643 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
3644 if (r == 0)
3645 break;
3646 if (r == -ENOMEM)
3647 return log_oom();
3648 if (r < 0) {
3649 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3650 return 0;
3651 }
3652
3653 cc = cgroup_controller_from_string(word);
3654 if (cc < 0) {
3655 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3656 continue;
3657 }
3658
3659 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3660 }
3661
3662 c->delegate = true;
3663 c->delegate_controllers |= mask;
3664
3665 } else if (r > 0) {
3666 c->delegate = true;
3667 c->delegate_controllers = _CGROUP_MASK_ALL;
3668 } else {
3669 c->delegate = false;
3670 c->delegate_controllers = 0;
3671 }
3672
3673 return 0;
3674}
3675
3676int config_parse_device_allow(
3677 const char *unit,
3678 const char *filename,
3679 unsigned line,
3680 const char *section,
3681 unsigned section_line,
3682 const char *lvalue,
3683 int ltype,
3684 const char *rvalue,
3685 void *data,
3686 void *userdata) {
3687
3688 _cleanup_free_ char *path = NULL, *resolved = NULL;
3689 CGroupContext *c = data;
3690 const char *p = rvalue;
3691 int r;
3692
3693 if (isempty(rvalue)) {
3694 while (c->device_allow)
3695 cgroup_context_free_device_allow(c, c->device_allow);
3696
3697 return 0;
3698 }
3699
3700 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
3701 if (r == -ENOMEM)
3702 return log_oom();
3703 if (r < 0) {
3704 log_syntax(unit, LOG_WARNING, filename, line, r,
3705 "Invalid syntax, ignoring: %s", rvalue);
3706 return 0;
3707 }
3708 if (r == 0) {
3709 log_syntax(unit, LOG_WARNING, filename, line, 0,
3710 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3711 return 0;
3712 }
3713
3714 r = unit_full_printf(userdata, path, &resolved);
3715 if (r < 0) {
3716 log_syntax(unit, LOG_WARNING, filename, line, r,
3717 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3718 return 0;
3719 }
3720
3721 if (!STARTSWITH_SET(resolved, "block-", "char-")) {
3722
3723 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3724 if (r < 0)
3725 return 0;
3726
3727 if (!valid_device_node_path(resolved)) {
3728 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3729 return 0;
3730 }
3731 }
3732
3733 if (!isempty(p) && !in_charset(p, "rwm")) {
3734 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3735 return 0;
3736 }
3737
3738 return cgroup_add_device_allow(c, resolved, p);
3739}
3740
3741int config_parse_io_device_weight(
3742 const char *unit,
3743 const char *filename,
3744 unsigned line,
3745 const char *section,
3746 unsigned section_line,
3747 const char *lvalue,
3748 int ltype,
3749 const char *rvalue,
3750 void *data,
3751 void *userdata) {
3752
3753 _cleanup_free_ char *path = NULL, *resolved = NULL;
3754 CGroupIODeviceWeight *w;
3755 CGroupContext *c = data;
3756 const char *p = rvalue;
3757 uint64_t u;
3758 int r;
3759
3760 assert(filename);
3761 assert(lvalue);
3762 assert(rvalue);
3763
3764 if (isempty(rvalue)) {
3765 while (c->io_device_weights)
3766 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3767
3768 return 0;
3769 }
3770
3771 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
3772 if (r == -ENOMEM)
3773 return log_oom();
3774 if (r < 0) {
3775 log_syntax(unit, LOG_WARNING, filename, line, r,
3776 "Invalid syntax, ignoring: %s", rvalue);
3777 return 0;
3778 }
3779 if (r == 0 || isempty(p)) {
3780 log_syntax(unit, LOG_WARNING, filename, line, 0,
3781 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3782 return 0;
3783 }
3784
3785 r = unit_full_printf(userdata, path, &resolved);
3786 if (r < 0) {
3787 log_syntax(unit, LOG_WARNING, filename, line, r,
3788 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3789 return 0;
3790 }
3791
3792 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3793 if (r < 0)
3794 return 0;
3795
3796 r = cg_weight_parse(p, &u);
3797 if (r < 0) {
3798 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3799 return 0;
3800 }
3801
3802 assert(u != CGROUP_WEIGHT_INVALID);
3803
3804 w = new0(CGroupIODeviceWeight, 1);
3805 if (!w)
3806 return log_oom();
3807
3808 w->path = TAKE_PTR(resolved);
3809 w->weight = u;
3810
3811 LIST_PREPEND(device_weights, c->io_device_weights, w);
3812 return 0;
3813}
3814
3815int config_parse_io_device_latency(
3816 const char *unit,
3817 const char *filename,
3818 unsigned line,
3819 const char *section,
3820 unsigned section_line,
3821 const char *lvalue,
3822 int ltype,
3823 const char *rvalue,
3824 void *data,
3825 void *userdata) {
3826
3827 _cleanup_free_ char *path = NULL, *resolved = NULL;
3828 CGroupIODeviceLatency *l;
3829 CGroupContext *c = data;
3830 const char *p = rvalue;
3831 usec_t usec;
3832 int r;
3833
3834 assert(filename);
3835 assert(lvalue);
3836 assert(rvalue);
3837
3838 if (isempty(rvalue)) {
3839 while (c->io_device_latencies)
3840 cgroup_context_free_io_device_latency(c, c->io_device_latencies);
3841
3842 return 0;
3843 }
3844
3845 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
3846 if (r == -ENOMEM)
3847 return log_oom();
3848 if (r < 0) {
3849 log_syntax(unit, LOG_WARNING, filename, line, r,
3850 "Invalid syntax, ignoring: %s", rvalue);
3851 return 0;
3852 }
3853 if (r == 0 || isempty(p)) {
3854 log_syntax(unit, LOG_WARNING, filename, line, 0,
3855 "Failed to extract device path and latency from '%s', ignoring.", rvalue);
3856 return 0;
3857 }
3858
3859 r = unit_full_printf(userdata, path, &resolved);
3860 if (r < 0) {
3861 log_syntax(unit, LOG_WARNING, filename, line, r,
3862 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3863 return 0;
3864 }
3865
3866 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3867 if (r < 0)
