1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
18 #include "cgroup-setup.h"
19 #include "cgroup-util.h"
20 #include "chase-symlinks.h"
21 #include "core-varlink.h"
22 #include "dbus-unit.h"
28 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "id128-util.h"
35 #include "load-dropin.h"
36 #include "load-fragment.h"
39 #include "missing_audit.h"
40 #include "mkdir-label.h"
41 #include "path-util.h"
42 #include "process-util.h"
44 #include "serialize.h"
46 #include "signal-util.h"
47 #include "sparse-endian.h"
49 #include "specifier.h"
50 #include "stat-util.h"
51 #include "stdio-util.h"
52 #include "string-table.h"
53 #include "string-util.h"
55 #include "terminal-util.h"
56 #include "tmpfile-util.h"
57 #include "umask-util.h"
58 #include "unit-name.h"
60 #include "user-util.h"
66 /* Thresholds for logging at INFO level about resource consumption */
67 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
68 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
69 #define MENTIONWORTHY_IP_BYTES (0ULL)
71 /* Thresholds for logging at INFO level about resource consumption */
72 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
73 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
74 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
76 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
77 [UNIT_SERVICE
] = &service_vtable
,
78 [UNIT_SOCKET
] = &socket_vtable
,
79 [UNIT_TARGET
] = &target_vtable
,
80 [UNIT_DEVICE
] = &device_vtable
,
81 [UNIT_MOUNT
] = &mount_vtable
,
82 [UNIT_AUTOMOUNT
] = &automount_vtable
,
83 [UNIT_SWAP
] = &swap_vtable
,
84 [UNIT_TIMER
] = &timer_vtable
,
85 [UNIT_PATH
] = &path_vtable
,
86 [UNIT_SLICE
] = &slice_vtable
,
87 [UNIT_SCOPE
] = &scope_vtable
,
90 Unit
* unit_new(Manager
*m
, size_t size
) {
94 assert(size
>= sizeof(Unit
));
101 u
->type
= _UNIT_TYPE_INVALID
;
102 u
->default_dependencies
= true;
103 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
104 u
->unit_file_preset
= -1;
105 u
->on_failure_job_mode
= JOB_REPLACE
;
106 u
->on_success_job_mode
= JOB_FAIL
;
107 u
->cgroup_control_inotify_wd
= -1;
108 u
->cgroup_memory_inotify_wd
= -1;
109 u
->job_timeout
= USEC_INFINITY
;
110 u
->job_running_timeout
= USEC_INFINITY
;
111 u
->ref_uid
= UID_INVALID
;
112 u
->ref_gid
= GID_INVALID
;
113 u
->cpu_usage_last
= NSEC_INFINITY
;
114 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
115 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
117 u
->ip_accounting_ingress_map_fd
= -1;
118 u
->ip_accounting_egress_map_fd
= -1;
119 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
120 u
->io_accounting_last
[i
] = UINT64_MAX
;
122 u
->ipv4_allow_map_fd
= -1;
123 u
->ipv6_allow_map_fd
= -1;
124 u
->ipv4_deny_map_fd
= -1;
125 u
->ipv6_deny_map_fd
= -1;
127 u
->last_section_private
= -1;
129 u
->start_ratelimit
= (RateLimit
) { m
->default_start_limit_interval
, m
->default_start_limit_burst
};
130 u
->auto_start_stop_ratelimit
= (RateLimit
) { 10 * USEC_PER_SEC
, 16 };
135 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
136 _cleanup_(unit_freep
) Unit
*u
= NULL
;
139 u
= unit_new(m
, size
);
143 r
= unit_add_name(u
, name
);
152 bool unit_has_name(const Unit
*u
, const char *name
) {
156 return streq_ptr(name
, u
->id
) ||
157 set_contains(u
->aliases
, name
);
160 static void unit_init(Unit
*u
) {
167 assert(u
->type
>= 0);
169 cc
= unit_get_cgroup_context(u
);
171 cgroup_context_init(cc
);
173 /* Copy in the manager defaults into the cgroup
174 * context, _before_ the rest of the settings have
175 * been initialized */
177 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
178 cc
->io_accounting
= u
->manager
->default_io_accounting
;
179 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
180 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
181 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
182 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
184 if (u
->type
!= UNIT_SLICE
)
185 cc
->tasks_max
= u
->manager
->default_tasks_max
;
188 ec
= unit_get_exec_context(u
);
190 exec_context_init(ec
);
192 if (u
->manager
->default_oom_score_adjust_set
) {
193 ec
->oom_score_adjust
= u
->manager
->default_oom_score_adjust
;
194 ec
->oom_score_adjust_set
= true;
197 if (MANAGER_IS_SYSTEM(u
->manager
))
198 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
200 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
202 /* User manager might have its umask redefined by PAM or UMask=. In this
203 * case let the units it manages inherit this value by default. They can
204 * still tune this value through their own unit file */
205 (void) get_process_umask(getpid_cached(), &ec
->umask
);
209 kc
= unit_get_kill_context(u
);
211 kill_context_init(kc
);
213 if (UNIT_VTABLE(u
)->init
)
214 UNIT_VTABLE(u
)->init(u
);
217 static int unit_add_alias(Unit
*u
, char *donated_name
) {
220 /* Make sure that u->names is allocated. We may leave u->names
221 * empty if we fail later, but this is not a problem. */
222 r
= set_ensure_put(&u
->aliases
, &string_hash_ops
, donated_name
);
230 int unit_add_name(Unit
*u
, const char *text
) {
231 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
238 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
240 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
241 "instance is not set when adding name '%s': %m", text
);
243 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
245 return log_unit_debug_errno(u
, r
,
246 "failed to build instance name from '%s': %m", text
);
253 if (unit_has_name(u
, name
))
256 if (hashmap_contains(u
->manager
->units
, name
))
257 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
258 "unit already exist when adding name '%s': %m", name
);
260 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
261 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
262 "name '%s' is invalid: %m", name
);
264 t
= unit_name_to_type(name
);
266 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
267 "failed to derive unit type from name '%s': %m", name
);
269 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
270 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
271 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
274 r
= unit_name_to_instance(name
, &instance
);
276 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
278 if (instance
&& !unit_type_may_template(t
))
279 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
281 /* Ensure that this unit either has no instance, or that the instance matches. */
282 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
283 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
284 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
285 name
, instance
, u
->instance
);
287 if (u
->id
&& !unit_type_may_alias(t
))
288 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
289 "cannot add name %s, aliases are not allowed for %s units.",
290 name
, unit_type_to_string(t
));
292 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
293 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
295 /* Add name to the global hashmap first, because that's easier to undo */
296 r
= hashmap_put(u
->manager
->units
, name
, u
);
298 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
301 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
303 hashmap_remove(u
->manager
->units
, name
);
309 /* A new name, we don't need the set yet. */
310 assert(u
->type
== _UNIT_TYPE_INVALID
);
311 assert(!u
->instance
);
314 u
->id
= TAKE_PTR(name
);
315 u
->instance
= TAKE_PTR(instance
);
317 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
321 unit_add_to_dbus_queue(u
);
325 int unit_choose_id(Unit
*u
, const char *name
) {
326 _cleanup_free_
char *t
= NULL
;
333 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
337 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
344 if (streq_ptr(u
->id
, name
))
345 return 0; /* Nothing to do. */
347 /* Selects one of the aliases of this unit as the id */
348 s
= set_get(u
->aliases
, (char*) name
);
353 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
357 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
359 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
360 unit_add_to_dbus_queue(u
);
365 int unit_set_description(Unit
*u
, const char *description
) {
370 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
374 unit_add_to_dbus_queue(u
);
379 static bool unit_success_failure_handler_has_jobs(Unit
*unit
) {
382 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_SUCCESS
)
383 if (other
->job
|| other
->nop_job
)
386 UNIT_FOREACH_DEPENDENCY(other
, unit
, UNIT_ATOM_ON_FAILURE
)
387 if (other
->job
|| other
->nop_job
)
393 bool unit_may_gc(Unit
*u
) {
394 UnitActiveState state
;
399 /* Checks whether the unit is ready to be unloaded for garbage collection.
400 * Returns true when the unit may be collected, and false if there's some
401 * reason to keep it loaded.
403 * References from other units are *not* checked here. Instead, this is done
404 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
407 if (u
->job
|| u
->nop_job
)
410 state
= unit_active_state(u
);
412 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
413 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
414 UNIT_VTABLE(u
)->release_resources
)
415 UNIT_VTABLE(u
)->release_resources(u
);
420 if (sd_bus_track_count(u
->bus_track
) > 0)
423 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
424 switch (u
->collect_mode
) {
426 case COLLECT_INACTIVE
:
427 if (state
!= UNIT_INACTIVE
)
432 case COLLECT_INACTIVE_OR_FAILED
:
433 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
439 assert_not_reached();
442 /* Check if any OnFailure= or on Success= jobs may be pending */
443 if (unit_success_failure_handler_has_jobs(u
))
446 if (u
->cgroup_path
) {
447 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
448 * around. Units with active processes should never be collected. */
450 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
452 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u
->cgroup_path
));
457 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
463 void unit_add_to_load_queue(Unit
*u
) {
465 assert(u
->type
!= _UNIT_TYPE_INVALID
);
467 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
470 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
471 u
->in_load_queue
= true;
474 void unit_add_to_cleanup_queue(Unit
*u
) {
477 if (u
->in_cleanup_queue
)
480 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
481 u
->in_cleanup_queue
= true;
484 void unit_add_to_gc_queue(Unit
*u
) {
487 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
493 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
494 u
->in_gc_queue
= true;
497 void unit_add_to_dbus_queue(Unit
*u
) {
499 assert(u
->type
!= _UNIT_TYPE_INVALID
);
501 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
504 /* Shortcut things if nobody cares */
505 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
506 sd_bus_track_count(u
->bus_track
) <= 0 &&
507 set_isempty(u
->manager
->private_buses
)) {
508 u
->sent_dbus_new_signal
= true;
512 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
513 u
->in_dbus_queue
= true;
516 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
519 if (u
->in_stop_when_unneeded_queue
)
522 if (!u
->stop_when_unneeded
)
525 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
528 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
529 u
->in_stop_when_unneeded_queue
= true;
532 void unit_submit_to_start_when_upheld_queue(Unit
*u
) {
535 if (u
->in_start_when_upheld_queue
)
538 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)))
541 if (!unit_has_dependency(u
, UNIT_ATOM_START_STEADILY
, NULL
))
544 LIST_PREPEND(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
545 u
->in_start_when_upheld_queue
= true;
548 void unit_submit_to_stop_when_bound_queue(Unit
*u
) {
551 if (u
->in_stop_when_bound_queue
)
554 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
557 if (!unit_has_dependency(u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
, NULL
))
560 LIST_PREPEND(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
561 u
->in_stop_when_bound_queue
= true;
564 static void unit_clear_dependencies(Unit
*u
) {
567 /* Removes all dependencies configured on u and their reverse dependencies. */
569 for (Hashmap
*deps
; (deps
= hashmap_steal_first(u
->dependencies
));) {
571 for (Unit
*other
; (other
= hashmap_steal_first_key(deps
));) {
574 HASHMAP_FOREACH(other_deps
, other
->dependencies
)
575 hashmap_remove(other_deps
, u
);
577 unit_add_to_gc_queue(other
);
583 u
->dependencies
= hashmap_free(u
->dependencies
);
586 static void unit_remove_transient(Unit
*u
) {
592 if (u
->fragment_path
)
593 (void) unlink(u
->fragment_path
);
595 STRV_FOREACH(i
, u
->dropin_paths
) {
596 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
598 if (path_extract_directory(*i
, &p
) < 0) /* Get the drop-in directory from the drop-in file */
601 if (path_extract_directory(p
, &pp
) < 0) /* Get the config directory from the drop-in directory */
604 /* Only drop transient drop-ins */
605 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
613 static void unit_free_requires_mounts_for(Unit
*u
) {
617 _cleanup_free_
char *path
= NULL
;
619 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
623 char s
[strlen(path
) + 1];
625 PATH_FOREACH_PREFIX_MORE(s
, path
) {
629 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
633 (void) set_remove(x
, u
);
635 if (set_isempty(x
)) {
636 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
644 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
647 static void unit_done(Unit
*u
) {
656 if (UNIT_VTABLE(u
)->done
)
657 UNIT_VTABLE(u
)->done(u
);
659 ec
= unit_get_exec_context(u
);
661 exec_context_done(ec
);
663 cc
= unit_get_cgroup_context(u
);
665 cgroup_context_done(cc
);
668 Unit
* unit_free(Unit
*u
) {
675 u
->transient_file
= safe_fclose(u
->transient_file
);
677 if (!MANAGER_IS_RELOADING(u
->manager
))
678 unit_remove_transient(u
);
680 bus_unit_send_removed_signal(u
);
684 unit_dequeue_rewatch_pids(u
);
686 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
687 u
->bus_track
= sd_bus_track_unref(u
->bus_track
);
688 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
689 u
->pending_freezer_message
= sd_bus_message_unref(u
->pending_freezer_message
);
691 unit_free_requires_mounts_for(u
);
693 SET_FOREACH(t
, u
->aliases
)
694 hashmap_remove_value(u
->manager
->units
, t
, u
);
696 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
698 if (!sd_id128_is_null(u
->invocation_id
))
699 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
713 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
714 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
715 slice
= UNIT_GET_SLICE(u
);
716 unit_clear_dependencies(u
);
718 unit_add_family_to_cgroup_realize_queue(slice
);
721 manager_unref_console(u
->manager
);
724 fdset_free(u
->initial_socket_bind_link_fds
);
726 bpf_link_free(u
->ipv4_socket_bind_link
);
727 bpf_link_free(u
->ipv6_socket_bind_link
);
730 unit_release_cgroup(u
);
732 if (!MANAGER_IS_RELOADING(u
->manager
))
733 unit_unlink_state_files(u
);
735 unit_unref_uid_gid(u
, false);
737 (void) manager_update_failed_units(u
->manager
, u
, false);
738 set_remove(u
->manager
->startup_units
, u
);
740 unit_unwatch_all_pids(u
);
742 while (u
->refs_by_target
)
743 unit_ref_unset(u
->refs_by_target
);
745 if (u
->type
!= _UNIT_TYPE_INVALID
)
746 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
748 if (u
->in_load_queue
)
749 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
751 if (u
->in_dbus_queue
)
752 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
754 if (u
->in_cleanup_queue
)
755 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
758 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
760 if (u
->in_cgroup_realize_queue
)
761 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
763 if (u
->in_cgroup_empty_queue
)
764 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
766 if (u
->in_cgroup_oom_queue
)
767 LIST_REMOVE(cgroup_oom_queue
, u
->manager
->cgroup_oom_queue
, u
);
769 if (u
->in_target_deps_queue
)
770 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
772 if (u
->in_stop_when_unneeded_queue
)
773 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
775 if (u
->in_start_when_upheld_queue
)
776 LIST_REMOVE(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
778 if (u
->in_stop_when_bound_queue
)
779 LIST_REMOVE(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
781 bpf_firewall_close(u
);
783 hashmap_free(u
->bpf_foreign_by_key
);
785 bpf_program_free(u
->bpf_device_control_installed
);
788 bpf_link_free(u
->restrict_ifaces_ingress_bpf_link
);
789 bpf_link_free(u
->restrict_ifaces_egress_bpf_link
);
791 fdset_free(u
->initial_restric_ifaces_link_fds
);
793 condition_free_list(u
->conditions
);
794 condition_free_list(u
->asserts
);
796 free(u
->description
);
797 strv_free(u
->documentation
);
798 free(u
->fragment_path
);
799 free(u
->source_path
);
800 strv_free(u
->dropin_paths
);
803 free(u
->job_timeout_reboot_arg
);
806 free(u
->access_selinux_context
);
808 set_free_free(u
->aliases
);
811 activation_details_unref(u
->activation_details
);
816 FreezerState
unit_freezer_state(Unit
*u
) {
819 return u
->freezer_state
;
822 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
823 char *values
[1] = {};
828 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
829 STRV_MAKE("frozen"), values
);
833 r
= _FREEZER_STATE_INVALID
;
836 if (streq(values
[0], "0"))
838 else if (streq(values
[0], "1"))
848 UnitActiveState
unit_active_state(Unit
*u
) {
851 if (u
->load_state
== UNIT_MERGED
)
852 return unit_active_state(unit_follow_merge(u
));
854 /* After a reload it might happen that a unit is not correctly
855 * loaded but still has a process around. That's why we won't
856 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
858 return UNIT_VTABLE(u
)->active_state(u
);
861 const char* unit_sub_state_to_string(Unit
*u
) {
864 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
867 static int unit_merge_names(Unit
*u
, Unit
*other
) {
874 r
= unit_add_alias(u
, other
->id
);
878 r
= set_move(u
->aliases
, other
->aliases
);
880 set_remove(u
->aliases
, other
->id
);
885 other
->aliases
= set_free_free(other
->aliases
);
887 SET_FOREACH(name
, u
->aliases
)
888 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
893 static int unit_reserve_dependencies(Unit
*u
, Unit
*other
) {
902 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
905 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
906 * hashmaps is an estimate that is likely too high since they probably use some of the same
907 * types. But it's never too low, and that's all we need. */
909 n_reserve
= MIN(hashmap_size(other
->dependencies
), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX
, hashmap_size(u
->dependencies
)));
911 r
= hashmap_ensure_allocated(&u
->dependencies
, NULL
);
915 r
= hashmap_reserve(u
->dependencies
, n_reserve
);
920 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
921 * other unit's dependencies.
