]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:


0d9a6b32c66f75b3b6a2b34f6750755a4d9eeee7
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/prctl.h>
12 #include <sys/stat.h>
13 #include <unistd.h>
14
15 #include "sd-id128.h"
16 #include "sd-messages.h"
17
18 #include "alloc-util.h"
19 #include "all-units.h"
20 #include "bus-common-errors.h"
21 #include "bus-util.h"
22 #include "cgroup-util.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "fs-util.h"
32 #include "id128-util.h"
33 #include "io-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "macro.h"
38 #include "missing.h"
39 #include "mkdir.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "process-util.h"
43 #include "set.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
46 #include "special.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
52 #include "strv.h"
53 #include "umask-util.h"
54 #include "unit-name.h"
55 #include "unit.h"
56 #include "user-util.h"
57 #include "virt.h"
58
59 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
60 [UNIT_SERVICE] = &service_vtable,
61 [UNIT_SOCKET] = &socket_vtable,
62 [UNIT_TARGET] = &target_vtable,
63 [UNIT_DEVICE] = &device_vtable,
64 [UNIT_MOUNT] = &mount_vtable,
65 [UNIT_AUTOMOUNT] = &automount_vtable,
66 [UNIT_SWAP] = &swap_vtable,
67 [UNIT_TIMER] = &timer_vtable,
68 [UNIT_PATH] = &path_vtable,
69 [UNIT_SLICE] = &slice_vtable,
70 [UNIT_SCOPE] = &scope_vtable,
71 };
72
73 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
74
75 Unit *unit_new(Manager *m, size_t size) {
76 Unit *u;
77
78 assert(m);
79 assert(size >= sizeof(Unit));
80
81 u = malloc0(size);
82 if (!u)
83 return NULL;
84
85 u->names = set_new(&string_hash_ops);
86 if (!u->names)
87 return mfree(u);
88
89 u->manager = m;
90 u->type = _UNIT_TYPE_INVALID;
91 u->default_dependencies = true;
92 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
93 u->unit_file_preset = -1;
94 u->on_failure_job_mode = JOB_REPLACE;
95 u->cgroup_inotify_wd = -1;
96 u->job_timeout = USEC_INFINITY;
97 u->job_running_timeout = USEC_INFINITY;
98 u->ref_uid = UID_INVALID;
99 u->ref_gid = GID_INVALID;
100 u->cpu_usage_last = NSEC_INFINITY;
101 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 static void bidi_set_free(Unit *u, Hashmap *h) {
447 Unit *other;
448 Iterator i;
449 void *v;
450
451 assert(u);
452
453 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
454
455 HASHMAP_FOREACH_KEY(v, other, h, i) {
456 UnitDependency d;
457
458 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
459 hashmap_remove(other->dependencies[d], u);
460
461 unit_add_to_gc_queue(other);
462 }
463
464 hashmap_free(h);
465 }
466
467 static void unit_remove_transient(Unit *u) {
468 char **i;
469
470 assert(u);
471
472 if (!u->transient)
473 return;
474
475 if (u->fragment_path)
476 (void) unlink(u->fragment_path);
477
478 STRV_FOREACH(i, u->dropin_paths) {
479 _cleanup_free_ char *p = NULL, *pp = NULL;
480
481 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
482 if (!p)
483 continue;
484
485 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
486 if (!pp)
487 continue;
488
489 /* Only drop transient drop-ins */
490 if (!path_equal(u->manager->lookup_paths.transient, pp))
491 continue;
492
493 (void) unlink(*i);
494 (void) rmdir(p);
495 }
496 }
497
498 static void unit_free_requires_mounts_for(Unit *u) {
499 assert(u);
500
501 for (;;) {
502 _cleanup_free_ char *path;
503
504 path = hashmap_steal_first_key(u->requires_mounts_for);
505 if (!path)
506 break;
507 else {
508 char s[strlen(path) + 1];
509
510 PATH_FOREACH_PREFIX_MORE(s, path) {
511 char *y;
512 Set *x;
513
514 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
515 if (!x)
516 continue;
517
518 (void) set_remove(x, u);
519
520 if (set_isempty(x)) {
521 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
522 free(y);
523 set_free(x);
524 }
525 }
526 }
527 }
528
529 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
530 }
531
532 static void unit_done(Unit *u) {
533 ExecContext *ec;
534 CGroupContext *cc;
535
536 assert(u);
537
538 if (u->type < 0)
539 return;
540
541 if (UNIT_VTABLE(u)->done)
542 UNIT_VTABLE(u)->done(u);
543
544 ec = unit_get_exec_context(u);
545 if (ec)
546 exec_context_done(ec);
547
548 cc = unit_get_cgroup_context(u);
549 if (cc)
550 cgroup_context_done(cc);
551 }
552
553 void unit_free(Unit *u) {
554 UnitDependency d;
555 Iterator i;
556 char *t;
557
558 if (!u)
559 return;
560
561 u->transient_file = safe_fclose(u->transient_file);
562
563 if (!MANAGER_IS_RELOADING(u->manager))
564 unit_remove_transient(u);
565
566 bus_unit_send_removed_signal(u);
567
568 unit_done(u);
569
570 unit_dequeue_rewatch_pids(u);
571
572 sd_bus_slot_unref(u->match_bus_slot);
573 sd_bus_track_unref(u->bus_track);
574 u->deserialized_refs = strv_free(u->deserialized_refs);
575
576 unit_free_requires_mounts_for(u);
577
578 SET_FOREACH(t, u->names, i)
579 hashmap_remove_value(u->manager->units, t, u);
580
581 if (!sd_id128_is_null(u->invocation_id))
582 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
583
584 if (u->job) {
585 Job *j = u->job;
586 job_uninstall(j);
587 job_free(j);
588 }
589
590 if (u->nop_job) {
591 Job *j = u->nop_job;
592 job_uninstall(j);
593 job_free(j);
594 }
595
596 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
597 bidi_set_free(u, u->dependencies[d]);
598
599 if (u->on_console)
600 manager_unref_console(u->manager);
601
602 unit_release_cgroup(u);
603
604 if (!MANAGER_IS_RELOADING(u->manager))
605 unit_unlink_state_files(u);
606
607 unit_unref_uid_gid(u, false);
608
609 (void) manager_update_failed_units(u->manager, u, false);
610 set_remove(u->manager->startup_units, u);
611
612 unit_unwatch_all_pids(u);
613
614 unit_ref_unset(&u->slice);
615 while (u->refs_by_target)
616 unit_ref_unset(u->refs_by_target);
617
618 if (u->type != _UNIT_TYPE_INVALID)
619 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
620
621 if (u->in_load_queue)
622 LIST_REMOVE(load_queue, u->manager->load_queue, u);
623
624 if (u->in_dbus_queue)
625 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
626
627 if (u->in_gc_queue)
628 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
629
630 if (u->in_cgroup_realize_queue)
631 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
632
633 if (u->in_cgroup_empty_queue)
634 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
635
636 if (u->in_cleanup_queue)
637 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
638
639 if (u->in_target_deps_queue)
640 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
641
642 safe_close(u->ip_accounting_ingress_map_fd);
643 safe_close(u->ip_accounting_egress_map_fd);
644
645 safe_close(u->ipv4_allow_map_fd);
646 safe_close(u->ipv6_allow_map_fd);
647 safe_close(u->ipv4_deny_map_fd);
648 safe_close(u->ipv6_deny_map_fd);
649
650 bpf_program_unref(u->ip_bpf_ingress);
651 bpf_program_unref(u->ip_bpf_ingress_installed);
652 bpf_program_unref(u->ip_bpf_egress);
653 bpf_program_unref(u->ip_bpf_egress_installed);
654
655 condition_free_list(u->conditions);
656 condition_free_list(u->asserts);
657
658 free(u->description);
659 strv_free(u->documentation);
660 free(u->fragment_path);
661 free(u->source_path);
662 strv_free(u->dropin_paths);
663 free(u->instance);
664
665 free(u->job_timeout_reboot_arg);
666
667 set_free_free(u->names);
668
669 free(u->reboot_arg);
670
671 free(u);
672 }
673
674 UnitActiveState unit_active_state(Unit *u) {
675 assert(u);
676
677 if (u->load_state == UNIT_MERGED)
678 return unit_active_state(unit_follow_merge(u));
679
680 /* After a reload it might happen that a unit is not correctly
681 * loaded but still has a process around. That's why we won't
682 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
683
684 return UNIT_VTABLE(u)->active_state(u);
685 }
686
687 const char* unit_sub_state_to_string(Unit *u) {
688 assert(u);
689
690 return UNIT_VTABLE(u)->sub_state_to_string(u);
691 }
692
693 static int set_complete_move(Set **s, Set **other) {
694 assert(s);
695 assert(other);
696
697 if (!other)
698 return 0;
699
700 if (*s)
701 return set_move(*s, *other);
702 else
703 *s = TAKE_PTR(*other);
704
705 return 0;
706 }
707
708 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
709 assert(s);
710 assert(other);
711
712 if (!*other)
713 return 0;
714
715 if (*s)
716 return hashmap_move(*s, *other);
717 else
718 *s = TAKE_PTR(*other);
719
720 return 0;
721 }
722
723 static int merge_names(Unit *u, Unit *other) {
724 char *t;
725 Iterator i;
726 int r;
727
728 assert(u);
729 assert(other);
730
731 r = set_complete_move(&u->names, &other->names);
732 if (r < 0)
733 return r;
734
735 set_free_free(other->names);
736 other->names = NULL;
737 other->id = NULL;
738
739 SET_FOREACH(t, u->names, i)
740 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
741
742 return 0;
743 }
744
745 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
746 unsigned n_reserve;
747
748 assert(u);
749 assert(other);
750 assert(d < _UNIT_DEPENDENCY_MAX);
751
752 /*
753 * If u does not have this dependency set allocated, there is no need
754 * to reserve anything. In that case other's set will be transferred
755 * as a whole to u by complete_move().
756 */
757 if (!u->dependencies[d])
758 return 0;
759
760 /* merge_dependencies() will skip a u-on-u dependency */
761 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
762
763 return hashmap_reserve(u->dependencies[d], n_reserve);
764 }
765
766 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
767 Iterator i;
768 Unit *back;
769 void *v;
770 int r;
771
772 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
773
774 assert(u);
775 assert(other);
776 assert(d < _UNIT_DEPENDENCY_MAX);
777
778 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
779 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
780 UnitDependency k;
781
782 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
783 * pointers back, and let's fix them up, to instead point to 'u'. */
784
785 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
786 if (back == u) {
787 /* Do not add dependencies between u and itself. */
788 if (hashmap_remove(back->dependencies[k], other))
789 maybe_warn_about_dependency(u, other_id, k);
790 } else {
791 UnitDependencyInfo di_u, di_other, di_merged;
792
793 /* Let's drop this dependency between "back" and "other", and let's create it between
794 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
795 * and any such dependency which might already exist */
796
797 di_other.data = hashmap_get(back->dependencies[k], other);
798 if (!di_other.data)
799 continue; /* dependency isn't set, let's try the next one */
800
801 di_u.data = hashmap_get(back->dependencies[k], u);
802
803 di_merged = (UnitDependencyInfo) {
804 .origin_mask = di_u.origin_mask | di_other.origin_mask,
805 .destination_mask = di_u.destination_mask | di_other.destination_mask,
806 };
807
808 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
809 if (r < 0)
810 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
811 assert(r >= 0);
812
813 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
814 }
815 }
816
817 }
818
819 /* Also do not move dependencies on u to itself */
820 back = hashmap_remove(other->dependencies[d], u);
821 if (back)
822 maybe_warn_about_dependency(u, other_id, d);
823
824 /* The move cannot fail. The caller must have performed a reservation. */
825 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
826
827 other->dependencies[d] = hashmap_free(other->dependencies[d]);
828 }
829
830 int unit_merge(Unit *u, Unit *other) {
831 UnitDependency d;
832 const char *other_id = NULL;
833 int r;
834
835 assert(u);
836 assert(other);
837 assert(u->manager == other->manager);
838 assert(u->type != _UNIT_TYPE_INVALID);
839
840 other = unit_follow_merge(other);
841
842 if (other == u)
843 return 0;
844
845 if (u->type != other->type)
846 return -EINVAL;
847
848 if (!u->instance != !other->instance)
849 return -EINVAL;
850
851 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
852 return -EEXIST;
853
854 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
855 return -EEXIST;
856
857 if (other->job)
858 return -EEXIST;
859
860 if (other->nop_job)
861 return -EEXIST;
862
863 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
864 return -EEXIST;
865
866 if (other->id)
867 other_id = strdupa(other->id);
868
869 /* Make reservations to ensure merge_dependencies() won't fail */
870 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
871 r = reserve_dependencies(u, other, d);
872 /*
873 * We don't rollback reservations if we fail. We don't have
874 * a way to undo reservations. A reservation is not a leak.