3868 return 0;
3869
3870 if (parse_sec(p, &usec) < 0) {
3871 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", p);
3872 return 0;
3873 }
3874
3875 l = new0(CGroupIODeviceLatency, 1);
3876 if (!l)
3877 return log_oom();
3878
3879 l->path = TAKE_PTR(resolved);
3880 l->target_usec = usec;
3881
3882 LIST_PREPEND(device_latencies, c->io_device_latencies, l);
3883 return 0;
3884}
3885
3886int config_parse_io_limit(
3887 const char *unit,
3888 const char *filename,
3889 unsigned line,
3890 const char *section,
3891 unsigned section_line,
3892 const char *lvalue,
3893 int ltype,
3894 const char *rvalue,
3895 void *data,
3896 void *userdata) {
3897
3898 _cleanup_free_ char *path = NULL, *resolved = NULL;
3899 CGroupIODeviceLimit *l = NULL, *t;
3900 CGroupContext *c = data;
3901 CGroupIOLimitType type;
3902 const char *p = rvalue;
3903 uint64_t num;
3904 int r;
3905
3906 assert(filename);
3907 assert(lvalue);
3908 assert(rvalue);
3909
3910 type = cgroup_io_limit_type_from_string(lvalue);
3911 assert(type >= 0);
3912
3913 if (isempty(rvalue)) {
3914 LIST_FOREACH(device_limits, l, c->io_device_limits)
3915 l->limits[type] = cgroup_io_limit_defaults[type];
3916 return 0;
3917 }
3918
3919 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
3920 if (r == -ENOMEM)
3921 return log_oom();
3922 if (r < 0) {
3923 log_syntax(unit, LOG_WARNING, filename, line, r,
3924 "Invalid syntax, ignoring: %s", rvalue);
3925 return 0;
3926 }
3927 if (r == 0 || isempty(p)) {
3928 log_syntax(unit, LOG_WARNING, filename, line, 0,
3929 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3930 return 0;
3931 }
3932
3933 r = unit_full_printf(userdata, path, &resolved);
3934 if (r < 0) {
3935 log_syntax(unit, LOG_WARNING, filename, line, r,
3936 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3937 return 0;
3938 }
3939
3940 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
3941 if (r < 0)
3942 return 0;
3943
3944 if (streq("infinity", p))
3945 num = CGROUP_LIMIT_MAX;
3946 else {
3947 r = parse_size(p, 1000, &num);
3948 if (r < 0 || num <= 0) {
3949 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3950 return 0;
3951 }
3952 }
3953
3954 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3955 if (path_equal(resolved, t->path)) {
3956 l = t;
3957 break;
3958 }
3959 }
3960
3961 if (!l) {
3962 CGroupIOLimitType ttype;
3963
3964 l = new0(CGroupIODeviceLimit, 1);
3965 if (!l)
3966 return log_oom();
3967
3968 l->path = TAKE_PTR(resolved);
3969 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3970 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3971
3972 LIST_PREPEND(device_limits, c->io_device_limits, l);
3973 }
3974
3975 l->limits[type] = num;
3976
3977 return 0;
3978}
3979
3980int config_parse_blockio_device_weight(
3981 const char *unit,
3982 const char *filename,
3983 unsigned line,
3984 const char *section,
3985 unsigned section_line,
3986 const char *lvalue,
3987 int ltype,
3988 const char *rvalue,
3989 void *data,
3990 void *userdata) {
3991
3992 _cleanup_free_ char *path = NULL, *resolved = NULL;
3993 CGroupBlockIODeviceWeight *w;
3994 CGroupContext *c = data;
3995 const char *p = rvalue;
3996 uint64_t u;
3997 int r;
3998
3999 assert(filename);
4000 assert(lvalue);
4001 assert(rvalue);
4002
4003 if (isempty(rvalue)) {
4004 while (c->blockio_device_weights)
4005 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
4006
4007 return 0;
4008 }
4009
4010 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4011 if (r == -ENOMEM)
4012 return log_oom();
4013 if (r < 0) {
4014 log_syntax(unit, LOG_WARNING, filename, line, r,
4015 "Invalid syntax, ignoring: %s", rvalue);
4016 return 0;
4017 }
4018 if (r == 0 || isempty(p)) {
4019 log_syntax(unit, LOG_WARNING, filename, line, 0,
4020 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
4021 return 0;
4022 }
4023
4024 r = unit_full_printf(userdata, path, &resolved);
4025 if (r < 0) {
4026 log_syntax(unit, LOG_WARNING, filename, line, r,
4027 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4028 return 0;
4029 }
4030
4031 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4032 if (r < 0)
4033 return 0;
4034
4035 r = cg_blkio_weight_parse(p, &u);
4036 if (r < 0) {
4037 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
4038 return 0;
4039 }
4040
4041 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
4042
4043 w = new0(CGroupBlockIODeviceWeight, 1);
4044 if (!w)
4045 return log_oom();
4046
4047 w->path = TAKE_PTR(resolved);
4048 w->weight = u;
4049
4050 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
4051 return 0;
4052}
4053
4054int config_parse_blockio_bandwidth(
4055 const char *unit,
4056 const char *filename,
4057 unsigned line,
4058 const char *section,
4059 unsigned section_line,
4060 const char *lvalue,
4061 int ltype,
4062 const char *rvalue,
4063 void *data,
4064 void *userdata) {
4065
4066 _cleanup_free_ char *path = NULL, *resolved = NULL;
4067 CGroupBlockIODeviceBandwidth *b = NULL, *t;
4068 CGroupContext *c = data;
4069 const char *p = rvalue;
4070 uint64_t bytes;
4071 bool read;
4072 int r;
4073
4074 assert(filename);
4075 assert(lvalue);
4076 assert(rvalue);
4077
4078 read = streq("BlockIOReadBandwidth", lvalue);
4079
4080 if (isempty(rvalue)) {
4081 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
4082 b->rbps = CGROUP_LIMIT_MAX;
4083 b->wbps = CGROUP_LIMIT_MAX;
4084 }
4085 return 0;
4086 }
4087
4088 r = extract_first_word(&p, &path, NULL, EXTRACT_UNQUOTE);
4089 if (r == -ENOMEM)
4090 return log_oom();
4091 if (r < 0) {
4092 log_syntax(unit, LOG_WARNING, filename, line, r,
4093 "Invalid syntax, ignoring: %s", rvalue);
4094 return 0;
4095 }
