]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/unit.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core/unit: raise log level for unit_log_resources on certain memory thresholds
[thirdparty/systemd.git] / src / core / unit.c
CommitLineData
db9ecf05 1/* SPDX-License-Identifier: LGPL-2.1-or-later */
a7334b09 2
87f0e418 3#include <errno.h>
0301abf4 4#include <stdlib.h>
4c253ed1 5#include <sys/prctl.h>
4f5dd394 6#include <unistd.h>
87f0e418 7
718db961
LP		 8#include "sd-id128.h"
9#include "sd-messages.h"
4f5dd394 10
57b7a260 11#include "all-units.h"
d68c645b 12#include "alloc-util.h"
fab34748 13#include "bpf-firewall.h"
5f8ba20d 14#include "bpf-foreign.h"
cd09a5f3 15#include "bpf-socket-bind.h"
4f5dd394 16#include "bus-common-errors.h"
8df433d7 17#include "bus-internal.h"
4f5dd394 18#include "bus-util.h"
fdb3deca 19#include "cgroup-setup.h"
c6c18be3 20#include "cgroup-util.h"
f461a28d 21#include "chase.h"
e30bbc90 22#include "core-varlink.h"
4f5dd394
LP		 23#include "dbus-unit.h"
24#include "dbus.h"
25#include "dropin.h"
88e4bfa6 26#include "env-util.h"
4f5dd394 27#include "escape.h"
43962c30 28#include "exec-credential.h"
4f5dd394 29#include "execute.h"
6a48d82f 30#include "fd-util.h"
a5c32cff 31#include "fileio-label.h"
ee228be1 32#include "fileio.h"
f97b34a6 33#include "format-util.h"
4b58153d 34#include "id128-util.h"
5cfa33e0 35#include "install.h"
bd1ae178 36#include "iovec-util.h"
0690160e 37#include "label-util.h"
4f5dd394
LP		 38#include "load-dropin.h"
39#include "load-fragment.h"
40#include "log.h"
8c41640a 41#include "logarithm.h"
4f5dd394 42#include "macro.h"
35cd0ba5 43#include "mkdir-label.h"
4f5dd394 44#include "path-util.h"
0b452006 45#include "process-util.h"
810ef318 46#include "rm-rf.h"
48b92b37 47#include "serialize.h"
4f5dd394 48#include "set.h"
6eb7c172 49#include "signal-util.h"
d3070fbd 50#include "sparse-endian.h"
e9db43d5 51#include "special.h"
2e59b241 52#include "specifier.h"
8fcde012 53#include "stat-util.h"
d054f0a4 54#include "stdio-util.h"
5afe510c 55#include "string-table.h"
07630cea 56#include "string-util.h"
4f5dd394 57#include "strv.h"
5b262f74 58#include "terminal-util.h"
e4de7287 59#include "tmpfile-util.h"
4f4afc88 60#include "umask-util.h"
4f5dd394 61#include "unit-name.h"
e9db43d5 62#include "unit.h"
b1d4f8e1
LP		 63#include "user-util.h"
64#include "virt.h"
91ce91c7
JK		 65#if BPF_FRAMEWORK
66#include "bpf-link.h"
67#endif
87f0e418 68
37109b85 69/* Thresholds for logging at INFO level about resource consumption */
b1b84bc5
MY		 70#define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
71#define MENTIONWORTHY_MEMORY_BYTES (64 * U64_MB)
72#define MENTIONWORTHY_IO_BYTES (1 * U64_MB)
73#define MENTIONWORTHY_IP_BYTES UINT64_C(0)
37109b85 74
b1b84bc5
MY		 75/* Thresholds for logging at NOTICE level about resource consumption */
76#define NOTICEWORTHY_CPU_NSEC (10 * NSEC_PER_MINUTE)
77#define NOTICEWORTHY_MEMORY_BYTES (512 * U64_MB)
78#define NOTICEWORTHY_IO_BYTES (10 * U64_MB)
79#define NOTICEWORTHY_IP_BYTES (128 * U64_MB)
37109b85 80
87f0e418
LP		 81const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
82 [UNIT_SERVICE] = &service_vtable,
87f0e418
LP		 83 [UNIT_SOCKET] = &socket_vtable,
84 [UNIT_TARGET] = &target_vtable,
85 [UNIT_DEVICE] = &device_vtable,
86 [UNIT_MOUNT] = &mount_vtable,
87 [UNIT_AUTOMOUNT] = &automount_vtable,
01f78473 88 [UNIT_SWAP] = &swap_vtable,
e821075a 89 [UNIT_TIMER] = &timer_vtable,
a016b922 90 [UNIT_PATH] = &path_vtable,
6c12b52e 91 [UNIT_SLICE] = &slice_vtable,
5afe510c 92 [UNIT_SCOPE] = &scope_vtable,
87f0e418
LP		 93};
94
75db809a 95Unit* unit_new(Manager *m, size_t size) {
87f0e418
LP		 96 Unit *u;
97
98 assert(m);
ac155bb8 99 assert(size >= sizeof(Unit));
87f0e418 100
7d17cfbc
MS		 101 u = malloc0(size);
102 if (!u)
87f0e418
LP		 103 return NULL;
104
ac155bb8
MS		 105 u->manager = m;
106 u->type = _UNIT_TYPE_INVALID;
ac155bb8
MS		 107 u->default_dependencies = true;
108 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
d2dc52db 109 u->unit_file_preset = -1;
d420282b 110 u->on_failure_job_mode = JOB_REPLACE;
294446dc 111 u->on_success_job_mode = JOB_FAIL;
0bb814c2 112 u->cgroup_control_inotify_wd = -1;
afcfaa69 113 u->cgroup_memory_inotify_wd = -1;
36c16a7c 114 u->job_timeout = USEC_INFINITY;
a2df3ea4 115 u->job_running_timeout = USEC_INFINITY;
00d9ef85
LP		 116 u->ref_uid = UID_INVALID;
117 u->ref_gid = GID_INVALID;
fe700f46 118 u->cpu_usage_last = NSEC_INFINITY;
9824ab1f 119
d4bdc202
MY		 120 unit_reset_memory_accounting_last(u);
121
122 unit_reset_io_accounting_last(u);
9824ab1f 123
17f14955 124 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
7af67e9a 125 u->failure_action_exit_status = u->success_action_exit_status = -1;
87f0e418 126
254d1313
ZJS		 127 u->ip_accounting_ingress_map_fd = -EBADF;
128 u->ip_accounting_egress_map_fd = -EBADF;
cbd2abbb 129
254d1313
ZJS		 130 u->ipv4_allow_map_fd = -EBADF;
131 u->ipv6_allow_map_fd = -EBADF;
132 u->ipv4_deny_map_fd = -EBADF;
133 u->ipv6_deny_map_fd = -EBADF;
6a48d82f 134
2e59b241
LP		 135 u->last_section_private = -1;
136
fed25720 137 u->start_ratelimit = (const RateLimit) {
c9e120e0 138 m->defaults.start_limit_interval,
fed25720 139 m->defaults.start_limit_burst,
c9e120e0
LP		 140 };
141
fed25720 142 u->auto_start_stop_ratelimit = (const RateLimit) { .interval = 10 * USEC_PER_SEC, .burst = 16 };
bea355da 143
87f0e418
LP		 144 return u;
145}
146
a581e45a 147int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
dc409696 148 _cleanup_(unit_freep) Unit *u = NULL;
a581e45a
LP		 149 int r;
150
151 u = unit_new(m, size);
152 if (!u)
153 return -ENOMEM;
154
155 r = unit_add_name(u, name);
dc409696 156 if (r < 0)
a581e45a 157 return r;
a581e45a 158
1cc6c93a
YW		 159 *ret = TAKE_PTR(u);
160
a581e45a
LP		 161 return r;
162}
163
303ee601 164bool unit_has_name(const Unit *u, const char *name) {
f278026d
LP		 165 assert(u);
166 assert(name);
167
4562c355
ZJS		 168 return streq_ptr(name, u->id) ||
169 set_contains(u->aliases, name);
f278026d
LP		 170}
171
598459ce
LP		 172static void unit_init(Unit *u) {
173 CGroupContext *cc;
174 ExecContext *ec;
175 KillContext *kc;
176
177 assert(u);
178 assert(u->manager);
179 assert(u->type >= 0);
180
181 cc = unit_get_cgroup_context(u);
182 if (cc) {
183 cgroup_context_init(cc);
184
185 /* Copy in the manager defaults into the cgroup
186 * context, _before_ the rest of the settings have
187 * been initialized */
188
c9e120e0
LP		 189 cc->cpu_accounting = u->manager->defaults.cpu_accounting;
190 cc->io_accounting = u->manager->defaults.io_accounting;
191 cc->blockio_accounting = u->manager->defaults.blockio_accounting;
192 cc->memory_accounting = u->manager->defaults.memory_accounting;
193 cc->tasks_accounting = u->manager->defaults.tasks_accounting;
194 cc->ip_accounting = u->manager->defaults.ip_accounting;
0af20ea2
LP		 195
196 if (u->type != UNIT_SLICE)
c9e120e0 197 cc->tasks_max = u->manager->defaults.tasks_max;
6bb00842 198
c9e120e0
LP		 199 cc->memory_pressure_watch = u->manager->defaults.memory_pressure_watch;
200 cc->memory_pressure_threshold_usec = u->manager->defaults.memory_pressure_threshold_usec;
598459ce
LP		 201 }
202
203 ec = unit_get_exec_context(u);
b1edf445 204 if (ec) {
598459ce
LP		 205 exec_context_init(ec);
206
c9e120e0
LP		 207 if (u->manager->defaults.oom_score_adjust_set) {
208 ec->oom_score_adjust = u->manager->defaults.oom_score_adjust;
d4a402e4
LP		 209 ec->oom_score_adjust_set = true;
210 }
211
5e37d193
FB		 212 if (MANAGER_IS_SYSTEM(u->manager))
213 ec->keyring_mode = EXEC_KEYRING_SHARED;
214 else {
215 ec->keyring_mode = EXEC_KEYRING_INHERIT;
216
217 /* User manager might have its umask redefined by PAM or UMask=. In this
218 * case let the units it manages inherit this value by default. They can
219 * still tune this value through their own unit file */
41beeb3e 220 (void) get_process_umask(0, &ec->umask);
5e37d193 221 }
b1edf445
LP		 222 }
223
598459ce
LP		 224 kc = unit_get_kill_context(u);
225 if (kc)
226 kill_context_init(kc);
227
228 if (UNIT_VTABLE(u)->init)
229 UNIT_VTABLE(u)->init(u);
230}
231
4562c355
ZJS		 232static int unit_add_alias(Unit *u, char *donated_name) {
233 int r;
234
235 /* Make sure that u->names is allocated. We may leave u->names
236 * empty if we fail later, but this is not a problem. */
973bc32a 237 r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name);
4562c355
ZJS		 238 if (r < 0)
239 return r;
240 assert(r > 0);
241
242 return 0;
243}
244
87f0e418 245int unit_add_name(Unit *u, const char *text) {
4562c355 246 _cleanup_free_ char *name = NULL, *instance = NULL;
87f0e418 247 UnitType t;
87f0e418
LP		 248 int r;
249
250 assert(u);
251 assert(text);
252
7410616c 253 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
ac155bb8 254 if (!u->instance)
acd1987a
WY		 255 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
256 "instance is not set when adding name '%s': %m", text);
87f0e418 257
4562c355 258 r = unit_name_replace_instance(text, u->instance, &name);
7410616c 259 if (r < 0)
acd1987a
WY		 260 return log_unit_debug_errno(u, r,
261 "failed to build instance name from '%s': %m", text);
7410616c 262 } else {
4562c355
ZJS		 263 name = strdup(text);
264 if (!name)
7410616c
LP		 265 return -ENOMEM;
266 }
87f0e418 267
4562c355 268 if (unit_has_name(u, name))
7410616c 269 return 0;
4562c355
ZJS		 270
271 if (hashmap_contains(u->manager->units, name))
acd1987a 272 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
4562c355 273 "unit already exist when adding name '%s': %m", name);
7410616c 274
4562c355 275 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
acd1987a 276 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
4562c355 277 "name '%s' is invalid: %m", name);
e537352b 278
4562c355 279 t = unit_name_to_type(name);
7410616c 280 if (t < 0)
acd1987a 281 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
cd990847 282 "failed to derive unit type from name '%s': %m", name);
87f0e418 283
598459ce 284 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
acd1987a
WY		 285 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
286 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
4562c355 287 u->type, t, name);
87f0e418 288
4562c355 289 r = unit_name_to_instance(name, &instance);
e48614c4 290 if (r < 0)
4562c355 291 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
87f0e418 292
4562c355
ZJS		 293 if (instance && !unit_type_may_template(t))
294 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
9e2f7c11 295
d383acad
ZJS		 296 /* Ensure that this unit either has no instance, or that the instance matches. */
297 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
acd1987a 298 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
ada4b34e
ZJS		 299 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
300 name, instance, u->instance);
9e2f7c11 301
4562c355 302 if (u->id && !unit_type_may_alias(t))
ada4b34e
ZJS		 303 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
304 "cannot add name %s, aliases are not allowed for %s units.",
305 name, unit_type_to_string(t));
9e2f7c11 306
598459ce 307 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
ada4b34e 308 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
4f0f902f 309
4562c355
ZJS		 310 /* Add name to the global hashmap first, because that's easier to undo */
311 r = hashmap_put(u->manager->units, name, u);
7410616c 312 if (r < 0)
acd1987a 313 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
87f0e418 314
4562c355
ZJS		 315 if (u->id) {
316 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
317 if (r < 0) {
318 hashmap_remove(u->manager->units, name);
319 return r;
320 }
321 TAKE_PTR(name);
322
323 } else {
324 /* A new name, we don't need the set yet. */
325 assert(u->type == _UNIT_TYPE_INVALID);
326 assert(!u->instance);
327
ac155bb8 328 u->type = t;
4562c355
ZJS		 329 u->id = TAKE_PTR(name);
330 u->instance = TAKE_PTR(instance);
9e2f7c11 331
71fda00f 332 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
598459ce 333 unit_init(u);
598459ce 334 }
9e2f7c11 335
598459ce
LP		 336 unit_add_to_dbus_queue(u);
337 return 0;
87f0e418
LP		 338}
339
0ae97ec1 340int unit_choose_id(Unit *u, const char *name) {
68eda4bd 341 _cleanup_free_ char *t = NULL;
4562c355 342 char *s;
276c3e78 343 int r;
0ae97ec1
LP		 344
345 assert(u);
346 assert(name);
347
7410616c 348 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 349 if (!u->instance)
9e2f7c11
LP		 350 return -EINVAL;
351
7410616c
LP		 352 r = unit_name_replace_instance(name, u->instance, &t);
353 if (r < 0)
354 return r;
9e2f7c11
LP		 355
356 name = t;
357 }
358
4562c355
ZJS		 359 if (streq_ptr(u->id, name))
360 return 0; /* Nothing to do. */
361
362 /* Selects one of the aliases of this unit as the id */
363 s = set_get(u->aliases, (char*) name);
9e2f7c11 364 if (!s)
0ae97ec1
LP		 365 return -ENOENT;
366
4562c355
ZJS		 367 if (u->id) {
368 r = set_remove_and_put(u->aliases, name, u->id);
369 if (r < 0)
370 return r;
371 } else
372 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
276c3e78 373
4562c355 374 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
c1e1601e 375 unit_add_to_dbus_queue(u);
9e2f7c11 376
0ae97ec1
LP		 377 return 0;
378}
379
f50e0a01 380int unit_set_description(Unit *u, const char *description) {
84b26d51 381 int r;
f50e0a01
LP		 382
383 assert(u);
384
84b26d51
LP		 385 r = free_and_strdup(&u->description, empty_to_null(description));
386 if (r < 0)
387 return r;
388 if (r > 0)
389 unit_add_to_dbus_queue(u);
c1e1601e 390
f50e0a01
LP		 391 return 0;
392}
393
02de9614
ZJS		 394static bool unit_success_failure_handler_has_jobs(Unit *unit) {
395 Unit *other;
396
397 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS)
398 if (other->job || other->nop_job)
399 return true;
400
401 UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE)
402 if (other->job || other->nop_job)
403 return true;
404
405 return false;
406}
407
6ac62d61
LP		 408void unit_release_resources(Unit *u) {
409 UnitActiveState state;
1ba84fef 410 ExecContext *ec;
6ac62d61
LP		 411
412 assert(u);
413
414 if (u->job || u->nop_job)
415 return;
416
417 if (u->perpetual)
418 return;
419
420 state = unit_active_state(u);
421 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
422 return;
423
424 if (unit_will_restart(u))
425 return;
426
1ba84fef
LP		 427 ec = unit_get_exec_context(u);
428 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
429 exec_context_destroy_runtime_directory(ec, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
430
6ac62d61
LP		 431 if (UNIT_VTABLE(u)->release_resources)
432 UNIT_VTABLE(u)->release_resources(u);
433}
434
f2f725e5 435bool unit_may_gc(Unit *u) {
a354329f 436 UnitActiveState state;
e98b2fbb 437 int r;
5afe510c 438
701cc384
LP		 439 assert(u);
440
6ac62d61
LP		 441 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the
442 * unit may be collected, and false if there's some reason to keep it loaded.