923 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
924 * reserve anything for. In that case other's set will be transferred as a whole to u by
925 * complete_move(). */
927 HASHMAP_FOREACH_KEY(deps
, d
, u
->dependencies
) {
930 other_deps
= hashmap_get(other
->dependencies
, d
);
932 r
= hashmap_reserve(deps
, hashmap_size(other_deps
));
940 static void unit_maybe_warn_about_dependency(
942 const char *other_id
,
943 UnitDependency dependency
) {
947 /* Only warn about some unit types */
948 if (!IN_SET(dependency
,
959 if (streq_ptr(u
->id
, other_id
))
960 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
962 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other_id
), u
->id
);
965 static int unit_per_dependency_type_hashmap_update(
968 UnitDependencyMask origin_mask
,
969 UnitDependencyMask destination_mask
) {
971 UnitDependencyInfo info
;
975 assert_cc(sizeof(void*) == sizeof(info
));
977 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
978 * exists, or insert it anew if not. */
980 info
.data
= hashmap_get(per_type
, other
);
982 /* Entry already exists. Add in our mask. */
984 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
985 FLAGS_SET(destination_mask
, info
.destination_mask
))
988 info
.origin_mask
|= origin_mask
;
989 info
.destination_mask
|= destination_mask
;
991 r
= hashmap_update(per_type
, other
, info
.data
);
993 info
= (UnitDependencyInfo
) {
994 .origin_mask
= origin_mask
,
995 .destination_mask
= destination_mask
,
998 r
= hashmap_put(per_type
, other
, info
.data
);
1007 static int unit_add_dependency_hashmap(
1008 Hashmap
**dependencies
,
1011 UnitDependencyMask origin_mask
,
1012 UnitDependencyMask destination_mask
) {
1017 assert(dependencies
);
1019 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1020 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1021 assert(origin_mask
> 0 || destination_mask
> 0);
1023 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1024 * UnitDependencyInfo) */
1025 r
= hashmap_ensure_allocated(dependencies
, NULL
);
1029 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1030 * type, and if it's missing allocate it and insert it. */
1031 per_type
= hashmap_get(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
));
1033 per_type
= hashmap_new(NULL
);
1037 r
= hashmap_put(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
), per_type
);
1039 hashmap_free(per_type
);
1044 return unit_per_dependency_type_hashmap_update(per_type
, other
, origin_mask
, destination_mask
);
1047 static void unit_merge_dependencies(
1060 _cleanup_(hashmap_freep
) Hashmap
*other_deps
= NULL
;
1061 UnitDependencyInfo di_back
;
1063 void *dt
; /* Actually of type UnitDependency, except that we don't bother casting it here,
1064 * since the hashmaps all want it as void pointer. */
1066 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1067 other_deps
= hashmap_steal_first_key_and_value(other
->dependencies
, &dt
);
1071 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1072 * referenced units as 'back'. */
1073 HASHMAP_FOREACH_KEY(di_back
.data
, back
, other_deps
) {
1078 /* This is a dependency pointing back to the unit we want to merge with?
1079 * Suppress it (but warn) */
1080 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1084 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1085 * point to 'u' instead. */
1086 HASHMAP_FOREACH_KEY(back_deps
, back_dt
, back
->dependencies
) {
1087 UnitDependencyInfo di_move
;
1089 di_move
.data
= hashmap_remove(back_deps
, other
);
1093 assert_se(unit_per_dependency_type_hashmap_update(
1096 di_move
.origin_mask
,
1097 di_move
.destination_mask
) >= 0);
1101 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1102 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1103 * them per type wholesale. */
1104 r
= hashmap_put(u
->dependencies
, dt
, other_deps
);
1108 /* The target unit already has dependencies of this type, let's then merge this individually. */
1110 assert_se(deps
= hashmap_get(u
->dependencies
, dt
));
1113 UnitDependencyInfo di_move
;
1116 di_move
.data
= hashmap_steal_first_key_and_value(other_deps
, (void**) &back
);
1120 /* Would point back to us, ignore */
1121 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1125 assert_se(unit_per_dependency_type_hashmap_update(deps
, back
, di_move
.origin_mask
, di_move
.destination_mask
) >= 0);
1129 TAKE_PTR(other_deps
);
1131 if (hashmap_remove(other_deps
, u
))
1132 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1136 other
->dependencies
= hashmap_free(other
->dependencies
);
1139 int unit_merge(Unit
*u
, Unit
*other
) {
1144 assert(u
->manager
== other
->manager
);
1145 assert(u
->type
!= _UNIT_TYPE_INVALID
);
1147 other
= unit_follow_merge(other
);
1152 if (u
->type
!= other
->type
)
1155 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
1158 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
1161 if (!streq_ptr(u
->instance
, other
->instance
))
1170 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1173 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1174 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1175 r
= unit_reserve_dependencies(u
, other
);
1180 r
= unit_merge_names(u
, other
);
1184 /* Redirect all references */
1185 while (other
->refs_by_target
)
1186 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
1188 /* Merge dependencies */
1189 unit_merge_dependencies(u
, other
);
1191 other
->load_state
= UNIT_MERGED
;
1192 other
->merged_into
= u
;
1194 if (!u
->activation_details
)
1195 u
->activation_details
= activation_details_ref(other
->activation_details
);
1197 /* If there is still some data attached to the other node, we
1198 * don't need it anymore, and can free it. */
1199 if (other
->load_state
!= UNIT_STUB
)
1200 if (UNIT_VTABLE(other
)->done
)
1201 UNIT_VTABLE(other
)->done(other
);
1203 unit_add_to_dbus_queue(u
);
1204 unit_add_to_cleanup_queue(other
);
1209 int unit_merge_by_name(Unit
*u
, const char *name
) {
1210 _cleanup_free_
char *s
= NULL
;
1214 /* Either add name to u, or if a unit with name already exists, merge it with u.
1215 * If name is a template, do the same for name@instance, where instance is u's instance. */
1220 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1224 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1231 other
= manager_get_unit(u
->manager
, name
);
1233 return unit_merge(u
, other
);
1235 return unit_add_name(u
, name
);
1238 Unit
* unit_follow_merge(Unit
*u
) {
1241 while (u
->load_state
== UNIT_MERGED
)
1242 assert_se(u
= u
->merged_into
);
1247 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1253 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1255 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1256 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1261 if (c
->root_directory
) {
1262 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1267 if (c
->root_image
) {
1268 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1273 for (ExecDirectoryType dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1274 if (!u
->manager
->prefix
[dt
])
1277 for (size_t i
= 0; i
< c
->directories
[dt
].n_items
; i
++) {
1278 _cleanup_free_
char *p
= NULL
;
1280 p
= path_join(u
->manager
->prefix
[dt
], c
->directories
[dt
].items
[i
].path
);
1284 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1290 if (!MANAGER_IS_SYSTEM(u
->manager
))
1293 /* For the following three directory types we need write access, and /var/ is possibly on the root
1294 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1295 if (c
->directories
[EXEC_DIRECTORY_STATE
].n_items
> 0 ||
1296 c
->directories
[EXEC_DIRECTORY_CACHE
].n_items
> 0 ||
1297 c
->directories
[EXEC_DIRECTORY_LOGS
].n_items
> 0) {
1298 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1303 if (c
->private_tmp
) {
1305 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1306 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1307 * /tmp specifically and masking other mount units should be handled more
1308 * gracefully too, see PR#16894. */
1309 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "tmp.mount", true, UNIT_DEPENDENCY_FILE
);
1313 r
= unit_require_mounts_for(u
, "/var/tmp", UNIT_DEPENDENCY_FILE
);
1317 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1322 if (c
->root_image
) {
1323 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1324 * implicit dependency on udev */
1326 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1331 if (!IN_SET(c
->std_output
,
1332 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1333 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1334 !IN_SET(c
->std_error
,
1335 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1336 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1340 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1343 if (c
->log_namespace
) {
1344 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1346 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1350 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1354 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1358 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1362 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1369 const char* unit_description(Unit
*u
) {
1373 return u
->description
;
1375 return strna(u
->id
);
1378 const char* unit_status_string(Unit
*u
, char **ret_combined_buffer
) {
1382 /* Return u->id, u->description, or "{u->id} - {u->description}".
1383 * Versions with u->description are only used if it is set.