875 */
876 if (r < 0)
877 return r;
878 }
879
880 /* Merge names */
881 r = merge_names(u, other);
882 if (r < 0)
883 return r;
884
885 /* Redirect all references */
886 while (other->refs_by_target)
887 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
888
889 /* Merge dependencies */
890 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
891 merge_dependencies(u, other, other_id, d);
892
893 other->load_state = UNIT_MERGED;
894 other->merged_into = u;
895
896 /* If there is still some data attached to the other node, we
897 * don't need it anymore, and can free it. */
898 if (other->load_state != UNIT_STUB)
899 if (UNIT_VTABLE(other)->done)
900 UNIT_VTABLE(other)->done(other);
901
902 unit_add_to_dbus_queue(u);
903 unit_add_to_cleanup_queue(other);
904
905 return 0;
906 }
907
908 int unit_merge_by_name(Unit *u, const char *name) {
909 _cleanup_free_ char *s = NULL;
910 Unit *other;
911 int r;
912
913 assert(u);
914 assert(name);
915
916 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
917 if (!u->instance)
918 return -EINVAL;
919
920 r = unit_name_replace_instance(name, u->instance, &s);
921 if (r < 0)
922 return r;
923
924 name = s;
925 }
926
927 other = manager_get_unit(u->manager, name);
928 if (other)
929 return unit_merge(u, other);
930
931 return unit_add_name(u, name);
932 }
933
934 Unit* unit_follow_merge(Unit *u) {
935 assert(u);
936
937 while (u->load_state == UNIT_MERGED)
938 assert_se(u = u->merged_into);
939
940 return u;
941 }
942
943 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
944 ExecDirectoryType dt;
945 char **dp;
946 int r;
947
948 assert(u);
949 assert(c);
950
951 if (c->working_directory) {
952 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
953 if (r < 0)
954 return r;
955 }
956
957 if (c->root_directory) {
958 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
959 if (r < 0)
960 return r;
961 }
962
963 if (c->root_image) {
964 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
965 if (r < 0)
966 return r;
967 }
968
969 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
970 if (!u->manager->prefix[dt])
971 continue;
972
973 STRV_FOREACH(dp, c->directories[dt].paths) {
974 _cleanup_free_ char *p;
975
976 p = strjoin(u->manager->prefix[dt], "/", *dp);
977 if (!p)
978 return -ENOMEM;
979
980 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
981 if (r < 0)
982 return r;
983 }
984 }
985
986 if (!MANAGER_IS_SYSTEM(u->manager))
987 return 0;
988
989 if (c->private_tmp) {
990 const char *p;
991
992 FOREACH_STRING(p, "/tmp", "/var/tmp") {
993 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
999 if (r < 0)
1000 return r;
1001 }
1002
1003 if (!IN_SET(c->std_output,
1004 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1005 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1006 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1007 !IN_SET(c->std_error,
1008 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1009 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1010 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1011 return 0;
1012
1013 /* If syslog or kernel logging is requested, make sure our own
1014 * logging daemon is run first. */
1015
1016 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1017 if (r < 0)
1018 return r;
1019
1020 return 0;
1021 }
1022
1023 const char *unit_description(Unit *u) {
1024 assert(u);
1025
1026 if (u->description)
1027 return u->description;
1028
1029 return strna(u->id);
1030 }
1031
1032 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1033 const struct {
1034 UnitDependencyMask mask;
1035 const char *name;
1036 } table[] = {
1037 { UNIT_DEPENDENCY_FILE, "file" },
1038 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1039 { UNIT_DEPENDENCY_DEFAULT, "default" },
1040 { UNIT_DEPENDENCY_UDEV, "udev" },
1041 { UNIT_DEPENDENCY_PATH, "path" },
1042 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1043 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1044 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1045 };
1046 size_t i;
1047
1048 assert(f);
1049 assert(kind);
1050 assert(space);
1051
1052 for (i = 0; i < ELEMENTSOF(table); i++) {
1053
1054 if (mask == 0)
1055 break;
1056
1057 if (FLAGS_SET(mask, table[i].mask)) {
1058 if (*space)
1059 fputc(' ', f);
1060 else
1061 *space = true;
1062
1063 fputs(kind, f);
1064 fputs("-", f);
1065 fputs(table[i].name, f);
1066
1067 mask &= ~table[i].mask;
1068 }
1069 }
1070
1071 assert(mask == 0);
1072 }
1073
1074 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1075 char *t, **j;
1076 UnitDependency d;
1077 Iterator i;
1078 const char *prefix2;
1079 char
1080 timestamp0[FORMAT_TIMESTAMP_MAX],
1081 timestamp1[FORMAT_TIMESTAMP_MAX],
1082 timestamp2[FORMAT_TIMESTAMP_MAX],
1083 timestamp3[FORMAT_TIMESTAMP_MAX],
1084 timestamp4[FORMAT_TIMESTAMP_MAX],
1085 timespan[FORMAT_TIMESPAN_MAX];
1086 Unit *following;
1087 _cleanup_set_free_ Set *following_set = NULL;
1088 const char *n;
1089 CGroupMask m;
1090 int r;
1091
1092 assert(u);
1093 assert(u->type >= 0);
1094
1095 prefix = strempty(prefix);
1096 prefix2 = strjoina(prefix, "\t");
1097
1098 fprintf(f,
1099 "%s-> Unit %s:\n"
1100 "%s\tDescription: %s\n"
1101 "%s\tInstance: %s\n"
1102 "%s\tUnit Load State: %s\n"
1103 "%s\tUnit Active State: %s\n"
1104 "%s\tState Change Timestamp: %s\n"
1105 "%s\tInactive Exit Timestamp: %s\n"
1106 "%s\tActive Enter Timestamp: %s\n"
1107 "%s\tActive Exit Timestamp: %s\n"
1108 "%s\tInactive Enter Timestamp: %s\n"
1109 "%s\tMay GC: %s\n"
1110 "%s\tNeed Daemon Reload: %s\n"
1111 "%s\tTransient: %s\n"
1112 "%s\tPerpetual: %s\n"
1113 "%s\tGarbage Collection Mode: %s\n"
1114 "%s\tSlice: %s\n"
1115 "%s\tCGroup: %s\n"
1116 "%s\tCGroup realized: %s\n",
1117 prefix, u->id,
1118 prefix, unit_description(u),
1119 prefix, strna(u->instance),
1120 prefix, unit_load_state_to_string(u->load_state),
1121 prefix, unit_active_state_to_string(unit_active_state(u)),
1122 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1123 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1124 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1125 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1126 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1127 prefix, yes_no(unit_may_gc(u)),
1128 prefix, yes_no(unit_need_daemon_reload(u)),
1129 prefix, yes_no(u->transient),
1130 prefix, yes_no(u->perpetual),
1131 prefix, collect_mode_to_string(u->collect_mode),
1132 prefix, strna(unit_slice_name(u)),
1133 prefix, strna(u->cgroup_path),
1134 prefix, yes_no(u->cgroup_realized));
1135
1136 if (u->cgroup_realized_mask != 0) {
1137 _cleanup_free_ char *s = NULL;
1138 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1139 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1140 }
1141 if (u->cgroup_enabled_mask != 0) {
1142 _cleanup_free_ char *s = NULL;
1143 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1144 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1145 }
1146 m = unit_get_own_mask(u);
1147 if (m != 0) {
1148 _cleanup_free_ char *s = NULL;
1149 (void) cg_mask_to_string(m, &s);
1150 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1151 }
1152 m = unit_get_members_mask(u);
1153 if (m != 0) {
1154 _cleanup_free_ char *s = NULL;
1155 (void) cg_mask_to_string(m, &s);
1156 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1157 }
1158
1159 SET_FOREACH(t, u->names, i)
1160 fprintf(f, "%s\tName: %s\n", prefix, t);
1161
1162 if (!sd_id128_is_null(u->invocation_id))
1163 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1164 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1165
1166 STRV_FOREACH(j, u->documentation)
1167 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1168
1169 following = unit_following(u);
1170 if (following)
1171 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1172
1173 r = unit_following_set(u, &following_set);
1174 if (r >= 0) {
1175 Unit *other;
1176
1177 SET_FOREACH(other, following_set, i)
1178 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1179 }
1180
1181 if (u->fragment_path)
1182 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1183
1184 if (u->source_path)
1185 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1186
1187 STRV_FOREACH(j, u->dropin_paths)
1188 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1189
1190 if (u->failure_action != EMERGENCY_ACTION_NONE)
1191 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1192 if (u->success_action != EMERGENCY_ACTION_NONE)
1193 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1194
1195 if (u->job_timeout != USEC_INFINITY)
1196 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1197
1198 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1199 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1200
1201 if (u->job_timeout_reboot_arg)
1202 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1203
1204 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1205 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1206
1207 if (dual_timestamp_is_set(&u->condition_timestamp))
1208 fprintf(f,
1209 "%s\tCondition Timestamp: %s\n"
1210 "%s\tCondition Result: %s\n",
1211 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1212 prefix, yes_no(u->condition_result));
1213
1214 if (dual_timestamp_is_set(&u->assert_timestamp))
1215 fprintf(f,
1216 "%s\tAssert Timestamp: %s\n"
1217 "%s\tAssert Result: %s\n",
1218 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1219 prefix, yes_no(u->assert_result));
1220
1221 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1222 UnitDependencyInfo di;
1223 Unit *other;
1224
1225 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1226 bool space = false;
1227
1228 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1229
1230 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1231 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1232
1233 fputs(")\n", f);
1234 }
1235 }
1236
1237 if (!hashmap_isempty(u->requires_mounts_for)) {
1238 UnitDependencyInfo di;
1239 const char *path;
1240
1241 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1242 bool space = false;
1243
1244 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1245
1246 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1247 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1248
1249 fputs(")\n", f);
1250 }
1251 }
1252
1253 if (u->load_state == UNIT_LOADED) {
1254
1255 fprintf(f,
1256 "%s\tStopWhenUnneeded: %s\n"
1257 "%s\tRefuseManualStart: %s\n"
1258 "%s\tRefuseManualStop: %s\n"
1259 "%s\tDefaultDependencies: %s\n"
1260 "%s\tOnFailureJobMode: %s\n"
1261 "%s\tIgnoreOnIsolate: %s\n",
1262 prefix, yes_no(u->stop_when_unneeded),
1263 prefix, yes_no(u->refuse_manual_start),
1264 prefix, yes_no(u->refuse_manual_stop),
1265 prefix, yes_no(u->default_dependencies),
1266 prefix, job_mode_to_string(u->on_failure_job_mode),
1267 prefix, yes_no(u->ignore_on_isolate));
1268
1269 if (UNIT_VTABLE(u)->dump)
1270 UNIT_VTABLE(u)->dump(u, f, prefix2);
1271
1272 } else if (u->load_state == UNIT_MERGED)
1273 fprintf(f,
1274 "%s\tMerged into: %s\n",
1275 prefix, u->merged_into->id);
1276 else if (u->load_state == UNIT_ERROR)
1277 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1278
1279 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1280 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1281
1282 if (u->job)
1283 job_dump(u->job, f, prefix2);
1284
1285 if (u->nop_job)
1286 job_dump(u->nop_job, f, prefix2);
1287 }
1288
1289 /* Common implementation for multiple backends */
1290 int unit_load_fragment_and_dropin(Unit *u) {
1291 int r;
1292
1293 assert(u);
1294
1295 /* Load a .{service,socket,...} file */
1296 r = unit_load_fragment(u);
1297 if (r < 0)
1298 return r;
1299
1300 if (u->load_state == UNIT_STUB)
1301 return -ENOENT;
1302
1303 /* Load drop-in directory data. If u is an alias, we might be reloading the
1304 * target unit needlessly. But we cannot be sure which drops-ins have already
1305 * been loaded and which not, at least without doing complicated book-keeping,
1306 * so let's always reread all drop-ins. */
1307 return unit_load_dropin(unit_follow_merge(u));
1308 }
1309
1310 /* Common implementation for multiple backends */
1311 int unit_load_fragment_and_dropin_optional(Unit *u) {
1312 int r;
1313
1314 assert(u);
1315
1316 /* Same as unit_load_fragment_and_dropin(), but whether
1317 * something can be loaded or not doesn't matter. */
1318
1319 /* Load a .service/.socket/.slice/… file */
1320 r = unit_load_fragment(u);
1321 if (r < 0)
1322 return r;
1323
1324 if (u->load_state == UNIT_STUB)
1325 u->load_state = UNIT_LOADED;
1326
1327 /* Load drop-in directory data */
1328 return unit_load_dropin(unit_follow_merge(u));
1329 }
1330
1331 void unit_add_to_target_deps_queue(Unit *u) {
1332 Manager *m = u->manager;
1333
1334 assert(u);
1335
1336 if (u->in_target_deps_queue)
1337 return;
1338
1339 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1340 u->in_target_deps_queue = true;
1341 }
1342
1343 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1344 assert(u);
1345 assert(target);
1346
1347 if (target->type != UNIT_TARGET)
1348 return 0;
1349
1350 /* Only add the dependency if both units are loaded, so that
1351 * that loop check below is reliable */
1352 if (u->load_state != UNIT_LOADED ||
1353 target->load_state != UNIT_LOADED)
1354 return 0;
1355
1356 /* If either side wants no automatic dependencies, then let's
1357 * skip this */
1358 if (!u->default_dependencies ||
1359 !target->default_dependencies)
1360 return 0;
1361
1362 /* Don't create loops */
1363 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1364 return 0;
1365
1366 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1367 }
1368
1369 static int unit_add_slice_dependencies(Unit *u) {
1370 UnitDependencyMask mask;
1371 assert(u);
1372
1373 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1374 return 0;
1375
1376 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1377 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1378 relationship). */
1379 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1380
1381 if (UNIT_ISSET(u->slice))
1382 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1383
1384 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1385 return 0;
1386
1387 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1388 }
1389
1390 static int unit_add_mount_dependencies(Unit *u) {
1391 UnitDependencyInfo di;
1392 const char *path;
1393 Iterator i;
1394 int r;
1395
1396 assert(u);
1397
1398 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1399 char prefix[strlen(path) + 1];
1400
1401 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1402 _cleanup_free_ char *p = NULL;
1403 Unit *m;
1404
1405 r = unit_name_from_path(prefix, ".mount", &p);
1406 if (r < 0)
1407 return r;
1408
1409 m = manager_get_unit(u->manager, p);
1410 if (!m) {
1411 /* Make sure to load the mount unit if
1412 * it exists. If so the dependencies
1413 * on this unit will be added later
1414 * during the loading of the mount
1415 * unit. */
1416 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1417 continue;
1418 }
1419 if (m == u)
1420 continue;
1421
1422 if (m->load_state != UNIT_LOADED)
1423 continue;
1424
1425 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1426 if (r < 0)
1427 return r;
1428
1429 if (m->fragment_path) {
1430 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1431 if (r < 0)
1432 return r;
1433 }
1434 }
1435 }
1436
1437 return 0;
1438 }
1439
1440 static int unit_add_startup_units(Unit *u) {
1441 CGroupContext *c;
1442 int r;
1443
1444 c = unit_get_cgroup_context(u);
1445 if (!c)
1446 return 0;
1447
1448 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1449 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1450 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1451 return 0;
1452
1453 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1454 if (r < 0)
1455 return r;
1456
1457 return set_put(u->manager->startup_units, u);
1458 }
1459
1460 int unit_load(Unit *u) {
1461 int r;
1462
1463 assert(u);
1464
1465 if (u->in_load_queue) {
1466 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1467 u->in_load_queue = false;
1468 }
1469
1470 if (u->type == _UNIT_TYPE_INVALID)
1471 return -EINVAL;
1472
1473 if (u->load_state != UNIT_STUB)
1474 return 0;
1475
1476 if (u->transient_file) {
1477 r = fflush_and_check(u->transient_file);
1478 if (r < 0)
1479 goto fail;
1480
1481 u->transient_file = safe_fclose(u->transient_file);
1482 u->fragment_mtime = now(CLOCK_REALTIME);
1483 }
1484
1485 if (UNIT_VTABLE(u)->load) {
1486 r = UNIT_VTABLE(u)->load(u);
1487 if (r < 0)
1488 goto fail;
1489 }
1490
1491 if (u->load_state == UNIT_STUB) {
1492 r = -ENOENT;
1493 goto fail;
1494 }
1495
1496 if (u->load_state == UNIT_LOADED) {
1497 unit_add_to_target_deps_queue(u);
1498
1499 r = unit_add_slice_dependencies(u);
1500 if (r < 0)
1501 goto fail;
1502
1503 r = unit_add_mount_dependencies(u);
1504 if (r < 0)
1505 goto fail;
1506
1507 r = unit_add_startup_units(u);
1508 if (r < 0)
1509 goto fail;
1510
1511 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1512 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1513 r = -ENOEXEC;
1514 goto fail;
1515 }
1516
1517 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1518 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1519
1520 unit_update_cgroup_members_masks(u);
1521 }
1522
1523 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1524
1525 unit_add_to_dbus_queue(unit_follow_merge(u));
1526 unit_add_to_gc_queue(u);
1527
1528 return 0;
1529
1530 fail:
1531 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1532 * return ENOEXEC to ensure units are placed in this state after loading */
1533
1534 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1535 r == -ENOEXEC ? UNIT_BAD_SETTING :
1536 UNIT_ERROR;
1537 u->load_error = r;
1538
1539 unit_add_to_dbus_queue(u);
1540 unit_add_to_gc_queue(u);
1541
1542 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1543 }
1544
1545 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1546 Condition *c;
1547 int triggered = -1;
1548
1549 assert(u);
1550 assert(to_string);
1551
1552 /* If the condition list is empty, then it is true */
1553 if (!first)
1554 return true;
1555
1556 /* Otherwise, if all of the non-trigger conditions apply and
1557 * if any of the trigger conditions apply (unless there are
1558 * none) we return true */
1559 LIST_FOREACH(conditions, c, first) {
1560 int r;
1561
1562 r = condition_test(c);
1563 if (r < 0)
1564 log_unit_warning(u,
1565 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1566 to_string(c->type),
1567 c->trigger ? "|" : "",
1568 c->negate ? "!" : "",
1569 c->parameter);
1570 else
1571 log_unit_debug(u,
1572 "%s=%s%s%s %s.",
1573 to_string(c->type),
1574 c->trigger ? "|" : "",
1575 c->negate ? "!" : "",
1576 c->parameter,
1577 condition_result_to_string(c->result));
1578
1579 if (!c->trigger && r <= 0)
1580 return false;
1581
1582 if (c->trigger && triggered <= 0)
1583 triggered = r > 0;
1584 }
1585
1586 return triggered != 0;
1587 }
1588
1589 static bool unit_condition_test(Unit *u) {
1590 assert(u);
1591
1592 dual_timestamp_get(&u->condition_timestamp);
1593 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1594
1595 return u->condition_result;
1596 }
1597
1598 static bool unit_assert_test(Unit *u) {
1599 assert(u);
1600
1601 dual_timestamp_get(&u->assert_timestamp);
1602 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1603
1604 return u->assert_result;
1605 }
1606
1607 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1608 DISABLE_WARNING_FORMAT_NONLITERAL;
1609 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1610 REENABLE_WARNING;
1611 }
1612
1613 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1614 const char *format;
1615 const UnitStatusMessageFormats *format_table;
1616
1617 assert(u);
1618 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1619
1620 if (t != JOB_RELOAD) {
1621 format_table = &UNIT_VTABLE(u)->status_message_formats;
1622 if (format_table) {
1623 format = format_table->starting_stopping[t == JOB_STOP];
1624 if (format)
1625 return format;
1626 }
1627 }
1628
1629 /* Return generic strings */
1630 if (t == JOB_START)
1631 return "Starting %s.";
1632 else if (t == JOB_STOP)
1633 return "Stopping %s.";
1634 else
1635 return "Reloading %s.";
1636 }
1637
1638 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1639 const char *format;
1640
1641 assert(u);
1642
1643 /* Reload status messages have traditionally not been printed to console. */
1644 if (!IN_SET(t, JOB_START, JOB_STOP))
1645 return;
1646
1647 format = unit_get_status_message_format(u, t);
1648
1649 DISABLE_WARNING_FORMAT_NONLITERAL;
1650 unit_status_printf(u, "", format);
1651 REENABLE_WARNING;
1652 }
1653
1654 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1655 const char *format, *mid;
1656 char buf[LINE_MAX];
1657
1658 assert(u);
1659
1660 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1661 return;
1662
1663 if (log_on_console())
1664 return;
1665
1666 /* We log status messages for all units and all operations. */
1667
1668 format = unit_get_status_message_format(u, t);
1669
1670 DISABLE_WARNING_FORMAT_NONLITERAL;
1671 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1672 REENABLE_WARNING;
1673
1674 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1675 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1676 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1677
1678 /* Note that we deliberately use LOG_MESSAGE() instead of
1679 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1680 * closely what is written to screen using the status output,
1681 * which is supposed the highest level, friendliest output
1682 * possible, which means we should avoid the low-level unit
1683 * name. */
1684 log_struct(LOG_INFO,
1685 LOG_MESSAGE("%s", buf),
1686 LOG_UNIT_ID(u),
1687 LOG_UNIT_INVOCATION_ID(u),
1688 mid);
1689 }
1690
1691 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1692 assert(u);
1693 assert(t >= 0);
1694 assert(t < _JOB_TYPE_MAX);
1695
1696 unit_status_log_starting_stopping_reloading(u, t);
1697 unit_status_print_starting_stopping(u, t);
1698 }
1699
1700 int unit_start_limit_test(Unit *u) {
1701 assert(u);
1702
1703 if (ratelimit_below(&u->start_limit)) {
1704 u->start_limit_hit = false;
1705 return 0;
1706 }
1707
1708 log_unit_warning(u, "Start request repeated too quickly.");
1709 u->start_limit_hit = true;
1710
1711 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1712 }
1713
1714 bool unit_shall_confirm_spawn(Unit *u) {
1715 assert(u);
1716
1717 if (manager_is_confirm_spawn_disabled(u->manager))
1718 return false;
1719
1720 /* For some reasons units remaining in the same process group
1721 * as PID 1 fail to acquire the console even if it's not used
1722 * by any process. So skip the confirmation question for them. */
1723 return !unit_get_exec_context(u)->same_pgrp;
1724 }
1725
1726 static bool unit_verify_deps(Unit *u) {
1727 Unit *other;
1728 Iterator j;
1729 void *v;
1730
1731 assert(u);
1732
1733 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1734 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1735 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1736 * conjunction with After= as for them any such check would make things entirely racy. */
1737
1738 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1739
1740 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1741 continue;
1742
1743 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1744 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1745 return false;
1746 }
1747 }
1748
1749 return true;
1750 }
1751
1752 /* Errors:
1753 * -EBADR: This unit type does not support starting.