2641f02e 443 *
6ac62d61
LP		 444 * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but
445 * using markers to properly collect dependency loops.
2641f02e 446 */
5afe510c 447
02de9614 448 if (u->job || u->nop_job)
f2f725e5 449 return false;
6c073082 450
f5869324 451 if (u->perpetual)
f2f725e5 452 return false;
9d576438 453
935f8042
LP		 454 /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove
455 * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued
456 * before we release the unit. */
457 if (u->in_cgroup_empty_queue || u->in_cgroup_oom_queue)
8db99898
RP		 458 return false;
459
af05bb97
LP		 460 /* Make sure to send out D-Bus events before we unload the unit */
461 if (u->in_dbus_queue)
462 return false;
463
05a98afd 464 if (sd_bus_track_count(u->bus_track) > 0)
f2f725e5 465 return false;
05a98afd 466
6ac62d61
LP		 467 state = unit_active_state(u);
468
469 /* But we keep the unit object around for longer when it is referenced or configured to not be
470 * gc'ed */
5afe510c
LP		 471 switch (u->collect_mode) {
472
473 case COLLECT_INACTIVE:
474 if (state != UNIT_INACTIVE)
f2f725e5 475 return false;
5afe510c
LP		 476
477 break;
478
479 case COLLECT_INACTIVE_OR_FAILED:
480 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
f2f725e5 481 return false;
5afe510c
LP		 482
483 break;
484
485 default:
04499a70 486 assert_not_reached();
5afe510c
LP		 487 }
488
02de9614
ZJS		 489 /* Check if any OnFailure= or on Success= jobs may be pending */
490 if (unit_success_failure_handler_has_jobs(u))
491 return false;
492
e98b2fbb
LP		 493 if (u->cgroup_path) {
494 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
495 * around. Units with active processes should never be collected. */
496
497 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
498 if (r < 0)
6178e2f8 499 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u->cgroup_path));
e98b2fbb 500 if (r <= 0)
f2f725e5 501 return false;
e98b2fbb
LP		 502 }
503
6ac62d61
LP		 504 if (!UNIT_VTABLE(u)->may_gc)
505 return true;
701cc384 506
6ac62d61 507 return UNIT_VTABLE(u)->may_gc(u);
701cc384
LP		 508}
509
87f0e418
LP		 510void unit_add_to_load_queue(Unit *u) {
511 assert(u);
ac155bb8 512 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 513
ac155bb8 514 if (u->load_state != UNIT_STUB || u->in_load_queue)
87f0e418
LP		 515 return;
516
71fda00f 517 LIST_PREPEND(load_queue, u->manager->load_queue, u);
ac155bb8 518 u->in_load_queue = true;
87f0e418
LP		 519}
520
23a177ef
LP		 521void unit_add_to_cleanup_queue(Unit *u) {
522 assert(u);
523
ac155bb8 524 if (u->in_cleanup_queue)
23a177ef
LP		 525 return;
526
71fda00f 527 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
ac155bb8 528 u->in_cleanup_queue = true;
23a177ef
LP		 529}
530
701cc384
LP		 531void unit_add_to_gc_queue(Unit *u) {
532 assert(u);
533
ac155bb8 534 if (u->in_gc_queue || u->in_cleanup_queue)
701cc384
LP		 535 return;
536
f2f725e5 537 if (!unit_may_gc(u))
701cc384
LP		 538 return;
539
c5a97ed1 540 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
ac155bb8 541 u->in_gc_queue = true;
701cc384
LP		 542}
543
c1e1601e
LP		 544void unit_add_to_dbus_queue(Unit *u) {
545 assert(u);
ac155bb8 546 assert(u->type != _UNIT_TYPE_INVALID);
c1e1601e 547
ac155bb8 548 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
c1e1601e
LP		 549 return;
550
a567261a 551 /* Shortcut things if nobody cares */
8f8f05a9 552 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
ae572acd 553 sd_bus_track_count(u->bus_track) <= 0 &&
8f8f05a9 554 set_isempty(u->manager->private_buses)) {
ac155bb8 555 u->sent_dbus_new_signal = true;
94b6dfa2
LP		 556 return;
557 }
558
71fda00f 559 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
ac155bb8 560 u->in_dbus_queue = true;
c1e1601e
LP		 561}
562
fda09318 563void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
a3c1168a
LP		 564 assert(u);
565
566 if (u->in_stop_when_unneeded_queue)
567 return;
568
569 if (!u->stop_when_unneeded)
570 return;
571
572 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
573 return;
574
575 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
576 u->in_stop_when_unneeded_queue = true;
577}
578
0bc488c9
LP		 579void unit_submit_to_start_when_upheld_queue(Unit *u) {
580 assert(u);
581
582 if (u->in_start_when_upheld_queue)
583 return;
584
585 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
586 return;
587
588 if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL))
589 return;
590
591 LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
592 u->in_start_when_upheld_queue = true;
593}
594
56c59592
LP		 595void unit_submit_to_stop_when_bound_queue(Unit *u) {
596 assert(u);
597
598 if (u->in_stop_when_bound_queue)
599 return;
600
601 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
602 return;
603
604 if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL))
605 return;
606
607 LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
608 u->in_stop_when_bound_queue = true;
609}
610
1ba84fef
LP		 611static bool unit_can_release_resources(Unit *u) {
612 ExecContext *ec;
613
614 assert(u);
615
616 if (UNIT_VTABLE(u)->release_resources)
617 return true;
618
619 ec = unit_get_exec_context(u);
620 if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART)
621 return true;
622
623 return false;
624}
625
6ac62d61
LP		 626void unit_submit_to_release_resources_queue(Unit *u) {
627 assert(u);
628
629 if (u->in_release_resources_queue)
630 return;
631
632 if (u->job || u->nop_job)
633 return;
634
635 if (u->perpetual)
636 return;
637
1ba84fef 638 if (!unit_can_release_resources(u))
6ac62d61
LP		 639 return;
640
641 LIST_PREPEND(release_resources_queue, u->manager->release_resources_queue, u);
642 u->in_release_resources_queue = true;
643}
644
15ed3c3a 645static void unit_clear_dependencies(Unit *u) {
87f0e418
LP		 646 assert(u);
647
15ed3c3a
LP		 648 /* Removes all dependencies configured on u and their reverse dependencies. */
649
650 for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) {
87f0e418 651
15ed3c3a
LP		 652 for (Unit *other; (other = hashmap_steal_first_key(deps));) {
653 Hashmap *other_deps;
701cc384 654
15ed3c3a
LP		 655 HASHMAP_FOREACH(other_deps, other->dependencies)
656 hashmap_remove(other_deps, u);
657
658 unit_add_to_gc_queue(other);
659 }
660
661 hashmap_free(deps);
87f0e418
LP		 662 }
663
15ed3c3a 664 u->dependencies = hashmap_free(u->dependencies);
87f0e418
LP		 665}
666
c2756a68 667static void unit_remove_transient(Unit *u) {
c2756a68
LP		 668 assert(u);
669
670 if (!u->transient)
671 return;
672
673 if (u->fragment_path)
3f5e8115 674 (void) unlink(u->fragment_path);
c2756a68
LP		 675
676 STRV_FOREACH(i, u->dropin_paths) {
39591351 677 _cleanup_free_ char *p = NULL, *pp = NULL;
c2756a68 678
45519d13 679 if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */
39591351
LP		 680 continue;
681
45519d13 682 if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */
39591351
LP		 683 continue;
684
685 /* Only drop transient drop-ins */
686 if (!path_equal(u->manager->lookup_paths.transient, pp))
687 continue;
c2756a68 688
39591351
LP		 689 (void) unlink(*i);
690 (void) rmdir(p);
c2756a68
LP		 691 }
692}
693
9e615fa3 694static void unit_free_mounts_for(Unit *u) {
eef85c4a 695 assert(u);
a57f7e2c 696
9e615fa3
LB		 697 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
698 for (;;) {
699 _cleanup_free_ char *path = NULL;
700
701 path = hashmap_steal_first_key(u->mounts_for[t]);
702 if (!path)
703 break;
a57f7e2c 704
eef85c4a 705 char s[strlen(path) + 1];
a57f7e2c 706
eef85c4a
LP		 707 PATH_FOREACH_PREFIX_MORE(s, path) {
708 char *y;
709 Set *x;
710
9e615fa3 711 x = hashmap_get2(u->manager->units_needing_mounts_for[t], s, (void**) &y);
eef85c4a
LP		 712 if (!x)
713 continue;
a57f7e2c 714
eef85c4a 715 (void) set_remove(x, u);
a57f7e2c 716
eef85c4a 717 if (set_isempty(x)) {
9e615fa3 718 assert_se(hashmap_remove(u->manager->units_needing_mounts_for[t], y));
eef85c4a
LP		 719 free(y);
720 set_free(x);
721 }
a57f7e2c
LP		 722 }
723 }
a57f7e2c 724
9e615fa3
LB		 725 u->mounts_for[t] = hashmap_free(u->mounts_for[t]);
726 }
a57f7e2c
LP		 727}
728
598459ce
LP		 729static void unit_done(Unit *u) {
730 ExecContext *ec;
731 CGroupContext *cc;
732
733 assert(u);
734
735 if (u->type < 0)
736 return;
737
738 if (UNIT_VTABLE(u)->done)
739 UNIT_VTABLE(u)->done(u);
740
741 ec = unit_get_exec_context(u);
742 if (ec)
743 exec_context_done(ec);
744
745 cc = unit_get_cgroup_context(u);
746 if (cc)
747 cgroup_context_done(cc);
748}
749
75db809a 750Unit* unit_free(Unit *u) {
12f64221 751 Unit *slice;
87f0e418
LP		 752 char *t;
753
c9d5c9c0 754 if (!u)
75db809a 755 return NULL;
87f0e418 756
7223d500
LB		 757 sd_event_source_disable_unref(u->auto_start_stop_event_source);
758
50fb00b7 759 u->transient_file = safe_fclose(u->transient_file);
4f4afc88 760
2c289ea8 761 if (!MANAGER_IS_RELOADING(u->manager))
c2756a68
LP		 762 unit_remove_transient(u);
763
c1e1601e
LP		 764 bus_unit_send_removed_signal(u);
765
598459ce 766 unit_done(u);
a013b84b 767
50be4f4a 768 unit_dequeue_rewatch_pids(u);
cf9fd508 769
73458283
YW		 770 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
771 u->bus_track = sd_bus_track_unref(u->bus_track);
05a98afd 772 u->deserialized_refs = strv_free(u->deserialized_refs);
af1e3365 773 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
05a98afd 774
9e615fa3 775 unit_free_mounts_for(u);
a57f7e2c 776
90e74a66 777 SET_FOREACH(t, u->aliases)
ac155bb8 778 hashmap_remove_value(u->manager->units, t, u);
4562c355
ZJS		 779 if (u->id)
780 hashmap_remove_value(u->manager->units, u->id, u);
87f0e418 781
4b58153d
LP		 782 if (!sd_id128_is_null(u->invocation_id))
783 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
784
97e7d748
MS		 785 if (u->job) {
786 Job *j = u->job;
787 job_uninstall(j);
788 job_free(j);
789 }
964e0949 790
e0209d83
MS		 791 if (u->nop_job) {
792 Job *j = u->nop_job;
793 job_uninstall(j);
794 job_free(j);
795 }
796
4c591f39
MK		 797 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
798 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