1384 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1387 * Note that *ret_combined_buffer may be set to NULL. */
1389 if (!u
->description
||
1390 u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
||
1391 (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& !ret_combined_buffer
) ||
1392 streq(u
->description
, u
->id
)) {
1394 if (ret_combined_buffer
)
1395 *ret_combined_buffer
= NULL
;
1399 if (ret_combined_buffer
) {
1400 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
) {
1401 *ret_combined_buffer
= strjoin(u
->id
, " - ", u
->description
);
1402 if (*ret_combined_buffer
)
1403 return *ret_combined_buffer
;
1404 log_oom(); /* Fall back to ->description */
1406 *ret_combined_buffer
= NULL
;
1409 return u
->description
;
1412 /* Common implementation for multiple backends */
1413 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1418 /* Load a .{service,socket,...} file */
1419 r
= unit_load_fragment(u
);
1423 if (u
->load_state
== UNIT_STUB
) {
1424 if (fragment_required
)
1427 u
->load_state
= UNIT_LOADED
;
1430 /* Load drop-in directory data. If u is an alias, we might be reloading the
1431 * target unit needlessly. But we cannot be sure which drops-ins have already
1432 * been loaded and which not, at least without doing complicated book-keeping,
1433 * so let's always reread all drop-ins. */
1434 r
= unit_load_dropin(unit_follow_merge(u
));
1438 if (u
->source_path
) {
1441 if (stat(u
->source_path
, &st
) >= 0)
1442 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1444 u
->source_mtime
= 0;
1450 void unit_add_to_target_deps_queue(Unit
*u
) {
1451 Manager
*m
= u
->manager
;
1455 if (u
->in_target_deps_queue
)
1458 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1459 u
->in_target_deps_queue
= true;
1462 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1466 if (target
->type
!= UNIT_TARGET
)
1469 /* Only add the dependency if both units are loaded, so that
1470 * that loop check below is reliable */
1471 if (u
->load_state
!= UNIT_LOADED
||
1472 target
->load_state
!= UNIT_LOADED
)
1475 /* If either side wants no automatic dependencies, then let's
1477 if (!u
->default_dependencies
||
1478 !target
->default_dependencies
)
1481 /* Don't create loops */
1482 if (unit_has_dependency(target
, UNIT_ATOM_BEFORE
, u
))
1485 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1488 static int unit_add_slice_dependencies(Unit
*u
) {
1492 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1495 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1496 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1498 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1500 slice
= UNIT_GET_SLICE(u
);
1502 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, slice
, true, mask
);
1504 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1507 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1510 static int unit_add_mount_dependencies(Unit
*u
) {
1511 UnitDependencyInfo di
;
1513 bool changed
= false;
1518 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
) {
1519 char prefix
[strlen(path
) + 1];
1521 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1522 _cleanup_free_
char *p
= NULL
;
1525 r
= unit_name_from_path(prefix
, ".mount", &p
);
1527 continue; /* If the path cannot be converted to a mount unit name, then it's
1528 * not manageable as a unit by systemd, and hence we don't need a
1529 * dependency on it. Let's thus silently ignore the issue. */
1533 m
= manager_get_unit(u
->manager
, p
);
1535 /* Make sure to load the mount unit if it exists. If so the dependencies on
1536 * this unit will be added later during the loading of the mount unit. */
1537 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1543 if (m
->load_state
!= UNIT_LOADED
)
1546 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1549 changed
= changed
|| r
> 0;
1551 if (m
->fragment_path
) {
1552 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1555 changed
= changed
|| r
> 0;
1563 static int unit_add_oomd_dependencies(Unit
*u
) {
1569 if (!u
->default_dependencies
)
1572 c
= unit_get_cgroup_context(u
);
1576 wants_oomd
= (c
->moom_swap
== MANAGED_OOM_KILL
|| c
->moom_mem_pressure
== MANAGED_OOM_KILL
);
1580 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE
);
1583 static int unit_add_startup_units(Unit
*u
) {
1584 if (!unit_has_startup_cgroup_constraints(u
))
1587 return set_ensure_put(&u
->manager
->startup_units
, NULL
, u
);
1590 static int unit_validate_on_failure_job_mode(
1592 const char *job_mode_setting
,
1594 const char *dependency_name
,
1595 UnitDependencyAtom atom
) {
1597 Unit
*other
, *found
= NULL
;
1599 if (job_mode
!= JOB_ISOLATE
)
1602 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
1605 else if (found
!= other
)
1606 return log_unit_error_errno(
1607 u
, SYNTHETIC_ERRNO(ENOEXEC
),
1608 "More than one %s dependencies specified but %sisolate set. Refusing.",
1609 dependency_name
, job_mode_setting
);
1615 int unit_load(Unit
*u
) {
1620 if (u
->in_load_queue
) {
1621 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1622 u
->in_load_queue
= false;
1625 if (u
->type
== _UNIT_TYPE_INVALID
)
1628 if (u
->load_state
!= UNIT_STUB
)
1631 if (u
->transient_file
) {
1632 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1633 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1635 r
= fflush_and_check(u
->transient_file
);
1639 u
->transient_file
= safe_fclose(u
->transient_file
);
1640 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1643 r
= UNIT_VTABLE(u
)->load(u
);
1647 assert(u
->load_state
!= UNIT_STUB
);
1649 if (u
->load_state
== UNIT_LOADED
) {
1650 unit_add_to_target_deps_queue(u
);
1652 r
= unit_add_slice_dependencies(u
);
1656 r
= unit_add_mount_dependencies(u
);
1660 r
= unit_add_oomd_dependencies(u
);
1664 r
= unit_add_startup_units(u
);
1668 r
= unit_validate_on_failure_job_mode(u
, "OnSuccessJobMode=", u
->on_success_job_mode
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
);
1672 r
= unit_validate_on_failure_job_mode(u
, "OnFailureJobMode=", u
->on_failure_job_mode
, "OnFailure=", UNIT_ATOM_ON_FAILURE
);
1676 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1677 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1679 /* We finished loading, let's ensure our parents recalculate the members mask */
1680 unit_invalidate_cgroup_members_masks(u
);
1683 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1685 unit_add_to_dbus_queue(unit_follow_merge(u
));
1686 unit_add_to_gc_queue(u
);
1687 (void) manager_varlink_send_managed_oom_update(u
);
1692 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1693 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1695 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1696 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1700 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1701 * an attempt is made to load this unit, we know we need to check again. */
1702 if (u
->load_state
== UNIT_NOT_FOUND
)
1703 u
->fragment_not_found_timestamp_hash
= u
->manager
->unit_cache_timestamp_hash
;
1705 unit_add_to_dbus_queue(u
);
1706 unit_add_to_gc_queue(u
);
1708 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1712 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1717 if (u
&& !unit_log_level_test(u
, level
))
1718 return -ERRNO_VALUE(error
);
1720 va_start(ap
, format
);
1722 r
= log_object_internalv(level
, error
, file
, line
, func
,
1723 u
->manager
->unit_log_field
,
1725 u
->manager
->invocation_log_field
,
1726 u
->invocation_id_string
,
1729 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1735 static bool unit_test_condition(Unit
*u
) {
1736 _cleanup_strv_free_
char **env
= NULL
;
1741 dual_timestamp_get(&u
->condition_timestamp
);
1743 r
= manager_get_effective_environment(u
->manager
, &env
);
1745 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1746 u
->condition_result
= true;
1748 u
->condition_result
= condition_test_list(
1751 condition_type_to_string
,
1755 unit_add_to_dbus_queue(u
);
1756 return u
->condition_result
;
1759 static bool unit_test_assert(Unit
*u
) {
1760 _cleanup_strv_free_
char **env
= NULL
;
1765 dual_timestamp_get(&u
->assert_timestamp
);
1767 r
= manager_get_effective_environment(u
->manager
, &env
);
1769 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1770 u
->assert_result
= CONDITION_ERROR
;
1772 u
->assert_result
= condition_test_list(
1775 assert_type_to_string
,
1779 unit_add_to_dbus_queue(u
);
1780 return u
->assert_result
;
1783 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *format
, const char *ident
) {
1784 if (log_get_show_color()) {
1785 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& strchr(ident
, ' '))
1786 ident
= strjoina(ANSI_HIGHLIGHT
, u
->id
, ANSI_NORMAL
, " - ", u
->description
);
1788 ident
= strjoina(ANSI_HIGHLIGHT
, ident
, ANSI_NORMAL
);
1791 DISABLE_WARNING_FORMAT_NONLITERAL
;
1792 manager_status_printf(u
->manager
, status_type
, status
, format
, ident
);
1796 int unit_test_start_limit(Unit
*u
) {
1801 if (ratelimit_below(&u
->start_ratelimit
)) {
1802 u
->start_limit_hit
= false;
1806 log_unit_warning(u
, "Start request repeated too quickly.");
1807 u
->start_limit_hit
= true;
1809 reason
= strjoina("unit ", u
->id
, " failed");
1811 emergency_action(u
->manager
, u
->start_limit_action
,
1812 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1813 u
->reboot_arg
, -1, reason
);
1818 bool unit_shall_confirm_spawn(Unit
*u
) {
1821 if (manager_is_confirm_spawn_disabled(u
->manager
))
1824 /* For some reasons units remaining in the same process group
1825 * as PID 1 fail to acquire the console even if it's not used
1826 * by any process. So skip the confirmation question for them. */
1827 return !unit_get_exec_context(u
)->same_pgrp
;
1830 static bool unit_verify_deps(Unit
*u
) {
1835 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1836 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1837 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1838 * that are not used in conjunction with After= as for them any such check would make things entirely
1841 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
1843 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
))
1846 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1847 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1855 /* Errors that aren't really errors:
1856 * -EALREADY: Unit is already started.
1857 * -ECOMM: Condition failed
1858 * -EAGAIN: An operation is already in progress. Retry later.
1860 * Errors that are real errors:
1861 * -EBADR: This unit type does not support starting.
1862 * -ECANCELED: Start limit hit, too many requests for now
1863 * -EPROTO: Assert failed
1864 * -EINVAL: Unit not loaded
1865 * -EOPNOTSUPP: Unit type not supported
1866 * -ENOLINK: The necessary dependencies are not fulfilled.
1867 * -ESTALE: This unit has been started before and can't be started a second time
1868 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1870 int unit_start(Unit
*u
, ActivationDetails
*details
) {
1871 UnitActiveState state
;
1877 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is rate limited. */
1878 if (u
->type
== UNIT_MOUNT
&& sd_event_source_is_ratelimited(u
->manager
->mount_event_source
))
1881 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1882 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1883 * waiting is finished. */
1884 state
= unit_active_state(u
);
1885 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1887 if (state
== UNIT_MAINTENANCE
)
1890 /* Units that aren't loaded cannot be started */
1891 if (u
->load_state
!= UNIT_LOADED
)
1894 /* Refuse starting scope units more than once */
1895 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1898 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1899 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1900 * recheck the condition in that case. */
1901 if (state
!= UNIT_ACTIVATING
&&
1902 !unit_test_condition(u
))
1903 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1905 /* If the asserts failed, fail the entire job */
1906 if (state
!= UNIT_ACTIVATING
&&
1907 !unit_test_assert(u
))
1908 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1910 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1911 * condition checks, so that we rather return condition check errors (which are usually not
1912 * considered a true failure) than "not supported" errors (which are considered a failure).
1914 if (!unit_type_supported(u
->type
))
1917 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1918 * should have taken care of this already, but let's check this here again. After all, our
1919 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
1920 if (!unit_verify_deps(u
))
1923 /* Forward to the main object, if we aren't it. */
1924 following
= unit_following(u
);
1926 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1927 return unit_start(following
, details
);
1930 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1931 if (UNIT_VTABLE(u
)->can_start
) {
1932 r
= UNIT_VTABLE(u
)->can_start(u
);
1937 /* If it is stopped, but we cannot start it, then fail */
1938 if (!UNIT_VTABLE(u
)->start
)
1941 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1942 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1943 * waits for a holdoff timer to elapse before it will start again. */
1945 unit_add_to_dbus_queue(u
);
1946 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1948 if (!u
->activation_details
) /* Older details object wins */
1949 u
->activation_details
= activation_details_ref(details
);
1951 return UNIT_VTABLE(u
)->start(u
);
1954 bool unit_can_start(Unit
*u
) {
1957 if (u
->load_state
!= UNIT_LOADED
)
1960 if (!unit_type_supported(u
->type
))
1963 /* Scope units may be started only once */
1964 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1967 return !!UNIT_VTABLE(u
)->start
;
1970 bool unit_can_isolate(Unit
*u
) {
1973 return unit_can_start(u
) &&
1978 * -EBADR: This unit type does not support stopping.
1979 * -EALREADY: Unit is already stopped.
1980 * -EAGAIN: An operation is already in progress. Retry later.
1982 int unit_stop(Unit
*u
) {
1983 UnitActiveState state
;
1988 state
= unit_active_state(u
);
1989 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1992 following
= unit_following(u
);
1994 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1995 return unit_stop(following
);
1998 if (!UNIT_VTABLE(u
)->stop
)
2001 unit_add_to_dbus_queue(u
);
2002 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2004 return UNIT_VTABLE(u
)->stop(u
);
2007 bool unit_can_stop(Unit
*u
) {
2010 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2011 * Extrinsic units follow external state and they may stop following external state changes
2012 * (hence we return true here), but an attempt to do this through the manager will fail. */
2014 if (!unit_type_supported(u
->type
))
2020 return !!UNIT_VTABLE(u
)->stop
;
2024 * -EBADR: This unit type does not support reloading.
2025 * -ENOEXEC: Unit is not started.
2026 * -EAGAIN: An operation is already in progress. Retry later.
