]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core: don't include /boot in effect of ProtectSystem=
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
718db961 30#include <netinet/tcp.h>
916abb21 31#include <mqueue.h>
d2edfae0 32#include <sys/xattr.h>
83c60c9f 33
718db961 34#include "sd-event.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
41f9172f 42#include "unit-printf.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
e51bc1a2 45#include "label.h"
9a57c629 46#include "exit-status.h"
f6a6225e 47#include "def.h"
5a045dad 48#include "smack-util.h"
718db961
LP		 49#include "bus-util.h"
50#include "bus-error.h"
e821075a
LP		 51#include "dbus-socket.h"
52#include "unit.h"
53#include "socket.h"
83c60c9f 54
acbb0225 55static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
3900e5fd 58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
87f0e418
LP		 59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 68 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 69};
5cb5a6ff 70
718db961
LP		 71static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
73
a16e1123
LP		 74static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
76
77 assert(u);
ac155bb8 78 assert(u->load_state == UNIT_STUB);
a16e1123 79
a16e1123 80 s->backlog = SOMAXCONN;
1f19a534 81 s->timeout_usec = u->manager->default_timeout_start_usec;
a16e1123 82 s->directory_mode = 0755;
9131f660 83 s->socket_mode = 0666;
a16e1123 84
6cf6bbc2
LP		 85 s->max_connections = 64;
86
4fd5948e 87 s->priority = -1;
4fd5948e
LP		 88 s->ip_tos = -1;
89 s->ip_ttl = -1;
4fd5948e 90 s->mark = -1;
4fd5948e 91
ac155bb8
MS		 92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
085afe36 94
a16e1123
LP		 95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
96}
acbb0225 97
5e94833f
LP		 98static void socket_unwatch_control_pid(Socket *s) {
99 assert(s);
100
101 if (s->control_pid <= 0)
102 return;
103
104 unit_unwatch_pid(UNIT(s), s->control_pid);
105 s->control_pid = 0;
106}
107
74051b9b 108void socket_free_ports(Socket *s) {
034c6ed7
LP		 109 SocketPort *p;
110
111 assert(s);
112
113 while ((p = s->ports)) {
71fda00f 114 LIST_REMOVE(port, s->ports, p);
034c6ed7 115
718db961
LP		 116 sd_event_source_unref(p->event_source);
117
03e334a1 118 safe_close(p->fd);
034c6ed7
LP		 119 free(p->path);
120 free(p);
121 }
74051b9b
LP		 122}
123
124static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
126
127 assert(s);
128
129 socket_free_ports(s);
034c6ed7 130
613b411c 131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
e537352b 132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 133 s->control_command = NULL;
134
5e94833f 135 socket_unwatch_control_pid(s);
034c6ed7 136
57020a3a 137 unit_ref_unset(&s->service);
034c6ed7 138
cebf8b20
TT		 139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
141
acbb0225 142 free(s->bind_to_device);
e537352b 143 s->bind_to_device = NULL;
acbb0225 144
0eb59ccf
AK		 145 free(s->smack);
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
148
811ba7a0
LP		 149 strv_free(s->symlinks);
150
3900e5fd
LP		 151 free(s->user);
152 free(s->group);
153
718db961
LP		 154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
155}
156
157static int socket_arm_timer(Socket *s) {
158 int r;
159
160 assert(s);
161
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
164 return 0;
165 }
166
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
169 if (r < 0)
170 return r;
171
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
173 }
174
6a0f1f6d
LP		 175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
178 CLOCK_MONOTONIC,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
5cb5a6ff
LP		 181}
182
b15bdda8 183static int socket_instantiate_service(Socket *s) {
6c833cdf
MS		 184 _cleanup_free_ char *prefix = NULL;
185 _cleanup_free_ char *name = NULL;
b15bdda8
LP		 186 int r;
187 Unit *u;
188
189 assert(s);
190
191 /* This fills in s->service if it isn't filled in yet. For
192 * Accept=yes sockets we create the next connection service
193 * here. For Accept=no this is mostly a NOP since the service
194 * is figured out at load time anyway. */
195
57020a3a 196 if (UNIT_DEREF(s->service))
b15bdda8
LP		 197 return 0;
198
199 assert(s->accept);
200
315db1a8
ZJS		 201 prefix = unit_name_to_prefix(UNIT(s)->id);
202 if (!prefix)
b15bdda8
LP		 203 return -ENOMEM;
204
315db1a8 205 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
b15bdda8
LP		 206 return -ENOMEM;
207
1124fe6f 208 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 209 if (r < 0)
210 return r;
211
7b4bf06b 212#ifdef HAVE_SYSV_COMPAT
1b64d026 213 if (SERVICE(u)->is_sysv) {
7b4bf06b
LP		 214 log_error("Using SysV services for socket activation is not supported. Refusing.");
215 return -ENOENT;
216 }
217#endif
218
ac155bb8 219 u->no_gc = true;
57020a3a
LP		 220 unit_ref_set(&s->service, u);
221
222 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 223}
224
4f2d528d
LP		 225static bool have_non_accept_socket(Socket *s) {
226 SocketPort *p;
227
228 assert(s);
229
230 if (!s->accept)
231 return true;
232
dd5ad9d4
LP		 233 LIST_FOREACH(port, p, s->ports) {
234
235 if (p->type != SOCKET_SOCKET)
236 return true;
237
4f2d528d
LP		 238 if (!socket_address_can_accept(&p->address))
239 return true;
dd5ad9d4 240 }
4f2d528d
LP		 241
242 return false;
243}
244
a57f7e2c 245static int socket_add_mount_links(Socket *s) {
6e2ef85b 246 SocketPort *p;
6e2ef85b
LP		 247 int r;
248
249 assert(s);
6e2ef85b 250
a57f7e2c
LP		 251 LIST_FOREACH(port, p, s->ports) {
252 const char *path = NULL;
6e2ef85b 253
a57f7e2c
LP		 254 if (p->type == SOCKET_SOCKET)
255 path = socket_address_get_path(&p->address);
256 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
257 path = p->path;
6e2ef85b 258
a57f7e2c
LP		 259 if (!path)
260 continue;
6e2ef85b 261
a57f7e2c 262 r = unit_require_mounts_for(UNIT(s), path);
b87705cd 263 if (r < 0)
6e2ef85b 264 return r;
b87705cd 265 }
6e2ef85b
LP		 266
267 return 0;
268}
269
270static int socket_add_device_link(Socket *s) {
271 char *t;
6e2ef85b
LP		 272
273 assert(s);
274
7d0c710d 275 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
6e2ef85b
LP		 276 return 0;
277
e821075a
LP		 278 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
279 return unit_add_node_link(UNIT(s), t, false);
6e2ef85b
LP		 280}
281
a40eb732
LP		 282static int socket_add_default_dependencies(Socket *s) {
283 int r;
284 assert(s);
285
e3d84721
LP		 286 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
287 if (r < 0)
288 return r;
2a77d31d 289
e3d84721
LP		 290 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
291 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
292 if (r < 0)
a40eb732 293 return r;
2a77d31d 294 }
a40eb732 295
ead8e478 296 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 297}
298
44a6b1b6 299_pure_ static bool socket_has_exec(Socket *s) {
4cfc6dbe
LP		 300 unsigned i;
301 assert(s);
302
303 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
304 if (s->exec_command[i])
305 return true;
306
307 return false;
308}
309
e821075a
LP		 310static int socket_add_extras(Socket *s) {
311 Unit *u = UNIT(s);
e537352b 312 int r;
44d8db9e 313
e821075a 314 assert(s);
57020a3a 315
e821075a 316 if (have_non_accept_socket(s)) {
23a177ef 317
e821075a
LP		 318 if (!UNIT_DEREF(s->service)) {
319 Unit *x;
57020a3a 320
e821075a 321 r = unit_load_related_unit(u, ".service", &x);
57020a3a 322 if (r < 0)
4f2d528d 323 return r;
e821075a
LP		 324
325 unit_ref_set(&s->service, x);
4f2d528d 326 }
44d8db9e 327
e821075a
LP		 328 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
329 if (r < 0)
6e2ef85b 330 return r;
e821075a 331 }
6e2ef85b 332
e821075a
LP		 333 r = socket_add_mount_links(s);
334 if (r < 0)
335 return r;
6e2ef85b 336
e821075a
LP		 337 r = socket_add_device_link(s);
338 if (r < 0)
339 return r;
340
598459ce 341 r = unit_patch_contexts(u);
e821075a
LP		 342 if (r < 0)
343 return r;
344
345 if (socket_has_exec(s)) {
346 r = unit_add_exec_dependencies(u, &s->exec_context);
347 if (r < 0)
348 return r;
23a177ef 349
598459ce 350 r = unit_add_default_slice(u, &s->cgroup_context);
a016b922
LP		 351 if (r < 0)
352 return r;
e821075a 353 }
a016b922 354
e821075a
LP		 355 if (u->default_dependencies) {
356 r = socket_add_default_dependencies(s);
357 if (r < 0)
358 return r;
359 }
360
361 return 0;
362}
363
811ba7a0
LP		 364static const char *socket_find_symlink_target(Socket *s) {
365 const char *found = NULL;
366 SocketPort *p;
367
368 LIST_FOREACH(port, p, s->ports) {
369 const char *f = NULL;
370
371 switch (p->type) {
372
373 case SOCKET_FIFO:
374 f = p->path;
375 break;
376
377 case SOCKET_SOCKET:
378 if (p->address.sockaddr.un.sun_path[0] != 0)
379 f = p->address.sockaddr.un.sun_path;
380 break;
381
382 default:
383 break;
384 }
385
386 if (f) {
387 if (found)
388 return NULL;
389
390 found = f;
391 }
392 }
393
394 return found;
395}
396
e821075a
LP		 397static int socket_verify(Socket *s) {
398 assert(s);
399
400 if (UNIT(s)->load_state != UNIT_LOADED)
