]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Revert "core: Propagate condition failed state to triggering units."
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394
LP		 16#include "bus-common-errors.h"
17#include "bus-util.h"
fdb3deca 18#include "cgroup-setup.h"
c6c18be3 19#include "cgroup-util.h"
f4351959 20#include "chase-symlinks.h"
e30bbc90 21#include "core-varlink.h"
4f5dd394
LP		 22#include "dbus-unit.h"
23#include "dbus.h"
24#include "dropin.h"
25#include "escape.h"
26#include "execute.h"
6a48d82f 27#include "fd-util.h"
a5c32cff 28#include "fileio-label.h"
ee228be1 29#include "fileio.h"
f97b34a6 30#include "format-util.h"
4b58153d 31#include "id128-util.h"
5cfa33e0 32#include "install.h"
2d3b784d 33#include "io-util.h"
a3f5fd96 34#include "label.h"
4f5dd394
LP		 35#include "load-dropin.h"
36#include "load-fragment.h"
37#include "log.h"
38#include "macro.h"
f5947a5e 39#include "missing_audit.h"
35cd0ba5 40#include "mkdir-label.h"
4f5dd394 41#include "path-util.h"
0b452006 42#include "process-util.h"
810ef318 43#include "rm-rf.h"
4f5dd394 44#include "set.h"
6eb7c172 45#include "signal-util.h"
d3070fbd 46#include "sparse-endian.h"
e9db43d5 47#include "special.h"
2e59b241 48#include "specifier.h"
8fcde012 49#include "stat-util.h"
d054f0a4 50#include "stdio-util.h"
5afe510c 51#include "string-table.h"
07630cea 52#include "string-util.h"
4f5dd394 53#include "strv.h"
5b262f74 54#include "terminal-util.h"
e4de7287 55#include "tmpfile-util.h"
4f4afc88 56#include "umask-util.h"
4f5dd394 57#include "unit-name.h"
e9db43d5 58#include "unit.h"
b1d4f8e1
LP		 59#include "user-util.h"
60#include "virt.h"
91ce91c7
JK		 61#if BPF_FRAMEWORK
62#include "bpf-link.h"
63#endif
87f0e418 64
37109b85
ZJS		 65/* Thresholds for logging at INFO level about resource consumption */
66#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
67#define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
68#define MENTIONWORTHY_IP_BYTES (0ULL)
69
70/* Thresholds for logging at INFO level about resource consumption */
71#define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
72#define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
73#define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
74
87f0e418
LP		 75const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
76 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 77 [UNIT_SOCKET] = &socket_vtable,
78 [UNIT_TARGET] = &target_vtable,
79 [UNIT_DEVICE] = &device_vtable,
80 [UNIT_MOUNT] = &mount_vtable,
81 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 82 [UNIT_SWAP] = &swap_vtable,
e821075a 83 [UNIT_TIMER] = &timer_vtable,
a016b922 84 [UNIT_PATH] = &path_vtable,
6c12b52e 85 [UNIT_SLICE] = &slice_vtable,
5afe510c 86 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 87};
88
75db809a 89Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 90 Unit *u;
91
92 assert(m);
ac155bb8 93 assert(size >= sizeof(Unit));
87f0e418 94
7d17cfbc
MS		 95 u = malloc0(size);
96 if (!u)
87f0e418
LP		 97 return NULL;
98
ac155bb8
MS		 99 u->manager = m;
100 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 101 u->default_dependencies = true;
102 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 103 u->unit_file_preset = -1;
d420282b 104 u->on_failure_job_mode = JOB_REPLACE;
294446dc 105 u->on_success_job_mode = JOB_FAIL;
0bb814c2 106 u->cgroup_control_inotify_wd = -1;
afcfaa69 107 u->cgroup_memory_inotify_wd = -1;
36c16a7c 108 u->job_timeout = USEC_INFINITY;
a2df3ea4 109 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 110 u->ref_uid = UID_INVALID;
111 u->ref_gid = GID_INVALID;
fe700f46 112 u->cpu_usage_last = NSEC_INFINITY;
17f14955 113 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 114 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 115
6a48d82f
DM		 116 u->ip_accounting_ingress_map_fd = -1;
117 u->ip_accounting_egress_map_fd = -1;
0fd9c28c
LP		 118 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
119 u->io_accounting_last[i] = UINT64_MAX;
120
6a48d82f
DM		 121 u->ipv4_allow_map_fd = -1;
122 u->ipv6_allow_map_fd = -1;
123 u->ipv4_deny_map_fd = -1;
124 u->ipv6_deny_map_fd = -1;
125
2e59b241
LP		 126 u->last_section_private = -1;
127
7bf081a1 128 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
0bc488c9 129 u->auto_start_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
bea355da 130
87f0e418
LP		 131 return u;
132}
133
a581e45a 134int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 135 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 136 int r;
137
138 u = unit_new(m, size);
139 if (!u)
140 return -ENOMEM;
141
142 r = unit_add_name(u, name);
dc409696 143 if (r < 0)
a581e45a 144 return r;
a581e45a 145
1cc6c93a
YW		 146 *ret = TAKE_PTR(u);
147
a581e45a
LP		 148 return r;
149}
150
303ee601 151bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 152 assert(u);
153 assert(name);
154
4562c355
ZJS		 155 return streq_ptr(name, u->id) ||
156 set_contains(u->aliases, name);
f278026d
LP		 157}
158
598459ce
LP		 159static void unit_init(Unit *u) {
160 CGroupContext *cc;
161 ExecContext *ec;
162 KillContext *kc;
163
164 assert(u);
165 assert(u->manager);
166 assert(u->type >= 0);
167
168 cc = unit_get_cgroup_context(u);
169 if (cc) {
170 cgroup_context_init(cc);
171
172 /* Copy in the manager defaults into the cgroup
173 * context, _before_ the rest of the settings have
174 * been initialized */
175
176 cc->cpu_accounting = u->manager->default_cpu_accounting;
13c31542 177 cc->io_accounting = u->manager->default_io_accounting;
598459ce
LP		 178 cc->blockio_accounting = u->manager->default_blockio_accounting;
179 cc->memory_accounting = u->manager->default_memory_accounting;
03a7b521 180 cc->tasks_accounting = u->manager->default_tasks_accounting;
6a48d82f 181 cc->ip_accounting = u->manager->default_ip_accounting;
0af20ea2
LP		 182
183 if (u->type != UNIT_SLICE)
184 cc->tasks_max = u->manager->default_tasks_max;
598459ce
LP		 185 }
186
187 ec = unit_get_exec_context(u);
b1edf445 188 if (ec) {
598459ce
LP		 189 exec_context_init(ec);
190
d4a402e4
LP		 191 if (u->manager->default_oom_score_adjust_set) {
192 ec->oom_score_adjust = u->manager->default_oom_score_adjust;
193 ec->oom_score_adjust_set = true;
194 }
195
5e37d193
FB		 196 if (MANAGER_IS_SYSTEM(u->manager))
197 ec->keyring_mode = EXEC_KEYRING_SHARED;
198 else {
199 ec->keyring_mode = EXEC_KEYRING_INHERIT;
200
201 /* User manager might have its umask redefined by PAM or UMask=. In this
202 * case let the units it manages inherit this value by default. They can
203 * still tune this value through their own unit file */
204 (void) get_process_umask(getpid_cached(), &ec->umask);
205 }
b1edf445
LP		 206 }
207
598459ce
LP		 208 kc = unit_get_kill_context(u);
209 if (kc)
210 kill_context_init(kc);
211
212 if (UNIT_VTABLE(u)->init)
213 UNIT_VTABLE(u)->init(u);
214}
215
4562c355
ZJS		 216static int unit_add_alias(Unit *u, char *donated_name) {
217 int r;
218
219 /* Make sure that u->names is allocated. We may leave u->names
220 * empty if we fail later, but this is not a problem. */
973bc32a 221 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 222 if (r < 0)
223 return r;
224 assert(r > 0);
225
226 return 0;
227}
228
87f0e418 229int unit_add_name(Unit *u, const char *text) {
4562c355 230 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 231 UnitType t;
87f0e418
LP		 232 int r;
233
234 assert(u);
235 assert(text);
236
7410616c 237 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 238 if (!u->instance)
acd1987a
WY		 239 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
240 "instance is not set when adding name '%s': %m", text);
87f0e418 241
4562c355 242 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 243 if (r < 0)
acd1987a
WY		 244 return log_unit_debug_errno(u, r,
245 "failed to build instance name from '%s': %m", text);
7410616c 246 } else {
4562c355
ZJS		 247 name = strdup(text);
248 if (!name)
7410616c
LP		 249 return -ENOMEM;
250 }
87f0e418 251
4562c355 252 if (unit_has_name(u, name))
7410616c 253 return 0;
4562c355
ZJS		 254
255 if (hashmap_contains(u->manager->units, name))
acd1987a 256 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 257 "unit already exist when adding name '%s': %m", name);
7410616c 258
4562c355 259 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 261 "name '%s' is invalid: %m", name);
e537352b 262
4562c355 263 t = unit_name_to_type(name);
7410616c 264 if (t < 0)
acd1987a 265 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 266 "failed to derive unit type from name '%s': %m", name);
87f0e418 267
598459ce 268 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 269 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
270 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 271 u->type, t, name);
87f0e418 272
4562c355 273 r = unit_name_to_instance(name, &instance);
e48614c4 274 if (r < 0)
4562c355 275 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 276
4562c355
ZJS		 277 if (instance && !unit_type_may_template(t))
278 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 279
d383acad
ZJS		 280 /* Ensure that this unit either has no instance, or that the instance matches. */
281 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 282 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 283 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
284 name, instance, u->instance);
9e2f7c11 285
4562c355 286 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 287 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
288 "cannot add name %s, aliases are not allowed for %s units.",
289 name, unit_type_to_string(t));
9e2f7c11 290
598459ce 291 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 292 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 293
4562c355
ZJS		 294 /* Add name to the global hashmap first, because that's easier to undo */
295 r = hashmap_put(u->manager->units, name, u);
7410616c 296 if (r < 0)
acd1987a 297 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 298
4562c355
ZJS		 299 if (u->id) {
300 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
301 if (r < 0) {
302 hashmap_remove(u->manager->units, name);
303 return r;
304 }
305 TAKE_PTR(name);
306
307 } else {
308 /* A new name, we don't need the set yet. */
309 assert(u->type == _UNIT_TYPE_INVALID);
310 assert(!u->instance);
311
ac155bb8 312 u->type = t;
4562c355
ZJS		 313 u->id = TAKE_PTR(name);
314 u->instance = TAKE_PTR(instance);
9e2f7c11 315
71fda00f 316 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 317 unit_init(u);
598459ce 318 }
9e2f7c11 319
598459ce
LP		 320 unit_add_to_dbus_queue(u);
321 return 0;
87f0e418
LP		 322}
323
0ae97ec1 324int unit_choose_id(Unit *u, const char *name) {
68eda4bd 325 _cleanup_free_ char *t = NULL;
4562c355 326 char *s;
276c3e78 327 int r;
0ae97ec1
LP		 328
329 assert(u);
330 assert(name);
331
7410616c 332 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 333 if (!u->instance)
9e2f7c11
LP		 334 return -EINVAL;
335
7410616c
LP		 336 r = unit_name_replace_instance(name, u->instance, &t);
337 if (r < 0)
338 return r;
9e2f7c11
LP		 339
340 name = t;
341 }
342
4562c355
ZJS		 343 if (streq_ptr(u->id, name))
344 return 0; /* Nothing to do. */
345
346 /* Selects one of the aliases of this unit as the id */
347 s = set_get(u->aliases, (char*) name);
9e2f7c11 348 if (!s)
0ae97ec1
LP		 349 return -ENOENT;
350
4562c355
ZJS		 351 if (u->id) {
352 r = set_remove_and_put(u->aliases, name, u->id);
353 if (r < 0)
354 return r;
355 } else
356 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 357
4562c355 358 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 359 unit_add_to_dbus_queue(u);
9e2f7c11 360
0ae97ec1
LP		 361 return 0;
362}
363
f50e0a01 364int unit_set_description(Unit *u, const char *description) {
84b26d51 365 int r;
f50e0a01
LP		 366
367 assert(u);
368
84b26d51
LP		 369 r = free_and_strdup(&u->description, empty_to_null(description));
370 if (r < 0)
371 return r;
372 if (r > 0)
373 unit_add_to_dbus_queue(u);
c1e1601e 374
f50e0a01
LP		 375 return 0;
376}
377
f2f725e5 378bool unit_may_gc(Unit *u) {
a354329f 379 UnitActiveState state;
e98b2fbb 380 int r;
5afe510c 381
701cc384
LP		 382 assert(u);
383
f2f725e5
ZJS		 384 /* Checks whether the unit is ready to be unloaded for garbage collection.
385 * Returns true when the unit may be collected, and false if there's some
2641f02e
ZJS		 386 * reason to keep it loaded.
387 *
388 * References from other units are *not* checked here. Instead, this is done
389 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
390 */
5afe510c 391
a354329f 392 if (u->job)
f2f725e5 393 return false;
701cc384 394
a354329f 395 if (u->nop_job)
f2f725e5 396 return false;
6c073082 397
a354329f
LP		 398 state = unit_active_state(u);
399
7eb2a8a1 400 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
a354329f
LP		 401 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
402 UNIT_VTABLE(u)->release_resources)
7eb2a8a1 403 UNIT_VTABLE(u)->release_resources(u);
a354329f 404
f5869324 405 if (u->perpetual)
f2f725e5 406 return false;
9d576438 407
05a98afd 408 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 409 return false;
05a98afd 410
5afe510c
LP		 411 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
412 switch (u->collect_mode) {
413
414 case COLLECT_INACTIVE:
415 if (state != UNIT_INACTIVE)
f2f725e5 416 return false;
5afe510c
LP		 417
418 break;
419
420 case COLLECT_INACTIVE_OR_FAILED:
421 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 422 return false;
5afe510c
LP		 423
424 break;
425
426 default:
04499a70 427 assert_not_reached();
5afe510c
LP		 428 }
429
e98b2fbb
LP		 430 if (u->cgroup_path) {
431 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
432 * around. Units with active processes should never be collected. */
433
434 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
435 if (r < 0)
6178e2f8 436 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 437 if (r <= 0)
f2f725e5 438 return false;
e98b2fbb
LP		 439 }
440
f2f725e5
ZJS		 441 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
442 return false;
701cc384 443
f2f725e5 444 return true;
701cc384
LP		 445}
446
87f0e418
LP		 447void unit_add_to_load_queue(Unit *u) {
448 assert(u);
ac155bb8 449 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 450
ac155bb8 451 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 452 return;
453
71fda00f 454 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 455 u->in_load_queue = true;
87f0e418
LP		 456}
457
23a177ef
LP		 458void unit_add_to_cleanup_queue(Unit *u) {
459 assert(u);
460
ac155bb8 461 if (u->in_cleanup_queue)
23a177ef
LP		 462 return;
463
71fda00f 464 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 465 u->in_cleanup_queue = true;
23a177ef
LP		 466}
467
701cc384
LP		 468void unit_add_to_gc_queue(Unit *u) {
469 assert(u);
470
ac155bb8 471 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 472 return;
473
f2f725e5 474 if (!unit_may_gc(u))
701cc384
LP		 475 return;
476
c5a97ed1 477 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 478 u->in_gc_queue = true;
701cc384
LP		 479}
480
c1e1601e
LP		 481void unit_add_to_dbus_queue(Unit *u) {
482 assert(u);
ac155bb8 483 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 484
ac155bb8 485 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 486 return;
487
a567261a 488 /* Shortcut things if nobody cares */
8f8f05a9 489 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 490 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 491 set_isempty(u->manager->private_buses)) {
ac155bb8 492 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 493 return;
494 }
495
71fda00f 496 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 497 u->in_dbus_queue = true;
c1e1601e
LP		 498}
499
fda09318 500void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 501 assert(u);
502
503 if (u->in_stop_when_unneeded_queue)
504 return;
505
506 if (!u->stop_when_unneeded)
507 return;
508
509 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
510 return;
511
512 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
513 u->in_stop_when_unneeded_queue = true;
514}
515
0bc488c9
LP		 516void unit_submit_to_start_when_upheld_queue(Unit *u) {
517 assert(u);
518
519 if (u->in_start_when_upheld_queue)
520 return;
521
522 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
523 return;
524
525 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
526 return;
527
528 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
529 u->in_start_when_upheld_queue = true;
530}
531
56c59592
LP		 532void unit_submit_to_stop_when_bound_queue(Unit *u) {
533 assert(u);
534
535 if (u->in_stop_when_bound_queue)
536 return;
537
538 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
539 return;
540
541 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
542 return;
543
544 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
545 u->in_stop_when_bound_queue = true;
546}
547
15ed3c3a 548static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 549 assert(u);
550
15ed3c3a
LP		 551 /* Removes all dependencies configured on u and their reverse dependencies. */
552
553 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 554
15ed3c3a
LP		 555 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
556 Hashmap *other_deps;
701cc384 557
15ed3c3a
LP		 558 HASHMAP_FOREACH(other_deps, other->dependencies)
559 hashmap_remove(other_deps, u);
560
561 unit_add_to_gc_queue(other);
562 }
563
564 hashmap_free(deps);
87f0e418
LP		 565 }
566
15ed3c3a 567 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 568}
569
c2756a68
LP		 570static void unit_remove_transient(Unit *u) {
571 char **i;
572
573 assert(u);
574
575 if (!u->transient)
576 return;
577
578 if (u->fragment_path)
3f5e8115 579 (void) unlink(u->fragment_path);
c2756a68
LP		 580
581 STRV_FOREACH(i, u->dropin_paths) {
39591351 582 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 583
39591351
LP		 584 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
585 if (!p)
586 continue;
587
588 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
589 if (!pp)
590 continue;
591
592 /* Only drop transient drop-ins */
593 if (!path_equal(u->manager->lookup_paths.transient, pp))
594 continue;
c2756a68 595
39591351
LP		 596 (void) unlink(*i);
597 (void) rmdir(p);
c2756a68
LP		 598 }
599}
600
a57f7e2c 601static void unit_free_requires_mounts_for(Unit *u) {
eef85c4a 602 assert(u);
a57f7e2c 603
eef85c4a 604 for (;;) {
c2b2df60 605 _cleanup_free_ char *path = NULL;
a57f7e2c 606
eef85c4a
LP		 607 path = hashmap_steal_first_key(u->requires_mounts_for);
608 if (!path)
609 break;
610 else {
611 char s[strlen(path) + 1];
a57f7e2c 612
eef85c4a
LP		 613 PATH_FOREACH_PREFIX_MORE(s, path) {
614 char *y;
615 Set *x;
616
617 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
618 if (!x)
619 continue;
a57f7e2c 620
eef85c4a 621 (void) set_remove(x, u);
a57f7e2c 622
eef85c4a
LP		 623 if (set_isempty(x)) {
624 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
625 free(y);
626 set_free(x);
627 }
a57f7e2c
LP		 628 }
629 }
630 }
631
eef85c4a 632 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
a57f7e2c
LP		 633}
634
598459ce
LP		 635static void unit_done(Unit *u) {
636 ExecContext *ec;
637 CGroupContext *cc;
638
639 assert(u);
640
641 if (u->type < 0)
642 return;
643
644 if (UNIT_VTABLE(u)->done)
645 UNIT_VTABLE(u)->done(u);
646
647 ec = unit_get_exec_context(u);
648 if (ec)
649 exec_context_done(ec);
650
651 cc = unit_get_cgroup_context(u);
652 if (cc)
653 cgroup_context_done(cc);
654}
655
75db809a 656Unit* unit_free(Unit *u) {
12f64221 657 Unit *slice;
87f0e418
LP		 658 char *t;
659
c9d5c9c0 660 if (!u)
75db809a 661 return NULL;
87f0e418 662
50fb00b7 663 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 664
2c289ea8 665 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 666 unit_remove_transient(u);
667
c1e1601e
LP		 668 bus_unit_send_removed_signal(u);
669
598459ce 670 unit_done(u);
a013b84b 671
50be4f4a 672 unit_dequeue_rewatch_pids(u);
cf9fd508 673
50be4f4a 674 sd_bus_slot_unref(u->match_bus_slot);
05a98afd
LP		 675 sd_bus_track_unref(u->bus_track);
676 u->deserialized_refs = strv_free(u->deserialized_refs);
d9e45bc3 677 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
05a98afd 678
a57f7e2c
LP		 679 unit_free_requires_mounts_for(u);
680
90e74a66 681 SET_FOREACH(t, u->aliases)
ac155bb8 682 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 683 if (u->id)
684 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 685
4b58153d
LP		 686 if (!sd_id128_is_null(u->invocation_id))
687 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
688
97e7d748
MS		 689 if (u->job) {
690 Job *j = u->job;
691 job_uninstall(j);
692 job_free(j);
693 }
964e0949 694
e0209d83
MS		 695 if (u->nop_job) {
696 Job *j = u->nop_job;
697 job_uninstall(j);
698 job_free(j);
699 }
700
4c591f39
MK		 701 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
702 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 703 slice = UNIT_GET_SLICE(u);
d219a2b0 704 unit_clear_dependencies(u);
12f64221
LP		 705 if (slice)
706 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 707
adefcf28
LP		 708 if (u->on_console)
709 manager_unref_console(u->manager);
710
3d027d4d
JK		 711
712 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 713#if BPF_FRAMEWORK
714 bpf_link_free(u->ipv4_socket_bind_link);
715 bpf_link_free(u->ipv6_socket_bind_link);
716#endif
717
efdb0237 718 unit_release_cgroup(u);
72673e86 719
d3070fbd
LP		 720 if (!MANAGER_IS_RELOADING(u->manager))
721 unit_unlink_state_files(u);
722
00d9ef85
LP		 723 unit_unref_uid_gid(u, false);
724
5269eb6b 725 (void) manager_update_failed_units(u->manager, u, false);
db785129 726 set_remove(u->manager->startup_units, u);
f755e3b7 727
a911bb9a
LP		 728 unit_unwatch_all_pids(u);
729
7f7d01ed
ZJS		 730 while (u->refs_by_target)
731 unit_ref_unset(u->refs_by_target);
57020a3a 732
ac155bb8 733 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 734 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 735
ac155bb8 736 if (u->in_load_queue)
71fda00f 737 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 738
ac155bb8 739 if (u->in_dbus_queue)
71fda00f 740 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 741
13e72103
MK		 742 if (u->in_cleanup_queue)
743 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
744
a2d72e26 745 if (u->in_gc_queue)
c5a97ed1 746 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 747
91a6073e
LP		 748 if (u->in_cgroup_realize_queue)
749 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 750
09e24654
LP		 751 if (u->in_cgroup_empty_queue)
752 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
753
13e72103
MK		 754 if (u->in_cgroup_oom_queue)
755 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 756
19496554
MS		 757 if (u->in_target_deps_queue)
758 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
759
a3c1168a
LP		 760 if (u->in_stop_when_unneeded_queue)
761 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
762
0bc488c9
LP		 763 if (u->in_start_when_upheld_queue)
764 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
765
56c59592
LP		 766 if (u->in_stop_when_bound_queue)
767 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
768
0fd9c28c 769 bpf_firewall_close(u);
fab34748 770
5f8ba20d
JK		 771 hashmap_free(u->bpf_foreign_by_key);
772
76dc1725 773 bpf_program_free(u->bpf_device_control_installed);
084c7007 774
6f50d4f7
MV		 775#if BPF_FRAMEWORK
776 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
777 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
778#endif
779 fdset_free(u->initial_restric_ifaces_link_fds);
780
a946fa9b
ZJS		 781 condition_free_list(u->conditions);
782 condition_free_list(u->asserts);
f755e3b7 783
ac155bb8 784 free(u->description);
49dbfa7b 785 strv_free(u->documentation);
ac155bb8 786 free(u->fragment_path);
1b64d026 787 free(u->source_path);
ae7a7182 788 strv_free(u->dropin_paths);
ac155bb8 789 free(u->instance);
87f0e418 790
f189ab18 791 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 792 free(u->reboot_arg);
793
4562c355
ZJS		 794 set_free_free(u->aliases);
795 free(u->id);
796
75db809a 797 return mfree(u);
87f0e418
LP		 798}
799
d9e45bc3
MS		 800FreezerState unit_freezer_state(Unit *u) {
801 assert(u);
802
803 return u->freezer_state;
804}
805
806int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
807 char *values[1] = {};
808 int r;
809
810 assert(u);
811
812 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
813 STRV_MAKE("frozen"), values);
814 if (r < 0)
815 return r;
816
817 r = _FREEZER_STATE_INVALID;
818
819 if (values[0]) {
820 if (streq(values[0], "0"))
821 r = FREEZER_RUNNING;
822 else if (streq(values[0], "1"))
823 r = FREEZER_FROZEN;
824 }
825
826 free(values[0]);
827 *ret = r;
828
829 return 0;
830}
831
87f0e418
LP		 832UnitActiveState unit_active_state(Unit *u) {
833 assert(u);
834
ac155bb8 835 if (u->load_state == UNIT_MERGED)
6124958c
LP		 836 return unit_active_state(unit_follow_merge(u));
837
838 /* After a reload it might happen that a unit is not correctly
839 * loaded but still has a process around. That's why we won't
fdf20a31 840 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 841
842 return UNIT_VTABLE(u)->active_state(u);
843}
844
10a94420
LP		 845const char* unit_sub_state_to_string(Unit *u) {
846 assert(u);
847
848 return UNIT_VTABLE(u)->sub_state_to_string(u);
849}
850
15ed3c3a 851static int unit_merge_names(Unit *u, Unit *other) {
4562c355 852 char *name;
7c0b05e5 853 int r;
87f0e418 854
23a177ef
LP		 855 assert(u);
856 assert(other);
857
4562c355 858 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 859 if (r < 0)
860 return r;
23a177ef 861
4562c355
ZJS		 862 r = set_move(u->aliases, other->aliases);
863 if (r < 0) {
864 set_remove(u->aliases, other->id);
865 return r;
866 }
23a177ef 867
4562c355
ZJS		 868 TAKE_PTR(other->id);
869 other->aliases = set_free_free(other->aliases);
23a177ef 870
90e74a66 871 SET_FOREACH(name, u->aliases)
4562c355 872 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 873
874 return 0;
87f0e418
LP		 875}
876
15ed3c3a
LP		 877static int unit_reserve_dependencies(Unit *u, Unit *other) {
878 size_t n_reserve;
879 Hashmap* deps;
880 void *d;
881 int r;
09a65f92
MS		 882
883 assert(u);
884 assert(other);
09a65f92 885
15ed3c3a
LP		 886 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
887 * fail.