2028 int unit_reload(Unit
*u
) {
2029 UnitActiveState state
;
2034 if (u
->load_state
!= UNIT_LOADED
)
2037 if (!unit_can_reload(u
))
2040 state
= unit_active_state(u
);
2041 if (state
== UNIT_RELOADING
)
2044 if (state
!= UNIT_ACTIVE
)
2045 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(ENOEXEC
), "Unit cannot be reloaded because it is inactive.");
2047 following
= unit_following(u
);
2049 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2050 return unit_reload(following
);
2053 unit_add_to_dbus_queue(u
);
2055 if (!UNIT_VTABLE(u
)->reload
) {
2056 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2057 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
2061 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2063 return UNIT_VTABLE(u
)->reload(u
);
2066 bool unit_can_reload(Unit
*u
) {
2069 if (UNIT_VTABLE(u
)->can_reload
)
2070 return UNIT_VTABLE(u
)->can_reload(u
);
2072 if (unit_has_dependency(u
, UNIT_ATOM_PROPAGATES_RELOAD_TO
, NULL
))
2075 return UNIT_VTABLE(u
)->reload
;
2078 bool unit_is_unneeded(Unit
*u
) {
2082 if (!u
->stop_when_unneeded
)
2085 /* Don't clean up while the unit is transitioning or is even inactive. */
2086 if (unit_active_state(u
) != UNIT_ACTIVE
)
2091 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED
) {
2092 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2093 * restart, then don't clean this one up. */
2098 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2101 if (unit_will_restart(other
))
2108 bool unit_is_upheld_by_active(Unit
*u
, Unit
**ret_culprit
) {
2113 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2114 * that is active declared an Uphold= dependencies on it */
2116 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)) || u
->job
) {
2118 *ret_culprit
= NULL
;
2122 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_START_STEADILY
) {
2126 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
2128 *ret_culprit
= other
;
2134 *ret_culprit
= NULL
;
2138 bool unit_is_bound_by_inactive(Unit
*u
, Unit
**ret_culprit
) {
2143 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2144 * because the other unit is down. */
2146 if (unit_active_state(u
) != UNIT_ACTIVE
|| u
->job
) {
2147 /* Don't clean up while the unit is transitioning or is even inactive. */
2149 *ret_culprit
= NULL
;
2153 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
2157 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
))) {
2159 *ret_culprit
= other
;
2166 *ret_culprit
= NULL
;
2170 static void check_unneeded_dependencies(Unit
*u
) {
2174 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2176 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE
)
2177 unit_submit_to_stop_when_unneeded_queue(other
);
2180 static void check_uphold_dependencies(Unit
*u
) {
2184 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2186 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE
)
2187 unit_submit_to_start_when_upheld_queue(other
);
2190 static void check_bound_by_dependencies(Unit
*u
) {
2194 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2196 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE
)
2197 unit_submit_to_stop_when_bound_queue(other
);
2200 static void retroactively_start_dependencies(Unit
*u
) {
2204 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2206 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_REPLACE
) /* Requires= + BindsTo= */
2207 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2208 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2209 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2211 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_FAIL
) /* Wants= */
2212 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2213 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2214 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2216 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_START
) /* Conflicts= (and inverse) */
2217 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2218 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2221 static void retroactively_stop_dependencies(Unit
*u
) {
2225 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2227 /* Pull down units which are bound to us recursively if enabled */
2228 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP
) /* BoundBy= */
2229 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2230 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2233 void unit_start_on_failure(
2235 const char *dependency_name
,
2236 UnitDependencyAtom atom
,
2244 assert(dependency_name
);
2245 assert(IN_SET(atom
, UNIT_ATOM_ON_SUCCESS
, UNIT_ATOM_ON_FAILURE
));
2247 /* Act on OnFailure= and OnSuccess= dependencies */
2249 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
2250 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2253 log_unit_info(u
, "Triggering %s dependencies.", dependency_name
);
2257 r
= manager_add_job(u
->manager
, JOB_START
, other
, job_mode
, NULL
, &error
, NULL
);
2259 log_unit_warning_errno(
2260 u
, r
, "Failed to enqueue %s job, ignoring: %s",
2261 dependency_name
, bus_error_message(&error
, r
));
2266 log_unit_debug(u
, "Triggering %s dependencies done (%i %s).",
2267 dependency_name
, n_jobs
, n_jobs
== 1 ? "job" : "jobs");
2270 void unit_trigger_notify(Unit
*u
) {
2275 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_TRIGGERED_BY
)
2276 if (UNIT_VTABLE(other
)->trigger_notify
)
2277 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2280 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2281 if (condition_notice
&& log_level
> LOG_NOTICE
)
2283 if (condition_info
&& log_level
> LOG_INFO
)
2288 static int unit_log_resources(Unit
*u
) {
2289 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2290 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2291 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2292 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2293 size_t n_message_parts
= 0, n_iovec
= 0;
2294 char* message_parts
[1 + 2 + 2 + 1], *t
;
2295 nsec_t nsec
= NSEC_INFINITY
;
2297 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2298 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2299 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2300 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2301 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2303 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2304 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2305 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2306 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2307 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2312 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2313 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2314 * information and the complete data in structured fields. */
2316 (void) unit_get_cpu_usage(u
, &nsec
);
2317 if (nsec
!= NSEC_INFINITY
) {
2318 /* Format the CPU time for inclusion in the structured log message */
2319 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2323 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2325 /* Format the CPU time for inclusion in the human language message string */
2326 t
= strjoin("consumed ", FORMAT_TIMESPAN(nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
), " CPU time");
2332 message_parts
[n_message_parts
++] = t
;
2334 log_level
= raise_level(log_level
,
2335 nsec
> MENTIONWORTHY_CPU_NSEC
,
2336 nsec
> NOTICEWORTHY_CPU_NSEC
);
2339 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2340 uint64_t value
= UINT64_MAX
;
2342 assert(io_fields
[k
]);
2344 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2345 if (value
== UINT64_MAX
)
2348 have_io_accounting
= true;
2352 /* Format IO accounting data for inclusion in the structured log message */
2353 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2357 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2359 /* Format the IO accounting data for inclusion in the human language message string, but only
2360 * for the bytes counters (and not for the operations counters) */
2361 if (k
== CGROUP_IO_READ_BYTES
) {
2363 rr
= strjoin("read ", strna(FORMAT_BYTES(value
)), " from disk");
2368 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2370 wr
= strjoin("written ", strna(FORMAT_BYTES(value
)), " to disk");
2377 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2378 log_level
= raise_level(log_level
,
2379 value
> MENTIONWORTHY_IO_BYTES
,
2380 value
> NOTICEWORTHY_IO_BYTES
);
2383 if (have_io_accounting
) {
2386 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2388 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2393 k
= strdup("no IO");
2399 message_parts
[n_message_parts
++] = k
;
2403 for (CGroupIPAccountingMetric m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2404 uint64_t value
= UINT64_MAX
;
2406 assert(ip_fields
[m
]);
2408 (void) unit_get_ip_accounting(u
, m
, &value
);
2409 if (value
== UINT64_MAX
)
2412 have_ip_accounting
= true;
2416 /* Format IP accounting data for inclusion in the structured log message */
2417 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2421 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2423 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2424 * bytes counters (and not for the packets counters) */
2425 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2427 igress
= strjoin("received ", strna(FORMAT_BYTES(value
)), " IP traffic");
2432 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2434 egress
= strjoin("sent ", strna(FORMAT_BYTES(value
)), " IP traffic");
2441 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2442 log_level
= raise_level(log_level
,
2443 value
> MENTIONWORTHY_IP_BYTES
,
2444 value
> NOTICEWORTHY_IP_BYTES
);
2447 /* This check is here because it is the earliest point following all possible log_level assignments. If
2448 * log_level is assigned anywhere after this point, move this check. */
2449 if (!unit_log_level_test(u
, log_level
)) {
2454 if (have_ip_accounting
) {
2457 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2459 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2464 k
= strdup("no IP traffic");
2470 message_parts
[n_message_parts
++] = k
;
2474 /* Is there any accounting data available at all? */
2480 if (n_message_parts
== 0)
2481 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2483 _cleanup_free_
char *joined
= NULL
;
2485 message_parts
[n_message_parts
] = NULL
;
2487 joined
= strv_join(message_parts
, ", ");
2493 joined
[0] = ascii_toupper(joined
[0]);
2494 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2497 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2498 * and hence don't increase n_iovec for them */
2499 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2500 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2502 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2503 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2505 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2506 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2508 log_unit_struct_iovec(u
, log_level
, iovec
, n_iovec
+ 4);
2512 for (size_t i
= 0; i
< n_message_parts
; i
++)
2513 free(message_parts
[i
]);
2515 for (size_t i
= 0; i
< n_iovec
; i
++)
2516 free(iovec
[i
].iov_base
);
2522 static void unit_update_on_console(Unit
*u
) {
2527 b
= unit_needs_console(u
);
2528 if (u
->on_console
== b
)
2533 manager_ref_console(u
->manager
);
2535 manager_unref_console(u
->manager
);
2538 static void unit_emit_audit_start(Unit
*u
) {
2541 if (u
->type
!= UNIT_SERVICE
)
2544 /* Write audit record if we have just finished starting up */
2545 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2549 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2552 if (u
->type
!= UNIT_SERVICE
)
2556 /* Write audit record if we have just finished shutting down */
2557 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2558 u
->in_audit
= false;
2560 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2561 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2563 if (state
== UNIT_INACTIVE
)
2564 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2568 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2569 bool unexpected
= false;
2574 if (j
->state
== JOB_WAITING
)
2576 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2578 job_add_to_run_queue(j
);
2580 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2581 * hence needs to invalidate jobs. */
2586 case JOB_VERIFY_ACTIVE
:
2588 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2589 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2590 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2593 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2594 if (ns
== UNIT_FAILED
)
2595 result
= JOB_FAILED
;
2599 job_finish_and_invalidate(j
, result
, true, false);
2606 case JOB_RELOAD_OR_START
:
2607 case JOB_TRY_RELOAD
:
2609 if (j
->state
== JOB_RUNNING
) {
2610 if (ns
== UNIT_ACTIVE
)
2611 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2612 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2615 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2616 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2624 case JOB_TRY_RESTART
:
2626 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2627 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2628 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2630 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2636 assert_not_reached();
2642 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2647 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2648 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2650 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2651 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2652 * remounted this function will be called too! */
2656 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2657 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2658 unit_add_to_dbus_queue(u
);
2660 /* Update systemd-oomd on the property/state change */
2662 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2664 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2665 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2666 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2667 * have the information on the property. Thus, indiscriminately send an update. */
2668 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) || UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2669 (void) manager_varlink_send_managed_oom_update(u
);
2672 /* Update timestamps for state changes */
2673 if (!MANAGER_IS_RELOADING(m
)) {
2674 dual_timestamp_get(&u
->state_change_timestamp
);
2676 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2677 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2678 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2679 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2681 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2682 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2683 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2684 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2687 /* Keep track of failed units */
2688 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2690 /* Make sure the cgroup and state files are always removed when we become inactive */
2691 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2692 SET_FLAG(u
->markers
,
2693 (1u << UNIT_MARKER_NEEDS_RELOAD
)|(1u << UNIT_MARKER_NEEDS_RESTART
),
2695 unit_prune_cgroup(u
);
2696 unit_unlink_state_files(u
);
2697 } else if (ns
!= os
&& ns
== UNIT_RELOADING
)
2698 SET_FLAG(u
->markers
, 1u << UNIT_MARKER_NEEDS_RELOAD
, false);
2700 unit_update_on_console(u
);
2702 if (!MANAGER_IS_RELOADING(m
)) {
2705 /* Let's propagate state changes to the job */
2707 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2711 /* If this state change happened without being requested by a job, then let's retroactively start or
2712 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2713 * additional jobs just because something is already activated. */
2716 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2717 retroactively_start_dependencies(u
);
2718 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2719 retroactively_stop_dependencies(u
);
2722 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2723 log_unit_debug(u
, "Unit entered failed state.");
2725 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2726 unit_start_on_failure(u
, "OnFailure=", UNIT_ATOM_ON_FAILURE
, u
->on_failure_job_mode
);
2729 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2730 /* This unit just finished starting up */
2732 unit_emit_audit_start(u
);
2733 manager_send_unit_plymouth(m
, u
);
2736 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2737 /* This unit just stopped/failed. */
2739 unit_emit_audit_stop(u
, ns
);
2740 unit_log_resources(u
);
2743 if (ns
== UNIT_INACTIVE
&& !IN_SET(os
, UNIT_FAILED
, UNIT_INACTIVE
, UNIT_MAINTENANCE
) &&
2744 !(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2745 unit_start_on_failure(u
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
, u
->on_success_job_mode
);
2748 manager_recheck_journal(m
);
2749 manager_recheck_dbus(m
);
2751 unit_trigger_notify(u
);
2753 if (!MANAGER_IS_RELOADING(m
)) {
2754 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2755 reason
= strjoina("unit ", u
->id
, " failed");
2756 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2757 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2758 reason