12f64221 799 slice = UNIT_GET_SLICE(u);
d219a2b0 800 unit_clear_dependencies(u);
12f64221
LP		 801 if (slice)
802 unit_add_family_to_cgroup_realize_queue(slice);
fb46fca7 803
adefcf28
LP		 804 if (u->on_console)
805 manager_unref_console(u->manager);
806
3d027d4d 807 fdset_free(u->initial_socket_bind_link_fds);
91ce91c7
JK		 808#if BPF_FRAMEWORK
809 bpf_link_free(u->ipv4_socket_bind_link);
810 bpf_link_free(u->ipv6_socket_bind_link);
811#endif
812
efdb0237 813 unit_release_cgroup(u);
72673e86 814
d3070fbd
LP		 815 if (!MANAGER_IS_RELOADING(u->manager))
816 unit_unlink_state_files(u);
817
00d9ef85
LP		 818 unit_unref_uid_gid(u, false);
819
5269eb6b 820 (void) manager_update_failed_units(u->manager, u, false);
db785129 821 set_remove(u->manager->startup_units, u);
f755e3b7 822
a911bb9a
LP		 823 unit_unwatch_all_pids(u);
824
7f7d01ed
ZJS		 825 while (u->refs_by_target)
826 unit_ref_unset(u->refs_by_target);
57020a3a 827
ac155bb8 828 if (u->type != _UNIT_TYPE_INVALID)
71fda00f 829 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
ef734fd6 830
ac155bb8 831 if (u->in_load_queue)
71fda00f 832 LIST_REMOVE(load_queue, u->manager->load_queue, u);
87f0e418 833
ac155bb8 834 if (u->in_dbus_queue)
71fda00f 835 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
c1e1601e 836
13e72103
MK		 837 if (u->in_cleanup_queue)
838 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
839
a2d72e26 840 if (u->in_gc_queue)
c5a97ed1 841 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
701cc384 842
91a6073e
LP		 843 if (u->in_cgroup_realize_queue)
844 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
87f0e418 845
09e24654
LP		 846 if (u->in_cgroup_empty_queue)
847 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
848
13e72103
MK		 849 if (u->in_cgroup_oom_queue)
850 LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u);
adefcf28 851
19496554
MS		 852 if (u->in_target_deps_queue)
853 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
854
a3c1168a
LP		 855 if (u->in_stop_when_unneeded_queue)
856 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
857
0bc488c9
LP		 858 if (u->in_start_when_upheld_queue)
859 LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u);
860
56c59592
LP		 861 if (u->in_stop_when_bound_queue)
862 LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u);
863
6ac62d61
LP		 864 if (u->in_release_resources_queue)
865 LIST_REMOVE(release_resources_queue, u->manager->release_resources_queue, u);
866
0fd9c28c 867 bpf_firewall_close(u);
fab34748 868
5f8ba20d
JK		 869 hashmap_free(u->bpf_foreign_by_key);
870
76dc1725 871 bpf_program_free(u->bpf_device_control_installed);
084c7007 872
6f50d4f7
MV		 873#if BPF_FRAMEWORK
874 bpf_link_free(u->restrict_ifaces_ingress_bpf_link);
875 bpf_link_free(u->restrict_ifaces_egress_bpf_link);
876#endif
877 fdset_free(u->initial_restric_ifaces_link_fds);
878
a946fa9b
ZJS		 879 condition_free_list(u->conditions);
880 condition_free_list(u->asserts);
f755e3b7 881
ac155bb8 882 free(u->description);
49dbfa7b 883 strv_free(u->documentation);
ac155bb8 884 free(u->fragment_path);
1b64d026 885 free(u->source_path);
ae7a7182 886 strv_free(u->dropin_paths);
ac155bb8 887 free(u->instance);
87f0e418 888
f189ab18 889 free(u->job_timeout_reboot_arg);
6bf0f408
LP		 890 free(u->reboot_arg);
891
23e9a7dd
LP		 892 free(u->access_selinux_context);
893
4562c355
ZJS		 894 set_free_free(u->aliases);
895 free(u->id);
896
48b92b37
LB		 897 activation_details_unref(u->activation_details);
898
75db809a 899 return mfree(u);
87f0e418
LP		 900}
901
d9e45bc3
MS		 902FreezerState unit_freezer_state(Unit *u) {
903 assert(u);
904
905 return u->freezer_state;
906}
907
908int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
909 char *values[1] = {};
910 int r;
911
912 assert(u);
913
914 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
915 STRV_MAKE("frozen"), values);
916 if (r < 0)
917 return r;
918
919 r = _FREEZER_STATE_INVALID;
920
921 if (values[0]) {
922 if (streq(values[0], "0"))
923 r = FREEZER_RUNNING;
924 else if (streq(values[0], "1"))
925 r = FREEZER_FROZEN;
926 }
927
928 free(values[0]);
929 *ret = r;
930
931 return 0;
932}
933
87f0e418
LP		 934UnitActiveState unit_active_state(Unit *u) {
935 assert(u);
936
ac155bb8 937 if (u->load_state == UNIT_MERGED)
6124958c
LP		 938 return unit_active_state(unit_follow_merge(u));
939
940 /* After a reload it might happen that a unit is not correctly
941 * loaded but still has a process around. That's why we won't
fdf20a31 942 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
87f0e418
LP		 943
944 return UNIT_VTABLE(u)->active_state(u);
945}
946
10a94420
LP		 947const char* unit_sub_state_to_string(Unit *u) {
948 assert(u);
949
950 return UNIT_VTABLE(u)->sub_state_to_string(u);
951}
952
15ed3c3a 953static int unit_merge_names(Unit *u, Unit *other) {
4562c355 954 char *name;
7c0b05e5 955 int r;
87f0e418 956
23a177ef
LP		 957 assert(u);
958 assert(other);
959
4562c355 960 r = unit_add_alias(u, other->id);
7c0b05e5
MS		 961 if (r < 0)
962 return r;
23a177ef 963
4562c355
ZJS		 964 r = set_move(u->aliases, other->aliases);
965 if (r < 0) {
966 set_remove(u->aliases, other->id);
967 return r;
968 }
23a177ef 969
4562c355
ZJS		 970 TAKE_PTR(other->id);
971 other->aliases = set_free_free(other->aliases);
23a177ef 972
90e74a66 973 SET_FOREACH(name, u->aliases)
4562c355 974 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
7c0b05e5
MS		 975
976 return 0;
87f0e418
LP		 977}
978
15ed3c3a
LP		 979static int unit_reserve_dependencies(Unit *u, Unit *other) {
980 size_t n_reserve;
981 Hashmap* deps;
982 void *d;
983 int r;
09a65f92
MS		 984
985 assert(u);
986 assert(other);
09a65f92 987
15ed3c3a
LP		 988 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
989 * fail.
990 *
18fe76eb 991 * First make some room in the per dependency type hashmaps. Using the summed size of both units'
15ed3c3a
LP		 992 * hashmaps is an estimate that is likely too high since they probably use some of the same
993 * types. But it's never too low, and that's all we need. */
994
995 n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies)));
996 if (n_reserve > 0) {
997 r = hashmap_ensure_allocated(&u->dependencies, NULL);
998 if (r < 0)
999 return r;
1000
1001 r = hashmap_reserve(u->dependencies, n_reserve);
1002 if (r < 0)
1003 return r;
1004 }
1005
1006 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
1007 * other unit's dependencies.
1008 *
1009 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
1010 * reserve anything for. In that case other's set will be transferred as a whole to u by
1011 * complete_move(). */
1012
1013 HASHMAP_FOREACH_KEY(deps, d, u->dependencies) {
1014 Hashmap *other_deps;
1015
1016 other_deps = hashmap_get(other->dependencies, d);
1017
1018 r = hashmap_reserve(deps, hashmap_size(other_deps));
1019 if (r < 0)
1020 return r;
1021 }
1022
1023 return 0;
1024}
1025
ed991163 1026static bool unit_should_warn_about_dependency(UnitDependency dependency) {
15ed3c3a 1027 /* Only warn about some unit types */
ed991163
YW		 1028 return IN_SET(dependency,
1029 UNIT_CONFLICTS,
1030 UNIT_CONFLICTED_BY,
1031 UNIT_BEFORE,
1032 UNIT_AFTER,
1033 UNIT_ON_SUCCESS,
1034 UNIT_ON_FAILURE,
1035 UNIT_TRIGGERS,
1036 UNIT_TRIGGERED_BY);
15ed3c3a
LP		 1037}
1038
1039static int unit_per_dependency_type_hashmap_update(
1040 Hashmap *per_type,
1041 Unit *other,
1042 UnitDependencyMask origin_mask,
1043 UnitDependencyMask destination_mask) {
1044
1045 UnitDependencyInfo info;
1046 int r;
1047
1048 assert(other);
1049 assert_cc(sizeof(void*) == sizeof(info));
1050
1051 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
1052 * exists, or insert it anew if not. */
09a65f92 1053
15ed3c3a
LP		 1054 info.data = hashmap_get(per_type, other);
1055 if (info.data) {
1056 /* Entry already exists. Add in our mask. */
1057
1058 if (FLAGS_SET(origin_mask, info.origin_mask) &&
1059 FLAGS_SET(destination_mask, info.destination_mask))
1060 return 0; /* NOP */
1061
1062 info.origin_mask |= origin_mask;
1063 info.destination_mask |= destination_mask;
1064
1065 r = hashmap_update(per_type, other, info.data);
1066 } else {
1067 info = (UnitDependencyInfo) {
1068 .origin_mask = origin_mask,
1069 .destination_mask = destination_mask,
1070 };
09a65f92 1071
15ed3c3a
LP		 1072 r = hashmap_put(per_type, other, info.data);
1073 }
1074 if (r < 0)
1075 return r;
1076
15ed3c3a 1077 return 1;
09a65f92
MS		 1078}
1079
c8b3b524
YW		 1080static void unit_merge_dependencies(Unit *u, Unit *other) {
1081 Hashmap *deps;
1082 void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here,
1083 * since the hashmaps all want it as void pointer. */
eef85c4a 1084
23a177ef
LP		 1085 assert(u);
1086 assert(other);
23a177ef 1087
15ed3c3a
LP		 1088 if (u == other)
1089 return;
1090
c8b3b524
YW		 1091 /* First, remove dependency to other. */
1092 HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) {
ed991163
YW		 1093 if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1094 log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.",
1095 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1096 other->id, other->id, u->id);
c8b3b524
YW		 1097
1098 if (hashmap_isempty(deps))
1099 hashmap_free(hashmap_remove(u->dependencies, dt));
1100 }
1101
15ed3c3a 1102 for (;;) {
5d2a48da 1103 _cleanup_hashmap_free_ Hashmap *other_deps = NULL;
15ed3c3a
LP		 1104 UnitDependencyInfo di_back;
1105 Unit *back;
15ed3c3a
LP		 1106
1107 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1108 other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt);
1109 if (!other_deps)
1110 break; /* done! */
1111
4b7918a6
YW		 1112 deps = hashmap_get(u->dependencies, dt);
1113
15ed3c3a
LP		 1114 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1115 * referenced units as 'back'. */
1116 HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) {
1117 Hashmap *back_deps;
1118 void *back_dt;
eef85c4a 1119
e66047ff 1120 if (back == u) {
15ed3c3a
LP		 1121 /* This is a dependency pointing back to the unit we want to merge with?