4096 if (r == 0 || isempty(p)) {
4097 log_syntax(unit, LOG_WARNING, filename, line, 0,
4098 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
4099 return 0;
4100 }
4101
4102 r = unit_full_printf(userdata, path, &resolved);
4103 if (r < 0) {
4104 log_syntax(unit, LOG_WARNING, filename, line, r,
4105 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
4106 return 0;
4107 }
4108
4109 r = path_simplify_and_warn(resolved, 0, unit, filename, line, lvalue);
4110 if (r < 0)
4111 return 0;
4112
4113 r = parse_size(p, 1000, &bytes);
4114 if (r < 0 || bytes <= 0) {
4115 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
4116 return 0;
4117 }
4118
4119 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
4120 if (path_equal(resolved, t->path)) {
4121 b = t;
4122 break;
4123 }
4124 }
4125
4126 if (!t) {
4127 b = new0(CGroupBlockIODeviceBandwidth, 1);
4128 if (!b)
4129 return log_oom();
4130
4131 b->path = TAKE_PTR(resolved);
4132 b->rbps = CGROUP_LIMIT_MAX;
4133 b->wbps = CGROUP_LIMIT_MAX;
4134
4135 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
4136 }
4137
4138 if (read)
4139 b->rbps = bytes;
4140 else
4141 b->wbps = bytes;
4142
4143 return 0;
4144}
4145
4146int config_parse_job_mode_isolate(
4147 const char *unit,
4148 const char *filename,
4149 unsigned line,
4150 const char *section,
4151 unsigned section_line,
4152 const char *lvalue,
4153 int ltype,
4154 const char *rvalue,
4155 void *data,
4156 void *userdata) {
4157
4158 JobMode *m = data;
4159 int r;
4160
4161 assert(filename);
4162 assert(lvalue);
4163 assert(rvalue);
4164
4165 r = parse_boolean(rvalue);
4166 if (r < 0) {
4167 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
4168 return 0;
4169 }
4170
4171 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
4172
4173 *m = r ? JOB_ISOLATE : JOB_REPLACE;
4174 return 0;
4175}
4176
4177int config_parse_exec_directories(
4178 const char *unit,
4179 const char *filename,
4180 unsigned line,
4181 const char *section,
4182 unsigned section_line,
4183 const char *lvalue,
4184 int ltype,
4185 const char *rvalue,
4186 void *data,
4187 void *userdata) {
4188
4189 char***rt = data;
4190 const Unit *u = userdata;
4191 const char *p;
4192 int r;
4193
4194 assert(filename);
4195 assert(lvalue);
4196 assert(rvalue);
4197 assert(data);
4198
4199 if (isempty(rvalue)) {
4200 /* Empty assignment resets the list */
4201 *rt = strv_free(*rt);
4202 return 0;
4203 }
4204
4205 for (p = rvalue;;) {
4206 _cleanup_free_ char *word = NULL, *k = NULL;
4207
4208 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4209 if (r == -ENOMEM)
4210 return log_oom();
4211 if (r < 0) {
4212 log_syntax(unit, LOG_WARNING, filename, line, r,
4213 "Invalid syntax, ignoring: %s", rvalue);
4214 return 0;
4215 }
4216 if (r == 0)
4217 return 0;
4218
4219 r = unit_full_printf(u, word, &k);
4220 if (r < 0) {
4221 log_syntax(unit, LOG_ERR, filename, line, r,
4222 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
4223 continue;
4224 }
4225
4226 r = path_simplify_and_warn(k, PATH_CHECK_RELATIVE, unit, filename, line, lvalue);
4227 if (r < 0)
4228 continue;
4229
4230 if (path_startswith(k, "private")) {
4231 log_syntax(unit, LOG_ERR, filename, line, 0,
4232 "%s= path can't be 'private', ignoring assignment: %s", lvalue, word);
4233 continue;
4234 }
4235
4236 r = strv_push(rt, k);
4237 if (r < 0)
4238 return log_oom();
4239 k = NULL;
4240 }
4241}
4242
4243int config_parse_set_status(
4244 const char *unit,
4245 const char *filename,
4246 unsigned line,
4247 const char *section,
4248 unsigned section_line,
4249 const char *lvalue,
4250 int ltype,
4251 const char *rvalue,
4252 void *data,
4253 void *userdata) {
4254
4255 size_t l;
4256 const char *word, *state;
4257 int r;
4258 ExitStatusSet *status_set = data;
4259
4260 assert(filename);
4261 assert(lvalue);
4262 assert(rvalue);
4263 assert(data);
4264
4265 /* Empty assignment resets the list */
4266 if (isempty(rvalue)) {
4267 exit_status_set_free(status_set);
4268 return 0;
4269 }
4270
4271 FOREACH_WORD(word, l, rvalue, state) {
4272 _cleanup_free_ char *temp;
4273 Bitmap *bitmap;
4274
4275 temp = strndup(word, l);
4276 if (!temp)
4277 return log_oom();
4278
4279 /* We need to call exit_status_from_string() first, because we want
4280 * to parse numbers as exit statuses, not signals. */
4281
4282 r = exit_status_from_string(temp);
4283 if (r >= 0) {
4284 assert(r >= 0 && r < 256);
4285 bitmap = &status_set->status;
4286 } else {
4287 r = signal_from_string(temp);
4288
4289 if (r <= 0) {
4290 log_syntax(unit, LOG_ERR, filename, line, 0,
4291 "Failed to parse value, ignoring: %s", word);
4292 continue;
4293 }
4294 bitmap = &status_set->signal;
4295 }
4296
4297 r = bitmap_set(bitmap, r);
4298 if (r < 0)
4299 return log_error_errno(r, "Failed to set signal or status %s: %m", word);
4300 }
4301 if (!isempty(state))
4302 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
4303
4304 return 0;
4305}
4306
4307int config_parse_namespace_path_strv(
4308 const char *unit,
4309 const char *filename,
4310 unsigned line,
4311 const char *section,
4312 unsigned section_line,
4313 const char *lvalue,
4314 int ltype,
4315 const char *rvalue,
4316 void *data,
4317 void *userdata) {
4318
4319 const Unit *u = userdata;
4320 char*** sv = data;
4321 const char *p = rvalue;
4322 int r;
4323
4324 assert(filename);
4325 assert(lvalue);
4326 assert(rvalue);
4327 assert(data);
4328
4329 if (isempty(rvalue)) {
4330 /* Empty assignment resets the list */
4331 *sv = strv_free(*sv);
4332 return 0;
4333 }
4334
4335 for (;;) {
4336 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
4337 const char *w;