= strjoina("unit ", u
->id
, " succeeded");
2759 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2763 /* And now, add the unit or depending units to various queues that will act on the new situation if
2764 * needed. These queues generally check for continuous state changes rather than events (like most of
2765 * the state propagation above), and do work deferred instead of instantly, since they typically
2766 * don't want to run during reloading, and usually involve checking combined state of multiple units
2769 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2770 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2771 check_unneeded_dependencies(u
);
2772 check_bound_by_dependencies(u
);
2774 /* Maybe someone wants us to remain up? */
2775 unit_submit_to_start_when_upheld_queue(u
);
2777 /* Maybe the unit should be GC'ed now? */
2778 unit_add_to_gc_queue(u
);
2781 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
)) {
2782 /* Start uphold units regardless if going up was expected or not */
2783 check_uphold_dependencies(u
);
2785 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2786 unit_submit_to_stop_when_unneeded_queue(u
);
2788 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2789 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2790 * inactive, without ever entering started.) */
2791 unit_submit_to_stop_when_bound_queue(u
);
2795 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2799 assert(pid_is_valid(pid
));
2801 /* Watch a specific PID */
2803 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2804 * opportunity to remove any stalled references to this PID as they can be created
2805 * easily (when watching a process which is not our direct child). */
2807 manager_unwatch_pid(u
->manager
, pid
);
2809 r
= set_ensure_allocated(&u
->pids
, NULL
);
2813 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2817 /* First try, let's add the unit keyed by "pid". */
2818 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2824 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2825 * to an array of Units rather than just a Unit), lists us already. */
2827 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2829 for (; array
[n
]; n
++)
2833 if (found
) /* Found it already? if so, do nothing */
2838 /* Allocate a new array */
2839 new_array
= new(Unit
*, n
+ 2);
2843 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2845 new_array
[n
+1] = NULL
;
2847 /* Add or replace the old array */
2848 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2859 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2866 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2870 assert(pid_is_valid(pid
));
2872 /* First let's drop the unit in case it's keyed as "pid". */
2873 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2875 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2876 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2878 /* Let's iterate through the array, dropping our own entry */
2881 for (size_t n
= 0; array
[n
]; n
++)
2883 array
[m
++] = array
[n
];
2887 /* The array is now empty, remove the entire entry */
2888 assert_se(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2893 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2896 void unit_unwatch_all_pids(Unit
*u
) {
2899 while (!set_isempty(u
->pids
))
2900 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2902 u
->pids
= set_free(u
->pids
);
2905 static void unit_tidy_watch_pids(Unit
*u
) {
2906 pid_t except1
, except2
;
2911 /* Cleans dead PIDs from our list */
2913 except1
= unit_main_pid(u
);
2914 except2
= unit_control_pid(u
);
2916 SET_FOREACH(e
, u
->pids
) {
2917 pid_t pid
= PTR_TO_PID(e
);
2919 if (pid
== except1
|| pid
== except2
)
2922 if (!pid_is_unwaited(pid
))
2923 unit_unwatch_pid(u
, pid
);
2927 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2928 Unit
*u
= ASSERT_PTR(userdata
);
2932 unit_tidy_watch_pids(u
);
2933 unit_watch_all_pids(u
);
2935 /* If the PID set is empty now, then let's finish this off. */
2936 unit_synthesize_cgroup_empty_event(u
);
2941 int unit_enqueue_rewatch_pids(Unit
*u
) {
2946 if (!u
->cgroup_path
)
2949 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2952 if (r
> 0) /* On unified we can use proper notifications */
2955 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2956 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2957 * involves issuing kill(pid, 0) on all processes we watch. */
2959 if (!u
->rewatch_pids_event_source
) {
2960 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2962 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2964 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2966 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2968 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2970 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2972 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2975 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2977 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2982 void unit_dequeue_rewatch_pids(Unit
*u
) {
2986 if (!u
->rewatch_pids_event_source
)
2989 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2991 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2993 u
->rewatch_pids_event_source
= sd_event_source_disable_unref(u
->rewatch_pids_event_source
);
2996 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2998 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
3002 case JOB_VERIFY_ACTIVE
:
3005 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
3006 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
3011 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
3012 * external events), hence it makes no sense to permit enqueuing such a request either. */
3013 return !u
->perpetual
;
3016 case JOB_TRY_RESTART
:
3017 return unit_can_stop(u
) && unit_can_start(u
);
3020 case JOB_TRY_RELOAD
:
3021 return unit_can_reload(u
);
3023 case JOB_RELOAD_OR_START
:
3024 return unit_can_reload(u
) && unit_can_start(u
);
3027 assert_not_reached();
3031 int unit_add_dependency(
3036 UnitDependencyMask mask
) {
3038 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3039 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3040 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3041 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3042 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3043 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3044 [UNIT_UPHOLDS
] = UNIT_UPHELD_BY
,
3045 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3046 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3047 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3048 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3049 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3050 [UNIT_UPHELD_BY
] = UNIT_UPHOLDS
,
3051 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3052 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3053 [UNIT_BEFORE
] = UNIT_AFTER
,
3054 [UNIT_AFTER
] = UNIT_BEFORE
,
3055 [UNIT_ON_SUCCESS
] = UNIT_ON_SUCCESS_OF
,
3056 [UNIT_ON_SUCCESS_OF
] = UNIT_ON_SUCCESS
,
3057 [UNIT_ON_FAILURE
] = UNIT_ON_FAILURE_OF
,
3058 [UNIT_ON_FAILURE_OF
] = UNIT_ON_FAILURE
,
3059 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3060 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3061 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3062 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3063 [UNIT_PROPAGATES_STOP_TO
] = UNIT_STOP_PROPAGATED_FROM
,
3064 [UNIT_STOP_PROPAGATED_FROM
] = UNIT_PROPAGATES_STOP_TO
,
3065 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
, /* symmetric! 👓 */
3066 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3067 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3068 [UNIT_IN_SLICE
] = UNIT_SLICE_OF
,
3069 [UNIT_SLICE_OF
] = UNIT_IN_SLICE
,
3071 Unit
*original_u
= u
, *original_other
= other
;
3072 UnitDependencyAtom a
;
3075 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3076 * there, no need to notify! */
3077 bool notify
, notify_other
= false;
3080 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3083 u
= unit_follow_merge(u
);
3084 other
= unit_follow_merge(other
);
3085 a
= unit_dependency_to_atom(d
);
3088 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3090 unit_maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
3094 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3097 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3098 * running timeout at a specific time. */
3099 if (FLAGS_SET(a
, UNIT_ATOM_BEFORE
) && other
->type
== UNIT_DEVICE
) {
3100 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3104 if (FLAGS_SET(a
, UNIT_ATOM_ON_FAILURE
) && !UNIT_VTABLE(u
)->can_fail
) {
3105 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3109 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERS
) && !UNIT_VTABLE(u
)->can_trigger
)
3110 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3111 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3112 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERED_BY
) && !UNIT_VTABLE(other
)->can_trigger
)
3113 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3114 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3116 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && other
->type
!= UNIT_SLICE
)
3117 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3118 "Requested dependency Slice=%s refused (%s is not a slice unit).", other
->id
, other
->id
);
3119 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && u
->type
!= UNIT_SLICE
)
3120 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3121 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other
->id
, u
->id
);
3123 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && !UNIT_HAS_CGROUP_CONTEXT(u
))
3124 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3125 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other
->id
, u
->id
);
3127 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && !UNIT_HAS_CGROUP_CONTEXT(other
))
3128 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3129 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other
->id
, other
->id
);
3131 r
= unit_add_dependency_hashmap(&u
->dependencies
, d
, other
, mask
, 0);
3136 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
3137 r
= unit_add_dependency_hashmap(&other
->dependencies
, inverse_table
[d
], u
, 0, mask
);
3140 notify_other
= r
> 0;
3143 if (add_reference
) {
3144 r
= unit_add_dependency_hashmap(&u
->dependencies
, UNIT_REFERENCES
, other
, mask
, 0);
3147 notify
= notify
|| r
> 0;
3149 r
= unit_add_dependency_hashmap(&other
->dependencies
, UNIT_REFERENCED_BY
, u
, 0, mask
);
3152 notify_other
= notify_other
|| r
> 0;
3156 unit_add_to_dbus_queue(u
);
3158 unit_add_to_dbus_queue(other
);
3160 return notify
|| notify_other
;
3163 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3168 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3172 s
= unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3176 return r
> 0 || s
> 0;
3179 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3187 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3194 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3196 _cleanup_free_
char *i
= NULL
;
3198 r
= unit_name_to_prefix(u
->id
, &i
);
3202 r
= unit_name_replace_instance(name
, i
, buf
);
3211 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3212 _cleanup_free_
char *buf
= NULL
;
3219 r
= resolve_template(u
, name
, &buf
, &name
);
3223 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3226 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3230 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3233 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3234 _cleanup_free_
char *buf
= NULL
;
3241 r
= resolve_template(u
, name
, &buf
, &name
);
3245 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3248 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3252 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3255 int set_unit_path(const char *p
) {
3256 /* This is mostly for debug purposes */
3257 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p
, 1));
3260 char *unit_dbus_path(Unit
*u
) {
3266 return unit_dbus_path_from_name(u
->id
);
3269 char *unit_dbus_path_invocation_id(Unit
*u
) {
3272 if (sd_id128_is_null(u
->invocation_id
))
3275 return unit_dbus_path_from_name(u
->invocation_id_string
);
3278 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3283 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3285 if (sd_id128_equal(u
->invocation_id
, id
))
3288 if (!sd_id128_is_null(u
->invocation_id
))
3289 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3291 if (sd_id128_is_null(id
)) {
3296 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3300 u
->invocation_id
= id
;
3301 sd_id128_to_string(id
, u
->invocation_id_string
);
3303 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3310 u
->invocation_id
= SD_ID128_NULL
;
3311 u
->invocation_id_string
[0] = 0;
3315 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3321 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3322 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3323 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3325 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3328 if (u
->type
== UNIT_SLICE
)
3331 if (unit_active_state(u
) != UNIT_INACTIVE
)
3334 if (slice
->type
!= UNIT_SLICE
)
3337 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3338 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3341 if (UNIT_GET_SLICE(u
) == slice
)
3344 /* Disallow slice changes if @u is already bound to cgroups */
3345 if (UNIT_GET_SLICE(u
) && u
->cgroup_realized
)
3348 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3349 if (UNIT_GET_SLICE(u
))
3350 unit_remove_dependencies(u
, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3352 r
= unit_add_dependency(u
, UNIT_IN_SLICE
, slice
, true, UNIT_DEPENDENCY_SLICE_PROPERTY
);
3359 int unit_set_default_slice(Unit
*u
) {
3360 const char *slice_name
;
3366 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3369 if (UNIT_GET_SLICE(u
))
3373 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3375 /* Implicitly place all instantiated units in their
3376 * own per-template slice */
3378 r
= unit_name_to_prefix(u
->id
, &prefix
);
3382 /* The prefix is already escaped, but it might include
3383 * "-" which has a special meaning for slice units,
3384 * hence escape it here extra. */
3385 escaped
= unit_name_escape(prefix
);
3389 if (MANAGER_IS_SYSTEM(u
->manager
))
3390 slice_name
= strjoina("system-", escaped
, ".slice");
3392 slice_name
= strjoina("app-", escaped
, ".slice");
3394 } else if (unit_is_extrinsic(u
))
3395 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3396 * the root slice. They don't really belong in one of the subslices. */
3397 slice_name
= SPECIAL_ROOT_SLICE
;
3399 else if (MANAGER_IS_SYSTEM(u
->manager
))
3400 slice_name
= SPECIAL_SYSTEM_SLICE
;
3402 slice_name
= SPECIAL_APP_SLICE
;
3404 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3408 return unit_set_slice(u
, slice
);
3411 const char *unit_slice_name(Unit
*u
) {
3415 slice
= UNIT_GET_SLICE(u
);
3422 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3423 _cleanup_free_
char *t
= NULL
;
3430 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3433 if (unit_has_name(u
, t
))
3436 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3437 assert(r
< 0 || *_found
!= u
);
3441 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3442 const char *new_owner
;
3443 Unit
*u
= ASSERT_PTR(userdata
);
3448 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3450 bus_log_parse_error(r
);
3454 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3455 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3460 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3461 const sd_bus_error
*e
;
3462 const char *new_owner
;
3463 Unit
*u
= ASSERT_PTR(userdata
);
3468 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3470 e
= sd_bus_message_get_error(message
);
3472 if (!sd_bus_error_has_name(e
, "org.freedesktop.DBus.Error.NameHasNoOwner")) {
3473 r
= sd_bus_error_get_errno(e
);
3474 log_unit_error_errno(u
, r
,
3475 "Unexpected error response from GetNameOwner(): %s",
3476 bus_error_message(e
, r
));
3481 r
= sd_bus_message_read(message
, "s", &new_owner
);
3483 return bus_log_parse_error(r
);
3485 assert(!isempty(new_owner
));
3488 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3489 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3494 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3502 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3505 match
= strjoina("type='signal',"
3506 "sender='org.freedesktop.DBus',"
3507 "path='/org/freedesktop/DBus',"
3508 "interface='org.freedesktop.DBus',"
3509 "member='NameOwnerChanged',"
3510 "arg0='", name
, "'");
3512 r
= sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3516 r
= sd_bus_call_method_async(
3518 &u
->get_name_owner_slot
,
3519 "org.freedesktop.DBus",
3520 "/org/freedesktop/DBus",
3521 "org.freedesktop.DBus",
3523 get_name_owner_handler
,
3527 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3531 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3535 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3541 /* Watch a specific name on the bus. We only support one unit
3542 * watching each name for now. */
3544 if (u
->manager
->api_bus
) {
3545 /* If the bus is already available, install the match directly.