401 return 0;
402
403 if (!s->ports) {
404 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
405 return -EINVAL;
406 }
407
408 if (s->accept && have_non_accept_socket(s)) {
409 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
410 UNIT(s)->id);
411 return -EINVAL;
412 }
413
414 if (s->accept && s->max_connections <= 0) {
415 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
416 return -EINVAL;
417 }
e06c73cc 418
e821075a
LP		 419 if (s->accept && UNIT_DEREF(s->service)) {
420 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
421 return -EINVAL;
422 }
423
424 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
425 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
426 return -EINVAL;
427 }
428
811ba7a0
LP		 429 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
430 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
431 return -EINVAL;
432 }
433
e821075a
LP		 434 return 0;
435}
436
437static int socket_load(Unit *u) {
438 Socket *s = SOCKET(u);
439 int r;
440
441 assert(u);
442 assert(u->load_state == UNIT_STUB);
443
444 r = unit_load_fragment_and_dropin(u);
445 if (r < 0)
446 return r;
447
448 if (u->load_state == UNIT_LOADED) {
449 /* This is a new unit? Then let's add in some extras */
450 r = socket_add_extras(s);
e06c73cc
LP		 451 if (r < 0)
452 return r;
23a177ef
LP		 453 }
454
4f2d528d 455 return socket_verify(s);
44d8db9e
LP		 456}
457
44a6b1b6 458_const_ static const char* listen_lookup(int family, int type) {
7a22745a
LP		 459
460 if (family == AF_NETLINK)
461 return "ListenNetlink";
542563ba
LP		 462
463 if (type == SOCK_STREAM)
464 return "ListenStream";
465 else if (type == SOCK_DGRAM)
466 return "ListenDatagram";
467 else if (type == SOCK_SEQPACKET)
468 return "ListenSequentialPacket";
469
034c6ed7 470 assert_not_reached("Unknown socket type");
542563ba
LP		 471 return NULL;
472}
473
87f0e418 474static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 475 SocketExecCommand c;
87f0e418 476 Socket *s = SOCKET(u);
542563ba 477 SocketPort *p;
82ba9f08 478 const char *prefix2;
5cb5a6ff
LP		 479
480 assert(s);
fa068367 481 assert(f);
5cb5a6ff 482
e821075a 483 prefix2 = strappenda(prefix, "\t");
c43d20a0 484
5cb5a6ff
LP		 485 fprintf(f,
486 "%sSocket State: %s\n"
81a5c6d0 487 "%sResult: %s\n"
542563ba 488 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 489 "%sBacklog: %u\n"
490 "%sSocketMode: %04o\n"
4fd5948e
LP		 491 "%sDirectoryMode: %04o\n"
492 "%sKeepAlive: %s\n"
cebf8b20 493 "%sFreeBind: %s\n"
6b6d2dee 494 "%sTransparent: %s\n"
ec6370a2 495 "%sBroadcast: %s\n"
ede3deb4 496 "%sPassCredentials: %s\n"
54ecda32 497 "%sPassSecurity: %s\n"
bd1fe7c7
LP		 498 "%sTCPCongestion: %s\n"
499 "%sRemoveOnStop: %s\n",
a16e1123 500 prefix, socket_state_to_string(s->state),
81a5c6d0 501 prefix, socket_result_to_string(s->result),
c0120d99 502 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 503 prefix, s->backlog,
504 prefix, s->socket_mode,
4fd5948e
LP		 505 prefix, s->directory_mode,
506 prefix, yes_no(s->keep_alive),
cebf8b20 507 prefix, yes_no(s->free_bind),
6b6d2dee 508 prefix, yes_no(s->transparent),
ec6370a2 509 prefix, yes_no(s->broadcast),
d68af586 510 prefix, yes_no(s->pass_cred),
54ecda32 511 prefix, yes_no(s->pass_sec),
bd1fe7c7
LP		 512 prefix, strna(s->tcp_congestion),
513 prefix, yes_no(s->remove_on_stop));
542563ba 514
70123e68
LP		 515 if (s->control_pid > 0)
516 fprintf(f,
de0671ee
ZJS		 517 "%sControl PID: "PID_FMT"\n",
518 prefix, s->control_pid);
70123e68 519
acbb0225
LP		 520 if (s->bind_to_device)
521 fprintf(f,
522 "%sBindToDevice: %s\n",
523 prefix, s->bind_to_device);
524
4f2d528d
LP		 525 if (s->accept)
526 fprintf(f,
6cf6bbc2
LP		 527 "%sAccepted: %u\n"
528 "%sNConnections: %u\n"
529 "%sMaxConnections: %u\n",
530 prefix, s->n_accepted,
531 prefix, s->n_connections,
532 prefix, s->max_connections);
4f2d528d 533
4fd5948e
LP		 534 if (s->priority >= 0)
535 fprintf(f,
536 "%sPriority: %i\n",
537 prefix, s->priority);
538
539 if (s->receive_buffer > 0)
540 fprintf(f,
541 "%sReceiveBuffer: %zu\n",
542 prefix, s->receive_buffer);
543
544 if (s->send_buffer > 0)
545 fprintf(f,
546 "%sSendBuffer: %zu\n",
547 prefix, s->send_buffer);
548
549 if (s->ip_tos >= 0)
550 fprintf(f,
551 "%sIPTOS: %i\n",
552 prefix, s->ip_tos);
553
554 if (s->ip_ttl >= 0)
555 fprintf(f,
556 "%sIPTTL: %i\n",
557 prefix, s->ip_ttl);
558
559 if (s->pipe_size > 0)
560 fprintf(f,
561 "%sPipeSize: %zu\n",
562 prefix, s->pipe_size);
563
564 if (s->mark >= 0)
565 fprintf(f,
566 "%sMark: %i\n",
567 prefix, s->mark);
568
916abb21
LP		 569 if (s->mq_maxmsg > 0)
570 fprintf(f,
571 "%sMessageQueueMaxMessages: %li\n",
572 prefix, s->mq_maxmsg);
573
574 if (s->mq_msgsize > 0)
575 fprintf(f,
576 "%sMessageQueueMessageSize: %li\n",
577 prefix, s->mq_msgsize);
578
718db961 579 if (s->reuse_port)
f7db7a69
SL		 580 fprintf(f,
581 "%sReusePort: %s\n",
718db961 582 prefix, yes_no(s->reuse_port));
f7db7a69 583
0eb59ccf
AK		 584 if (s->smack)
585 fprintf(f,
586 "%sSmackLabel: %s\n",
587 prefix, s->smack);
588
589 if (s->smack_ip_in)
590 fprintf(f,
591 "%sSmackLabelIPIn: %s\n",
592 prefix, s->smack_ip_in);
593
594 if (s->smack_ip_out)
595 fprintf(f,
596 "%sSmackLabelIPOut: %s\n",
597 prefix, s->smack_ip_out);
598
3900e5fd
LP		 599 if (!isempty(s->user) || !isempty(s->group))
600 fprintf(f,
601 "%sOwnerUser: %s\n"
602 "%sOwnerGroup: %s\n",
603 prefix, strna(s->user),
604 prefix, strna(s->group));
605
034c6ed7 606 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 607
542563ba
LP		 608 if (p->type == SOCKET_SOCKET) {
609 const char *t;
610 int r;
e364ad06 611 char *k = NULL;
542563ba
LP		 612
613 if ((r = socket_address_print(&p->address, &k)) < 0)
614 t = strerror(-r);
615 else
616 t = k;
617
7a22745a 618 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 619 free(k);
b0a3f2bc
LP		 620 } else if (p->type == SOCKET_SPECIAL)
621 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 622 else if (p->type == SOCKET_MQUEUE)
623 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 624 else
542563ba
LP		 625 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
626 }
5cb5a6ff
LP		 627
628 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 629 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 630
e537352b 631 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 632 if (!s->exec_command[c])
633 continue;
5cb5a6ff 634
40d50879 635 fprintf(f, "%s-> %s:\n",
a16e1123 636 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 637
638 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff
LP		 639 }
640}
641
4f2d528d
LP		 642static int instance_from_socket(int fd, unsigned nr, char **instance) {
643 socklen_t l;
644 char *r;
9d16d0c7 645 union sockaddr_union local, remote;
4f2d528d
LP		 646
647 assert(fd >= 0);
648 assert(instance);
649
650 l = sizeof(local);
651 if (getsockname(fd, &local.sa, &l) < 0)
652 return -errno;
653
654 l = sizeof(remote);
655 if (getpeername(fd, &remote.sa, &l) < 0)
656 return -errno;
657
658 switch (local.sa.sa_family) {
659
660 case AF_INET: {
661 uint32_t
662 a = ntohl(local.in.sin_addr.s_addr),
663 b = ntohl(remote.in.sin_addr.s_addr);
664
665 if (asprintf(&r,
77b088c2
LP		 666 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
667 nr,
4f2d528d
LP		 668 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
669 ntohs(local.in.sin_port),
670 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
671 ntohs(remote.in.sin_port)) < 0)
672 return -ENOMEM;
673
674 break;
675 }
676
677 case AF_INET6: {
c65a0b14 678 static const unsigned char ipv4_prefix[] = {
2b061f5a
LP		 679 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
680 };
681
682 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
683 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
684 const uint8_t
685 *a = local.in6.sin6_addr.s6_addr+12,
686 *b = remote.in6.sin6_addr.s6_addr+12;
687
688 if (asprintf(&r,
77b088c2
LP		 689 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
690 nr,
2b061f5a
LP		 691 a[0], a[1], a[2], a[3],
692 ntohs(local.in6.sin6_port),
693 b[0], b[1], b[2], b[3],
694 ntohs(remote.in6.sin6_port)) < 0)
695 return -ENOMEM;
696 } else {
697 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
698
699 if (asprintf(&r,
77b088c2
LP		 700 "%u-%s:%u-%s:%u",
701 nr,
2b061f5a
LP		 702 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
703 ntohs(local.in6.sin6_port),
704 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
705 ntohs(remote.in6.sin6_port)) < 0)
706 return -ENOMEM;
707 }
4f2d528d
LP		 708
709 break;
710 }
711
712 case AF_UNIX: {
713 struct ucred ucred;
eff05270 714 int k;
4f2d528d 715
eff05270 716 k = getpeercred(fd, &ucred);
d38f6e34
ZJS		 717 if (k >= 0) {
718 if (asprintf(&r,
719 "%u-"PID_FMT"-"UID_FMT,
720 nr, ucred.pid, ucred.uid) < 0)
721 return -ENOMEM;
722 } else if (k == -ENODATA) {
723 /* This handles the case where somebody is
724 * connecting from another pid/uid namespace
725 * (e.g. from outside of our container). */
726 if (asprintf(&r,
727 "%u-unknown",
728 nr) < 0)
