]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/scope.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #29458 from poettering/serialize-pidref
[thirdparty/systemd.git] / src / core / scope.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
6c12b52e
LP		 2
3#include <errno.h>
6c12b52e
LP		 4#include <unistd.h>
5
b5efdb8a 6#include "alloc-util.h"
dafb4063 7#include "cgroup-setup.h"
07630cea 8#include "dbus-scope.h"
6fcbec6f 9#include "dbus-unit.h"
03860190 10#include "exit-status.h"
07630cea 11#include "load-dropin.h"
6c12b52e 12#include "log.h"
428a9f6f 13#include "process-util.h"
5918a933 14#include "random-util.h"
b5efdb8a 15#include "scope.h"
d68c645b 16#include "serialize.h"
6c12b52e 17#include "special.h"
8b43440b 18#include "string-table.h"
07630cea
LP		 19#include "string-util.h"
20#include "strv.h"
6c12b52e 21#include "unit-name.h"
efdb0237 22#include "unit.h"
03860190 23#include "user-util.h"
6c12b52e
LP		 24
25static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
26 [SCOPE_DEAD] = UNIT_INACTIVE,
03860190 27 [SCOPE_START_CHOWN] = UNIT_ACTIVATING,
6c12b52e 28 [SCOPE_RUNNING] = UNIT_ACTIVE,
a911bb9a 29 [SCOPE_ABANDONED] = UNIT_ACTIVE,
6c12b52e
LP		 30 [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
31 [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
fff7c34c 32 [SCOPE_FAILED] = UNIT_FAILED,
6c12b52e
LP		 33};
34
718db961
LP		 35static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
36
6c12b52e
LP		 37static void scope_init(Unit *u) {
38 Scope *s = SCOPE(u);
39
40 assert(u);
41 assert(u->load_state == UNIT_STUB);
42
9ed7de60 43 s->runtime_max_usec = USEC_INFINITY;
c9e120e0 44 s->timeout_stop_usec = u->manager->defaults.timeout_stop_usec;
1b4cd0cf 45 u->ignore_on_isolate = true;
03860190 46 s->user = s->group = NULL;
5fa09835 47 s->oom_policy = _OOM_POLICY_INVALID;
6c12b52e
LP		 48}
49
50static void scope_done(Unit *u) {
51 Scope *s = SCOPE(u);
52
53 assert(u);
54
371c0b79
LP		 55 s->controller = mfree(s->controller);
56 s->controller_track = sd_bus_track_unref(s->controller_track);
2d4a39e7 57
5dcadb4c 58 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
03860190
MS		 59
60 s->user = mfree(s->user);
61 s->group = mfree(s->group);
718db961
LP		 62}
63
ecea250d 64static usec_t scope_running_timeout(Scope *s) {
5918a933
AB		 65 usec_t delta = 0;
66
67 assert(s);
68
69 if (s->runtime_rand_extra_usec != 0) {
70 delta = random_u64_range(s->runtime_rand_extra_usec);
71 log_unit_debug(UNIT(s), "Adding delta of %s sec to timeout", FORMAT_TIMESPAN(delta, USEC_PER_SEC));
72 }
73
74 return usec_add(usec_add(UNIT(s)->active_enter_timestamp.monotonic,
75 s->runtime_max_usec),
76 delta);
77}
78
e9276800 79static int scope_arm_timer(Scope *s, bool relative, usec_t usec) {
718db961
LP		 80 assert(s);
81
e9276800 82 return unit_arm_timer(UNIT(s), &s->timer_event_source, relative, usec, scope_dispatch_timer);
6c12b52e
LP		 83}
84
85static void scope_set_state(Scope *s, ScopeState state) {
86 ScopeState old_state;
87 assert(s);
88
6fcbec6f
LP		 89 if (s->state != state)
90 bus_unit_send_pending_change_signal(UNIT(s), false);
91
6c12b52e
LP		 92 old_state = s->state;
93 s->state = state;
94
e1f85b49 95 if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL, SCOPE_START_CHOWN, SCOPE_RUNNING))