888 *
889 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
890 * hashmaps is an estimate that is likely too high since they probably use some of the same
891 * types. But it's never too low, and that's all we need. */
892
893 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
894 if (n_reserve > 0) {
895 r = hashmap_ensure_allocated(&u->dependencies, NULL);
896 if (r < 0)
897 return r;
898
899 r = hashmap_reserve(u->dependencies, n_reserve);
900 if (r < 0)
901 return r;
902 }
903
904 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
905 * other unit's dependencies.
906 *
907 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
908 * reserve anything for. In that case other's set will be transferred as a whole to u by
909 * complete_move(). */
910
911 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
912 Hashmap *other_deps;
913
914 other_deps = hashmap_get(other->dependencies, d);
915
916 r = hashmap_reserve(deps, hashmap_size(other_deps));
917 if (r < 0)
918 return r;
919 }
920
921 return 0;
922}
923
924static void unit_maybe_warn_about_dependency(
925 Unit *u,
926 const char *other_id,
927 UnitDependency dependency) {
928
929 assert(u);
930
931 /* Only warn about some unit types */
932 if (!IN_SET(dependency,
933 UNIT_CONFLICTS,
934 UNIT_CONFLICTED_BY,
935 UNIT_BEFORE,
936 UNIT_AFTER,
294446dc 937 UNIT_ON_SUCCESS,
15ed3c3a
LP		 938 UNIT_ON_FAILURE,
939 UNIT_TRIGGERS,
940 UNIT_TRIGGERED_BY))
941 return;
942
943 if (streq_ptr(u->id, other_id))
944 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
945 else
946 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other_id), u->id);
947}
948
949static int unit_per_dependency_type_hashmap_update(
950 Hashmap *per_type,
951 Unit *other,
952 UnitDependencyMask origin_mask,
953 UnitDependencyMask destination_mask) {
954
955 UnitDependencyInfo info;
956 int r;
957
958 assert(other);
959 assert_cc(sizeof(void*) == sizeof(info));
960
961 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
962 * exists, or insert it anew if not. */
09a65f92 963
15ed3c3a
LP		 964 info.data = hashmap_get(per_type, other);
965 if (info.data) {
966 /* Entry already exists. Add in our mask. */
967
968 if (FLAGS_SET(origin_mask, info.origin_mask) &&
969 FLAGS_SET(destination_mask, info.destination_mask))
970 return 0; /* NOP */
971
972 info.origin_mask |= origin_mask;
973 info.destination_mask |= destination_mask;
974
975 r = hashmap_update(per_type, other, info.data);
976 } else {
977 info = (UnitDependencyInfo) {
978 .origin_mask = origin_mask,
979 .destination_mask = destination_mask,
980 };
09a65f92 981
15ed3c3a
LP		 982 r = hashmap_put(per_type, other, info.data);
983 }
984 if (r < 0)
985 return r;
986
987
988 return 1;
09a65f92
MS		 989}
990
15ed3c3a
LP		 991static int unit_add_dependency_hashmap(
992 Hashmap **dependencies,
993 UnitDependency d,
994 Unit *other,
995 UnitDependencyMask origin_mask,
996 UnitDependencyMask destination_mask) {
997
998 Hashmap *per_type;
87f0e418 999 int r;
23a177ef 1000
15ed3c3a
LP		 1001 assert(dependencies);
1002 assert(other);
1003 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
1004 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
1005 assert(origin_mask > 0 || destination_mask > 0);
1006
1007 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1008 * UnitDependencyInfo) */
1009 r = hashmap_ensure_allocated(dependencies, NULL);
1010 if (r < 0)
1011 return r;
1012
1013 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1014 * type, and if it's missing allocate it and insert it. */
1015 per_type = hashmap_get(*dependencies, UNIT_DEPENDENCY_TO_PTR(d));
1016 if (!per_type) {
1017 per_type = hashmap_new(NULL);
1018 if (!per_type)
1019 return -ENOMEM;
1020
1021 r = hashmap_put(*dependencies, UNIT_DEPENDENCY_TO_PTR(d), per_type);
1022 if (r < 0) {
1023 hashmap_free(per_type);
1024 return r;
1025 }
1026 }
1027
1028 return unit_per_dependency_type_hashmap_update(per_type, other, origin_mask, destination_mask);
1029}
1030
1031static void unit_merge_dependencies(
1032 Unit *u,
1033 Unit *other) {
1034
1035 int r;
eef85c4a 1036
23a177ef
LP		 1037 assert(u);
1038 assert(other);
23a177ef 1039
15ed3c3a
LP		 1040 if (u == other)
1041 return;
1042
1043 for (;;) {
1044 _cleanup_(hashmap_freep) Hashmap *other_deps = NULL;
1045 UnitDependencyInfo di_back;
1046 Unit *back;
1047 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1048 * since the hashmaps all want it as void pointer. */
1049
1050 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1051 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1052 if (!other_deps)
1053 break; /* done! */
1054
1055 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1056 * referenced units as 'back'. */
1057 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1058 Hashmap *back_deps;
1059 void *back_dt;
eef85c4a 1060
e66047ff 1061 if (back == u) {
15ed3c3a
LP		 1062 /* This is a dependency pointing back to the unit we want to merge with?
1063 * Suppress it (but warn) */
1064 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1065 continue;
1066 }
eef85c4a 1067
15ed3c3a
LP		 1068 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1069 * point to 'u' instead. */
1070 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1071 UnitDependencyInfo di_move;
eef85c4a 1072
15ed3c3a
LP		 1073 di_move.data = hashmap_remove(back_deps, other);
1074 if (!di_move.data)
1075 continue;
eef85c4a 1076
15ed3c3a
LP		 1077 assert_se(unit_per_dependency_type_hashmap_update(
1078 back_deps,
1079 u,
1080 di_move.origin_mask,
1081 di_move.destination_mask) >= 0);
1082 }
1083 }
eef85c4a 1084
15ed3c3a
LP		 1085 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1086 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1087 * them per type wholesale. */
1088 r = hashmap_put(u->dependencies, dt, other_deps);
1089 if (r == -EEXIST) {
1090 Hashmap *deps;
eef85c4a 1091
15ed3c3a 1092 /* The target unit already has dependencies of this type, let's then merge this individually. */
eef85c4a 1093
15ed3c3a
LP		 1094 assert_se(deps = hashmap_get(u->dependencies, dt));
1095
1096 for (;;) {
1097 UnitDependencyInfo di_move;
1098
1099 /* Get first dep */
1100 di_move.data = hashmap_steal_first_key_and_value(other_deps, (void**) &back);
1101 if (!di_move.data)
1102 break; /* done */
1103 if (back == u) {
1104 /* Would point back to us, ignore */
1105 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1106 continue;
1107 }
23a177ef 1108
15ed3c3a
LP		 1109 assert_se(unit_per_dependency_type_hashmap_update(deps, back, di_move.origin_mask, di_move.destination_mask) >= 0);
1110 }
1111 } else {
1112 assert_se(r >= 0);
1113 TAKE_PTR(other_deps);
e66047ff 1114
15ed3c3a
LP		 1115 if (hashmap_remove(other_deps, u))
1116 unit_maybe_warn_about_dependency(u, other->id, UNIT_DEPENDENCY_FROM_PTR(dt));
1117 }
1118 }
23a177ef 1119
15ed3c3a 1120 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1121}
1122
1123int unit_merge(Unit *u, Unit *other) {
09a65f92 1124 int r;
87f0e418
LP		 1125
1126 assert(u);
1127 assert(other);
ac155bb8
MS		 1128 assert(u->manager == other->manager);
1129 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1130
cc916967
LP		 1131 other = unit_follow_merge(other);
1132
23a177ef
LP		 1133 if (other == u)
1134 return 0;
1135
ac155bb8 1136 if (u->type != other->type)
9e2f7c11
LP		 1137 return -EINVAL;
1138
8a993b61 1139 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1140 return -EEXIST;
1141
ec2ce0c5 1142 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1143 return -EEXIST;
87f0e418 1144
d383acad
ZJS		 1145 if (!streq_ptr(u->instance, other->instance))
1146 return -EINVAL;
1147
ac155bb8 1148 if (other->job)
819e213f
LP		 1149 return -EEXIST;
1150
e0209d83
MS		 1151 if (other->nop_job)
1152 return -EEXIST;
1153
fdf20a31 1154 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1155 return -EEXIST;
1156
15ed3c3a
LP		 1157 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1158 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1159 r = unit_reserve_dependencies(u, other);
1160 if (r < 0)
1161 return r;
09a65f92 1162
87f0e418 1163 /* Merge names */
15ed3c3a 1164 r = unit_merge_names(u, other);
7c0b05e5
MS		 1165 if (r < 0)
1166 return r;
87f0e418 1167
57020a3a 1168 /* Redirect all references */
7f7d01ed
ZJS		 1169 while (other->refs_by_target)
1170 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1171
87f0e418 1172 /* Merge dependencies */
15ed3c3a 1173 unit_merge_dependencies(u, other);
87f0e418 1174
ac155bb8
MS		 1175 other->load_state = UNIT_MERGED;
1176 other->merged_into = u;
23a177ef 1177
3616a49c
LP		 1178 /* If there is still some data attached to the other node, we
1179 * don't need it anymore, and can free it. */
ac155bb8 1180 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1181 if (UNIT_VTABLE(other)->done)
1182 UNIT_VTABLE(other)->done(other);
1183
1184 unit_add_to_dbus_queue(u);
23a177ef
LP		 1185 unit_add_to_cleanup_queue(other);
1186
1187 return 0;
1188}
1189
1190int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1191 _cleanup_free_ char *s = NULL;
23a177ef 1192 Unit *other;
9e2f7c11 1193 int r;
23a177ef 1194
e8630e69
ZJS		 1195 /* Either add name to u, or if a unit with name already exists, merge it with u.
1196 * If name is a template, do the same for name@instance, where instance is u's instance. */
1197
23a177ef
LP		 1198 assert(u);
1199 assert(name);
1200
7410616c 1201 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1202 if (!u->instance)
9e2f7c11
LP		 1203 return -EINVAL;
1204
7410616c
LP		 1205 r = unit_name_replace_instance(name, u->instance, &s);
1206 if (r < 0)
1207 return r;
9e2f7c11
LP		 1208
1209 name = s;
1210 }
1211
c2756a68 1212 other = manager_get_unit(u->manager, name);
7410616c
LP		 1213 if (other)
1214 return unit_merge(u, other);
23a177ef 1215
7410616c 1216 return unit_add_name(u, name);
23a177ef
LP		 1217}
1218
1219Unit* unit_follow_merge(Unit *u) {
1220 assert(u);
1221
ac155bb8
MS		 1222 while (u->load_state == UNIT_MERGED)
1223 assert_se(u = u->merged_into);
23a177ef
LP		 1224
1225 return u;
1226}
1227
1228int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1229 int r;
1230
1231 assert(u);
1232 assert(c);
1233
e1e74614 1234 if (c->working_directory && !c->working_directory_missing_ok) {
eef85c4a 1235 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1236 if (r < 0)
1237 return r;
1238 }
1239
1240 if (c->root_directory) {
eef85c4a 1241 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
36be24c8
ZJS		 1242 if (r < 0)
1243 return r;
1244 }
1245
915e6d16 1246 if (c->root_image) {
eef85c4a 1247 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
915e6d16
LP		 1248 if (r < 0)
1249 return r;
1250 }
1251
12375b95 1252 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1253 if (!u->manager->prefix[dt])
1254 continue;
1255
211a3d87 1256 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1257 _cleanup_free_ char *p = NULL;
ada5e276 1258
211a3d87 1259 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1260 if (!p)
1261 return -ENOMEM;
1262
eef85c4a 1263 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
ada5e276
YW		 1264 if (r < 0)
1265 return r;
1266 }
1267 }
1268
463d0d15 1269 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1270 return 0;
1271
f3b7a79b
LP		 1272 /* For the following three directory types we need write access, and /var/ is possibly on the root
1273 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1274 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1275 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1276 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1277 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1278 if (r < 0)
1279 return r;
1280 }
1281
b46a529c 1282 if (c->private_tmp) {
d71f0505 1283
b2c7d1bb
FB		 1284 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1285 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1286 * /tmp specifically and masking other mount units should be handled more
1287 * gracefully too, see PR#16894. */
1288 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "tmp.mount", true, UNIT_DEPENDENCY_FILE);
1289 if (r < 0)
1290 return r;
1291
1292 r = unit_require_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE);
1293 if (r < 0)
1294 return r;
b46a529c 1295
35d8c19a 1296 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1297 if (r < 0)
1298 return r;
1299 }
1300
33b58dfb
LP		 1301 if (c->root_image) {
1302 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1303 * implicit dependency on udev */
1304
1305 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1306 if (r < 0)
1307 return r;
1308 }
1309
52c239d7
LB		 1310 if (!IN_SET(c->std_output,
1311 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1312 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1313 !IN_SET(c->std_error,
1314 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1315 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1316 !c->log_namespace)
23a177ef
LP		 1317 return 0;
1318
91dd5f7c
LP		 1319 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1320 * is run first. */
1321
1322 if (c->log_namespace) {
dc5437c7 1323 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1324
91dd5f7c
LP		 1325 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1326 if (r < 0)
1327 return r;
1328
1329 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1330 if (r < 0)
1331 return r;
dc5437c7
LP		 1332
1333 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1334 if (r < 0)
1335 return r;
1336
1337 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1338 if (r < 0)
1339 return r;
91dd5f7c
LP		 1340 } else
1341 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1342 if (r < 0)
1343 return r;
23a177ef 1344
87f0e418
LP		 1345 return 0;
1346}
1347
04d232d8 1348const char* unit_description(Unit *u) {
87f0e418
LP		 1349 assert(u);
1350
ac155bb8
MS		 1351 if (u->description)
1352 return u->description;
87f0e418 1353
ac155bb8 1354 return strna(u->id);
87f0e418
LP		 1355}
1356
e6a16a82 1357const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1358 assert(u);
04d232d8 1359 assert(u->id);
2a8f53c6 1360
04d232d8
ZJS		 1361 /* Return u->id, u->description, or "{u->id} - {u->description}".
1362 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1363 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1364 * pointer.