4338 bool ignore_enoent = false, shall_prefix = false;
4339
4340 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4341 if (r == 0)
4342 break;
4343 if (r == -ENOMEM)
4344 return log_oom();
4345 if (r < 0) {
4346 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4347 return 0;
4348 }
4349
4350 w = word;
4351 if (startswith(w, "-")) {
4352 ignore_enoent = true;
4353 w++;
4354 }
4355 if (startswith(w, "+")) {
4356 shall_prefix = true;
4357 w++;
4358 }
4359
4360 r = unit_full_printf(u, w, &resolved);
4361 if (r < 0) {
4362 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
4363 continue;
4364 }
4365
4366 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4367 if (r < 0)
4368 continue;
4369
4370 joined = strjoin(ignore_enoent ? "-" : "",
4371 shall_prefix ? "+" : "",
4372 resolved);
4373
4374 r = strv_push(sv, joined);
4375 if (r < 0)
4376 return log_oom();
4377
4378 joined = NULL;
4379 }
4380
4381 return 0;
4382}
4383
4384int config_parse_temporary_filesystems(
4385 const char *unit,
4386 const char *filename,
4387 unsigned line,
4388 const char *section,
4389 unsigned section_line,
4390 const char *lvalue,
4391 int ltype,
4392 const char *rvalue,
4393 void *data,
4394 void *userdata) {
4395
4396 const Unit *u = userdata;
4397 ExecContext *c = data;
4398 const char *p = rvalue;
4399 int r;
4400
4401 assert(filename);
4402 assert(lvalue);
4403 assert(rvalue);
4404 assert(data);
4405
4406 if (isempty(rvalue)) {
4407 /* Empty assignment resets the list */
4408 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
4409 c->temporary_filesystems = NULL;
4410 c->n_temporary_filesystems = 0;
4411 return 0;
4412 }
4413
4414 for (;;) {
4415 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
4416 const char *w;
4417
4418 r = extract_first_word(&p, &word, NULL, EXTRACT_UNQUOTE);
4419 if (r == 0)
4420 return 0;
4421 if (r == -ENOMEM)
4422 return log_oom();
4423 if (r < 0) {
4424 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
4425 return 0;
4426 }
4427
4428 w = word;
4429 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
4430 if (r == -ENOMEM)
4431 return log_oom();
4432 if (r < 0) {
4433 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
4434 continue;
4435 }
4436 if (r == 0) {
4437 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
4438 continue;
4439 }
4440
4441 r = unit_full_printf(u, path, &resolved);
4442 if (r < 0) {
4443 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
4444 continue;
4445 }
4446
4447 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4448 if (r < 0)
4449 continue;
4450
4451 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, resolved, w);
4452 if (r < 0)
4453 return log_oom();
4454 }
4455}
4456
4457int config_parse_bind_paths(
4458 const char *unit,
4459 const char *filename,
4460 unsigned line,
4461 const char *section,
4462 unsigned section_line,
4463 const char *lvalue,
4464 int ltype,
4465 const char *rvalue,
4466 void *data,
4467 void *userdata) {
4468
4469 ExecContext *c = data;
4470 const Unit *u = userdata;
4471 const char *p;
4472 int r;
4473
4474 assert(filename);
4475 assert(lvalue);
4476 assert(rvalue);
4477 assert(data);
4478
4479 if (isempty(rvalue)) {
4480 /* Empty assignment resets the list */
4481 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4482 c->bind_mounts = NULL;
4483 c->n_bind_mounts = 0;
4484 return 0;
4485 }
4486
4487 p = rvalue;
4488 for (;;) {
4489 _cleanup_free_ char *source = NULL, *destination = NULL;
4490 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4491 char *s = NULL, *d = NULL;
4492 bool rbind = true, ignore_enoent = false;
4493
4494 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS);
4495 if (r == 0)
4496 break;
4497 if (r == -ENOMEM)
4498 return log_oom();
4499 if (r < 0) {
4500 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4501 return 0;
4502 }
4503
4504 r = unit_full_printf(u, source, &sresolved);
4505 if (r < 0) {
4506 log_syntax(unit, LOG_ERR, filename, line, r,
4507 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4508 continue;
4509 }
4510
4511 s = sresolved;
4512 if (s[0] == '-') {
4513 ignore_enoent = true;
4514 s++;
4515 }
4516
4517 r = path_simplify_and_warn(s, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4518 if (r < 0)
4519 continue;
4520
4521 /* Optionally, the destination is specified. */
4522 if (p && p[-1] == ':') {
4523 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_UNQUOTE|EXTRACT_DONT_COALESCE_SEPARATORS);
4524 if (r == -ENOMEM)
4525 return log_oom();
4526 if (r < 0) {
4527 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s, ignoring: %s", lvalue, rvalue);
4528 return 0;
4529 }
4530 if (r == 0) {
4531 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':', ignoring: %s", s);
4532 continue;
4533 }
4534
4535 r = unit_full_printf(u, destination, &dresolved);
4536 if (r < 0) {
4537 log_syntax(unit, LOG_ERR, filename, line, r,
4538 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4539 continue;
4540 }
4541
4542 r = path_simplify_and_warn(dresolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4543 if (r < 0)
4544 continue;
4545
4546 d = dresolved;
4547
4548 /* Optionally, there's also a short option string specified */
4549 if (p && p[-1] == ':') {
4550 _cleanup_free_ char *options = NULL;
4551
4552 r = extract_first_word(&p, &options, NULL, EXTRACT_UNQUOTE);
4553 if (r == -ENOMEM)
4554 return log_oom();
4555 if (r < 0) {
4556 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4557 return 0;
4558 }
4559
4560 if (isempty(options) || streq(options, "rbind"))
4561 rbind = true;
4562 else if (streq(options, "norbind"))
4563 rbind = false;
4564 else {