1122 * Suppress it (but warn) */
ed991163
YW		 1123 if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt)))
1124 log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.",
1125 unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)),
1126 u->id, other->id, other->id, u->id);
1127
4b7918a6 1128 hashmap_remove(other_deps, back);
15ed3c3a
LP		 1129 continue;
1130 }
eef85c4a 1131
15ed3c3a
LP		 1132 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1133 * point to 'u' instead. */
1134 HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) {
1135 UnitDependencyInfo di_move;
eef85c4a 1136
15ed3c3a
LP		 1137 di_move.data = hashmap_remove(back_deps, other);
1138 if (!di_move.data)
1139 continue;
eef85c4a 1140
15ed3c3a
LP		 1141 assert_se(unit_per_dependency_type_hashmap_update(
1142 back_deps,
1143 u,
1144 di_move.origin_mask,
1145 di_move.destination_mask) >= 0);
1146 }
eef85c4a 1147
15ed3c3a 1148 /* The target unit already has dependencies of this type, let's then merge this individually. */
4b7918a6
YW		 1149 if (deps)
1150 assert_se(unit_per_dependency_type_hashmap_update(
1151 deps,
1152 back,
1153 di_back.origin_mask,
1154 di_back.destination_mask) >= 0);
15ed3c3a 1155 }
4b7918a6
YW		 1156
1157 /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'.
1158 * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have
1159 * dependencies of this type, let's move them per type wholesale. */
1160 if (!deps)
1161 assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0);
15ed3c3a 1162 }
23a177ef 1163
15ed3c3a 1164 other->dependencies = hashmap_free(other->dependencies);
23a177ef
LP		 1165}
1166
1167int unit_merge(Unit *u, Unit *other) {
09a65f92 1168 int r;
87f0e418
LP		 1169
1170 assert(u);
1171 assert(other);
ac155bb8
MS		 1172 assert(u->manager == other->manager);
1173 assert(u->type != _UNIT_TYPE_INVALID);
87f0e418 1174
cc916967
LP		 1175 other = unit_follow_merge(other);
1176
23a177ef
LP		 1177 if (other == u)
1178 return 0;
1179
ac155bb8 1180 if (u->type != other->type)
9e2f7c11
LP		 1181 return -EINVAL;
1182
8a993b61 1183 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
934e749e
LP		 1184 return -EEXIST;
1185
ec2ce0c5 1186 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
23a177ef 1187 return -EEXIST;
87f0e418 1188
d383acad
ZJS		 1189 if (!streq_ptr(u->instance, other->instance))
1190 return -EINVAL;
1191
ac155bb8 1192 if (other->job)
819e213f
LP		 1193 return -EEXIST;
1194
e0209d83
MS		 1195 if (other->nop_job)
1196 return -EEXIST;
1197
fdf20a31 1198 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
819e213f
LP		 1199 return -EEXIST;
1200
15ed3c3a
LP		 1201 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1202 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1203 r = unit_reserve_dependencies(u, other);
1204 if (r < 0)
1205 return r;
09a65f92 1206
57020a3a 1207 /* Redirect all references */
7f7d01ed
ZJS		 1208 while (other->refs_by_target)
1209 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
57020a3a 1210
87f0e418 1211 /* Merge dependencies */
15ed3c3a 1212 unit_merge_dependencies(u, other);
87f0e418 1213
1d0c81a0
YW		 1214 /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */
1215 r = unit_merge_names(u, other);
1216 if (r < 0)
1217 return r;
1218
ac155bb8
MS		 1219 other->load_state = UNIT_MERGED;
1220 other->merged_into = u;
23a177ef 1221
48b92b37
LB		 1222 if (!u->activation_details)
1223 u->activation_details = activation_details_ref(other->activation_details);
1224
3616a49c
LP		 1225 /* If there is still some data attached to the other node, we
1226 * don't need it anymore, and can free it. */
ac155bb8 1227 if (other->load_state != UNIT_STUB)
3616a49c
LP		 1228 if (UNIT_VTABLE(other)->done)
1229 UNIT_VTABLE(other)->done(other);
1230
1231 unit_add_to_dbus_queue(u);
23a177ef
LP		 1232 unit_add_to_cleanup_queue(other);
1233
1234 return 0;
1235}
1236
1237int unit_merge_by_name(Unit *u, const char *name) {
934e749e 1238 _cleanup_free_ char *s = NULL;
23a177ef 1239 Unit *other;
9e2f7c11 1240 int r;
23a177ef 1241
e8630e69
ZJS		 1242 /* Either add name to u, or if a unit with name already exists, merge it with u.
1243 * If name is a template, do the same for name@instance, where instance is u's instance. */
1244
23a177ef
LP		 1245 assert(u);
1246 assert(name);
1247
7410616c 1248 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
ac155bb8 1249 if (!u->instance)
9e2f7c11
LP		 1250 return -EINVAL;
1251
7410616c
LP		 1252 r = unit_name_replace_instance(name, u->instance, &s);
1253 if (r < 0)
1254 return r;
9e2f7c11
LP		 1255
1256 name = s;
1257 }
1258
c2756a68 1259 other = manager_get_unit(u->manager, name);
7410616c
LP		 1260 if (other)
1261 return unit_merge(u, other);
23a177ef 1262
7410616c 1263 return unit_add_name(u, name);
23a177ef
LP		 1264}
1265
1266Unit* unit_follow_merge(Unit *u) {
1267 assert(u);
1268
ac155bb8
MS		 1269 while (u->load_state == UNIT_MERGED)
1270 assert_se(u = u->merged_into);
23a177ef
LP		 1271
1272 return u;
1273}
1274
1275int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1276 int r;
1277
1278 assert(u);
1279 assert(c);
1280
a8c5a4c6
YW		 1281 /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */
1282
61aa5f70
LB		 1283 if (c->working_directory) {
1284 r = unit_add_mounts_for(
1285 u,
1286 c->working_directory,
1287 UNIT_DEPENDENCY_FILE,
1288 c->working_directory_missing_ok ? UNIT_MOUNT_WANTS : UNIT_MOUNT_REQUIRES);
36be24c8
ZJS		 1289 if (r < 0)
1290 return r;
1291 }
1292
1293 if (c->root_directory) {
ebc75103 1294 r = unit_add_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
36be24c8
ZJS		 1295 if (r < 0)
1296 return r;
1297 }
1298
915e6d16 1299 if (c->root_image) {
ebc75103 1300 r = unit_add_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
915e6d16
LP		 1301 if (r < 0)
1302 return r;
1303 }
1304
12375b95 1305 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
ada5e276
YW		 1306 if (!u->manager->prefix[dt])
1307 continue;
1308
211a3d87 1309 for (size_t i = 0; i < c->directories[dt].n_items; i++) {
c2b2df60 1310 _cleanup_free_ char *p = NULL;
ada5e276 1311
211a3d87 1312 p = path_join(u->manager->prefix[dt], c->directories[dt].items[i].path);
ada5e276
YW		 1313 if (!p)
1314 return -ENOMEM;
1315
9e615fa3 1316 r = unit_add_mounts_for(u, p, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_REQUIRES);
ada5e276
YW		 1317 if (r < 0)
1318 return r;
1319 }
1320 }
1321
463d0d15 1322 if (!MANAGER_IS_SYSTEM(u->manager))
b46a529c
LP		 1323 return 0;
1324
f3b7a79b
LP		 1325 /* For the following three directory types we need write access, and /var/ is possibly on the root
1326 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
211a3d87
LB		 1327 if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 ||
1328 c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 ||
1329 c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) {
f3b7a79b
LP		 1330 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1331 if (r < 0)
1332 return r;
1333 }
1334
b46a529c 1335 if (c->private_tmp) {
46d45f90 1336 r = unit_add_mounts_for(u, "/tmp", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1337 if (r < 0)
1338 return r;
1339
8284c2cb 1340 r = unit_add_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS);
b2c7d1bb
FB		 1341 if (r < 0)
1342 return r;
b46a529c 1343
35d8c19a 1344 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
b46a529c
LP		 1345 if (r < 0)
1346 return r;
1347 }
1348
33b58dfb
LP		 1349 if (c->root_image) {
1350 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1351 * implicit dependency on udev */
1352
1353 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1354 if (r < 0)
1355 return r;
1356 }
1357
52c239d7
LB		 1358 if (!IN_SET(c->std_output,
1359 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1360 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
52c239d7
LB		 1361 !IN_SET(c->std_error,
1362 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
f3dc6af2 1363 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
91dd5f7c 1364 !c->log_namespace)
23a177ef
LP		 1365 return 0;
1366
91dd5f7c
LP		 1367 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1368 * is run first. */
1369
1370 if (c->log_namespace) {
dc5437c7 1371 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
23a177ef 1372
91dd5f7c
LP		 1373 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1374 if (r < 0)
1375 return r;
1376
1377 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1378 if (r < 0)
1379 return r;
dc5437c7
LP		 1380
1381 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1382 if (r < 0)
1383 return r;
1384
1385 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1386 if (r < 0)
1387 return r;
7d202fb3 1388 } else {
91dd5f7c 1389 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
ce18c396
LP		 1390 if (r < 0)
1391 return r;
1392 }
1393
7d202fb3
YW		 1394 r = unit_add_default_credential_dependencies(u, c);
1395 if (r < 0)
1396 return r;
1397
87f0e418
LP		 1398 return 0;
1399}
1400
04d232d8 1401const char* unit_description(Unit *u) {
87f0e418
LP		 1402 assert(u);
1403
ac155bb8
MS		 1404 if (u->description)
1405 return u->description;
87f0e418 1406
ac155bb8 1407 return strna(u->id);
87f0e418
LP		 1408}
1409
e6a16a82 1410const char* unit_status_string(Unit *u, char **ret_combined_buffer) {
2a8f53c6 1411 assert(u);
04d232d8 1412 assert(u->id);
2a8f53c6 1413
04d232d8
ZJS		 1414 /* Return u->id, u->description, or "{u->id} - {u->description}".
1415 * Versions with u->description are only used if it is set.
e6a16a82
ZJS		 1416 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1417 * pointer.