1365 *
1366 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1367
1368 if (!u->description ||
1369 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1370 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1371 streq(u->description, u->id)) {
1372
1373 if (ret_combined_buffer)
1374 *ret_combined_buffer = NULL;
2a8f53c6 1375 return u->id;
e6a16a82 1376 }
2a8f53c6 1377
e6a16a82
ZJS		 1378 if (ret_combined_buffer) {
1379 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1380 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1381 if (*ret_combined_buffer)
1382 return *ret_combined_buffer;
1383 log_oom(); /* Fall back to ->description */
04d232d8 1384 } else
e6a16a82 1385 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1386 }
1387
1388 return u->description;
2a8f53c6
ZJS		 1389}
1390
87f0e418 1391/* Common implementation for multiple backends */
c3620770 1392int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1393 int r;
1394
1395 assert(u);
23a177ef 1396
e48614c4 1397 /* Load a .{service,socket,...} file */
4ad49000
LP		 1398 r = unit_load_fragment(u);
1399 if (r < 0)
23a177ef
LP		 1400 return r;
1401
c3620770
ZJS		 1402 if (u->load_state == UNIT_STUB) {
1403 if (fragment_required)
1404 return -ENOENT;
1405
1406 u->load_state = UNIT_LOADED;
1407 }
23a177ef 1408
9e4ea9cc
ZJS		 1409 /* Load drop-in directory data. If u is an alias, we might be reloading the
1410 * target unit needlessly. But we cannot be sure which drops-ins have already
1411 * been loaded and which not, at least without doing complicated book-keeping,
1412 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1413 r = unit_load_dropin(unit_follow_merge(u));
1414 if (r < 0)
1415 return r;
1416
1417 if (u->source_path) {
1418 struct stat st;
1419
1420 if (stat(u->source_path, &st) >= 0)
1421 u->source_mtime = timespec_load(&st.st_mtim);
1422 else
1423 u->source_mtime = 0;
1424 }
1425
1426 return 0;
23a177ef
LP		 1427}
1428
19496554
MS		 1429void unit_add_to_target_deps_queue(Unit *u) {
1430 Manager *m = u->manager;
1431
1432 assert(u);
1433
1434 if (u->in_target_deps_queue)
1435 return;
1436
1437 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1438 u->in_target_deps_queue = true;
1439}
1440
bba34eed 1441int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1442 assert(u);
1443 assert(target);
1444
ac155bb8 1445 if (target->type != UNIT_TARGET)
98bc2000
LP		 1446 return 0;
1447
35b8ca3a 1448 /* Only add the dependency if both units are loaded, so that
bba34eed 1449 * that loop check below is reliable */
ac155bb8
MS		 1450 if (u->load_state != UNIT_LOADED ||
1451 target->load_state != UNIT_LOADED)
bba34eed
LP		 1452 return 0;
1453
21256a2b
LP		 1454 /* If either side wants no automatic dependencies, then let's
1455 * skip this */
ac155bb8
MS		 1456 if (!u->default_dependencies ||
1457 !target->default_dependencies)
21256a2b
LP		 1458 return 0;
1459
98bc2000 1460 /* Don't create loops */
15ed3c3a 1461 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1462 return 0;
1463
eef85c4a 1464 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1465}
1466
e954c9cf 1467static int unit_add_slice_dependencies(Unit *u) {
12f64221 1468 Unit *slice;
e954c9cf 1469 assert(u);
b81884e7 1470
35b7ff80 1471 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1472 return 0;
1473
eef85c4a
LP		 1474 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1475 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1476 relationship). */
f6173cb9 1477 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1478
12f64221
LP		 1479 slice = UNIT_GET_SLICE(u);
1480 if (slice)
1481 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1482
8c8da0e0 1483 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1484 return 0;
1485
5a724170 1486 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1487}
1488
e954c9cf 1489static int unit_add_mount_dependencies(Unit *u) {
eef85c4a
LP		 1490 UnitDependencyInfo di;
1491 const char *path;
9588bc32
LP		 1492 int r;
1493
1494 assert(u);
1495
90e74a66 1496 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for) {
eef85c4a 1497 char prefix[strlen(path) + 1];
9588bc32 1498
eef85c4a 1499 PATH_FOREACH_PREFIX_MORE(prefix, path) {
c7c89abb 1500 _cleanup_free_ char *p = NULL;
9588bc32
LP		 1501 Unit *m;
1502
c7c89abb 1503 r = unit_name_from_path(prefix, ".mount", &p);
598a6a84
LP		 1504 if (IN_SET(r, -EINVAL, -ENAMETOOLONG))
1505 continue; /* If the path cannot be converted to a mount unit name, then it's
4076ad9d 1506 * not manageable as a unit by systemd, and hence we don't need a
598a6a84 1507 * dependency on it. Let's thus silently ignore the issue. */
9588bc32
LP		 1508 if (r < 0)
1509 return r;
c7c89abb
FB		 1510
1511 m = manager_get_unit(u->manager, p);
1512 if (!m) {
598a6a84
LP		 1513 /* Make sure to load the mount unit if it exists. If so the dependencies on
1514 * this unit will be added later during the loading of the mount unit. */
c7c89abb 1515 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
9588bc32 1516 continue;
c7c89abb 1517 }
9588bc32
LP		 1518 if (m == u)
1519 continue;
1520
1521 if (m->load_state != UNIT_LOADED)
1522 continue;
1523
eef85c4a 1524 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
9588bc32
LP		 1525 if (r < 0)
1526 return r;
1527
1528 if (m->fragment_path) {
eef85c4a 1529 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
9588bc32
LP		 1530 if (r < 0)
1531 return r;
1532 }
1533 }
1534 }
1535
1536 return 0;
1537}
1538
a2db0225
AZ		 1539static int unit_add_oomd_dependencies(Unit *u) {
1540 CGroupContext *c;
1541 bool wants_oomd;
1542 int r;
1543
1544 assert(u);
1545
1546 if (!u->default_dependencies)
1547 return 0;
1548
1549 c = unit_get_cgroup_context(u);
1550 if (!c)
1551 return 0;
1552
1553 wants_oomd = (c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL);
1554 if (!wants_oomd)
1555 return 0;
1556
1557 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
1558 if (r < 0)
1559 return r;
1560
1561 return 0;
1562}
1563
95ae05c0 1564static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1565 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1566 return 0;
1567
de7fef4b 1568 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1569}
1570
294446dc
LP		 1571static int unit_validate_on_failure_job_mode(
1572 Unit *u,
1573 const char *job_mode_setting,
1574 JobMode job_mode,
1575 const char *dependency_name,
1576 UnitDependencyAtom atom) {
1577
1578 Unit *other, *found = NULL;
1579
1580 if (job_mode != JOB_ISOLATE)
1581 return 0;
1582
1583 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1584 if (!found)
1585 found = other;
1586 else if (found != other)
1587 return log_unit_error_errno(
1588 u, SYNTHETIC_ERRNO(ENOEXEC),
1589 "More than one %s dependencies specified but %sisolate set. Refusing.",
1590 dependency_name, job_mode_setting);
1591 }
1592
1593 return 0;
1594}
1595
87f0e418
LP		 1596int unit_load(Unit *u) {
1597 int r;
1598
1599 assert(u);
1600
ac155bb8 1601 if (u->in_load_queue) {
71fda00f 1602 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1603 u->in_load_queue = false;
87f0e418
LP		 1604 }
1605
ac155bb8 1606 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1607 return -EINVAL;
1608
ac155bb8 1609 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1610 return 0;
1611
4f4afc88 1612 if (u->transient_file) {
66fa4bdd
LP		 1613 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1614 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1615
4f4afc88
LP		 1616 r = fflush_and_check(u->transient_file);
1617 if (r < 0)
1618 goto fail;
1619
50fb00b7 1620 u->transient_file = safe_fclose(u->transient_file);
f76707da 1621 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1622 }
1623
c3784a7d
ZJS		 1624 r = UNIT_VTABLE(u)->load(u);
1625 if (r < 0)
23a177ef 1626 goto fail;
c3784a7d
ZJS		 1627
1628 assert(u->load_state != UNIT_STUB);
23a177ef 1629
7c8fa05c 1630 if (u->load_state == UNIT_LOADED) {
19496554 1631 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1632
1633 r = unit_add_slice_dependencies(u);
1634 if (r < 0)
1635 goto fail;
c2756a68 1636
e954c9cf 1637 r = unit_add_mount_dependencies(u);
7c8fa05c 1638 if (r < 0)
c2756a68 1639 goto fail;
7c8fa05c 1640
a2db0225
AZ		 1641 r = unit_add_oomd_dependencies(u);
1642 if (r < 0)
1643 goto fail;
1644
95ae05c0
WC		 1645 r = unit_add_startup_units(u);
1646 if (r < 0)
1647 goto fail;
1648
294446dc
LP		 1649 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1650 if (r < 0)
1651 goto fail;
15ed3c3a 1652
294446dc
LP		 1653 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1654 if (r < 0)
1655 goto fail;
bc432dc7 1656
a2df3ea4
MK		 1657 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1658 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1659
5af88058
LP		 1660 /* We finished loading, let's ensure our parents recalculate the members mask */
1661 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1662 }
1663
ac155bb8 1664 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1665
1666 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1667 unit_add_to_gc_queue(u);
f561e8c6 1668 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1669
87f0e418
LP		 1670 return 0;
1671
1672fail:
81be2388
ZJS		 1673 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1674 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1675
1676 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1677 r == -ENOEXEC ? UNIT_BAD_SETTING :
1678 UNIT_ERROR;
ac155bb8 1679 u->load_error = r;
c4555ad8 1680
c149d2b4
ZJS		 1681 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1682 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1683 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1684 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1685
c1e1601e 1686 unit_add_to_dbus_queue(u);
9a46fc3b 1687 unit_add_to_gc_queue(u);
23a177ef 1688
c4555ad8 1689 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1690}
1691
f9f88198
YW		 1692_printf_(7, 8)
1693static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1694 Unit *u = userdata;
1695 va_list ap;
1696 int r;
49365733 1697
c2503e35
RH		 1698 if (u && !unit_log_level_test(u, level))
1699 return -ERRNO_VALUE(error);
1700
f9f88198
YW		 1701 va_start(ap, format);
1702 if (u)
1703 r = log_object_internalv(level, error, file, line, func,
1704 u->manager->unit_log_field,
1705 u->id,
1706 u->manager->invocation_log_field,
1707 u->invocation_id_string,
1708 format, ap);
1709 else
1710 r = log_internalv(level, error, file, line, func, format, ap);
1711 va_end(ap);
49365733 1712
f9f88198 1713 return r;
49365733
LP		 1714}
1715
97a3f4ee 1716static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1717 _cleanup_strv_free_ char **env = NULL;
1718 int r;
1719
90bbc946
LP		 1720 assert(u);
1721
ac155bb8 1722 dual_timestamp_get(&u->condition_timestamp);
90bbc946 1723
a0b191b7
LP		 1724 r = manager_get_effective_environment(u->manager, &env);
1725 if (r < 0) {
1726 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1727 u->condition_result = true;
a0b191b7
LP		 1728 } else
1729 u->condition_result = condition_test_list(
1730 u->conditions,
1731 env,
1732 condition_type_to_string,
1733 log_unit_internal,
1734 u);
e18f8852 1735
a0b191b7 1736 unit_add_to_dbus_queue(u);
ac155bb8 1737 return u->condition_result;
90bbc946
LP		 1738}
1739
97a3f4ee 1740static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1741 _cleanup_strv_free_ char **env = NULL;
1742 int r;
1743
59fccdc5
LP		 1744 assert(u);
1745
1746 dual_timestamp_get(&u->assert_timestamp);
59fccdc5 1747
a0b191b7
LP		 1748 r = manager_get_effective_environment(u->manager, &env);
1749 if (r < 0) {
1750 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1751 u->assert_result = CONDITION_ERROR;
1752 } else
1753 u->assert_result = condition_test_list(
1754 u->asserts,
1755 env,
1756 assert_type_to_string,
1757 log_unit_internal,
1758 u);
e18f8852 1759
a0b191b7 1760 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1761 return u->assert_result;
1762}
1763
04d232d8
ZJS		 1764void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1765 if (log_get_show_color()) {
1766 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1767 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1768 else
1769 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1770 }
5b262f74 1771
df446f96 1772 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1773 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1774 REENABLE_WARNING;
1775}
1776
97a3f4ee 1777int unit_test_start_limit(Unit *u) {
429926e9
TR		 1778 const char *reason;
1779
6bf0f408
LP		 1780 assert(u);
1781
7bf081a1 1782 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1783 u->start_limit_hit = false;
1784 return 0;
1785 }
1786
1787 log_unit_warning(u, "Start request repeated too quickly.");
1788 u->start_limit_hit = true;
1789
429926e9
TR		 1790 reason = strjoina("unit ", u->id, " failed");
1791
36c4dc08
LP		 1792 emergency_action(u->manager, u->start_limit_action,
1793 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1794 u->reboot_arg, -1, reason);
1795
1796 return -ECANCELED;
6bf0f408
LP		 1797}
1798
c891efaf 1799bool unit_shall_confirm_spawn(Unit *u) {
631b676b 1800 assert(u);
c891efaf
FB		 1801
1802 if (manager_is_confirm_spawn_disabled(u->manager))
1803 return false;
1804
1805 /* For some reasons units remaining in the same process group
1806 * as PID 1 fail to acquire the console even if it's not used
1807 * by any process. So skip the confirmation question for them. */
1808 return !unit_get_exec_context(u)->same_pgrp;
1809}
1810
631b676b
LP		 1811static bool unit_verify_deps(Unit *u) {
1812 Unit *other;
631b676b
LP		 1813
1814 assert(u);
1815
defe63b0
LP		 1816 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1817 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1818 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1819 * that are not used in conjunction with After= as for them any such check would make things entirely
1820 * racy. */
631b676b 1821
15ed3c3a 1822 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1823
15ed3c3a 1824 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1825 continue;
1826
1827 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1828 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1829 return false;
1830 }
1831 }
1832
1833 return true;
1834}
1835
9adb6959 1836/* Errors that aren't really errors:
6bf0f408 1837 * -EALREADY: Unit is already started.
9adb6959 1838 * -ECOMM: Condition failed
6bf0f408 1839 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1840 *
1841 * Errors that are real errors:
1842 * -EBADR: This unit type does not support starting.
2de9b979 1843 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1844 * -EPROTO: Assert failed
1845 * -EINVAL: Unit not loaded
1846 * -EOPNOTSUPP: Unit type not supported
631b676b 1847 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1848 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1849 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418
LP		 1850 */
1851int unit_start(Unit *u) {
1852 UnitActiveState state;
92ab323c 1853 Unit *following;
5f37c1a9 1854 int r;
87f0e418
LP		 1855
1856 assert(u);
1857
5766aca8
LP		 1858 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1859 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1860 * waiting is finished. */
87f0e418
LP		 1861 state = unit_active_state(u);
1862 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1863 return -EALREADY;
380dc8b0
LP		 1864 if (state == UNIT_MAINTENANCE)
1865 return -EAGAIN;
87f0e418 1866
6bf0f408
LP		 1867 /* Units that aren't loaded cannot be started */
1868 if (u->load_state != UNIT_LOADED)
1869 return -EINVAL;
1870
d4fd1cf2
LP		 1871 /* Refuse starting scope units more than once */
1872 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1873 return -ESTALE;
1874
5766aca8
LP		 1875 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1876 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1877 * recheck the condition in that case. */
a82e5507 1878 if (state != UNIT_ACTIVATING &&
5af6aa58 1879 !unit_test_condition(u))
5766aca8 1880 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
52661efd 1881
59fccdc5
LP		 1882 /* If the asserts failed, fail the entire job */
1883 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1884 !unit_test_assert(u))
1885 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1886
5766aca8
LP		 1887 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1888 * condition checks, so that we rather return condition check errors (which are usually not
1889 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1890 */
96cf3ec9 1891 if (!unit_type_supported(u->type))
d11a7645
LP		 1892 return -EOPNOTSUPP;
1893
5766aca8
LP		 1894 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1895 * should have taken care of this already, but let's check this here again. After all, our
1896 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
631b676b
LP		 1897 if (!unit_verify_deps(u))
1898 return -ENOLINK;
1899
92ab323c 1900 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1901 following = unit_following(u);
1902 if (following) {
f2341e0a 1903 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
92ab323c
LP		 1904 return unit_start(following);
1905 }
1906
705578c3
MS		 1907 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1908 if (UNIT_VTABLE(u)->can_start) {
1909 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1910 if (r < 0)
1911 return r;
1912 }
1913
92ab323c
LP		 1914 /* If it is stopped, but we cannot start it, then fail */
1915 if (!UNIT_VTABLE(u)->start)
1916 return -EBADR;
1917
5766aca8
LP		 1918 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1919 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1920 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1921
c1e1601e 1922 unit_add_to_dbus_queue(u);
d9e45bc3 1923 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1924
d1a34ae9 1925 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 1926}
1927
1928bool unit_can_start(Unit *u) {
1929 assert(u);
1930
8ff4d2ab
LP		 1931 if (u->load_state != UNIT_LOADED)
1932 return false;
1933
96cf3ec9 1934 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 1935 return false;
1936
d4fd1cf2
LP		 1937 /* Scope units may be started only once */
1938 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1939 return false;
1940
87f0e418
LP		 1941 return !!UNIT_VTABLE(u)->start;
1942}
1943
2528a7a6
LP		 1944bool unit_can_isolate(Unit *u) {
1945 assert(u);
1946
1947 return unit_can_start(u) &&
ac155bb8 1948 u->allow_isolate;
2528a7a6
LP		 1949}
1950
87f0e418
LP		 1951/* Errors:
1952 * -EBADR: This unit type does not support stopping.
1953 * -EALREADY: Unit is already stopped.
1954 * -EAGAIN: An operation is already in progress. Retry later.
1955 */
1956int unit_stop(Unit *u) {
1957 UnitActiveState state;
92ab323c 1958 Unit *following;
87f0e418
LP		 1959
1960 assert(u);
1961
87f0e418 1962 state = unit_active_state(u);
fdf20a31 1963 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 1964 return -EALREADY;
1965
0faacd47
LP		 1966 following = unit_following(u);
1967 if (following) {
f2341e0a 1968 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 1969 return unit_stop(following);
1970 }
1971
7898b0cf
LP		 1972 if (!UNIT_VTABLE(u)->stop)
1973 return -EBADR;
1974
c1e1601e 1975 unit_add_to_dbus_queue(u);
d9e45bc3 1976 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 1977
d1a34ae9 1978 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 1979}
1980
f5869324
LP		 1981bool unit_can_stop(Unit *u) {
1982 assert(u);
1983
39c79477
ZJS		 1984 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1985 * Extrinsic units follow external state and they may stop following external state changes
1986 * (hence we return true here), but an attempt to do this through the manager will fail. */
1987
96cf3ec9 1988 if (!unit_type_supported(u->type))
f5869324
LP		 1989 return false;
1990
1991 if (u->perpetual)
1992 return false;
1993
1994 return !!UNIT_VTABLE(u)->stop;
1995}
1996
87f0e418
LP		 1997/* Errors:
1998 * -EBADR: This unit type does not support reloading.
1999 * -ENOEXEC: Unit is not started.
2000 * -EAGAIN: An operation is already in progress. Retry later.