729 return -ENOMEM;
730 } else
eff05270 731 return k;
2f20a8eb 732
2f20a8eb 733 break;
4f2d528d
LP		 734 }
735
736 default:
737 assert_not_reached("Unhandled socket type.");
738 }
739
740 *instance = r;
741 return 0;
742}
743
034c6ed7 744static void socket_close_fds(Socket *s) {
83c60c9f 745 SocketPort *p;
811ba7a0 746 char **i;
83c60c9f
LP		 747
748 assert(s);
749
034c6ed7 750 LIST_FOREACH(port, p, s->ports) {
718db961
LP		 751
752 p->event_source = sd_event_source_unref(p->event_source);
753
83c60c9f
LP		 754 if (p->fd < 0)
755 continue;
756
03e334a1 757 p->fd = safe_close(p->fd);
a16e1123 758
bd1fe7c7
LP		 759 /* One little note: we should normally not delete any
760 * sockets in the file system here! After all some
761 * other process we spawned might still have a
762 * reference of this fd and wants to continue to use
763 * it. Therefore we delete sockets in the file system
764 * before we create a new one, not after we stopped
765 * using one! */
766
767 if (s->remove_on_stop) {
768 switch (p->type) {
769
770 case SOCKET_FIFO:
771 unlink(p->path);
772 break;
773
774 case SOCKET_MQUEUE:
775 mq_unlink(p->path);
776 break;
777
778 case SOCKET_SOCKET:
779 socket_address_unlink(&p->address);
780 break;
781
782 default:
783 break;
784 }
785 }
83c60c9f 786 }
811ba7a0
LP		 787
788 if (s->remove_on_stop)
789 STRV_FOREACH(i, s->symlinks)
790 unlink(*i);
83c60c9f
LP		 791}
792
4fd5948e
LP		 793static void socket_apply_socket_options(Socket *s, int fd) {
794 assert(s);
795 assert(fd >= 0);
796
797 if (s->keep_alive) {
798 int b = s->keep_alive;
799 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
66870f90 800 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
4fd5948e
LP		 801 }
802
ec6370a2
LP		 803 if (s->broadcast) {
804 int one = 1;
805 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
66870f90 806 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
ec6370a2
LP		 807 }
808
d68af586
MS		 809 if (s->pass_cred) {
810 int one = 1;
811 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
66870f90 812 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
d68af586
MS		 813 }
814
54ecda32
LP		 815 if (s->pass_sec) {
816 int one = 1;
817 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
66870f90 818 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
54ecda32
LP		 819 }
820
4fd5948e
LP		 821 if (s->priority >= 0)
822 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
66870f90 823 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
4fd5948e
LP		 824
825 if (s->receive_buffer > 0) {
826 int value = (int) s->receive_buffer;
7d9eaa84
LP		 827
828 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
829
b8cef44e 830 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 831 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
66870f90 832 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
4fd5948e
LP		 833 }
834
835 if (s->send_buffer > 0) {
836 int value = (int) s->send_buffer;
b8cef44e 837 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 838 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
66870f90 839 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
4fd5948e
LP		 840 }
841
842 if (s->mark >= 0)
843 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
66870f90 844 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
4fd5948e
LP		 845
846 if (s->ip_tos >= 0)
847 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
66870f90 848 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
4fd5948e 849
46925ac5
LP		 850 if (s->ip_ttl >= 0) {
851 int r, x;
852
853 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 854
855 if (socket_ipv6_is_supported())
856 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
857 else {
858 x = -1;
859 errno = EAFNOSUPPORT;
860 }
46925ac5
LP		 861
862 if (r < 0 && x < 0)
66870f90
ZJS		 863 log_warning_unit(UNIT(s)->id,
864 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
46925ac5 865 }
cebf8b20
TT		 866
867 if (s->tcp_congestion)
868 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
66870f90 869 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
0eb59ccf 870
718db961
LP		 871 if (s->reuse_port) {
872 int b = s->reuse_port;
f0511bd7 873 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
f7db7a69
SL		 874 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
875 }
876
9a4e038c
KS		 877 if (s->smack_ip_in)
878 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
879 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
880
881 if (s->smack_ip_out)
882 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
883 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
4fd5948e
LP		 884}
885
b15bdda8 886static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 887 assert(s);
888 assert(fd >= 0);
889
890 if (s->pipe_size > 0)
891 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
66870f90
ZJS		 892 log_warning_unit(UNIT(s)->id,
893 "F_SETPIPE_SZ: %m");
0eb59ccf 894
9a4e038c
KS		 895 if (s->smack)
896 if (smack_label_fd(fd, s->smack) < 0)
897 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
4fd5948e
LP		 898}
899
b15bdda8
LP		 900static int fifo_address_create(
901 const char *path,
902 mode_t directory_mode,
903 mode_t socket_mode,
b15bdda8
LP		 904 int *_fd) {
905
7a58bfa4 906 int fd = -1, r = 0;
b15bdda8
LP		 907 struct stat st;
908 mode_t old_mask;
909
910 assert(path);
911 assert(_fd);
912
d2e54fae 913 mkdir_parents_label(path, directory_mode);
b15bdda8 914
e9a5ef7c
KS		 915 r = label_context_set(path, S_IFIFO);
916 if (r < 0)
56cf987f 917 goto fail;
b15bdda8
LP		 918
919 /* Enforce the right access mode for the fifo */
920 old_mask = umask(~ socket_mode);
921
922 /* Include the original umask in our mask */
923 umask(~socket_mode | old_mask);
924
925 r = mkfifo(path, socket_mode);
926 umask(old_mask);
927
94bc2731 928 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 929 r = -errno;
930 goto fail;
931 }
932
e4f44e73 933 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
b15bdda8
LP		 934 r = -errno;
935 goto fail;
936 }
937
e9a5ef7c 938 label_context_clear();
7a58bfa4 939
b15bdda8
LP		 940 if (fstat(fd, &st) < 0) {
941 r = -errno;
942 goto fail;
943 }
944
945 if (!S_ISFIFO(st.st_mode) ||
de0200fc 946 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
e4f44e73
DR		 947 st.st_uid != getuid() ||
948 st.st_gid != getgid()) {
b15bdda8
LP		 949
950 r = -EEXIST;
951 goto fail;
952 }
953
954 *_fd = fd;
955 return 0;
956
957fail:
e9a5ef7c 958 label_context_clear();
03e334a1 959 safe_close(fd);
b15bdda8
LP		 960
961 return r;
962}
963
b0a3f2bc
LP		 964static int special_address_create(
965 const char *path,
966 int *_fd) {
967
968 int fd = -1, r = 0;
969 struct stat st;
970
971 assert(path);
972 assert(_fd);
973
811ba7a0
LP		 974 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
975 if (fd < 0) {
b0a3f2bc
LP		 976 r = -errno;
977 goto fail;
978 }
979
980 if (fstat(fd, &st) < 0) {
981 r = -errno;
982 goto fail;
983 }
984
985 /* Check whether this is a /proc, /sys or /dev file or char device */
986 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
987 r = -EEXIST;
988 goto fail;
989 }
990
991 *_fd = fd;
992 return 0;
993
994fail:
03e334a1 995 safe_close(fd);
b0a3f2bc
LP		 996
997 return r;
998}
999
916abb21
LP		 1000static int mq_address_create(
1001 const char *path,
1002 mode_t mq_mode,
1003 long maxmsg,
1004 long msgsize,
1005 int *_fd) {
1006
1007 int fd = -1, r = 0;
1008 struct stat st;
1009 mode_t old_mask;
1010 struct mq_attr _attr, *attr = NULL;
1011
1012 assert(path);
1013 assert(_fd);
1014
1015 if (maxmsg > 0 && msgsize > 0) {
1016 zero(_attr);
1017 _attr.mq_flags = O_NONBLOCK;
1018 _attr.mq_maxmsg = maxmsg;
1019 _attr.mq_msgsize = msgsize;
1020 attr = &_attr;
1021 }
1022
1023 /* Enforce the right access mode for the mq */
1024 old_mask = umask(~ mq_mode);
1025
1026 /* Include the original umask in our mask */
1027 umask(~mq_mode | old_mask);
916abb21
LP		 1028 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1029 umask(old_mask);
1030
8ea913b2 1031 if (fd < 0) {
916abb21
LP		 1032 r = -errno;
1033 goto fail;
1034 }
1035
1036 if (fstat(fd, &st) < 0) {
1037 r = -errno;
1038 goto fail;
1039 }
1040
1041 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1042 st.st_uid != getuid() ||
1043 st.st_gid != getgid()) {
1044
1045 r = -EEXIST;
1046 goto fail;
1047 }
1048
1049 *_fd = fd;
1050 return 0;
1051
1052fail:
03e334a1 1053 safe_close(fd);
916abb21
LP		 1054 return r;
1055}
1056
811ba7a0
LP		 1057static int socket_symlink(Socket *s) {
1058 const char *p;
1059 char **i;
1060
1061 assert(s);
1062
1063 p = socket_find_symlink_target(s);
1064 if (!p)
1065 return 0;
1066
1067 STRV_FOREACH(i, s->symlinks)
1068 symlink(p, *i);
1069
1070 return 0;
1071}
1072
034c6ed7 1073static int socket_open_fds(Socket *s) {
83c60c9f
LP		 1074 SocketPort *p;
1075 int r;
56cf987f 1076 char *label = NULL;
049f8642 1077 bool know_label = false;
83c60c9f
LP		 1078
1079 assert(s);
1080
034c6ed7 1081 LIST_FOREACH(port, p, s->ports) {
83c60c9f 1082