1418 *
1419 * Note that *ret_combined_buffer may be set to NULL. */
04d232d8
ZJS		 1420
1421 if (!u->description ||
1422 u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME ||
e6a16a82
ZJS		 1423 (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) ||
1424 streq(u->description, u->id)) {
1425
1426 if (ret_combined_buffer)
1427 *ret_combined_buffer = NULL;
2a8f53c6 1428 return u->id;
e6a16a82 1429 }
2a8f53c6 1430
e6a16a82
ZJS		 1431 if (ret_combined_buffer) {
1432 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) {
1433 *ret_combined_buffer = strjoin(u->id, " - ", u->description);
1434 if (*ret_combined_buffer)
1435 return *ret_combined_buffer;
1436 log_oom(); /* Fall back to ->description */
04d232d8 1437 } else
e6a16a82 1438 *ret_combined_buffer = NULL;
04d232d8
ZJS		 1439 }
1440
1441 return u->description;
2a8f53c6
ZJS		 1442}
1443
87f0e418 1444/* Common implementation for multiple backends */
c3620770 1445int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
23a177ef
LP		 1446 int r;
1447
1448 assert(u);
23a177ef 1449
e48614c4 1450 /* Load a .{service,socket,...} file */
4ad49000
LP		 1451 r = unit_load_fragment(u);
1452 if (r < 0)
23a177ef
LP		 1453 return r;
1454
c3620770
ZJS		 1455 if (u->load_state == UNIT_STUB) {
1456 if (fragment_required)
1457 return -ENOENT;
1458
1459 u->load_state = UNIT_LOADED;
1460 }
23a177ef 1461
9e4ea9cc
ZJS		 1462 /* Load drop-in directory data. If u is an alias, we might be reloading the
1463 * target unit needlessly. But we cannot be sure which drops-ins have already
1464 * been loaded and which not, at least without doing complicated book-keeping,
1465 * so let's always reread all drop-ins. */
c9e06956
ZJS		 1466 r = unit_load_dropin(unit_follow_merge(u));
1467 if (r < 0)
1468 return r;
1469
1470 if (u->source_path) {
1471 struct stat st;
1472
1473 if (stat(u->source_path, &st) >= 0)
1474 u->source_mtime = timespec_load(&st.st_mtim);
1475 else
1476 u->source_mtime = 0;
1477 }
1478
1479 return 0;
23a177ef
LP		 1480}
1481
19496554 1482void unit_add_to_target_deps_queue(Unit *u) {
fbd747a4 1483 Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager);
c9958c4f 1484
19496554
MS		 1485 if (u->in_target_deps_queue)
1486 return;
1487
1488 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1489 u->in_target_deps_queue = true;
1490}
1491
bba34eed 1492int unit_add_default_target_dependency(Unit *u, Unit *target) {
98bc2000
LP		 1493 assert(u);
1494 assert(target);
1495
ac155bb8 1496 if (target->type != UNIT_TARGET)
98bc2000
LP		 1497 return 0;
1498
35b8ca3a 1499 /* Only add the dependency if both units are loaded, so that
bba34eed 1500 * that loop check below is reliable */
ac155bb8
MS		 1501 if (u->load_state != UNIT_LOADED ||
1502 target->load_state != UNIT_LOADED)
bba34eed
LP		 1503 return 0;
1504
21256a2b
LP		 1505 /* If either side wants no automatic dependencies, then let's
1506 * skip this */
ac155bb8
MS		 1507 if (!u->default_dependencies ||
1508 !target->default_dependencies)
21256a2b
LP		 1509 return 0;
1510
98bc2000 1511 /* Don't create loops */
15ed3c3a 1512 if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u))
98bc2000
LP		 1513 return 0;
1514
eef85c4a 1515 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
98bc2000
LP		 1516}
1517
e954c9cf 1518static int unit_add_slice_dependencies(Unit *u) {
12f64221 1519 Unit *slice;
e954c9cf 1520 assert(u);
b81884e7 1521
35b7ff80 1522 if (!UNIT_HAS_CGROUP_CONTEXT(u))
e954c9cf
LP		 1523 return 0;
1524
eef85c4a
LP		 1525 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1526 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1527 relationship). */
f6173cb9 1528 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
eef85c4a 1529
12f64221
LP		 1530 slice = UNIT_GET_SLICE(u);
1531 if (slice)
1532 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask);
e954c9cf 1533
8c8da0e0 1534 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
d1fab3fe
ZJS		 1535 return 0;
1536
5a724170 1537 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
98bc2000
LP		 1538}
1539
e954c9cf 1540static int unit_add_mount_dependencies(Unit *u) {
a8c5a4c6 1541 bool changed = false;
9588bc32
LP		 1542 int r;
1543
1544 assert(u);
1545
9e615fa3
LB		 1546 for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) {
1547 UnitDependencyInfo di;
1548 const char *path;
9588bc32 1549
9e615fa3 1550 HASHMAP_FOREACH_KEY(di.data, path, u->mounts_for[t]) {
9588bc32 1551
9e615fa3 1552 char prefix[strlen(ASSERT_PTR(path)) + 1];
c7c89abb 1553
9e615fa3
LB		 1554 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1555 _cleanup_free_ char *p = NULL;
1556 Unit *m;
9588bc32 1557
9e615fa3
LB		 1558 r = unit_name_from_path(prefix, ".mount", &p);
1559 if (r == -EINVAL)
1560 continue; /* If the path cannot be converted to a mount unit name,
1561 * then it's not manageable as a unit by systemd, and
1562 * hence we don't need a dependency on it. Let's thus
1563 * silently ignore the issue. */
1564 if (r < 0)
1565 return r;
9588bc32 1566
9e615fa3
LB		 1567 m = manager_get_unit(u->manager, p);
1568 if (!m) {
1569 /* Make sure to load the mount unit if it exists. If so the
1570 * dependencies on this unit will be added later during the loading
1571 * of the mount unit. */
1572 (void) manager_load_unit_prepare(
1573 u->manager,
1574 p,
1575 /* path= */NULL,
1576 /* e= */NULL,
1577 &m);
1578 continue;
1579 }
1580 if (m == u)
1581 continue;
1582
1583 if (m->load_state != UNIT_LOADED)
1584 continue;
9588bc32 1585
9e615fa3
LB		 1586 r = unit_add_dependency(
1587 u,
1588 UNIT_AFTER,
1589 m,
1590 /* add_reference= */ true,
1591 di.origin_mask);
9588bc32
LP		 1592 if (r < 0)
1593 return r;
a8c5a4c6 1594 changed = changed || r > 0;
9e615fa3
LB		 1595
1596 if (m->fragment_path) {
1597 r = unit_add_dependency(
1598 u,
1599 unit_mount_dependency_type_to_dependency_type(t),
1600 m,
1601 /* add_reference= */ true,
1602 di.origin_mask);
1603 if (r < 0)
1604 return r;
1605 changed = changed || r > 0;
1606 }
9588bc32
LP		 1607 }
1608 }
1609 }
1610
a8c5a4c6 1611 return changed;
9588bc32
LP		 1612}
1613
a2db0225
AZ		 1614static int unit_add_oomd_dependencies(Unit *u) {
1615 CGroupContext *c;
2a4efebb
ZJS		 1616 CGroupMask mask;
1617 int r;
a2db0225
AZ		 1618
1619 assert(u);
1620
1621 if (!u->default_dependencies)
1622 return 0;
1623
1624 c = unit_get_cgroup_context(u);
1625 if (!c)
1626 return 0;
1627
2a4efebb 1628 bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL;
a2db0225
AZ		 1629 if (!wants_oomd)
1630 return 0;
1631
2a4efebb
ZJS		 1632 if (!cg_all_unified())
1633 return 0;
1634
1635 r = cg_mask_supported(&mask);
1636 if (r < 0)
1637 return log_debug_errno(r, "Failed to determine supported controllers: %m");
1638
1639 if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY))
1640 return 0;
1641
a8c5a4c6 1642 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE);
a2db0225
AZ		 1643}
1644
95ae05c0 1645static int unit_add_startup_units(Unit *u) {
9dfb6a3a 1646 if (!unit_has_startup_cgroup_constraints(u))
db785129
LP		 1647 return 0;
1648
de7fef4b 1649 return set_ensure_put(&u->manager->startup_units, NULL, u);
95ae05c0
WC		 1650}
1651
294446dc
LP		 1652static int unit_validate_on_failure_job_mode(
1653 Unit *u,
1654 const char *job_mode_setting,
1655 JobMode job_mode,
1656 const char *dependency_name,
1657 UnitDependencyAtom atom) {
1658
1659 Unit *other, *found = NULL;
1660
1661 if (job_mode != JOB_ISOLATE)
1662 return 0;
1663
1664 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
1665 if (!found)
1666 found = other;
1667 else if (found != other)
1668 return log_unit_error_errno(
1669 u, SYNTHETIC_ERRNO(ENOEXEC),
1670 "More than one %s dependencies specified but %sisolate set. Refusing.",
1671 dependency_name, job_mode_setting);
1672 }
1673
1674 return 0;
1675}
1676
87f0e418
LP		 1677int unit_load(Unit *u) {
1678 int r;
1679
1680 assert(u);
1681
ac155bb8 1682 if (u->in_load_queue) {
71fda00f 1683 LIST_REMOVE(load_queue, u->manager->load_queue, u);
ac155bb8 1684 u->in_load_queue = false;
87f0e418
LP		 1685 }
1686
ac155bb8 1687 if (u->type == _UNIT_TYPE_INVALID)
e537352b
LP		 1688 return -EINVAL;
1689
ac155bb8 1690 if (u->load_state != UNIT_STUB)
87f0e418
LP		 1691 return 0;
1692
4f4afc88 1693 if (u->transient_file) {
66fa4bdd
LP		 1694 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1695 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1696
4f4afc88
LP		 1697 r = fflush_and_check(u->transient_file);
1698 if (r < 0)
1699 goto fail;
1700
50fb00b7 1701 u->transient_file = safe_fclose(u->transient_file);
f76707da 1702 u->fragment_mtime = now(CLOCK_REALTIME);
4f4afc88
LP		 1703 }
1704
c3784a7d
ZJS		 1705 r = UNIT_VTABLE(u)->load(u);
1706 if (r < 0)
23a177ef 1707 goto fail;
c3784a7d
ZJS		 1708
1709 assert(u->load_state != UNIT_STUB);
23a177ef 1710
7c8fa05c 1711 if (u->load_state == UNIT_LOADED) {
19496554 1712 unit_add_to_target_deps_queue(u);
e954c9cf
LP		 1713
1714 r = unit_add_slice_dependencies(u);
1715 if (r < 0)
1716 goto fail;
c2756a68 1717
e954c9cf 1718 r = unit_add_mount_dependencies(u);
7c8fa05c 1719 if (r < 0)
c2756a68 1720 goto fail;
7c8fa05c 1721
a2db0225
AZ		 1722 r = unit_add_oomd_dependencies(u);
1723 if (r < 0)
1724 goto fail;
1725
95ae05c0
WC		 1726 r = unit_add_startup_units(u);
1727 if (r < 0)
1728 goto fail;
1729
294446dc
LP		 1730 r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS);
1731 if (r < 0)
1732 goto fail;
15ed3c3a 1733
294446dc
LP		 1734 r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE);
1735 if (r < 0)
1736 goto fail;
bc432dc7 1737
a2df3ea4
MK		 1738 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1739 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1740
5af88058
LP		 1741 /* We finished loading, let's ensure our parents recalculate the members mask */
1742 unit_invalidate_cgroup_members_masks(u);
f68319bb
LP		 1743 }
1744
ac155bb8 1745 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
23a177ef
LP		 1746
1747 unit_add_to_dbus_queue(unit_follow_merge(u));
701cc384 1748 unit_add_to_gc_queue(u);
f561e8c6 1749 (void) manager_varlink_send_managed_oom_update(u);
87f0e418 1750
87f0e418
LP		 1751 return 0;
1752
1753fail:
81be2388
ZJS		 1754 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1755 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
c4555ad8
LP		 1756
1757 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1758 r == -ENOEXEC ? UNIT_BAD_SETTING :
1759 UNIT_ERROR;
ac155bb8 1760 u->load_error = r;
c4555ad8 1761
c149d2b4
ZJS		 1762 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1763 * an attempt is made to load this unit, we know we need to check again. */
7233e91a 1764 if (u->load_state == UNIT_NOT_FOUND)
c2911d48 1765 u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash;
7233e91a 1766
c1e1601e 1767 unit_add_to_dbus_queue(u);
9a46fc3b 1768 unit_add_to_gc_queue(u);
23a177ef 1769
c4555ad8 1770 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
87f0e418
LP		 1771}
1772
f9f88198
YW		 1773_printf_(7, 8)
1774static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1775 Unit *u = userdata;
1776 va_list ap;
1777 int r;
49365733 1778
c2503e35
RH		 1779 if (u && !unit_log_level_test(u, level))
1780 return -ERRNO_VALUE(error);
1781
f9f88198
YW		 1782 va_start(ap, format);
1783 if (u)
1784 r = log_object_internalv(level, error, file, line, func,
1785 u->manager->unit_log_field,
1786 u->id,
1787 u->manager->invocation_log_field,
1788 u->invocation_id_string,
1789 format, ap);
1790 else
1791 r = log_internalv(level, error, file, line, func, format, ap);
1792 va_end(ap);
49365733 1793
f9f88198 1794 return r;
49365733
LP		 1795}
1796
97a3f4ee 1797static bool unit_test_condition(Unit *u) {
a0b191b7
LP		 1798 _cleanup_strv_free_ char **env = NULL;
1799 int r;
1800
90bbc946
LP		 1801 assert(u);
1802
fa5a0251 1803 dual_timestamp_now(&u->condition_timestamp);
90bbc946 1804
a0b191b7
LP		 1805 r = manager_get_effective_environment(u->manager, &env);
1806 if (r < 0) {
1807 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
d52cc0a5 1808 u->condition_result = true;
a0b191b7
LP		 1809 } else
1810 u->condition_result = condition_test_list(
1811 u->conditions,
1812 env,
1813 condition_type_to_string,
1814 log_unit_internal,
1815 u);
e18f8852 1816
a0b191b7 1817 unit_add_to_dbus_queue(u);
ac155bb8 1818 return u->condition_result;
90bbc946
LP		 1819}
1820
97a3f4ee 1821static bool unit_test_assert(Unit *u) {
a0b191b7
LP		 1822 _cleanup_strv_free_ char **env = NULL;
1823 int r;
1824
59fccdc5
LP		 1825 assert(u);
1826
fa5a0251 1827 dual_timestamp_now(&u->assert_timestamp);
59fccdc5 1828
a0b191b7
LP		 1829 r = manager_get_effective_environment(u->manager, &env);
1830 if (r < 0) {
1831 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1832 u->assert_result = CONDITION_ERROR;
1833 } else
1834 u->assert_result = condition_test_list(
1835 u->asserts,
1836 env,
1837 assert_type_to_string,
1838 log_unit_internal,
1839 u);
e18f8852 1840
a0b191b7 1841 unit_add_to_dbus_queue(u);
59fccdc5
LP		 1842 return u->assert_result;
1843}
1844
04d232d8
ZJS		 1845void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) {
1846 if (log_get_show_color()) {
1847 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' '))
1848 ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description);
1849 else
1850 ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL);
1851 }
5b262f74 1852
df446f96 1853 DISABLE_WARNING_FORMAT_NONLITERAL;
04d232d8 1854 manager_status_printf(u->manager, status_type, status, format, ident);
df446f96
LP		 1855 REENABLE_WARNING;
1856}
1857
97a3f4ee 1858int unit_test_start_limit(Unit *u) {
429926e9
TR		 1859 const char *reason;
1860
6bf0f408
LP		 1861 assert(u);
1862
7bf081a1 1863 if (ratelimit_below(&u->start_ratelimit)) {
6bf0f408
LP		 1864 u->start_limit_hit = false;
1865 return 0;
1866 }
1867
1868 log_unit_warning(u, "Start request repeated too quickly.");
1869 u->start_limit_hit = true;
1870
429926e9
TR		 1871 reason = strjoina("unit ", u->id, " failed");
1872
36c4dc08
LP		 1873 emergency_action(u->manager, u->start_limit_action,
1874 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1875 u->reboot_arg, -1, reason);
1876
1877 return -ECANCELED;
6bf0f408
LP		 1878}
1879
631b676b
LP		 1880static bool unit_verify_deps(Unit *u) {
1881 Unit *other;
631b676b
LP		 1882
1883 assert(u);
1884
defe63b0
LP		 1885 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1886 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1887 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1888 * that are not used in conjunction with After= as for them any such check would make things entirely
1889 * racy. */
631b676b 1890
15ed3c3a 1891 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
631b676b 1892
15ed3c3a 1893 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other))
631b676b
LP		 1894 continue;
1895
1896 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1897 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1898 return false;
1899 }
1900 }
1901
1902 return true;
1903}
1904
9adb6959 1905/* Errors that aren't really errors:
6bf0f408 1906 * -EALREADY: Unit is already started.
9adb6959 1907 * -ECOMM: Condition failed
6bf0f408 1908 * -EAGAIN: An operation is already in progress. Retry later.
9adb6959
LP		 1909 *
1910 * Errors that are real errors:
1911 * -EBADR: This unit type does not support starting.
