]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
unit: split off KillContext from ExecContext containing only kill definitions
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
916abb21 30#include <mqueue.h>
83c60c9f 31
87f0e418 32#include "unit.h"
5cb5a6ff 33#include "socket.h"
cebf8b20 34#include "netinet/tcp.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
4139c1b2 42#include "dbus-socket.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
398ef8ba 45#include "bus-errors.h"
e51bc1a2 46#include "label.h"
9a57c629 47#include "exit-status.h"
f6a6225e 48#include "def.h"
83c60c9f 49
acbb0225 50static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 51 [SOCKET_DEAD] = UNIT_INACTIVE,
52 [SOCKET_START_PRE] = UNIT_ACTIVATING,
53 [SOCKET_START_POST] = UNIT_ACTIVATING,
54 [SOCKET_LISTENING] = UNIT_ACTIVE,
55 [SOCKET_RUNNING] = UNIT_ACTIVE,
56 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
57 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
58 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
59 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 60 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
61 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 62 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 63};
5cb5a6ff 64
a16e1123
LP		 65static void socket_init(Unit *u) {
66 Socket *s = SOCKET(u);
67
68 assert(u);
ac155bb8 69 assert(u->load_state == UNIT_STUB);
a16e1123 70
a16e1123
LP		 71 s->backlog = SOMAXCONN;
72 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
73 s->directory_mode = 0755;
9131f660 74 s->socket_mode = 0666;
a16e1123 75
6cf6bbc2
LP		 76 s->max_connections = 64;
77
4fd5948e 78 s->priority = -1;
4fd5948e
LP		 79 s->ip_tos = -1;
80 s->ip_ttl = -1;
4fd5948e 81 s->mark = -1;
4fd5948e 82
a16e1123 83 exec_context_init(&s->exec_context);
ac155bb8
MS		 84 s->exec_context.std_output = u->manager->default_std_output;
85 s->exec_context.std_error = u->manager->default_std_error;
4819ff03 86 kill_context_init(&s->kill_context);
a16e1123
LP		 87
88 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
89}
acbb0225 90
5e94833f
LP		 91static void socket_unwatch_control_pid(Socket *s) {
92 assert(s);
93
94 if (s->control_pid <= 0)
95 return;
96
97 unit_unwatch_pid(UNIT(s), s->control_pid);
98 s->control_pid = 0;
99}
100
87f0e418
LP		 101static void socket_done(Unit *u) {
102 Socket *s = SOCKET(u);
034c6ed7
LP		 103 SocketPort *p;
104
105 assert(s);
106
107 while ((p = s->ports)) {
108 LIST_REMOVE(SocketPort, port, s->ports, p);
109
a16e1123
LP		 110 if (p->fd >= 0) {
111 unit_unwatch_fd(UNIT(s), &p->fd_watch);
112 close_nointr_nofail(p->fd);
113 }
114
034c6ed7
LP		 115 free(p->path);
116 free(p);
117 }
118
119 exec_context_done(&s->exec_context);
e537352b 120 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 121 s->control_command = NULL;
122
5e94833f 123 socket_unwatch_control_pid(s);
034c6ed7 124
57020a3a 125 unit_ref_unset(&s->service);
034c6ed7 126
cebf8b20
TT		 127 free(s->tcp_congestion);
128 s->tcp_congestion = NULL;
129
acbb0225 130 free(s->bind_to_device);
e537352b 131 s->bind_to_device = NULL;
acbb0225
LP		 132
133 unit_unwatch_timer(u, &s->timer_watch);
5cb5a6ff
LP		 134}
135
b15bdda8
LP		 136static int socket_instantiate_service(Socket *s) {
137 char *prefix, *name;
138 int r;
139 Unit *u;
140
141 assert(s);
142
143 /* This fills in s->service if it isn't filled in yet. For
144 * Accept=yes sockets we create the next connection service
145 * here. For Accept=no this is mostly a NOP since the service
146 * is figured out at load time anyway. */
147
57020a3a 148 if (UNIT_DEREF(s->service))
b15bdda8
LP		 149 return 0;
150
151 assert(s->accept);
152
1124fe6f 153 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
b15bdda8
LP		 154 return -ENOMEM;
155
156 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
157 free(prefix);
158
159 if (r < 0)
160 return -ENOMEM;
161
1124fe6f 162 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 163 free(name);
164
165 if (r < 0)
166 return r;
167
7b4bf06b 168#ifdef HAVE_SYSV_COMPAT
1b64d026 169 if (SERVICE(u)->is_sysv) {
7b4bf06b
LP		 170 log_error("Using SysV services for socket activation is not supported. Refusing.");
171 return -ENOENT;
172 }
173#endif
174
ac155bb8 175 u->no_gc = true;
57020a3a
LP		 176 unit_ref_set(&s->service, u);
177
178 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 179}
180
4f2d528d
LP		 181static bool have_non_accept_socket(Socket *s) {
182 SocketPort *p;
183
184 assert(s);
185
186 if (!s->accept)
187 return true;
188
dd5ad9d4
LP		 189 LIST_FOREACH(port, p, s->ports) {
190
191 if (p->type != SOCKET_SOCKET)
192 return true;
193
4f2d528d
LP		 194 if (!socket_address_can_accept(&p->address))
195 return true;
dd5ad9d4 196 }
4f2d528d
LP		 197
198 return false;
199}
200
201static int socket_verify(Socket *s) {
202 assert(s);
203
1124fe6f 204 if (UNIT(s)->load_state != UNIT_LOADED)
4f2d528d
LP		 205 return 0;
206
207 if (!s->ports) {
1124fe6f 208 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
4f2d528d
LP		 209 return -EINVAL;
210 }
211
0009d2a6 212 if (s->accept && have_non_accept_socket(s)) {
1124fe6f 213 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
0009d2a6
LP		 214 return -EINVAL;
215 }
216
6cf6bbc2 217 if (s->accept && s->max_connections <= 0) {
1124fe6f 218 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
4d0e5dbd
LP		 219 return -EINVAL;
220 }
221
57020a3a 222 if (s->accept && UNIT_DEREF(s->service)) {
1124fe6f 223 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
d9ff321a
LP		 224 return -EINVAL;
225 }
226
4819ff03 227 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
1124fe6f 228 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
6cf6bbc2
LP		 229 return -EINVAL;
230 }
231
4f2d528d
LP		 232 return 0;
233}
234
6e2ef85b
LP		 235static bool socket_needs_mount(Socket *s, const char *prefix) {
236 SocketPort *p;
237
238 assert(s);
239
240 LIST_FOREACH(port, p, s->ports) {
241
242 if (p->type == SOCKET_SOCKET) {
243 if (socket_address_needs_mount(&p->address, prefix))
244 return true;
916abb21 245 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
6e2ef85b
LP		 246 if (path_startswith(p->path, prefix))
247 return true;
248 }
249 }
250
251 return false;
252}
253
254int socket_add_one_mount_link(Socket *s, Mount *m) {
255 int r;
256
257 assert(s);
258 assert(m);
259
1124fe6f
MS		 260 if (UNIT(s)->load_state != UNIT_LOADED ||
261 UNIT(m)->load_state != UNIT_LOADED)
6e2ef85b
LP		 262 return 0;
263
264 if (!socket_needs_mount(s, m->where))
265 return 0;
266
2c966c03 267 if ((r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true)) < 0)
6e2ef85b
LP		 268 return r;
269
270 return 0;
271}
272
273static int socket_add_mount_links(Socket *s) {
ac155bb8 274 Unit *other;
6e2ef85b
LP		 275 int r;
276
277 assert(s);
278
1124fe6f 279 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT])
595ed347 280 if ((r = socket_add_one_mount_link(s, MOUNT(other))) < 0)
6e2ef85b
LP		 281 return r;
282
283 return 0;
284}
285
286static int socket_add_device_link(Socket *s) {
287 char *t;
288 int r;
289
290 assert(s);
291
292 if (!s->bind_to_device)
293 return 0;
294
295 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
296 return -ENOMEM;
297
298 r = unit_add_node_link(UNIT(s), t, false);
299 free(t);
300
301 return r;
302}
303
a40eb732
LP		 304static int socket_add_default_dependencies(Socket *s) {
305 int r;
306 assert(s);
307
1124fe6f 308 if (UNIT(s)->manager->running_as == MANAGER_SYSTEM) {
2a77d31d
LP		 309 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
310 return r;
311
a40eb732
LP		 312 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
313 return r;