034c6ed7
LP		 1083 if (p->fd >= 0)
1084 continue;
83c60c9f
LP		 1085
1086 if (p->type == SOCKET_SOCKET) {
1087
049f8642
LP		 1088 if (!know_label) {
1089
bd1fe7c7
LP		 1090 r = socket_instantiate_service(s);
1091 if (r < 0)
049f8642
LP		 1092 return r;
1093
9444b1f2 1094 if (UNIT_ISSET(s->service) &&
57020a3a
LP		 1095 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1096 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
bd1fe7c7
LP		 1097 if (r < 0 && r != -EPERM)
1098 return r;
189583d7 1099 }
049f8642
LP		 1100
1101 know_label = true;
1102 }
1103
175a3d25
LP		 1104 r = socket_address_listen(
1105 &p->address,
1106 SOCK_CLOEXEC|SOCK_NONBLOCK,
1107 s->backlog,
1108 s->bind_ipv6_only,
1109 s->bind_to_device,
1110 s->free_bind,
1111 s->transparent,
1112 s->directory_mode,
1113 s->socket_mode,
1114 label);
1115 if (r < 0)
83c60c9f
LP		 1116 goto rollback;
1117
175a3d25 1118 p->fd = r;
4fd5948e 1119 socket_apply_socket_options(s, p->fd);
811ba7a0 1120 socket_symlink(s);
4fd5948e 1121
b0a3f2bc
LP		 1122 } else if (p->type == SOCKET_SPECIAL) {
1123
175a3d25
LP		 1124 r = special_address_create(
1125 p->path,
1126 &p->fd);
1127 if (r < 0)
b0a3f2bc
LP		 1128 goto rollback;
1129
b15bdda8 1130 } else if (p->type == SOCKET_FIFO) {
83c60c9f 1131
175a3d25
LP		 1132 r = fifo_address_create(
1133 p->path,
1134 s->directory_mode,
1135 s->socket_mode,
1136 &p->fd);
1137 if (r < 0)
83c60c9f 1138 goto rollback;
83c60c9f 1139
b15bdda8 1140 socket_apply_fifo_options(s, p->fd);
811ba7a0
LP		 1141 socket_symlink(s);
1142
916abb21 1143 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 1144
175a3d25
LP		 1145 r = mq_address_create(
1146 p->path,
1147 s->socket_mode,
1148 s->mq_maxmsg,
1149 s->mq_msgsize,
1150 &p->fd);
1151 if (r < 0)
916abb21 1152 goto rollback;
b15bdda8
LP		 1153 } else
1154 assert_not_reached("Unknown port type");
034c6ed7
LP		 1155 }
1156
56cf987f 1157 label_free(label);
034c6ed7
LP		 1158 return 0;
1159
1160rollback:
1161 socket_close_fds(s);
56cf987f 1162 label_free(label);
034c6ed7
LP		 1163 return r;
1164}
1165
1166static void socket_unwatch_fds(Socket *s) {
1167 SocketPort *p;
718db961 1168 int r;
9152c765 1169
034c6ed7
LP		 1170 assert(s);
1171
1172 LIST_FOREACH(port, p, s->ports) {
1173 if (p->fd < 0)
1174 continue;
1175
718db961
LP		 1176 if (p->event_source) {
1177 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1178 if (r < 0)
1179 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1180 }
83c60c9f 1181 }
034c6ed7
LP		 1182}
1183
1184static int socket_watch_fds(Socket *s) {
1185 SocketPort *p;
1186 int r;
1187
1188 assert(s);
83c60c9f 1189
034c6ed7
LP		 1190 LIST_FOREACH(port, p, s->ports) {
1191 if (p->fd < 0)
1192 continue;
1193
718db961
LP		 1194 if (p->event_source)
1195 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1196 else
151b9b96 1197 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
4f2d528d 1198
718db961
LP		 1199 if (r < 0) {
1200 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
034c6ed7 1201 goto fail;
718db961 1202 }
034c6ed7 1203 }
83c60c9f 1204
542563ba 1205 return 0;
83c60c9f 1206
034c6ed7
LP		 1207fail:
1208 socket_unwatch_fds(s);
1209 return r;
1210}
1211
1212static void socket_set_state(Socket *s, SocketState state) {
1213 SocketState old_state;
1214 assert(s);
1215
1216 old_state = s->state;
1217 s->state = state;
1218
bd1fe7c7
LP		 1219 if (!IN_SET(state,
1220 SOCKET_START_PRE,
3900e5fd 1221 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1222 SOCKET_START_POST,
1223 SOCKET_STOP_PRE,
1224 SOCKET_STOP_PRE_SIGTERM,
1225 SOCKET_STOP_PRE_SIGKILL,
1226 SOCKET_STOP_POST,
1227 SOCKET_FINAL_SIGTERM,
1228 SOCKET_FINAL_SIGKILL)) {
718db961
LP		 1229
1230 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
5e94833f 1231 socket_unwatch_control_pid(s);
034c6ed7 1232 s->control_command = NULL;
a16e1123 1233 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1234 }
034c6ed7 1235
a16e1123
LP		 1236 if (state != SOCKET_LISTENING)
1237 socket_unwatch_fds(s);
1238
bd1fe7c7 1239 if (!IN_SET(state,
3900e5fd 1240 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1241 SOCKET_START_POST,
1242 SOCKET_LISTENING,
1243 SOCKET_RUNNING,
1244 SOCKET_STOP_PRE,
1245 SOCKET_STOP_PRE_SIGTERM,
1246 SOCKET_STOP_PRE_SIGKILL))
034c6ed7
LP		 1247 socket_close_fds(s);
1248
e537352b 1249 if (state != old_state)
e821075a
LP		 1250 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1251 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
acbb0225 1252
e2f3b44c 1253 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1254}
1255
a16e1123
LP		 1256static int socket_coldplug(Unit *u) {
1257 Socket *s = SOCKET(u);
1258 int r;
1259
1260 assert(s);
1261 assert(s->state == SOCKET_DEAD);
1262
e821075a
LP		 1263 if (s->deserialized_state == s->state)
1264 return 0;
a16e1123 1265
3900e5fd
LP		 1266 if (IN_SET(s->deserialized_state,
1267 SOCKET_START_PRE,
1268 SOCKET_START_CHOWN,
1269 SOCKET_START_POST,
1270 SOCKET_STOP_PRE,
1271 SOCKET_STOP_PRE_SIGTERM,
1272 SOCKET_STOP_PRE_SIGKILL,
1273 SOCKET_STOP_POST,
1274 SOCKET_FINAL_SIGTERM,
1275 SOCKET_FINAL_SIGKILL)) {
a16e1123 1276
e821075a
LP		 1277 if (s->control_pid <= 0)
1278 return -EBADMSG;
a16e1123 1279
e821075a
LP		 1280 r = unit_watch_pid(UNIT(s), s->control_pid);
1281 if (r < 0)
1282 return r;
a16e1123 1283
e821075a
LP		 1284 r = socket_arm_timer(s);
1285 if (r < 0)
1286 return r;
1287 }
a16e1123 1288
3900e5fd
LP		 1289 if (IN_SET(s->deserialized_state,
1290 SOCKET_START_CHOWN,
1291 SOCKET_START_POST,
1292 SOCKET_LISTENING,
1293 SOCKET_RUNNING,
1294 SOCKET_STOP_PRE,
1295 SOCKET_STOP_PRE_SIGTERM,
1296 SOCKET_STOP_PRE_SIGKILL)) {
e821075a
LP		 1297 r = socket_open_fds(s);
1298 if (r < 0)
1299 return r;
1300 }
a16e1123 1301
e821075a
LP		 1302 if (s->deserialized_state == SOCKET_LISTENING) {
1303 r = socket_watch_fds(s);
1304 if (r < 0)
1305 return r;
a16e1123
LP		 1306 }
1307
e821075a 1308 socket_set_state(s, s->deserialized_state);
a16e1123
LP		 1309 return 0;
1310}
1311
e537352b 1312static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
3900e5fd 1313 _cleanup_free_ char **argv = NULL;
034c6ed7
LP		 1314 pid_t pid;
1315 int r;
1316
1317 assert(s);
1318 assert(c);
1319 assert(_pid);
1320
4ad49000
LP		 1321 unit_realize_cgroup(UNIT(s));
1322
613b411c
LP		 1323 r = unit_setup_exec_runtime(UNIT(s));
1324 if (r < 0)
1325 goto fail;
1326
718db961 1327 r = socket_arm_timer(s);
36697dc0 1328 if (r < 0)
e537352b 1329 goto fail;
034c6ed7 1330
19f6d710
LP		 1331 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1332 if (r < 0)
9e2f7c11 1333 goto fail;
9e2f7c11
LP		 1334
1335 r = exec_spawn(c,
1336 argv,
1337 &s->exec_context,
1338 NULL, 0,
1124fe6f 1339 UNIT(s)->manager->environment,
9e2f7c11
LP		 1340 true,
1341 true,
1e3ad081 1342 true,
1124fe6f 1343 UNIT(s)->manager->confirm_spawn,
13b84ec7 1344 UNIT(s)->manager->cgroup_supported,
4ad49000 1345 UNIT(s)->cgroup_path,
e66cf1a3 1346 manager_get_runtime_prefix(UNIT(s)->manager),
62bca2c6 1347 UNIT(s)->id,
09812eb7 1348 0,
f2b68789 1349 NULL,
613b411c 1350 s->exec_runtime,
9e2f7c11
LP		 1351 &pid);
1352
3900e5fd 1353 r = unit_watch_pid(UNIT(s), pid);
9e2f7c11 1354 if (r < 0)
3900e5fd 1355 /* FIXME: we need to do something here */
034c6ed7
LP		 1356 goto fail;
1357
3900e5fd
LP		 1358 *_pid = pid;
1359 return 0;
1360
1361fail:
1362 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1363 return r;
1364}
1365
1366static int socket_chown(Socket *s, pid_t *_pid) {
1367 pid_t pid;
1368 int r;
1369
1370 r = socket_arm_timer(s);
1371 if (r < 0)
1372 goto fail;
1373
1374 /* We have to resolve the user names out-of-process, hence
1375 * let's fork here. It's messy, but well, what can we do? */
1376
1377 pid = fork();
1378 if (pid < 0)
1379 return -errno;
1380
1381 if (pid == 0) {
1382 SocketPort *p;
1383 uid_t uid = (uid_t) -1;
1384 gid_t gid = (gid_t) -1;
1385 int ret;
1386
1387 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1388 ignore_signals(SIGPIPE, -1);
1389 log_forget_fds();
1390
1391 if (!isempty(s->user)) {
1392 const char *user = s->user;
1393
1394 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1395 if (r < 0) {
1396 ret = EXIT_USER;
1397 goto fail_child;
1398 }
1399 }
1400
1401 if (!isempty(s->group)) {
1402 const char *group = s->group;
1403
1404 r = get_group_creds(&group, &gid);
1405 if (r < 0) {
1406 ret = EXIT_GROUP;
1407 goto fail_child;
1408 }
1409 }
1410
1411 LIST_FOREACH(port, p, s->ports) {
1412 const char *path;
1413
1414 if (p->type == SOCKET_SOCKET)
1415 path = socket_address_get_path(&p->address);
1416 else if (p->type == SOCKET_FIFO)
1417 path = p->path;
1418
1419 if (!path)
1420 continue;
1421
1422 if (chown(path, uid, gid) < 0) {
1423 r = -errno;
1424 ret = EXIT_CHOWN;
1425 goto fail_child;
1426 }
1427 }
1428
1429 _exit(0);
1430
1431 fail_child:
1432 log_open();
1433 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1434
1435 _exit(ret);
1436 }
1437
718db961
LP		 1438 r = unit_watch_pid(UNIT(s), pid);
1439 if (r < 0)
034c6ed7 1440 goto fail;