2de9b979 1912 * -ECANCELED: Start limit hit, too many requests for now
6bf0f408
LP		 1913 * -EPROTO: Assert failed
1914 * -EINVAL: Unit not loaded
1915 * -EOPNOTSUPP: Unit type not supported
631b676b 1916 * -ENOLINK: The necessary dependencies are not fulfilled.
d4fd1cf2 1917 * -ESTALE: This unit has been started before and can't be started a second time
a4191c9f 1918 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
87f0e418 1919 */
48b92b37 1920int unit_start(Unit *u, ActivationDetails *details) {
87f0e418 1921 UnitActiveState state;
92ab323c 1922 Unit *following;
5f37c1a9 1923 int r;
87f0e418
LP		 1924
1925 assert(u);
1926
47261967
LP		 1927 /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */
1928 if (UNIT_VTABLE(u)->subsystem_ratelimited) {
1929 r = UNIT_VTABLE(u)->subsystem_ratelimited(u->manager);
1930 if (r < 0)
1931 return r;
1932 if (r > 0)
1933 return -EAGAIN;
1934 }
b161bc39 1935
5766aca8
LP		 1936 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1937 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1938 * waiting is finished. */
87f0e418
LP		 1939 state = unit_active_state(u);
1940 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1941 return -EALREADY;
380dc8b0
LP		 1942 if (state == UNIT_MAINTENANCE)
1943 return -EAGAIN;
87f0e418 1944
6bf0f408
LP		 1945 /* Units that aren't loaded cannot be started */
1946 if (u->load_state != UNIT_LOADED)
1947 return -EINVAL;
1948
d4fd1cf2
LP		 1949 /* Refuse starting scope units more than once */
1950 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1951 return -ESTALE;
1952
4e1ac54e 1953 /* If the conditions were unmet, don't do anything at all. If we already are activating this call might
5766aca8
LP		 1954 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1955 * recheck the condition in that case. */
a82e5507 1956 if (state != UNIT_ACTIVATING &&
5af6aa58 1957 !unit_test_condition(u))
4e1ac54e 1958 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition not met. Not starting unit.");
52661efd 1959
59fccdc5
LP		 1960 /* If the asserts failed, fail the entire job */
1961 if (state != UNIT_ACTIVATING &&
5766aca8
LP		 1962 !unit_test_assert(u))
1963 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
59fccdc5 1964
5766aca8
LP		 1965 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1966 * condition checks, so that we rather return condition check errors (which are usually not
1967 * considered a true failure) than "not supported" errors (which are considered a failure).
d11a7645 1968 */
96cf3ec9 1969 if (!unit_type_supported(u->type))
d11a7645
LP		 1970 return -EOPNOTSUPP;
1971
5766aca8
LP		 1972 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1973 * should have taken care of this already, but let's check this here again. After all, our
413e8650 1974 * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */
631b676b
LP		 1975 if (!unit_verify_deps(u))
1976 return -ENOLINK;
1977
92ab323c 1978 /* Forward to the main object, if we aren't it. */
52990c2e
ZJS		 1979 following = unit_following(u);
1980 if (following) {
f2341e0a 1981 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
48b92b37 1982 return unit_start(following, details);
92ab323c
LP		 1983 }
1984
705578c3
MS		 1985 /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */
1986 if (UNIT_VTABLE(u)->can_start) {
1987 r = UNIT_VTABLE(u)->can_start(u);
ce2146f5
DDM		 1988 if (r < 0)
1989 return r;
1990 }
1991
92ab323c
LP		 1992 /* If it is stopped, but we cannot start it, then fail */
1993 if (!UNIT_VTABLE(u)->start)
1994 return -EBADR;
1995
5766aca8
LP		 1996 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1997 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1998 * waits for a holdoff timer to elapse before it will start again. */
87f0e418 1999
c1e1601e 2000 unit_add_to_dbus_queue(u);
d9e45bc3 2001 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 2002
48b92b37
LB		 2003 if (!u->activation_details) /* Older details object wins */
2004 u->activation_details = activation_details_ref(details);
2005
d1a34ae9 2006 return UNIT_VTABLE(u)->start(u);
87f0e418
LP		 2007}
2008
2009bool unit_can_start(Unit *u) {
2010 assert(u);
2011
8ff4d2ab
LP		 2012 if (u->load_state != UNIT_LOADED)
2013 return false;
2014
96cf3ec9 2015 if (!unit_type_supported(u->type))
8ff4d2ab
LP		 2016 return false;
2017
d4fd1cf2
LP		 2018 /* Scope units may be started only once */
2019 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
2020 return false;
2021
87f0e418
LP		 2022 return !!UNIT_VTABLE(u)->start;
2023}
2024
2528a7a6
LP		 2025bool unit_can_isolate(Unit *u) {
2026 assert(u);
2027
2028 return unit_can_start(u) &&
ac155bb8 2029 u->allow_isolate;
2528a7a6
LP		 2030}
2031
87f0e418
LP		 2032/* Errors:
2033 * -EBADR: This unit type does not support stopping.
2034 * -EALREADY: Unit is already stopped.
2035 * -EAGAIN: An operation is already in progress. Retry later.
2036 */
2037int unit_stop(Unit *u) {
2038 UnitActiveState state;
92ab323c 2039 Unit *following;
87f0e418
LP		 2040
2041 assert(u);
2042
87f0e418 2043 state = unit_active_state(u);
fdf20a31 2044 if (UNIT_IS_INACTIVE_OR_FAILED(state))
87f0e418
LP		 2045 return -EALREADY;
2046
0faacd47
LP		 2047 following = unit_following(u);
2048 if (following) {
f2341e0a 2049 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
92ab323c
LP		 2050 return unit_stop(following);
2051 }
2052
7898b0cf
LP		 2053 if (!UNIT_VTABLE(u)->stop)
2054 return -EBADR;
2055
c1e1601e 2056 unit_add_to_dbus_queue(u);
d9e45bc3 2057 unit_cgroup_freezer_action(u, FREEZER_THAW);
9e58ff9c 2058
d1a34ae9 2059 return UNIT_VTABLE(u)->stop(u);
87f0e418
LP		 2060}
2061
f5869324
LP		 2062bool unit_can_stop(Unit *u) {
2063 assert(u);
2064
39c79477
ZJS		 2065 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
2066 * Extrinsic units follow external state and they may stop following external state changes
2067 * (hence we return true here), but an attempt to do this through the manager will fail. */
2068
96cf3ec9 2069 if (!unit_type_supported(u->type))
f5869324
LP		 2070 return false;
2071
2072 if (u->perpetual)
2073 return false;
2074
2075 return !!UNIT_VTABLE(u)->stop;
2076}
2077
87f0e418
LP		 2078/* Errors:
2079 * -EBADR: This unit type does not support reloading.
2080 * -ENOEXEC: Unit is not started.
2081 * -EAGAIN: An operation is already in progress. Retry later.
2082 */
2083int unit_reload(Unit *u) {
2084 UnitActiveState state;
92ab323c 2085 Unit *following;
87f0e418
LP		 2086
2087 assert(u);
2088
ac155bb8 2089 if (u->load_state != UNIT_LOADED)
6124958c
LP		 2090 return -EINVAL;
2091
87f0e418
LP		 2092 if (!unit_can_reload(u))
2093 return -EBADR;
2094
2095 state = unit_active_state(u);
e364ad06 2096 if (state == UNIT_RELOADING)
6255af75 2097 return -EAGAIN;
87f0e418 2098
d85ff944
YW		 2099 if (state != UNIT_ACTIVE)
2100 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive.");
87f0e418 2101
e48614c4
ZJS		 2102 following = unit_following(u);
2103 if (following) {
f2341e0a 2104 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
92ab323c
LP		 2105 return unit_reload(following);
2106 }
2107
c1e1601e 2108 unit_add_to_dbus_queue(u);
82a2b6bb 2109
f54bcca5
JR		 2110 if (!UNIT_VTABLE(u)->reload) {
2111 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
96b09de5 2112 unit_notify(u, unit_active_state(u), unit_active_state(u), /* reload_success = */ true);
f54bcca5
JR		 2113 return 0;
2114 }
2115
d9e45bc3
MS		 2116 unit_cgroup_freezer_action(u, FREEZER_THAW);
2117
d1a34ae9 2118 return UNIT_VTABLE(u)->reload(u);
87f0e418
LP		 2119}
2120
2121bool unit_can_reload(Unit *u) {
2122 assert(u);
2123
f54bcca5
JR		 2124 if (UNIT_VTABLE(u)->can_reload)
2125 return UNIT_VTABLE(u)->can_reload(u);
87f0e418 2126
15ed3c3a 2127 if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL))
87f0e418
LP		 2128 return true;
2129
f54bcca5 2130 return UNIT_VTABLE(u)->reload;
87f0e418
LP		 2131}
2132
a3c1168a 2133bool unit_is_unneeded(Unit *u) {
15ed3c3a 2134 Unit *other;
f3bff0eb
LP		 2135 assert(u);
2136
ac155bb8 2137 if (!u->stop_when_unneeded)
a3c1168a 2138 return false;
f3bff0eb 2139
a3c1168a 2140 /* Don't clean up while the unit is transitioning or is even inactive. */
116654d2 2141 if (unit_active_state(u) != UNIT_ACTIVE)
a3c1168a
LP		 2142 return false;
2143 if (u->job)
2144 return false;
f3bff0eb 2145
15ed3c3a 2146 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) {
fda09318 2147 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
a3c1168a 2148 * restart, then don't clean this one up. */
b81884e7 2149
15ed3c3a
LP		 2150 if (other->job)
2151 return false;
a3c1168a 2152
15ed3c3a
LP		 2153 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2154 return false;
a3c1168a 2155
15ed3c3a
LP		 2156 if (unit_will_restart(other))
2157 return false;
bea355da
LP		 2158 }
2159
a3c1168a
LP		 2160 return true;
2161}
f3bff0eb 2162
0bc488c9
LP		 2163bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) {
2164 Unit *other;
2165
2166 assert(u);
2167
2168 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2169 * that is active declared an Uphold= dependencies on it */
2170
2171 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) {
2172 if (ret_culprit)
2173 *ret_culprit = NULL;
2174 return false;
2175 }
2176
2177 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) {
2178 if (other->job)
2179 continue;
2180
2181 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
2182 if (ret_culprit)
2183 *ret_culprit = other;
2184 return true;
2185 }
2186 }
2187
2188 if (ret_culprit)
2189 *ret_culprit = NULL;
2190 return false;
2191}
2192
56c59592
LP		 2193bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) {
2194 Unit *other;
2195
2196 assert(u);
2197
2198 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
7802194a 2199 * because the other unit is down. */
56c59592
LP		 2200
2201 if (unit_active_state(u) != UNIT_ACTIVE || u->job) {
2202 /* Don't clean up while the unit is transitioning or is even inactive. */
2203 if (ret_culprit)
2204 *ret_culprit = NULL;
2205 return false;
2206 }
2207
2208 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) {
2209 if (other->job)
2210 continue;
2211
2212 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
3da36106 2213 if (ret_culprit)
56c59592
LP		 2214 *ret_culprit = other;
2215
2216 return true;
2217 }
2218 }
2219
2220 if (ret_culprit)
2221 *ret_culprit = NULL;
2222 return false;
2223}
2224
a3c1168a 2225static void check_unneeded_dependencies(Unit *u) {
15ed3c3a 2226 Unit *other;
a3c1168a
LP		 2227 assert(u);
2228
2229 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2230
15ed3c3a
LP		 2231 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE)
2232 unit_submit_to_stop_when_unneeded_queue(other);
f3bff0eb
LP		 2233}
2234
0bc488c9
LP		 2235static void check_uphold_dependencies(Unit *u) {
2236 Unit *other;
2237 assert(u);
2238
2239 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2240
2241 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE)
2242 unit_submit_to_start_when_upheld_queue(other);
2243}
2244
56c59592 2245static void check_bound_by_dependencies(Unit *u) {
ff502445 2246 Unit *other;
ff502445
LP		 2247 assert(u);
2248
56c59592 2249 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
ff502445 2250
56c59592
LP		 2251 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE)
2252 unit_submit_to_stop_when_bound_queue(other);
ff502445
LP		 2253}
2254
87f0e418 2255static void retroactively_start_dependencies(Unit *u) {
87f0e418
LP		 2256 Unit *other;
2257
2258 assert(u);
2259 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2260
15ed3c3a
LP		 2261 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */
2262 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2263 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2264 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
b81884e7 2265
15ed3c3a
LP		 2266 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */
2267 if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) &&
b81884e7 2268 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
50cbaba4 2269 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
87f0e418 2270
15ed3c3a 2271 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */
b81884e7 2272 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2273 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
87f0e418
LP		 2274}
2275
2276static void retroactively_stop_dependencies(Unit *u) {
87f0e418
LP		 2277 Unit *other;
2278
2279 assert(u);
2280 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2281
b81884e7 2282 /* Pull down units which are bound to us recursively if enabled */
15ed3c3a 2283 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */
b81884e7 2284 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
50cbaba4 2285 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
cd0504d0
MS		 2286}
2287
294446dc
LP		 2288void unit_start_on_failure(
2289 Unit *u,
2290 const char *dependency_name,
2291 UnitDependencyAtom atom,
2292 JobMode job_mode) {
2293
82acee14 2294 int n_jobs = -1;
c0daa706 2295 Unit *other;
7f66b026 2296 int r;
c0daa706
LP		 2297
2298 assert(u);
294446dc
LP		 2299 assert(dependency_name);
2300 assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE));
2301
2302 /* Act on OnFailure= and OnSuccess= dependencies */
c0daa706 2303
294446dc 2304 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
7f66b026 2305 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
222ae6a8 2306
82acee14 2307 if (n_jobs < 0) {
294446dc 2308 log_unit_info(u, "Triggering %s dependencies.", dependency_name);
82acee14 2309 n_jobs = 0;
15ed3c3a
LP		 2310 }
2311
95c81c55 2312 r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL);
c1b6628d 2313 if (r < 0)
294446dc
LP		 2314 log_unit_warning_errno(
2315 u, r, "Failed to enqueue %s job, ignoring: %s",
2316 dependency_name, bus_error_message(&error, r));
82acee14 2317 n_jobs ++;
222ae6a8 2318 }
294446dc 2319
82acee14 2320 if (n_jobs >= 0)
c0f86d66 2321 log_unit_debug(u, "Triggering %s dependencies done (%i %s).",
82acee14 2322 dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs");
c0daa706
LP		 2323}
2324
3ecaa09b
LP		 2325void unit_trigger_notify(Unit *u) {