2a77d31d 314 }
a40eb732 315
ead8e478 316 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 317}
318
4cfc6dbe
LP		 319static bool socket_has_exec(Socket *s) {
320 unsigned i;
321 assert(s);
322
323 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
324 if (s->exec_command[i])
325 return true;
326
327 return false;
328}
329
e537352b
LP		 330static int socket_load(Unit *u) {
331 Socket *s = SOCKET(u);
332 int r;
44d8db9e 333
e537352b 334 assert(u);
ac155bb8 335 assert(u->load_state == UNIT_STUB);
44d8db9e 336
e537352b 337 if ((r = unit_load_fragment_and_dropin(u)) < 0)
23a177ef 338 return r;
44d8db9e 339
23a177ef 340 /* This is a new unit? Then let's add in some extras */
ac155bb8 341 if (u->load_state == UNIT_LOADED) {
44d8db9e 342
4f2d528d 343 if (have_non_accept_socket(s)) {
d9ff321a 344
57020a3a
LP		 345 if (!UNIT_DEREF(s->service)) {
346 Unit *x;
347
348 r = unit_load_related_unit(u, ".service", &x);
349 if (r < 0)
d9ff321a 350 return r;
23a177ef 351
57020a3a
LP		 352 unit_ref_set(&s->service, x);
353 }
354
355 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
356 if (r < 0)
4f2d528d
LP		 357 return r;
358 }
44d8db9e 359
6e2ef85b
LP		 360 if ((r = socket_add_mount_links(s)) < 0)
361 return r;
362
363 if ((r = socket_add_device_link(s)) < 0)
364 return r;
365
4cfc6dbe
LP		 366 if (socket_has_exec(s))
367 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
368 return r;
23a177ef 369
d686d8a9 370 if ((r = unit_add_default_cgroups(u)) < 0)
23a177ef 371 return r;
a40eb732 372
1124fe6f 373 if (UNIT(s)->default_dependencies)
a40eb732
LP		 374 if ((r = socket_add_default_dependencies(s)) < 0)
375 return r;
e06c73cc
LP		 376
377 r = unit_patch_working_directory(UNIT(s), &s->exec_context);
378 if (r < 0)
379 return r;
23a177ef
LP		 380 }
381
4f2d528d 382 return socket_verify(s);
44d8db9e
LP		 383}
384
7a22745a
LP		 385static const char* listen_lookup(int family, int type) {
386
387 if (family == AF_NETLINK)
388 return "ListenNetlink";
542563ba
LP		 389
390 if (type == SOCK_STREAM)
391 return "ListenStream";
392 else if (type == SOCK_DGRAM)
393 return "ListenDatagram";
394 else if (type == SOCK_SEQPACKET)
395 return "ListenSequentialPacket";
396
034c6ed7 397 assert_not_reached("Unknown socket type");
542563ba
LP		 398 return NULL;
399}
400
87f0e418 401static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 402
5cb5a6ff 403 SocketExecCommand c;
87f0e418 404 Socket *s = SOCKET(u);
542563ba 405 SocketPort *p;
82ba9f08
LP		 406 const char *prefix2;
407 char *p2;
5cb5a6ff
LP		 408
409 assert(s);
fa068367 410 assert(f);
5cb5a6ff 411
82ba9f08
LP		 412 p2 = strappend(prefix, "\t");
413 prefix2 = p2 ? p2 : prefix;
c43d20a0 414
5cb5a6ff
LP		 415 fprintf(f,
416 "%sSocket State: %s\n"
81a5c6d0 417 "%sResult: %s\n"
542563ba 418 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 419 "%sBacklog: %u\n"
420 "%sSocketMode: %04o\n"
4fd5948e
LP		 421 "%sDirectoryMode: %04o\n"
422 "%sKeepAlive: %s\n"
cebf8b20 423 "%sFreeBind: %s\n"
6b6d2dee 424 "%sTransparent: %s\n"
ec6370a2 425 "%sBroadcast: %s\n"
ede3deb4 426 "%sPassCredentials: %s\n"
54ecda32 427 "%sPassSecurity: %s\n"
cebf8b20 428 "%sTCPCongestion: %s\n",
a16e1123 429 prefix, socket_state_to_string(s->state),
81a5c6d0 430 prefix, socket_result_to_string(s->result),
c0120d99 431 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 432 prefix, s->backlog,
433 prefix, s->socket_mode,
4fd5948e
LP		 434 prefix, s->directory_mode,
435 prefix, yes_no(s->keep_alive),
cebf8b20 436 prefix, yes_no(s->free_bind),
6b6d2dee 437 prefix, yes_no(s->transparent),
ec6370a2 438 prefix, yes_no(s->broadcast),
d68af586 439 prefix, yes_no(s->pass_cred),
54ecda32 440 prefix, yes_no(s->pass_sec),
83a95334 441 prefix, strna(s->tcp_congestion));
542563ba 442
70123e68
LP		 443 if (s->control_pid > 0)
444 fprintf(f,
bb00e604
LP		 445 "%sControl PID: %lu\n",
446 prefix, (unsigned long) s->control_pid);
70123e68 447
acbb0225
LP		 448 if (s->bind_to_device)
449 fprintf(f,
450 "%sBindToDevice: %s\n",
451 prefix, s->bind_to_device);
452
4f2d528d
LP		 453 if (s->accept)
454 fprintf(f,
6cf6bbc2
LP		 455 "%sAccepted: %u\n"
456 "%sNConnections: %u\n"
457 "%sMaxConnections: %u\n",
458 prefix, s->n_accepted,
459 prefix, s->n_connections,
460 prefix, s->max_connections);
4f2d528d 461
4fd5948e
LP		 462 if (s->priority >= 0)
463 fprintf(f,
464 "%sPriority: %i\n",
465 prefix, s->priority);
466
467 if (s->receive_buffer > 0)
468 fprintf(f,
469 "%sReceiveBuffer: %zu\n",
470 prefix, s->receive_buffer);
471
472 if (s->send_buffer > 0)
473 fprintf(f,
474 "%sSendBuffer: %zu\n",
475 prefix, s->send_buffer);
476
477 if (s->ip_tos >= 0)
478 fprintf(f,
479 "%sIPTOS: %i\n",
480 prefix, s->ip_tos);
481
482 if (s->ip_ttl >= 0)
483 fprintf(f,
484 "%sIPTTL: %i\n",
485 prefix, s->ip_ttl);
486
487 if (s->pipe_size > 0)
488 fprintf(f,
489 "%sPipeSize: %zu\n",
490 prefix, s->pipe_size);
491
492 if (s->mark >= 0)
493 fprintf(f,
494 "%sMark: %i\n",
495 prefix, s->mark);
496
916abb21
LP		 497 if (s->mq_maxmsg > 0)
498 fprintf(f,
499 "%sMessageQueueMaxMessages: %li\n",
500 prefix, s->mq_maxmsg);
501
502 if (s->mq_msgsize > 0)
503 fprintf(f,
504 "%sMessageQueueMessageSize: %li\n",
505 prefix, s->mq_msgsize);
506
034c6ed7 507 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 508
542563ba
LP		 509 if (p->type == SOCKET_SOCKET) {
510 const char *t;
511 int r;
e364ad06 512 char *k = NULL;
542563ba
LP		 513
514 if ((r = socket_address_print(&p->address, &k)) < 0)
515 t = strerror(-r);
516 else
517 t = k;
518
7a22745a 519 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 520 free(k);
b0a3f2bc
LP		 521 } else if (p->type == SOCKET_SPECIAL)
522 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 523 else if (p->type == SOCKET_MQUEUE)
524 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 525 else
542563ba
LP		 526 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
527 }
5cb5a6ff
LP		 528
529 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 530 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 531
e537352b 532 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 533 if (!s->exec_command[c])
534 continue;
5cb5a6ff 535
40d50879 536 fprintf(f, "%s-> %s:\n",
a16e1123 537 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 538
539 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff 540 }
c43d20a0 541
82ba9f08 542 free(p2);
5cb5a6ff
LP		 543}
544
4f2d528d
LP		 545static int instance_from_socket(int fd, unsigned nr, char **instance) {
546 socklen_t l;
547 char *r;
548 union {
549 struct sockaddr sa;
550 struct sockaddr_un un;
551 struct sockaddr_in in;
552 struct sockaddr_in6 in6;
553 struct sockaddr_storage storage;
554 } local, remote;
555
556 assert(fd >= 0);
557 assert(instance);
558
559 l = sizeof(local);
560 if (getsockname(fd, &local.sa, &l) < 0)
561 return -errno;
562
563 l = sizeof(remote);
564 if (getpeername(fd, &remote.sa, &l) < 0)
565 return -errno;
566
567 switch (local.sa.sa_family) {
568
569 case AF_INET: {
570 uint32_t
571 a = ntohl(local.in.sin_addr.s_addr),
572 b = ntohl(remote.in.sin_addr.s_addr);
573
574 if (asprintf(&r,
77b088c2
LP		 575 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
576 nr,
4f2d528d
LP		 577 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
578 ntohs(local.in.sin_port),
579 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
580 ntohs(remote.in.sin_port)) < 0)
581 return -ENOMEM;
582
583 break;
584 }
585
586 case AF_INET6: {
2b061f5a
LP		 587 static const char ipv4_prefix[] = {
588 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
589 };
590
591 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
592 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
593 const uint8_t