1754 * -EALREADY: Unit is already started.
1755 * -EAGAIN: An operation is already in progress. Retry later.
1756 * -ECANCELED: Too many requests for now.
1757 * -EPROTO: Assert failed
1758 * -EINVAL: Unit not loaded
1759 * -EOPNOTSUPP: Unit type not supported
1760 * -ENOLINK: The necessary dependencies are not fulfilled.
1761 * -ESTALE: This unit has been started before and can't be started a second time
1762 */
1763 int unit_start(Unit *u) {
1764 UnitActiveState state;
1765 Unit *following;
1766
1767 assert(u);
1768
1769 /* If this is already started, then this will succeed. Note
1770 * that this will even succeed if this unit is not startable
1771 * by the user. This is relied on to detect when we need to
1772 * wait for units and when waiting is finished. */
1773 state = unit_active_state(u);
1774 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1775 return -EALREADY;
1776
1777 /* Units that aren't loaded cannot be started */
1778 if (u->load_state != UNIT_LOADED)
1779 return -EINVAL;
1780
1781 /* Refuse starting scope units more than once */
1782 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1783 return -ESTALE;
1784
1785 /* If the conditions failed, don't do anything at all. If we
1786 * already are activating this call might still be useful to
1787 * speed up activation in case there is some hold-off time,
1788 * but we don't want to recheck the condition in that case. */
1789 if (state != UNIT_ACTIVATING &&
1790 !unit_condition_test(u)) {
1791 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1792 return -EALREADY;
1793 }
1794
1795 /* If the asserts failed, fail the entire job */
1796 if (state != UNIT_ACTIVATING &&
1797 !unit_assert_test(u)) {
1798 log_unit_notice(u, "Starting requested but asserts failed.");
1799 return -EPROTO;
1800 }
1801
1802 /* Units of types that aren't supported cannot be
1803 * started. Note that we do this test only after the condition
1804 * checks, so that we rather return condition check errors
1805 * (which are usually not considered a true failure) than "not
1806 * supported" errors (which are considered a failure).
1807 */
1808 if (!unit_supported(u))
1809 return -EOPNOTSUPP;
1810
1811 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1812 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1813 * effect anymore, due to a reload or due to a failed condition. */
1814 if (!unit_verify_deps(u))
1815 return -ENOLINK;
1816
1817 /* Forward to the main object, if we aren't it. */
1818 following = unit_following(u);
1819 if (following) {
1820 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1821 return unit_start(following);
1822 }
1823
1824 /* If it is stopped, but we cannot start it, then fail */
1825 if (!UNIT_VTABLE(u)->start)
1826 return -EBADR;
1827
1828 /* We don't suppress calls to ->start() here when we are
1829 * already starting, to allow this request to be used as a
1830 * "hurry up" call, for example when the unit is in some "auto
1831 * restart" state where it waits for a holdoff timer to elapse
1832 * before it will start again. */
1833
1834 unit_add_to_dbus_queue(u);
1835
1836 return UNIT_VTABLE(u)->start(u);
1837 }
1838
1839 bool unit_can_start(Unit *u) {
1840 assert(u);
1841
1842 if (u->load_state != UNIT_LOADED)
1843 return false;
1844
1845 if (!unit_supported(u))
1846 return false;
1847
1848 /* Scope units may be started only once */
1849 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1850 return false;
1851
1852 return !!UNIT_VTABLE(u)->start;
1853 }
1854
1855 bool unit_can_isolate(Unit *u) {
1856 assert(u);
1857
1858 return unit_can_start(u) &&
1859 u->allow_isolate;
1860 }
1861
1862 /* Errors:
1863 * -EBADR: This unit type does not support stopping.
1864 * -EALREADY: Unit is already stopped.
1865 * -EAGAIN: An operation is already in progress. Retry later.
1866 */
1867 int unit_stop(Unit *u) {
1868 UnitActiveState state;
1869 Unit *following;
1870
1871 assert(u);
1872
1873 state = unit_active_state(u);
1874 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1875 return -EALREADY;
1876
1877 following = unit_following(u);
1878 if (following) {
1879 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1880 return unit_stop(following);
1881 }
1882
1883 if (!UNIT_VTABLE(u)->stop)
1884 return -EBADR;
1885
1886 unit_add_to_dbus_queue(u);
1887
1888 return UNIT_VTABLE(u)->stop(u);
1889 }
1890
1891 bool unit_can_stop(Unit *u) {
1892 assert(u);
1893
1894 if (!unit_supported(u))
1895 return false;
1896
1897 if (u->perpetual)
1898 return false;
1899
1900 return !!UNIT_VTABLE(u)->stop;
1901 }
1902
1903 /* Errors:
1904 * -EBADR: This unit type does not support reloading.
1905 * -ENOEXEC: Unit is not started.
1906 * -EAGAIN: An operation is already in progress. Retry later.
1907 */
1908 int unit_reload(Unit *u) {
1909 UnitActiveState state;
1910 Unit *following;
1911
1912 assert(u);
1913
1914 if (u->load_state != UNIT_LOADED)
1915 return -EINVAL;
1916
1917 if (!unit_can_reload(u))
1918 return -EBADR;
1919
1920 state = unit_active_state(u);
1921 if (state == UNIT_RELOADING)
1922 return -EALREADY;
1923
1924 if (state != UNIT_ACTIVE) {
1925 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1926 return -ENOEXEC;
1927 }
1928
1929 following = unit_following(u);
1930 if (following) {
1931 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1932 return unit_reload(following);
1933 }
1934
1935 unit_add_to_dbus_queue(u);
1936
1937 if (!UNIT_VTABLE(u)->reload) {
1938 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1939 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1940 return 0;
1941 }
1942
1943 return UNIT_VTABLE(u)->reload(u);
1944 }
1945
1946 bool unit_can_reload(Unit *u) {
1947 assert(u);
1948
1949 if (UNIT_VTABLE(u)->can_reload)
1950 return UNIT_VTABLE(u)->can_reload(u);
1951
1952 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1953 return true;
1954
1955 return UNIT_VTABLE(u)->reload;
1956 }
1957
1958 static void unit_check_unneeded(Unit *u) {
1959
1960 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1961
1962 static const UnitDependency needed_dependencies[] = {
1963 UNIT_REQUIRED_BY,
1964 UNIT_REQUISITE_OF,
1965 UNIT_WANTED_BY,
1966 UNIT_BOUND_BY,
1967 };
1968
1969 unsigned j;
1970 int r;
1971
1972 assert(u);
1973
1974 /* If this service shall be shut down when unneeded then do
1975 * so. */
1976
1977 if (!u->stop_when_unneeded)
1978 return;
1979
1980 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1981 return;
1982
1983 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1984 Unit *other;
1985 Iterator i;
1986 void *v;
1987
1988 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1989 if (unit_active_or_pending(other) || unit_will_restart(other))
1990 return;
1991 }
1992
1993 /* If stopping a unit fails continuously we might enter a stop
1994 * loop here, hence stop acting on the service being
1995 * unnecessary after a while. */
1996 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1997 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1998 return;
1999 }
2000
2001 log_unit_info(u, "Unit not needed anymore. Stopping.");
2002
2003 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2004 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2005 if (r < 0)
2006 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2007 }
2008
2009 static void unit_check_binds_to(Unit *u) {
2010 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2011 bool stop = false;
2012 Unit *other;
2013 Iterator i;
2014 void *v;
2015 int r;
2016
2017 assert(u);
2018
2019 if (u->job)
2020 return;
2021
2022 if (unit_active_state(u) != UNIT_ACTIVE)
2023 return;
2024
2025 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2026 if (other->job)
2027 continue;
2028
2029 if (!other->coldplugged)
2030 /* We might yet create a job for the other unit… */
2031 continue;
2032
2033 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2034 continue;
2035
2036 stop = true;
2037 break;
2038 }
2039
2040 if (!stop)
2041 return;
2042
2043 /* If stopping a unit fails continuously we might enter a stop
2044 * loop here, hence stop acting on the service being
2045 * unnecessary after a while. */
2046 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2047 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2048 return;
2049 }
2050
2051 assert(other);
2052 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2053
2054 /* A unit we need to run is gone. Sniff. Let's stop this. */
2055 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2056 if (r < 0)
2057 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2058 }
2059
2060 static void retroactively_start_dependencies(Unit *u) {
2061 Iterator i;
2062 Unit *other;
2063 void *v;
2064
2065 assert(u);
2066 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2067
2068 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2069 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2070 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2071 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2072
2073 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2074 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2075 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2076 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2077
2078 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2079 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2080 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2081 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2082
2083 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2084 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2085 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2086
2087 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2088 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2089 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2090 }
2091
2092 static void retroactively_stop_dependencies(Unit *u) {
2093 Unit *other;
2094 Iterator i;
2095 void *v;
2096
2097 assert(u);
2098 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2099
2100 /* Pull down units which are bound to us recursively if enabled */
2101 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2102 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2103 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2104 }
2105
2106 static void check_unneeded_dependencies(Unit *u) {
2107 Unit *other;
2108 Iterator i;
2109 void *v;
2110
2111 assert(u);
2112 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2113
2114 /* Garbage collect services that might not be needed anymore, if enabled */
2115 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2116 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2117 unit_check_unneeded(other);
2118 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2119 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2120 unit_check_unneeded(other);
2121 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2122 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2123 unit_check_unneeded(other);
2124 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2125 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2126 unit_check_unneeded(other);
2127 }
2128
2129 void unit_start_on_failure(Unit *u) {
2130 Unit *other;
2131 Iterator i;
2132 void *v;
2133 int r;
2134
2135 assert(u);
2136
2137 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2138 return;
2139
2140 log_unit_info(u, "Triggering OnFailure= dependencies.");
2141
2142 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2143 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2144
2145 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2146 if (r < 0)
2147 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2148 }
2149 }
2150
2151 void unit_trigger_notify(Unit *u) {
2152 Unit *other;
2153 Iterator i;
2154 void *v;
2155
2156 assert(u);
2157
2158 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2159 if (UNIT_VTABLE(other)->trigger_notify)
2160 UNIT_VTABLE(other)->trigger_notify(other, u);
2161 }
2162
2163 static int unit_log_resources(Unit *u) {
2164
2165 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2166 size_t n_message_parts = 0, n_iovec = 0;
2167 char* message_parts[3 + 1], *t;
2168 nsec_t nsec = NSEC_INFINITY;
2169 CGroupIPAccountingMetric m;
2170 size_t i;
2171 int r;
2172 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2173 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2174 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2175 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2176 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2177 };
2178
2179 assert(u);
2180
2181 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2182 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2183 * information and the complete data in structured fields. */
2184
2185 (void) unit_get_cpu_usage(u, &nsec);
2186 if (nsec != NSEC_INFINITY) {
2187 char buf[FORMAT_TIMESPAN_MAX] = "";
2188
2189 /* Format the CPU time for inclusion in the structured log message */
2190 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2191 r = log_oom();
2192 goto finish;
2193 }
2194 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2195
2196 /* Format the CPU time for inclusion in the human language message string */
2197 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2198 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2199 if (!t) {
2200 r = log_oom();
2201 goto finish;
2202 }
2203
2204 message_parts[n_message_parts++] = t;
2205 }
2206
2207 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2208 char buf[FORMAT_BYTES_MAX] = "";
2209 uint64_t value = UINT64_MAX;
2210
2211 assert(ip_fields[m]);
2212
2213 (void) unit_get_ip_accounting(u, m, &value);
2214 if (value == UINT64_MAX)
2215 continue;
2216
2217 /* Format IP accounting data for inclusion in the structured log message */
2218 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2219 r = log_oom();
2220 goto finish;
2221 }
2222 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2223
2224 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2225 * bytes counters (and not for the packets counters) */
2226 if (m == CGROUP_IP_INGRESS_BYTES)
2227 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2228 format_bytes(buf, sizeof(buf), value),
2229 " IP traffic");
2230 else if (m == CGROUP_IP_EGRESS_BYTES)
2231 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2232 format_bytes(buf, sizeof(buf), value),
2233 " IP traffic");
2234 else
2235 continue;
2236 if (!t) {
2237 r = log_oom();
2238 goto finish;
2239 }
2240
2241 message_parts[n_message_parts++] = t;
2242 }
2243
2244 /* Is there any accounting data available at all? */
2245 if (n_iovec == 0) {
2246 r = 0;
2247 goto finish;
2248 }
2249
2250 if (n_message_parts == 0)
2251 t = strjoina("MESSAGE=", u->id, ": Completed");
2252 else {
2253 _cleanup_free_ char *joined;
2254
2255 message_parts[n_message_parts] = NULL;
2256
2257 joined = strv_join(message_parts, ", ");
2258 if (!joined) {
2259 r = log_oom();
2260 goto finish;
2261 }
2262
2263 t = strjoina("MESSAGE=", u->id, ": ", joined);
2264 }
2265
2266 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2267 * and hence don't increase n_iovec for them */
2268 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2269 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2270
2271 t = strjoina(u->manager->unit_log_field, u->id);
2272 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2273
2274 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2275 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2276
2277 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2278 r = 0;
2279
2280 finish:
2281 for (i = 0; i < n_message_parts; i++)
2282 free(message_parts[i]);
2283
2284 for (i = 0; i < n_iovec; i++)
2285 free(iovec[i].iov_base);
2286
2287 return r;
2288
2289 }
2290
2291 static void unit_update_on_console(Unit *u) {
2292 bool b;
2293
2294 assert(u);
2295
2296 b = unit_needs_console(u);
2297 if (u->on_console == b)
2298 return;
2299
2300 u->on_console = b;
2301 if (b)
2302 manager_ref_console(u->manager);
2303 else
2304 manager_unref_console(u->manager);
2305 }
2306