5dcadb4c 96 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
6c12b52e 97
05d1630e 98 if (!IN_SET(old_state, SCOPE_DEAD, SCOPE_FAILED) && IN_SET(state, SCOPE_DEAD, SCOPE_FAILED)) {
a911bb9a 99 unit_unwatch_all_pids(UNIT(s));
50be4f4a
LP		 100 unit_dequeue_rewatch_pids(UNIT(s));
101 }
a911bb9a 102
6c12b52e 103 if (state != old_state)
a911bb9a 104 log_debug("%s changed %s -> %s", UNIT(s)->id, scope_state_to_string(old_state), scope_state_to_string(state));
6c12b52e 105
96b09de5 106 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], /* reload_success = */ true);
6c12b52e
LP		 107}
108
109static int scope_add_default_dependencies(Scope *s) {
3835b9aa
LB		 110 int r;
111
6c12b52e
LP		 112 assert(s);
113
4c9ea260
LP		 114 if (!UNIT(s)->default_dependencies)
115 return 0;
116
6c12b52e 117 /* Make sure scopes are unloaded on shutdown */
3835b9aa
LB		 118 r = unit_add_two_dependencies_by_name(
119 UNIT(s),
120 UNIT_BEFORE, UNIT_CONFLICTS,
121 SPECIAL_SHUTDOWN_TARGET, true,
122 UNIT_DEPENDENCY_DEFAULT);
123 if (r < 0)
124 return r;
125
126 return 0;
6c12b52e
LP		 127}
128
129static int scope_verify(Scope *s) {
130 assert(s);
75193d41 131 assert(UNIT(s)->load_state == UNIT_LOADED);
6c12b52e 132
efdb0237 133 if (set_isempty(UNIT(s)->pids) &&
2c289ea8 134 !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
d85ff944
YW		 135 !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
136 return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOENT), "Scope has no PIDs. Refusing.");
6c12b52e
LP		 137
138 return 0;
139}
140
8e4e851f
LP		 141static int scope_load_init_scope(Unit *u) {
142 assert(u);
143
144 if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
145 return 0;
146
147 u->transient = true;
f5869324 148 u->perpetual = true;
8e4e851f
LP		 149
150 /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
151 * synthesize it here, instead of relying on the unit file on disk. */
152
153 u->default_dependencies = false;
8e4e851f
LP		 154
155 /* Prettify things, if we can. */
156 if (!u->description)
157 u->description = strdup("System and Service Manager");
158 if (!u->documentation)
159 (void) strv_extend(&u->documentation, "man:systemd(1)");
160
161 return 1;
162}
163
75193d41
ZJS		 164static int scope_add_extras(Scope *s) {
165 int r;
166
167 r = unit_patch_contexts(UNIT(s));
168 if (r < 0)
169 return r;
170
171 r = unit_set_default_slice(UNIT(s));
172 if (r < 0)
173 return r;
174
5fa09835 175 if (s->oom_policy < 0)
c9e120e0 176 s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->defaults.oom_policy;
5fa09835
ML		 177
178 s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
179
75193d41
ZJS		 180 return scope_add_default_dependencies(s);
181}
182
6c12b52e
LP		 183static int scope_load(Unit *u) {
184 Scope *s = SCOPE(u);
185 int r;
186
187 assert(s);
188 assert(u->load_state == UNIT_STUB);
189
2c289ea8 190 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
4f4afc88 191 /* Refuse to load non-transient scope units, but allow them while reloading. */
6c12b52e
LP		 192 return -ENOENT;
193
8e4e851f
LP		 194 r = scope_load_init_scope(u);
195 if (r < 0)
196 return r;
c3620770
ZJS		 197
198 r = unit_load_fragment_and_dropin(u, false);
6c12b52e
LP		 199 if (r < 0)
200 return r;
201
75193d41