4565 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4566 continue;
4567 }
4568 }
4569 } else
4570 d = s;
4571
4572 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4573 &(BindMount) {
4574 .source = s,
4575 .destination = d,
4576 .read_only = !!strstr(lvalue, "ReadOnly"),
4577 .recursive = rbind,
4578 .ignore_enoent = ignore_enoent,
4579 });
4580 if (r < 0)
4581 return log_oom();
4582 }
4583
4584 return 0;
4585}
4586
4587int config_parse_job_timeout_sec(
4588 const char* unit,
4589 const char *filename,
4590 unsigned line,
4591 const char *section,
4592 unsigned section_line,
4593 const char *lvalue,
4594 int ltype,
4595 const char *rvalue,
4596 void *data,
4597 void *userdata) {
4598
4599 Unit *u = data;
4600 usec_t usec;
4601 int r;
4602
4603 assert(filename);
4604 assert(lvalue);
4605 assert(rvalue);
4606 assert(u);
4607
4608 r = parse_sec_fix_0(rvalue, &usec);
4609 if (r < 0) {
4610 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4611 return 0;
4612 }
4613
4614 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4615 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4616 * count. */
4617
4618 if (!u->job_running_timeout_set)
4619 u->job_running_timeout = usec;
4620
4621 u->job_timeout = usec;
4622
4623 return 0;
4624}
4625
4626int config_parse_job_running_timeout_sec(
4627 const char* unit,
4628 const char *filename,
4629 unsigned line,
4630 const char *section,
4631 unsigned section_line,
4632 const char *lvalue,
4633 int ltype,
4634 const char *rvalue,
4635 void *data,
4636 void *userdata) {
4637
4638 Unit *u = data;
4639 usec_t usec;
4640 int r;
4641
4642 assert(filename);
4643 assert(lvalue);
4644 assert(rvalue);
4645 assert(u);
4646
4647 r = parse_sec_fix_0(rvalue, &usec);
4648 if (r < 0) {
4649 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4650 return 0;
4651 }
4652
4653 u->job_running_timeout = usec;
4654 u->job_running_timeout_set = true;
4655
4656 return 0;
4657}
4658
4659int config_parse_emergency_action(
4660 const char* unit,
4661 const char *filename,
4662 unsigned line,
4663 const char *section,
4664 unsigned section_line,
4665 const char *lvalue,
4666 int ltype,
4667 const char *rvalue,
4668 void *data,
4669 void *userdata) {
4670
4671 Manager *m = NULL;
4672 EmergencyAction *x = data;
4673 int r;
4674
4675 assert(filename);
4676 assert(lvalue);
4677 assert(rvalue);
4678 assert(data);
4679
4680 if (unit)
4681 m = ((Unit*) userdata)->manager;
4682 else
4683 m = data;
4684
4685 r = parse_emergency_action(rvalue, MANAGER_IS_SYSTEM(m), x);
4686 if (r < 0) {
4687 if (r == -EOPNOTSUPP && MANAGER_IS_USER(m)) {
4688 /* Compat mode: remove for systemd 241. */
4689
4690 log_syntax(unit, LOG_INFO, filename, line, r,
4691 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
4692 lvalue, rvalue);
4693 *x = EMERGENCY_ACTION_EXIT_FORCE;
4694 return 0;
4695 }
4696
4697 if (r == -EOPNOTSUPP)
4698 log_syntax(unit, LOG_ERR, filename, line, r,
4699 "%s= specified as %s mode action, ignoring: %s",
4700 lvalue, MANAGER_IS_SYSTEM(m) ? "user" : "system", rvalue);
4701 else
4702 log_syntax(unit, LOG_ERR, filename, line, r,
4703 "Failed to parse %s=, ignoring: %s", lvalue, rvalue);
4704 return 0;
4705 }
4706
4707 return 0;
4708}
4709
4710int config_parse_pid_file(
4711 const char *unit,
4712 const char *filename,
4713 unsigned line,
4714 const char *section,
4715 unsigned section_line,
4716 const char *lvalue,
4717 int ltype,
4718 const char *rvalue,
4719 void *data,
4720 void *userdata) {
4721
4722 _cleanup_free_ char *k = NULL, *n = NULL;
4723 const Unit *u = userdata;
4724 char **s = data;
4725 int r;
4726
4727 assert(filename);
4728 assert(lvalue);
4729 assert(rvalue);
4730 assert(u);
4731
4732 if (isempty(rvalue)) {
4733 /* An empty assignment removes already set value. */
4734 *s = mfree(*s);
4735 return 0;
4736 }
4737
4738 r = unit_full_printf(u, rvalue, &k);
4739 if (r < 0) {
4740 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
4741 return 0;
4742 }
4743
4744 /* If this is a relative path make it absolute by prefixing the /run */
4745 n = path_make_absolute(k, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
4746 if (!n)
4747 return log_oom();
4748
4749 /* Check that the result is a sensible path */
4750 r = path_simplify_and_warn(n, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4751 if (r < 0)
4752 return r;
4753
4754 r = patch_var_run(unit, filename, line, lvalue, &n);
4755 if (r < 0)
4756 return r;
4757
4758 free_and_replace(*s, n);
4759 return 0;
4760}
4761
4762int config_parse_exit_status(
4763 const char *unit,
4764 const char *filename,
4765 unsigned line,
4766 const char *section,
4767 unsigned section_line,
4768 const char *lvalue,
4769 int ltype,
4770 const char *rvalue,
4771 void *data,
4772 void *userdata) {
4773
4774 int *exit_status = data, r;
4775 uint8_t u;
4776
4777 assert(filename);
4778 assert(lvalue);
4779 assert(rvalue);
4780 assert(exit_status);
4781
4782 if (isempty(rvalue)) {
4783 *exit_status = -1;
4784 return 0;
4785 }
4786
4787 r = safe_atou8(rvalue, &u);
4788 if (r < 0) {
4789 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse exit status '%s', ignoring: %m", rvalue);
4790 return 0;
4791 }
4792
4793 *exit_status = u;
4794 return 0;
4795}
4796
4797int config_parse_disable_controllers(
4798 const char *unit,
4799 const char *filename,
4800 unsigned line,
4801 const char *section,
4802 unsigned section_line,
4803 const char *lvalue,
4804 int ltype,
4805 const char *rvalue,
4806 void *data,
4807 void *userdata) {
4808
4809 int r;
4810 CGroupContext *c = data;
4811 CGroupMask disabled_mask;
4812
4813 /* 1. If empty, make all controllers eligible for use again.