2307 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2308 bool unexpected;
2309 Manager *m;
2310
2311 assert(u);
2312 assert(os < _UNIT_ACTIVE_STATE_MAX);
2313 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2314
2315 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2316 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2317 * remounted this function will be called too! */
2318
2319 m = u->manager;
2320
2321 /* Update timestamps for state changes */
2322 if (!MANAGER_IS_RELOADING(m)) {
2323 dual_timestamp_get(&u->state_change_timestamp);
2324
2325 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2326 u->inactive_exit_timestamp = u->state_change_timestamp;
2327 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2328 u->inactive_enter_timestamp = u->state_change_timestamp;
2329
2330 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2331 u->active_enter_timestamp = u->state_change_timestamp;
2332 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2333 u->active_exit_timestamp = u->state_change_timestamp;
2334 }
2335
2336 /* Keep track of failed units */
2337 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2338
2339 /* Make sure the cgroup and state files are always removed when we become inactive */
2340 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2341 unit_prune_cgroup(u);
2342 unit_unlink_state_files(u);
2343 }
2344
2345 unit_update_on_console(u);
2346
2347 if (u->job) {
2348 unexpected = false;
2349
2350 if (u->job->state == JOB_WAITING)
2351
2352 /* So we reached a different state for this
2353 * job. Let's see if we can run it now if it
2354 * failed previously due to EAGAIN. */
2355 job_add_to_run_queue(u->job);
2356
2357 /* Let's check whether this state change constitutes a
2358 * finished job, or maybe contradicts a running job and
2359 * hence needs to invalidate jobs. */
2360
2361 switch (u->job->type) {
2362
2363 case JOB_START:
2364 case JOB_VERIFY_ACTIVE:
2365
2366 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2367 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2368 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2369 unexpected = true;
2370
2371 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2372 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2373 }
2374
2375 break;
2376
2377 case JOB_RELOAD:
2378 case JOB_RELOAD_OR_START:
2379 case JOB_TRY_RELOAD:
2380
2381 if (u->job->state == JOB_RUNNING) {
2382 if (ns == UNIT_ACTIVE)
2383 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2384 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2385 unexpected = true;
2386
2387 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2388 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2389 }
2390 }
2391
2392 break;
2393
2394 case JOB_STOP:
2395 case JOB_RESTART:
2396 case JOB_TRY_RESTART:
2397
2398 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2399 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2400 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2401 unexpected = true;
2402 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2403 }
2404
2405 break;
2406
2407 default:
2408 assert_not_reached("Job type unknown");
2409 }
2410
2411 } else
2412 unexpected = true;
2413
2414 if (!MANAGER_IS_RELOADING(m)) {
2415
2416 /* If this state change happened without being
2417 * requested by a job, then let's retroactively start
2418 * or stop dependencies. We skip that step when
2419 * deserializing, since we don't want to create any
2420 * additional jobs just because something is already
2421 * activated. */
2422
2423 if (unexpected) {
2424 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2425 retroactively_start_dependencies(u);
2426 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2427 retroactively_stop_dependencies(u);
2428 }
2429
2430 /* stop unneeded units regardless if going down was expected or not */
2431 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2432 check_unneeded_dependencies(u);
2433
2434 if (ns != os && ns == UNIT_FAILED) {
2435 log_unit_debug(u, "Unit entered failed state.");
2436
2437 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2438 unit_start_on_failure(u);
2439 }
2440 }
2441
2442 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2443
2444 if (u->type == UNIT_SERVICE &&
2445 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2446 !MANAGER_IS_RELOADING(m)) {
2447 /* Write audit record if we have just finished starting up */
2448 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2449 u->in_audit = true;
2450 }
2451
2452 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2453 manager_send_unit_plymouth(m, u);
2454
2455 } else {
2456
2457 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2458 !UNIT_IS_INACTIVE_OR_FAILED(os)
2459 && !MANAGER_IS_RELOADING(m)) {
2460
2461 /* This unit just stopped/failed. */
2462 if (u->type == UNIT_SERVICE) {
2463
2464 /* Hmm, if there was no start record written
2465 * write it now, so that we always have a nice
2466 * pair */
2467 if (!u->in_audit) {
2468 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2469
2470 if (ns == UNIT_INACTIVE)
2471 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2472 } else
2473 /* Write audit record if we have just finished shutting down */
2474 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2475
2476 u->in_audit = false;
2477 }
2478
2479 /* Write a log message about consumed resources */
2480 unit_log_resources(u);
2481 }
2482 }
2483
2484 manager_recheck_journal(m);
2485 manager_recheck_dbus(m);
2486
2487 unit_trigger_notify(u);
2488
2489 if (!MANAGER_IS_RELOADING(u->manager)) {
2490 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2491 unit_check_unneeded(u);
2492
2493 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2494 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2495 * without ever entering started.) */
2496 unit_check_binds_to(u);
2497
2498 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2499 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2500 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2501 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2502 }
2503
2504 unit_add_to_dbus_queue(u);
2505 unit_add_to_gc_queue(u);
2506 }
2507
2508 int unit_watch_pid(Unit *u, pid_t pid) {
2509 int r;
2510
2511 assert(u);
2512 assert(pid_is_valid(pid));
2513
2514 /* Watch a specific PID */
2515
2516 r = set_ensure_allocated(&u->pids, NULL);
2517 if (r < 0)
2518 return r;
2519
2520 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2521 if (r < 0)
2522 return r;
2523
2524 /* First try, let's add the unit keyed by "pid". */
2525 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2526 if (r == -EEXIST) {
2527 Unit **array;
2528 bool found = false;
2529 size_t n = 0;
2530
2531 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2532 * to an array of Units rather than just a Unit), lists us already. */
2533
2534 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2535 if (array)
2536 for (; array[n]; n++)
2537 if (array[n] == u)
2538 found = true;
2539
2540 if (found) /* Found it already? if so, do nothing */
2541 r = 0;
2542 else {
2543 Unit **new_array;
2544
2545 /* Allocate a new array */
2546 new_array = new(Unit*, n + 2);
2547 if (!new_array)
2548 return -ENOMEM;
2549
2550 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2551 new_array[n] = u;
2552 new_array[n+1] = NULL;
2553
2554 /* Add or replace the old array */
2555 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2556 if (r < 0) {
2557 free(new_array);
2558 return r;
2559 }
2560
2561 free(array);
2562 }
2563 } else if (r < 0)
2564 return r;
2565
2566 r = set_put(u->pids, PID_TO_PTR(pid));
2567 if (r < 0)
2568 return r;
2569
2570 return 0;
2571 }
2572
2573 void unit_unwatch_pid(Unit *u, pid_t pid) {
2574 Unit **array;
2575
2576 assert(u);
2577 assert(pid_is_valid(pid));
2578
2579 /* First let's drop the unit in case it's keyed as "pid". */
2580 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2581
2582 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2583 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2584 if (array) {
2585 size_t n, m = 0;
2586
2587 /* Let's iterate through the array, dropping our own entry */
2588 for (n = 0; array[n]; n++)
2589 if (array[n] != u)
2590 array[m++] = array[n];
2591 array[m] = NULL;
2592
2593 if (m == 0) {
2594 /* The array is now empty, remove the entire entry */
2595 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2596 free(array);
2597 }
2598 }
2599
2600 (void) set_remove(u->pids, PID_TO_PTR(pid));
2601 }
2602
2603 void unit_unwatch_all_pids(Unit *u) {
2604 assert(u);
2605
2606 while (!set_isempty(u->pids))
2607 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2608
2609 u->pids = set_free(u->pids);
2610 }
2611
2612 static void unit_tidy_watch_pids(Unit *u) {
2613 pid_t except1, except2;
2614 Iterator i;
2615 void *e;
2616
2617 assert(u);
2618
2619 /* Cleans dead PIDs from our list */
2620
2621 except1 = unit_main_pid(u);
2622 except2 = unit_control_pid(u);
2623
2624 SET_FOREACH(e, u->pids, i) {
2625 pid_t pid = PTR_TO_PID(e);
2626
2627 if (pid == except1 || pid == except2)
2628 continue;
2629
2630 if (!pid_is_unwaited(pid))
2631 unit_unwatch_pid(u, pid);
2632 }
2633 }
2634
2635 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2636 Unit *u = userdata;
2637
2638 assert(s);
2639 assert(u);
2640
2641 unit_tidy_watch_pids(u);
2642 unit_watch_all_pids(u);
2643
2644 /* If the PID set is empty now, then let's finish this off. */
2645 unit_synthesize_cgroup_empty_event(u);
2646
2647 return 0;
2648 }
2649
2650 int unit_enqueue_rewatch_pids(Unit *u) {
2651 int r;
2652
2653 assert(u);
2654
2655 if (!u->cgroup_path)
2656 return -ENOENT;
2657
2658 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2659 if (r < 0)
2660 return r;
2661 if (r > 0) /* On unified we can use proper notifications */
2662 return 0;
2663
2664 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2665 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2666 * involves issuing kill(pid, 0) on all processes we watch. */
2667
2668 if (!u->rewatch_pids_event_source) {
2669 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2670
2671 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2672 if (r < 0)
2673 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2674
2675 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2676 if (r < 0)
2677 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2678
2679 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2680
2681 u->rewatch_pids_event_source = TAKE_PTR(s);
2682 }
2683
2684 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2685 if (r < 0)
2686 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2687
2688 return 0;
2689 }
2690
2691 void unit_dequeue_rewatch_pids(Unit *u) {
2692 int r;
2693 assert(u);
2694
2695 if (!u->rewatch_pids_event_source)
2696 return;
2697
2698 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2699 if (r < 0)
2700 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2701
2702 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2703 }
2704
2705 bool unit_job_is_applicable(Unit *u, JobType j) {
2706 assert(u);
2707 assert(j >= 0 && j < _JOB_TYPE_MAX);
2708
2709 switch (j) {
2710
2711 case JOB_VERIFY_ACTIVE:
2712 case JOB_START:
2713 case JOB_NOP:
2714 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2715 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2716 * jobs for it. */
2717 return true;
2718
2719 case JOB_STOP:
2720 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2721 * external events), hence it makes no sense to permit enqueing such a request either. */
2722 return !u->perpetual;
2723
2724 case JOB_RESTART:
2725 case JOB_TRY_RESTART:
2726 return unit_can_stop(u) && unit_can_start(u);
2727
2728 case JOB_RELOAD:
2729 case JOB_TRY_RELOAD:
2730 return unit_can_reload(u);
2731
2732 case JOB_RELOAD_OR_START:
2733 return unit_can_reload(u) && unit_can_start(u);
2734
2735 default:
2736 assert_not_reached("Invalid job type");
2737 }
2738 }
2739
2740 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2741 assert(u);
2742
2743 /* Only warn about some unit types */
2744 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2745 return;
2746
2747 if (streq_ptr(u->id, other))
2748 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2749 else
2750 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2751 }
2752
2753 static int unit_add_dependency_hashmap(
2754 Hashmap **h,
2755 Unit *other,
2756 UnitDependencyMask origin_mask,
2757 UnitDependencyMask destination_mask) {
2758
2759 UnitDependencyInfo info;
2760 int r;
2761
2762 assert(h);
2763 assert(other);
2764 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2765 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2766 assert(origin_mask > 0 || destination_mask > 0);
2767
2768 r = hashmap_ensure_allocated(h, NULL);
2769 if (r < 0)
2770 return r;
2771
2772 assert_cc(sizeof(void*) == sizeof(info));
2773
2774 info.data = hashmap_get(*h, other);
2775 if (info.data) {
2776 /* Entry already exists. Add in our mask. */
2777
2778 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2779 FLAGS_SET(destination_mask, info.destination_mask))
2780 return 0; /* NOP */
2781
2782 info.origin_mask |= origin_mask;
2783 info.destination_mask |= destination_mask;
2784
2785 r = hashmap_update(*h, other, info.data);
2786 } else {
2787 info = (UnitDependencyInfo) {
2788 .origin_mask = origin_mask,
2789 .destination_mask = destination_mask,
2790 };
2791
2792 r = hashmap_put(*h, other, info.data);
2793 }
2794 if (r < 0)
2795 return r;
2796
2797 return 1;
2798 }
2799
2800 int unit_add_dependency(
2801 Unit *u,
2802 UnitDependency d,
2803 Unit *other,
2804 bool add_reference,
2805 UnitDependencyMask mask) {
2806
2807 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2808 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2809 [UNIT_WANTS] = UNIT_WANTED_BY,
2810 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2811 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2812 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2813 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2814 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2815 [UNIT_WANTED_BY] = UNIT_WANTS,
2816 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2817 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2818 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2819 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2820 [UNIT_BEFORE] = UNIT_AFTER,
2821 [UNIT_AFTER] = UNIT_BEFORE,
2822 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2823 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2824 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2825 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2826 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2827 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2828 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2829 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2830 };
2831 Unit *original_u = u, *original_other = other;
2832 int r;
2833
2834 assert(u);
2835 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2836 assert(other);
2837
2838 u = unit_follow_merge(u);
2839 other = unit_follow_merge(other);
2840
2841 /* We won't allow dependencies on ourselves. We will not
2842 * consider them an error however. */
2843 if (u == other) {
2844 maybe_warn_about_dependency(original_u, original_other->id, d);
2845 return 0;
2846 }
2847
2848 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2849 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2850 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2851 return 0;
2852 }
2853
2854 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2855 if (r < 0)
2856 return r;
2857
2858 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2859 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2860 if (r < 0)
2861 return r;
2862 }
2863
2864 if (add_reference) {
2865 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2866 if (r < 0)
2867 return r;
2868
2869 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2870 if (r < 0)
2871 return r;
2872 }
2873