ZJS		 202 if (u->load_state != UNIT_LOADED)
203 return 0;
6c12b52e 204
75193d41
ZJS		 205 r = scope_add_extras(s);
206 if (r < 0)
207 return r;
6c12b52e
LP		 208
209 return scope_verify(s);
210}
211
7508f7f2
PW		 212static usec_t scope_coldplug_timeout(Scope *s) {
213 assert(s);
214
215 switch (s->deserialized_state) {
216
9ed7de60 217 case SCOPE_RUNNING:
5918a933 218 return scope_running_timeout(s);
9ed7de60 219
7508f7f2
PW		 220 case SCOPE_STOP_SIGKILL:
221 case SCOPE_STOP_SIGTERM:
222 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
223
224 default:
225 return USEC_INFINITY;
226 }
227}
228
be847e82 229static int scope_coldplug(Unit *u) {
6c12b52e
LP		 230 Scope *s = SCOPE(u);
231 int r;
232
233 assert(s);
234 assert(s->state == SCOPE_DEAD);
235
36c16a7c
LP		 236 if (s->deserialized_state == s->state)
237 return 0;
a911bb9a 238
e9276800 239 r = scope_arm_timer(s, /* relative= */ false, scope_coldplug_timeout(s));
7508f7f2
PW		 240 if (r < 0)
241 return r;
6c12b52e 242
428a9f6f
FB		 243 if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED)) {
244 if (u->pids) {
495e75ed 245 PidRef *pid;
428a9f6f 246
495e75ed
LP		 247 SET_FOREACH(pid, u->pids) {
248 r = unit_watch_pidref(u, pid, /* exclusive= */ false);
428a9f6f
FB		 249 if (r < 0 && r != -EEXIST)
250 return r;
251 }
252 } else
253 (void) unit_enqueue_rewatch_pids(u);
254 }
36c16a7c 255
371c0b79
LP		 256 bus_scope_track_controller(s);
257
36c16a7c 258 scope_set_state(s, s->deserialized_state);
6c12b52e
LP		 259 return 0;
260}
261
262static void scope_dump(Unit *u, FILE *f, const char *prefix) {
263 Scope *s = SCOPE(u);
264
265 assert(s);
266 assert(f);
267
268 fprintf(f,
269 "%sScope State: %s\n"
9ed7de60 270 "%sResult: %s\n"
5918a933 271 "%sRuntimeMaxSec: %s\n"
5fa09835
ML		 272 "%sRuntimeRandomizedExtraSec: %s\n"
273 "%sOOMPolicy: %s\n",
6c12b52e 274 prefix, scope_state_to_string(s->state),
9ed7de60 275 prefix, scope_result_to_string(s->result),
5918a933 276 prefix, FORMAT_TIMESPAN(s->runtime_max_usec, USEC_PER_SEC),
5fa09835
ML		 277 prefix, FORMAT_TIMESPAN(s->runtime_rand_extra_usec, USEC_PER_SEC),
278 prefix, oom_policy_to_string(s->oom_policy));
6c12b52e 279
bc0623df 280 cgroup_context_dump(UNIT(s), f, prefix);
6c12b52e
LP		 281 kill_context_dump(&s->kill_context, f, prefix);
282}
283
284static void scope_enter_dead(Scope *s, ScopeResult f) {
285 assert(s);
286
a0fef983 287 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 288 s->result = f;
289
aac99f30 290 unit_log_result(UNIT(s), s->result == SCOPE_SUCCESS, scope_result_to_string(s->result));
6c12b52e
LP		 291 scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
292}
293
294static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
2d4a39e7 295 bool skip_signal = false;
6c12b52e
LP		 296 int r;
297
298 assert(s);
299
a0fef983 300 if (s->result == SCOPE_SUCCESS)
6c12b52e
LP		 301 s->result = f;
302
50be4f4a
LP		 303 /* Before sending any signal, make sure we track all members of this cgroup */
304 (void) unit_watch_all_pids(UNIT(s));
305
306 /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
307 * died now */
308 (void) unit_enqueue_rewatch_pids(UNIT(s));
a911bb9a 309
371c0b79
LP		 310 /* If we have a controller set let's ask the controller nicely to terminate the scope, instead of us going