2326 Unit *other;
3ecaa09b
LP		 2327
2328 assert(u);
2329
15ed3c3a 2330 UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY)
3ecaa09b
LP		 2331 if (UNIT_VTABLE(other)->trigger_notify)
2332 UNIT_VTABLE(other)->trigger_notify(other, u);
2333}
2334
37109b85
ZJS		 2335static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2336 if (condition_notice && log_level > LOG_NOTICE)
2337 return LOG_NOTICE;
2338 if (condition_info && log_level > LOG_INFO)
2339 return LOG_INFO;
2340 return log_level;
2341}
2342
915b1d01 2343static int unit_log_resources(Unit *u) {
aac3384e 2344 struct iovec iovec[1 + 2 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
bc40a20e
LP		 2345 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2346 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
162392b7 2347 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
915b1d01 2348 size_t n_message_parts = 0, n_iovec = 0;
aac3384e 2349 char* message_parts[1 + 2 + 2 + 2 + 1], *t;
915b1d01 2350 nsec_t nsec = NSEC_INFINITY;
aac3384e 2351 uint64_t memory_peak = UINT64_MAX, memory_swap_peak = UINT64_MAX;
915b1d01
LP		 2352 int r;
2353 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2354 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2355 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2356 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2357 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2358 };
bc40a20e
LP		 2359 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2360 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2361 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2362 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2363 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2364 };
915b1d01
LP		 2365
2366 assert(u);
2367
2368 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2369 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2370 * information and the complete data in structured fields. */
2371
2372 (void) unit_get_cpu_usage(u, &nsec);
2373 if (nsec != NSEC_INFINITY) {
915b1d01
LP		 2374 /* Format the CPU time for inclusion in the structured log message */
2375 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2376 r = log_oom();
2377 goto finish;
2378 }
2379 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2380
2381 /* Format the CPU time for inclusion in the human language message string */
5291f26d 2382 t = strjoin("consumed ", FORMAT_TIMESPAN(nsec / NSEC_PER_USEC, USEC_PER_MSEC), " CPU time");
915b1d01
LP		 2383 if (!t) {
2384 r = log_oom();
2385 goto finish;
2386 }
2387
2388 message_parts[n_message_parts++] = t;
37109b85
ZJS		 2389
2390 log_level = raise_level(log_level,
ef6bb4dd
CG		 2391 nsec > MENTIONWORTHY_CPU_NSEC,
2392 nsec > NOTICEWORTHY_CPU_NSEC);
915b1d01
LP		 2393 }
2394
9824ab1f 2395 (void) unit_get_memory_accounting(u, CGROUP_MEMORY_PEAK, &memory_peak);
0531bded
FS		 2396 if (memory_peak != UINT64_MAX) {
2397 /* Format peak memory for inclusion in the structured log message */
2398 if (asprintf(&t, "MEMORY_PEAK=%" PRIu64, memory_peak) < 0) {
2399 r = log_oom();
2400 goto finish;
2401 }
2402 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2403
2404 /* Format peak memory for inclusion in the human language message string */
2405 t = strjoin(FORMAT_BYTES(memory_peak), " memory peak");
2406 if (!t) {
2407 r = log_oom();
2408 goto finish;
2409 }
2410 message_parts[n_message_parts++] = t;
b1b84bc5
MY		 2411
2412 log_level = raise_level(log_level,
2413 memory_peak > MENTIONWORTHY_MEMORY_BYTES,
2414 memory_peak > NOTICEWORTHY_MEMORY_BYTES);
0531bded
FS		 2415 }
2416
9824ab1f 2417 (void) unit_get_memory_accounting(u, CGROUP_MEMORY_SWAP_PEAK, &memory_swap_peak);
aac3384e
FS		 2418 if (memory_swap_peak != UINT64_MAX) {
2419 /* Format peak swap memory for inclusion in the structured log message */
2420 if (asprintf(&t, "MEMORY_SWAP_PEAK=%" PRIu64, memory_swap_peak) < 0) {
2421 r = log_oom();
2422 goto finish;
2423 }
2424 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2425
2426 /* Format peak swap memory for inclusion in the human language message string */
2427 t = strjoin(FORMAT_BYTES(memory_swap_peak), " memory swap peak");
2428 if (!t) {
2429 r = log_oom();
2430 goto finish;
2431 }
2432 message_parts[n_message_parts++] = t;
b1b84bc5
MY		 2433
2434 log_level = raise_level(log_level,
2435 memory_swap_peak > MENTIONWORTHY_MEMORY_BYTES,
2436 memory_swap_peak > NOTICEWORTHY_MEMORY_BYTES);
aac3384e
FS		 2437 }
2438
bc40a20e 2439 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
bc40a20e
LP		 2440 uint64_t value = UINT64_MAX;
2441
2442 assert(io_fields[k]);
2443
2444 (void) unit_get_io_accounting(u, k, k > 0, &value);
2445 if (value == UINT64_MAX)
2446 continue;
2447
2448 have_io_accounting = true;
2449 if (value > 0)
2450 any_io = true;
2451
2452 /* Format IO accounting data for inclusion in the structured log message */
2453 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2454 r = log_oom();
2455 goto finish;
2456 }
2457 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2458
2459 /* Format the IO accounting data for inclusion in the human language message string, but only
2460 * for the bytes counters (and not for the operations counters) */
2461 if (k == CGROUP_IO_READ_BYTES) {
2462 assert(!rr);
2b59bf51 2463 rr = strjoin("read ", strna(FORMAT_BYTES(value)), " from disk");
bc40a20e
LP		 2464 if (!rr) {
2465 r = log_oom();
2466 goto finish;
2467 }
2468 } else if (k == CGROUP_IO_WRITE_BYTES) {
2469 assert(!wr);
2b59bf51 2470 wr = strjoin("written ", strna(FORMAT_BYTES(value)), " to disk");
bc40a20e
LP		 2471 if (!wr) {
2472 r = log_oom();
2473 goto finish;
2474 }
2475 }
37109b85
ZJS		 2476
2477 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2478 log_level = raise_level(log_level,
2479 value > MENTIONWORTHY_IO_BYTES,
2480 value > NOTICEWORTHY_IO_BYTES);
bc40a20e
LP		 2481 }
2482
2483 if (have_io_accounting) {
2484 if (any_io) {
2485 if (rr)
2486 message_parts[n_message_parts++] = TAKE_PTR(rr);
2487 if (wr)
2488 message_parts[n_message_parts++] = TAKE_PTR(wr);
2489
2490 } else {
2491 char *k;
2492
2493 k = strdup("no IO");
2494 if (!k) {
2495 r = log_oom();
2496 goto finish;
2497 }
2498
2499 message_parts[n_message_parts++] = k;
2500 }
2501 }
2502
12375b95 2503 for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
915b1d01
LP		 2504 uint64_t value = UINT64_MAX;
2505
2506 assert(ip_fields[m]);
2507
2508 (void) unit_get_ip_accounting(u, m, &value);
2509 if (value == UINT64_MAX)
2510 continue;
82044702
LP		 2511
2512 have_ip_accounting = true;
a87b1faa
LP		 2513 if (value > 0)
2514 any_traffic = true;
915b1d01
LP		 2515
2516 /* Format IP accounting data for inclusion in the structured log message */
2517 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2518 r = log_oom();
2519 goto finish;
2520 }
2521 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2522
2523 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2524 * bytes counters (and not for the packets counters) */
a87b1faa
LP		 2525 if (m == CGROUP_IP_INGRESS_BYTES) {
2526 assert(!igress);
2b59bf51 2527 igress = strjoin("received ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2528 if (!igress) {
2529 r = log_oom();
2530 goto finish;
2531 }
2532 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2533 assert(!egress);
2b59bf51 2534 egress = strjoin("sent ", strna(FORMAT_BYTES(value)), " IP traffic");
a87b1faa
LP		 2535 if (!egress) {
2536 r = log_oom();
2537 goto finish;
2538 }
2539 }
37109b85
ZJS		 2540
2541 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2542 log_level = raise_level(log_level,
2543 value > MENTIONWORTHY_IP_BYTES,
2544 value > NOTICEWORTHY_IP_BYTES);
a87b1faa
LP		 2545 }
2546
c2503e35
RH		 2547 /* This check is here because it is the earliest point following all possible log_level assignments. If
2548 * log_level is assigned anywhere after this point, move this check. */
2549 if (!unit_log_level_test(u, log_level)) {
2550 r = 0;
2551 goto finish;
2552 }
2553
82044702
LP		 2554 if (have_ip_accounting) {
2555 if (any_traffic) {
2556 if (igress)
2557 message_parts[n_message_parts++] = TAKE_PTR(igress);
2558 if (egress)
2559 message_parts[n_message_parts++] = TAKE_PTR(egress);
a87b1faa 2560
82044702
LP		 2561 } else {
2562 char *k;
915b1d01 2563
82044702
LP		 2564 k = strdup("no IP traffic");
2565 if (!k) {
2566 r = log_oom();
2567 goto finish;
2568 }
2569
2570 message_parts[n_message_parts++] = k;
2571 }
915b1d01
LP		 2572 }
2573
2574 /* Is there any accounting data available at all? */
2575 if (n_iovec == 0) {
2576 r = 0;
2577 goto finish;
2578 }
2579
2580 if (n_message_parts == 0)
a87b1faa 2581 t = strjoina("MESSAGE=", u->id, ": Completed.");
915b1d01 2582 else {
c2b2df60 2583 _cleanup_free_ char *joined = NULL;
915b1d01
LP		 2584
2585 message_parts[n_message_parts] = NULL;
2586
2587 joined = strv_join(message_parts, ", ");
2588 if (!joined) {
2589 r = log_oom();
2590 goto finish;
2591 }
2592
ec9d636b 2593 joined[0] = ascii_toupper(joined[0]);
a87b1faa 2594 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
915b1d01
LP		 2595 }
2596
2597 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2598 * and hence don't increase n_iovec for them */
2599 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2600 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2601
2602 t = strjoina(u->manager->unit_log_field, u->id);
2603 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2604
2605 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2606 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2607
c2503e35 2608 log_unit_struct_iovec(u, log_level, iovec, n_iovec + 4);
915b1d01
LP		 2609 r = 0;
2610
2611finish:
24ae45cb 2612 free_many_charp(message_parts, n_message_parts);
915b1d01 2613
12375b95 2614 for (size_t i = 0; i < n_iovec; i++)
915b1d01
LP		 2615 free(iovec[i].iov_base);
2616
2617 return r;
2618
2619}
2620
adefcf28
LP		 2621static void unit_update_on_console(Unit *u) {
2622 bool b;
2623
2624 assert(u);
2625
2626 b = unit_needs_console(u);
2627 if (u->on_console == b)
2628 return;
2629
2630 u->on_console = b;
2631 if (b)
2632 manager_ref_console(u->manager);
2633 else
2634 manager_unref_console(u->manager);
adefcf28
LP		 2635}
2636
6eb65e7c
LP		 2637static void unit_emit_audit_start(Unit *u) {
2638 assert(u);
2639
d52b8493 2640 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2641 return;
2642
2643 /* Write audit record if we have just finished starting up */
d52b8493 2644 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ true);
6eb65e7c
LP		 2645 u->in_audit = true;
2646}
2647
2648static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2649 assert(u);
2650
d52b8493 2651 if (UNIT_VTABLE(u)->audit_start_message_type <= 0)
6eb65e7c
LP		 2652 return;
2653
2654 if (u->in_audit) {
2655 /* Write audit record if we have just finished shutting down */
d52b8493 2656 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2657 u->in_audit = false;
2658 } else {
2659 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
d52b8493 2660 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ state == UNIT_INACTIVE);
6eb65e7c
LP		 2661
2662 if (state == UNIT_INACTIVE)
d52b8493 2663 manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ true);
6eb65e7c
LP		 2664 }
2665}
2666
96b09de5 2667static bool unit_process_job(Job *j, UnitActiveState ns, bool reload_success) {
16c74914 2668 bool unexpected = false;
31cd5f63 2669 JobResult result;
16c74914
LP		 2670
2671 assert(j);
2672
2673 if (j->state == JOB_WAITING)
16c74914
LP		 2674 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2675 * due to EAGAIN. */
2676 job_add_to_run_queue(j);
2677
2678 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2679 * hence needs to invalidate jobs. */
2680
2681 switch (j->type) {
2682
2683 case JOB_START:
2684 case JOB_VERIFY_ACTIVE:
2685
2686 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2687 job_finish_and_invalidate(j, JOB_DONE, true, false);
2688 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2689 unexpected = true;
2690
31cd5f63
AZ		 2691 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2692 if (ns == UNIT_FAILED)
2693 result = JOB_FAILED;
31cd5f63
AZ		 2694 else
2695 result = JOB_DONE;
2696
2697 job_finish_and_invalidate(j, result, true, false);
2698 }
16c74914
LP		 2699 }
2700
2701 break;
2702
2703 case JOB_RELOAD:
2704 case JOB_RELOAD_OR_START:
2705 case JOB_TRY_RELOAD:
2706
2707 if (j->state == JOB_RUNNING) {
2708 if (ns == UNIT_ACTIVE)
96b09de5 2709 job_finish_and_invalidate(j, reload_success ? JOB_DONE : JOB_FAILED, true, false);
16c74914
LP		 2710 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2711 unexpected = true;
2712
2713 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2714 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2715 }
2716 }
2717
2718 break;
2719
2720 case JOB_STOP:
2721 case JOB_RESTART:
2722 case JOB_TRY_RESTART:
2723
2724 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2725 job_finish_and_invalidate(j, JOB_DONE, true, false);
2726 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2727 unexpected = true;
2728 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2729 }
2730
2731 break;
2732
2733 default:
04499a70 2734 assert_not_reached();
16c74914
LP		 2735 }
2736
2737 return unexpected;
2738}
2739
96b09de5 2740void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
429926e9 2741 const char *reason;
8559b3b7 2742 Manager *m;
a096ed36 2743
87f0e418
LP		 2744 assert(u);
2745 assert(os < _UNIT_ACTIVE_STATE_MAX);
2746 assert(ns < _UNIT_ACTIVE_STATE_MAX);
87f0e418 2747
8559b3b7
LP		 2748 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2749 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2750 * remounted this function will be called too! */
87f0e418 2751
546ac4f0
MS		 2752 m = u->manager;
2753
3c4832ad
LP		 2754 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2755 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2756 unit_add_to_dbus_queue(u);
2757
e30bbc90
AZ		 2758 /* Update systemd-oomd on the property/state change */
2759 if (os != ns) {
2760 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2761 * monitoring.