594 *a = local.in6.sin6_addr.s6_addr+12,
595 *b = remote.in6.sin6_addr.s6_addr+12;
596
597 if (asprintf(&r,
77b088c2
LP		 598 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
599 nr,
2b061f5a
LP		 600 a[0], a[1], a[2], a[3],
601 ntohs(local.in6.sin6_port),
602 b[0], b[1], b[2], b[3],
603 ntohs(remote.in6.sin6_port)) < 0)
604 return -ENOMEM;
605 } else {
606 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
607
608 if (asprintf(&r,
77b088c2
LP		 609 "%u-%s:%u-%s:%u",
610 nr,
2b061f5a
LP		 611 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
612 ntohs(local.in6.sin6_port),
613 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
614 ntohs(remote.in6.sin6_port)) < 0)
615 return -ENOMEM;
616 }
4f2d528d
LP		 617
618 break;
619 }
620
621 case AF_UNIX: {
622 struct ucred ucred;
623
624 l = sizeof(ucred);
625 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
626 return -errno;
627
628 if (asprintf(&r,
bb00e604 629 "%u-%lu-%lu",
4f2d528d 630 nr,
bb00e604
LP		 631 (unsigned long) ucred.pid,
632 (unsigned long) ucred.uid) < 0)
4f2d528d
LP		 633 return -ENOMEM;
634
635 break;
636 }
637
638 default:
639 assert_not_reached("Unhandled socket type.");
640 }
641
642 *instance = r;
643 return 0;
644}
645
034c6ed7 646static void socket_close_fds(Socket *s) {
83c60c9f
LP		 647 SocketPort *p;
648
649 assert(s);
650
034c6ed7 651 LIST_FOREACH(port, p, s->ports) {
83c60c9f
LP		 652 if (p->fd < 0)
653 continue;
654
acbb0225 655 unit_unwatch_fd(UNIT(s), &p->fd_watch);
a16e1123
LP		 656 close_nointr_nofail(p->fd);
657
658 /* One little note: we should never delete any sockets
659 * in the file system here! After all some other
660 * process we spawned might still have a reference of
661 * this fd and wants to continue to use it. Therefore
662 * we delete sockets in the file system before we
663 * create a new one, not after we stopped using
664 * one! */
9152c765 665
83c60c9f
LP		 666 p->fd = -1;
667 }
668}
669
4fd5948e
LP		 670static void socket_apply_socket_options(Socket *s, int fd) {
671 assert(s);
672 assert(fd >= 0);
673
674 if (s->keep_alive) {
675 int b = s->keep_alive;
676 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
677 log_warning("SO_KEEPALIVE failed: %m");
678 }
679
ec6370a2
LP		 680 if (s->broadcast) {
681 int one = 1;
682 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
683 log_warning("SO_BROADCAST failed: %m");
684 }
685
d68af586
MS		 686 if (s->pass_cred) {
687 int one = 1;
688 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
689 log_warning("SO_PASSCRED failed: %m");
690 }
691
54ecda32
LP		 692 if (s->pass_sec) {
693 int one = 1;
694 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
695 log_warning("SO_PASSSEC failed: %m");
696 }
697
4fd5948e
LP		 698 if (s->priority >= 0)
699 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
700 log_warning("SO_PRIORITY failed: %m");
701
702 if (s->receive_buffer > 0) {
703 int value = (int) s->receive_buffer;
7d9eaa84
LP		 704
705 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
706
b8cef44e 707 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 708 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
709 log_warning("SO_RCVBUF failed: %m");
4fd5948e
LP		 710 }
711
712 if (s->send_buffer > 0) {
713 int value = (int) s->send_buffer;
b8cef44e 714 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 715 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
716 log_warning("SO_SNDBUF failed: %m");
4fd5948e
LP		 717 }
718
719 if (s->mark >= 0)
720 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
721 log_warning("SO_MARK failed: %m");
722
723 if (s->ip_tos >= 0)
724 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
725 log_warning("IP_TOS failed: %m");
726
46925ac5
LP		 727 if (s->ip_ttl >= 0) {
728 int r, x;
729
730 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 731
732 if (socket_ipv6_is_supported())
733 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
734 else {
735 x = -1;
736 errno = EAFNOSUPPORT;
737 }
46925ac5
LP		 738
739 if (r < 0 && x < 0)
740 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
741 }
cebf8b20
TT		 742
743 if (s->tcp_congestion)
744 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
745 log_warning("TCP_CONGESTION failed: %m");
4fd5948e
LP		 746}
747
b15bdda8 748static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 749 assert(s);
750 assert(fd >= 0);
751
752 if (s->pipe_size > 0)
753 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
754 log_warning("F_SETPIPE_SZ: %m");
755}
756
b15bdda8
LP		 757static int fifo_address_create(
758 const char *path,
759 mode_t directory_mode,
760 mode_t socket_mode,
b15bdda8
LP		 761 int *_fd) {
762
7a58bfa4 763 int fd = -1, r = 0;
b15bdda8
LP		 764 struct stat st;
765 mode_t old_mask;
766
767 assert(path);
768 assert(_fd);
769
d2e54fae 770 mkdir_parents_label(path, directory_mode);
b15bdda8 771
e9a5ef7c
KS		 772 r = label_context_set(path, S_IFIFO);
773 if (r < 0)
56cf987f 774 goto fail;
b15bdda8
LP		 775
776 /* Enforce the right access mode for the fifo */
777 old_mask = umask(~ socket_mode);
778
779 /* Include the original umask in our mask */
780 umask(~socket_mode | old_mask);
781
782 r = mkfifo(path, socket_mode);
783 umask(old_mask);
784
94bc2731 785 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 786 r = -errno;
787 goto fail;
788 }
789
790 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
791 r = -errno;
792 goto fail;
793 }
794
e9a5ef7c 795 label_context_clear();
7a58bfa4 796
b15bdda8
LP		 797 if (fstat(fd, &st) < 0) {
798 r = -errno;
799 goto fail;
800 }
801
802 if (!S_ISFIFO(st.st_mode) ||
de0200fc 803 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
b15bdda8
LP		 804 st.st_uid != getuid() ||
805 st.st_gid != getgid()) {
806
807 r = -EEXIST;
808 goto fail;
809 }
810
811 *_fd = fd;
812 return 0;
813
814fail:
e9a5ef7c 815 label_context_clear();
56cf987f 816
b15bdda8
LP		 817 if (fd >= 0)
818 close_nointr_nofail(fd);
819
820 return r;
821}
822
b0a3f2bc
LP		 823static int special_address_create(
824 const char *path,
825 int *_fd) {
826
827 int fd = -1, r = 0;
828 struct stat st;
829
830 assert(path);
831 assert(_fd);
832
833 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
834 r = -errno;
835 goto fail;
836 }
837
838 if (fstat(fd, &st) < 0) {
839 r = -errno;
840 goto fail;
841 }
842
843 /* Check whether this is a /proc, /sys or /dev file or char device */
844 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
845 r = -EEXIST;
846 goto fail;
847 }
848
849 *_fd = fd;
850 return 0;
851
852fail:
853 if (fd >= 0)
854 close_nointr_nofail(fd);
855
856 return r;
857}
858
916abb21
LP		 859static int mq_address_create(
860 const char *path,
861 mode_t mq_mode,
862 long maxmsg,
863 long msgsize,
864 int *_fd) {
865
866 int fd = -1, r = 0;
867 struct stat st;
868 mode_t old_mask;
869 struct mq_attr _attr, *attr = NULL;
870
871 assert(path);
872 assert(_fd);
873
874 if (maxmsg > 0 && msgsize > 0) {
875 zero(_attr);
876 _attr.mq_flags = O_NONBLOCK;
877 _attr.mq_maxmsg = maxmsg;
878 _attr.mq_msgsize = msgsize;
879 attr = &_attr;
880 }
881
882 /* Enforce the right access mode for the mq */
883 old_mask = umask(~ mq_mode);
884
885 /* Include the original umask in our mask */
886 umask(~mq_mode | old_mask);
887
888 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
889 umask(old_mask);
890
8ea913b2 891 if (fd < 0) {
916abb21
LP		 892 r = -errno;
893 goto fail;
894 }
895
896 if (fstat(fd, &st) < 0) {
897 r = -errno;
898 goto fail;
899 }
900
901 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
902 st.st_uid != getuid() ||
903 st.st_gid != getgid()) {
904
905 r = -EEXIST;
906 goto fail;
907 }
908
909 *_fd = fd;