311 * directly into SIGTERM berserk mode */
2d4a39e7
LP		 312 if (state == SCOPE_STOP_SIGTERM)
313 skip_signal = bus_scope_send_request_stop(s) > 0;
314
59ec09a8
ZJS		 315 if (skip_signal)
316 r = 1; /* wait */
317 else {
2d4a39e7
LP		 318 r = unit_kill_context(
319 UNIT(s),
320 &s->kill_context,
3862e809
LP		 321 state != SCOPE_STOP_SIGTERM ? KILL_KILL :
322 s->was_abandoned ? KILL_TERMINATE_AND_LOG :
323 KILL_TERMINATE,
7901288a
LP		 324 /* main_pid= */ NULL,
325 /* control_pid= */ NULL,
326 /* main_pid_alien= */ false);
c5acfe18
LP		 327 if (r < 0) {
328 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
2d4a39e7 329 goto fail;
c5acfe18 330 }
59ec09a8 331 }
6c12b52e
LP		 332
333 if (r > 0) {
e9276800 334 r = scope_arm_timer(s, /* relative= */ true, s->timeout_stop_usec);
c5acfe18
LP		 335 if (r < 0) {
336 log_unit_warning_errno(UNIT(s), r, "Failed to install timer: %m");
718db961 337 goto fail;
c5acfe18 338 }
6c12b52e
LP		 339
340 scope_set_state(s, state);
ac84d1fb
LP		 341 } else if (state == SCOPE_STOP_SIGTERM)
342 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
343 else
6c12b52e
LP		 344 scope_enter_dead(s, SCOPE_SUCCESS);
345
346 return;
347
348fail:
6c12b52e
LP		 349 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
350}
351
03860190 352static int scope_enter_start_chown(Scope *s) {
4775b55d 353 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
03860190 354 Unit *u = UNIT(s);
6c12b52e
LP		 355 int r;
356
357 assert(s);
03860190 358 assert(s->user);
6c12b52e 359
e9276800 360 r = scope_arm_timer(s, /* relative= */ true, u->manager->defaults.timeout_start_usec);
03860190
MS		 361 if (r < 0)
362 return r;
efdb0237 363
4775b55d 364 r = unit_fork_helper_process(u, "(sd-chown-cgroup)", &pidref);
03860190
MS		 365 if (r < 0)
366 goto fail;
7b617155 367
03860190
MS		 368 if (r == 0) {
369 uid_t uid = UID_INVALID;
370 gid_t gid = GID_INVALID;
6c12b52e 371
03860190
MS		 372 if (!isempty(s->user)) {
373 const char *user = s->user;
6c12b52e 374
03860190
MS		 375 r = get_user_creds(&user, &uid, &gid, NULL, NULL, 0);
376 if (r < 0) {
377 log_unit_error_errno(UNIT(s), r, "Failed to resolve user \"%s\": %m", user);
378 _exit(EXIT_USER);
379 }
380 }
381
382 if (!isempty(s->group)) {
383 const char *group = s->group;
384
385 r = get_group_creds(&group, &gid, 0);
386 if (r < 0) {
387 log_unit_error_errno(UNIT(s), r, "Failed to resolve group \"%s\": %m", group);
388 _exit(EXIT_GROUP);
389 }
390 }
391
392 r = cg_set_access(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, uid, gid);
393 if (r < 0) {
394 log_unit_error_errno(UNIT(s), r, "Failed to adjust control group access: %m");
395 _exit(EXIT_CGROUP);
396 }
397
398 _exit(EXIT_SUCCESS);
399 }
400
495e75ed 401 r = unit_watch_pidref(UNIT(s), &pidref, /* exclusive= */ true);
03860190
MS		 402 if (r < 0)
403 goto fail;
404
405 scope_set_state(s, SCOPE_START_CHOWN);
406
407 return 1;
408fail:
409 s->timer_event_source = sd_event_source_disable_unref(s->timer_event_source);
410 return r;
411}
412
413static int scope_enter_running(Scope *s) {
414 Unit *u = UNIT(s);
415 int r;
416
417 assert(s);
6c12b52e 418
371c0b79
LP		 419 (void) bus_scope_track_controller(s);
420
4b58153d
LP		 421 r = unit_acquire_invocation_id(u);
422 if (r < 0)
423 return r;
424