4814 * 2. If non-empty, merge all listed controllers, space separated. */
4815
4816 if (isempty(rvalue)) {
4817 c->disable_controllers = 0;
4818 return 0;
4819 }
4820
4821 r = cg_mask_from_string(rvalue, &disabled_mask);
4822 if (r < 0 || disabled_mask <= 0) {
4823 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid cgroup string: %s, ignoring", rvalue);
4824 return 0;
4825 }
4826
4827 c->disable_controllers |= disabled_mask;
4828
4829 return 0;
4830}
4831
4832int config_parse_ip_filter_bpf_progs(
4833 const char *unit,
4834 const char *filename,
4835 unsigned line,
4836 const char *section,
4837 unsigned section_line,
4838 const char *lvalue,
4839 int ltype,
4840 const char *rvalue,
4841 void *data,
4842 void *userdata) {
4843
4844 _cleanup_free_ char *resolved = NULL;
4845 const Unit *u = userdata;
4846 char ***paths = data;
4847 int r;
4848
4849 assert(filename);
4850 assert(lvalue);
4851 assert(rvalue);
4852 assert(paths);
4853
4854 if (isempty(rvalue)) {
4855 *paths = strv_free(*paths);
4856 return 0;
4857 }
4858
4859 r = unit_full_printf(u, rvalue, &resolved);
4860 if (r < 0) {
4861 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
4862 return 0;
4863 }
4864
4865 r = path_simplify_and_warn(resolved, PATH_CHECK_ABSOLUTE, unit, filename, line, lvalue);
4866 if (r < 0)
4867 return 0;
4868
4869 if (strv_contains(*paths, resolved))
4870 return 0;
4871
4872 r = strv_extend(paths, resolved);
4873 if (r < 0)
4874 return log_oom();
4875
4876 r = bpf_firewall_supported();
4877 if (r < 0)
4878 return r;
4879 if (r != BPF_FIREWALL_SUPPORTED_WITH_MULTI) {
4880 static bool warned = false;
4881
4882 log_full(warned ? LOG_DEBUG : LOG_WARNING,
4883 "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n"
4884 "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename, line, lvalue, rvalue);
4885
4886 warned = true;
4887 }
4888
4889 return 0;
4890}
4891
4892static int merge_by_names(Unit **u, Set *names, const char *id) {
4893 char *k;
4894 int r;
4895
4896 assert(u);
4897 assert(*u);
4898
4899 /* Let's try to add in all names that are aliases of this unit */
4900 while ((k = set_steal_first(names))) {
4901 _cleanup_free_ _unused_ char *free_k = k;
4902
4903 /* First try to merge in the other name into our unit */
4904 r = unit_merge_by_name(*u, k);
4905 if (r < 0) {
4906 Unit *other;
4907
4908 /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way
4909 * round. */
4910
4911 other = manager_get_unit((*u)->manager, k);
4912 if (!other)
4913 return r; /* return previous failure */
4914
4915 r = unit_merge(other, *u);
4916 if (r < 0)
4917 return r;
4918
4919 *u = other;
4920 return merge_by_names(u, names, NULL);
4921 }
4922
4923 if (streq_ptr(id, k))
4924 unit_choose_id(*u, id);
4925 }
4926
4927 return 0;
4928}
4929
4930int unit_load_fragment(Unit *u) {
4931 const char *fragment;
4932 _cleanup_set_free_free_ Set *names = NULL;
4933 int r;
4934
4935 assert(u);
4936 assert(u->load_state == UNIT_STUB);
4937 assert(u->id);
4938
4939 if (u->transient) {
4940 u->load_state = UNIT_LOADED;
4941 return 0;
4942 }
4943
4944 /* Possibly rebuild the fragment map to catch new units */
4945 r = unit_file_build_name_map(&u->manager->lookup_paths,
4946 &u->manager->unit_cache_mtime,
4947 &u->manager->unit_id_map,
4948 &u->manager->unit_name_map,
4949 &u->manager->unit_path_cache);
4950 if (r < 0)
4951 return log_error_errno(r, "Failed to rebuild name map: %m");
4952
4953 r = unit_file_find_fragment(u->manager->unit_id_map,
4954 u->manager->unit_name_map,
4955 u->id,
4956 &fragment,
4957 &names);
4958 if (r < 0 && r != -ENOENT)
4959 return r;
4960
4961 if (fragment) {
4962 /* Open the file, check if this is a mask, otherwise read. */
4963 _cleanup_fclose_ FILE *f = NULL;
4964 struct stat st;
4965
4966 /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
4967 * expect that all symlinks within the lookup paths have been already resolved, but we don't
4968 * verify this here. */
4969 f = fopen(fragment, "re");
4970 if (!f)
4971 return log_unit_notice_errno(u, errno, "Failed to open %s: %m", fragment);
4972
4973 if (fstat(fileno(f), &st) < 0)
4974 return -errno;
4975
4976 r = free_and_strdup(&u->fragment_path, fragment);
4977 if (r < 0)
4978 return r;
4979
4980 if (null_or_empty(&st)) {
4981 /* Unit file is masked */
4982
4983 u->load_state = u->perpetual ? UNIT_LOADED : UNIT_MASKED; /* don't allow perpetual units to ever be masked */
4984 u->fragment_mtime = 0;
4985 } else {
4986 u->load_state = UNIT_LOADED;
4987 u->fragment_mtime = timespec_load(&st.st_mtim);
4988
4989 /* Now, parse the file contents */
4990 r = config_parse(u->id, fragment, f,
4991 UNIT_VTABLE(u)->sections,
4992 config_item_perf_lookup, load_fragment_gperf_lookup,
4993 0,
4994 u,
4995 NULL);
4996 if (r == -ENOEXEC)
4997 log_unit_notice_errno(u, r, "Unit configuration has fatal error, unit will not be started.");
4998 if (r < 0)
4999 return r;
5000 }
5001 }
5002
5003 /* We do the merge dance here because for some unit types, the unit might have aliases which are not
5004 * declared in the file system. In particular, this is true (and frequent) for device and swap units.