910 return 0;
911
912fail:
913 if (fd >= 0)
914 close_nointr_nofail(fd);
915
916 return r;
917}
918
034c6ed7 919static int socket_open_fds(Socket *s) {
83c60c9f
LP		 920 SocketPort *p;
921 int r;
56cf987f 922 char *label = NULL;
049f8642 923 bool know_label = false;
83c60c9f
LP		 924
925 assert(s);
926
034c6ed7 927 LIST_FOREACH(port, p, s->ports) {
83c60c9f 928
034c6ed7
LP		 929 if (p->fd >= 0)
930 continue;
83c60c9f
LP		 931
932 if (p->type == SOCKET_SOCKET) {
933
049f8642
LP		 934 if (!know_label) {
935
936 if ((r = socket_instantiate_service(s)) < 0)
937 return r;
938
57020a3a
LP		 939 if (UNIT_DEREF(s->service) &&
940 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
941 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
189583d7
LP		 942
943 if (r < 0) {
a7444eda
LP		 944 if (r != -EPERM)
945 return r;
946 }
189583d7 947 }
049f8642
LP		 948
949 know_label = true;
950 }
951
b5a0699f
LP		 952 if ((r = socket_address_listen(
953 &p->address,
954 s->backlog,
955 s->bind_ipv6_only,
956 s->bind_to_device,
4fd5948e 957 s->free_bind,
6b6d2dee 958 s->transparent,
b5a0699f
LP		 959 s->directory_mode,
960 s->socket_mode,
56cf987f 961 label,
b5a0699f 962 &p->fd)) < 0)
83c60c9f
LP		 963 goto rollback;
964
4fd5948e
LP		 965 socket_apply_socket_options(s, p->fd);
966
b0a3f2bc
LP		 967 } else if (p->type == SOCKET_SPECIAL) {
968
969 if ((r = special_address_create(
970 p->path,
971 &p->fd)) < 0)
972 goto rollback;
973
b15bdda8 974 } else if (p->type == SOCKET_FIFO) {
83c60c9f 975
b15bdda8
LP		 976 if ((r = fifo_address_create(
977 p->path,
978 s->directory_mode,
979 s->socket_mode,
b15bdda8 980 &p->fd)) < 0)
83c60c9f 981 goto rollback;
83c60c9f 982
b15bdda8 983 socket_apply_fifo_options(s, p->fd);
916abb21 984 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 985
916abb21
LP		 986 if ((r = mq_address_create(
987 p->path,
988 s->socket_mode,
989 s->mq_maxmsg,
990 s->mq_msgsize,
991 &p->fd)) < 0)
992 goto rollback;
b15bdda8
LP		 993 } else
994 assert_not_reached("Unknown port type");
034c6ed7
LP		 995 }
996
56cf987f 997 label_free(label);
034c6ed7
LP		 998 return 0;
999
1000rollback:
1001 socket_close_fds(s);
56cf987f 1002 label_free(label);
034c6ed7
LP		 1003 return r;
1004}
1005
1006static void socket_unwatch_fds(Socket *s) {
1007 SocketPort *p;
9152c765 1008
034c6ed7
LP		 1009 assert(s);
1010
1011 LIST_FOREACH(port, p, s->ports) {
1012 if (p->fd < 0)
1013 continue;
1014
acbb0225 1015 unit_unwatch_fd(UNIT(s), &p->fd_watch);
83c60c9f 1016 }
034c6ed7
LP		 1017}
1018
1019static int socket_watch_fds(Socket *s) {
1020 SocketPort *p;
1021 int r;
1022
1023 assert(s);
83c60c9f 1024
034c6ed7
LP		 1025 LIST_FOREACH(port, p, s->ports) {
1026 if (p->fd < 0)
1027 continue;
1028
cabab516 1029 p->fd_watch.socket_accept =
4f2d528d 1030 s->accept &&
dd5ad9d4 1031 p->type == SOCKET_SOCKET &&
4f2d528d
LP		 1032 socket_address_can_accept(&p->address);
1033
f94ea366 1034 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
034c6ed7
LP		 1035 goto fail;
1036 }
83c60c9f 1037
542563ba 1038 return 0;
83c60c9f 1039
034c6ed7
LP		 1040fail:
1041 socket_unwatch_fds(s);
1042 return r;
1043}
1044
1045static void socket_set_state(Socket *s, SocketState state) {
1046 SocketState old_state;
1047 assert(s);
1048
1049 old_state = s->state;
1050 s->state = state;
1051
1052 if (state != SOCKET_START_PRE &&
1053 state != SOCKET_START_POST &&
1054 state != SOCKET_STOP_PRE &&
1055 state != SOCKET_STOP_PRE_SIGTERM &&
1056 state != SOCKET_STOP_PRE_SIGKILL &&
1057 state != SOCKET_STOP_POST &&
80876c20
LP		 1058 state != SOCKET_FINAL_SIGTERM &&
1059 state != SOCKET_FINAL_SIGKILL) {
acbb0225 1060 unit_unwatch_timer(UNIT(s), &s->timer_watch);
5e94833f 1061 socket_unwatch_control_pid(s);
034c6ed7 1062 s->control_command = NULL;
a16e1123 1063 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1064 }
034c6ed7 1065
a16e1123
LP		 1066 if (state != SOCKET_LISTENING)
1067 socket_unwatch_fds(s);
1068
034c6ed7
LP		 1069 if (state != SOCKET_START_POST &&
1070 state != SOCKET_LISTENING &&
1071 state != SOCKET_RUNNING &&
1072 state != SOCKET_STOP_PRE &&
1073 state != SOCKET_STOP_PRE_SIGTERM &&
1074 state != SOCKET_STOP_PRE_SIGKILL)
1075 socket_close_fds(s);
1076
e537352b 1077 if (state != old_state)
40d50879 1078 log_debug("%s changed %s -> %s",
1124fe6f 1079 UNIT(s)->id,
a16e1123
LP		 1080 socket_state_to_string(old_state),
1081 socket_state_to_string(state));
acbb0225 1082
e2f3b44c 1083 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1084}
1085
a16e1123
LP		 1086static int socket_coldplug(Unit *u) {
1087 Socket *s = SOCKET(u);
1088 int r;
1089
1090 assert(s);
1091 assert(s->state == SOCKET_DEAD);
1092
1093 if (s->deserialized_state != s->state) {
1094
1095 if (s->deserialized_state == SOCKET_START_PRE ||
1096 s->deserialized_state == SOCKET_START_POST ||
1097 s->deserialized_state == SOCKET_STOP_PRE ||
1098 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1099 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1100 s->deserialized_state == SOCKET_STOP_POST ||
1101 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1102 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1103
1104 if (s->control_pid <= 0)
1105 return -EBADMSG;
1106
1107 if ((r = unit_watch_pid(UNIT(s), s->control_pid)) < 0)
1108 return r;
1109
1110 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1111 return r;
1112 }
1113
1114 if (s->deserialized_state == SOCKET_START_POST ||
1115 s->deserialized_state == SOCKET_LISTENING ||
1116 s->deserialized_state == SOCKET_RUNNING ||
1117 s->deserialized_state == SOCKET_STOP_PRE ||
1118 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1119 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1120 if ((r = socket_open_fds(s)) < 0)
1121 return r;
1122
1123 if (s->deserialized_state == SOCKET_LISTENING)
1124 if ((r = socket_watch_fds(s)) < 0)
1125 return r;
1126
1127 socket_set_state(s, s->deserialized_state);
1128 }
1129
1130 return 0;
1131}
1132
e537352b 1133static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
034c6ed7
LP		 1134 pid_t pid;
1135 int r;
9e2f7c11 1136 char **argv;
034c6ed7
LP		 1137
1138 assert(s);
1139 assert(c);
1140 assert(_pid);
1141
e537352b
LP		 1142 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1143 goto fail;
034c6ed7 1144
9e2f7c11
LP		 1145 if (!(argv = unit_full_printf_strv(UNIT(s), c->argv))) {
1146 r = -ENOMEM;
1147 goto fail;
1148 }
1149
1150 r = exec_spawn(c,
1151 argv,
1152 &s->exec_context,
1153 NULL, 0,
1124fe6f 1154 UNIT(s)->manager->environment,
9e2f7c11
LP		 1155 true,
1156 true,
1e3ad081 1157 true,
1124fe6f
MS		 1158 UNIT(s)->manager->confirm_spawn,
1159 UNIT(s)->cgroup_bondings,
1160 UNIT(s)->cgroup_attributes,
ecedd90f 1161 NULL,
62bca2c6 1162 UNIT(s)->id,
f2b68789 1163 NULL,
9e2f7c11
LP		 1164 &pid);
1165
1166 strv_free(argv);
1167 if (r < 0)
034c6ed7
LP		 1168 goto fail;
1169
87f0e418 1170 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
034c6ed7
LP		 1171 /* FIXME: we need to do something here */
1172 goto fail;
83c60c9f 1173
034c6ed7
LP		 1174 *_pid = pid;
1175
1176 return 0;
1177
1178fail:
e537352b 1179 unit_unwatch_timer(UNIT(s), &s->timer_watch);
83c60c9f
LP		 1180
1181 return r;
542563ba
LP		 1182}
1183
cfc4eb4c 1184static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1185 assert(s);
1186
cfc4eb4c
LP		 1187 if (f != SOCKET_SUCCESS)
1188 s->result = f;
034c6ed7 1189
cfc4eb4c 1190 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1191}
1192
cfc4eb4c 1193static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1194
cfc4eb4c 1195static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1196 int r;
1197 assert(s);
1198
cfc4eb4c
LP		 1199 if (f != SOCKET_SUCCESS)
1200 s->result = f;