2001 */
2002int unit_reload(Unit *u) {
2003 UnitActiveState state;
92ab323c 2004 Unit *following;
87f0e418
LP		 2005
2006 assert(u);
2007
ac155bb8 2008 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2009 return -EINVAL;
2010
87f0e418
LP		 2011 if (!unit_can_reload(u))
2012 return -EBADR;
2013
2014 state = unit_active_state(u);
e364ad06 2015 if (state == UNIT_RELOADING)
6255af75 2016 return -EAGAIN;
87f0e418 2017
d85ff944
YW		 2018 if (state != UNIT_ACTIVE)
2019 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2020
e48614c4
ZJS		 2021 following = unit_following(u);
2022 if (following) {
f2341e0a 2023 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2024 return unit_reload(following);
2025 }
2026
c1e1601e 2027 unit_add_to_dbus_queue(u);
82a2b6bb 2028
f54bcca5
JR		 2029 if (!UNIT_VTABLE(u)->reload) {
2030 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2ad2e41a 2031 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
f54bcca5
JR		 2032 return 0;
2033 }
2034
d9e45bc3
MS		 2035 unit_cgroup_freezer_action(u, FREEZER_THAW);
2036
d1a34ae9 2037 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2038}
2039
2040bool unit_can_reload(Unit *u) {
2041 assert(u);
2042
f54bcca5
JR		 2043 if (UNIT_VTABLE(u)->can_reload)
2044 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2045
15ed3c3a 2046 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2047 return true;
2048
f54bcca5 2049 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2050}
2051
a3c1168a 2052bool unit_is_unneeded(Unit *u) {
15ed3c3a 2053 Unit *other;
f3bff0eb
LP		 2054 assert(u);
2055
ac155bb8 2056 if (!u->stop_when_unneeded)
a3c1168a 2057 return false;
f3bff0eb 2058
a3c1168a 2059 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2060 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2061 return false;
2062 if (u->job)
2063 return false;
f3bff0eb 2064
15ed3c3a 2065 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2066 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2067 * restart, then don't clean this one up. */
b81884e7 2068
15ed3c3a
LP		 2069 if (other->job)
2070 return false;
a3c1168a 2071
15ed3c3a
LP		 2072 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2073 return false;
a3c1168a 2074
15ed3c3a
LP		 2075 if (unit_will_restart(other))
2076 return false;
bea355da
LP		 2077 }
2078
a3c1168a
LP		 2079 return true;
2080}
f3bff0eb 2081
0bc488c9
LP		 2082bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2083 Unit *other;
2084
2085 assert(u);
2086
2087 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2088 * that is active declared an Uphold= dependencies on it */
2089
2090 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2091 if (ret_culprit)
2092 *ret_culprit = NULL;
2093 return false;
2094 }
2095
2096 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2097 if (other->job)
2098 continue;
2099
2100 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2101 if (ret_culprit)
2102 *ret_culprit = other;
2103 return true;
2104 }
2105 }
2106
2107 if (ret_culprit)
2108 *ret_culprit = NULL;
2109 return false;
2110}
2111
56c59592
LP		 2112bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2113 Unit *other;
2114
2115 assert(u);
2116
2117 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2118 * because the other unit is down. */
56c59592
LP		 2119
2120 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2121 /* Don't clean up while the unit is transitioning or is even inactive. */
2122 if (ret_culprit)
2123 *ret_culprit = NULL;
2124 return false;
2125 }
2126
2127 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2128 if (other->job)
2129 continue;
2130
2131 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2132 if (ret_culprit)
56c59592
LP		 2133 *ret_culprit = other;
2134
2135 return true;
2136 }
2137 }
2138
2139 if (ret_culprit)
2140 *ret_culprit = NULL;
2141 return false;
2142}
2143
a3c1168a 2144static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2145 Unit *other;
a3c1168a
LP		 2146 assert(u);
2147
2148 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2149
15ed3c3a
LP		 2150 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2151 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2152}
2153
0bc488c9
LP		 2154static void check_uphold_dependencies(Unit *u) {
2155 Unit *other;
2156 assert(u);
2157
2158 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2159
2160 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2161 unit_submit_to_start_when_upheld_queue(other);
2162}
2163
56c59592 2164static void check_bound_by_dependencies(Unit *u) {
ff502445 2165 Unit *other;
ff502445
LP		 2166 assert(u);
2167
56c59592 2168 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2169
56c59592
LP		 2170 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2171 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2172}
2173
87f0e418 2174static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2175 Unit *other;
2176
2177 assert(u);
2178 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2179
15ed3c3a
LP		 2180 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2181 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2182 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2183 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2184
15ed3c3a
LP		 2185 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2186 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2187 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2188 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2189
15ed3c3a 2190 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2191 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2192 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2193}
2194
2195static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2196 Unit *other;
2197
2198 assert(u);
2199 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2200
b81884e7 2201 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2202 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2203 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2204 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2205}
2206
294446dc
LP		 2207void unit_start_on_failure(
2208 Unit *u,
2209 const char *dependency_name,
2210 UnitDependencyAtom atom,
2211 JobMode job_mode) {
2212
15ed3c3a 2213 bool logged = false;
c0daa706 2214 Unit *other;
7f66b026 2215 int r;
c0daa706
LP		 2216
2217 assert(u);
294446dc
LP		 2218 assert(dependency_name);
2219 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2220
2221 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2222
294446dc 2223 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2224 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2225
15ed3c3a 2226 if (!logged) {
294446dc 2227 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
15ed3c3a
LP		 2228 logged = true;
2229 }
2230
294446dc 2231 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2232 if (r < 0)
294446dc
LP		 2233 log_unit_warning_errno(
2234 u, r, "Failed to enqueue %s job, ignoring: %s",
2235 dependency_name, bus_error_message(&error, r));
222ae6a8 2236 }
294446dc
LP		 2237
2238 if (logged)
2239 log_unit_debug(u, "Triggering %s dependencies done.", dependency_name);
c0daa706
LP		 2240}
2241
3ecaa09b
LP		 2242void unit_trigger_notify(Unit *u) {
2243 Unit *other;
3ecaa09b
LP		 2244
2245 assert(u);
2246
15ed3c3a 2247 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2248 if (UNIT_VTABLE(other)->trigger_notify)
2249 UNIT_VTABLE(other)->trigger_notify(other, u);
2250}
2251
37109b85
ZJS		 2252static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2253 if (condition_notice && log_level > LOG_NOTICE)
2254 return LOG_NOTICE;
2255 if (condition_info && log_level > LOG_INFO)
2256 return LOG_INFO;
2257 return log_level;
2258}
2259
915b1d01 2260static int unit_log_resources(Unit *u) {
bc40a20e
LP		 2261 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2262 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2263 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2264 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2265 size_t n_message_parts = 0, n_iovec = 0;
bc40a20e 2266 char* message_parts[1 + 2 + 2 + 1], *t;
915b1d01 2267 nsec_t nsec = NSEC_INFINITY;
915b1d01
LP		 2268 int r;
2269 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2270 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2271 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2272 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2273 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2274 };
bc40a20e
LP		 2275 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2276 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2277 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2278 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2279 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2280 };
915b1d01
LP		 2281
2282 assert(u);
2283
2284 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2285 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2286 * information and the complete data in structured fields. */
2287
2288 (void) unit_get_cpu_usage(u, &nsec);
2289 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2290 /* Format the CPU time for inclusion in the structured log message */
2291 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2292 r = log_oom();
2293 goto finish;
2294 }
2295 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2296
2297 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2298 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2299 if (!t) {
2300 r = log_oom();
2301 goto finish;
2302 }
2303
2304 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2305
2306 log_level = raise_level(log_level,
ef6bb4dd
CG		 2307 nsec > MENTIONWORTHY_CPU_NSEC,
2308 nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2309 }
2310
bc40a20e 2311 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2312 uint64_t value = UINT64_MAX;
2313
2314 assert(io_fields[k]);
2315
2316 (void) unit_get_io_accounting(u, k, k > 0, &value);
2317 if (value == UINT64_MAX)
2318 continue;
2319
2320 have_io_accounting = true;
2321 if (value > 0)
2322 any_io = true;
2323
2324 /* Format IO accounting data for inclusion in the structured log message */
2325 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2326 r = log_oom();
2327 goto finish;
2328 }
2329 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2330
2331 /* Format the IO accounting data for inclusion in the human language message string, but only
2332 * for the bytes counters (and not for the operations counters) */
2333 if (k == CGROUP_IO_READ_BYTES) {
2334 assert(!rr);
2b59bf51 2335 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2336 if (!rr) {
2337 r = log_oom();
2338 goto finish;
2339 }
2340 } else if (k == CGROUP_IO_WRITE_BYTES) {
2341 assert(!wr);
2b59bf51 2342 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2343 if (!wr) {
2344 r = log_oom();
2345 goto finish;
2346 }
2347 }
37109b85
ZJS		 2348
2349 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2350 log_level = raise_level(log_level,
2351 value > MENTIONWORTHY_IO_BYTES,
2352 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2353 }
2354
2355 if (have_io_accounting) {
2356 if (any_io) {
2357 if (rr)
2358 message_parts[n_message_parts++] = TAKE_PTR(rr);
2359 if (wr)
2360 message_parts[n_message_parts++] = TAKE_PTR(wr);
2361
2362 } else {
2363 char *k;
2364
2365 k = strdup("no IO");
2366 if (!k) {
2367 r = log_oom();
2368 goto finish;
2369 }
2370
2371 message_parts[n_message_parts++] = k;
2372 }
2373 }
2374
12375b95 2375 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2376 uint64_t value = UINT64_MAX;
2377
2378 assert(ip_fields[m]);
2379
2380 (void) unit_get_ip_accounting(u, m, &value);
2381 if (value == UINT64_MAX)
2382 continue;
82044702
LP		 2383
2384 have_ip_accounting = true;
a87b1faa
LP		 2385 if (value > 0)
2386 any_traffic = true;
915b1d01
LP		 2387
2388 /* Format IP accounting data for inclusion in the structured log message */
2389 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2390 r = log_oom();
2391 goto finish;
2392 }
2393 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2394
2395 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2396 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2397 if (m == CGROUP_IP_INGRESS_BYTES) {
2398 assert(!igress);
2b59bf51 2399 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2400 if (!igress) {
2401 r = log_oom();
2402 goto finish;
2403 }
2404 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2405 assert(!egress);
2b59bf51 2406 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2407 if (!egress) {
2408 r = log_oom();
2409 goto finish;
2410 }
2411 }
37109b85
ZJS		 2412
2413 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2414 log_level = raise_level(log_level,
2415 value > MENTIONWORTHY_IP_BYTES,
2416 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2417 }
2418
c2503e35
RH		 2419 /* This check is here because it is the earliest point following all possible log_level assignments. If
2420 * log_level is assigned anywhere after this point, move this check. */
2421 if (!unit_log_level_test(u, log_level)) {
2422 r = 0;
2423 goto finish;
2424 }
2425
82044702
LP		 2426 if (have_ip_accounting) {
2427 if (any_traffic) {
2428 if (igress)
2429 message_parts[n_message_parts++] = TAKE_PTR(igress);
2430 if (egress)
2431 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2432
82044702
LP		 2433 } else {
2434 char *k;
915b1d01 2435
82044702
LP		 2436 k = strdup("no IP traffic");
2437 if (!k) {
2438 r = log_oom();
2439 goto finish;
2440 }
2441
2442 message_parts[n_message_parts++] = k;
2443 }
915b1d01
LP		 2444 }
2445
2446 /* Is there any accounting data available at all? */
2447 if (n_iovec == 0) {
2448 r = 0;
2449 goto finish;
2450 }
2451
2452 if (n_message_parts == 0)
a87b1faa 2453 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2454 else {
c2b2df60 2455 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2456
2457 message_parts[n_message_parts] = NULL;
2458
2459 joined = strv_join(message_parts, ", ");
2460 if (!joined) {
2461 r = log_oom();
2462 goto finish;
2463 }
2464
ec9d636b 2465 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2466 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2467 }
2468
2469 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2470 * and hence don't increase n_iovec for them */
2471 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2472 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2473
2474 t = strjoina(u->manager->unit_log_field, u->id);
2475 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2476
2477 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2478 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2479
c2503e35 2480 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2481 r = 0;
2482
2483finish:
12375b95 2484 for (size_t i = 0; i < n_message_parts; i++)
915b1d01
LP		 2485 free(message_parts[i]);
2486
12375b95 2487 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2488 free(iovec[i].iov_base);
2489
2490 return r;
2491
2492}
2493
adefcf28
LP		 2494static void unit_update_on_console(Unit *u) {
2495 bool b;
2496
2497 assert(u);
2498
2499 b = unit_needs_console(u);
2500 if (u->on_console == b)
2501 return;
2502
2503 u->on_console = b;
2504 if (b)
2505 manager_ref_console(u->manager);
2506 else
2507 manager_unref_console(u->manager);
adefcf28
LP		 2508}
2509
6eb65e7c
LP		 2510static void unit_emit_audit_start(Unit *u) {
2511 assert(u);
2512
2513 if (u->type != UNIT_SERVICE)
2514 return;
2515
2516 /* Write audit record if we have just finished starting up */
2517 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2518 u->in_audit = true;
2519}
2520
2521static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2522 assert(u);
2523
2524 if (u->type != UNIT_SERVICE)
2525 return;
2526
2527 if (u->in_audit) {
2528 /* Write audit record if we have just finished shutting down */
2529 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2530 u->in_audit = false;
2531 } else {
2532 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2533 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2534
2535 if (state == UNIT_INACTIVE)
2536 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2537 }
2538}
2539
16c74914
LP		 2540static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2541 bool unexpected = false;
31cd5f63 2542 JobResult result;
16c74914
LP		 2543
2544 assert(j);
2545
2546 if (j->state == JOB_WAITING)
2547
2548 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2549 * due to EAGAIN. */
2550 job_add_to_run_queue(j);
2551
2552 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2553 * hence needs to invalidate jobs. */
2554
2555 switch (j->type) {
2556
2557 case JOB_START:
2558 case JOB_VERIFY_ACTIVE:
2559
2560 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2561 job_finish_and_invalidate(j, JOB_DONE, true, false);
2562 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2563 unexpected = true;
2564
31cd5f63
AZ		 2565 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2566 if (ns == UNIT_FAILED)
2567 result = JOB_FAILED;
31cd5f63
AZ		 2568 else
2569 result = JOB_DONE;
2570
2571 job_finish_and_invalidate(j, result, true, false);
2572 }
16c74914
LP		 2573 }
2574
2575 break;
2576
2577 case JOB_RELOAD:
2578 case JOB_RELOAD_OR_START:
2579 case JOB_TRY_RELOAD:
2580
2581 if (j->state == JOB_RUNNING) {
2582 if (ns == UNIT_ACTIVE)
2583 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2584 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2585 unexpected = true;
2586
2587 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2588 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2589 }
2590 }
2591
2592 break;
2593
2594 case JOB_STOP:
2595 case JOB_RESTART:
2596 case JOB_TRY_RESTART:
2597
2598 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2599 job_finish_and_invalidate(j, JOB_DONE, true, false);
2600 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2601 unexpected = true;
2602 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2603 }
2604
2605 break;
2606
2607 default:
04499a70 2608 assert_not_reached();
16c74914
LP		 2609 }
2610
2611 return unexpected;
2612}
2613
2ad2e41a 2614void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
429926e9 2615 const char *reason;
8559b3b7 2616 Manager *m;
a096ed36 2617
87f0e418
LP		 2618 assert(u);
2619 assert(os < _UNIT_ACTIVE_STATE_MAX);
2620 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2621
8559b3b7
LP		 2622 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2623 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2624 * remounted this function will be called too! */
87f0e418 2625
546ac4f0
MS		 2626 m = u->manager;
2627
3c4832ad
LP		 2628 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2629 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2630 unit_add_to_dbus_queue(u);
2631
e30bbc90
AZ		 2632 /* Update systemd-oomd on the property/state change */
2633 if (os != ns) {
2634 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2635 * monitoring.
2636 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2637 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2638 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2639 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2640 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2641 (void) manager_varlink_send_managed_oom_update(u);
2642 }
2643
f755e3b7 2644 /* Update timestamps for state changes */
2c289ea8 2645 if (!MANAGER_IS_RELOADING(m)) {
a483fb59 2646 dual_timestamp_get(&u->state_change_timestamp);
173e3821 2647
bdbf9951 2648 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2649 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2650 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2651 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2652
2653 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2654 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2655 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2656 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2657 }
87f0e418 2658
865cc19a 2659 /* Keep track of failed units */
8724defe 2660 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2661
d3070fbd
LP		 2662 /* Make sure the cgroup and state files are always removed when we become inactive */
2663 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2664 SET_FLAG(u->markers,
2665 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2666 false);
efdb0237 2667 unit_prune_cgroup(u);
d3070fbd 2668 unit_unlink_state_files(u);
ff68472a
ZJS		 2669 } else if (ns != os && ns == UNIT_RELOADING)
2670 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2671
adefcf28 2672 unit_update_on_console(u);
7ed9f6cd 2673
2c289ea8 2674 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2675 bool unexpected;
2676
2677 /* Let's propagate state changes to the job */
2678 if (u->job)
2679 unexpected = unit_process_job(u->job, ns, flags);
2680 else
2681 unexpected = true;
f3bff0eb 2682
a1c7334b
LP		 2683 /* If this state change happened without being requested by a job, then let's retroactively start or
2684 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2685 * additional jobs just because something is already activated. */
bdbf9951
LP		 2686
2687 if (unexpected) {
2688 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2689 retroactively_start_dependencies(u);
2690 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2691 retroactively_stop_dependencies(u);
2692 }
5de9682c 2693
bdbf9951 2694 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2695 log_unit_debug(u, "Unit entered failed state.");
2ad2e41a
LP		 2696
2697 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
294446dc 2698 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2699 }
e537352b 2700
256f65d0
LP		 2701 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2702 /* This unit just finished starting up */
3b2775c5 2703
6eb65e7c 2704 unit_emit_audit_start(u);
546ac4f0 2705 manager_send_unit_plymouth(m, u);
256f65d0 2706 }
bdbf9951 2707
256f65d0 2708 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2709 /* This unit just stopped/failed. */
256f65d0 2710
6eb65e7c 2711 unit_emit_audit_stop(u, ns);
915b1d01 2712 unit_log_resources(u);
cd6d0a45 2713 }
294446dc
LP		 2714
2715 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE) &&
2716 !(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2717 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2718 }
2719
31dc1ca3
LP		 2720 manager_recheck_journal(m);
2721 manager_recheck_dbus(m);
e63ebf71 2722
3ecaa09b 2723 unit_trigger_notify(u);
3b2775c5 2724
8724defe 2725 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2726 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2727 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2728 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2729 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2730 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2731 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2732 }
ff502445
LP		 2733 }
2734
99e9af25 2735 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2736 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2737 * the state propagation above), and do work deferred instead of instantly, since they typically
2738 * don't want to run during reloading, and usually involve checking combined state of multiple units
2739 * at once. */
2740
2741 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2742 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2743 check_unneeded_dependencies(u);
2744 check_bound_by_dependencies(u);
2745