2874 unit_add_to_dbus_queue(u);
2875 return 0;
2876 }
2877
2878 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2879 int r;
2880
2881 assert(u);
2882
2883 r = unit_add_dependency(u, d, other, add_reference, mask);
2884 if (r < 0)
2885 return r;
2886
2887 return unit_add_dependency(u, e, other, add_reference, mask);
2888 }
2889
2890 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2891 int r;
2892
2893 assert(u);
2894 assert(name || path);
2895 assert(buf);
2896 assert(ret);
2897
2898 if (!name)
2899 name = basename(path);
2900
2901 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2902 *buf = NULL;
2903 *ret = name;
2904 return 0;
2905 }
2906
2907 if (u->instance)
2908 r = unit_name_replace_instance(name, u->instance, buf);
2909 else {
2910 _cleanup_free_ char *i = NULL;
2911
2912 r = unit_name_to_prefix(u->id, &i);
2913 if (r < 0)
2914 return r;
2915
2916 r = unit_name_replace_instance(name, i, buf);
2917 }
2918 if (r < 0)
2919 return r;
2920
2921 *ret = *buf;
2922 return 0;
2923 }
2924
2925 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2926 _cleanup_free_ char *buf = NULL;
2927 Unit *other;
2928 int r;
2929
2930 assert(u);
2931 assert(name || path);
2932
2933 r = resolve_template(u, name, path, &buf, &name);
2934 if (r < 0)
2935 return r;
2936
2937 r = manager_load_unit(u->manager, name, path, NULL, &other);
2938 if (r < 0)
2939 return r;
2940
2941 return unit_add_dependency(u, d, other, add_reference, mask);
2942 }
2943
2944 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2945 _cleanup_free_ char *buf = NULL;
2946 Unit *other;
2947 int r;
2948
2949 assert(u);
2950 assert(name || path);
2951
2952 r = resolve_template(u, name, path, &buf, &name);
2953 if (r < 0)
2954 return r;
2955
2956 r = manager_load_unit(u->manager, name, path, NULL, &other);
2957 if (r < 0)
2958 return r;
2959
2960 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2961 }
2962
2963 int set_unit_path(const char *p) {
2964 /* This is mostly for debug purposes */
2965 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2966 return -errno;
2967
2968 return 0;
2969 }
2970
2971 char *unit_dbus_path(Unit *u) {
2972 assert(u);
2973
2974 if (!u->id)
2975 return NULL;
2976
2977 return unit_dbus_path_from_name(u->id);
2978 }
2979
2980 char *unit_dbus_path_invocation_id(Unit *u) {
2981 assert(u);
2982
2983 if (sd_id128_is_null(u->invocation_id))
2984 return NULL;
2985
2986 return unit_dbus_path_from_name(u->invocation_id_string);
2987 }
2988
2989 int unit_set_slice(Unit *u, Unit *slice) {
2990 assert(u);
2991 assert(slice);
2992
2993 /* Sets the unit slice if it has not been set before. Is extra
2994 * careful, to only allow this for units that actually have a
2995 * cgroup context. Also, we don't allow to set this for slices
2996 * (since the parent slice is derived from the name). Make
2997 * sure the unit we set is actually a slice. */
2998
2999 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3000 return -EOPNOTSUPP;
3001
3002 if (u->type == UNIT_SLICE)
3003 return -EINVAL;
3004
3005 if (unit_active_state(u) != UNIT_INACTIVE)
3006 return -EBUSY;
3007
3008 if (slice->type != UNIT_SLICE)
3009 return -EINVAL;
3010
3011 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3012 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3013 return -EPERM;
3014
3015 if (UNIT_DEREF(u->slice) == slice)
3016 return 0;
3017
3018 /* Disallow slice changes if @u is already bound to cgroups */
3019 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3020 return -EBUSY;
3021
3022 unit_ref_set(&u->slice, u, slice);
3023 return 1;
3024 }
3025
3026 int unit_set_default_slice(Unit *u) {
3027 _cleanup_free_ char *b = NULL;
3028 const char *slice_name;
3029 Unit *slice;
3030 int r;
3031
3032 assert(u);
3033
3034 if (UNIT_ISSET(u->slice))
3035 return 0;
3036
3037 if (u->instance) {
3038 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3039
3040 /* Implicitly place all instantiated units in their
3041 * own per-template slice */
3042
3043 r = unit_name_to_prefix(u->id, &prefix);
3044 if (r < 0)
3045 return r;
3046
3047 /* The prefix is already escaped, but it might include
3048 * "-" which has a special meaning for slice units,
3049 * hence escape it here extra. */
3050 escaped = unit_name_escape(prefix);
3051 if (!escaped)
3052 return -ENOMEM;
3053
3054 if (MANAGER_IS_SYSTEM(u->manager))
3055 b = strjoin("system-", escaped, ".slice");
3056 else
3057 b = strappend(escaped, ".slice");
3058 if (!b)
3059 return -ENOMEM;
3060
3061 slice_name = b;
3062 } else
3063 slice_name =
3064 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3065 ? SPECIAL_SYSTEM_SLICE
3066 : SPECIAL_ROOT_SLICE;
3067
3068 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3069 if (r < 0)
3070 return r;
3071
3072 return unit_set_slice(u, slice);
3073 }
3074
3075 const char *unit_slice_name(Unit *u) {
3076 assert(u);
3077
3078 if (!UNIT_ISSET(u->slice))
3079 return NULL;
3080
3081 return UNIT_DEREF(u->slice)->id;
3082 }
3083
3084 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3085 _cleanup_free_ char *t = NULL;
3086 int r;
3087
3088 assert(u);
3089 assert(type);
3090 assert(_found);
3091
3092 r = unit_name_change_suffix(u->id, type, &t);
3093 if (r < 0)
3094 return r;
3095 if (unit_has_name(u, t))
3096 return -EINVAL;
3097
3098 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3099 assert(r < 0 || *_found != u);
3100 return r;
3101 }
3102
3103 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3104 const char *name, *old_owner, *new_owner;
3105 Unit *u = userdata;
3106 int r;
3107
3108 assert(message);
3109 assert(u);
3110
3111 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3112 if (r < 0) {
3113 bus_log_parse_error(r);
3114 return 0;
3115 }
3116
3117 old_owner = empty_to_null(old_owner);
3118 new_owner = empty_to_null(new_owner);
3119
3120 if (UNIT_VTABLE(u)->bus_name_owner_change)
3121 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3122
3123 return 0;
3124 }
3125
3126 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3127 const char *match;
3128
3129 assert(u);
3130 assert(bus);
3131 assert(name);
3132
3133 if (u->match_bus_slot)
3134 return -EBUSY;
3135
3136 match = strjoina("type='signal',"
3137 "sender='org.freedesktop.DBus',"
3138 "path='/org/freedesktop/DBus',"
3139 "interface='org.freedesktop.DBus',"
3140 "member='NameOwnerChanged',"
3141 "arg0='", name, "'");
3142
3143 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3144 }
3145
3146 int unit_watch_bus_name(Unit *u, const char *name) {
3147 int r;
3148
3149 assert(u);
3150 assert(name);
3151
3152 /* Watch a specific name on the bus. We only support one unit
3153 * watching each name for now. */
3154
3155 if (u->manager->api_bus) {
3156 /* If the bus is already available, install the match directly.
3157 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3158 r = unit_install_bus_match(u, u->manager->api_bus, name);
3159 if (r < 0)
3160 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3161 }
3162
3163 r = hashmap_put(u->manager->watch_bus, name, u);
3164 if (r < 0) {
3165 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3166 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3167 }
3168
3169 return 0;
3170 }
3171
3172 void unit_unwatch_bus_name(Unit *u, const char *name) {
3173 assert(u);
3174 assert(name);
3175
3176 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3177 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3178 }
3179
3180 bool unit_can_serialize(Unit *u) {
3181 assert(u);
3182
3183 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3184 }
3185
3186 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3187 _cleanup_free_ char *s = NULL;
3188 int r = 0;
3189
3190 assert(f);
3191 assert(key);
3192
3193 if (mask != 0) {
3194 r = cg_mask_to_string(mask, &s);
3195 if (r >= 0) {
3196 fputs(key, f);
3197 fputc('=', f);
3198 fputs(s, f);
3199 fputc('\n', f);
3200 }
3201 }
3202 return r;
3203 }
3204
3205 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3206 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3207 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3208 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3209 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3210 };
3211
3212 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3213 CGroupIPAccountingMetric m;
3214 int r;
3215
3216 assert(u);
3217 assert(f);
3218 assert(fds);
3219
3220 if (unit_can_serialize(u)) {
3221 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3222 if (r < 0)
3223 return r;
3224 }
3225
3226 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3227
3228 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3229 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3230 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3231 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3232
3233 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3234 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3235
3236 if (dual_timestamp_is_set(&u->condition_timestamp))
3237 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3238
3239 if (dual_timestamp_is_set(&u->assert_timestamp))
3240 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3241
3242 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3243
3244 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3245 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3246 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3247
3248 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3249 if (u->cpu_usage_last != NSEC_INFINITY)
3250 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3251
3252 if (u->cgroup_path)
3253 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3254 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3255 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3256 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3257 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3258
3259 if (uid_is_valid(u->ref_uid))
3260 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3261 if (gid_is_valid(u->ref_gid))
3262 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3263
3264 if (!sd_id128_is_null(u->invocation_id))
3265 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3266
3267 bus_track_serialize(u->bus_track, f, "ref");
3268
3269 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3270 uint64_t v;
3271
3272 r = unit_get_ip_accounting(u, m, &v);
3273 if (r >= 0)
3274 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3275 }
3276
3277 if (serialize_jobs) {
3278 if (u->job) {
3279 fprintf(f, "job\n");
3280 job_serialize(u->job, f);
3281 }
3282
3283 if (u->nop_job) {
3284 fprintf(f, "job\n");
3285 job_serialize(u->nop_job, f);
3286 }
3287 }
3288
3289 /* End marker */
3290 fputc('\n', f);
3291 return 0;
3292 }
3293
3294 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3295 assert(u);
3296 assert(f);
3297 assert(key);
3298
3299 if (!value)
3300 return 0;
3301
3302 fputs(key, f);
3303 fputc('=', f);
3304 fputs(value, f);
3305 fputc('\n', f);
3306
3307 return 1;
3308 }
3309
3310 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3311 _cleanup_free_ char *c = NULL;
3312
3313 assert(u);
3314 assert(f);
3315 assert(key);
3316
3317 if (!value)
3318 return 0;
3319
3320 c = cescape(value);
3321 if (!c)
3322 return -ENOMEM;
3323
3324 fputs(key, f);
3325 fputc('=', f);
3326 fputs(c, f);
3327 fputc('\n', f);
3328
3329 return 1;
3330 }
3331
3332 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3333 int copy;
3334
3335 assert(u);
3336 assert(f);
3337 assert(key);
3338
3339 if (fd < 0)
3340 return 0;
3341
3342 copy = fdset_put_dup(fds, fd);
3343 if (copy < 0)
3344 return copy;
3345
3346 fprintf(f, "%s=%i\n", key, copy);
3347 return 1;
3348 }
3349
3350 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3351 va_list ap;
3352
3353 assert(u);
3354 assert(f);
3355 assert(key);
3356 assert(format);
3357
3358 fputs(key, f);
3359 fputc('=', f);
3360
3361 va_start(ap, format);
3362 vfprintf(f, format, ap);
3363 va_end(ap);
3364
3365 fputc('\n', f);
3366 }
3367
3368 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3369 int r;
3370
3371 assert(u);
3372 assert(f);
3373 assert(fds);
3374
3375 for (;;) {
3376 char line[LINE_MAX], *l, *v;
3377 CGroupIPAccountingMetric m;
3378 size_t k;
3379
3380 if (!fgets(line, sizeof(line), f)) {
3381 if (feof(f))
3382 return 0;
3383 return -errno;
3384 }
3385
3386 char_array_0(line);
3387 l = strstrip(line);
3388
3389 /* End marker */
3390 if (isempty(l))
3391 break;
3392
3393 k = strcspn(l, "=");
3394
3395 if (l[k] == '=') {
3396 l[k] = 0;
3397 v = l+k+1;
3398 } else
3399 v = l+k;
3400
3401 if (streq(l, "job")) {
3402 if (v[0] == '\0') {
3403 /* new-style serialized job */
3404 Job *j;
3405
3406 j = job_new_raw(u);
3407 if (!j)
3408 return log_oom();
3409
3410 r = job_deserialize(j, f);
3411 if (r < 0) {
3412 job_free(j);
3413 return r;
3414 }
3415
3416 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3417 if (r < 0) {
3418 job_free(j);
3419 return r;
3420 }
3421
3422 r = job_install_deserialized(j);
3423 if (r < 0) {
3424 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3425 job_free(j);
3426 return r;
3427 }
3428 } else /* legacy for pre-44 */
3429 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3430 continue;
3431 } else if (streq(l, "state-change-timestamp")) {
3432 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3433 continue;
3434 } else if (streq(l, "inactive-exit-timestamp")) {
3435 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3436 continue;
3437 } else if (streq(l, "active-enter-timestamp")) {
3438 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3439 continue;
3440 } else if (streq(l, "active-exit-timestamp")) {
3441 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3442 continue;
3443 } else if (streq(l, "inactive-enter-timestamp")) {
3444 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3445 continue;
3446 } else if (streq(l, "condition-timestamp")) {
3447 dual_timestamp_deserialize(v, &u->condition_timestamp);
3448 continue;
3449 } else if (streq(l, "assert-timestamp")) {
3450 dual_timestamp_deserialize(v, &u->assert_timestamp);
3451 continue;
3452 } else if (streq(l, "condition-result")) {
3453
3454 r = parse_boolean(v);
3455 if (r < 0)
3456 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3457 else
3458 u->condition_result = r;
3459
3460 continue;
3461
3462 } else if (streq(l, "assert-result")) {
3463
3464 r = parse_boolean(v);
3465 if (r < 0)
3466 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3467 else
3468 u->assert_result = r;
3469
3470 continue;
3471
3472 } else if (streq(l, "transient")) {
3473
3474 r = parse_boolean(v);
3475 if (r < 0)
3476 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3477 else
3478 u->transient = r;
3479
3480 continue;
3481
3482 } else if (streq(l, "exported-invocation-id")) {
3483
3484 r = parse_boolean(v);
3485 if (r < 0)
3486 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3487 else
3488 u->exported_invocation_id = r;
3489
3490 continue;
3491
3492 } else if (streq(l, "exported-log-level-max")) {
3493
3494 r = parse_boolean(v);
3495 if (r < 0)
3496 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3497 else
3498 u->exported_log_level_max = r;
3499
3500 continue;
3501
3502 } else if (streq(l, "exported-log-extra-fields")) {
3503
3504 r = parse_boolean(v);
3505 if (r < 0)
3506 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3507 else
3508 u->exported_log_extra_fields = r;
3509
3510 continue;
3511
3512 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3513
3514 r = safe_atou64(v, &u->cpu_usage_base);
3515 if (r < 0)
3516 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3517
3518 continue;
3519
3520 } else if (streq(l, "cpu-usage-last")) {
3521
3522 r = safe_atou64(v, &u->cpu_usage_last);
3523 if (r < 0)
3524 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3525
3526 continue;
3527
3528 } else if (streq(l, "cgroup")) {
3529
3530 r = unit_set_cgroup_path(u, v);
3531 if (r < 0)
3532 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3533
3534 (void) unit_watch_cgroup(u);
3535
3536 continue;
3537 } else if (streq(l, "cgroup-realized")) {