034c6ed7 1201
5e94833f
LP		 1202 socket_unwatch_control_pid(s);
1203
a16e1123
LP		 1204 s->control_command_id = SOCKET_EXEC_STOP_POST;
1205
80876c20 1206 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
e537352b 1207 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1208 goto fail;
1209
80876c20
LP		 1210 socket_set_state(s, SOCKET_STOP_POST);
1211 } else
cfc4eb4c 1212 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1213
1214 return;
1215
1216fail:
1124fe6f 1217 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1218 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1219}
1220
cfc4eb4c 1221static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7 1222 int r;
ca949c9d
LP		 1223 Set *pid_set = NULL;
1224 bool wait_for_exit = false;
034c6ed7
LP		 1225
1226 assert(s);
1227
cfc4eb4c
LP		 1228 if (f != SOCKET_SUCCESS)
1229 s->result = f;
034c6ed7 1230
4819ff03
LP		 1231 if (s->kill_context.kill_mode != KILL_NONE) {
1232 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->kill_context.kill_signal : SIGKILL;
034c6ed7 1233
ca949c9d 1234 if (s->control_pid > 0) {
cd25cce9 1235 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
50159e6a 1236
ca949c9d
LP		 1237 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1238 else
1239 wait_for_exit = true;
034c6ed7 1240 }
50159e6a 1241
4819ff03 1242 if (s->kill_context.kill_mode == KILL_CONTROL_GROUP) {
ca949c9d
LP		 1243
1244 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1245 r = -ENOMEM;
50159e6a
LP		 1246 goto fail;
1247 }
ca949c9d
LP		 1248
1249 /* Exclude the control pid from being killed via the cgroup */
1250 if (s->control_pid > 0)
1251 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1252 goto fail;
1253
88f3e0c9 1254 r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, false, pid_set, NULL);
ecedd90f 1255 if (r < 0) {
ca949c9d
LP		 1256 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1257 log_warning("Failed to kill control group: %s", strerror(-r));
1258 } else if (r > 0)
1259 wait_for_exit = true;
1260
1261 set_free(pid_set);
da19d5c1 1262 pid_set = NULL;
ca949c9d 1263 }
d6ea93e3 1264 }
034c6ed7 1265
ca949c9d 1266 if (wait_for_exit) {
80876c20
LP		 1267 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1268 goto fail;
d6ea93e3 1269
80876c20
LP		 1270 socket_set_state(s, state);
1271 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1272 socket_enter_stop_post(s, SOCKET_SUCCESS);
80876c20 1273 else
cfc4eb4c 1274 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1275
1276 return;
1277
1278fail:
1124fe6f 1279 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1280
1281 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1282 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1283 else
cfc4eb4c 1284 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
ca949c9d
LP		 1285
1286 if (pid_set)
1287 set_free(pid_set);
034c6ed7
LP		 1288}
1289
cfc4eb4c 1290static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1291 int r;
1292 assert(s);
1293
cfc4eb4c
LP		 1294 if (f != SOCKET_SUCCESS)
1295 s->result = f;
034c6ed7 1296
5e94833f
LP		 1297 socket_unwatch_control_pid(s);
1298
a16e1123
LP		 1299 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1300
80876c20 1301 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
e537352b 1302 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1303 goto fail;
1304
80876c20
LP		 1305 socket_set_state(s, SOCKET_STOP_PRE);
1306 } else
cfc4eb4c 1307 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1308
1309 return;
1310
1311fail:
1124fe6f 1312 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1313 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1314}
1315
e9af15c3
LP		 1316static void socket_enter_listening(Socket *s) {
1317 int r;
1318 assert(s);
1319
cfc4eb4c
LP		 1320 r = socket_watch_fds(s);
1321 if (r < 0) {
1124fe6f 1322 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1323 goto fail;
1324 }
1325
1326 socket_set_state(s, SOCKET_LISTENING);
1327 return;
1328
1329fail:
cfc4eb4c 1330 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1331}
1332
034c6ed7
LP		 1333static void socket_enter_start_post(Socket *s) {
1334 int r;
1335 assert(s);
1336
cfc4eb4c
LP		 1337 r = socket_open_fds(s);
1338 if (r < 0) {
1124fe6f 1339 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1340 goto fail;
1341 }
1342
5e94833f
LP		 1343 socket_unwatch_control_pid(s);
1344
a16e1123
LP		 1345 s->control_command_id = SOCKET_EXEC_START_POST;
1346
80876c20 1347 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
cfc4eb4c
LP		 1348 r = socket_spawn(s, s->control_command, &s->control_pid);
1349 if (r < 0) {
1124fe6f 1350 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1351 goto fail;
1352 }
1353
80876c20
LP		 1354 socket_set_state(s, SOCKET_START_POST);
1355 } else
e9af15c3 1356 socket_enter_listening(s);
034c6ed7
LP		 1357
1358 return;
1359
1360fail:
cfc4eb4c 1361 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1362}
1363
1364static void socket_enter_start_pre(Socket *s) {
1365 int r;
1366 assert(s);
1367
5e94833f
LP		 1368 socket_unwatch_control_pid(s);
1369
a16e1123
LP		 1370 s->control_command_id = SOCKET_EXEC_START_PRE;
1371
80876c20 1372 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
e537352b 1373 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1374 goto fail;
1375
80876c20
LP		 1376 socket_set_state(s, SOCKET_START_PRE);
1377 } else
034c6ed7
LP		 1378 socket_enter_start_post(s);
1379
1380 return;
1381
1382fail:
1124fe6f 1383 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1384 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1385}
1386
4f2d528d 1387static void socket_enter_running(Socket *s, int cfd) {
034c6ed7 1388 int r;
398ef8ba 1389 DBusError error;
034c6ed7
LP		 1390
1391 assert(s);
398ef8ba 1392 dbus_error_init(&error);
034c6ed7 1393
ba3e67a7
LP		 1394 /* We don't take connections anymore if we are supposed to
1395 * shut down anyway */
18ffdfda 1396 if (unit_pending_inactive(UNIT(s))) {
1124fe6f 1397 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1398
7c610628
LP		 1399 if (cfd >= 0)
1400 close_nointr_nofail(cfd);
1401 else {
1402 /* Flush all sockets by closing and reopening them */
1403 socket_close_fds(s);
1404
1a710b43
MS		 1405 r = socket_watch_fds(s);
1406 if (r < 0) {
1124fe6f 1407 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1408 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1409 }
1410 }
1411
ba3e67a7
LP		 1412 return;
1413 }
1414
4f2d528d 1415 if (cfd < 0) {
57020a3a
LP		 1416 Iterator i;
1417 Unit *u;
f976f3f6 1418 bool pending = false;
f976f3f6
LP		 1419
1420 /* If there's already a start pending don't bother to
1421 * do anything */
1124fe6f 1422 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
57020a3a
LP		 1423 if (unit_pending_active(u)) {
1424 pending = true;
1425 break;
1426 }
f976f3f6 1427
1a710b43
MS		 1428 if (!pending) {
1429 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1430 if (r < 0)
f976f3f6 1431 goto fail;
1a710b43 1432 }
4f2d528d
LP		 1433
1434 socket_set_state(s, SOCKET_RUNNING);
1435 } else {
b4f10a5e 1436 char *prefix, *instance = NULL, *name;
b15bdda8 1437 Service *service;
4f2d528d 1438
6cf6bbc2
LP		 1439 if (s->n_connections >= s->max_connections) {
1440 log_warning("Too many incoming connections (%u)", s->n_connections);
1441 close_nointr_nofail(cfd);
1442 return;
1443 }
1444
1a710b43
MS		 1445 r = socket_instantiate_service(s);
1446 if (r < 0)
b15bdda8
LP		 1447 goto fail;
1448
1a710b43
MS		 1449 r = instance_from_socket(cfd, s->n_accepted, &instance);
1450 if (r < 0) {
1451 if (r != -ENOTCONN)
1452 goto fail;
1453
1454 /* ENOTCONN is legitimate if TCP RST was received.