2746 /* Maybe someone wants us to remain up? */
2747 unit_submit_to_start_when_upheld_queue(u);
2748
2749 /* Maybe the unit should be GC'ed now? */
2750 unit_add_to_gc_queue(u);
2751 }
2752
2753 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2754 /* Start uphold units regardless if going up was expected or not */
2755 check_uphold_dependencies(u);
2756
2757 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2758 unit_submit_to_stop_when_unneeded_queue(u);
2759
2760 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2761 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2762 * inactive, without ever entering started.) */
2763 unit_submit_to_stop_when_bound_queue(u);
2764 }
87f0e418
LP		 2765}
2766
f75f613d 2767int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
62a76913 2768 int r;
a911bb9a 2769
87f0e418 2770 assert(u);
62a76913 2771 assert(pid_is_valid(pid));
87f0e418 2772
62a76913 2773 /* Watch a specific PID */
5ba6985b 2774
f75f613d
FB		 2775 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2776 * opportunity to remove any stalled references to this PID as they can be created
2777 * easily (when watching a process which is not our direct child). */
2778 if (exclusive)
2779 manager_unwatch_pid(u->manager, pid);
2780
d5099efc 2781 r = set_ensure_allocated(&u->pids, NULL);
5ba6985b
LP		 2782 if (r < 0)
2783 return r;
2784
62a76913 2785 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
a911bb9a
LP		 2786 if (r < 0)
2787 return r;
2788
62a76913
LP		 2789 /* First try, let's add the unit keyed by "pid". */
2790 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2791 if (r == -EEXIST) {
2792 Unit **array;
2793 bool found = false;
2794 size_t n = 0;
05e343b7 2795
62a76913
LP		 2796 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2797 * to an array of Units rather than just a Unit), lists us already. */
a911bb9a 2798
62a76913
LP		 2799 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2800 if (array)
2801 for (; array[n]; n++)
2802 if (array[n] == u)
2803 found = true;
a911bb9a 2804
62a76913
LP		 2805 if (found) /* Found it already? if so, do nothing */
2806 r = 0;
2807 else {
2808 Unit **new_array;
2809
2810 /* Allocate a new array */
2811 new_array = new(Unit*, n + 2);
2812 if (!new_array)
2813 return -ENOMEM;
2814
2815 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2816 new_array[n] = u;
2817 new_array[n+1] = NULL;
2818
2819 /* Add or replace the old array */
2820 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2821 if (r < 0) {
2822 free(new_array);
2823 return r;
2824 }
2825
2826 free(array);
2827 }
2828 } else if (r < 0)
2829 return r;
2830
2831 r = set_put(u->pids, PID_TO_PTR(pid));
2832 if (r < 0)
2833 return r;
2834
2835 return 0;
87f0e418
LP		 2836}
2837
2838void unit_unwatch_pid(Unit *u, pid_t pid) {
62a76913
LP		 2839 Unit **array;
2840
87f0e418 2841 assert(u);
62a76913
LP		 2842 assert(pid_is_valid(pid));
2843
2844 /* First let's drop the unit in case it's keyed as "pid". */
2845 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2846
2847 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2848 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2849 if (array) {
62a76913 2850 /* Let's iterate through the array, dropping our own entry */
12375b95
ZJS		 2851
2852 size_t m = 0;
2853 for (size_t n = 0; array[n]; n++)
62a76913
LP		 2854 if (array[n] != u)
2855 array[m++] = array[n];
2856 array[m] = NULL;
2857
2858 if (m == 0) {
2859 /* The array is now empty, remove the entire entry */
20c3acfa 2860 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
62a76913
LP		 2861 free(array);
2862 }
2863 }
87f0e418 2864
fea72cc0 2865 (void) set_remove(u->pids, PID_TO_PTR(pid));
a911bb9a
LP		 2866}
2867
bd44e61b
LP		 2868void unit_unwatch_all_pids(Unit *u) {
2869 assert(u);
2870
2871 while (!set_isempty(u->pids))
fea72cc0 2872 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
bd44e61b 2873
efdb0237 2874 u->pids = set_free(u->pids);
a911bb9a
LP		 2875}
2876
50be4f4a
LP		 2877static void unit_tidy_watch_pids(Unit *u) {
2878 pid_t except1, except2;
a911bb9a
LP		 2879 void *e;
2880
2881 assert(u);
2882
2883 /* Cleans dead PIDs from our list */
2884
50be4f4a
LP		 2885 except1 = unit_main_pid(u);
2886 except2 = unit_control_pid(u);
2887
90e74a66 2888 SET_FOREACH(e, u->pids) {
fea72cc0 2889 pid_t pid = PTR_TO_PID(e);
a911bb9a
LP		 2890
2891 if (pid == except1 || pid == except2)
2892 continue;
2893
9f5650ae 2894 if (!pid_is_unwaited(pid))
bd44e61b 2895 unit_unwatch_pid(u, pid);
a911bb9a 2896 }
87f0e418
LP		 2897}
2898
50be4f4a
LP		 2899static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2900 Unit *u = userdata;
2901
2902 assert(s);
2903 assert(u);
2904
2905 unit_tidy_watch_pids(u);
2906 unit_watch_all_pids(u);
2907
2908 /* If the PID set is empty now, then let's finish this off. */
2909 unit_synthesize_cgroup_empty_event(u);
2910
2911 return 0;
2912}
2913
2914int unit_enqueue_rewatch_pids(Unit *u) {
2915 int r;
2916
2917 assert(u);
2918
2919 if (!u->cgroup_path)
2920 return -ENOENT;
2921
2922 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2923 if (r < 0)
2924 return r;
2925 if (r > 0) /* On unified we can use proper notifications */
2926 return 0;
2927
2928 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2929 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2930 * involves issuing kill(pid, 0) on all processes we watch. */
2931
2932 if (!u->rewatch_pids_event_source) {
2933 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2934
2935 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2936 if (r < 0)
2937 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2938
2939 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2940 if (r < 0)
28b77ab2 2941 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 2942
2943 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2944
2945 u->rewatch_pids_event_source = TAKE_PTR(s);
2946 }
2947
2948 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2949 if (r < 0)
2950 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2951
2952 return 0;
2953}
2954
2955void unit_dequeue_rewatch_pids(Unit *u) {
2956 int r;
2957 assert(u);
2958
2959 if (!u->rewatch_pids_event_source)
2960 return;
2961
2962 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2963 if (r < 0)
2964 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2965
5dcadb4c 2966 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 2967}
2968
87f0e418
LP		 2969bool unit_job_is_applicable(Unit *u, JobType j) {
2970 assert(u);
2971 assert(j >= 0 && j < _JOB_TYPE_MAX);
2972
2973 switch (j) {
2974
2975 case JOB_VERIFY_ACTIVE:
2976 case JOB_START:
e0209d83 2977 case JOB_NOP:
f5869324 2978 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 2979 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 2980 * jobs for it. */
87f0e418
LP		 2981 return true;
2982
f5869324
LP		 2983 case JOB_STOP:
2984 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 2985 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 2986 return !u->perpetual;
2987
87f0e418
LP		 2988 case JOB_RESTART:
2989 case JOB_TRY_RESTART:
f5869324 2990 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 2991
2992 case JOB_RELOAD:
3282591d 2993 case JOB_TRY_RELOAD:
87f0e418
LP		 2994 return unit_can_reload(u);
2995
2996 case JOB_RELOAD_OR_START:
2997 return unit_can_reload(u) && unit_can_start(u);
2998
2999 default:
04499a70 3000 assert_not_reached();
87f0e418
LP		 3001 }
3002}
3003
eef85c4a
LP		 3004int unit_add_dependency(
3005 Unit *u,
3006 UnitDependency d,
3007 Unit *other,
3008 bool add_reference,
3009 UnitDependencyMask mask) {
87f0e418
LP		 3010
3011 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3012 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
be7d9ff7 3013 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
7e9212bf 3014 [UNIT_WANTS] = UNIT_WANTED_BY,
7f2cddae 3015 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
60649f17 3016 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
0bc488c9 3017 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
be7d9ff7 3018 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
be7d9ff7 3019 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
be7d9ff7 3020 [UNIT_WANTED_BY] = UNIT_WANTS,
7f2cddae 3021 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
60649f17 3022 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
0bc488c9 3023 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
69dd2852
LP		 3024 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3025 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
87f0e418 3026 [UNIT_BEFORE] = UNIT_AFTER,
701cc384 3027 [UNIT_AFTER] = UNIT_BEFORE,
294446dc
LP		 3028 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3029 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
629b2a6f
LP		 3030 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3031 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
57020a3a 3032 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
4dcc1cb4 3033 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
7f2cddae 3034 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3035 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
ffec78c0
LP		 3036 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3037 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
defe63b0 3038 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
7e9212bf
LP		 3039 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3040 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
d219a2b0
LP		 3041 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3042 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3043 };
eef85c4a 3044 Unit *original_u = u, *original_other = other;
15ed3c3a 3045 UnitDependencyAtom a;
eef85c4a 3046 int r;
15ed3c3a
LP		 3047
3048 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3049 * there, no need to notify! */
3050 bool noop;
87f0e418
LP		 3051
3052 assert(u);
3053 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3054 assert(other);
3055
9f151f29
LP		 3056 u = unit_follow_merge(u);
3057 other = unit_follow_merge(other);
15ed3c3a
LP		 3058 a = unit_dependency_to_atom(d);
3059 assert(a >= 0);
9f151f29 3060
15ed3c3a 3061 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3062 if (u == other) {
15ed3c3a 3063 unit_maybe_warn_about_dependency(original_u, original_other->id, d);
87f0e418 3064 return 0;
d1fab3fe 3065 }
87f0e418 3066
f14d6810
MG		 3067 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3068 return 0;
3069
15ed3c3a
LP		 3070 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3071 * running timeout at a specific time. */
3072 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3073 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3074 return 0;
3075 }
3076
15ed3c3a 3077 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3078 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3079 return 0;
3080 }
3081
15ed3c3a 3082 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3083 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3084 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3085 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3086 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3087 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3088
d219a2b0
LP		 3089 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3090 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3091 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3092 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3093 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3094 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3095
3096 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3097 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3098 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3099
3100 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3101 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3102 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3103
15ed3c3a 3104 r = unit_add_dependency_hashmap(&u->dependencies, d, other, mask, 0);
613b411c 3105 if (r < 0)
87f0e418 3106 return r;
15ed3c3a 3107 noop = !r;
87f0e418 3108
eef85c4a 3109 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
15ed3c3a 3110 r = unit_add_dependency_hashmap(&other->dependencies, inverse_table[d], u, 0, mask);
613b411c
LP		 3111 if (r < 0)
3112 return r;
15ed3c3a 3113 if (r)
5177cb0a 3114 noop = false;
613b411c
LP		 3115 }
3116
3117 if (add_reference) {
15ed3c3a 3118 r = unit_add_dependency_hashmap(&u->dependencies, UNIT_REFERENCES, other, mask, 0);
613b411c 3119 if (r < 0)
5de9682c 3120 return r;
15ed3c3a 3121 if (r)
5177cb0a 3122 noop = false;
5de9682c 3123
15ed3c3a 3124 r = unit_add_dependency_hashmap(&other->dependencies, UNIT_REFERENCED_BY, u, 0, mask);
613b411c 3125 if (r < 0)
701cc384 3126 return r;
15ed3c3a 3127 if (r)
5177cb0a 3128 noop = false;
613b411c 3129 }
87f0e418 3130
5177cb0a
RM		 3131 if (!noop)
3132 unit_add_to_dbus_queue(u);
15ed3c3a 3133
87f0e418
LP		 3134 return 0;
3135}
0301abf4 3136
eef85c4a 3137int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2c966c03
LP		 3138 int r;
3139
3140 assert(u);
3141
eef85c4a 3142 r = unit_add_dependency(u, d, other, add_reference, mask);
3f3cc397 3143 if (r < 0)
2c966c03
LP		 3144 return r;
3145
eef85c4a 3146 return unit_add_dependency(u, e, other, add_reference, mask);
2c966c03
LP		 3147}
3148
23e8c796 3149static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3150 int r;
9e2f7c11
LP		 3151
3152 assert(u);
23e8c796 3153 assert(name);
7410616c
LP		 3154 assert(buf);
3155 assert(ret);
9e2f7c11 3156
7410616c
LP		 3157 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3158 *buf = NULL;
3159 *ret = name;
3160 return 0;
9e2f7c11
LP		 3161 }
3162
ac155bb8 3163 if (u->instance)
7410616c 3164 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3165 else {
ae018d9b 3166 _cleanup_free_ char *i = NULL;
9e2f7c11 3167
7410616c
LP		 3168 r = unit_name_to_prefix(u->id, &i);
3169 if (r < 0)
3170 return r;
9e2f7c11 3171
7410616c 3172 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3173 }
7410616c
LP		 3174 if (r < 0)
3175 return r;
9e2f7c11 3176
7410616c
LP		 3177 *ret = *buf;
3178 return 0;
9e2f7c11
LP		 3179}
3180
35d8c19a 3181int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3182 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3183 Unit *other;
3184 int r;
3185
9e2f7c11 3186 assert(u);
35d8c19a 3187 assert(name);
09b6b09f 3188
23e8c796 3189 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3190 if (r < 0)
3191 return r;
09b6b09f 3192
f14d6810
MG		 3193 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3194 return 0;
3195
35d8c19a 3196 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3197 if (r < 0)
3198 return r;
9e2f7c11 3199
eef85c4a 3200 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3201}
3202
5a724170 3203int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3204 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3205 Unit *other;
3206 int r;
2c966c03
LP		 3207
3208 assert(u);
5a724170 3209 assert(name);
2c966c03 3210
23e8c796 3211 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3212 if (r < 0)
3213 return r;
2c966c03 3214
f14d6810
MG		 3215 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3216 return 0;
3217
5a724170 3218 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3219 if (r < 0)
68eda4bd 3220 return r;
2c966c03 3221
eef85c4a 3222 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3223}
3224
0301abf4 3225int set_unit_path(const char *p) {
0301abf4 3226 /* This is mostly for debug purposes */
7c248223 3227 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
0301abf4 3228}
88066b3a 3229
ea430986 3230char *unit_dbus_path(Unit *u) {
ea430986
LP		 3231 assert(u);
3232
ac155bb8 3233 if (!u->id)
04ade7d2
LP		 3234 return NULL;
3235
48899192 3236 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3237}
3238
4b58153d
LP		 3239char *unit_dbus_path_invocation_id(Unit *u) {
3240 assert(u);
3241
3242 if (sd_id128_is_null(u->invocation_id))
3243 return NULL;
3244
3245 return unit_dbus_path_from_name(u->invocation_id_string);
3246}
3247
2d3b784d 3248int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3249 int r;
3250
3251 assert(u);
3252
3253 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3254
3255 if (sd_id128_equal(u->invocation_id, id))
3256 return 0;
3257
3258 if (!sd_id128_is_null(u->invocation_id))
3259 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3260
3261 if (sd_id128_is_null(id)) {
3262 r = 0;
3263 goto reset;
3264 }
3265
3266 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3267 if (r < 0)
3268 goto reset;
3269
3270 u->invocation_id = id;
3271 sd_id128_to_string(id, u->invocation_id_string);
3272
3273 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3274 if (r < 0)
3275 goto reset;
3276
3277 return 0;
3278
3279reset:
3280 u->invocation_id = SD_ID128_NULL;
3281 u->invocation_id_string[0] = 0;
3282 return r;
3283}
3284
899acf5c 3285int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3286 int r;
3287
d79200e2
LP		 3288 assert(u);
3289 assert(slice);
3290
d219a2b0
LP		 3291 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3292 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3293 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3294
3295 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3296 return -EOPNOTSUPP;
3297
3298 if (u->type == UNIT_SLICE)
3299 return -EINVAL;
3300
102ef982
LP		 3301 if (unit_active_state(u) != UNIT_INACTIVE)
3302 return -EBUSY;
3303
d79200e2
LP		 3304 if (slice->type != UNIT_SLICE)
3305 return -EINVAL;
3306
efdb0237
LP		 3307 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3308 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3309 return -EPERM;
3310
12f64221 3311 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3312 return 0;
3313
99e66921 3314 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3315 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3316 return -EBUSY;
3317
899acf5c
AZ		 3318 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3319 if (UNIT_GET_SLICE(u))
3320 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3321
3322 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3323 if (r < 0)
3324 return r;
3325
d79200e2
LP		 3326 return 1;
3327}
3328
3329int unit_set_default_slice(Unit *u) {
a8833944 3330 const char *slice_name;
a016b922
LP		 3331 Unit *slice;
3332 int r;
3333
3334 assert(u);
3335
f14d6810
MG		 3336 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3337 return 0;
3338
12f64221 3339 if (UNIT_GET_SLICE(u))
a016b922
LP		 3340 return 0;
3341
a8833944
LP		 3342 if (u->instance) {
3343 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3344
a8833944
LP		 3345 /* Implicitly place all instantiated units in their
3346 * own per-template slice */
3347
7410616c
LP		 3348 r = unit_name_to_prefix(u->id, &prefix);
3349 if (r < 0)
3350 return r;
a8833944
LP		 3351
3352 /* The prefix is already escaped, but it might include
3353 * "-" which has a special meaning for slice units,
3354 * hence escape it here extra. */
7410616c 3355 escaped = unit_name_escape(prefix);
a8833944
LP		 3356 if (!escaped)
3357 return -ENOMEM;
3358
463d0d15 3359 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3360 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3361 else
7f3b86a4 3362 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3363
3364 } else if (unit_is_extrinsic(u))
3365 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3366 * the root slice. They don't really belong in one of the subslices. */
3367 slice_name = SPECIAL_ROOT_SLICE;
3368
3369 else if (MANAGER_IS_SYSTEM(u->manager))
3370 slice_name = SPECIAL_SYSTEM_SLICE;
3371 else
3372 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3373
3374 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3375 if (r < 0)
3376 return r;
3377
899acf5c 3378 return unit_set_slice(u, slice);
a016b922
LP		 3379}
3380
9444b1f2 3381const char *unit_slice_name(Unit *u) {
12f64221 3382 Unit *slice;
9444b1f2
LP		 3383 assert(u);
3384
12f64221
LP		 3385 slice = UNIT_GET_SLICE(u);
3386 if (!slice)
9444b1f2
LP		 3387 return NULL;
3388
12f64221 3389 return slice->id;
9444b1f2
LP		 3390}
3391
f6ff8c29 3392int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3393 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3394 int r;
3395
3396 assert(u);
3397 assert(type);
3398 assert(_found);
3399
7410616c
LP		 3400 r = unit_name_change_suffix(u->id, type, &t);
3401 if (r < 0)
3402 return r;
3403 if (unit_has_name(u, t))
3404 return -EINVAL;
f6ff8c29 3405
ac155bb8 3406 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3407 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3408 return r;
3409}
3410
bbc29086 3411static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3412 const char *new_owner;
bbc29086
DM		 3413 Unit *u = userdata;
3414 int r;
3415
3416 assert(message);
3417 assert(u);
3418
fc67a943 3419 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3420 if (r < 0) {
3421 bus_log_parse_error(r);
3422 return 0;
3423 }
3424
3425 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3426 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3427
3428 return 0;
3429}
3430
3431static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3432 const sd_bus_error *e;
3433 const char *new_owner;
3434 Unit *u = userdata;
3435 int r;
3436
3437 assert(message);
3438 assert(u);
3439
3440 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3441
a5a8776a 3442 e = sd_bus_message_get_error(message);
a5a8776a 3443 if (e) {
a54654ba
LP		 3444 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3445 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
a5a8776a 3446
fc67a943
LP		 3447 new_owner = NULL;
3448 } else {
3449 r = sd_bus_message_read(message, "s", &new_owner);
3450 if (r < 0)
3451 return bus_log_parse_error(r);
a5a8776a 3452
fc67a943
LP		 3453 assert(!isempty(new_owner));
3454 }
a5a8776a
MJ		 3455
3456 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3457 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3458
3459 return 0;
3460}
3461
9806e87d
LP		 3462int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3463 const char *match;
a5b07847 3464 int r;
bbc29086 3465
9806e87d
LP		 3466 assert(u);
3467 assert(bus);
3468 assert(name);
bbc29086 3469
a5b07847 3470 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3471 return -EBUSY;
3472
9806e87d 3473 match = strjoina("type='signal',"
81d62103
ZJS		 3474 "sender='org.freedesktop.DBus',"
3475 "path='/org/freedesktop/DBus',"
3476 "interface='org.freedesktop.DBus',"
3477 "member='NameOwnerChanged',"
3478 "arg0='", name, "'");
bbc29086 3479
a5b07847 3480 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
a5a8776a
MJ		 3481 if (r < 0)
3482 return r;
3483
a5b07847
LP		 3484 r = sd_bus_call_method_async(
3485 bus,
3486 &u->get_name_owner_slot,
3487 "org.freedesktop.DBus",
3488 "/org/freedesktop/DBus",
3489 "org.freedesktop.DBus",
3490 "GetNameOwner",
3491 get_name_owner_handler,
3492 u,
3493 "s", name);
3494 if (r < 0) {
3495 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3496 return r;
3497 }
3498
3499 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3500 return 0;
bbc29086
DM		 3501}
3502
05e343b7 3503int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3504 int r;
3505
05e343b7
LP		 3506 assert(u);
3507 assert(name);
3508
3509 /* Watch a specific name on the bus. We only support one unit
3510 * watching each name for now. */
3511
bbc29086
DM		 3512 if (u->manager->api_bus) {
3513 /* If the bus is already available, install the match directly.