3538 int b;
3539
3540 b = parse_boolean(v);
3541 if (b < 0)
3542 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3543 else
3544 u->cgroup_realized = b;
3545
3546 continue;
3547
3548 } else if (streq(l, "cgroup-realized-mask")) {
3549
3550 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3551 if (r < 0)
3552 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3553 continue;
3554
3555 } else if (streq(l, "cgroup-enabled-mask")) {
3556
3557 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3558 if (r < 0)
3559 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3560 continue;
3561
3562 } else if (streq(l, "cgroup-bpf-realized")) {
3563 int i;
3564
3565 r = safe_atoi(v, &i);
3566 if (r < 0)
3567 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3568 else
3569 u->cgroup_bpf_state =
3570 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3571 i > 0 ? UNIT_CGROUP_BPF_ON :
3572 UNIT_CGROUP_BPF_OFF;
3573
3574 continue;
3575
3576 } else if (streq(l, "ref-uid")) {
3577 uid_t uid;
3578
3579 r = parse_uid(v, &uid);
3580 if (r < 0)
3581 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3582 else
3583 unit_ref_uid_gid(u, uid, GID_INVALID);
3584
3585 continue;
3586
3587 } else if (streq(l, "ref-gid")) {
3588 gid_t gid;
3589
3590 r = parse_gid(v, &gid);
3591 if (r < 0)
3592 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3593 else
3594 unit_ref_uid_gid(u, UID_INVALID, gid);
3595
3596 } else if (streq(l, "ref")) {
3597
3598 r = strv_extend(&u->deserialized_refs, v);
3599 if (r < 0)
3600 log_oom();
3601
3602 continue;
3603 } else if (streq(l, "invocation-id")) {
3604 sd_id128_t id;
3605
3606 r = sd_id128_from_string(v, &id);
3607 if (r < 0)
3608 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3609 else {
3610 r = unit_set_invocation_id(u, id);
3611 if (r < 0)
3612 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3613 }
3614
3615 continue;
3616 }
3617
3618 /* Check if this is an IP accounting metric serialization field */
3619 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3620 if (streq(l, ip_accounting_metric_field[m]))
3621 break;
3622 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3623 uint64_t c;
3624
3625 r = safe_atou64(v, &c);
3626 if (r < 0)
3627 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3628 else
3629 u->ip_accounting_extra[m] = c;
3630 continue;
3631 }
3632
3633 if (unit_can_serialize(u)) {
3634 r = exec_runtime_deserialize_compat(u, l, v, fds);
3635 if (r < 0) {
3636 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3637 continue;
3638 }
3639
3640 /* Returns positive if key was handled by the call */
3641 if (r > 0)
3642 continue;
3643
3644 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3645 if (r < 0)
3646 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3647 }
3648 }
3649
3650 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3651 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3652 * before 228 where the base for timeouts was not persistent across reboots. */
3653
3654 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3655 dual_timestamp_get(&u->state_change_timestamp);
3656
3657 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3658 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3659 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3660 unit_invalidate_cgroup_bpf(u);
3661
3662 return 0;
3663 }
3664
3665 void unit_deserialize_skip(FILE *f) {
3666 assert(f);
3667
3668 /* Skip serialized data for this unit. We don't know what it is. */
3669
3670 for (;;) {
3671 char line[LINE_MAX], *l;
3672
3673 if (!fgets(line, sizeof line, f))
3674 return;
3675
3676 char_array_0(line);
3677 l = strstrip(line);
3678
3679 /* End marker */
3680 if (isempty(l))
3681 return;
3682 }
3683 }
3684
3685 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3686 Unit *device;
3687 _cleanup_free_ char *e = NULL;
3688 int r;
3689
3690 assert(u);
3691
3692 /* Adds in links to the device node that this unit is based on */
3693 if (isempty(what))
3694 return 0;
3695
3696 if (!is_device_path(what))
3697 return 0;
3698
3699 /* When device units aren't supported (such as in a
3700 * container), don't create dependencies on them. */
3701 if (!unit_type_supported(UNIT_DEVICE))
3702 return 0;
3703
3704 r = unit_name_from_path(what, ".device", &e);
3705 if (r < 0)
3706 return r;
3707
3708 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3709 if (r < 0)
3710 return r;
3711
3712 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3713 dep = UNIT_BINDS_TO;
3714
3715 r = unit_add_two_dependencies(u, UNIT_AFTER,
3716 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3717 device, true, mask);
3718 if (r < 0)
3719 return r;
3720
3721 if (wants) {
3722 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3723 if (r < 0)
3724 return r;
3725 }
3726
3727 return 0;
3728 }
3729
3730 int unit_coldplug(Unit *u) {
3731 int r = 0, q;
3732 char **i;
3733
3734 assert(u);
3735
3736 /* Make sure we don't enter a loop, when coldplugging recursively. */
3737 if (u->coldplugged)
3738 return 0;
3739
3740 u->coldplugged = true;
3741
3742 STRV_FOREACH(i, u->deserialized_refs) {
3743 q = bus_unit_track_add_name(u, *i);
3744 if (q < 0 && r >= 0)
3745 r = q;
3746 }
3747 u->deserialized_refs = strv_free(u->deserialized_refs);
3748
3749 if (UNIT_VTABLE(u)->coldplug) {
3750 q = UNIT_VTABLE(u)->coldplug(u);
3751 if (q < 0 && r >= 0)
3752 r = q;
3753 }
3754
3755 if (u->job) {
3756 q = job_coldplug(u->job);
3757 if (q < 0 && r >= 0)
3758 r = q;
3759 }
3760
3761 return r;
3762 }
3763
3764 void unit_catchup(Unit *u) {
3765 assert(u);
3766
3767 if (UNIT_VTABLE(u)->catchup)
3768 UNIT_VTABLE(u)->catchup(u);
3769 }
3770
3771 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3772 struct stat st;
3773
3774 if (!path)
3775 return false;
3776
3777 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3778 * are never out-of-date. */
3779 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3780 return false;
3781
3782 if (stat(path, &st) < 0)
3783 /* What, cannot access this anymore? */
3784 return true;
3785
3786 if (path_masked)
3787 /* For masked files check if they are still so */
3788 return !null_or_empty(&st);
3789 else
3790 /* For non-empty files check the mtime */
3791 return timespec_load(&st.st_mtim) > mtime;
3792
3793 return false;
3794 }
3795
3796 bool unit_need_daemon_reload(Unit *u) {
3797 _cleanup_strv_free_ char **t = NULL;
3798 char **path;
3799
3800 assert(u);
3801
3802 /* For unit files, we allow masking… */
3803 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3804 u->load_state == UNIT_MASKED))
3805 return true;
3806
3807 /* Source paths should not be masked… */
3808 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3809 return true;
3810
3811 if (u->load_state == UNIT_LOADED)
3812 (void) unit_find_dropin_paths(u, &t);
3813 if (!strv_equal(u->dropin_paths, t))
3814 return true;
3815
3816 /* … any drop-ins that are masked are simply omitted from the list. */
3817 STRV_FOREACH(path, u->dropin_paths)
3818 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3819 return true;
3820
3821 return false;
3822 }
3823
3824 void unit_reset_failed(Unit *u) {
3825 assert(u);
3826
3827 if (UNIT_VTABLE(u)->reset_failed)
3828 UNIT_VTABLE(u)->reset_failed(u);
3829
3830 RATELIMIT_RESET(u->start_limit);
3831 u->start_limit_hit = false;
3832 }
3833
3834 Unit *unit_following(Unit *u) {
3835 assert(u);
3836
3837 if (UNIT_VTABLE(u)->following)
3838 return UNIT_VTABLE(u)->following(u);
3839
3840 return NULL;
3841 }
3842
3843 bool unit_stop_pending(Unit *u) {
3844 assert(u);
3845
3846 /* This call does check the current state of the unit. It's
3847 * hence useful to be called from state change calls of the
3848 * unit itself, where the state isn't updated yet. This is
3849 * different from unit_inactive_or_pending() which checks both
3850 * the current state and for a queued job. */
3851
3852 return u->job && u->job->type == JOB_STOP;
3853 }
3854
3855 bool unit_inactive_or_pending(Unit *u) {
3856 assert(u);
3857
3858 /* Returns true if the unit is inactive or going down */
3859
3860 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3861 return true;
3862
3863 if (unit_stop_pending(u))
3864 return true;
3865
3866 return false;
3867 }
3868
3869 bool unit_active_or_pending(Unit *u) {
3870 assert(u);
3871
3872 /* Returns true if the unit is active or going up */
3873
3874 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3875 return true;
3876
3877 if (u->job &&
3878 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3879 return true;
3880
3881 return false;
3882 }
3883
3884 bool unit_will_restart(Unit *u) {
3885 assert(u);
3886
3887 if (!UNIT_VTABLE(u)->will_restart)
3888 return false;
3889
3890 return UNIT_VTABLE(u)->will_restart(u);
3891 }
3892
3893 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3894 assert(u);
3895 assert(w >= 0 && w < _KILL_WHO_MAX);
3896 assert(SIGNAL_VALID(signo));
3897
3898 if (!UNIT_VTABLE(u)->kill)
3899 return -EOPNOTSUPP;
3900
3901 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3902 }
3903
3904 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3905 _cleanup_set_free_ Set *pid_set = NULL;
3906 int r;
3907
3908 pid_set = set_new(NULL);
3909 if (!pid_set)
3910 return NULL;
3911
3912 /* Exclude the main/control pids from being killed via the cgroup */
3913 if (main_pid > 0) {
3914 r = set_put(pid_set, PID_TO_PTR(main_pid));
3915 if (r < 0)
3916 return NULL;
3917 }
3918
3919 if (control_pid > 0) {
3920 r = set_put(pid_set, PID_TO_PTR(control_pid));
3921 if (r < 0)
3922 return NULL;
3923 }
3924
3925 return TAKE_PTR(pid_set);
3926 }
3927
3928 int unit_kill_common(
3929 Unit *u,
3930 KillWho who,
3931 int signo,
3932 pid_t main_pid,
3933 pid_t control_pid,
3934 sd_bus_error *error) {
3935
3936 int r = 0;
3937 bool killed = false;
3938
3939 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3940 if (main_pid < 0)
3941 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3942 else if (main_pid == 0)
3943 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3944 }
3945
3946 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3947 if (control_pid < 0)
3948 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3949 else if (control_pid == 0)
3950 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3951 }
3952
3953 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3954 if (control_pid > 0) {
3955 if (kill(control_pid, signo) < 0)
3956 r = -errno;
3957 else
3958 killed = true;
3959 }
3960
3961 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3962 if (main_pid > 0) {
3963 if (kill(main_pid, signo) < 0)
3964 r = -errno;
3965 else
3966 killed = true;
3967 }
3968
3969 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3970 _cleanup_set_free_ Set *pid_set = NULL;
3971 int q;
3972
3973 /* Exclude the main/control pids from being killed via the cgroup */
3974 pid_set = unit_pid_set(main_pid, control_pid);
3975 if (!pid_set)
3976 return -ENOMEM;
3977
3978 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3979 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3980 r = q;
3981 else
3982 killed = true;
3983 }
3984
3985 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3986 return -ESRCH;
3987
3988 return r;
3989 }
3990
3991 int unit_following_set(Unit *u, Set **s) {
3992 assert(u);
3993 assert(s);
3994
3995 if (UNIT_VTABLE(u)->following_set)
3996 return UNIT_VTABLE(u)->following_set(u, s);
3997
3998 *s = NULL;
3999 return 0;
4000 }
4001
4002 UnitFileState unit_get_unit_file_state(Unit *u) {
4003 int r;
4004
4005 assert(u);
4006
4007 if (u->unit_file_state < 0 && u->fragment_path) {
4008 r = unit_file_get_state(
4009 u->manager->unit_file_scope,
4010 NULL,
4011 u->id,
4012 &u->unit_file_state);
4013 if (r < 0)
4014 u->unit_file_state = UNIT_FILE_BAD;
4015 }
4016
4017 return u->unit_file_state;
4018 }
4019
4020 int unit_get_unit_file_preset(Unit *u) {
4021 assert(u);
4022
4023 if (u->unit_file_preset < 0 && u->fragment_path)
4024 u->unit_file_preset = unit_file_query_preset(
4025 u->manager->unit_file_scope,
4026 NULL,
4027 basename(u->fragment_path));
4028
4029 return u->unit_file_preset;
4030 }
4031
4032 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4033 assert(ref);
4034 assert(source);
4035 assert(target);
4036
4037 if (ref->target)
4038 unit_ref_unset(ref);
4039
4040 ref->source = source;
4041 ref->target = target;
4042 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4043 return target;
4044 }
4045
4046 void unit_ref_unset(UnitRef *ref) {
4047 assert(ref);
4048
4049 if (!ref->target)
4050 return;
4051
4052 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4053 * be unreferenced now. */
4054 unit_add_to_gc_queue(ref->target);
4055
4056 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4057 ref->source = ref->target = NULL;
4058 }
4059
4060 static int user_from_unit_name(Unit *u, char **ret) {
4061
4062 static const uint8_t hash_key[] = {
4063 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4064 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4065 };
4066
4067 _cleanup_free_ char *n = NULL;
4068 int r;
4069
4070 r = unit_name_to_prefix(u->id, &n);
4071 if (r < 0)
4072 return r;
4073
4074 if (valid_user_group_name(n)) {
4075 *ret = TAKE_PTR(n);
4076 return 0;
4077 }
4078
4079 /* If we can't use the unit name as a user name, then let's hash it and use that */
4080 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4081 return -ENOMEM;
4082
4083 return 0;
4084 }
4085
4086 int unit_patch_contexts(Unit *u) {
4087 CGroupContext *cc;
4088 ExecContext *ec;
4089 unsigned i;
4090 int r;
4091
4092 assert(u);
4093
4094 /* Patch in the manager defaults into the exec and cgroup
4095 * contexts, _after_ the rest of the settings have been
4096 * initialized */
4097
4098 ec = unit_get_exec_context(u);
4099 if (ec) {
4100 /* This only copies in the ones that need memory */
4101 for (i = 0; i < _RLIMIT_MAX; i++)
4102 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4103 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4104 if (!ec->rlimit[i])
4105 return -ENOMEM;
4106 }
4107
4108 if (MANAGER_IS_USER(u->manager) &&
4109 !ec->working_directory) {
4110
4111 r = get_home_dir(&ec->working_directory);
4112 if (r < 0)
4113 return r;
4114
4115 /* Allow user services to run, even if the
4116 * home directory is missing */
4117 ec->working_directory_missing_ok = true;
4118 }
4119
4120 if (ec->private_devices)
4121 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4122
4123 if (ec->protect_kernel_modules)
4124 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4125
4126 if (ec->dynamic_user) {
4127 if (!ec->user) {
4128 r = user_from_unit_name(u, &ec->user);
4129 if (r < 0)
4130 return r;
4131 }
4132
4133 if (!ec->group) {
4134 ec->group = strdup(ec->user);
4135 if (!ec->group)
4136 return -ENOMEM;
4137 }
4138
4139 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4140 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4141
4142 ec->private_tmp = true;
4143 ec->remove_ipc = true;
4144 ec->protect_system = PROTECT_SYSTEM_STRICT;
4145 if (ec->protect_home == PROTECT_HOME_NO)
4146 ec->protect_home = PROTECT_HOME_READ_ONLY;
4147 }
4148 }
4149
4150 cc = unit_get_cgroup_context(u);
4151 if (cc) {
4152
4153 if (ec &&
4154 ec->private_devices &&
4155 cc->device_policy == CGROUP_AUTO)
4156 cc->device_policy = CGROUP_CLOSED;
4157 }
4158
4159 return 0;
4160 }
4161
4162 ExecContext *unit_get_exec_context(Unit *u) {
4163 size_t offset;
4164 assert(u);
4165
4166 if (u->type < 0)
4167 return NULL;
4168
4169 offset = UNIT_VTABLE(u)->exec_context_offset;
4170 if (offset <= 0)
4171 return NULL;
4172
4173 return (ExecContext*) ((uint8_t*) u + offset);
4174 }
4175
4176 KillContext *unit_get_kill_context(Unit *u) {
4177 size_t offset;
4178 assert(u);
4179
4180 if (u->type < 0)
4181 return NULL;
4182
4183 offset = UNIT_VTABLE(u)->kill_context_offset;
4184 if (offset <= 0)
4185 return NULL;
4186
4187 return (KillContext*) ((uint8_t*) u + offset);
4188 }
4189
4190 CGroupContext *unit_get_cgroup_context(Unit *u) {
4191 size_t offset;
4192
4193 if (u->type < 0)
4194 return NULL;
4195