3546 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3547 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3549 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3552 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3554 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3555 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3556 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3562 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3566 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3567 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3568 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3571 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
3572 _cleanup_free_
char *e
= NULL
;
3578 /* Adds in links to the device node that this unit is based on */
3582 if (!is_device_path(what
))
3585 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3586 if (!unit_type_supported(UNIT_DEVICE
))
3589 r
= unit_name_from_path(what
, ".device", &e
);
3593 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3597 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3598 dep
= UNIT_BINDS_TO
;
3600 return unit_add_two_dependencies(u
, UNIT_AFTER
,
3601 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3602 device
, true, mask
);
3605 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
3606 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
3614 if (!path_startswith(what
, "/dev/"))
3617 /* If we don't support devices, then also don't bother with blockdev@.target */
3618 if (!unit_type_supported(UNIT_DEVICE
))
3621 r
= unit_name_path_escape(what
, &escaped
);
3625 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
3629 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
3632 int unit_coldplug(Unit
*u
) {
3637 /* Make sure we don't enter a loop, when coldplugging recursively. */
3641 u
->coldplugged
= true;
3643 STRV_FOREACH(i
, u
->deserialized_refs
) {
3644 q
= bus_unit_track_add_name(u
, *i
);
3645 if (q
< 0 && r
>= 0)
3648 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3650 if (UNIT_VTABLE(u
)->coldplug
) {
3651 q
= UNIT_VTABLE(u
)->coldplug(u
);
3652 if (q
< 0 && r
>= 0)
3657 q
= job_coldplug(u
->job
);
3658 if (q
< 0 && r
>= 0)
3662 q
= job_coldplug(u
->nop_job
);
3663 if (q
< 0 && r
>= 0)
3670 void unit_catchup(Unit
*u
) {
3673 if (UNIT_VTABLE(u
)->catchup
)
3674 UNIT_VTABLE(u
)->catchup(u
);
3676 unit_cgroup_catchup(u
);
3679 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3685 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3686 * are never out-of-date. */
3687 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3690 if (stat(path
, &st
) < 0)
3691 /* What, cannot access this anymore? */
3695 /* For masked files check if they are still so */
3696 return !null_or_empty(&st
);
3698 /* For non-empty files check the mtime */
3699 return timespec_load(&st
.st_mtim
) > mtime
;
3704 bool unit_need_daemon_reload(Unit
*u
) {
3705 _cleanup_strv_free_
char **t
= NULL
;
3709 /* For unit files, we allow masking… */
3710 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3711 u
->load_state
== UNIT_MASKED
))
3714 /* Source paths should not be masked… */
3715 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3718 if (u
->load_state
== UNIT_LOADED
)
3719 (void) unit_find_dropin_paths(u
, &t
);
3720 if (!strv_equal(u
->dropin_paths
, t
))
3723 /* … any drop-ins that are masked are simply omitted from the list. */
3724 STRV_FOREACH(path
, u
->dropin_paths
)
3725 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3731 void unit_reset_failed(Unit
*u
) {
3734 if (UNIT_VTABLE(u
)->reset_failed
)
3735 UNIT_VTABLE(u
)->reset_failed(u
);
3737 ratelimit_reset(&u
->start_ratelimit
);
3738 u
->start_limit_hit
= false;
3741 Unit
*unit_following(Unit
*u
) {
3744 if (UNIT_VTABLE(u
)->following
)
3745 return UNIT_VTABLE(u
)->following(u
);
3750 bool unit_stop_pending(Unit
*u
) {
3753 /* This call does check the current state of the unit. It's
3754 * hence useful to be called from state change calls of the
3755 * unit itself, where the state isn't updated yet. This is
3756 * different from unit_inactive_or_pending() which checks both
3757 * the current state and for a queued job. */
3759 return unit_has_job_type(u
, JOB_STOP
);
3762 bool unit_inactive_or_pending(Unit
*u
) {
3765 /* Returns true if the unit is inactive or going down */
3767 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3770 if (unit_stop_pending(u
))
3776 bool unit_active_or_pending(Unit
*u
) {
3779 /* Returns true if the unit is active or going up */
3781 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3785 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3791 bool unit_will_restart_default(Unit
*u
) {
3794 return unit_has_job_type(u
, JOB_START
);
3797 bool unit_will_restart(Unit
*u
) {
3800 if (!UNIT_VTABLE(u
)->will_restart
)
3803 return UNIT_VTABLE(u
)->will_restart(u
);
3806 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3808 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3809 assert(SIGNAL_VALID(signo
));
3811 if (!UNIT_VTABLE(u
)->kill
)
3814 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
3817 void unit_notify_cgroup_oom(Unit
*u
, bool managed_oom
) {
3820 if (UNIT_VTABLE(u
)->notify_cgroup_oom
)
3821 UNIT_VTABLE(u
)->notify_cgroup_oom(u
, managed_oom
);
3824 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
3825 _cleanup_set_free_ Set
*pid_set
= NULL
;
3828 pid_set
= set_new(NULL
);
3832 /* Exclude the main/control pids from being killed via the cgroup */
3834 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
3839 if (control_pid
> 0) {
3840 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
3845 return TAKE_PTR(pid_set
);
3848 static int kill_common_log(pid_t pid
, int signo
, void *userdata
) {
3849 _cleanup_free_
char *comm
= NULL
;
3850 Unit
*u
= ASSERT_PTR(userdata
);
3852 (void) get_process_comm(pid
, &comm
);
3853 log_unit_info(u
, "Sending signal SIG%s to process " PID_FMT
" (%s) on client request.",
3854 signal_to_string(signo
), pid
, strna(comm
));
3859 int unit_kill_common(
3865 sd_bus_error
*error
) {
3868 bool killed
= false;
3870 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3871 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3872 * stop a service ourselves. */
3874 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
3876 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
3878 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
3881 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
3882 if (control_pid
< 0)
3883 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
3884 if (control_pid
== 0)
3885 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
3888 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3889 if (control_pid
> 0) {
3890 _cleanup_free_
char *comm
= NULL
;
3891 (void) get_process_comm(control_pid
, &comm
);
3893 if (kill(control_pid
, signo
) < 0) {
3894 /* Report this failure both to the logs and to the client */
3895 sd_bus_error_set_errnof(
3897 "Failed to send signal SIG%s to control process " PID_FMT
" (%s): %m",
3898 signal_to_string(signo
), control_pid
, strna(comm
));
3899 r
= log_unit_warning_errno(
3901 "Failed to send signal SIG%s to control process " PID_FMT
" (%s) on client request: %m",
3902 signal_to_string(signo
), control_pid
, strna(comm
));
3904 log_unit_info(u
, "Sent signal SIG%s to control process " PID_FMT
" (%s) on client request.",
3905 signal_to_string(signo
), control_pid
, strna(comm
));
3910 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3912 _cleanup_free_
char *comm
= NULL
;
3913 (void) get_process_comm(main_pid
, &comm
);
3915 if (kill(main_pid
, signo
) < 0) {
3917 sd_bus_error_set_errnof(
3919 "Failed to send signal SIG%s to main process " PID_FMT
" (%s): %m",
3920 signal_to_string(signo
), main_pid
, strna(comm
));
3922 r
= log_unit_warning_errno(
3924 "Failed to send signal SIG%s to main process " PID_FMT
" (%s) on client request: %m",
3925 signal_to_string(signo
), main_pid
, strna(comm
));
3927 log_unit_info(u
, "Sent signal SIG%s to main process " PID_FMT
" (%s) on client request.",
3928 signal_to_string(signo
), main_pid
, strna(comm
));
3933 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
3934 _cleanup_set_free_ Set
*pid_set
= NULL
;
3937 /* Exclude the main/control pids from being killed via the cgroup */
3938 pid_set
= unit_pid_set(main_pid
, control_pid
);
3942 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, kill_common_log
, u
);
3944 if (!IN_SET(q
, -ESRCH
, -ENOENT
)) {
3946 sd_bus_error_set_errnof(
3948 "Failed to send signal SIG%s to auxiliary processes: %m",
3949 signal_to_string(signo
));
3951 r
= log_unit_warning_errno(
3953 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3954 signal_to_string(signo
));
3960 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3961 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
, KILL_MAIN_FAIL
))
3962 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No matching processes to kill");
3967 int unit_following_set(Unit
*u
, Set
**s
) {
3971 if (UNIT_VTABLE(u
)->following_set
)
3972 return UNIT_VTABLE(u
)->following_set(u
, s
);
3978 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
3983 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
3984 r
= unit_file_get_state(
3985 u
->manager
->unit_file_scope
,
3988 &u
->unit_file_state
);
3990 u
->unit_file_state
= UNIT_FILE_BAD
;
3993 return u
->unit_file_state
;
3996 int unit_get_unit_file_preset(Unit
*u
) {
3999 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
4000 u
->unit_file_preset
= unit_file_query_preset(
4001 u
->manager
->unit_file_scope
,
4003 basename(u
->fragment_path
),
4006 return u
->unit_file_preset
;
4009 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4015 unit_ref_unset(ref
);
4017 ref
->source
= source
;
4018 ref
->target
= target
;
4019 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4023 void unit_ref_unset(UnitRef
*ref
) {
4029 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4030 * be unreferenced now. */
4031 unit_add_to_gc_queue(ref
->target
);
4033 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4034 ref
->source
= ref
->target
= NULL
;
4037 static int user_from_unit_name(Unit
*u
, char **ret
) {
4039 static const uint8_t hash_key
[] = {
4040 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4041 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4044 _cleanup_free_
char *n
= NULL
;
4047 r
= unit_name_to_prefix(u
->id
, &n
);
4051 if (valid_user_group_name(n
, 0)) {
4056 /* If we can't use the unit name as a user name, then let's hash it and use that */
4057 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4063 int unit_patch_contexts(Unit
*u
) {
4070 /* Patch in the manager defaults into the exec and cgroup
4071 * contexts, _after_ the rest of the settings have been
4074 ec
= unit_get_exec_context(u
);
4076 /* This only copies in the ones that need memory */
4077 for (unsigned i
= 0; i
< _RLIMIT_MAX
; i
++)
4078 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4079 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4084 if (MANAGER_IS_USER(u
->manager
) &&
4085 !ec
->working_directory
) {
4087 r
= get_home_dir(&ec
->working_directory
);
4091 /* Allow user services to run, even if the
4092 * home directory is missing */
4093 ec
->working_directory_missing_ok
= true;
4096 if (ec
->private_devices
)
4097 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4099 if (ec
->protect_kernel_modules
)
4100 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4102 if (ec
->protect_kernel_logs
)
4103 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4105 if (ec
->protect_clock
)
4106 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4108 if (ec
->dynamic_user
) {
4110 r
= user_from_unit_name(u
, &ec
->user
);
4116 ec
->group
= strdup(ec
->user
);
4121 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4122 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4125 ec
->private_tmp
= true;
4126 ec
->remove_ipc
= true;
4127 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4128 if (ec
->protect_home
== PROTECT_HOME_NO
)
4129 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4131 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4133 ec
->no_new_privileges
= true;
4134 ec
->restrict_suid_sgid
= true;
4138 cc
= unit_get_cgroup_context(u
);
4141 if (ec
->private_devices
&&
4142 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4143 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4145 if ((ec
->root_image
|| ec
->mount_images
) &&
4146 (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
)) {
4148 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4149 FOREACH_STRING(p
, "/dev/loop-control", "/dev/mapper/control") {
4150 r
= cgroup_add_device_allow(cc
, p
, "rw");
4154 FOREACH_STRING(p
, "block-loop", "block-blkext", "block-device-mapper") {
4155 r
= cgroup_add_device_allow(cc
, p
, "rwm");
4160 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4161 * Same for mapper and verity. */
4162 FOREACH_STRING(p
, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4163 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, p
, true, UNIT_DEPENDENCY_FILE
);
4169 if (ec
->protect_clock
) {
4170 r
= cgroup_add_device_allow(cc
, "char-rtc", "r");
4179 ExecContext
*unit_get_exec_context(const Unit
*u
) {
4186 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4190 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4193 KillContext
*unit_get_kill_context(Unit
*u
) {
4200 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4204 return (KillContext
*) ((uint8_t*) u
+ offset
);
4207 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4213 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4217 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4220 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4226 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4230 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4233 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4236 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4239 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4240 return u
->manager
->lookup_paths
.transient
;
4242 if (flags
& UNIT_PERSISTENT
)
4243 return u
->manager
->lookup_paths
.persistent_control
;
4245 if (flags
& UNIT_RUNTIME
)
4246 return u
->manager
->lookup_paths
.runtime_control
;
4251 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4252 assert(!FLAGS_SET(flags
, UNIT_ESCAPE_EXEC_SYNTAX
| UNIT_ESCAPE_C
));
4254 _cleanup_free_
char *t
= NULL
;
4259 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the
4260 * allocated return buffer pointer is also written to *buf, except if no escaping was necessary, in
4261 * which case *buf is set to NULL, and the input pointer is returned as-is. This means the return
4262 * value always contains a properly escaped version, but *buf when passed only contains a pointer if
4263 * an allocation was necessary. If *buf is not specified, then the return value always needs to be
4264 * freed. Callers can use this to optimize memory allocations. */
4266 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4267 t
= specifier_escape(s
);
4274 /* We either do c-escaping or shell-escaping, to additionally escape characters that we parse for
4275 * ExecStart= and friend, i.e. '$' and ';' and quotes. */
4277 if (flags
& UNIT_ESCAPE_EXEC_SYNTAX
) {
4278 char *t2
= shell_escape(s
, "$;'\"");
4281 free_and_replace(t
, t2
);
4285 } else if (flags
& UNIT_ESCAPE_C
) {
4286 char *t2
= cescape(s
);
4289 free_and_replace(t
, t2
);
4299 return TAKE_PTR(t
) ?: strdup(s
);
4302 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4303 _cleanup_free_
char *result
= NULL
;
4306 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4307 * lines in a way suitable for ExecStart= stanzas. */
4309 STRV_FOREACH(i
, l
) {
4310 _cleanup_free_
char *buf
= NULL
;
4315 p
= unit_escape_setting(*i
, flags
, &buf
);
4319 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4320 if (!GREEDY_REALLOC(result
, n
+ a
+ 1))
4334 if (!GREEDY_REALLOC(result
, n
+ 1))
4339 return TAKE_PTR(result
);
4342 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4343 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4344 const char *dir
, *wrapped
;
4351 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4354 data
= unit_escape_setting(data
, flags
, &escaped
);
4358 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4359 * previous section header is the same */
4361 if (flags
& UNIT_PRIVATE
) {
4362 if (!UNIT_VTABLE(u
)->private_section
)
4365 if (!u
->transient_file
|| u
->last_section_private
< 0)
4366 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4367 else if (u
->last_section_private
== 0)
4368 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4370 if (!u
->transient_file
|| u
->last_section_private
< 0)
4371 data
= strjoina("[Unit]\n", data
);
4372 else if (u
->last_section_private
> 0)
4373 data
= strjoina("\n[Unit]\n", data
);
4376 if (u
->transient_file
) {
4377 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4378 * write to the transient unit file. */
4379 fputs(data
, u
->transient_file
);
4381 if (!endswith(data
, "\n"))
4382 fputc('\n', u
->transient_file
);
4384 /* Remember which section we wrote this entry to */
4385 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4389 dir
= unit_drop_in_dir(u
, flags
);
4393 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4394 "# or an equivalent operation. Do not edit.\n",
4398 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4402 (void) mkdir_p_label(p
, 0755);
4404 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4405 * recreate the cache after every drop-in we write. */
4406 if (u
->manager
->unit_path_cache
) {
4407 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4412 r
= write_string_file_atomic_label(q
, wrapped
);
4416 r
= strv_push(&u
->dropin_paths
, q
);
4421 strv_uniq(u
->dropin_paths
);
4423 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4428 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4429 _cleanup_free_
char *p
= NULL
;
4437 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4440 va_start(ap
, format
);
4441 r
= vasprintf(&p
, format
, ap
);
4447 return unit_write_setting(u
, flags
, name
, p
);
4450 int unit_make_transient(Unit
*u
) {
4451 _cleanup_free_
char *path
= NULL
;
4456 if (!UNIT_VTABLE(u
)->can_transient
)
4459 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4461 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4465 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4466 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4468 RUN_WITH_UMASK(0022) {
4469 f
= fopen(path
, "we");
4474 safe_fclose(u
->transient_file
);
4475 u
->transient_file
= f
;
4477 free_and_replace(u
->fragment_path
, path
);
4479 u
->source_path
= mfree(u
->source_path
);
4480 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4481 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4483 u
->load_state
= UNIT_STUB
;
4485 u
->transient
= true;
4487 unit_add_to_dbus_queue(u
);
4488 unit_add_to_gc_queue(u
);
4490 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4496 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4497 _cleanup_free_
char *comm
= NULL
;
4499 (void) get_process_comm(pid
, &comm
);
4501 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4502 only, like for example systemd's own PAM stub process. */
4503 if (comm
&& comm
[0] == '(')
4506 log_unit_notice(userdata
,
4507 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4510 signal_to_string(sig
));
4515 static int operation_to_signal(const KillContext
*c
, KillOperation k
, bool *noteworthy
) {
4520 case KILL_TERMINATE
:
4521 case KILL_TERMINATE_AND_LOG
:
4522 *noteworthy
= false;
4523 return c
->kill_signal
;
4526 *noteworthy
= false;
4527 return restart_kill_signal(c
);
4531 return c
->final_kill_signal
;
4535 return c
->watchdog_signal
;
4538 assert_not_reached();
4542 int unit_kill_context(
4548 bool main_pid_alien
) {
4550 bool wait_for_exit
= false, send_sighup
;
4551 cg_kill_log_func_t log_func
= NULL
;
4557 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4558 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4559 * which is used for user-requested killing of unit processes. */
4561 if (c
->kill_mode
== KILL_NONE
)
4565 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4567 log_func
= log_kill
;
4571 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4576 log_func(main_pid
, sig
, u
);
4578 r
= kill_and_sigcont(main_pid
, sig
);
4579 if (r
< 0 && r
!= -ESRCH
) {
4580 _cleanup_free_
char *comm
= NULL
;
4581 (void) get_process_comm(main_pid
, &comm
);
4583 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4585 if (!main_pid_alien
)
4586 wait_for_exit
= true;
4588 if (r
!= -ESRCH
&& send_sighup
)
4589 (void) kill(main_pid
, SIGHUP
);
4593 if (control_pid
> 0) {
4595 log_func(control_pid
, sig
, u
);
4597 r
= kill_and_sigcont(control_pid
, sig
);
4598 if (r
< 0 && r
!= -ESRCH
) {
4599 _cleanup_free_
char *comm
= NULL
;
4600 (void) get_process_comm(control_pid
, &comm
);
4602 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4604 wait_for_exit
= true;
4606 if (r
!= -ESRCH
&& send_sighup
)
4607 (void) kill(control_pid
, SIGHUP
);
4611 if (u
->cgroup_path
&&
4612 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4613 _cleanup_set_free_ Set
*pid_set
= NULL
;
4615 /* Exclude the main/control pids from being killed via the cgroup */
4616 pid_set
= unit_pid_set(main_pid
, control_pid
);
4620 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4622 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4626 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4627 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", empty_to_root(u
->cgroup_path
));
4631 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4632 * we are running in a container or if this is a delegation unit, simply because cgroup
4633 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4634 * of containers it can be confused easily by left-over directories in the cgroup — which
4635 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4636 * there we get proper events. Hence rely on them. */
4638 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4639 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4640 wait_for_exit
= true;
4645 pid_set
= unit_pid_set(main_pid
, control_pid
);
4649 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4658 return wait_for_exit
;
4661 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4667 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4668 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4669 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4670 * appearing mount units can easily determine which units to make themselves a dependency of. */
4672 if (!path_is_absolute(path
))
4675 if (hashmap_contains(u
->requires_mounts_for
, path
)) /* Exit quickly if the path is already covered. */
4678 _cleanup_free_
char *p
= strdup(path
);
4682 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4683 * only after simplification, since path_is_normalized() rejects paths with '.'.