01542056 425 unit_export_state_files(u);
d3070fbd 426
01542056 427 r = unit_attach_pids_to_cgroup(u, u->pids, NULL);
dd305ec9 428 if (r < 0) {
01542056 429 log_unit_warning_errno(u, r, "Failed to add PIDs to scope's control group: %m");
648cb024 430 goto fail;
dd305ec9 431 }
8d3e4ac7 432 if (r == 0) {
648cb024
LP		 433 r = log_unit_warning_errno(u, SYNTHETIC_ERRNO(ECHILD), "No PIDs left to attach to the scope's control group, refusing.");
434 goto fail;
8d3e4ac7
LP		 435 }
436 log_unit_debug(u, "%i %s added to scope's control group.", r, r == 1 ? "process" : "processes");
6c12b52e 437
6c12b52e
LP		 438 s->result = SCOPE_SUCCESS;
439
440 scope_set_state(s, SCOPE_RUNNING);
b91ada2a 441
9ed7de60 442 /* Set the maximum runtime timeout. */
e9276800 443 scope_arm_timer(s, /* relative= */ false, scope_running_timeout(s));
9ed7de60 444
e9eec8b5
FB		 445 /* On unified we use proper notifications hence we can unwatch the PIDs
446 * we just attached to the scope. This can also be done on legacy as
447 * we're going to update the list of the processes we watch with the
448 * PIDs currently in the scope anyway. */
449 unit_unwatch_all_pids(u);
450
451 /* Start watching the PIDs currently in the scope (legacy hierarchy only) */
01542056 452 (void) unit_enqueue_rewatch_pids(u);
82a2b6bb 453 return 1;
648cb024
LP		 454
455fail:
456 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
457 return r;
6c12b52e
LP		 458}
459
03860190
MS		 460static int scope_start(Unit *u) {
461 Scope *s = SCOPE(u);
462
463 assert(s);
464
465 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
466 return -EPERM;
467
468 if (s->state == SCOPE_FAILED)
469 return -EPERM;
470
471 /* We can't fulfill this right now, please try again later */
472 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
473 return -EAGAIN;
474
475 assert(s->state == SCOPE_DEAD);
476
477 if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
478 return -ENOENT;
479
480 (void) unit_realize_cgroup(u);
481 (void) unit_reset_accounting(u);
482
483 /* We check only for User= option to keep behavior consistent with logic for service units,
5c19169f 484 * i.e. having 'Delegate=true Group=foo' w/o specifying User= has no effect. */
03860190
MS		 485 if (s->user && unit_cgroup_delegate(u))
486 return scope_enter_start_chown(s);
487
488 return scope_enter_running(s);
489}
490
6c12b52e
LP		 491static int scope_stop(Unit *u) {
492 Scope *s = SCOPE(u);
493
494 assert(s);
6c12b52e 495
3742095b 496 if (IN_SET(s->state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
6c12b52e
LP		 497 return 0;
498
3742095b 499 assert(IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED));
6c12b52e
LP		 500
501 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
82a2b6bb 502 return 1;
6c12b52e
LP		 503}
504
8bcca7e2
LP		 505static void scope_reset_failed(Unit *u) {
506 Scope *s = SCOPE(u);
507
508 assert(s);
509
510 if (s->state == SCOPE_FAILED)
511 scope_set_state(s, SCOPE_DEAD);
512
513 s->result = SCOPE_SUCCESS;
514}
515
7a7821c8 516static int scope_get_timeout(Unit *u, usec_t *timeout) {
68db7a3b 517 Scope *s = SCOPE(u);
7a7821c8 518 usec_t t;
68db7a3b
ZJS		 519 int r;
520
521 if (!s->timer_event_source)
522 return 0;
523
7a7821c8 524 r = sd_event_source_get_time(s->timer_event_source, &t);
68db7a3b