1455 * This connection is over, but the socket unit lives on. */
1456 close_nointr_nofail(cfd);
1457 return;
1458 }
4f2d528d 1459
1a710b43
MS		 1460 prefix = unit_name_to_prefix(UNIT(s)->id);
1461 if (!prefix) {
4f2d528d
LP		 1462 free(instance);
1463 r = -ENOMEM;
1464 goto fail;
1465 }
1466
1467 name = unit_name_build(prefix, instance, ".service");
1468 free(prefix);
1469 free(instance);
1470
b6dbbe1c 1471 if (!name) {
4f2d528d 1472 r = -ENOMEM;
b6dbbe1c
LP		 1473 goto fail;
1474 }
4f2d528d 1475
1a710b43
MS		 1476 r = unit_add_name(UNIT_DEREF(s->service), name);
1477 if (r < 0) {
b15bdda8 1478 free(name);
4f2d528d 1479 goto fail;
b15bdda8
LP		 1480 }
1481
57020a3a
LP		 1482 service = SERVICE(UNIT_DEREF(s->service));
1483 unit_ref_unset(&s->service);
b15bdda8 1484 s->n_accepted ++;
4f2d528d 1485
1124fe6f 1486 UNIT(service)->no_gc = false;
6c073082 1487
b15bdda8
LP		 1488 unit_choose_id(UNIT(service), name);
1489 free(name);
1490
1a710b43
MS		 1491 r = service_set_socket_fd(service, cfd, s);
1492 if (r < 0)
4f2d528d
LP		 1493 goto fail;
1494
1495 cfd = -1;
6cf6bbc2
LP		 1496 s->n_connections ++;
1497
1a710b43
MS		 1498 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1499 if (r < 0)
4f2d528d 1500 goto fail;
c4e2ceae
LP		 1501
1502 /* Notify clients about changed counters */
1503 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1504 }
034c6ed7 1505
034c6ed7
LP		 1506 return;
1507
1508fail:
1124fe6f 1509 log_warning("%s failed to queue socket startup job: %s", UNIT(s)->id, bus_error(&error, r));
60089004 1510 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
4f2d528d
LP		 1511
1512 if (cfd >= 0)
1513 close_nointr_nofail(cfd);
398ef8ba
LP		 1514
1515 dbus_error_free(&error);
034c6ed7
LP		 1516}
1517
cfc4eb4c 1518static void socket_run_next(Socket *s) {
034c6ed7
LP		 1519 int r;
1520
1521 assert(s);
1522 assert(s->control_command);
1523 assert(s->control_command->command_next);
1524
5e94833f
LP		 1525 socket_unwatch_control_pid(s);
1526
034c6ed7
LP		 1527 s->control_command = s->control_command->command_next;
1528
e537352b 1529 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1530 goto fail;
1531
1532 return;
1533
1534fail:
1124fe6f 1535 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1536
1537 if (s->state == SOCKET_START_POST)
cfc4eb4c 1538 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1539 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1540 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1541 else
cfc4eb4c 1542 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1543}
1544
87f0e418
LP		 1545static int socket_start(Unit *u) {
1546 Socket *s = SOCKET(u);
83c60c9f
LP		 1547
1548 assert(s);
1549
034c6ed7
LP		 1550 /* We cannot fulfill this request right now, try again later
1551 * please! */
1552 if (s->state == SOCKET_STOP_PRE ||
1553 s->state == SOCKET_STOP_PRE_SIGKILL ||
1554 s->state == SOCKET_STOP_PRE_SIGTERM ||
1555 s->state == SOCKET_STOP_POST ||
80876c20
LP		 1556 s->state == SOCKET_FINAL_SIGTERM ||
1557 s->state == SOCKET_FINAL_SIGKILL)
034c6ed7
LP		 1558 return -EAGAIN;
1559
83c60c9f
LP		 1560 if (s->state == SOCKET_START_PRE ||
1561 s->state == SOCKET_START_POST)
034c6ed7 1562 return 0;
83c60c9f 1563
034c6ed7 1564 /* Cannot run this without the service being around */
57020a3a
LP		 1565 if (UNIT_DEREF(s->service)) {
1566 Service *service;
1567
1568 service = SERVICE(UNIT_DEREF(s->service));
1569
1124fe6f
MS		 1570 if (UNIT(service)->load_state != UNIT_LOADED) {
1571 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1572 return -ENOENT;
4ac9236f 1573 }
4f2d528d 1574
35b8ca3a 1575 /* If the service is already active we cannot start the
4f2d528d 1576 * socket */
57020a3a
LP		 1577 if (service->state != SERVICE_DEAD &&
1578 service->state != SERVICE_FAILED &&
1579 service->state != SERVICE_AUTO_RESTART) {
1124fe6f 1580 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1581 return -EBUSY;
4ac9236f 1582 }
7b4bf06b
LP		 1583
1584#ifdef HAVE_SYSV_COMPAT
1b64d026 1585 if (service->is_sysv) {
7b4bf06b
LP		 1586 log_error("Using SysV services for socket activation is not supported. Refusing.");
1587 return -ENOENT;
1588 }
1589#endif
4f2d528d 1590 }
e537352b 1591
fdf20a31 1592 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1593
cfc4eb4c 1594 s->result = SOCKET_SUCCESS;
034c6ed7
LP		 1595 socket_enter_start_pre(s);
1596 return 0;
1597}
83c60c9f 1598
87f0e418
LP		 1599static int socket_stop(Unit *u) {
1600 Socket *s = SOCKET(u);
034c6ed7
LP		 1601
1602 assert(s);
1603
e537352b
LP		 1604 /* Already on it */
1605 if (s->state == SOCKET_STOP_PRE ||
1606 s->state == SOCKET_STOP_PRE_SIGTERM ||
1607 s->state == SOCKET_STOP_PRE_SIGKILL ||
1608 s->state == SOCKET_STOP_POST ||
80876c20 1609 s->state == SOCKET_FINAL_SIGTERM ||
3f6c78dc 1610 s->state == SOCKET_FINAL_SIGKILL)
e537352b
LP		 1611 return 0;
1612
3f6c78dc
LP		 1613 /* If there's already something running we go directly into
1614 * kill mode. */
1615 if (s->state == SOCKET_START_PRE ||
1616 s->state == SOCKET_START_POST) {
cfc4eb4c 1617 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1618 return -EAGAIN;
1619 }
1620
034c6ed7 1621 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1622
cfc4eb4c 1623 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1624 return 0;
1625}
1626
a16e1123
LP		 1627static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1628 Socket *s = SOCKET(u);
1629 SocketPort *p;
1630 int r;
1631
1632 assert(u);
1633 assert(f);
1634 assert(fds);
1635
1636 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1637 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1638 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1639
1640 if (s->control_pid > 0)
5925dd3c 1641 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
a16e1123
LP		 1642
1643 if (s->control_command_id >= 0)
1644 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1645
1646 LIST_FOREACH(port, p, s->ports) {
1647 int copy;
1648
1649 if (p->fd < 0)
1650 continue;
1651
1652 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1653 return copy;
1654
1655 if (p->type == SOCKET_SOCKET) {
1656 char *t;
1657
1658 if ((r = socket_address_print(&p->address, &t)) < 0)
1659 return r;
1660
7a22745a
LP		 1661 if (socket_address_family(&p->address) == AF_NETLINK)
1662 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1663 else
1664 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
a16e1123 1665 free(t);
b0a3f2bc
LP		 1666 } else if (p->type == SOCKET_SPECIAL)
1667 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1668 else {
a16e1123
LP		 1669 assert(p->type == SOCKET_FIFO);
1670 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1671 }
1672 }
1673
1674 return 0;
1675}
1676
1677static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1678 Socket *s = SOCKET(u);
a16e1123
LP		 1679
1680 assert(u);
1681 assert(key);
1682 assert(value);
1683 assert(fds);
1684
1685 if (streq(key, "state")) {
1686 SocketState state;
1687
1688 if ((state = socket_state_from_string(value)) < 0)
1689 log_debug("Failed to parse state value %s", value);
1690 else
1691 s->deserialized_state = state;
cfc4eb4c
LP		 1692 } else if (streq(key, "result")) {
1693 SocketResult f;
a16e1123 1694
cfc4eb4c
LP		 1695 f = socket_result_from_string(value);
1696 if (f < 0)
1697 log_debug("Failed to parse result value %s", value);
1698 else if (f != SOCKET_SUCCESS)
1699 s->result = f;
a16e1123
LP		 1700
1701 } else if (streq(key, "n-accepted")) {
1702 unsigned k;
1703
e364ad06 1704 if (safe_atou(value, &k) < 0)
a16e1123
LP		 1705 log_debug("Failed to parse n-accepted value %s", value);
1706 else
1707 s->n_accepted += k;
1708 } else if (streq(key, "control-pid")) {
5925dd3c 1709 pid_t pid;
a16e1123 1710
e364ad06 1711 if (parse_pid(value, &pid) < 0)
a16e1123
LP		 1712 log_debug("Failed to parse control-pid value %s", value);
1713 else
5925dd3c 1714 s->control_pid = pid;
a16e1123
LP		 1715 } else if (streq(key, "control-command")) {
1716 SocketExecCommand id;