83c60c9f 1441
034c6ed7 1442 *_pid = pid;
034c6ed7
LP		 1443 return 0;
1444
1445fail:
718db961 1446 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
83c60c9f 1447 return r;
542563ba
LP		 1448}
1449
cfc4eb4c 1450static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1451 assert(s);
1452
cfc4eb4c
LP		 1453 if (f != SOCKET_SUCCESS)
1454 s->result = f;
034c6ed7 1455
613b411c
LP		 1456 exec_runtime_destroy(s->exec_runtime);
1457 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1458
e66cf1a3
LP		 1459 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1460
cfc4eb4c 1461 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1462}
1463
cfc4eb4c 1464static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1465
cfc4eb4c 1466static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1467 int r;
1468 assert(s);
1469
cfc4eb4c
LP		 1470 if (f != SOCKET_SUCCESS)
1471 s->result = f;
034c6ed7 1472
5e94833f 1473 socket_unwatch_control_pid(s);
a16e1123 1474 s->control_command_id = SOCKET_EXEC_STOP_POST;
3900e5fd 1475 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
a16e1123 1476
3900e5fd
LP		 1477 if (s->control_command) {
1478 r = socket_spawn(s, s->control_command, &s->control_pid);
1479 if (r < 0)
034c6ed7
LP		 1480 goto fail;
1481
80876c20
LP		 1482 socket_set_state(s, SOCKET_STOP_POST);
1483 } else
cfc4eb4c 1484 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1485
1486 return;
1487
1488fail:
66870f90
ZJS		 1489 log_warning_unit(UNIT(s)->id,
1490 "%s failed to run 'stop-post' task: %s",
1491 UNIT(s)->id, strerror(-r));
cfc4eb4c 1492 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1493}
1494
cfc4eb4c 1495static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7
LP		 1496 int r;
1497
1498 assert(s);
1499
cfc4eb4c
LP		 1500 if (f != SOCKET_SUCCESS)
1501 s->result = f;
034c6ed7 1502
cd2086fe
LP		 1503 r = unit_kill_context(
1504 UNIT(s),
1505 &s->kill_context,
1506 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1507 -1,
1508 s->control_pid,
1509 false);
1510 if (r < 0)
1511 goto fail;
034c6ed7 1512
cd2086fe 1513 if (r > 0) {
718db961 1514 r = socket_arm_timer(s);
36697dc0 1515 if (r < 0)
80876c20 1516 goto fail;
d6ea93e3 1517
80876c20 1518 socket_set_state(s, state);
ac84d1fb
LP		 1519 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1520 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1521 else if (state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1522 socket_enter_stop_post(s, SOCKET_SUCCESS);
ac84d1fb
LP		 1523 else if (state == SOCKET_FINAL_SIGTERM)
1524 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
80876c20 1525 else
cfc4eb4c 1526 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1527
1528 return;
1529
1530fail:
e821075a 1531 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1532
1533 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1534 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1535 else
cfc4eb4c 1536 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1537}
1538
cfc4eb4c 1539static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1540 int r;
1541 assert(s);
1542
cfc4eb4c
LP		 1543 if (f != SOCKET_SUCCESS)
1544 s->result = f;
034c6ed7 1545
5e94833f 1546 socket_unwatch_control_pid(s);
a16e1123 1547 s->control_command_id = SOCKET_EXEC_STOP_PRE;
3900e5fd 1548 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
a16e1123 1549
3900e5fd
LP		 1550 if (s->control_command) {
1551 r = socket_spawn(s, s->control_command, &s->control_pid);
1552 if (r < 0)
034c6ed7
LP		 1553 goto fail;
1554
80876c20
LP		 1555 socket_set_state(s, SOCKET_STOP_PRE);
1556 } else
cfc4eb4c 1557 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1558
1559 return;
1560
1561fail:
e821075a 1562 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1563 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1564}
1565
e9af15c3
LP		 1566static void socket_enter_listening(Socket *s) {
1567 int r;
1568 assert(s);
1569
cfc4eb4c
LP		 1570 r = socket_watch_fds(s);
1571 if (r < 0) {
e821075a 1572 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1573 goto fail;
1574 }
1575
1576 socket_set_state(s, SOCKET_LISTENING);
1577 return;
1578
1579fail:
cfc4eb4c 1580 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1581}
1582
034c6ed7
LP		 1583static void socket_enter_start_post(Socket *s) {
1584 int r;
1585 assert(s);
1586
3900e5fd
LP		 1587 socket_unwatch_control_pid(s);
1588 s->control_command_id = SOCKET_EXEC_START_POST;
1589 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1590
1591 if (s->control_command) {
1592 r = socket_spawn(s, s->control_command, &s->control_pid);
1593 if (r < 0) {
1594 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1595 goto fail;
1596 }
1597
1598 socket_set_state(s, SOCKET_START_POST);
1599 } else
1600 socket_enter_listening(s);
1601
1602 return;
1603
1604fail:
1605 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1606}
1607
1608static void socket_enter_start_chown(Socket *s) {
1609 int r;
1610
1611 assert(s);
1612
cfc4eb4c
LP		 1613 r = socket_open_fds(s);
1614 if (r < 0) {
e821075a 1615 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1616 goto fail;
1617 }
1618
3900e5fd 1619 if (!isempty(s->user) || !isempty(s->group)) {
5e94833f 1620
3900e5fd
LP		 1621 socket_unwatch_control_pid(s);
1622 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1623 s->control_command = NULL;
a16e1123 1624
3900e5fd 1625 r = socket_chown(s, &s->control_pid);
cfc4eb4c 1626 if (r < 0) {
3900e5fd 1627 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1628 goto fail;
1629 }
1630
3900e5fd 1631 socket_set_state(s, SOCKET_START_CHOWN);
80876c20 1632 } else
3900e5fd 1633 socket_enter_start_post(s);
034c6ed7
LP		 1634
1635 return;
1636
1637fail:
cfc4eb4c 1638 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1639}
1640
1641static void socket_enter_start_pre(Socket *s) {
1642 int r;
1643 assert(s);
1644
5e94833f 1645 socket_unwatch_control_pid(s);
a16e1123 1646 s->control_command_id = SOCKET_EXEC_START_PRE;
3900e5fd 1647 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
a16e1123 1648
3900e5fd 1649 if (s->control_command) {
e821075a 1650 r = socket_spawn(s, s->control_command, &s->control_pid);
3900e5fd
LP		 1651 if (r < 0) {
1652 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7 1653 goto fail;
3900e5fd 1654 }
034c6ed7 1655
80876c20
LP		 1656 socket_set_state(s, SOCKET_START_PRE);
1657 } else
3900e5fd 1658 socket_enter_start_chown(s);
034c6ed7
LP		 1659
1660 return;
1661
1662fail:
cfc4eb4c 1663 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1664}
1665
4f2d528d 1666static void socket_enter_running(Socket *s, int cfd) {
718db961 1667 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
034c6ed7
LP		 1668 int r;
1669
1670 assert(s);
1671
ba3e67a7
LP		 1672 /* We don't take connections anymore if we are supposed to
1673 * shut down anyway */
31afa0a4 1674 if (unit_stop_pending(UNIT(s))) {
e821075a
LP		 1675
1676 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1677
7c610628 1678 if (cfd >= 0)
03e334a1 1679 safe_close(cfd);
7c610628
LP		 1680 else {
1681 /* Flush all sockets by closing and reopening them */
1682 socket_close_fds(s);
1683
16ac4014
LP		 1684 r = socket_open_fds(s);
1685 if (r < 0) {
1686 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1687 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1688 return;
1689 }
1690
1a710b43
MS		 1691 r = socket_watch_fds(s);
1692 if (r < 0) {
e821075a 1693 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1694 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1695 }
1696 }
1697
ba3e67a7
LP		 1698 return;
1699 }
1700
4f2d528d 1701 if (cfd < 0) {
57020a3a 1702 Iterator i;
e821075a 1703 Unit *other;
f976f3f6 1704 bool pending = false;
f976f3f6
LP		 1705
1706 /* If there's already a start pending don't bother to
1707 * do anything */
e821075a
LP		 1708 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1709 if (unit_active_or_pending(other)) {
57020a3a
LP		 1710 pending = true;
1711 break;
1712 }
f976f3f6 1713
1a710b43 1714 if (!pending) {
640ace4a
LP		 1715 if (!UNIT_ISSET(s->service)) {
1716 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1717 r = -ENOENT;
1718 goto fail;
1719 }
1720
1a710b43
MS		 1721 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1722 if (r < 0)
f976f3f6 1723 goto fail;
1a710b43 1724 }
4f2d528d
LP		 1725
1726 socket_set_state(s, SOCKET_RUNNING);
1727 } else {
e55001eb 1728 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
b15bdda8 1729 Service *service;
4f2d528d 1730
6cf6bbc2 1731 if (s->n_connections >= s->max_connections) {
e821075a 1732 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
03e334a1 1733 safe_close(cfd);
6cf6bbc2
LP		 1734 return;
1735 }
1736
1a710b43
MS		 1737 r = socket_instantiate_service(s);
1738 if (r < 0)
b15bdda8
LP		 1739 goto fail;
1740
1a710b43
MS		 1741 r = instance_from_socket(cfd, s->n_accepted, &instance);
1742 if (r < 0) {
1743 if (r != -ENOTCONN)
1744 goto fail;
1745
1746 /* ENOTCONN is legitimate if TCP RST was received.