ZJS		 525 if (r < 0)
526 return r;
7a7821c8
LP		 527 if (t == USEC_INFINITY)
528 return 0;
68db7a3b 529
7a7821c8 530 *timeout = t;
68db7a3b
ZJS		 531 return 1;
532}
533
6c12b52e
LP		 534static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
535 Scope *s = SCOPE(u);
495e75ed 536 PidRef *pid;
6c12b52e
LP		 537
538 assert(s);
539 assert(f);
540 assert(fds);
541
d68c645b
LP		 542 (void) serialize_item(f, "state", scope_state_to_string(s->state));
543 (void) serialize_bool(f, "was-abandoned", s->was_abandoned);
33fe0afe
LP		 544
545 if (s->controller)
d68c645b 546 (void) serialize_item(f, "controller", s->controller);
33fe0afe 547
495e75ed 548 SET_FOREACH(pid, u->pids)
2a7451dc 549 serialize_pidref(f, fds, "pids", pid);
428a9f6f 550
6c12b52e
LP		 551 return 0;
552}
553
554static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
555 Scope *s = SCOPE(u);
33fe0afe 556 int r;
6c12b52e
LP		 557
558 assert(u);
559 assert(key);
560 assert(value);
561 assert(fds);
562
563 if (streq(key, "state")) {
564 ScopeState state;
565
566 state = scope_state_from_string(value);
567 if (state < 0)
f2341e0a 568 log_unit_debug(u, "Failed to parse state value: %s", value);
6c12b52e
LP		 569 else
570 s->deserialized_state = state;
571
3862e809
LP		 572 } else if (streq(key, "was-abandoned")) {
573 int k;
574
575 k = parse_boolean(value);
576 if (k < 0)
577 log_unit_debug(u, "Failed to parse boolean value: %s", value);
578 else
579 s->was_abandoned = k;
33fe0afe
LP		 580 } else if (streq(key, "controller")) {
581
582 r = free_and_strdup(&s->controller, value);
583 if (r < 0)
d68c645b 584 return log_oom();
33fe0afe 585
428a9f6f 586 } else if (streq(key, "pids")) {
2a7451dc 587 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
495e75ed 588
2a7451dc
LP		 589 if (deserialize_pidref(fds, value, &pidref) >= 0) {
590 r = unit_watch_pidref(u, &pidref, /* exclusive= */ false);
591 if (r < 0)
592 log_unit_debug(u, "Failed to watch PID, ignoring: %s", value);
593 }
6c12b52e 594 } else
f2341e0a 595 log_unit_debug(u, "Unknown serialization key: %s", key);
6c12b52e
LP		 596
597 return 0;
598}
599
a911bb9a
LP		 600static void scope_notify_cgroup_empty_event(Unit *u) {
601 Scope *s = SCOPE(u);
602 assert(u);
603
f2341e0a 604 log_unit_debug(u, "cgroup is empty");
a911bb9a
LP		 605
606 if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
607 scope_enter_dead(s, SCOPE_SUCCESS);
608}
609
7238fd51 610static void scope_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
611 Scope *s = SCOPE(u);
612
613 if (managed_oom)
614 log_unit_debug(u, "Process(es) of control group were killed by systemd-oomd.");
615 else
616 log_unit_debug(u, "Process of control group was killed by the OOM killer.");
617
5fa09835
ML		 618 if (s->oom_policy == OOM_CONTINUE)
619 return;
620
7238fd51 621 switch (s->state) {
622
623 case SCOPE_START_CHOWN:
624 case SCOPE_RUNNING:
5fa09835
ML		 625 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_OOM_KILL);
626 break;
627
7238fd51 628 case SCOPE_STOP_SIGTERM:
629 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_OOM_KILL);
630 break;
631
632 case SCOPE_STOP_SIGKILL:
633 if (s->result == SCOPE_SUCCESS)
634 s->result = SCOPE_FAILURE_OOM_KILL;
635 break;
636 /* SCOPE_DEAD, SCOPE_ABANDONED, and SCOPE_FAILED end up in default */