5005 */
5006 Unit *merged;
5007 const char *id = u->id;
5008 _cleanup_free_ char *free_id = NULL;
5009
5010 if (fragment) {
5011 id = basename(fragment);
5012 if (unit_name_is_valid(id, UNIT_NAME_TEMPLATE)) {
5013 assert(u->instance); /* If we're not trying to use a template for non-instanced unit,
5014 * this must be set. */
5015
5016 r = unit_name_replace_instance(id, u->instance, &free_id);
5017 if (r < 0)
5018 return log_debug_errno(r, "Failed to build id (%s + %s): %m", id, u->instance);
5019 id = free_id;
5020 }
5021 }
5022
5023 merged = u;
5024 r = merge_by_names(&merged, names, id);
5025 if (r < 0)
5026 return r;
5027
5028 if (merged != u)
5029 u->load_state = UNIT_MERGED;
5030
5031 return 0;
5032}
5033
5034void unit_dump_config_items(FILE *f) {
5035 static const struct {
5036 const ConfigParserCallback callback;
5037 const char *rvalue;
5038 } table[] = {
5039 { config_parse_warn_compat, "NOTSUPPORTED" },
5040 { config_parse_int, "INTEGER" },
5041 { config_parse_unsigned, "UNSIGNED" },
5042 { config_parse_iec_size, "SIZE" },
5043 { config_parse_iec_uint64, "SIZE" },
5044 { config_parse_si_uint64, "SIZE" },
5045 { config_parse_bool, "BOOLEAN" },
5046 { config_parse_string, "STRING" },
5047 { config_parse_path, "PATH" },
5048 { config_parse_unit_path_printf, "PATH" },
5049 { config_parse_strv, "STRING [...]" },
5050 { config_parse_exec_nice, "NICE" },
5051 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
5052 { config_parse_exec_io_class, "IOCLASS" },
5053 { config_parse_exec_io_priority, "IOPRIORITY" },
5054 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
5055 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
5056 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
5057 { config_parse_mode, "MODE" },
5058 { config_parse_unit_env_file, "FILE" },
5059 { config_parse_exec_output, "OUTPUT" },
5060 { config_parse_exec_input, "INPUT" },
5061 { config_parse_log_facility, "FACILITY" },
5062 { config_parse_log_level, "LEVEL" },
5063 { config_parse_exec_secure_bits, "SECUREBITS" },
5064 { config_parse_capability_set, "BOUNDINGSET" },
5065 { config_parse_rlimit, "LIMIT" },
5066 { config_parse_unit_deps, "UNIT [...]" },
5067 { config_parse_exec, "PATH [ARGUMENT [...]]" },
5068 { config_parse_service_type, "SERVICETYPE" },
5069 { config_parse_service_restart, "SERVICERESTART" },
5070 { config_parse_service_timeout_failure_mode, "TIMEOUTMODE" },
5071 { config_parse_kill_mode, "KILLMODE" },
5072 { config_parse_signal, "SIGNAL" },
5073 { config_parse_socket_listen, "SOCKET [...]" },
5074 { config_parse_socket_bind, "SOCKETBIND" },
5075 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
5076 { config_parse_sec, "SECONDS" },
5077 { config_parse_nsec, "NANOSECONDS" },
5078 { config_parse_namespace_path_strv, "PATH [...]" },
5079 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
5080 { config_parse_unit_requires_mounts_for, "PATH [...]" },
5081 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
5082 { config_parse_unit_string_printf, "STRING" },
5083 { config_parse_trigger_unit, "UNIT" },
5084 { config_parse_timer, "TIMER" },
5085 { config_parse_path_spec, "PATH" },
5086 { config_parse_notify_access, "ACCESS" },
5087 { config_parse_ip_tos, "TOS" },
5088 { config_parse_unit_condition_path, "CONDITION" },
5089 { config_parse_unit_condition_string, "CONDITION" },
5090 { config_parse_unit_condition_null, "CONDITION" },
5091 { config_parse_unit_slice, "SLICE" },
5092 { config_parse_documentation, "URL" },
5093 { config_parse_service_timeout, "SECONDS" },
5094 { config_parse_emergency_action, "ACTION" },
5095 { config_parse_set_status, "STATUS" },
5096 { config_parse_service_sockets, "SOCKETS" },
5097 { config_parse_environ, "ENVIRON" },
5098#if HAVE_SECCOMP
5099 { config_parse_syscall_filter, "SYSCALLS" },
5100 { config_parse_syscall_archs, "ARCHS" },
5101 { config_parse_syscall_errno, "ERRNO" },
5102 { config_parse_address_families, "FAMILIES" },
5103 { config_parse_restrict_namespaces, "NAMESPACES" },
5104#endif
5105 { config_parse_cpu_shares, "SHARES" },
5106 { config_parse_cg_weight, "WEIGHT" },
5107 { config_parse_memory_limit, "LIMIT" },
5108 { config_parse_device_allow, "DEVICE" },
5109 { config_parse_device_policy, "POLICY" },
5110 { config_parse_io_limit, "LIMIT" },
5111 { config_parse_io_device_weight, "DEVICEWEIGHT" },
5112 { config_parse_io_device_latency, "DEVICELATENCY" },
5113 { config_parse_blockio_bandwidth, "BANDWIDTH" },
5114 { config_parse_blockio_weight, "WEIGHT" },
5115 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
5116 { config_parse_long, "LONG" },
5117 { config_parse_socket_service, "SERVICE" },
5118#if HAVE_SELINUX
5119 { config_parse_exec_selinux_context, "LABEL" },
5120#endif
5121 { config_parse_job_mode, "MODE" },
5122 { config_parse_job_mode_isolate, "BOOLEAN" },
5123 { config_parse_personality, "PERSONALITY" },
5124 };
5125
5126 const char *prev = NULL;
5127 const char *i;
5128
5129 assert(f);
5130
5131 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