1747 * This connection is over, but the socket unit lives on. */
03e334a1 1748 safe_close(cfd);
1a710b43
MS		 1749 return;
1750 }
4f2d528d 1751
1a710b43
MS		 1752 prefix = unit_name_to_prefix(UNIT(s)->id);
1753 if (!prefix) {
4f2d528d
LP		 1754 r = -ENOMEM;
1755 goto fail;
1756 }
1757
1758 name = unit_name_build(prefix, instance, ".service");
b6dbbe1c 1759 if (!name) {
4f2d528d 1760 r = -ENOMEM;
b6dbbe1c
LP		 1761 goto fail;
1762 }
4f2d528d 1763
1a710b43 1764 r = unit_add_name(UNIT_DEREF(s->service), name);
e55001eb 1765 if (r < 0)
4f2d528d 1766 goto fail;
b15bdda8 1767
57020a3a
LP		 1768 service = SERVICE(UNIT_DEREF(s->service));
1769 unit_ref_unset(&s->service);
b15bdda8 1770 s->n_accepted ++;
4f2d528d 1771
1124fe6f 1772 UNIT(service)->no_gc = false;
6c073082 1773
b15bdda8 1774 unit_choose_id(UNIT(service), name);
b15bdda8 1775
1a710b43
MS		 1776 r = service_set_socket_fd(service, cfd, s);
1777 if (r < 0)
4f2d528d
LP		 1778 goto fail;
1779
1780 cfd = -1;
6cf6bbc2
LP		 1781 s->n_connections ++;
1782
1a710b43
MS		 1783 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1784 if (r < 0)
4f2d528d 1785 goto fail;
c4e2ceae
LP		 1786
1787 /* Notify clients about changed counters */
1788 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1789 }
034c6ed7 1790
034c6ed7
LP		 1791 return;
1792
1793fail:
e821075a
LP		 1794 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1795 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
718db961 1796 bus_error_message(&error, r));
e821075a 1797
60089004 1798 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
03e334a1 1799 safe_close(cfd);
034c6ed7
LP		 1800}
1801
cfc4eb4c 1802static void socket_run_next(Socket *s) {
034c6ed7
LP		 1803 int r;
1804
1805 assert(s);
1806 assert(s->control_command);
1807 assert(s->control_command->command_next);
1808
5e94833f
LP		 1809 socket_unwatch_control_pid(s);
1810
034c6ed7
LP		 1811 s->control_command = s->control_command->command_next;
1812
e821075a
LP		 1813 r = socket_spawn(s, s->control_command, &s->control_pid);
1814 if (r < 0)
034c6ed7
LP		 1815 goto fail;
1816
1817 return;
1818
1819fail:
e821075a 1820 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1821
1822 if (s->state == SOCKET_START_POST)
cfc4eb4c 1823 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1824 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1825 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1826 else
cfc4eb4c 1827 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1828}
1829
87f0e418
LP		 1830static int socket_start(Unit *u) {
1831 Socket *s = SOCKET(u);
83c60c9f
LP		 1832
1833 assert(s);
1834
034c6ed7
LP		 1835 /* We cannot fulfill this request right now, try again later
1836 * please! */
3900e5fd
LP		 1837 if (IN_SET(s->state,
1838 SOCKET_STOP_PRE,
1839 SOCKET_STOP_PRE_SIGKILL,
1840 SOCKET_STOP_PRE_SIGTERM,
1841 SOCKET_STOP_POST,
1842 SOCKET_FINAL_SIGTERM,
1843 SOCKET_FINAL_SIGKILL))
034c6ed7
LP		 1844 return -EAGAIN;
1845
3900e5fd
LP		 1846 if (IN_SET(s->state,
1847 SOCKET_START_PRE,
1848 SOCKET_START_CHOWN,
1849 SOCKET_START_POST))
034c6ed7 1850 return 0;
83c60c9f 1851
034c6ed7 1852 /* Cannot run this without the service being around */
9444b1f2 1853 if (UNIT_ISSET(s->service)) {
57020a3a
LP		 1854 Service *service;
1855
1856 service = SERVICE(UNIT_DEREF(s->service));
1857
1124fe6f 1858 if (UNIT(service)->load_state != UNIT_LOADED) {
e821075a 1859 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1860 return -ENOENT;
4ac9236f 1861 }
4f2d528d 1862
35b8ca3a 1863 /* If the service is already active we cannot start the
4f2d528d 1864 * socket */
57020a3a
LP		 1865 if (service->state != SERVICE_DEAD &&
1866 service->state != SERVICE_FAILED &&
1867 service->state != SERVICE_AUTO_RESTART) {
e821075a 1868 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1869 return -EBUSY;
4ac9236f 1870 }
7b4bf06b
LP		 1871
1872#ifdef HAVE_SYSV_COMPAT
1b64d026 1873 if (service->is_sysv) {
d7607eac 1874 log_error_unit(u->id,
66870f90 1875 "Using SysV services for socket activation is not supported. Refusing.");
7b4bf06b
LP		 1876 return -ENOENT;
1877 }
1878#endif
4f2d528d 1879 }
e537352b 1880
fdf20a31 1881 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1882
cfc4eb4c 1883 s->result = SOCKET_SUCCESS;
034c6ed7 1884 socket_enter_start_pre(s);
e821075a 1885
034c6ed7
LP		 1886 return 0;
1887}
83c60c9f 1888
87f0e418
LP		 1889static int socket_stop(Unit *u) {
1890 Socket *s = SOCKET(u);
034c6ed7
LP		 1891
1892 assert(s);
1893
e537352b 1894 /* Already on it */
3900e5fd
LP		 1895 if (IN_SET(s->state,
1896 SOCKET_STOP_PRE,
1897 SOCKET_STOP_PRE_SIGTERM,
1898 SOCKET_STOP_PRE_SIGKILL,
1899 SOCKET_STOP_POST,
1900 SOCKET_FINAL_SIGTERM,
1901 SOCKET_FINAL_SIGKILL))
e537352b
LP		 1902 return 0;
1903
3f6c78dc
LP		 1904 /* If there's already something running we go directly into
1905 * kill mode. */
3900e5fd
LP		 1906 if (IN_SET(s->state,
1907 SOCKET_START_PRE,
1908 SOCKET_START_CHOWN,
1909 SOCKET_START_POST)) {
cfc4eb4c 1910 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1911 return -EAGAIN;
1912 }
1913
034c6ed7 1914 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1915
cfc4eb4c 1916 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1917 return 0;
1918}
1919
a16e1123
LP		 1920static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1921 Socket *s = SOCKET(u);
1922 SocketPort *p;
1923 int r;
1924
1925 assert(u);
1926 assert(f);
1927 assert(fds);
1928
1929 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1930 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1931 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1932
1933 if (s->control_pid > 0)
de0671ee 1934 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
a16e1123
LP		 1935
1936 if (s->control_command_id >= 0)
1937 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1938
1939 LIST_FOREACH(port, p, s->ports) {
1940 int copy;
1941
1942 if (p->fd < 0)
1943 continue;
1944
613b411c
LP		 1945 copy = fdset_put_dup(fds, p->fd);
1946 if (copy < 0)
a16e1123
LP		 1947 return copy;
1948
1949 if (p->type == SOCKET_SOCKET) {
613b411c 1950 _cleanup_free_ char *t = NULL;
a16e1123 1951
ee092817
LP		 1952 r = socket_address_print(&p->address, &t);
1953 if (r < 0)
a16e1123
LP		 1954 return r;
1955
7a22745a
LP		 1956 if (socket_address_family(&p->address) == AF_NETLINK)
1957 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1958 else
1959 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
613b411c 1960
b0a3f2bc
LP		 1961 } else if (p->type == SOCKET_SPECIAL)
1962 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
ee092817
LP		 1963 else if (p->type == SOCKET_MQUEUE)
1964 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
b0a3f2bc 1965 else {
a16e1123
LP		 1966 assert(p->type == SOCKET_FIFO);
1967 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1968 }
1969 }
1970
1971 return 0;
1972}
1973
1974static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1975 Socket *s = SOCKET(u);
a16e1123
LP		 1976
1977 assert(u);
1978 assert(key);
1979 assert(value);
a16e1123
LP		 1980
1981 if (streq(key, "state")) {
1982 SocketState state;
1983
ee092817
LP		 1984 state = socket_state_from_string(value);
1985 if (state < 0)
e821075a 1986 log_debug_unit(u->id, "Failed to parse state value %s", value);
a16e1123
LP		 1987 else
1988 s->deserialized_state = state;
cfc4eb4c
LP		 1989 } else if (streq(key, "result")) {
1990 SocketResult f;
a16e1123 1991
cfc4eb4c
LP		 1992 f = socket_result_from_string(value);
1993 if (f < 0)
e821075a 1994 log_debug_unit(u->id, "Failed to parse result value %s", value);
cfc4eb4c
LP		 1995 else if (f != SOCKET_SUCCESS)
1996 s->result = f;
a16e1123
LP		 1997
1998 } else if (streq(key, "n-accepted")) {
1999 unsigned k;
2000
e364ad06 2001 if (safe_atou(value, &k) < 0)
e821075a 2002 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
a16e1123
LP		 2003 else
2004 s->n_accepted += k;
2005 } else if (streq(key, "control-pid")) {
5925dd3c 2006 pid_t pid;
a16e1123 2007
e364ad06 2008 if (parse_pid(value, &pid) < 0)
e821075a 2009 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
a16e1123 2010 else
5925dd3c 2011 s->control_pid = pid;
a16e1123
LP		 2012 } else if (streq(key, "control-command")) {
2013 SocketExecCommand id;
2014
66870f90
ZJS		 2015 id = socket_exec_command_from_string(value);
2016 if (id < 0)
e821075a 2017 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
a16e1123
LP		 2018 else {
2019 s->control_command_id = id;
2020 s->control_command = s->exec_command[id];
2021 }
2022 } else if (streq(key, "fifo")) {
2023 int fd, skip = 0;
2024 SocketPort *p;
2025
2026 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2027 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
a16e1123
LP		 2028 else {
2029
2030 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 2031 if (p->type == SOCKET_FIFO &&
2032 streq_ptr(p->path, value+skip))
2033 break;
2034
2035 if (p) {
03e334a1 2036 safe_close(p->fd);
b0a3f2bc
LP		 2037 p->fd = fdset_remove(fds, fd);
2038 }
2039 }
2040
2041 } else if (streq(key, "special")) {
2042 int fd, skip = 0;
2043 SocketPort *p;
2044
2045 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2046 log_debug_unit(u->id, "Failed to parse special value %s", value);