3514 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3515 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3516 if (r < 0)
8ea823b6 3517 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3518 }
3519
3520 r = hashmap_put(u->manager->watch_bus, name, u);
3521 if (r < 0) {
3522 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3523 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3524 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3525 }
3526
3527 return 0;
05e343b7
LP		 3528}
3529
3530void unit_unwatch_bus_name(Unit *u, const char *name) {
3531 assert(u);
3532 assert(name);
3533
8367fea5 3534 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3535 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3536 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3537}
3538
d336ba9f 3539int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3540 _cleanup_free_ char *e = NULL;
44b0d1fd 3541 Unit *device;
6e2ef85b
LP		 3542 int r;
3543
3544 assert(u);
3545
6e2ef85b 3546 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3547 if (isempty(what))
3548 return 0;
6e2ef85b 3549
8407a5d0 3550 if (!is_device_path(what))
6e2ef85b
LP		 3551 return 0;
3552
44b0d1fd 3553 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3554 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3555 return 0;
3556
7410616c
LP		 3557 r = unit_name_from_path(what, ".device", &e);
3558 if (r < 0)
3559 return r;
6e2ef85b 3560
ac155bb8 3561 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3562 if (r < 0)
3563 return r;
3564
ebc8968b
FB		 3565 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3566 dep = UNIT_BINDS_TO;
3567
d336ba9f
FB		 3568 return unit_add_two_dependencies(u, UNIT_AFTER,
3569 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3570 device, true, mask);
6e2ef85b 3571}
a16e1123 3572
44b0d1fd
LP		 3573int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3574 _cleanup_free_ char *escaped = NULL, *target = NULL;
3575 int r;
3576
3577 assert(u);
3578
3579 if (isempty(what))
3580 return 0;
3581
3582 if (!path_startswith(what, "/dev/"))
3583 return 0;
3584
3585 /* If we don't support devices, then also don't bother with blockdev@.target */
3586 if (!unit_type_supported(UNIT_DEVICE))
3587 return 0;
3588
3589 r = unit_name_path_escape(what, &escaped);
3590 if (r < 0)
3591 return r;
3592
3593 r = unit_name_build("blockdev", escaped, ".target", &target);
3594 if (r < 0)
3595 return r;
3596
3597 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3598}
3599
be847e82 3600int unit_coldplug(Unit *u) {
05a98afd
LP		 3601 int r = 0, q;
3602 char **i;
cca098b0
LP		 3603
3604 assert(u);
3605
f0831ed2 3606 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3607 if (u->coldplugged)
3608 return 0;
3609
3610 u->coldplugged = true;
3611
05a98afd
LP		 3612 STRV_FOREACH(i, u->deserialized_refs) {
3613 q = bus_unit_track_add_name(u, *i);
3614 if (q < 0 && r >= 0)
3615 r = q;
3616 }
3617 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3618
05a98afd
LP		 3619 if (UNIT_VTABLE(u)->coldplug) {
3620 q = UNIT_VTABLE(u)->coldplug(u);
3621 if (q < 0 && r >= 0)
3622 r = q;
3623 }
5a6158b6 3624
7dbd330c
GL		 3625 if (u->job) {
3626 q = job_coldplug(u->job);
3627 if (q < 0 && r >= 0)
3628 r = q;
3629 }
3630 if (u->nop_job) {
3631 q = job_coldplug(u->nop_job);
05a98afd
LP		 3632 if (q < 0 && r >= 0)
3633 r = q;
3634 }
cca098b0 3635
05a98afd 3636 return r;
cca098b0
LP		 3637}
3638
f0831ed2
LP		 3639void unit_catchup(Unit *u) {
3640 assert(u);
3641
3642 if (UNIT_VTABLE(u)->catchup)
3643 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3644
3645 unit_cgroup_catchup(u);
f0831ed2
LP		 3646}
3647
ba25d39e 3648static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3649 struct stat st;
3650
3651 if (!path)
3652 return false;
3653
77969722
LP		 3654 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3655 * are never out-of-date. */
3656 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3657 return false;
3658
21b95806
ZJS		 3659 if (stat(path, &st) < 0)
3660 /* What, cannot access this anymore? */
3661 return true;
3662
ba25d39e
ZJS		 3663 if (path_masked)
3664 /* For masked files check if they are still so */
3665 return !null_or_empty(&st);
3666 else
3a8db9fe 3667 /* For non-empty files check the mtime */
87ec20ef 3668 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3669
3670 return false;
3671}
3672
45fb0699 3673bool unit_need_daemon_reload(Unit *u) {
ae7a7182
OS		 3674 _cleanup_strv_free_ char **t = NULL;
3675 char **path;
1b64d026 3676
45fb0699
LP		 3677 assert(u);
3678
ba25d39e
ZJS		 3679 /* For unit files, we allow masking… */
3680 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3681 u->load_state == UNIT_MASKED))
21b95806 3682 return true;
5f4b19f4 3683
ba25d39e
ZJS		 3684 /* Source paths should not be masked… */
3685 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3686 return true;
ae7a7182 3687
19a44dfe
LR		 3688 if (u->load_state == UNIT_LOADED)
3689 (void) unit_find_dropin_paths(u, &t);
ab932a62
LP		 3690 if (!strv_equal(u->dropin_paths, t))
3691 return true;
6d10d308 3692
ba25d39e 3693 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3694 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3695 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3696 return true;
21b95806 3697
ab932a62 3698 return false;
45fb0699
LP		 3699}
3700
fdf20a31 3701void unit_reset_failed(Unit *u) {
5632e374
LP		 3702 assert(u);
3703
fdf20a31
MM		 3704 if (UNIT_VTABLE(u)->reset_failed)
3705 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3706
7bf081a1 3707 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3708 u->start_limit_hit = false;
5632e374
LP		 3709}
3710
a7f241db
LP		 3711Unit *unit_following(Unit *u) {
3712 assert(u);
3713
3714 if (UNIT_VTABLE(u)->following)
3715 return UNIT_VTABLE(u)->following(u);
3716
3717 return NULL;
3718}
3719
31afa0a4 3720bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3721 assert(u);
3722
31afa0a4
LP		 3723 /* This call does check the current state of the unit. It's
3724 * hence useful to be called from state change calls of the
3725 * unit itself, where the state isn't updated yet. This is
3726 * different from unit_inactive_or_pending() which checks both
3727 * the current state and for a queued job. */
18ffdfda 3728
28a2dfe8 3729 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 3730}
3731
3732bool unit_inactive_or_pending(Unit *u) {
3733 assert(u);
3734
3735 /* Returns true if the unit is inactive or going down */
18ffdfda 3736
d956ac29
LP		 3737 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3738 return true;
3739
31afa0a4 3740 if (unit_stop_pending(u))
18ffdfda
LP		 3741 return true;
3742
3743 return false;
3744}
3745
31afa0a4 3746bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 3747 assert(u);
3748
f60c2665 3749 /* Returns true if the unit is active or going up */
f976f3f6
LP		 3750
3751 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3752 return true;
3753
ac155bb8 3754 if (u->job &&
3742095b 3755 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 3756 return true;
3757
3758 return false;
3759}
3760
52a12341
YW		 3761bool unit_will_restart_default(Unit *u) {
3762 assert(u);
3763
28a2dfe8 3764 return unit_has_job_type(u, JOB_START);
52a12341
YW		 3765}
3766
deb4e708
MK		 3767bool unit_will_restart(Unit *u) {
3768 assert(u);
3769
3770 if (!UNIT_VTABLE(u)->will_restart)
3771 return false;
3772
3773 return UNIT_VTABLE(u)->will_restart(u);
3774}
3775
718db961 3776int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
8a0867d6
LP		 3777 assert(u);
3778 assert(w >= 0 && w < _KILL_WHO_MAX);
6eb7c172 3779 assert(SIGNAL_VALID(signo));
8a0867d6 3780
8a0867d6 3781 if (!UNIT_VTABLE(u)->kill)
15411c0c 3782 return -EOPNOTSUPP;
8a0867d6 3783
c74f17d9 3784 return UNIT_VTABLE(u)->kill(u, w, signo, error);
8a0867d6
LP		 3785}
3786
82659fd7 3787static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 3788 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 3789 int r;
3790
d5099efc 3791 pid_set = set_new(NULL);
82659fd7
LP		 3792 if (!pid_set)
3793 return NULL;
3794
3795 /* Exclude the main/control pids from being killed via the cgroup */
3796 if (main_pid > 0) {
fea72cc0 3797 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 3798 if (r < 0)
95f14a3e 3799 return NULL;
82659fd7
LP		 3800 }
3801
3802 if (control_pid > 0) {
fea72cc0 3803 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 3804 if (r < 0)
95f14a3e 3805 return NULL;
82659fd7
LP		 3806 }
3807
95f14a3e 3808 return TAKE_PTR(pid_set);
82659fd7
LP		 3809}
3810
d9911002
LP		 3811static int kill_common_log(pid_t pid, int signo, void *userdata) {
3812 _cleanup_free_ char *comm = NULL;
3813 Unit *u = userdata;
3814
3815 assert(u);
3816
3817 (void) get_process_comm(pid, &comm);
3818 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
3819 signal_to_string(signo), pid, strna(comm));
3820
3821 return 1;
3822}
3823
d91c34f2
LP		 3824int unit_kill_common(
3825 Unit *u,
3826 KillWho who,
3827 int signo,
3828 pid_t main_pid,
3829 pid_t control_pid,
718db961 3830 sd_bus_error *error) {
d91c34f2 3831
814cc562 3832 int r = 0;
ac5e3a50 3833 bool killed = false;
814cc562 3834
8aff7ac4
LP		 3835 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3836 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3837 * stop a service ourselves. */
3838
ac5e3a50 3839 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
814cc562 3840 if (main_pid < 0)
7358dc02 3841 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
8aff7ac4 3842 if (main_pid == 0)
7358dc02 3843 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 3844 }
3845
ac5e3a50 3846 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
814cc562 3847 if (control_pid < 0)
7358dc02 3848 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
8aff7ac4 3849 if (control_pid == 0)
7358dc02 3850 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 3851 }
3852
ac5e3a50
JS		 3853 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3854 if (control_pid > 0) {
d9911002
LP		 3855 _cleanup_free_ char *comm = NULL;
3856 (void) get_process_comm(control_pid, &comm);
3857
3858 if (kill(control_pid, signo) < 0) {
3859 /* Report this failure both to the logs and to the client */
3860 sd_bus_error_set_errnof(
3861 error, errno,
3862 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
3863 signal_to_string(signo), control_pid, strna(comm));
3864 r = log_unit_warning_errno(
3865 u, errno,
3866 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
3867 signal_to_string(signo), control_pid, strna(comm));
3868 } else {
3869 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
3870 signal_to_string(signo), control_pid, strna(comm));
ac5e3a50 3871 killed = true;
d9911002 3872 }
ac5e3a50 3873 }
814cc562 3874
ac5e3a50
JS		 3875 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3876 if (main_pid > 0) {
d9911002
LP		 3877 _cleanup_free_ char *comm = NULL;
3878 (void) get_process_comm(main_pid, &comm);
3879
3880 if (kill(main_pid, signo) < 0) {
3881 if (r == 0)
3882 sd_bus_error_set_errnof(
3883 error, errno,
3884 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
3885 signal_to_string(signo), main_pid, strna(comm));
3886
3887 r = log_unit_warning_errno(
3888 u, errno,
3889 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
3890 signal_to_string(signo), main_pid, strna(comm));
3891 } else {
3892 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
3893 signal_to_string(signo), main_pid, strna(comm));
ac5e3a50 3894 killed = true;
d9911002 3895 }
ac5e3a50 3896 }
814cc562 3897
ac5e3a50 3898 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
814cc562
MS		 3899 _cleanup_set_free_ Set *pid_set = NULL;
3900 int q;
3901
82659fd7
LP		 3902 /* Exclude the main/control pids from being killed via the cgroup */
3903 pid_set = unit_pid_set(main_pid, control_pid);
814cc562 3904 if (!pid_set)
d9911002
LP		 3905 return log_oom();
3906
3907 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
3908 if (q < 0) {
3909 if (!IN_SET(q, -ESRCH, -ENOENT)) {
3910 if (r == 0)
3911 sd_bus_error_set_errnof(
3912 error, q,
3913 "Failed to send signal SIG%s to auxiliary processes: %m",
3914 signal_to_string(signo));
3915
3916 r = log_unit_warning_errno(
3917 u, q,
3918 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3919 signal_to_string(signo));
3920 }
3921 } else
ac5e3a50 3922 killed = true;
814cc562
MS		 3923 }
3924
2ae0508e
LP		 3925 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3926 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
3927 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 3928
814cc562
MS		 3929 return r;
3930}
3931
6210e7fc
LP		 3932int unit_following_set(Unit *u, Set **s) {
3933 assert(u);
3934 assert(s);
3935
3936 if (UNIT_VTABLE(u)->following_set)
3937 return UNIT_VTABLE(u)->following_set(u, s);
3938
3939 *s = NULL;
3940 return 0;
3941}
3942
a4375746 3943UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 3944 int r;
3945
a4375746
LP		 3946 assert(u);
3947
0ec0deaa
LP		 3948 if (u->unit_file_state < 0 && u->fragment_path) {
3949 r = unit_file_get_state(
463d0d15 3950 u->manager->unit_file_scope,
0ec0deaa 3951 NULL,
9ea3a0e7 3952 u->id,
0ec0deaa
LP		 3953 &u->unit_file_state);
3954 if (r < 0)
3955 u->unit_file_state = UNIT_FILE_BAD;
3956 }
a4375746 3957
ac155bb8 3958 return u->unit_file_state;
a4375746
LP		 3959}
3960
d2dc52db
LP		 3961int unit_get_unit_file_preset(Unit *u) {
3962 assert(u);
3963
3964 if (u->unit_file_preset < 0 && u->fragment_path)
3965 u->unit_file_preset = unit_file_query_preset(
463d0d15 3966 u->manager->unit_file_scope,
0ec0deaa 3967 NULL,
8f7b2566
ZJS		 3968 basename(u->fragment_path),
3969 NULL);
d2dc52db
LP		 3970
3971 return u->unit_file_preset;
3972}
3973
7f7d01ed 3974Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 3975 assert(ref);
7f7d01ed
ZJS		 3976 assert(source);
3977 assert(target);
57020a3a 3978
7f7d01ed 3979 if (ref->target)
57020a3a
LP		 3980 unit_ref_unset(ref);
3981
7f7d01ed
ZJS		 3982 ref->source = source;
3983 ref->target = target;
3984 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3985 return target;
57020a3a
LP		 3986}
3987
3988void unit_ref_unset(UnitRef *ref) {
3989 assert(ref);
3990
7f7d01ed 3991 if (!ref->target)
57020a3a
LP		 3992 return;
3993
b75102e5
LP		 3994 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3995 * be unreferenced now. */
7f7d01ed 3996 unit_add_to_gc_queue(ref->target);
b75102e5 3997
7f7d01ed
ZJS		 3998 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3999 ref->source = ref->target = NULL;
57020a3a
LP		 4000}
4001
29206d46
LP		 4002static int user_from_unit_name(Unit *u, char **ret) {
4003
4004 static const uint8_t hash_key[] = {
4005 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4006 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4007 };
4008
4009 _cleanup_free_ char *n = NULL;
4010 int r;
4011
4012 r = unit_name_to_prefix(u->id, &n);
4013 if (r < 0)
4014 return r;
4015
7a8867ab 4016 if (valid_user_group_name(n, 0)) {
ae2a15bc 4017 *ret = TAKE_PTR(n);
29206d46
LP		 4018 return 0;
4019 }
4020
4021 /* If we can't use the unit name as a user name, then let's hash it and use that */
4022 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4023 return -ENOMEM;
4024
4025 return 0;
4026}
4027
598459ce
LP		 4028int unit_patch_contexts(Unit *u) {
4029 CGroupContext *cc;
4030 ExecContext *ec;
cba6e062
LP		 4031 int r;
4032
e06c73cc 4033 assert(u);
e06c73cc 4034
598459ce
LP		 4035 /* Patch in the manager defaults into the exec and cgroup
4036 * contexts, _after_ the rest of the settings have been
4037 * initialized */
085afe36 4038
598459ce
LP		 4039 ec = unit_get_exec_context(u);
4040 if (ec) {
4041 /* This only copies in the ones that need memory */
12375b95 4042 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
598459ce
LP		 4043 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4044 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4045 if (!ec->rlimit[i])
4046 return -ENOMEM;
4047 }
4048
463d0d15 4049 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4050 !ec->working_directory) {
4051
4052 r = get_home_dir(&ec->working_directory);
4053 if (r < 0)
4054 return r;
4c08c824
LP		 4055
4056 /* Allow user services to run, even if the
4057 * home directory is missing */
4058 ec->working_directory_missing_ok = true;
cba6e062
LP		 4059 }
4060
598459ce 4061 if (ec->private_devices)
2cd0a735 4062 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4063
4064 if (ec->protect_kernel_modules)
4065 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4066
84703040
KK		 4067 if (ec->protect_kernel_logs)
4068 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4069
fc64760d
KK		 4070 if (ec->protect_clock)
4071 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4072
29206d46
LP		 4073 if (ec->dynamic_user) {
4074 if (!ec->user) {
4075 r = user_from_unit_name(u, &ec->user);
4076 if (r < 0)
4077 return r;
4078 }
4079
4080 if (!ec->group) {
4081 ec->group = strdup(ec->user);
4082 if (!ec->group)
4083 return -ENOMEM;
4084 }
4085
bf65b7e0
LP		 4086 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4087 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4088 * sandbox. */
63bb64a0 4089
29206d46 4090 ec->private_tmp = true;
00d9ef85 4091 ec->remove_ipc = true;
63bb64a0
LP		 4092 ec->protect_system = PROTECT_SYSTEM_STRICT;
4093 if (ec->protect_home == PROTECT_HOME_NO)
4094 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4095
4096 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4097 * them. */
4098 ec->no_new_privileges = true;
4099 ec->restrict_suid_sgid = true;
29206d46 4100 }
cba6e062
LP		 4101 }
4102
598459ce 4103 cc = unit_get_cgroup_context(u);
fe65e88b 4104 if (cc && ec) {
f513e420 4105
fe65e88b 4106 if (ec->private_devices &&
084870f9
ZJS		 4107 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4108 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4109
b3d13314 4110 if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
084870f9 4111 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
0cffae95 4112 const char *p;
fe65e88b 4113
b3d13314 4114 /* When RootImage= or MountImages= is specified, the following devices are touched. */
0cffae95
LB		 4115 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4116 r = cgroup_add_device_allow(cc, p, "rw");
4117 if (r < 0)
4118 return r;
4119 }
4120 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4121 r = cgroup_add_device_allow(cc, p, "rwm");
4122 if (r < 0)
4123 return r;
4124 }
867af728 4125
0cffae95
LB		 4126 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4127 * Same for mapper and verity. */
4128 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4129 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4130 if (r < 0)
4131 return r;
4132 }
fe65e88b 4133 }
fc64760d
KK		 4134
4135 if (ec->protect_clock) {
4136 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4137 if (r < 0)
4138 return r;
4139 }
598459ce 4140 }
f1660f96 4141
cba6e062 4142 return 0;
e06c73cc
LP		 4143}
4144
c2503e35 4145ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4146 size_t offset;
4147 assert(u);
4148
598459ce
LP		 4149 if (u->type < 0)
4150 return NULL;
4151
3ef63c31
LP		 4152 offset = UNIT_VTABLE(u)->exec_context_offset;
4153 if (offset <= 0)
4154 return NULL;
4155
4156 return (ExecContext*) ((uint8_t*) u + offset);
4157}
4158
718db961
LP		 4159KillContext *unit_get_kill_context(Unit *u) {
4160 size_t offset;
4161 assert(u);
4162
598459ce
LP		 4163 if (u->type < 0)
4164 return NULL;
4165
718db961
LP		 4166 offset = UNIT_VTABLE(u)->kill_context_offset;
4167 if (offset <= 0)
4168 return NULL;
4169
4170 return (KillContext*) ((uint8_t*) u + offset);
4171}
4172
4ad49000
LP		 4173CGroupContext *unit_get_cgroup_context(Unit *u) {
4174 size_t offset;
4175
598459ce
LP		 4176 if (u->type < 0)
4177 return NULL;
4178
4ad49000
LP		 4179 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4180 if (offset <= 0)
4181 return NULL;
4182
4183 return (CGroupContext*) ((uint8_t*) u + offset);
4184}
4185
613b411c
LP		 4186ExecRuntime *unit_get_exec_runtime(Unit *u) {
4187 size_t offset;
4188
598459ce
LP		 4189 if (u->type < 0)
4190 return NULL;
4191
613b411c
LP		 4192 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4193 if (offset <= 0)
4194 return NULL;
4195
4196 return *(ExecRuntime**) ((uint8_t*) u + offset);
4197}
4198
2e59b241 4199static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4200 assert(u);
4201
2e59b241 4202 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4203 return NULL;
4204
39591351
LP		 4205 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4206 return u->manager->lookup_paths.transient;
26d04f86 4207
2e59b241 4208 if (flags & UNIT_PERSISTENT)
4f4afc88 4209 return u->manager->lookup_paths.persistent_control;
26d04f86 4210
2e59b241
LP		 4211 if (flags & UNIT_RUNTIME)
4212 return u->manager->lookup_paths.runtime_control;
4213
39591351 4214 return NULL;
71645aca
LP		 4215}
4216
2e59b241
LP		 4217char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4218 char *ret = NULL;
4219
4220 if (!s)
4221 return NULL;
4222
4223 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4224 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4225 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4226 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4227 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4228 * allocations. */
4229
4230 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4231 ret = specifier_escape(s);
4232 if (!ret)
4233 return NULL;
4234
4235 s = ret;
4236 }
4237
4238 if (flags & UNIT_ESCAPE_C) {
4239 char *a;
4240
4241 a = cescape(s);
4242 free(ret);
4243 if (!a)
4244 return NULL;
4245
4246 ret = a;
4247 }
4248
4249 if (buf) {
4250 *buf = ret;
4251 return ret ?: (char*) s;
4252 }
4253
4254 return ret ?: strdup(s);
4255}
4256
4257char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4258 _cleanup_free_ char *result = NULL;
319a4f4b 4259 size_t n = 0;
ae2a15bc 4260 char **i;
2e59b241
LP		 4261
4262 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4263 * way suitable for ExecStart= stanzas */
4264
4265 STRV_FOREACH(i, l) {
4266 _cleanup_free_ char *buf = NULL;
4267 const char *p;
4268 size_t a;
4269 char *q;
4270
4271 p = unit_escape_setting(*i, flags, &buf);
4272 if (!p)
4273 return NULL;
4274
4275 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4276 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4277 return NULL;
4278
4279 q = result + n;
4280 if (n > 0)
4281 *(q++) = ' ';
4282
4283 *(q++) = '"';
4284 q = stpcpy(q, p);
4285 *(q++) = '"';
4286
4287 n += a;
4288 }
4289
319a4f4b 4290 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4291 return NULL;
4292
4293 result[n] = 0;
4294
ae2a15bc 4295 return TAKE_PTR(result);
2e59b241
LP		 4296}
4297
4298int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4299 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4300 const char *dir, *wrapped;
26d04f86 4301 int r;
71645aca
LP		 4302
4303 assert(u);
2e59b241
LP		 4304 assert(name);
4305 assert(data);
4306
4307 if (UNIT_WRITE_FLAGS_NOOP(flags))
4308 return 0;
4309
4310 data = unit_escape_setting(data, flags, &escaped);
4311 if (!data)
4312 return -ENOMEM;
4313
4314 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4315 * previous section header is the same */
4316
4317 if (flags & UNIT_PRIVATE) {
4318 if (!UNIT_VTABLE(u)->private_section)
4319 return -EINVAL;
4320
4321 if (!u->transient_file || u->last_section_private < 0)
4322 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4323 else if (u->last_section_private == 0)
4324 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4325 } else {
4326 if (!u->transient_file || u->last_section_private < 0)
4327 data = strjoina("[Unit]\n", data);
4328 else if (u->last_section_private > 0)
4329 data = strjoina("\n[Unit]\n", data);
4330 }
71645aca 4331
4f4afc88
LP		 4332 if (u->transient_file) {
4333 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4334 * write to the transient unit file. */
4335 fputs(data, u->transient_file);
4f4afc88 4336
2e59b241
LP		 4337 if (!endswith(data, "\n"))
4338 fputc('\n', u->transient_file);
4339
4340 /* Remember which section we wrote this entry to */
4341 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4342 return 0;
2e59b241 4343 }
8e2af478 4344
2e59b241 4345 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4346 if (!dir)
4347 return -EINVAL;
71645aca 4348
2a9a6f8a 4349 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4350 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4351 data,
4352 "\n");
e20b2a86 4353
815b09d3 4354 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4355 if (r < 0)
4356 return r;
4357
45639f1b 4358 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4359
4360 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4361 * recreate the cache after every drop-in we write. */
4362 if (u->manager->unit_path_cache) {
be327321 4363 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4364 if (r < 0)
4365 return r;
4366 }
4367
2a9a6f8a 4368 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4369 if (r < 0)
4370 return r;
4371
815b09d3 4372 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4373 if (r < 0)
4374 return r;
815b09d3 4375 q = NULL;
adb76a70 4376
adb76a70
WC		 4377 strv_uniq(u->dropin_paths);
4378
4379 u->dropin_mtime = now(CLOCK_REALTIME);
4380
4381 return 0;
26d04f86 4382}
71645aca 4383
2e59b241 4384int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4385 _cleanup_free_ char *p = NULL;
4386 va_list ap;
4387 int r;
4388
4389 assert(u);
4390 assert(name);
4391 assert(format);
4392
2e59b241 4393 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4394 return 0;
4395
4396 va_start(ap, format);
4397 r = vasprintf(&p, format, ap);
4398 va_end(ap);
4399
4400 if (r < 0)
4401 return -ENOMEM;
4402
2e59b241 4403 return unit_write_setting(u, flags, name, p);
b9ec9359 4404}
71645aca 4405
c2756a68 4406int unit_make_transient(Unit *u) {
0126c8f3 4407 _cleanup_free_ char *path = NULL;
4f4afc88 4408 FILE *f;
4f4afc88 4409
c2756a68
LP		 4410 assert(u);
4411
3f5e8115
LP		 4412 if (!UNIT_VTABLE(u)->can_transient)
4413 return -EOPNOTSUPP;
4414
45639f1b
LP		 4415 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4416