4196 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4197 if (offset <= 0)
4198 return NULL;
4199
4200 return (CGroupContext*) ((uint8_t*) u + offset);
4201 }
4202
4203 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4204 size_t offset;
4205
4206 if (u->type < 0)
4207 return NULL;
4208
4209 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4210 if (offset <= 0)
4211 return NULL;
4212
4213 return *(ExecRuntime**) ((uint8_t*) u + offset);
4214 }
4215
4216 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4217 assert(u);
4218
4219 if (UNIT_WRITE_FLAGS_NOOP(flags))
4220 return NULL;
4221
4222 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4223 return u->manager->lookup_paths.transient;
4224
4225 if (flags & UNIT_PERSISTENT)
4226 return u->manager->lookup_paths.persistent_control;
4227
4228 if (flags & UNIT_RUNTIME)
4229 return u->manager->lookup_paths.runtime_control;
4230
4231 return NULL;
4232 }
4233
4234 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4235 char *ret = NULL;
4236
4237 if (!s)
4238 return NULL;
4239
4240 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4241 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4242 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4243 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4244 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4245 * allocations. */
4246
4247 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4248 ret = specifier_escape(s);
4249 if (!ret)
4250 return NULL;
4251
4252 s = ret;
4253 }
4254
4255 if (flags & UNIT_ESCAPE_C) {
4256 char *a;
4257
4258 a = cescape(s);
4259 free(ret);
4260 if (!a)
4261 return NULL;
4262
4263 ret = a;
4264 }
4265
4266 if (buf) {
4267 *buf = ret;
4268 return ret ?: (char*) s;
4269 }
4270
4271 return ret ?: strdup(s);
4272 }
4273
4274 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4275 _cleanup_free_ char *result = NULL;
4276 size_t n = 0, allocated = 0;
4277 char **i;
4278
4279 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4280 * way suitable for ExecStart= stanzas */
4281
4282 STRV_FOREACH(i, l) {
4283 _cleanup_free_ char *buf = NULL;
4284 const char *p;
4285 size_t a;
4286 char *q;
4287
4288 p = unit_escape_setting(*i, flags, &buf);
4289 if (!p)
4290 return NULL;
4291
4292 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4293 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4294 return NULL;
4295
4296 q = result + n;
4297 if (n > 0)
4298 *(q++) = ' ';
4299
4300 *(q++) = '"';
4301 q = stpcpy(q, p);
4302 *(q++) = '"';
4303
4304 n += a;
4305 }
4306
4307 if (!GREEDY_REALLOC(result, allocated, n + 1))
4308 return NULL;
4309
4310 result[n] = 0;
4311
4312 return TAKE_PTR(result);
4313 }
4314
4315 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4316 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4317 const char *dir, *wrapped;
4318 int r;
4319
4320 assert(u);
4321 assert(name);
4322 assert(data);
4323
4324 if (UNIT_WRITE_FLAGS_NOOP(flags))
4325 return 0;
4326
4327 data = unit_escape_setting(data, flags, &escaped);
4328 if (!data)
4329 return -ENOMEM;
4330
4331 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4332 * previous section header is the same */
4333
4334 if (flags & UNIT_PRIVATE) {
4335 if (!UNIT_VTABLE(u)->private_section)
4336 return -EINVAL;
4337
4338 if (!u->transient_file || u->last_section_private < 0)
4339 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4340 else if (u->last_section_private == 0)
4341 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4342 } else {
4343 if (!u->transient_file || u->last_section_private < 0)
4344 data = strjoina("[Unit]\n", data);
4345 else if (u->last_section_private > 0)
4346 data = strjoina("\n[Unit]\n", data);
4347 }
4348
4349 if (u->transient_file) {
4350 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4351 * write to the transient unit file. */
4352 fputs(data, u->transient_file);
4353
4354 if (!endswith(data, "\n"))
4355 fputc('\n', u->transient_file);
4356
4357 /* Remember which section we wrote this entry to */
4358 u->last_section_private = !!(flags & UNIT_PRIVATE);
4359 return 0;
4360 }
4361
4362 dir = unit_drop_in_dir(u, flags);
4363 if (!dir)
4364 return -EINVAL;
4365
4366 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4367 "# or an equivalent operation. Do not edit.\n",
4368 data,
4369 "\n");
4370
4371 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4372 if (r < 0)
4373 return r;
4374
4375 (void) mkdir_p_label(p, 0755);
4376 r = write_string_file_atomic_label(q, wrapped);
4377 if (r < 0)
4378 return r;
4379
4380 r = strv_push(&u->dropin_paths, q);
4381 if (r < 0)
4382 return r;
4383 q = NULL;
4384
4385 strv_uniq(u->dropin_paths);
4386
4387 u->dropin_mtime = now(CLOCK_REALTIME);
4388
4389 return 0;
4390 }
4391
4392 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4393 _cleanup_free_ char *p = NULL;
4394 va_list ap;
4395 int r;
4396
4397 assert(u);
4398 assert(name);
4399 assert(format);
4400
4401 if (UNIT_WRITE_FLAGS_NOOP(flags))
4402 return 0;
4403
4404 va_start(ap, format);
4405 r = vasprintf(&p, format, ap);
4406 va_end(ap);
4407
4408 if (r < 0)
4409 return -ENOMEM;
4410
4411 return unit_write_setting(u, flags, name, p);
4412 }
4413
4414 int unit_make_transient(Unit *u) {
4415 _cleanup_free_ char *path = NULL;
4416 FILE *f;
4417
4418 assert(u);
4419
4420 if (!UNIT_VTABLE(u)->can_transient)
4421 return -EOPNOTSUPP;
4422
4423 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4424
4425 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4426 if (!path)
4427 return -ENOMEM;
4428
4429 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4430 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4431
4432 RUN_WITH_UMASK(0022) {
4433 f = fopen(path, "we");
4434 if (!f)
4435 return -errno;
4436 }
4437
4438 safe_fclose(u->transient_file);
4439 u->transient_file = f;
4440
4441 free_and_replace(u->fragment_path, path);
4442
4443 u->source_path = mfree(u->source_path);
4444 u->dropin_paths = strv_free(u->dropin_paths);
4445 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4446
4447 u->load_state = UNIT_STUB;
4448 u->load_error = 0;
4449 u->transient = true;
4450
4451 unit_add_to_dbus_queue(u);
4452 unit_add_to_gc_queue(u);
4453
4454 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4455 u->transient_file);
4456
4457 return 0;
4458 }
4459
4460 static void log_kill(pid_t pid, int sig, void *userdata) {
4461 _cleanup_free_ char *comm = NULL;
4462
4463 (void) get_process_comm(pid, &comm);
4464
4465 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4466 only, like for example systemd's own PAM stub process. */
4467 if (comm && comm[0] == '(')
4468 return;
4469
4470 log_unit_notice(userdata,
4471 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4472 pid,
4473 strna(comm),
4474 signal_to_string(sig));
4475 }
4476
4477 static int operation_to_signal(KillContext *c, KillOperation k) {
4478 assert(c);
4479
4480 switch (k) {
4481
4482 case KILL_TERMINATE:
4483 case KILL_TERMINATE_AND_LOG:
4484 return c->kill_signal;
4485
4486 case KILL_KILL:
4487 return SIGKILL;
4488
4489 case KILL_ABORT:
4490 return SIGABRT;
4491
4492 default:
4493 assert_not_reached("KillOperation unknown");
4494 }
4495 }
4496
4497 int unit_kill_context(
4498 Unit *u,
4499 KillContext *c,
4500 KillOperation k,
4501 pid_t main_pid,
4502 pid_t control_pid,
4503 bool main_pid_alien) {
4504
4505 bool wait_for_exit = false, send_sighup;
4506 cg_kill_log_func_t log_func = NULL;
4507 int sig, r;
4508
4509 assert(u);
4510 assert(c);
4511
4512 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4513 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4514
4515 if (c->kill_mode == KILL_NONE)
4516 return 0;
4517
4518 sig = operation_to_signal(c, k);
4519
4520 send_sighup =
4521 c->send_sighup &&
4522 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4523 sig != SIGHUP;
4524
4525 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4526 log_func = log_kill;
4527
4528 if (main_pid > 0) {
4529 if (log_func)
4530 log_func(main_pid, sig, u);
4531
4532 r = kill_and_sigcont(main_pid, sig);
4533 if (r < 0 && r != -ESRCH) {
4534 _cleanup_free_ char *comm = NULL;
4535 (void) get_process_comm(main_pid, &comm);
4536
4537 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4538 } else {
4539 if (!main_pid_alien)
4540 wait_for_exit = true;
4541
4542 if (r != -ESRCH && send_sighup)
4543 (void) kill(main_pid, SIGHUP);
4544 }
4545 }
4546
4547 if (control_pid > 0) {
4548 if (log_func)
4549 log_func(control_pid, sig, u);
4550
4551 r = kill_and_sigcont(control_pid, sig);
4552 if (r < 0 && r != -ESRCH) {
4553 _cleanup_free_ char *comm = NULL;
4554 (void) get_process_comm(control_pid, &comm);
4555
4556 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4557 } else {
4558 wait_for_exit = true;
4559
4560 if (r != -ESRCH && send_sighup)
4561 (void) kill(control_pid, SIGHUP);
4562 }
4563 }
4564
4565 if (u->cgroup_path &&
4566 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4567 _cleanup_set_free_ Set *pid_set = NULL;
4568
4569 /* Exclude the main/control pids from being killed via the cgroup */
4570 pid_set = unit_pid_set(main_pid, control_pid);
4571 if (!pid_set)
4572 return -ENOMEM;
4573
4574 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4575 sig,
4576 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4577 pid_set,
4578 log_func, u);
4579 if (r < 0) {
4580 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4581 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4582
4583 } else if (r > 0) {
4584
4585 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4586 * we are running in a container or if this is a delegation unit, simply because cgroup
4587 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4588 * of containers it can be confused easily by left-over directories in the cgroup — which
4589 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4590 * there we get proper events. Hence rely on them. */
4591
4592 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4593 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4594 wait_for_exit = true;
4595
4596 if (send_sighup) {
4597 set_free(pid_set);
4598
4599 pid_set = unit_pid_set(main_pid, control_pid);
4600 if (!pid_set)
4601 return -ENOMEM;
4602
4603 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4604 SIGHUP,
4605 CGROUP_IGNORE_SELF,
4606 pid_set,
4607 NULL, NULL);
4608 }
4609 }
4610 }
4611
4612 return wait_for_exit;
4613 }
4614
4615 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4616 _cleanup_free_ char *p = NULL;
4617 char *prefix;
4618 UnitDependencyInfo di;
4619 int r;
4620
4621 assert(u);
4622 assert(path);
4623
4624 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4625 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4626 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4627 * determine which units to make themselves a dependency of. */
4628
4629 if (!path_is_absolute(path))
4630 return -EINVAL;
4631
4632 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4633 if (r < 0)
4634 return r;
4635
4636 p = strdup(path);
4637 if (!p)
4638 return -ENOMEM;
4639
4640 path = path_simplify(p, false);
4641
4642 if (!path_is_normalized(path))
4643 return -EPERM;
4644
4645 if (hashmap_contains(u->requires_mounts_for, path))
4646 return 0;
4647
4648 di = (UnitDependencyInfo) {
4649 .origin_mask = mask
4650 };
4651
4652 r = hashmap_put(u->requires_mounts_for, path, di.data);
4653 if (r < 0)
4654 return r;
4655 p = NULL;
4656
4657 prefix = alloca(strlen(path) + 1);
4658 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4659 Set *x;
4660
4661 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4662 if (!x) {
4663 _cleanup_free_ char *q = NULL;
4664
4665 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4666 if (r < 0)
4667 return r;
4668
4669 q = strdup(prefix);
4670 if (!q)
4671 return -ENOMEM;
4672
4673 x = set_new(NULL);
4674 if (!x)
4675 return -ENOMEM;
4676
4677 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4678 if (r < 0) {
4679 set_free(x);
4680 return r;
4681 }
4682 q = NULL;
4683 }
4684
4685 r = set_put(x, u);
4686 if (r < 0)
4687 return r;
4688 }
4689
4690 return 0;
4691 }
4692
4693 int unit_setup_exec_runtime(Unit *u) {
4694 ExecRuntime **rt;
4695 size_t offset;
4696 Unit *other;
4697 Iterator i;
4698 void *v;
4699 int r;
4700
4701 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4702 assert(offset > 0);
4703
4704 /* Check if there already is an ExecRuntime for this unit? */
4705 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4706 if (*rt)
4707 return 0;
4708
4709 /* Try to get it from somebody else */
4710 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4711 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4712 if (r == 1)
4713 return 1;
4714 }
4715
4716 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4717 }
4718
4719 int unit_setup_dynamic_creds(Unit *u) {
4720 ExecContext *ec;
4721 DynamicCreds *dcreds;
4722 size_t offset;
4723
4724 assert(u);
4725
4726 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4727 assert(offset > 0);
4728 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4729
4730 ec = unit_get_exec_context(u);
4731 assert(ec);
4732
4733 if (!ec->dynamic_user)
4734 return 0;
4735
4736 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4737 }
4738
4739 bool unit_type_supported(UnitType t) {
4740 if (_unlikely_(t < 0))
4741 return false;
4742 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4743 return false;
4744
4745 if (!unit_vtable[t]->supported)
4746 return true;
4747
4748 return unit_vtable[t]->supported();
4749 }
4750
4751 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4752 int r;
4753
4754 assert(u);
4755 assert(where);
4756
4757 r = dir_is_empty(where);
4758 if (r > 0 || r == -ENOTDIR)
4759 return;
4760 if (r < 0) {
4761 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4762 return;
4763 }
4764
4765 log_struct(LOG_NOTICE,
4766 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4767 LOG_UNIT_ID(u),
4768 LOG_UNIT_INVOCATION_ID(u),
4769 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4770 "WHERE=%s", where);
4771 }
4772
4773 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4774 _cleanup_free_ char *canonical_where;
4775 int r;
4776
4777 assert(u);
4778 assert(where);
4779
4780 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4781 if (r < 0) {
4782 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4783 return 0;
4784 }
4785
4786 /* We will happily ignore a trailing slash (or any redundant slashes) */
4787 if (path_equal(where, canonical_where))
4788 return 0;
4789
4790 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4791 log_struct(LOG_ERR,
4792 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4793 LOG_UNIT_ID(u),
4794 LOG_UNIT_INVOCATION_ID(u),
4795 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4796 "WHERE=%s", where);
4797
4798 return -ELOOP;
4799 }
4800
4801 bool unit_is_pristine(Unit *u) {
4802 assert(u);
4803
4804 /* Check if the unit already exists or is already around,
4805 * in a number of different ways. Note that to cater for unit
4806 * types such as slice, we are generally fine with units that
4807 * are marked UNIT_LOADED even though nothing was actually
4808 * loaded, as those unit types don't require a file on disk. */
4809
4810 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4811 u->fragment_path ||
4812 u->source_path ||
4813 !strv_isempty(u->dropin_paths) ||
4814 u->job ||
4815 u->merged_into);
4816 }
4817
4818 pid_t unit_control_pid(Unit *u) {
4819 assert(u);
4820
4821 if (UNIT_VTABLE(u)->control_pid)
4822 return UNIT_VTABLE(u)->control_pid(u);
4823
4824 return 0;
4825 }
4826
4827 pid_t unit_main_pid(Unit *u) {
4828 assert(u);
4829
4830 if (UNIT_VTABLE(u)->main_pid)
4831 return UNIT_VTABLE(u)->main_pid(u);
4832
4833 return 0;
4834 }
4835
4836 static void unit_unref_uid_internal(
4837 Unit *u,
4838 uid_t *ref_uid,
4839 bool destroy_now,
4840 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4841
4842 assert(u);
4843 assert(ref_uid);
4844 assert(_manager_unref_uid);
4845
4846 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4847 * gid_t are actually the same time, with the same validity rules.