1717
1718 if ((id = socket_exec_command_from_string(value)) < 0)
1719 log_debug("Failed to parse exec-command value %s", value);
1720 else {
1721 s->control_command_id = id;
1722 s->control_command = s->exec_command[id];
1723 }
1724 } else if (streq(key, "fifo")) {
1725 int fd, skip = 0;
1726 SocketPort *p;
1727
1728 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1729 log_debug("Failed to parse fifo value %s", value);
1730 else {
1731
1732 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 1733 if (p->type == SOCKET_FIFO &&
1734 streq_ptr(p->path, value+skip))
1735 break;
1736
1737 if (p) {
1738 if (p->fd >= 0)
1739 close_nointr_nofail(p->fd);
1740 p->fd = fdset_remove(fds, fd);
1741 }
1742 }
1743
1744 } else if (streq(key, "special")) {
1745 int fd, skip = 0;
1746 SocketPort *p;
1747
1748 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1749 log_debug("Failed to parse special value %s", value);
1750 else {
1751
1752 LIST_FOREACH(port, p, s->ports)
1753 if (p->type == SOCKET_SPECIAL &&
1754 streq_ptr(p->path, value+skip))
a16e1123
LP		 1755 break;
1756
1757 if (p) {
1758 if (p->fd >= 0)
1759 close_nointr_nofail(p->fd);
1760 p->fd = fdset_remove(fds, fd);
1761 }
1762 }
1763
1764 } else if (streq(key, "socket")) {
27ca8d7a 1765 int fd, type, skip = 0;
a16e1123
LP		 1766 SocketPort *p;
1767
27ca8d7a 1768 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
a16e1123
LP		 1769 log_debug("Failed to parse socket value %s", value);
1770 else {
1771
1772 LIST_FOREACH(port, p, s->ports)
27ca8d7a 1773 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 1774 break;
1775
1776 if (p) {
1777 if (p->fd >= 0)
1778 close_nointr_nofail(p->fd);
1779 p->fd = fdset_remove(fds, fd);
1780 }
1781 }
1782
7a22745a
LP		 1783 } else if (streq(key, "netlink")) {
1784 int fd, skip = 0;
1785 SocketPort *p;
1786
1787 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1788 log_debug("Failed to parse socket value %s", value);
1789 else {
1790
1791 LIST_FOREACH(port, p, s->ports)
1792 if (socket_address_is_netlink(&p->address, value+skip))
1793 break;
1794
1795 if (p) {
1796 if (p->fd >= 0)
1797 close_nointr_nofail(p->fd);
1798 p->fd = fdset_remove(fds, fd);
1799 }
1800 }
1801
a16e1123
LP		 1802 } else
1803 log_debug("Unknown serialization key '%s'", key);
1804
1805 return 0;
1806}
1807
87f0e418
LP		 1808static UnitActiveState socket_active_state(Unit *u) {
1809 assert(u);
5cb5a6ff 1810
acbb0225 1811 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 1812}
1813
10a94420
LP		 1814static const char *socket_sub_state_to_string(Unit *u) {
1815 assert(u);
1816
a16e1123 1817 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 1818}
1819
6cf6bbc2
LP		 1820static bool socket_check_gc(Unit *u) {
1821 Socket *s = SOCKET(u);
1822
1823 assert(u);
1824
1825 return s->n_connections > 0;
1826}
1827
acbb0225 1828static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
87f0e418 1829 Socket *s = SOCKET(u);
4f2d528d 1830 int cfd = -1;
9152c765 1831
034c6ed7 1832 assert(s);
8d567588 1833 assert(fd >= 0);
9152c765 1834
871d7de4
LP		 1835 if (s->state != SOCKET_LISTENING)
1836 return;
1837
ac155bb8 1838 log_debug("Incoming traffic on %s", u->id);
9152c765 1839
4f2d528d 1840 if (events != EPOLLIN) {
641e01dc
LP		 1841
1842 if (events & EPOLLHUP)
ac155bb8 1843 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
641e01dc 1844 else
ac155bb8 1845 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
641e01dc 1846
8d567588 1847 goto fail;
4f2d528d
LP		 1848 }
1849
cabab516 1850 if (w->socket_accept) {
4f2d528d
LP		 1851 for (;;) {
1852
1853 if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
1854
1855 if (errno == EINTR)
1856 continue;
1857
1858 log_error("Failed to accept socket: %m");
8d567588 1859 goto fail;
4f2d528d
LP		 1860 }
1861
1862 break;
1863 }
4fd5948e
LP		 1864
1865 socket_apply_socket_options(s, cfd);
4f2d528d 1866 }
9152c765 1867
4f2d528d 1868 socket_enter_running(s, cfd);
8d567588
LP		 1869 return;
1870
1871fail:
cfc4eb4c 1872 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
9152c765
LP		 1873}
1874
87f0e418
LP		 1875static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1876 Socket *s = SOCKET(u);
cfc4eb4c 1877 SocketResult f;
5cb5a6ff
LP		 1878
1879 assert(s);
034c6ed7 1880 assert(pid >= 0);
5cb5a6ff 1881
8c47c732
LP		 1882 if (pid != s->control_pid)
1883 return;
542563ba 1884
034c6ed7
LP		 1885 s->control_pid = 0;
1886
cfc4eb4c
LP		 1887 if (is_clean_exit(code, status))
1888 f = SOCKET_SUCCESS;
1889 else if (code == CLD_EXITED)
1890 f = SOCKET_FAILURE_EXIT_CODE;
1891 else if (code == CLD_KILLED)
1892 f = SOCKET_FAILURE_SIGNAL;
1893 else if (code == CLD_DUMPED)
1894 f = SOCKET_FAILURE_CORE_DUMP;
1895 else
1896 assert_not_reached("Unknown code");
8c47c732 1897
b708e7ce 1898 if (s->control_command) {
6ea832a2 1899 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 1900
b708e7ce 1901 if (s->control_command->ignore)
cfc4eb4c 1902 f = SOCKET_SUCCESS;
b708e7ce
LP		 1903 }
1904
cfc4eb4c 1905 log_full(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
ac155bb8 1906 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
034c6ed7 1907
cfc4eb4c
LP		 1908 if (f != SOCKET_SUCCESS)
1909 s->result = f;
1910
1911 if (s->control_command &&
1912 s->control_command->command_next &&
1913 f == SOCKET_SUCCESS) {
1914
ac155bb8 1915 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
cfc4eb4c 1916 socket_run_next(s);
acbb0225 1917 } else {
a16e1123
LP		 1918 s->control_command = NULL;
1919 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1920
034c6ed7
LP		 1921 /* No further commands for this step, so let's figure
1922 * out what to do next */
5cb5a6ff 1923
ac155bb8 1924 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
acbb0225 1925
034c6ed7
LP		 1926 switch (s->state) {
1927
1928 case SOCKET_START_PRE:
cfc4eb4c 1929 if (f == SOCKET_SUCCESS)
acbb0225 1930 socket_enter_start_post(s);
034c6ed7 1931 else
cfc4eb4c 1932 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 1933 break;
1934
1935 case SOCKET_START_POST:
cfc4eb4c 1936 if (f == SOCKET_SUCCESS)
e9af15c3 1937 socket_enter_listening(s);
034c6ed7 1938 else
cfc4eb4c 1939 socket_enter_stop_pre(s, f);
034c6ed7
LP		 1940 break;
1941
1942 case SOCKET_STOP_PRE:
1943 case SOCKET_STOP_PRE_SIGTERM:
1944 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 1945 socket_enter_stop_post(s, f);
034c6ed7
LP		 1946 break;
1947
1948 case SOCKET_STOP_POST:
80876c20
LP		 1949 case SOCKET_FINAL_SIGTERM:
1950 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 1951 socket_enter_dead(s, f);
034c6ed7
LP		 1952 break;
1953
1954 default:
1955 assert_not_reached("Uh, control process died at wrong time.");
1956 }
1957 }
c4e2ceae
LP		 1958
1959 /* Notify clients about changed exit status */
1960 unit_add_to_dbus_queue(u);
034c6ed7 1961}
5cb5a6ff 1962
acbb0225 1963static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
87f0e418 1964 Socket *s = SOCKET(u);
5cb5a6ff 1965
034c6ed7
LP		 1966 assert(s);
1967 assert(elapsed == 1);
acbb0225 1968 assert(w == &s->timer_watch);
034c6ed7
LP		 1969
1970 switch (s->state) {
1971
1972 case SOCKET_START_PRE:
ac155bb8 1973 log_warning("%s starting timed out. Terminating.", u->id);
cfc4eb4c 1974 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 1975 break;
80876c20 1976
034c6ed7 1977 case SOCKET_START_POST:
ac155bb8 1978 log_warning("%s starting timed out. Stopping.", u->id);
cfc4eb4c 1979 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1980 break;
1981
1982 case SOCKET_STOP_PRE:
ac155bb8 1983 log_warning("%s stopping timed out. Terminating.", u->id);
cfc4eb4c 1984 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1985 break;
1986
1987 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 1988 if (s->kill_context.send_sigkill) {
ac155bb8 1989 log_warning("%s stopping timed out. Killing.", u->id);
cfc4eb4c 1990 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1991 } else {