657ee2d8 4417 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4418 if (!path)
4419 return -ENOMEM;
4420
4421 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4422 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4423
78e334b5 4424 RUN_WITH_UMASK(0022) {
4f4afc88 4425 f = fopen(path, "we");
0126c8f3 4426 if (!f)
78e334b5 4427 return -errno;
4f4afc88
LP		 4428 }
4429
0126c8f3 4430 safe_fclose(u->transient_file);
4f4afc88
LP		 4431 u->transient_file = f;
4432
0126c8f3 4433 free_and_replace(u->fragment_path, path);
7c65093a 4434
7c65093a
LP		 4435 u->source_path = mfree(u->source_path);
4436 u->dropin_paths = strv_free(u->dropin_paths);
4437 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4438
4f4afc88
LP		 4439 u->load_state = UNIT_STUB;
4440 u->load_error = 0;
4441 u->transient = true;
4442
7c65093a
LP		 4443 unit_add_to_dbus_queue(u);
4444 unit_add_to_gc_queue(u);
c2756a68 4445
4f4afc88
LP		 4446 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4447 u->transient_file);
4448
3f5e8115 4449 return 0;
c2756a68
LP		 4450}
4451
c53d2d54 4452static int log_kill(pid_t pid, int sig, void *userdata) {
1d98fef1
LP		 4453 _cleanup_free_ char *comm = NULL;
4454
4455 (void) get_process_comm(pid, &comm);
4456
4457 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4458 only, like for example systemd's own PAM stub process. */
4459 if (comm && comm[0] == '(')
c53d2d54 4460 return 0;
1d98fef1
LP		 4461
4462 log_unit_notice(userdata,
4463 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4464 pid,
4465 strna(comm),
4466 signal_to_string(sig));
c53d2d54
DB		 4467
4468 return 1;
1d98fef1
LP		 4469}
4470
4ab1670f 4471static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
1d98fef1
LP		 4472 assert(c);
4473
4474 switch (k) {
4475
4476 case KILL_TERMINATE:
4477 case KILL_TERMINATE_AND_LOG:
4ab1670f 4478 *noteworthy = false;
1d98fef1
LP		 4479 return c->kill_signal;
4480
a232ebcc 4481 case KILL_RESTART:
4ab1670f 4482 *noteworthy = false;
a232ebcc
ZJS		 4483 return restart_kill_signal(c);
4484
1d98fef1 4485 case KILL_KILL:
4ab1670f 4486 *noteworthy = true;
fbb48d4c 4487 return c->final_kill_signal;
1d98fef1 4488
c87700a1 4489 case KILL_WATCHDOG:
4ab1670f 4490 *noteworthy = true;
c87700a1 4491 return c->watchdog_signal;
1d98fef1
LP		 4492
4493 default:
04499a70 4494 assert_not_reached();
1d98fef1
LP		 4495 }
4496}
4497
cd2086fe
LP		 4498int unit_kill_context(
4499 Unit *u,
4500 KillContext *c,
db2cb23b 4501 KillOperation k,
cd2086fe
LP		 4502 pid_t main_pid,
4503 pid_t control_pid,
4504 bool main_pid_alien) {
4505
1d98fef1 4506 bool wait_for_exit = false, send_sighup;
59ec09a8 4507 cg_kill_log_func_t log_func = NULL;
b821a397 4508 int sig, r;
cd2086fe
LP		 4509
4510 assert(u);
4511 assert(c);
4512
8aff7ac4
LP		 4513 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4514 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4515 * which is used for user-requested killing of unit processes. */
1d98fef1 4516
cd2086fe
LP		 4517 if (c->kill_mode == KILL_NONE)
4518 return 0;
4519
4ab1670f
ZJS		 4520 bool noteworthy;
4521 sig = operation_to_signal(c, k, &noteworthy);
4522 if (noteworthy)
4523 log_func = log_kill;
1d98fef1
LP		 4524
4525 send_sighup =
4526 c->send_sighup &&
4527 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4528 sig != SIGHUP;
4529
cd2086fe 4530 if (main_pid > 0) {
1d98fef1
LP		 4531 if (log_func)
4532 log_func(main_pid, sig, u);
cd2086fe 4533
1d98fef1 4534 r = kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4535 if (r < 0 && r != -ESRCH) {
4536 _cleanup_free_ char *comm = NULL;
1d98fef1 4537 (void) get_process_comm(main_pid, &comm);
cd2086fe 4538
b821a397 4539 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
82659fd7 4540 } else {
bc6aed7b
LP		 4541 if (!main_pid_alien)
4542 wait_for_exit = true;
82659fd7 4543
1d98fef1 4544 if (r != -ESRCH && send_sighup)
d0667321 4545 (void) kill(main_pid, SIGHUP);
82659fd7 4546 }
cd2086fe
LP		 4547 }
4548
4549 if (control_pid > 0) {
1d98fef1
LP		 4550 if (log_func)
4551 log_func(control_pid, sig, u);
cd2086fe 4552
1d98fef1 4553 r = kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4554 if (r < 0 && r != -ESRCH) {
4555 _cleanup_free_ char *comm = NULL;
1d98fef1 4556 (void) get_process_comm(control_pid, &comm);
cd2086fe 4557
b821a397 4558 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
82659fd7 4559 } else {
cd2086fe 4560 wait_for_exit = true;
82659fd7 4561
1d98fef1 4562 if (r != -ESRCH && send_sighup)
d0667321 4563 (void) kill(control_pid, SIGHUP);
82659fd7 4564 }
cd2086fe
LP		 4565 }
4566
b821a397
LP		 4567 if (u->cgroup_path &&
4568 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4569 _cleanup_set_free_ Set *pid_set = NULL;
4570
82659fd7
LP		 4571 /* Exclude the main/control pids from being killed via the cgroup */
4572 pid_set = unit_pid_set(main_pid, control_pid);
cd2086fe
LP		 4573 if (!pid_set)
4574 return -ENOMEM;
4575
1d98fef1
LP		 4576 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4577 sig,
4578 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4579 pid_set,
4580 log_func, u);
cd2086fe 4581 if (r < 0) {
4c701096 4582 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4583 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4584
82659fd7 4585 } else if (r > 0) {
bc6aed7b 4586
1d9cc876
LP		 4587 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4588 * we are running in a container or if this is a delegation unit, simply because cgroup
4589 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4590 * of containers it can be confused easily by left-over directories in the cgroup — which
4591 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4592 * there we get proper events. Hence rely on them. */
efdb0237 4593
c22800e4 4594 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4595 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4596 wait_for_exit = true;
58ea275a 4597
1d98fef1 4598 if (send_sighup) {
82659fd7
LP		 4599 set_free(pid_set);
4600
4601 pid_set = unit_pid_set(main_pid, control_pid);
4602 if (!pid_set)
4603 return -ENOMEM;
4604
c8aa4b5b
LP		 4605 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4606 SIGHUP,
4607 CGROUP_IGNORE_SELF,
4608 pid_set,
4609 NULL, NULL);
82659fd7
LP		 4610 }
4611 }
cd2086fe
LP		 4612 }
4613
4614 return wait_for_exit;
4615}
4616
eef85c4a 4617int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
a57f7e2c
LP		 4618 int r;
4619
4620 assert(u);
4621 assert(path);
4622
ac19bdd0
ZJS		 4623 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4624 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4625 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4626 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4627
70b64bd3
ZJS		 4628 if (!path_is_absolute(path))
4629 return -EINVAL;
4630
ac19bdd0
ZJS		 4631 if (hashmap_contains(u->requires_mounts_for, path)) /* Exit quickly if the path is already covered. */
4632 return 0;
eef85c4a 4633
ac19bdd0 4634 _cleanup_free_ char *p = strdup(path);
a57f7e2c
LP		 4635 if (!p)
4636 return -ENOMEM;
4637
ac19bdd0
ZJS		 4638 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4639 * only after simplification, since path_is_normalized() rejects paths with '.'.
4640 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4ff361cc 4641 path = path_simplify(p);
a57f7e2c 4642
ca8700e9 4643 if (!path_is_normalized(path))
a57f7e2c 4644 return -EPERM;
a57f7e2c 4645
ac19bdd0 4646 UnitDependencyInfo di = {
eef85c4a
LP		 4647 .origin_mask = mask
4648 };
4649
ac19bdd0 4650 r = hashmap_ensure_put(&u->requires_mounts_for, &path_hash_ops, p, di.data);
ca8700e9 4651 if (r < 0)
a57f7e2c 4652 return r;
ac19bdd0
ZJS		 4653 assert(r > 0);
4654 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 4655
4cb06c59 4656 char prefix[strlen(path) + 1];
ca8700e9 4657 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 4658 Set *x;
4659
4660 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4661 if (!x) {
ca8700e9 4662 _cleanup_free_ char *q = NULL;
a57f7e2c 4663
548f6937 4664 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
742f41ad
LP		 4665 if (r < 0)
4666 return r;
a57f7e2c
LP		 4667
4668 q = strdup(prefix);
4669 if (!q)
4670 return -ENOMEM;
4671
d5099efc 4672 x = set_new(NULL);
ca8700e9 4673 if (!x)
a57f7e2c 4674 return -ENOMEM;
a57f7e2c
LP		 4675
4676 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4677 if (r < 0) {
a57f7e2c
LP		 4678 set_free(x);
4679 return r;
4680 }
ca8700e9 4681 q = NULL;
a57f7e2c
LP		 4682 }
4683
4684 r = set_put(x, u);
4685 if (r < 0)
4686 return r;
4687 }
4688
4689 return 0;
4690}
4691
613b411c
LP		 4692int unit_setup_exec_runtime(Unit *u) {
4693 ExecRuntime **rt;
4694 size_t offset;
613b411c 4695 Unit *other;
e8a565cb 4696 int r;
613b411c
LP		 4697
4698 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4699 assert(offset > 0);
4700
06b643e7 4701 /* Check if there already is an ExecRuntime for this unit? */
613b411c
LP		 4702 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4703 if (*rt)
4704 return 0;
4705
4706 /* Try to get it from somebody else */
15ed3c3a 4707 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_JOINS_NAMESPACE_OF) {
e8a565cb
YW		 4708 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4709 if (r == 1)
4710 return 1;
613b411c
LP		 4711 }
4712
e8a565cb 4713 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
613b411c
LP		 4714}
4715
29206d46
LP		 4716int unit_setup_dynamic_creds(Unit *u) {
4717 ExecContext *ec;
4718 DynamicCreds *dcreds;
4719 size_t offset;
4720
4721 assert(u);
4722
4723 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4724 assert(offset > 0);
4725 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4726
4727 ec = unit_get_exec_context(u);
4728 assert(ec);
4729
4730 if (!ec->dynamic_user)
4731 return 0;
4732
4733 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4734}
4735
1c2e9646
LP		 4736bool unit_type_supported(UnitType t) {
4737 if (_unlikely_(t < 0))
4738 return false;
4739 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4740 return false;
4741
4742 if (!unit_vtable[t]->supported)
4743 return true;
4744
4745 return unit_vtable[t]->supported();
4746}
4747
8b4305c7
LP		 4748void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4749 int r;
4750
4751 assert(u);
4752 assert(where);
4753
c2503e35
RH		 4754 if (!unit_log_level_test(u, LOG_NOTICE))
4755 return;
4756
8b4305c7 4757 r = dir_is_empty(where);
3f602115 4758 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 4759 return;
4760 if (r < 0) {
4761 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4762 return;
4763 }
4764
c2503e35
RH		 4765 log_unit_struct(u, LOG_NOTICE,
4766 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4767 LOG_UNIT_INVOCATION_ID(u),
4768 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4769 "WHERE=%s", where);
8b4305c7
LP		 4770}
4771
25cd4964 4772int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 4773 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 4774 int r;
4775
4776 assert(u);
4777 assert(where);
4778
a5648b80 4779 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 4780 if (r < 0) {
25cd4964 4781 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 4782 return 0;
4783 }
25cd4964
AJ		 4784
4785 /* We will happily ignore a trailing slash (or any redundant slashes) */
4786 if (path_equal(where, canonical_where))
8b4305c7
LP		 4787 return 0;
4788
25cd4964 4789 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 4790 log_unit_struct(u, LOG_ERR,
4791 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4792 LOG_UNIT_INVOCATION_ID(u),
4793 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4794 "WHERE=%s", where);
8b4305c7
LP		 4795
4796 return -ELOOP;
4797}
0f13f3bd
LP		 4798
4799bool unit_is_pristine(Unit *u) {
4800 assert(u);
4801
7c65093a 4802 /* Check if the unit already exists or is already around,
0f13f3bd
LP		 4803 * in a number of different ways. Note that to cater for unit
4804 * types such as slice, we are generally fine with units that
e9e8cbc8
ZJS		 4805 * are marked UNIT_LOADED even though nothing was actually
4806 * loaded, as those unit types don't require a file on disk. */
0f13f3bd
LP		 4807
4808 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4809 u->fragment_path ||
4810 u->source_path ||
4811 !strv_isempty(u->dropin_paths) ||
0f13f3bd
LP		 4812 u->job ||
4813 u->merged_into);
4814}
291d565a
LP		 4815
4816pid_t unit_control_pid(Unit *u) {
4817 assert(u);
4818
4819 if (UNIT_VTABLE(u)->control_pid)
4820 return UNIT_VTABLE(u)->control_pid(u);
4821
4822 return 0;
4823}
4824
4825pid_t unit_main_pid(Unit *u) {
4826 assert(u);
4827
4828 if (UNIT_VTABLE(u)->main_pid)
4829 return UNIT_VTABLE(u)->main_pid(u);
4830
4831 return 0;
4832}
00d9ef85
LP		 4833
4834static void unit_unref_uid_internal(
4835 Unit *u,
4836 uid_t *ref_uid,
4837 bool destroy_now,
4838 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4839
4840 assert(u);
4841 assert(ref_uid);
4842 assert(_manager_unref_uid);
4843
4844 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4845 * gid_t are actually the same time, with the same validity rules.
4846 *
4847 * Drops a reference to UID/GID from a unit. */
4848
4849 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4850 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4851
4852 if (!uid_is_valid(*ref_uid))
4853 return;
4854
4855 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4856 *ref_uid = UID_INVALID;
4857}
4858
b90cf102 4859static void unit_unref_uid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4860 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4861}
4862
b90cf102 4863static void unit_unref_gid(Unit *u, bool destroy_now) {
00d9ef85
LP		 4864 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4865}
4866
b90cf102
LP		 4867void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4868 assert(u);
4869
4870 unit_unref_uid(u, destroy_now);
4871 unit_unref_gid(u, destroy_now);
4872}
4873
00d9ef85
LP		 4874static int unit_ref_uid_internal(
4875 Unit *u,
4876 uid_t *ref_uid,
4877 uid_t uid,
4878 bool clean_ipc,
4879 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4880
4881 int r;
4882
4883 assert(u);
4884 assert(ref_uid);
4885 assert(uid_is_valid(uid));
4886 assert(_manager_ref_uid);
4887
4888 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4889 * are actually the same type, and have the same validity rules.
4890 *
4891 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4892 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4893 * drops to zero. */
4894
4895 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4896 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4897
4898 if (*ref_uid == uid)
4899 return 0;
4900
4901 if (uid_is_valid(*ref_uid)) /* Already set? */
4902 return -EBUSY;
4903
4904 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4905 if (r < 0)
4906 return r;
4907
4908 *ref_uid = uid;
4909 return 1;
4910}
4911
b90cf102 4912static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 4913 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4914}
4915
b90cf102 4916static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 4917 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4918}
4919
4920static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4921 int r = 0, q = 0;
4922
4923 assert(u);
4924
4925 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4926
4927 if (uid_is_valid(uid)) {
4928 r = unit_ref_uid(u, uid, clean_ipc);
4929 if (r < 0)
4930 return r;
4931 }
4932
4933 if (gid_is_valid(gid)) {
4934 q = unit_ref_gid(u, gid, clean_ipc);
4935 if (q < 0) {
4936 if (r > 0)
4937 unit_unref_uid(u, false);
4938
4939 return q;
4940 }
4941 }
4942
4943 return r > 0 || q > 0;
4944}
4945
4946int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4947 ExecContext *c;
4948 int r;
4949
4950 assert(u);
4951
4952 c = unit_get_exec_context(u);
4953
4954 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4955 if (r < 0)
4956 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4957
4958 return r;
4959}
4960
00d9ef85
LP		 4961void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4962 int r;
4963
4964 assert(u);
4965
4966 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4967 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4968 * objects when no service references the UID/GID anymore. */
4969
4970 r = unit_ref_uid_gid(u, uid, gid);
4971 if (r > 0)
37d0b962 4972 unit_add_to_dbus_queue(u);
00d9ef85 4973}
4b58153d 4974
4b58153d
LP		 4975int unit_acquire_invocation_id(Unit *u) {
4976 sd_id128_t id;
4977 int r;
4978
4979 assert(u);
4980
4981 r = sd_id128_randomize(&id);
4982 if (r < 0)
4983 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4984
4985 r = unit_set_invocation_id(u, id);
4986 if (r < 0)
4987 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4988
af92c603 4989 unit_add_to_dbus_queue(u);
4b58153d
LP		 4990 return 0;
4991}
f0d47797 4992
1ad6e8b3
LP		 4993int unit_set_exec_params(Unit *u, ExecParameters *p) {
4994 int r;
4995
7960b0c7
LP		 4996 assert(u);
4997 assert(p);
f0d47797 4998
004c7f16 4999 /* Copy parameters from manager */
1ad6e8b3
LP		 5000 r = manager_get_effective_environment(u->manager, &p->environment);
5001 if (r < 0)
5002 return r;
5003
004c7f16
LP		 5004 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5005 p->cgroup_supported = u->manager->cgroup_supported;
5006 p->prefix = u->manager->prefix;
5007 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5008
5238e957 5009 /* Copy parameters from unit */
7960b0c7 5010 p->cgroup_path = u->cgroup_path;
1d9cc876 5011 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5012
bb0c0d6f
LP		 5013 p->received_credentials = u->manager->received_credentials;
5014
1ad6e8b3 5015 return 0;
f0d47797 5016}
a79279c7 5017
4c253ed1 5018int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
a79279c7
LP		 5019 int r;
5020
5021 assert(u);
5022 assert(ret);
5023
5024 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5025 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5026
5027 (void) unit_realize_cgroup(u);
5028
4c253ed1
LP		 5029 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5030 if (r != 0)
5031 return r;
a79279c7 5032
9c274488
LP		 5033 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5034 (void) ignore_signals(SIGPIPE);
a79279c7 5035
4c253ed1 5036 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
a79279c7 5037
4c253ed1
LP		 5038 if (u->cgroup_path) {
5039 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5040 if (r < 0) {
6178e2f8 5041 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5042 _exit(EXIT_CGROUP);
a79279c7 5043 }
a79279c7
LP		 5044 }
5045
4c253ed1 5046 return 0;
a79279c7 5047}
c999cf38 5048
810ef318
YW		 5049int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5050 pid_t pid;
5051 int r;
5052
5053 assert(u);
5054 assert(ret_pid);
5055
5056 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5057 if (r < 0)
5058 return r;
5059 if (r == 0) {
5060 int ret = EXIT_SUCCESS;
5061 char **i;
5062
5063 STRV_FOREACH(i, paths) {
5064 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5065 if (r < 0) {
5066 log_error_errno(r, "Failed to remove '%s': %m", *i);
5067 ret = EXIT_FAILURE;
5068 }
5069 }
5070
5071 _exit(ret);
5072 }
5073
5074 r = unit_watch_pid(u, pid, true);
5075 if (r < 0)
5076 return r;
5077
5078 *ret_pid = pid;
5079 return 0;
5080}
5081
15ed3c3a
LP		 5082static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5083 assert(deps);
c999cf38
LP		 5084 assert(other);
5085
15ed3c3a 5086 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5087 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5088 assert_se(hashmap_remove(deps, other));
5089 else
c999cf38 5090 /* Mask was reduced, let's update the entry */
15ed3c3a 5091 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5092}
5093
5094void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5095 Hashmap *deps;
c999cf38
LP		 5096 assert(u);
5097
5098 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5099
5100 if (mask == 0)
5101 return;
5102
15ed3c3a 5103 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5104 bool done;
5105
5106 do {
5107 UnitDependencyInfo di;
5108 Unit *other;
c999cf38
LP		 5109
5110 done = true;
5111
15ed3c3a
LP		 5112 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5113 Hashmap *other_deps;
5114
1d6cc5d0 5115 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5116 continue;
15ed3c3a 5117
c999cf38 5118 di.origin_mask &= ~mask;
15ed3c3a 5119 unit_update_dependency_mask(deps, other, di);
c999cf38 5120
defe63b0
LP		 5121 /* We updated the dependency from our unit to the other unit now. But most
5122 * dependencies imply a reverse dependency. Hence, let's delete that one
5123 * too. For that we go through all dependency types on the other unit and
5124 * delete all those which point to us and have the right mask set. */
c999cf38 5125
15ed3c3a 5126 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5127 UnitDependencyInfo dj;
5128
15ed3c3a 5129 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5130 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5131 continue;
c999cf38 5132
15ed3c3a
LP		 5133 dj.destination_mask &= ~mask;
5134 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5135 }
5136
5137 unit_add_to_gc_queue(other);
5138
5139 done = false;
5140 break;
5141 }
5142
5143 } while (!done);
5144 }
5145}
d3070fbd 5146
2f8c48b6
AZ		 5147static int unit_get_invocation_path(Unit *u, char **ret) {
5148 char *p;
5149 int r;
5150
5151 assert(u);
5152 assert(ret);
5153
5154 if (MANAGER_IS_SYSTEM(u->manager))
5155 p = strjoin("/run/systemd/units/invocation:", u->id);
5156 else {
5157 _cleanup_free_ char *user_path = NULL;
5158 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5159 if (r < 0)
5160 return r;
5161 p = strjoin(user_path, u->id);
5162 }
5163
5164 if (!p)
5165 return -ENOMEM;
5166
5167 *ret = p;
5168 return 0;
5169}
5170
d3070fbd 5171static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5172 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5173 int r;
5174
5175 assert(u);
5176
5177 if (u->exported_invocation_id)
5178 return 0;
5179
5180 if (sd_id128_is_null(u->invocation_id))
5181 return 0;
5182
2f8c48b6
AZ		 5183 r = unit_get_invocation_path(u, &p);
5184 if (r < 0)
5185 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5186
a3f5fd96 5187 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5188 if (r < 0)
5189 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5190
5191 u->exported_invocation_id = true;
5192 return 0;
5193}
5194
5195static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5196 const char *p;
5197 char buf[2];
5198 int r;
5199
5200 assert(u);
5201 assert(c);
5202
5203 if (u->exported_log_level_max)
5204 return 0;
5205
5206 if (c->log_level_max < 0)
5207 return 0;
5208
5209 assert(c->log_level_max <= 7);
5210
5211 buf[0] = '0' + c->log_level_max;
5212 buf[1] = 0;
5213
5214 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5215 r = symlink_atomic(buf, p);
5216 if (r < 0)
5217 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5218
5219 u->exported_log_level_max = true;
5220 return 0;
5221}
5222
5223static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5224 _cleanup_close_ int fd = -1;
5225 struct iovec *iovec;
5226 const char *p;
5227 char *pattern;
5228 le64_t *sizes;
5229 ssize_t n;
d3070fbd
LP		 5230 int r;
5231
5232 if (u->exported_log_extra_fields)
5233 return 0;
5234
5235 if (c->n_log_extra_fields <= 0)
5236 return 0;
5237
5238 sizes = newa(le64_t, c->n_log_extra_fields);
5239 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5240
12375b95 5241 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5242 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5243
5244 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5245 iovec[i*2+1] = c->log_extra_fields[i];
5246 }
5247
5248 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5249 pattern = strjoina(p, ".XXXXXX");
5250
5251 fd = mkostemp_safe(pattern);
5252 if (fd < 0)
5253 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5254
5255 n = writev(fd, iovec, c->n_log_extra_fields*2);
5256 if (n < 0) {
5257 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5258 goto fail;
5259 }
5260
5261 (void) fchmod(fd, 0644);
5262
5263 if (rename(pattern, p) < 0) {
5264 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5265 goto fail;
5266 }
5267
5268 u->exported_log_extra_fields = true;
5269 return 0;
5270
5271fail:
5272 (void) unlink(pattern);
5273 return r;
5274}
5275
5ac1530e 5276static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5277 _cleanup_free_ char *buf = NULL;
5278 const char *p;
5279 int r;
5280
5281 assert(u);
5282 assert(c);
5283
5ac1530e 5284 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5285 return 0;
5286
5ac1530e 5287 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5288 return 0;
5289
5290 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5291
5ac1530e 5292 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5293 return log_oom();
5294
5295 r = symlink_atomic(buf, p);
5296 if (r < 0)
5297 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5298
5ac1530e 5299 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5300 return 0;
5301}
5302
5ac1530e 5303static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5304 _cleanup_free_ char *buf = NULL;
5305 const char *p;
5306 int r;
5307
5308 assert(u);
5309 assert(c);
5310
5ac1530e 5311 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5312 return 0;
5313
5ac1530e 5314 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5315 return 0;
5316
5317 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5318
5ac1530e 5319 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5320 return log_oom();
5321
5322 r = symlink_atomic(buf, p);
5323 if (r < 0)
5324 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5325
5ac1530e 5326 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5327 return 0;
5328}
5329
d3070fbd
LP		 5330void unit_export_state_files(Unit *u) {
5331 const ExecContext *c;
5332
5333 assert(u);
5334
5335 if (!u->id)
5336 return;
5337
638cece4 5338 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5339 return;
5340
d3070fbd
LP		 5341 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5342 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5343 * the IPC system itself and PID 1 also log to the journal.