b0a3f2bc
LP		 2047 else {
2048
2049 LIST_FOREACH(port, p, s->ports)
2050 if (p->type == SOCKET_SPECIAL &&
2051 streq_ptr(p->path, value+skip))
a16e1123
LP		 2052 break;
2053
2054 if (p) {
03e334a1 2055 safe_close(p->fd);
a16e1123
LP		 2056 p->fd = fdset_remove(fds, fd);
2057 }
2058 }
2059
ee092817
LP		 2060 } else if (streq(key, "mqueue")) {
2061 int fd, skip = 0;
2062 SocketPort *p;
2063
2064 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2065 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
ee092817
LP		 2066 else {
2067
2068 LIST_FOREACH(port, p, s->ports)
2069 if (p->type == SOCKET_MQUEUE &&
2070 streq_ptr(p->path, value+skip))
2071 break;
2072
2073 if (p) {
03e334a1 2074 safe_close(p->fd);
ee092817
LP		 2075 p->fd = fdset_remove(fds, fd);
2076 }
2077 }
2078
a16e1123 2079 } else if (streq(key, "socket")) {
27ca8d7a 2080 int fd, type, skip = 0;
a16e1123
LP		 2081 SocketPort *p;
2082
27ca8d7a 2083 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
e821075a 2084 log_debug_unit(u->id, "Failed to parse socket value %s", value);
a16e1123
LP		 2085 else {
2086
2087 LIST_FOREACH(port, p, s->ports)
27ca8d7a 2088 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 2089 break;
2090
2091 if (p) {
03e334a1 2092 safe_close(p->fd);
a16e1123
LP		 2093 p->fd = fdset_remove(fds, fd);
2094 }
2095 }
2096
7a22745a
LP		 2097 } else if (streq(key, "netlink")) {
2098 int fd, skip = 0;
2099 SocketPort *p;
2100
2101 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2102 log_debug_unit(u->id, "Failed to parse socket value %s", value);
7a22745a
LP		 2103 else {
2104
2105 LIST_FOREACH(port, p, s->ports)
2106 if (socket_address_is_netlink(&p->address, value+skip))
2107 break;
2108
2109 if (p) {
03e334a1 2110 safe_close(p->fd);
7a22745a
LP		 2111 p->fd = fdset_remove(fds, fd);
2112 }
2113 }
a16e1123 2114 } else
e821075a 2115 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
a16e1123
LP		 2116
2117 return 0;
2118}
2119
01e10de3
LP		 2120static int socket_distribute_fds(Unit *u, FDSet *fds) {
2121 Socket *s = SOCKET(u);
2122 SocketPort *p;
2123
2124 assert(u);
2125
2126 LIST_FOREACH(port, p, s->ports) {
2127 Iterator i;
2128 int fd;
2129
2130 if (p->type != SOCKET_SOCKET)
2131 continue;
2132
2133 if (p->fd >= 0)
2134 continue;
2135
2136 FDSET_FOREACH(fd, fds, i) {
2137 if (socket_address_matches_fd(&p->address, fd)) {
2138 p->fd = fdset_remove(fds, fd);
2139 s->deserialized_state = SOCKET_LISTENING;
2140 break;
2141 }
2142 }
2143 }
2144
2145 return 0;
2146}
2147
44a6b1b6 2148_pure_ static UnitActiveState socket_active_state(Unit *u) {
87f0e418 2149 assert(u);
5cb5a6ff 2150
acbb0225 2151 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 2152}
2153
44a6b1b6 2154_pure_ static const char *socket_sub_state_to_string(Unit *u) {
10a94420
LP		 2155 assert(u);
2156
a16e1123 2157 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 2158}
2159
67419600
OS		 2160const char* socket_port_type_to_string(SocketPort *p) {
2161
2162 assert(p);
2163
2164 switch (p->type) {
718db961
LP		 2165
2166 case SOCKET_SOCKET:
2167
2168 switch (p->address.type) {
2169
2170 case SOCK_STREAM:
2171 return "Stream";
2172
2173 case SOCK_DGRAM:
2174 return "Datagram";
2175
2176 case SOCK_SEQPACKET:
2177 return "SequentialPacket";
2178
2179 case SOCK_RAW:
2180 if (socket_address_family(&p->address) == AF_NETLINK)
2181 return "Netlink";
2182
2183 default:
2184 return NULL;
2185 }
2186
2187 case SOCKET_SPECIAL:
2188 return "Special";
2189
2190 case SOCKET_MQUEUE:
2191 return "MessageQueue";
2192
2193 case SOCKET_FIFO:
2194 return "FIFO";
2195
2196 default:
2197 return NULL;
67419600
OS		 2198 }
2199}
2200
44a6b1b6 2201_pure_ static bool socket_check_gc(Unit *u) {
6cf6bbc2
LP		 2202 Socket *s = SOCKET(u);
2203
2204 assert(u);
2205
2206 return s->n_connections > 0;
2207}
2208
718db961
LP		 2209static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2210 SocketPort *p = userdata;
4f2d528d 2211 int cfd = -1;
9152c765 2212
718db961 2213 assert(p);
8d567588 2214 assert(fd >= 0);
9152c765 2215
718db961
LP		 2216 if (p->socket->state != SOCKET_LISTENING)
2217 return 0;
871d7de4 2218
718db961 2219 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
9152c765 2220
718db961 2221 if (revents != EPOLLIN) {
641e01dc 2222
718db961 2223 if (revents & EPOLLHUP)
e821075a 2224 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
718db961 2225 UNIT(p->socket)->id);
641e01dc 2226 else
e821075a 2227 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
718db961 2228 UNIT(p->socket)->id, revents);
641e01dc 2229
8d567588 2230 goto fail;
4f2d528d
LP		 2231 }
2232
718db961
LP		 2233 if (p->socket->accept &&
2234 p->type == SOCKET_SOCKET &&
2235 socket_address_can_accept(&p->address)) {
2236
4f2d528d
LP		 2237 for (;;) {
2238
b14eda96
LP		 2239 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2240 if (cfd < 0) {
4f2d528d
LP		 2241
2242 if (errno == EINTR)
2243 continue;
2244
718db961 2245 log_error_unit(UNIT(p->socket)->id,
66870f90 2246 "Failed to accept socket: %m");
8d567588 2247 goto fail;
4f2d528d
LP		 2248 }
2249
2250 break;
2251 }
4fd5948e 2252
718db961 2253 socket_apply_socket_options(p->socket, cfd);
4f2d528d 2254 }
9152c765 2255
718db961
LP		 2256 socket_enter_running(p->socket, cfd);
2257 return 0;
8d567588
LP		 2258
2259fail:
718db961
LP		 2260 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2261 return 0;
9152c765
LP		 2262}
2263
87f0e418
LP		 2264static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2265 Socket *s = SOCKET(u);
cfc4eb4c 2266 SocketResult f;
5cb5a6ff
LP		 2267
2268 assert(s);
034c6ed7 2269 assert(pid >= 0);
5cb5a6ff 2270
8c47c732
LP		 2271 if (pid != s->control_pid)
2272 return;
542563ba 2273
034c6ed7
LP		 2274 s->control_pid = 0;
2275
96342de6 2276 if (is_clean_exit(code, status, NULL))
cfc4eb4c
LP		 2277 f = SOCKET_SUCCESS;
2278 else if (code == CLD_EXITED)
2279 f = SOCKET_FAILURE_EXIT_CODE;
2280 else if (code == CLD_KILLED)
2281 f = SOCKET_FAILURE_SIGNAL;
2282 else if (code == CLD_DUMPED)
2283 f = SOCKET_FAILURE_CORE_DUMP;
2284 else
2285 assert_not_reached("Unknown code");
8c47c732 2286
b708e7ce 2287 if (s->control_command) {
6ea832a2 2288 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 2289
b708e7ce 2290 if (s->control_command->ignore)
cfc4eb4c 2291 f = SOCKET_SUCCESS;
b708e7ce
LP		 2292 }
2293
66870f90
ZJS		 2294 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2295 u->id,
2296 "%s control process exited, code=%s status=%i",
2297 u->id, sigchld_code_to_string(code), status);
034c6ed7 2298
cfc4eb4c
LP		 2299 if (f != SOCKET_SUCCESS)
2300 s->result = f;
2301
2302 if (s->control_command &&
2303 s->control_command->command_next &&
2304 f == SOCKET_SUCCESS) {
2305
66870f90
ZJS		 2306 log_debug_unit(u->id,
2307 "%s running next command for state %s",
2308 u->id, socket_state_to_string(s->state));
cfc4eb4c 2309 socket_run_next(s);
acbb0225 2310 } else {
a16e1123
LP		 2311 s->control_command = NULL;
2312 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2313
034c6ed7
LP		 2314 /* No further commands for this step, so let's figure
2315 * out what to do next */
5cb5a6ff 2316
66870f90
ZJS		 2317 log_debug_unit(u->id,
2318 "%s got final SIGCHLD for state %s",
2319 u->id, socket_state_to_string(s->state));
acbb0225 2320
034c6ed7
LP		 2321 switch (s->state) {
2322
2323 case SOCKET_START_PRE:
cfc4eb4c 2324 if (f == SOCKET_SUCCESS)
3900e5fd 2325 socket_enter_start_chown(s);
034c6ed7 2326 else
cfc4eb4c 2327 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 2328 break;
2329
3900e5fd
LP		 2330 case SOCKET_START_CHOWN:
2331 if (f == SOCKET_SUCCESS)
2332 socket_enter_start_post(s);
2333 else
2334 socket_enter_stop_pre(s, f);
2335 break;
2336
034c6ed7 2337 case SOCKET_START_POST:
cfc4eb4c 2338 if (f == SOCKET_SUCCESS)
e9af15c3 2339 socket_enter_listening(s);
034c6ed7 2340 else
cfc4eb4c 2341 socket_enter_stop_pre(s, f);
034c6ed7
LP		 2342 break;
2343
2344 case SOCKET_STOP_PRE:
2345 case SOCKET_STOP_PRE_SIGTERM:
2346 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 2347 socket_enter_stop_post(s, f);
034c6ed7
LP		 2348 break;
2349
2350 case SOCKET_STOP_POST:
80876c20
LP		 2351 case SOCKET_FINAL_SIGTERM:
2352 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 2353 socket_enter_dead(s, f);
034c6ed7
LP		 2354 break;
2355
2356 default:
2357 assert_not_reached("Uh, control process died at wrong time.");
2358 }
2359 }
c4e2ceae
LP		 2360
2361 /* Notify clients about changed exit status */
2362 unit_add_to_dbus_queue(u);
034c6ed7 2363}
5cb5a6ff 2364
718db961
LP		 2365static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2366 Socket *s = SOCKET(userdata);
5cb5a6ff 2367
034c6ed7 2368 assert(s);
718db961 2369 assert(s->timer_event_source == source);
034c6ed7
LP		 2370
2371 switch (s->state) {
2372
2373 case SOCKET_START_PRE:
3900e5fd 2374 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2375 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 2376 break;
80876c20 2377
3900e5fd 2378 case SOCKET_START_CHOWN:
034c6ed7 2379 case SOCKET_START_POST:
3900e5fd 2380 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
cfc4eb4c 2381 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2382 break;
2383