4684 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4685 path
= path_simplify(p
);
4687 if (!path_is_normalized(path
))
4690 UnitDependencyInfo di
= {
4694 r
= hashmap_ensure_put(&u
->requires_mounts_for
, &path_hash_ops
, p
, di
.data
);
4698 TAKE_PTR(p
); /* path remains a valid pointer to the string stored in the hashmap */
4700 char prefix
[strlen(path
) + 1];
4701 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4704 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4706 _cleanup_free_
char *q
= NULL
;
4708 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4720 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4736 int unit_setup_exec_runtime(Unit
*u
) {
4742 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4745 /* Check if there already is an ExecRuntime for this unit? */
4746 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4750 /* Try to get it from somebody else */
4751 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_JOINS_NAMESPACE_OF
) {
4752 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4757 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4760 int unit_setup_dynamic_creds(Unit
*u
) {
4762 DynamicCreds
*dcreds
;
4767 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4769 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4771 ec
= unit_get_exec_context(u
);
4774 if (!ec
->dynamic_user
)
4777 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4780 bool unit_type_supported(UnitType t
) {
4781 if (_unlikely_(t
< 0))
4783 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4786 if (!unit_vtable
[t
]->supported
)
4789 return unit_vtable
[t
]->supported();
4792 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4798 if (!unit_log_level_test(u
, LOG_NOTICE
))
4801 r
= dir_is_empty(where
, /* ignore_hidden_or_backup= */ false);
4802 if (r
> 0 || r
== -ENOTDIR
)
4805 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4809 log_unit_struct(u
, LOG_NOTICE
,
4810 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4811 LOG_UNIT_INVOCATION_ID(u
),
4812 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4816 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4817 _cleanup_free_
char *canonical_where
= NULL
;
4823 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
4825 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4829 /* We will happily ignore a trailing slash (or any redundant slashes) */
4830 if (path_equal(where
, canonical_where
))
4833 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4834 log_unit_struct(u
, LOG_ERR
,
4835 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4836 LOG_UNIT_INVOCATION_ID(u
),
4837 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4843 bool unit_is_pristine(Unit
*u
) {
4846 /* Check if the unit already exists or is already around,
4847 * in a number of different ways. Note that to cater for unit
4848 * types such as slice, we are generally fine with units that
4849 * are marked UNIT_LOADED even though nothing was actually
4850 * loaded, as those unit types don't require a file on disk. */
4852 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4855 !strv_isempty(u
->dropin_paths
) ||
4860 pid_t
unit_control_pid(Unit
*u
) {
4863 if (UNIT_VTABLE(u
)->control_pid
)
4864 return UNIT_VTABLE(u
)->control_pid(u
);
4869 pid_t
unit_main_pid(Unit
*u
) {
4872 if (UNIT_VTABLE(u
)->main_pid
)
4873 return UNIT_VTABLE(u
)->main_pid(u
);
4878 static void unit_unref_uid_internal(
4882 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4886 assert(_manager_unref_uid
);
4888 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4889 * gid_t are actually the same time, with the same validity rules.
4891 * Drops a reference to UID/GID from a unit. */
4893 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4894 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4896 if (!uid_is_valid(*ref_uid
))
4899 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4900 *ref_uid
= UID_INVALID
;
4903 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4904 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4907 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4908 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4911 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
4914 unit_unref_uid(u
, destroy_now
);
4915 unit_unref_gid(u
, destroy_now
);
4918 static int unit_ref_uid_internal(
4923 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
4929 assert(uid_is_valid(uid
));
4930 assert(_manager_ref_uid
);
4932 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4933 * are actually the same type, and have the same validity rules.
4935 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4936 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4939 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4940 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4942 if (*ref_uid
== uid
)
4945 if (uid_is_valid(*ref_uid
)) /* Already set? */
4948 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
4956 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
4957 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
4960 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
4961 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
4964 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
4969 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4971 if (uid_is_valid(uid
)) {
4972 r
= unit_ref_uid(u
, uid
, clean_ipc
);
4977 if (gid_is_valid(gid
)) {
4978 q
= unit_ref_gid(u
, gid
, clean_ipc
);
4981 unit_unref_uid(u
, false);
4987 return r
> 0 || q
> 0;
4990 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
4996 c
= unit_get_exec_context(u
);
4998 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
5000 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5005 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
5010 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5011 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5012 * objects when no service references the UID/GID anymore. */
5014 r
= unit_ref_uid_gid(u
, uid
, gid
);
5016 unit_add_to_dbus_queue(u
);
5019 int unit_acquire_invocation_id(Unit
*u
) {
5025 r
= sd_id128_randomize(&id
);
5027 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5029 r
= unit_set_invocation_id(u
, id
);
5031 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5033 unit_add_to_dbus_queue(u
);
5037 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5043 /* Copy parameters from manager */
5044 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5048 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5049 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5050 p
->prefix
= u
->manager
->prefix
;
5051 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5053 /* Copy parameters from unit */
5054 p
->cgroup_path
= u
->cgroup_path
;
5055 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5057 p
->received_credentials_directory
= u
->manager
->received_credentials_directory
;
5058 p
->received_encrypted_credentials_directory
= u
->manager
->received_encrypted_credentials_directory
;
5063 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5069 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5070 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5072 (void) unit_realize_cgroup(u
);
5074 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5078 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
);
5079 (void) ignore_signals(SIGPIPE
);
5081 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5083 if (u
->cgroup_path
) {
5084 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5086 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", empty_to_root(u
->cgroup_path
));
5094 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, pid_t
*ret_pid
) {
5101 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5105 int ret
= EXIT_SUCCESS
;
5107 STRV_FOREACH(i
, paths
) {
5108 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5110 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5118 r
= unit_watch_pid(u
, pid
, true);
5126 static void unit_update_dependency_mask(Hashmap
*deps
, Unit
*other
, UnitDependencyInfo di
) {
5130 if (di
.origin_mask
== 0 && di
.destination_mask
== 0)
5131 /* No bit set anymore, let's drop the whole entry */
5132 assert_se(hashmap_remove(deps
, other
));
5134 /* Mask was reduced, let's update the entry */
5135 assert_se(hashmap_update(deps
, other
, di
.data
) == 0);
5138 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5142 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5147 HASHMAP_FOREACH(deps
, u
->dependencies
) {
5151 UnitDependencyInfo di
;
5156 HASHMAP_FOREACH_KEY(di
.data
, other
, deps
) {
5157 Hashmap
*other_deps
;
5159 if (FLAGS_SET(~mask
, di
.origin_mask
))
5162 di
.origin_mask
&= ~mask
;
5163 unit_update_dependency_mask(deps
, other
, di
);
5165 /* We updated the dependency from our unit to the other unit now. But most
5166 * dependencies imply a reverse dependency. Hence, let's delete that one
5167 * too. For that we go through all dependency types on the other unit and
5168 * delete all those which point to us and have the right mask set. */
5170 HASHMAP_FOREACH(other_deps
, other
->dependencies
) {
5171 UnitDependencyInfo dj
;
5173 dj
.data
= hashmap_get(other_deps
, u
);
5174 if (FLAGS_SET(~mask
, dj
.destination_mask
))
5177 dj
.destination_mask
&= ~mask
;
5178 unit_update_dependency_mask(other_deps
, u
, dj
);
5181 unit_add_to_gc_queue(other
);
5183 /* The unit 'other' may not be wanted by the unit 'u'. */
5184 unit_submit_to_stop_when_unneeded_queue(other
);
5194 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5201 if (MANAGER_IS_SYSTEM(u
->manager
))
5202 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5204 _cleanup_free_
char *user_path
= NULL
;
5205 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5208 p
= strjoin(user_path
, u
->id
);
5218 static int unit_export_invocation_id(Unit
*u
) {
5219 _cleanup_free_
char *p
= NULL
;
5224 if (u
->exported_invocation_id
)
5227 if (sd_id128_is_null(u
->invocation_id
))
5230 r
= unit_get_invocation_path(u
, &p
);
5232 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5234 r
= symlink_atomic_label(u
->invocation_id_string
, p
);
5236 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5238 u
->exported_invocation_id
= true;
5242 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5250 if (u
->exported_log_level_max
)
5253 if (c
->log_level_max
< 0)
5256 assert(c
->log_level_max
<= 7);
5258 buf
[0] = '0' + c
->log_level_max
;
5261 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5262 r
= symlink_atomic(buf
, p
);
5264 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5266 u
->exported_log_level_max
= true;
5270 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5271 _cleanup_close_
int fd
= -1;
5272 struct iovec
*iovec
;
5279 if (u
->exported_log_extra_fields
)
5282 if (c
->n_log_extra_fields
<= 0)
5285 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5286 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5288 for (size_t i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5289 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5291 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5292 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5295 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5296 pattern
= strjoina(p
, ".XXXXXX");
5298 fd
= mkostemp_safe(pattern
);
5300 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5302 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5304 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5308 (void) fchmod(fd
, 0644);
5310 if (rename(pattern
, p
) < 0) {
5311 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5315 u
->exported_log_extra_fields
= true;
5319 (void) unlink(pattern
);
5323 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5324 _cleanup_free_
char *buf
= NULL
;
5331 if (u
->exported_log_ratelimit_interval
)
5334 if (c
->log_ratelimit_interval_usec
== 0)
5337 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5339 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5342 r
= symlink_atomic(buf
, p
);
5344 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5346 u
->exported_log_ratelimit_interval
= true;
5350 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5351 _cleanup_free_
char *buf
= NULL
;
5358 if (u
->exported_log_ratelimit_burst
)
5361 if (c
->log_ratelimit_burst
== 0)
5364 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5366 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5369 r
= symlink_atomic(buf
, p
);
5371 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5373 u
->exported_log_ratelimit_burst
= true;
5377 void unit_export_state_files(Unit
*u
) {
5378 const ExecContext
*c
;
5385 if (MANAGER_IS_TEST_RUN(u
->manager
))
5388 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5389 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5390 * the IPC system itself and PID 1 also log to the journal.
5392 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5393 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5394 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5395 * namespace at least.