5344 *
5345 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5346 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5347 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5348 * namespace at least.
5349 *
5350 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5351 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5352 * them with one. */
5353
5354 (void) unit_export_invocation_id(u);
5355
2f8c48b6
AZ		 5356 if (!MANAGER_IS_SYSTEM(u->manager))
5357 return;
5358
d3070fbd
LP		 5359 c = unit_get_exec_context(u);
5360 if (c) {
5361 (void) unit_export_log_level_max(u, c);
5362 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5363 (void) unit_export_log_ratelimit_interval(u, c);
5364 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5365 }
5366}
5367
5368void unit_unlink_state_files(Unit *u) {
5369 const char *p;
5370
5371 assert(u);
5372
5373 if (!u->id)
5374 return;
5375
d3070fbd
LP		 5376 /* Undoes the effect of unit_export_state() */
5377
5378 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5379 _cleanup_free_ char *invocation_path = NULL;
5380 int r = unit_get_invocation_path(u, &invocation_path);
5381 if (r >= 0) {
5382 (void) unlink(invocation_path);
5383 u->exported_invocation_id = false;
5384 }
d3070fbd
LP		 5385 }
5386
2f8c48b6
AZ		 5387 if (!MANAGER_IS_SYSTEM(u->manager))
5388 return;
5389
d3070fbd
LP		 5390 if (u->exported_log_level_max) {
5391 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5392 (void) unlink(p);
5393
5394 u->exported_log_level_max = false;
5395 }
5396
5397 if (u->exported_log_extra_fields) {
5398 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5399 (void) unlink(p);
5400
5401 u->exported_log_extra_fields = false;
5402 }
90fc172e 5403
5ac1530e 5404 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5405 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5406 (void) unlink(p);
5407
5ac1530e 5408 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5409 }
5410
5ac1530e 5411 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5412 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5413 (void) unlink(p);
5414
5ac1530e 5415 u->exported_log_ratelimit_burst = false;
90fc172e 5416 }
d3070fbd 5417}
5afe510c 5418
3c7416b6
LP		 5419int unit_prepare_exec(Unit *u) {
5420 int r;
5421
5422 assert(u);
5423
fab34748
KL		 5424 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5425 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5426 r = bpf_firewall_load_custom(u);
5427 if (r < 0)
5428 return r;
5429
3c7416b6
LP		 5430 /* Prepares everything so that we can fork of a process for this unit */
5431
5432 (void) unit_realize_cgroup(u);
5433
5434 if (u->reset_accounting) {
9b2559a1 5435 (void) unit_reset_accounting(u);
3c7416b6
LP		 5436 u->reset_accounting = false;
5437 }
5438
5439 unit_export_state_files(u);
5440
5441 r = unit_setup_exec_runtime(u);
5442 if (r < 0)
5443 return r;
5444
5445 r = unit_setup_dynamic_creds(u);
5446 if (r < 0)
5447 return r;
5448
5449 return 0;
5450}
5451
4c425434
LP		 5452static bool ignore_leftover_process(const char *comm) {
5453 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5454}
5455
5456int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
a4634b21
LP		 5457 _cleanup_free_ char *comm = NULL;
5458
5459 (void) get_process_comm(pid, &comm);
5460
4c425434 5461 if (ignore_leftover_process(comm))
c53d2d54 5462 return 0;
a4634b21 5463
4c425434
LP		 5464 /* During start we print a warning */
5465
a4634b21
LP		 5466 log_unit_warning(userdata,
5467 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5468 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5469 pid, strna(comm));
c53d2d54
DB		 5470
5471 return 1;
a4634b21
LP		 5472}
5473
4c425434
LP		 5474int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5475 _cleanup_free_ char *comm = NULL;
5476
5477 (void) get_process_comm(pid, &comm);
5478
5479 if (ignore_leftover_process(comm))
5480 return 0;
5481
5482 /* During stop we only print an informational message */
5483
5484 log_unit_info(userdata,
5485 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5486 pid, strna(comm));
5487
5488 return 1;
5489}
5490
5491int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5492 assert(u);
5493
5494 (void) unit_pick_cgroup_path(u);
5495
5496 if (!u->cgroup_path)
c53d2d54 5497 return 0;
a4634b21 5498
4c425434 5499 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
a4634b21
LP		 5500}
5501
bb2c7685
LP		 5502bool unit_needs_console(Unit *u) {
5503 ExecContext *ec;
5504 UnitActiveState state;
5505
5506 assert(u);
5507
5508 state = unit_active_state(u);
5509
5510 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5511 return false;
5512
5513 if (UNIT_VTABLE(u)->needs_console)
5514 return UNIT_VTABLE(u)->needs_console(u);
5515
5516 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5517 ec = unit_get_exec_context(u);
5518 if (!ec)
5519 return false;
5520
5521 return exec_context_may_touch_console(ec);
5522}
5523
f156e60c 5524const char *unit_label_path(const Unit *u) {
81e9871e
LP		 5525 const char *p;
5526
f156e60c
CG		 5527 assert(u);
5528
81e9871e
LP		 5529 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5530 * when validating access checks. */
5531
9cbf1282
LP		 5532 if (IN_SET(u->load_state, UNIT_MASKED, UNIT_NOT_FOUND, UNIT_MERGED))
5533 return NULL; /* Shortcut things if we know there is no real, relevant unit file around */
5534
81e9871e
LP		 5535 p = u->source_path ?: u->fragment_path;
5536 if (!p)
5537 return NULL;
5538
9cbf1282
LP		 5539 if (IN_SET(u->load_state, UNIT_LOADED, UNIT_BAD_SETTING, UNIT_ERROR))
5540 return p; /* Shortcut things, if we successfully loaded at least some stuff from the unit file */
5541
5542 /* Not loaded yet, we need to go to disk */
5543 assert(u->load_state == UNIT_STUB);
5544
81e9871e 5545 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
640f3b14 5546 if (null_or_empty_path(p) > 0)
81e9871e
LP		 5547 return NULL;
5548
5549 return p;
5550}
5551
6592b975
LP		 5552int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5553 int r;
5554
5555 assert(u);
5556
5557 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5558 * and not a kernel thread either */
5559
5560 /* First, a simple range check */
5561 if (!pid_is_valid(pid))
5562 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5563
5564 /* Some extra safety check */
5565 if (pid == 1 || pid == getpid_cached())
3fe91079 5566 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
6592b975
LP		 5567
5568 /* Don't even begin to bother with kernel threads */
5569 r = is_kernel_thread(pid);
5570 if (r == -ESRCH)
5571 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5572 if (r < 0)
5573 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5574 if (r > 0)
5575 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5576
5577 return 0;
5578}
5579
523ee2d4
LP		 5580void unit_log_success(Unit *u) {
5581 assert(u);
5582
edf2ee22
JM		 5583 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5584 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5585 * a lot of devices. */
5586 log_unit_struct(u,
5587 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 5588 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5589 LOG_UNIT_INVOCATION_ID(u),
5590 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 5591}
5592
7c047d74
LP		 5593void unit_log_failure(Unit *u, const char *result) {
5594 assert(u);
5595 assert(result);
5596
c2503e35
RH		 5597 log_unit_struct(u, LOG_WARNING,
5598 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5599 LOG_UNIT_INVOCATION_ID(u),
5600 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5601 "UNIT_RESULT=%s", result);
7c047d74
LP		 5602}
5603
31cd5f63
AZ		 5604void unit_log_skip(Unit *u, const char *result) {
5605 assert(u);
5606 assert(result);
5607
c2503e35
RH		 5608 log_unit_struct(u, LOG_INFO,
5609 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5610 LOG_UNIT_INVOCATION_ID(u),
5611 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5612 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 5613}
5614
91bbd9b7
LP		 5615void unit_log_process_exit(
5616 Unit *u,
91bbd9b7
LP		 5617 const char *kind,
5618 const char *command,
5cc2cd1c 5619 bool success,
91bbd9b7
LP		 5620 int code,
5621 int status) {
5622
5cc2cd1c
ZJS		 5623 int level;
5624
91bbd9b7
LP		 5625 assert(u);
5626 assert(kind);
5627
5cc2cd1c
ZJS		 5628 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5629 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5630 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5631 * WARNING. */
5632 if (success)
5633 level = LOG_DEBUG;
5634 else if (code == CLD_EXITED)
5635 level = LOG_NOTICE;
5636 else
91bbd9b7
LP		 5637 level = LOG_WARNING;
5638
c2503e35
RH		 5639 log_unit_struct(u, level,
5640 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 5641 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 5642 kind,
5643 sigchld_code_to_string(code), status,
5644 strna(code == CLD_EXITED
5645 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 5646 : signal_to_string(status)),
5647 success ? " (success)" : ""),
c2503e35
RH		 5648 "EXIT_CODE=%s", sigchld_code_to_string(code),
5649 "EXIT_STATUS=%i", status,
5650 "COMMAND=%s", strna(command),
5651 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 5652}
5653
7af67e9a
LP		 5654int unit_exit_status(Unit *u) {
5655 assert(u);
5656
5657 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5658 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5659 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5660 * service process has exited abnormally (signal/coredump). */
5661
5662 if (!UNIT_VTABLE(u)->exit_status)
5663 return -EOPNOTSUPP;
5664
5665 return UNIT_VTABLE(u)->exit_status(u);
5666}
5667
5668int unit_failure_action_exit_status(Unit *u) {
5669 int r;
5670
5671 assert(u);
5672
5673 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5674
5675 if (u->failure_action_exit_status >= 0)
5676 return u->failure_action_exit_status;
5677
5678 r = unit_exit_status(u);
5679 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5680 return 255;
5681
5682 return r;
5683}
5684
5685int unit_success_action_exit_status(Unit *u) {
5686 int r;
5687
5688 assert(u);
5689
5690 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5691
5692 if (u->success_action_exit_status >= 0)
5693 return u->success_action_exit_status;
5694
5695 r = unit_exit_status(u);
5696 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5697 return 255;
5698
5699 return r;
5700}
5701
a4191c9f
LP		 5702int unit_test_trigger_loaded(Unit *u) {
5703 Unit *trigger;
5704
5705 /* Tests whether the unit to trigger is loaded */
5706
5707 trigger = UNIT_TRIGGER(u);
5708 if (!trigger)
e7b9f4d9
ZJS		 5709 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5710 "Refusing to start, no unit to trigger.");
a4191c9f 5711 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 5712 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5713 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 5714
5715 return 0;
5716}
5717
bb0c0d6f
LP		 5718void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
5719 assert(u);
5720 assert(context);
5721
95939aed
YW		 5722 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5723 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5724 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f
LP		 5725
5726 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
95939aed
YW		 5727}
5728
380dc8b0
LP		 5729int unit_clean(Unit *u, ExecCleanMask mask) {
5730 UnitActiveState state;
5731
5732 assert(u);
5733
5734 /* Special return values:
5735 *
5736 * -EOPNOTSUPP → cleaning not supported for this unit type
5737 * -EUNATCH → cleaning not defined for this resource type
5738 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5739 * a job queued or similar
5740 */
5741
5742 if (!UNIT_VTABLE(u)->clean)
5743 return -EOPNOTSUPP;
5744
5745 if (mask == 0)
5746 return -EUNATCH;
5747
5748 if (u->load_state != UNIT_LOADED)
5749 return -EBUSY;
5750
5751 if (u->job)
5752 return -EBUSY;
5753
5754 state = unit_active_state(u);
5755 if (!IN_SET(state, UNIT_INACTIVE))
5756 return -EBUSY;
5757
5758 return UNIT_VTABLE(u)->clean(u, mask);
5759}
5760
5761int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5762 assert(u);
5763
5764 if (!UNIT_VTABLE(u)->clean ||
5765 u->load_state != UNIT_LOADED) {
5766 *ret = 0;
5767 return 0;
5768 }
5769
5770 /* When the clean() method is set, can_clean() really should be set too */
5771 assert(UNIT_VTABLE(u)->can_clean);
5772
5773 return UNIT_VTABLE(u)->can_clean(u, ret);
5774}
5775
d9e45bc3
MS		 5776bool unit_can_freeze(Unit *u) {
5777 assert(u);
5778
5779 if (UNIT_VTABLE(u)->can_freeze)
5780 return UNIT_VTABLE(u)->can_freeze(u);
5781
5782 return UNIT_VTABLE(u)->freeze;
5783}
5784
5785void unit_frozen(Unit *u) {
5786 assert(u);
5787
5788 u->freezer_state = FREEZER_FROZEN;
5789
5790 bus_unit_send_pending_freezer_message(u);
5791}
5792
5793void unit_thawed(Unit *u) {
5794 assert(u);
5795
5796 u->freezer_state = FREEZER_RUNNING;
5797
5798 bus_unit_send_pending_freezer_message(u);
5799}
5800
5801static int unit_freezer_action(Unit *u, FreezerAction action) {
5802 UnitActiveState s;
5803 int (*method)(Unit*);
5804 int r;
5805
5806 assert(u);
5807 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
5808
5809 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
5810 if (!method || !cg_freezer_supported())
5811 return -EOPNOTSUPP;
5812
5813 if (u->job)
5814 return -EBUSY;
5815
5816 if (u->load_state != UNIT_LOADED)
5817 return -EHOSTDOWN;
5818
5819 s = unit_active_state(u);
5820 if (s != UNIT_ACTIVE)
5821 return -EHOSTDOWN;
5822
5823 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
5824 return -EALREADY;
5825
5826 r = method(u);
5827 if (r <= 0)
5828 return r;
5829
5830 return 1;
5831}
5832
5833int unit_freeze(Unit *u) {
5834 return unit_freezer_action(u, FREEZER_FREEZE);
5835}
5836
5837int unit_thaw(Unit *u) {
5838 return unit_freezer_action(u, FREEZER_THAW);
5839}
5840
5841/* Wrappers around low-level cgroup freezer operations common for service and scope units */
5842int unit_freeze_vtable_common(Unit *u) {
5843 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
5844}
5845
5846int unit_thaw_vtable_common(Unit *u) {
5847 return unit_cgroup_freezer_action(u, FREEZER_THAW);
5848}
5849
6e548561
DDM		 5850Condition *unit_find_failed_condition(Unit *u) {
5851 Condition *c, *failed_trigger = NULL;
5852 bool has_succeeded_trigger = false;
5853
5854 if (u->condition_result)
5855 return NULL;
5856
5857 LIST_FOREACH(conditions, c, u->conditions)
5858 if (c->trigger) {
5859 if (c->result == CONDITION_SUCCEEDED)
5860 has_succeeded_trigger = true;
5861 else if (!failed_trigger)
5862 failed_trigger = c;
5863 } else if (c->result != CONDITION_SUCCEEDED)
5864 return c;
5865
5866 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
5867}
5868
5afe510c
LP		 5869static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5870 [COLLECT_INACTIVE] = "inactive",
5871 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5872};
5873
5874DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 5875
5876Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
5877 Unit *i;
5878
5879 assert(u);
5880
5881 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5882 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5883 * is NULL the first entry found), or NULL if not found. */
5884
5885 UNIT_FOREACH_DEPENDENCY(i, u, atom)
5886 if (!other || other == i)
5887 return i;
5888
5889 return NULL;
5890}
5891
5892int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
5893 _cleanup_free_ Unit **array = NULL;
5894 size_t n = 0;
5895 Unit *other;
5896
5897 assert(u);
5898 assert(ret_array);
5899
5900 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5901 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 5902 * while the dependency table is continuously updated. */
15ed3c3a
LP		 5903
5904 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
5905 if (!GREEDY_REALLOC(array, n + 1))
5906 return -ENOMEM;
5907
5908 array[n++] = other;
5909 }
5910
5911 *ret_array = TAKE_PTR(array);
5912
5913 assert(n <= INT_MAX);
5914 return (int) n;
5915}
Unnamed repository; edit this file 'description' to name the repository.