2384 case SOCKET_STOP_PRE:
3900e5fd 2385 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2386 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2387 break;
2388
2389 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 2390 if (s->kill_context.send_sigkill) {
3900e5fd 2391 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
cfc4eb4c 2392 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2393 } else {
3900e5fd 2394 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2395 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2396 }
034c6ed7
LP		 2397 break;
2398
2399 case SOCKET_STOP_PRE_SIGKILL:
3900e5fd 2400 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2401 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2402 break;
2403
2404 case SOCKET_STOP_POST:
3900e5fd 2405 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
cfc4eb4c 2406 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2407 break;
2408
80876c20 2409 case SOCKET_FINAL_SIGTERM:
4819ff03 2410 if (s->kill_context.send_sigkill) {
3900e5fd 2411 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
cfc4eb4c 2412 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2413 } else {
3900e5fd 2414 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2415 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2416 }
034c6ed7
LP		 2417 break;
2418
80876c20 2419 case SOCKET_FINAL_SIGKILL:
3900e5fd 2420 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
cfc4eb4c 2421 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2422 break;
2423
2424 default:
2425 assert_not_reached("Timeout at wrong time.");
2426 }
718db961
LP		 2427
2428 return 0;
5cb5a6ff
LP		 2429}
2430
44d8db9e
LP		 2431int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2432 int *rfds;
2433 unsigned rn_fds, k;
2434 SocketPort *p;
2435
2436 assert(s);
2437 assert(fds);
2438 assert(n_fds);
2439
2440 /* Called from the service code for requesting our fds */
2441
2442 rn_fds = 0;
2443 LIST_FOREACH(port, p, s->ports)
2444 if (p->fd >= 0)
2445 rn_fds++;
2446
de3756ab
LP		 2447 if (rn_fds <= 0) {
2448 *fds = NULL;
2449 *n_fds = 0;
2450 return 0;
2451 }
2452
e364ad06 2453 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2454 return -ENOMEM;
2455
2456 k = 0;
2457 LIST_FOREACH(port, p, s->ports)
2458 if (p->fd >= 0)
2459 rfds[k++] = p->fd;
2460
2461 assert(k == rn_fds);
2462
2463 *fds = rfds;
2464 *n_fds = rn_fds;
2465
2466 return 0;
2467}
2468
e821075a
LP		 2469static void socket_reset_failed(Unit *u) {
2470 Socket *s = SOCKET(u);
2471
2472 assert(s);
2473
2474 if (s->state == SOCKET_FAILED)
2475 socket_set_state(s, SOCKET_DEAD);
2476
2477 s->result = SOCKET_SUCCESS;
2478}
2479
d137a488 2480static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2481 assert(s);
2482
6cf6bbc2
LP		 2483 /* The service is dead. Dang!
2484 *
2485 * This is strictly for one-instance-for-all-connections
2486 * services. */
ceee3d82
LP		 2487
2488 if (s->state == SOCKET_RUNNING) {
e821075a 2489 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
6bda96a0
LP		 2490 if (failed_permanent)
2491 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2492 else
2493 socket_enter_listening(s);
ceee3d82
LP		 2494 }
2495}
2496
6cf6bbc2
LP		 2497void socket_connection_unref(Socket *s) {
2498 assert(s);
2499
2500 /* The service is dead. Yay!
2501 *
35b8ca3a 2502 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2503 * services. */
2504
2505 assert(s->n_connections > 0);
2506 s->n_connections--;
2507
e821075a 2508 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
5632e374
LP		 2509}
2510
d137a488
UTL		 2511static void socket_trigger_notify(Unit *u, Unit *other) {
2512 Socket *s = SOCKET(u);
e821075a 2513 Service *se;
d137a488
UTL		 2514
2515 assert(u);
2516 assert(other);
2517
2518 /* Don't propagate state changes from the service if we are
2519 already down or accepting connections */
2520 if ((s->state != SOCKET_RUNNING &&
2521 s->state != SOCKET_LISTENING) ||
2522 s->accept)
2523 return;
2524
2525 if (other->load_state != UNIT_LOADED ||
2526 other->type != UNIT_SERVICE)
2527 return;
2528
e821075a
LP		 2529 se = SERVICE(other);
2530
d137a488
UTL		 2531 if (se->state == SERVICE_FAILED)
2532 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2533
2534 if (se->state == SERVICE_DEAD ||
2535 se->state == SERVICE_STOP ||
2536 se->state == SERVICE_STOP_SIGTERM ||
2537 se->state == SERVICE_STOP_SIGKILL ||
2538 se->state == SERVICE_STOP_POST ||
2539 se->state == SERVICE_FINAL_SIGTERM ||
2540 se->state == SERVICE_FINAL_SIGKILL ||
2541 se->state == SERVICE_AUTO_RESTART)
2542 socket_notify_service_dead(s, false);
2543
2544 if (se->state == SERVICE_RUNNING)
2545 socket_set_state(s, SOCKET_RUNNING);
2546}
2547
718db961 2548static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
814cc562 2549 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
8a0867d6
LP		 2550}
2551
68db7a3b
ZJS		 2552static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2553 Socket *s = SOCKET(u);
2554 int r;
2555
2556 if (!s->timer_event_source)
2557 return 0;
2558
2559 r = sd_event_source_get_time(s->timer_event_source, timeout);
2560 if (r < 0)
2561 return r;
2562
2563 return 1;
2564}
2565
a16e1123
LP		 2566static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2567 [SOCKET_DEAD] = "dead",
2568 [SOCKET_START_PRE] = "start-pre",
3900e5fd 2569 [SOCKET_START_CHOWN] = "start-chown",
a16e1123
LP		 2570 [SOCKET_START_POST] = "start-post",
2571 [SOCKET_LISTENING] = "listening",
2572 [SOCKET_RUNNING] = "running",
2573 [SOCKET_STOP_PRE] = "stop-pre",
2574 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2575 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2576 [SOCKET_STOP_POST] = "stop-post",
2577 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2578 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2579 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2580};
2581
2582DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2583
2584static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2585 [SOCKET_EXEC_START_PRE] = "StartPre",
3900e5fd 2586 [SOCKET_EXEC_START_CHOWN] = "StartChown",
a16e1123
LP		 2587 [SOCKET_EXEC_START_POST] = "StartPost",
2588 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2589 [SOCKET_EXEC_STOP_POST] = "StopPost"
2590};
2591
2592DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2593
cfc4eb4c
LP		 2594static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2595 [SOCKET_SUCCESS] = "success",
2596 [SOCKET_FAILURE_RESOURCES] = "resources",
2597 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2598 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2599 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2600 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2601 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2602};
2603
2604DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2605
87f0e418 2606const UnitVTable socket_vtable = {
7d17cfbc 2607 .object_size = sizeof(Socket),
718db961
LP		 2608 .exec_context_offset = offsetof(Socket, exec_context),
2609 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2610 .kill_context_offset = offsetof(Socket, kill_context),
613b411c 2611 .exec_runtime_offset = offsetof(Socket, exec_runtime),
3ef63c31 2612
f975e971
LP		 2613 .sections =
2614 "Unit\0"
2615 "Socket\0"
2616 "Install\0",
4ad49000 2617 .private_section = "Socket",
71645aca 2618
034c6ed7
LP		 2619 .init = socket_init,
2620 .done = socket_done,
a16e1123
LP		 2621 .load = socket_load,
2622
2623 .coldplug = socket_coldplug,
034c6ed7 2624
5cb5a6ff
LP		 2625 .dump = socket_dump,
2626
542563ba
LP		 2627 .start = socket_start,
2628 .stop = socket_stop,
5cb5a6ff 2629
718db961
LP		 2630 .kill = socket_kill,
2631
68db7a3b
ZJS		 2632 .get_timeout = socket_get_timeout,
2633
a16e1123
LP		 2634 .serialize = socket_serialize,
2635 .deserialize_item = socket_deserialize_item,
01e10de3 2636 .distribute_fds = socket_distribute_fds,
a16e1123 2637
5cb5a6ff 2638 .active_state = socket_active_state,
10a94420 2639 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2640
6cf6bbc2
LP		 2641 .check_gc = socket_check_gc,
2642
034c6ed7 2643 .sigchld_event = socket_sigchld_event,
4139c1b2 2644
d137a488
UTL		 2645 .trigger_notify = socket_trigger_notify,
2646
fdf20a31 2647 .reset_failed = socket_reset_failed,
5632e374 2648
c4e2ceae 2649 .bus_interface = "org.freedesktop.systemd1.Socket",
718db961 2650 .bus_vtable = bus_socket_vtable,
74c964d3
LP		 2651 .bus_set_property = bus_socket_set_property,
2652 .bus_commit_properties = bus_socket_commit_properties,
c6918296
MS		 2653
2654 .status_message_formats = {
2655 /*.starting_stopping = {
2656 [0] = "Starting socket %s...",
2657 [1] = "Stopping socket %s...",
2658 },*/
2659 .finished_start_job = {
2660 [JOB_DONE] = "Listening on %s.",
2661 [JOB_FAILED] = "Failed to listen on %s.",
2662 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2663 [JOB_TIMEOUT] = "Timed out starting %s.",
2664 },
2665 .finished_stop_job = {
2666 [JOB_DONE] = "Closed %s.",
2667 [JOB_FAILED] = "Failed stopping %s.",
2668 [JOB_TIMEOUT] = "Timed out stopping %s.",
2669 },
2670 },
5cb5a6ff 2671};
Unnamed repository; edit this file 'description' to name the repository.