637 default:
638 ;
639 }
640}
641
a911bb9a 642static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
03860190
MS		 643 Scope *s = SCOPE(u);
644
645 assert(s);
646
647 if (s->state == SCOPE_START_CHOWN) {
648 if (!is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
649 scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
650 else
651 scope_enter_running(s);
652 return;
653 }
a911bb9a 654
11aef522
LP		 655 /* If we get a SIGCHLD event for one of the processes we were interested in, then we look for others to
656 * watch, under the assumption that we'll sooner or later get a SIGCHLD for them, as the original
657 * process we watched was probably the parent of them, and they are hence now our children. */
a911bb9a 658
50be4f4a 659 (void) unit_enqueue_rewatch_pids(u);
a911bb9a
LP		 660}
661
718db961
LP		 662static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
663 Scope *s = SCOPE(userdata);
6c12b52e
LP		 664
665 assert(s);
718db961 666 assert(s->timer_event_source == source);
6c12b52e
LP		 667
668 switch (s->state) {
669
9ed7de60
PW		 670 case SCOPE_RUNNING:
671 log_unit_warning(UNIT(s), "Scope reached runtime time limit. Stopping.");
672 scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_FAILURE_TIMEOUT);
673 break;
674
6c12b52e
LP		 675 case SCOPE_STOP_SIGTERM:
676 if (s->kill_context.send_sigkill) {
f2341e0a 677 log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
6c12b52e
LP		 678 scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
679 } else {
f2341e0a 680 log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
6c12b52e
LP		 681 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
682 }
683
684 break;
685
686 case SCOPE_STOP_SIGKILL:
f2341e0a 687 log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
6c12b52e
LP		 688 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
689 break;
690
03860190
MS		 691 case SCOPE_START_CHOWN:
692 log_unit_warning(UNIT(s), "User lookup timed out. Entering failed state.");
693 scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
694 break;
695
6c12b52e 696 default:
04499a70 697 assert_not_reached();
6c12b52e 698 }
718db961
LP		 699
700 return 0;
6c12b52e
LP		 701}
702
a911bb9a
LP		 703int scope_abandon(Scope *s) {
704 assert(s);
6c12b52e 705
efdb0237
LP		 706 if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
707 return -EPERM;
708
a911bb9a
LP		 709 if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
710 return -ESTALE;
6c12b52e 711
3862e809 712 s->was_abandoned = true;
371c0b79 713
a1e58e8e 714 s->controller = mfree(s->controller);
371c0b79
LP		 715 s->controller_track = sd_bus_track_unref(s->controller_track);
716
8cb83266 717 scope_set_state(s, SCOPE_ABANDONED);
6c12b52e 718
50be4f4a
LP		 719 /* The client is no longer watching the remaining processes, so let's step in here, under the assumption that
720 * the remaining processes will be sooner or later reassigned to us as parent. */
721 (void) unit_enqueue_rewatch_pids(UNIT(s));
6c12b52e 722
a911bb9a 723 return 0;
6c12b52e
LP		 724}
725
d1e8e8b5 726static UnitActiveState scope_active_state(Unit *u) {
6c12b52e
LP		 727 assert(u);
728
729 return state_translation_table[SCOPE(u)->state];
730}
731
d1e8e8b5 732static const char *scope_sub_state_to_string(Unit *u) {
6c12b52e