5132 const char *rvalue = "OTHER", *lvalue;
5133 const ConfigPerfItem *p;
5134 size_t prefix_len;
5135 const char *dot;
5136 unsigned j;
5137
5138 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
5139
5140 /* Hide legacy settings */
5141 if (p->parse == config_parse_warn_compat &&
5142 p->ltype == DISABLED_LEGACY)
5143 continue;
5144
5145 for (j = 0; j < ELEMENTSOF(table); j++)
5146 if (p->parse == table[j].callback) {
5147 rvalue = table[j].rvalue;
5148 break;
5149 }
5150
5151 dot = strchr(i, '.');
5152 lvalue = dot ? dot + 1 : i;
5153 prefix_len = dot-i;
5154
5155 if (dot)
5156 if (!prev || !strneq(prev, i, prefix_len+1)) {
5157 if (prev)
5158 fputc('\n', f);
5159
5160 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
5161 }
5162
5163 fprintf(f, "%s=%s\n", lvalue, rvalue);
5164 prev = i;
5165 }
5166}
5167
5168int config_parse_cpu_affinity2(
5169 const char *unit,
5170 const char *filename,
5171 unsigned line,
5172 const char *section,
5173 unsigned section_line,
5174 const char *lvalue,
5175 int ltype,
5176 const char *rvalue,
5177 void *data,
5178 void *userdata) {
5179
5180 CPUSet *affinity = data;
5181
5182 assert(affinity);
5183
5184 (void) parse_cpu_set_extend(rvalue, affinity, true, unit, filename, line, lvalue);
5185
5186 return 0;
5187}
5188
5189int config_parse_show_status(
5190 const char* unit,
5191 const char *filename,
5192 unsigned line,
5193 const char *section,
5194 unsigned section_line,
5195 const char *lvalue,
5196 int ltype,
5197 const char *rvalue,
5198 void *data,
5199 void *userdata) {
5200
5201 int k;
5202 ShowStatus *b = data;
5203
5204 assert(filename);
5205 assert(lvalue);
5206 assert(rvalue);
5207 assert(data);
5208
5209 k = parse_show_status(rvalue, b);
5210 if (k < 0) {
5211 log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
5212 return 0;
5213 }
5214
5215 return 0;
5216}
5217
5218int config_parse_output_restricted(
5219 const char* unit,
5220 const char *filename,
5221 unsigned line,
5222 const char *section,
5223 unsigned section_line,
5224 const char *lvalue,
5225 int ltype,
5226 const char *rvalue,
5227 void *data,
5228 void *userdata) {
5229
5230 ExecOutput t, *eo = data;
5231 bool obsolete = false;
5232
5233 assert(filename);
5234 assert(lvalue);
5235 assert(rvalue);
5236 assert(data);
5237
5238 if (streq(rvalue, "syslog")) {
5239 t = EXEC_OUTPUT_JOURNAL;
5240 obsolete = true;
5241 } else if (streq(rvalue, "syslog+console")) {
5242 t = EXEC_OUTPUT_JOURNAL_AND_CONSOLE;
5243 obsolete = true;
5244 } else {
5245 t = exec_output_from_string(rvalue);
5246 if (t < 0) {
5247 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output type, ignoring: %s", rvalue);
5248 return 0;
5249 }
5250
5251 if (IN_SET(t, EXEC_OUTPUT_SOCKET, EXEC_OUTPUT_NAMED_FD, EXEC_OUTPUT_FILE, EXEC_OUTPUT_FILE_APPEND)) {
5252 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard output types socket, fd:, file:, append: are not supported as defaults, ignoring: %s", rvalue);
5253 return 0;
5254 }
5255 }
5256
5257 if (obsolete)
5258 log_syntax(unit, LOG_NOTICE, filename, line, 0,
5259 "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.",
5260 rvalue, exec_output_to_string(t));
5261
5262 *eo = t;
5263 return 0;
5264}
5265
5266int config_parse_crash_chvt(
5267 const char* unit,
5268 const char *filename,
5269 unsigned line,
5270 const char *section,
5271 unsigned section_line,
5272 const char *lvalue,
5273 int ltype,
5274 const char *rvalue,
5275 void *data,
5276 void *userdata) {
5277
5278 int r;
5279
5280 assert(filename);
5281 assert(lvalue);
5282 assert(rvalue);
5283 assert(data);
5284
5285 r = parse_crash_chvt(rvalue, data);
5286 if (r < 0) {
5287 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
5288 return 0;
5289 }
5290
5291 return 0;
5292}
5293
5294int config_parse_swap_priority(
5295 const char *unit,
5296 const char *filename,
5297 unsigned line,
5298 const char *section,
5299 unsigned section_line,
5300 const char *lvalue,
5301 int ltype,
5302 const char *rvalue,
5303 void *data,
5304 void *userdata) {
5305
5306 Swap *s = userdata;
5307 int r, priority;
5308
5309 assert(s);
5310 assert(filename);
5311 assert(lvalue);
5312 assert(rvalue);
5313 assert(data);
5314
5315 if (isempty(rvalue)) {
5316 s->parameters_fragment.priority = -1;
5317 s->parameters_fragment.priority_set = false;
5318 return 0;
5319 }
5320
5321 r = safe_atoi(rvalue, &priority);
5322 if (r < 0) {
5323 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid swap priority '%s', ignoring.", rvalue);
5324 return 0;
5325 }
5326
5327 if (priority < -1) {
5328 log_syntax(unit, LOG_ERR, filename, line, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue);
5329 return 0;
5330 }
5331
5332 if (priority > 32767) {
5333 log_syntax(unit, LOG_ERR, filename, line, 0, "Swap priority out of range, ignoring: %s", rvalue);
5334 return 0;
5335 }
5336
5337 s->parameters_fragment.priority = priority;
5338 s->parameters_fragment.priority_set = true;
5339 return 0;
5340}
Unnamed repository; edit this file 'description' to name the repository.