4848 *
4849 * Drops a reference to UID/GID from a unit. */
4850
4851 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4852 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4853
4854 if (!uid_is_valid(*ref_uid))
4855 return;
4856
4857 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4858 *ref_uid = UID_INVALID;
4859 }
4860
4861 void unit_unref_uid(Unit *u, bool destroy_now) {
4862 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4863 }
4864
4865 void unit_unref_gid(Unit *u, bool destroy_now) {
4866 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4867 }
4868
4869 static int unit_ref_uid_internal(
4870 Unit *u,
4871 uid_t *ref_uid,
4872 uid_t uid,
4873 bool clean_ipc,
4874 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4875
4876 int r;
4877
4878 assert(u);
4879 assert(ref_uid);
4880 assert(uid_is_valid(uid));
4881 assert(_manager_ref_uid);
4882
4883 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4884 * are actually the same type, and have the same validity rules.
4885 *
4886 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4887 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4888 * drops to zero. */
4889
4890 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4891 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4892
4893 if (*ref_uid == uid)
4894 return 0;
4895
4896 if (uid_is_valid(*ref_uid)) /* Already set? */
4897 return -EBUSY;
4898
4899 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4900 if (r < 0)
4901 return r;
4902
4903 *ref_uid = uid;
4904 return 1;
4905 }
4906
4907 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4908 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4909 }
4910
4911 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4912 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4913 }
4914
4915 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4916 int r = 0, q = 0;
4917
4918 assert(u);
4919
4920 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4921
4922 if (uid_is_valid(uid)) {
4923 r = unit_ref_uid(u, uid, clean_ipc);
4924 if (r < 0)
4925 return r;
4926 }
4927
4928 if (gid_is_valid(gid)) {
4929 q = unit_ref_gid(u, gid, clean_ipc);
4930 if (q < 0) {
4931 if (r > 0)
4932 unit_unref_uid(u, false);
4933
4934 return q;
4935 }
4936 }
4937
4938 return r > 0 || q > 0;
4939 }
4940
4941 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4942 ExecContext *c;
4943 int r;
4944
4945 assert(u);
4946
4947 c = unit_get_exec_context(u);
4948
4949 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4950 if (r < 0)
4951 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4952
4953 return r;
4954 }
4955
4956 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4957 assert(u);
4958
4959 unit_unref_uid(u, destroy_now);
4960 unit_unref_gid(u, destroy_now);
4961 }
4962
4963 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4964 int r;
4965
4966 assert(u);
4967
4968 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4969 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4970 * objects when no service references the UID/GID anymore. */
4971
4972 r = unit_ref_uid_gid(u, uid, gid);
4973 if (r > 0)
4974 bus_unit_send_change_signal(u);
4975 }
4976
4977 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4978 int r;
4979
4980 assert(u);
4981
4982 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4983
4984 if (sd_id128_equal(u->invocation_id, id))
4985 return 0;
4986
4987 if (!sd_id128_is_null(u->invocation_id))
4988 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4989
4990 if (sd_id128_is_null(id)) {
4991 r = 0;
4992 goto reset;
4993 }
4994
4995 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4996 if (r < 0)
4997 goto reset;
4998
4999 u->invocation_id = id;
5000 sd_id128_to_string(id, u->invocation_id_string);
5001
5002 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
5003 if (r < 0)
5004 goto reset;
5005
5006 return 0;
5007
5008 reset:
5009 u->invocation_id = SD_ID128_NULL;
5010 u->invocation_id_string[0] = 0;
5011 return r;
5012 }
5013
5014 int unit_acquire_invocation_id(Unit *u) {
5015 sd_id128_t id;
5016 int r;
5017
5018 assert(u);
5019
5020 r = sd_id128_randomize(&id);
5021 if (r < 0)
5022 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5023
5024 r = unit_set_invocation_id(u, id);
5025 if (r < 0)
5026 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5027
5028 return 0;
5029 }
5030
5031 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5032 assert(u);
5033 assert(p);
5034
5035 /* Copy parameters from manager */
5036 p->environment = u->manager->environment;
5037 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5038 p->cgroup_supported = u->manager->cgroup_supported;
5039 p->prefix = u->manager->prefix;
5040 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5041
5042 /* Copy paramaters from unit */
5043 p->cgroup_path = u->cgroup_path;
5044 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5045 }
5046
5047 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5048 int r;
5049
5050 assert(u);
5051 assert(ret);
5052
5053 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5054 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5055
5056 (void) unit_realize_cgroup(u);
5057
5058 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5059 if (r != 0)
5060 return r;
5061
5062 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5063 (void) ignore_signals(SIGPIPE, -1);
5064
5065 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5066
5067 if (u->cgroup_path) {
5068 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5069 if (r < 0) {
5070 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5071 _exit(EXIT_CGROUP);
5072 }
5073 }
5074
5075 return 0;
5076 }
5077
5078 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5079 assert(u);
5080 assert(d >= 0);
5081 assert(d < _UNIT_DEPENDENCY_MAX);
5082 assert(other);
5083
5084 if (di.origin_mask == 0 && di.destination_mask == 0) {
5085 /* No bit set anymore, let's drop the whole entry */
5086 assert_se(hashmap_remove(u->dependencies[d], other));
5087 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5088 } else
5089 /* Mask was reduced, let's update the entry */
5090 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5091 }
5092
5093 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5094 UnitDependency d;
5095
5096 assert(u);
5097
5098 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5099
5100 if (mask == 0)
5101 return;
5102
5103 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5104 bool done;
5105
5106 do {
5107 UnitDependencyInfo di;
5108 Unit *other;
5109 Iterator i;
5110
5111 done = true;
5112
5113 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5114 UnitDependency q;
5115
5116 if ((di.origin_mask & ~mask) == di.origin_mask)
5117 continue;
5118 di.origin_mask &= ~mask;
5119 unit_update_dependency_mask(u, d, other, di);
5120
5121 /* We updated the dependency from our unit to the other unit now. But most dependencies
5122 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5123 * all dependency types on the other unit and delete all those which point to us and
5124 * have the right mask set. */
5125
5126 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5127 UnitDependencyInfo dj;
5128
5129 dj.data = hashmap_get(other->dependencies[q], u);
5130 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5131 continue;
5132 dj.destination_mask &= ~mask;
5133
5134 unit_update_dependency_mask(other, q, u, dj);
5135 }
5136
5137 unit_add_to_gc_queue(other);
5138
5139 done = false;
5140 break;
5141 }
5142
5143 } while (!done);
5144 }
5145 }
5146
5147 static int unit_export_invocation_id(Unit *u) {
5148 const char *p;
5149 int r;
5150
5151 assert(u);
5152
5153 if (u->exported_invocation_id)
5154 return 0;
5155
5156 if (sd_id128_is_null(u->invocation_id))
5157 return 0;
5158
5159 p = strjoina("/run/systemd/units/invocation:", u->id);
5160 r = symlink_atomic(u->invocation_id_string, p);
5161 if (r < 0)
5162 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5163
5164 u->exported_invocation_id = true;
5165 return 0;
5166 }
5167
5168 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5169 const char *p;
5170 char buf[2];
5171 int r;
5172
5173 assert(u);
5174 assert(c);
5175
5176 if (u->exported_log_level_max)
5177 return 0;
5178
5179 if (c->log_level_max < 0)
5180 return 0;
5181
5182 assert(c->log_level_max <= 7);
5183
5184 buf[0] = '0' + c->log_level_max;
5185 buf[1] = 0;
5186
5187 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5188 r = symlink_atomic(buf, p);
5189 if (r < 0)
5190 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5191
5192 u->exported_log_level_max = true;
5193 return 0;
5194 }
5195
5196 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5197 _cleanup_close_ int fd = -1;
5198 struct iovec *iovec;
5199 const char *p;
5200 char *pattern;
5201 le64_t *sizes;
5202 ssize_t n;
5203 size_t i;
5204 int r;
5205
5206 if (u->exported_log_extra_fields)
5207 return 0;
5208
5209 if (c->n_log_extra_fields <= 0)
5210 return 0;
5211
5212 sizes = newa(le64_t, c->n_log_extra_fields);
5213 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5214
5215 for (i = 0; i < c->n_log_extra_fields; i++) {
5216 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5217
5218 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5219 iovec[i*2+1] = c->log_extra_fields[i];
5220 }
5221
5222 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5223 pattern = strjoina(p, ".XXXXXX");
5224
5225 fd = mkostemp_safe(pattern);
5226 if (fd < 0)
5227 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5228
5229 n = writev(fd, iovec, c->n_log_extra_fields*2);
5230 if (n < 0) {
5231 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5232 goto fail;
5233 }
5234
5235 (void) fchmod(fd, 0644);
5236
5237 if (rename(pattern, p) < 0) {
5238 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5239 goto fail;
5240 }
5241
5242 u->exported_log_extra_fields = true;
5243 return 0;
5244
5245 fail:
5246 (void) unlink(pattern);
5247 return r;
5248 }
5249
5250 void unit_export_state_files(Unit *u) {
5251 const ExecContext *c;
5252
5253 assert(u);
5254
5255 if (!u->id)
5256 return;
5257
5258 if (!MANAGER_IS_SYSTEM(u->manager))
5259 return;
5260
5261 if (u->manager->test_run_flags != 0)
5262 return;
5263
5264 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5265 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5266 * the IPC system itself and PID 1 also log to the journal.
5267 *
5268 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5269 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5270 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5271 * namespace at least.
5272 *
5273 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5274 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5275 * them with one. */
5276
5277 (void) unit_export_invocation_id(u);
5278
5279 c = unit_get_exec_context(u);
5280 if (c) {
5281 (void) unit_export_log_level_max(u, c);
5282 (void) unit_export_log_extra_fields(u, c);
5283 }
5284 }
5285
5286 void unit_unlink_state_files(Unit *u) {
5287 const char *p;
5288
5289 assert(u);
5290
5291 if (!u->id)
5292 return;
5293
5294 if (!MANAGER_IS_SYSTEM(u->manager))
5295 return;
5296
5297 /* Undoes the effect of unit_export_state() */
5298
5299 if (u->exported_invocation_id) {
5300 p = strjoina("/run/systemd/units/invocation:", u->id);
5301 (void) unlink(p);
5302
5303 u->exported_invocation_id = false;
5304 }
5305
5306 if (u->exported_log_level_max) {
5307 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5308 (void) unlink(p);
5309
5310 u->exported_log_level_max = false;
5311 }
5312
5313 if (u->exported_log_extra_fields) {
5314 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5315 (void) unlink(p);
5316
5317 u->exported_log_extra_fields = false;
5318 }
5319 }
5320
5321 int unit_prepare_exec(Unit *u) {
5322 int r;
5323
5324 assert(u);
5325
5326 /* Prepares everything so that we can fork of a process for this unit */
5327
5328 (void) unit_realize_cgroup(u);
5329
5330 if (u->reset_accounting) {
5331 (void) unit_reset_cpu_accounting(u);
5332 (void) unit_reset_ip_accounting(u);
5333 u->reset_accounting = false;
5334 }
5335
5336 unit_export_state_files(u);
5337
5338 r = unit_setup_exec_runtime(u);
5339 if (r < 0)
5340 return r;
5341
5342 r = unit_setup_dynamic_creds(u);
5343 if (r < 0)
5344 return r;
5345
5346 return 0;
5347 }
5348
5349 static void log_leftover(pid_t pid, int sig, void *userdata) {
5350 _cleanup_free_ char *comm = NULL;
5351
5352 (void) get_process_comm(pid, &comm);
5353
5354 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5355 return;
5356
5357 log_unit_warning(userdata,
5358 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5359 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5360 pid, strna(comm));
5361 }
5362
5363 void unit_warn_leftover_processes(Unit *u) {
5364 assert(u);
5365
5366 (void) unit_pick_cgroup_path(u);
5367
5368 if (!u->cgroup_path)
5369 return;
5370
5371 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5372 }
5373
5374 bool unit_needs_console(Unit *u) {
5375 ExecContext *ec;
5376 UnitActiveState state;
5377
5378 assert(u);
5379
5380 state = unit_active_state(u);
5381
5382 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5383 return false;
5384
5385 if (UNIT_VTABLE(u)->needs_console)
5386 return UNIT_VTABLE(u)->needs_console(u);
5387
5388 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5389 ec = unit_get_exec_context(u);
5390 if (!ec)
5391 return false;
5392
5393 return exec_context_may_touch_console(ec);
5394 }
5395
5396 const char *unit_label_path(Unit *u) {
5397 const char *p;
5398
5399 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5400 * when validating access checks. */
5401
5402 p = u->source_path ?: u->fragment_path;
5403 if (!p)
5404 return NULL;
5405
5406 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5407 if (path_equal(p, "/dev/null"))
5408 return NULL;
5409
5410 return p;
5411 }
5412
5413 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5414 int r;
5415
5416 assert(u);
5417
5418 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5419 * and not a kernel thread either */
5420
5421 /* First, a simple range check */
5422 if (!pid_is_valid(pid))
5423 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5424
5425 /* Some extra safety check */
5426 if (pid == 1 || pid == getpid_cached())
5427 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5428
5429 /* Don't even begin to bother with kernel threads */
5430 r = is_kernel_thread(pid);
5431 if (r == -ESRCH)
5432 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5433 if (r < 0)
5434 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5435 if (r > 0)
5436 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5437
5438 return 0;
5439 }
5440
5441 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5442 [COLLECT_INACTIVE] = "inactive",
5443 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5444 };
5445
5446 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.