LP		 733 assert(u);
734
735 return scope_state_to_string(SCOPE(u)->state);
736}
737
04eb582a 738static void scope_enumerate_perpetual(Manager *m) {
efdb0237
LP		 739 Unit *u;
740 int r;
741
742 assert(m);
743
744 /* Let's unconditionally add the "init.scope" special unit
745 * that encapsulates PID 1. Note that PID 1 already is in the
746 * cgroup for this, we hence just need to allocate the object
747 * for it and that's it. */
748
749 u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
750 if (!u) {
a581e45a 751 r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
efdb0237 752 if (r < 0) {
a581e45a 753 log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
ba64af90 754 return;
efdb0237
LP		 755 }
756 }
757
758 u->transient = true;
f5869324 759 u->perpetual = true;
efdb0237 760 SCOPE(u)->deserialized_state = SCOPE_RUNNING;
efdb0237
LP		 761
762 unit_add_to_load_queue(u);
763 unit_add_to_dbus_queue(u);
020b2e41
LB		 764 /* Enqueue an explicit cgroup realization here. Unlike other cgroups this one already exists and is
765 * populated (by us, after all!) already, even when we are not in a reload cycle. Hence we cannot
766 * apply the settings at creation time anymore, but let's at least apply them asynchronously. */
767 unit_add_to_cgroup_realize_queue(u);
efdb0237
LP		 768}
769
6c12b52e 770static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
48d83e33 771 [SCOPE_SUCCESS] = "success",
6c12b52e 772 [SCOPE_FAILURE_RESOURCES] = "resources",
48d83e33 773 [SCOPE_FAILURE_TIMEOUT] = "timeout",
7238fd51 774 [SCOPE_FAILURE_OOM_KILL] = "oom-kill",
6c12b52e
LP		 775};
776
777DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
778
779const UnitVTable scope_vtable = {
780 .object_size = sizeof(Scope),
718db961
LP		 781 .cgroup_context_offset = offsetof(Scope, cgroup_context),
782 .kill_context_offset = offsetof(Scope, kill_context),
783
6c12b52e
LP		 784 .sections =
785 "Unit\0"
786 "Scope\0"
787 "Install\0",
6c12b52e 788 .private_section = "Scope",
6c12b52e 789
700e2d63 790 .can_transient = true,
1d9cc876 791 .can_delegate = true,
c80a9a33 792 .can_fail = true,
d4fd1cf2 793 .once_only = true,
4d824a4e 794 .can_set_managed_oom = true,
6c12b52e
LP		 795
796 .init = scope_init,
797 .load = scope_load,
798 .done = scope_done,
799
800 .coldplug = scope_coldplug,
801
802 .dump = scope_dump,
803
804 .start = scope_start,
805 .stop = scope_stop,
806
d9e45bc3
MS		 807 .freeze = unit_freeze_vtable_common,
808 .thaw = unit_thaw_vtable_common,
809
68db7a3b
ZJS		 810 .get_timeout = scope_get_timeout,
811
6c12b52e
LP		 812 .serialize = scope_serialize,
813 .deserialize_item = scope_deserialize_item,
814
815 .active_state = scope_active_state,
816 .sub_state_to_string = scope_sub_state_to_string,
817
a911bb9a
LP		 818 .sigchld_event = scope_sigchld_event,
819
8bcca7e2
LP		 820 .reset_failed = scope_reset_failed,
821
6c12b52e 822 .notify_cgroup_empty = scope_notify_cgroup_empty_event,
7238fd51 823 .notify_cgroup_oom = scope_notify_cgroup_oom_event,
6c12b52e 824
6c12b52e
LP		 825 .bus_set_property = bus_scope_set_property,
826 .bus_commit_properties = bus_scope_commit_properties,
827
04eb582a 828 .enumerate_perpetual = scope_enumerate_perpetual,
6c12b52e 829};
Unnamed repository; edit this file 'description' to name the repository.