5397 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5398 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5401 (void) unit_export_invocation_id(u
);
5403 if (!MANAGER_IS_SYSTEM(u
->manager
))
5406 c
= unit_get_exec_context(u
);
5408 (void) unit_export_log_level_max(u
, c
);
5409 (void) unit_export_log_extra_fields(u
, c
);
5410 (void) unit_export_log_ratelimit_interval(u
, c
);
5411 (void) unit_export_log_ratelimit_burst(u
, c
);
5415 void unit_unlink_state_files(Unit
*u
) {
5423 /* Undoes the effect of unit_export_state() */
5425 if (u
->exported_invocation_id
) {
5426 _cleanup_free_
char *invocation_path
= NULL
;
5427 int r
= unit_get_invocation_path(u
, &invocation_path
);
5429 (void) unlink(invocation_path
);
5430 u
->exported_invocation_id
= false;
5434 if (!MANAGER_IS_SYSTEM(u
->manager
))
5437 if (u
->exported_log_level_max
) {
5438 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5441 u
->exported_log_level_max
= false;
5444 if (u
->exported_log_extra_fields
) {
5445 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5448 u
->exported_log_extra_fields
= false;
5451 if (u
->exported_log_ratelimit_interval
) {
5452 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5455 u
->exported_log_ratelimit_interval
= false;
5458 if (u
->exported_log_ratelimit_burst
) {
5459 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5462 u
->exported_log_ratelimit_burst
= false;
5466 int unit_prepare_exec(Unit
*u
) {
5471 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5472 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5473 r
= bpf_firewall_load_custom(u
);
5477 /* Prepares everything so that we can fork of a process for this unit */
5479 (void) unit_realize_cgroup(u
);
5481 if (u
->reset_accounting
) {
5482 (void) unit_reset_accounting(u
);
5483 u
->reset_accounting
= false;
5486 unit_export_state_files(u
);
5488 r
= unit_setup_exec_runtime(u
);
5492 r
= unit_setup_dynamic_creds(u
);
5499 static bool ignore_leftover_process(const char *comm
) {
5500 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5503 int unit_log_leftover_process_start(pid_t pid
, int sig
, void *userdata
) {
5504 _cleanup_free_
char *comm
= NULL
;
5506 (void) get_process_comm(pid
, &comm
);
5508 if (ignore_leftover_process(comm
))
5511 /* During start we print a warning */
5513 log_unit_warning(userdata
,
5514 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5515 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5521 int unit_log_leftover_process_stop(pid_t pid
, int sig
, void *userdata
) {
5522 _cleanup_free_
char *comm
= NULL
;
5524 (void) get_process_comm(pid
, &comm
);
5526 if (ignore_leftover_process(comm
))
5529 /* During stop we only print an informational message */
5531 log_unit_info(userdata
,
5532 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5538 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5541 (void) unit_pick_cgroup_path(u
);
5543 if (!u
->cgroup_path
)
5546 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_func
, u
);
5549 bool unit_needs_console(Unit
*u
) {
5551 UnitActiveState state
;
5555 state
= unit_active_state(u
);
5557 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5560 if (UNIT_VTABLE(u
)->needs_console
)
5561 return UNIT_VTABLE(u
)->needs_console(u
);
5563 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5564 ec
= unit_get_exec_context(u
);
5568 return exec_context_may_touch_console(ec
);
5571 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5576 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5577 * and not a kernel thread either */
5579 /* First, a simple range check */
5580 if (!pid_is_valid(pid
))
5581 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5583 /* Some extra safety check */
5584 if (pid
== 1 || pid
== getpid_cached())
5585 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5587 /* Don't even begin to bother with kernel threads */
5588 r
= is_kernel_thread(pid
);
5590 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5592 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5594 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5599 void unit_log_success(Unit
*u
) {
5602 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5603 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5604 * a lot of devices. */
5606 MANAGER_IS_USER(u
->manager
) ? LOG_DEBUG
: LOG_INFO
,
5607 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5608 LOG_UNIT_INVOCATION_ID(u
),
5609 LOG_UNIT_MESSAGE(u
, "Deactivated successfully."));
5612 void unit_log_failure(Unit
*u
, const char *result
) {
5616 log_unit_struct(u
, LOG_WARNING
,
5617 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5618 LOG_UNIT_INVOCATION_ID(u
),
5619 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5620 "UNIT_RESULT=%s", result
);
5623 void unit_log_skip(Unit
*u
, const char *result
) {
5627 log_unit_struct(u
, LOG_INFO
,
5628 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
5629 LOG_UNIT_INVOCATION_ID(u
),
5630 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
5631 "UNIT_RESULT=%s", result
);
5634 void unit_log_process_exit(
5637 const char *command
,
5647 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5648 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5649 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5653 else if (code
== CLD_EXITED
)
5656 level
= LOG_WARNING
;
5658 log_unit_struct(u
, level
,
5659 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5660 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s%s",
5662 sigchld_code_to_string(code
), status
,
5663 strna(code
== CLD_EXITED
5664 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5665 : signal_to_string(status
)),
5666 success
? " (success)" : ""),
5667 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5668 "EXIT_STATUS=%i", status
,
5669 "COMMAND=%s", strna(command
),
5670 LOG_UNIT_INVOCATION_ID(u
));
5673 int unit_exit_status(Unit
*u
) {
5676 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5677 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5678 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5679 * service process has exited abnormally (signal/coredump). */
5681 if (!UNIT_VTABLE(u
)->exit_status
)
5684 return UNIT_VTABLE(u
)->exit_status(u
);
5687 int unit_failure_action_exit_status(Unit
*u
) {
5692 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5694 if (u
->failure_action_exit_status
>= 0)
5695 return u
->failure_action_exit_status
;
5697 r
= unit_exit_status(u
);
5698 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5704 int unit_success_action_exit_status(Unit
*u
) {
5709 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5711 if (u
->success_action_exit_status
>= 0)
5712 return u
->success_action_exit_status
;
5714 r
= unit_exit_status(u
);
5715 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5721 int unit_test_trigger_loaded(Unit
*u
) {
5724 /* Tests whether the unit to trigger is loaded */
5726 trigger
= UNIT_TRIGGER(u
);
5728 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5729 "Refusing to start, no unit to trigger.");
5730 if (trigger
->load_state
!= UNIT_LOADED
)
5731 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5732 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
5737 void unit_destroy_runtime_data(Unit
*u
, const ExecContext
*context
) {
5741 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
||
5742 (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
&& !unit_will_restart(u
)))
5743 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
5745 exec_context_destroy_credentials(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
], u
->id
);
5748 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
5749 UnitActiveState state
;
5753 /* Special return values:
5755 * -EOPNOTSUPP → cleaning not supported for this unit type
5756 * -EUNATCH → cleaning not defined for this resource type
5757 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5758 * a job queued or similar
5761 if (!UNIT_VTABLE(u
)->clean
)
5767 if (u
->load_state
!= UNIT_LOADED
)
5773 state
= unit_active_state(u
);
5774 if (!IN_SET(state
, UNIT_INACTIVE
))
5777 return UNIT_VTABLE(u
)->clean(u
, mask
);
5780 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
5783 if (!UNIT_VTABLE(u
)->clean
||
5784 u
->load_state
!= UNIT_LOADED
) {
5789 /* When the clean() method is set, can_clean() really should be set too */
5790 assert(UNIT_VTABLE(u
)->can_clean
);
5792 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
5795 bool unit_can_freeze(Unit
*u
) {
5798 if (UNIT_VTABLE(u
)->can_freeze
)
5799 return UNIT_VTABLE(u
)->can_freeze(u
);
5801 return UNIT_VTABLE(u
)->freeze
;
5804 void unit_frozen(Unit
*u
) {
5807 u
->freezer_state
= FREEZER_FROZEN
;
5809 bus_unit_send_pending_freezer_message(u
);
5812 void unit_thawed(Unit
*u
) {
5815 u
->freezer_state
= FREEZER_RUNNING
;
5817 bus_unit_send_pending_freezer_message(u
);
5820 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
5822 int (*method
)(Unit
*);
5826 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
5828 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
5829 if (!method
|| !cg_freezer_supported())
5835 if (u
->load_state
!= UNIT_LOADED
)
5838 s
= unit_active_state(u
);
5839 if (s
!= UNIT_ACTIVE
)
5842 if (IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
))
5849 assert(IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
));
5854 int unit_freeze(Unit
*u
) {
5855 return unit_freezer_action(u
, FREEZER_FREEZE
);
5858 int unit_thaw(Unit
*u
) {
5859 return unit_freezer_action(u
, FREEZER_THAW
);
5862 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
5863 int unit_freeze_vtable_common(Unit
*u
) {
5864 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
5867 int unit_thaw_vtable_common(Unit
*u
) {
5868 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
5871 Condition
*unit_find_failed_condition(Unit
*u
) {
5872 Condition
*failed_trigger
= NULL
;
5873 bool has_succeeded_trigger
= false;
5875 if (u
->condition_result
)
5878 LIST_FOREACH(conditions
, c
, u
->conditions
)
5880 if (c
->result
== CONDITION_SUCCEEDED
)
5881 has_succeeded_trigger
= true;
5882 else if (!failed_trigger
)
5884 } else if (c
->result
!= CONDITION_SUCCEEDED
)
5887 return failed_trigger
&& !has_succeeded_trigger
? failed_trigger
: NULL
;
5890 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5891 [COLLECT_INACTIVE
] = "inactive",
5892 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5895 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);
5897 Unit
* unit_has_dependency(const Unit
*u
, UnitDependencyAtom atom
, Unit
*other
) {
5902 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5903 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5904 * is NULL the first entry found), or NULL if not found. */
5906 UNIT_FOREACH_DEPENDENCY(i
, u
, atom
)
5907 if (!other
|| other
== i
)
5913 int unit_get_dependency_array(const Unit
*u
, UnitDependencyAtom atom
, Unit
***ret_array
) {
5914 _cleanup_free_ Unit
**array
= NULL
;
5921 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5922 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
5923 * while the dependency table is continuously updated. */
5925 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
5926 if (!GREEDY_REALLOC(array
, n
+ 1))
5932 *ret_array
= TAKE_PTR(array
);
5934 assert(n
<= INT_MAX
);
5938 const ActivationDetailsVTable
* const activation_details_vtable
[_UNIT_TYPE_MAX
] = {
5939 [UNIT_PATH
] = &activation_details_path_vtable
,
5940 [UNIT_TIMER
] = &activation_details_timer_vtable
,
5943 ActivationDetails
*activation_details_new(Unit
*trigger_unit
) {
5944 _cleanup_free_ ActivationDetails
*details
= NULL
;
5946 assert(trigger_unit
);
5947 assert(trigger_unit
->type
!= _UNIT_TYPE_INVALID
);
5948 assert(trigger_unit
->id
);
5950 details
= malloc0(activation_details_vtable
[trigger_unit
->type
]->object_size
);
5954 *details
= (ActivationDetails
) {
5956 .trigger_unit_type
= trigger_unit
->type
,
5959 details
->trigger_unit_name
= strdup(trigger_unit
->id
);
5960 if (!details
->trigger_unit_name
)
5963 if (ACTIVATION_DETAILS_VTABLE(details
)->init
)
5964 ACTIVATION_DETAILS_VTABLE(details
)->init(details
, trigger_unit
);
5966 return TAKE_PTR(details
);
5969 static ActivationDetails
*activation_details_free(ActivationDetails
*details
) {
5973 if (ACTIVATION_DETAILS_VTABLE(details
)->done
)
5974 ACTIVATION_DETAILS_VTABLE(details
)->done(details
);
5976 free(details
->trigger_unit_name
);
5978 return mfree(details
);
5981 void activation_details_serialize(ActivationDetails
*details
, FILE *f
) {
5982 if (!details
|| details
->trigger_unit_type
== _UNIT_TYPE_INVALID
)
5985 (void) serialize_item(f
, "activation-details-unit-type", unit_type_to_string(details
->trigger_unit_type
));
5986 if (details
->trigger_unit_name
)
5987 (void) serialize_item(f
, "activation-details-unit-name", details
->trigger_unit_name
);
5988 if (ACTIVATION_DETAILS_VTABLE(details
)->serialize
)
5989 ACTIVATION_DETAILS_VTABLE(details
)->serialize(details
, f
);
5992 int activation_details_deserialize(const char *key
, const char *value
, ActivationDetails
**details
) {
6000 if (!streq(key
, "activation-details-unit-type"))
6003 t
= unit_type_from_string(value
);
6004 if (t
== _UNIT_TYPE_INVALID
)
6007 *details
= malloc0(activation_details_vtable
[t
]->object_size
);
6011 **details
= (ActivationDetails
) {
6013 .trigger_unit_type
= t
,
6019 if (streq(key
, "activation-details-unit-name")) {
6020 (*details
)->trigger_unit_name
= strdup(value
);
6021 if (!(*details
)->trigger_unit_name
)
6027 if (ACTIVATION_DETAILS_VTABLE(*details
)->deserialize
)
6028 return ACTIVATION_DETAILS_VTABLE(*details
)->deserialize(key
, value
, details
);
6033 int activation_details_append_env(ActivationDetails
*details
, char ***strv
) {
6041 if (!isempty(details
->trigger_unit_name
)) {
6042 char *s
= strjoin("TRIGGER_UNIT=", details
->trigger_unit_name
);
6046 r
= strv_consume(strv
, TAKE_PTR(s
));
6051 if (ACTIVATION_DETAILS_VTABLE(details
)->append_env
) {
6052 r
= ACTIVATION_DETAILS_VTABLE(details
)->append_env(details
, strv
);
6057 return r
+ !isempty(details
->trigger_unit_name
); /* Return the number of variables added to the env block */
6060 int activation_details_append_pair(ActivationDetails
*details
, char ***strv
) {
6068 if (!isempty(details
->trigger_unit_name
)) {
6069 r
= strv_extend(strv
, "trigger_unit");
6073 r
= strv_extend(strv
, details
->trigger_unit_name
);
6078 if (ACTIVATION_DETAILS_VTABLE(details
)->append_env
) {
6079 r
= ACTIVATION_DETAILS_VTABLE(details
)->append_pair(details
, strv
);
6084 return r
+ !isempty(details
->trigger_unit_name
); /* Return the number of pairs added to the strv */
6087 DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails
, activation_details
, activation_details_free
);