ac155bb8 1992 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 1993 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 1994 }
034c6ed7
LP		 1995 break;
1996
1997 case SOCKET_STOP_PRE_SIGKILL:
ac155bb8 1998 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
cfc4eb4c 1999 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2000 break;
2001
2002 case SOCKET_STOP_POST:
ac155bb8 2003 log_warning("%s stopping timed out (2). Terminating.", u->id);
cfc4eb4c 2004 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2005 break;
2006
80876c20 2007 case SOCKET_FINAL_SIGTERM:
4819ff03 2008 if (s->kill_context.send_sigkill) {
ac155bb8 2009 log_warning("%s stopping timed out (2). Killing.", u->id);
cfc4eb4c 2010 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2011 } else {
ac155bb8 2012 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 2013 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2014 }
034c6ed7
LP		 2015 break;
2016
80876c20 2017 case SOCKET_FINAL_SIGKILL:
ac155bb8 2018 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
cfc4eb4c 2019 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2020 break;
2021
2022 default:
2023 assert_not_reached("Timeout at wrong time.");
2024 }
5cb5a6ff
LP		 2025}
2026
44d8db9e
LP		 2027int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2028 int *rfds;
2029 unsigned rn_fds, k;
2030 SocketPort *p;
2031
2032 assert(s);
2033 assert(fds);
2034 assert(n_fds);
2035
2036 /* Called from the service code for requesting our fds */
2037
2038 rn_fds = 0;
2039 LIST_FOREACH(port, p, s->ports)
2040 if (p->fd >= 0)
2041 rn_fds++;
2042
de3756ab
LP		 2043 if (rn_fds <= 0) {
2044 *fds = NULL;
2045 *n_fds = 0;
2046 return 0;
2047 }
2048
e364ad06 2049 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2050 return -ENOMEM;
2051
2052 k = 0;
2053 LIST_FOREACH(port, p, s->ports)
2054 if (p->fd >= 0)
2055 rfds[k++] = p->fd;
2056
2057 assert(k == rn_fds);
2058
2059 *fds = rfds;
2060 *n_fds = rn_fds;
2061
2062 return 0;
2063}
2064
6bda96a0 2065void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2066 assert(s);
2067
6cf6bbc2
LP		 2068 /* The service is dead. Dang!
2069 *
2070 * This is strictly for one-instance-for-all-connections
2071 * services. */
ceee3d82
LP		 2072
2073 if (s->state == SOCKET_RUNNING) {
6bda96a0
LP		 2074 log_debug("%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2075 if (failed_permanent)
2076 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2077 else
2078 socket_enter_listening(s);
ceee3d82
LP		 2079 }
2080}
2081
6cf6bbc2
LP		 2082void socket_connection_unref(Socket *s) {
2083 assert(s);
2084
2085 /* The service is dead. Yay!
2086 *
35b8ca3a 2087 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2088 * services. */
2089
2090 assert(s->n_connections > 0);
2091 s->n_connections--;
2092
1124fe6f 2093 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 2094}
2095
fdf20a31 2096static void socket_reset_failed(Unit *u) {
5632e374
LP		 2097 Socket *s = SOCKET(u);
2098
2099 assert(s);
2100
fdf20a31 2101 if (s->state == SOCKET_FAILED)
5632e374
LP		 2102 socket_set_state(s, SOCKET_DEAD);
2103
cfc4eb4c 2104 s->result = SOCKET_SUCCESS;
5632e374
LP		 2105}
2106
8a0867d6
LP		 2107static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError *error) {
2108 Socket *s = SOCKET(u);
2109 int r = 0;
2110 Set *pid_set = NULL;
2111
2112 assert(s);
2113
2114 if (who == KILL_MAIN) {
2115 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
a17204af 2116 return -ESRCH;
8a0867d6
LP		 2117 }
2118
2119 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2120 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
a17204af 2121 return -ESRCH;
8a0867d6
LP		 2122 }
2123
3611581e
LP		 2124 if (who == KILL_CONTROL || who == KILL_ALL)
2125 if (s->control_pid > 0)
2126 if (kill(s->control_pid, signo) < 0)
2127 r = -errno;
8a0867d6 2128
3611581e 2129 if (who == KILL_ALL && mode == KILL_CONTROL_GROUP) {
8a0867d6
LP		 2130 int q;
2131
2132 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func)))
2133 return -ENOMEM;
2134
2135 /* Exclude the control pid from being killed via the cgroup */
2136 if (s->control_pid > 0)
2137 if ((q = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0) {
2138 r = q;
2139 goto finish;
2140 }
2141
88f3e0c9 2142 q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, false, pid_set, NULL);
ecedd90f 2143 if (q < 0)
3611581e 2144 if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
8a0867d6
LP		 2145 r = q;
2146 }
2147
2148finish:
2149 if (pid_set)
2150 set_free(pid_set);
2151
2152 return r;
2153}
2154
a16e1123
LP		 2155static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2156 [SOCKET_DEAD] = "dead",
2157 [SOCKET_START_PRE] = "start-pre",
2158 [SOCKET_START_POST] = "start-post",
2159 [SOCKET_LISTENING] = "listening",
2160 [SOCKET_RUNNING] = "running",
2161 [SOCKET_STOP_PRE] = "stop-pre",
2162 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2163 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2164 [SOCKET_STOP_POST] = "stop-post",
2165 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2166 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2167 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2168};
2169
2170DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2171
2172static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2173 [SOCKET_EXEC_START_PRE] = "StartPre",
2174 [SOCKET_EXEC_START_POST] = "StartPost",
2175 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2176 [SOCKET_EXEC_STOP_POST] = "StopPost"
2177};
2178
2179DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2180
cfc4eb4c
LP		 2181static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2182 [SOCKET_SUCCESS] = "success",
2183 [SOCKET_FAILURE_RESOURCES] = "resources",
2184 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2185 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2186 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2187 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2188 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2189};
2190
2191DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2192
87f0e418 2193const UnitVTable socket_vtable = {
7d17cfbc 2194 .object_size = sizeof(Socket),
f975e971
LP		 2195 .sections =
2196 "Unit\0"
2197 "Socket\0"
2198 "Install\0",
5cb5a6ff 2199
034c6ed7
LP		 2200 .init = socket_init,
2201 .done = socket_done,
a16e1123
LP		 2202 .load = socket_load,
2203
8a0867d6
LP		 2204 .kill = socket_kill,
2205
a16e1123 2206 .coldplug = socket_coldplug,
034c6ed7 2207
5cb5a6ff
LP		 2208 .dump = socket_dump,
2209
542563ba
LP		 2210 .start = socket_start,
2211 .stop = socket_stop,
5cb5a6ff 2212
a16e1123
LP		 2213 .serialize = socket_serialize,
2214 .deserialize_item = socket_deserialize_item,
2215
5cb5a6ff 2216 .active_state = socket_active_state,
10a94420 2217 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2218
6cf6bbc2
LP		 2219 .check_gc = socket_check_gc,
2220
9152c765 2221 .fd_event = socket_fd_event,
034c6ed7 2222 .sigchld_event = socket_sigchld_event,
4139c1b2
LP		 2223 .timer_event = socket_timer_event,
2224
fdf20a31 2225 .reset_failed = socket_reset_failed,
5632e374 2226
c4e2ceae
LP		 2227 .bus_interface = "org.freedesktop.systemd1.Socket",
2228 .bus_message_handler = bus_socket_message_handler,
c6918296
MS		 2229 .bus_invalidating_properties = bus_socket_invalidating_properties,
2230
2231 .status_message_formats = {
2232 /*.starting_stopping = {
2233 [0] = "Starting socket %s...",
2234 [1] = "Stopping socket %s...",
2235 },*/
2236 .finished_start_job = {
2237 [JOB_DONE] = "Listening on %s.",
2238 [JOB_FAILED] = "Failed to listen on %s.",
2239 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2240 [JOB_TIMEOUT] = "Timed out starting %s.",
2241 },
2242 .finished_stop_job = {
2243 [JOB_DONE] = "Closed %s.",
2244 [JOB_FAILED] = "Failed stopping %s.",
2245 [JOB_TIMEOUT] = "Timed out stopping %s.",
2246 },
2247 },
5cb5a6ff 2248};
Unnamed repository; edit this file 'description' to name the repository.