2762 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2763 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2764 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2765 * have the information on the property. Thus, indiscriminately send an update. */
f561e8c6 2766 if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns))
e30bbc90
AZ		 2767 (void) manager_varlink_send_managed_oom_update(u);
2768 }
2769
f755e3b7 2770 /* Update timestamps for state changes */
2c289ea8 2771 if (!MANAGER_IS_RELOADING(m)) {
fa5a0251 2772 dual_timestamp_now(&u->state_change_timestamp);
173e3821 2773
bdbf9951 2774 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2775 u->inactive_exit_timestamp = u->state_change_timestamp;
bdbf9951 2776 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
a483fb59 2777 u->inactive_enter_timestamp = u->state_change_timestamp;
bdbf9951
LP		 2778
2779 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2780 u->active_enter_timestamp = u->state_change_timestamp;
bdbf9951 2781 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
a483fb59 2782 u->active_exit_timestamp = u->state_change_timestamp;
bdbf9951 2783 }
87f0e418 2784
865cc19a 2785 /* Keep track of failed units */
8724defe 2786 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
f755e3b7 2787
d3070fbd
LP		 2788 /* Make sure the cgroup and state files are always removed when we become inactive */
2789 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ff68472a
ZJS		 2790 SET_FLAG(u->markers,
2791 (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART),
2792 false);
efdb0237 2793 unit_prune_cgroup(u);
d3070fbd 2794 unit_unlink_state_files(u);
ff68472a
ZJS		 2795 } else if (ns != os && ns == UNIT_RELOADING)
2796 SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false);
fb385181 2797
adefcf28 2798 unit_update_on_console(u);
7ed9f6cd 2799
2c289ea8 2800 if (!MANAGER_IS_RELOADING(m)) {
a1c7334b
LP		 2801 bool unexpected;
2802
2803 /* Let's propagate state changes to the job */
2804 if (u->job)
96b09de5 2805 unexpected = unit_process_job(u->job, ns, reload_success);
a1c7334b
LP		 2806 else
2807 unexpected = true;
f3bff0eb 2808
a1c7334b
LP		 2809 /* If this state change happened without being requested by a job, then let's retroactively start or
2810 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2811 * additional jobs just because something is already activated. */
bdbf9951
LP		 2812
2813 if (unexpected) {
2814 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2815 retroactively_start_dependencies(u);
2816 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2817 retroactively_stop_dependencies(u);
2818 }
5de9682c 2819
bdbf9951 2820 if (ns != os && ns == UNIT_FAILED) {
ed77d407 2821 log_unit_debug(u, "Unit entered failed state.");
49b34f75 2822 unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode);
cd6d0a45 2823 }
e537352b 2824
256f65d0
LP		 2825 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2826 /* This unit just finished starting up */
3b2775c5 2827
6eb65e7c 2828 unit_emit_audit_start(u);
546ac4f0 2829 manager_send_unit_plymouth(m, u);
256f65d0 2830 }
bdbf9951 2831
256f65d0 2832 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
915b1d01 2833 /* This unit just stopped/failed. */
256f65d0 2834
6eb65e7c 2835 unit_emit_audit_stop(u, ns);
915b1d01 2836 unit_log_resources(u);
cd6d0a45 2837 }
294446dc 2838
49b34f75 2839 if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE))
294446dc 2840 unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode);
f278026d
LP		 2841 }
2842
31dc1ca3
LP		 2843 manager_recheck_journal(m);
2844 manager_recheck_dbus(m);
e63ebf71 2845
3ecaa09b 2846 unit_trigger_notify(u);
3b2775c5 2847
8724defe 2848 if (!MANAGER_IS_RELOADING(m)) {
429926e9
TR		 2849 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2850 reason = strjoina("unit ", u->id, " failed");
36c4dc08 2851 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
429926e9
TR		 2852 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2853 reason = strjoina("unit ", u->id, " succeeded");
36c4dc08 2854 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
429926e9 2855 }
ff502445
LP		 2856 }
2857
99e9af25 2858 /* And now, add the unit or depending units to various queues that will act on the new situation if
48008c1c 2859 * needed. These queues generally check for continuous state changes rather than events (like most of
99e9af25
LP		 2860 * the state propagation above), and do work deferred instead of instantly, since they typically
2861 * don't want to run during reloading, and usually involve checking combined state of multiple units
2862 * at once. */
2863
2864 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2865 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2866 check_unneeded_dependencies(u);
2867 check_bound_by_dependencies(u);
2868
2869 /* Maybe someone wants us to remain up? */
2870 unit_submit_to_start_when_upheld_queue(u);
2871
2872 /* Maybe the unit should be GC'ed now? */
2873 unit_add_to_gc_queue(u);
6ac62d61
LP		 2874
2875 /* Maybe we can release some resources now? */
2876 unit_submit_to_release_resources_queue(u);
99e9af25
LP		 2877 }
2878
2879 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2880 /* Start uphold units regardless if going up was expected or not */
2881 check_uphold_dependencies(u);
2882
2883 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2884 unit_submit_to_stop_when_unneeded_queue(u);
2885
2886 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2887 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2888 * inactive, without ever entering started.) */
2889 unit_submit_to_stop_when_bound_queue(u);
2890 }
87f0e418
LP		 2891}
2892
495e75ed
LP		 2893int unit_watch_pidref(Unit *u, PidRef *pid, bool exclusive) {
2894 _cleanup_(pidref_freep) PidRef *pid_dup = NULL;
62a76913 2895 int r;
a911bb9a 2896
495e75ed 2897 /* Adds a specific PID to the set of PIDs this unit watches. */
87f0e418 2898
495e75ed
LP		 2899 assert(u);
2900 assert(pidref_is_set(pid));
5ba6985b 2901
f75f613d
FB		 2902 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2903 * opportunity to remove any stalled references to this PID as they can be created
2904 * easily (when watching a process which is not our direct child). */
2905 if (exclusive)
495e75ed
LP		 2906 manager_unwatch_pidref(u->manager, pid);
2907
2908 if (set_contains(u->pids, pid)) /* early exit if already being watched */
2909 return 0;
f75f613d 2910
495e75ed 2911 r = pidref_dup(pid, &pid_dup);
5ba6985b
LP		 2912 if (r < 0)
2913 return r;
2914
495e75ed 2915 /* First, insert into the set of PIDs maintained by the unit */
4c8d5f02 2916 r = set_ensure_put(&u->pids, &pidref_hash_ops_free, pid_dup);
a911bb9a
LP		 2917 if (r < 0)
2918 return r;
2919
495e75ed 2920 pid = TAKE_PTR(pid_dup); /* continue with our copy now that we have installed it properly in our set */
05e343b7 2921
495e75ed 2922 /* Second, insert it into the simple global table, see if that works */
4c8d5f02 2923 r = hashmap_ensure_put(&u->manager->watch_pids, &pidref_hash_ops_free, pid, u);
495e75ed
LP		 2924 if (r != -EEXIST)
2925 return r;
a911bb9a 2926
495e75ed
LP		 2927 /* OK, the key is already assigned to a different unit. That's fine, then add us via the second
2928 * hashmap that points to an array. */
a911bb9a 2929
495e75ed
LP		 2930 PidRef *old_pid = NULL;
2931 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &old_pid);
62a76913 2932
495e75ed
LP		 2933 /* Count entries in array */
2934 size_t n = 0;
2935 for (; array && array[n]; n++)
2936 ;
62a76913 2937
495e75ed
LP		 2938 /* Allocate a new array */
2939 _cleanup_free_ Unit **new_array = new(Unit*, n + 2);
2940 if (!new_array)
2941 return -ENOMEM;
62a76913 2942
495e75ed
LP		 2943 /* Append us to the end */
2944 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2945 new_array[n] = u;
2946 new_array[n+1] = NULL;
62a76913 2947
495e75ed 2948 /* Make sure the hashmap is allocated */
4c8d5f02 2949 r = hashmap_ensure_allocated(&u->manager->watch_pids_more, &pidref_hash_ops_free);
495e75ed 2950 if (r < 0)
62a76913
LP		 2951 return r;
2952
495e75ed
LP		 2953 /* Add or replace the old array */
2954 r = hashmap_replace(u->manager->watch_pids_more, old_pid ?: pid, new_array);
62a76913
LP		 2955 if (r < 0)
2956 return r;
2957
495e75ed
LP		 2958 TAKE_PTR(new_array); /* Now part of the hash table */
2959 free(array); /* Which means we can now delete the old version */
62a76913 2960 return 0;
87f0e418
LP		 2961}
2962
495e75ed
LP		 2963int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2964 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
2965 int r;
62a76913 2966
87f0e418 2967 assert(u);
62a76913
LP		 2968 assert(pid_is_valid(pid));
2969
495e75ed
LP		 2970 r = pidref_set_pid(&pidref, pid);
2971 if (r < 0)
2972 return r;
62a76913 2973
495e75ed
LP		 2974 return unit_watch_pidref(u, &pidref, exclusive);
2975}
12375b95 2976
495e75ed
LP		 2977void unit_unwatch_pidref(Unit *u, PidRef *pid) {
2978 assert(u);
2979 assert(pidref_is_set(pid));
2980
2981 /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */
2982 _cleanup_(pidref_freep) PidRef *pid1 = set_remove(u->pids, pid);
2983 if (!pid1)
2984 return; /* Early exit if this PID was never watched by us */
2985
2986 /* First let's drop the unit from the simple hash table, if it is included there */
2987 PidRef *pid2 = NULL;
2988 Unit *uu = hashmap_get2(u->manager->watch_pids, pid, (void**) &pid2);
2989
2990 /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */
2991 assert((uu == u) == (pid1 == pid2));
2992
2993 if (uu == u)
2994 /* OK, we are in the first table. Let's remove it there then, and we are done already. */
1c2beeb0 2995 assert_se(hashmap_remove_value(u->manager->watch_pids, pid2, uu));
495e75ed
LP		 2996 else {
2997 /* We weren't in the first table, then let's consult the 2nd table that points to an array */
2998 PidRef *pid3 = NULL;
2999 Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &pid3);
3000
3001 /* Let's iterate through the array, dropping our own entry */
3002 size_t m = 0, n = 0;
3003 for (; array && array[n]; n++)
62a76913
LP		 3004 if (array[n] != u)
3005 array[m++] = array[n];
495e75ed
LP		 3006 if (n == m)
3007 return; /* Not there */
3008
3009 array[m] = NULL; /* set trailing NULL marker on the new end */
62a76913
LP		 3010
3011 if (m == 0) {
3012 /* The array is now empty, remove the entire entry */
1c2beeb0 3013 assert_se(hashmap_remove_value(u->manager->watch_pids_more, pid3, array));
62a76913 3014 free(array);
495e75ed
LP		 3015 } else {
3016 /* The array is not empty, but let's make sure the entry is not keyed by the PidRef
3017 * we will delete, but by the PidRef object of the Unit that is now first in the
3018 * array. */
3019
3020 PidRef *new_pid3 = ASSERT_PTR(set_get(array[0]->pids, pid));
3021 assert_se(hashmap_replace(u->manager->watch_pids_more, new_pid3, array) >= 0);
62a76913
LP		 3022 }
3023 }
495e75ed 3024}
87f0e418 3025
495e75ed
LP		 3026void unit_unwatch_pid(Unit *u, pid_t pid) {
3027 return unit_unwatch_pidref(u, &PIDREF_MAKE_FROM_PID(pid));
a911bb9a
LP		 3028}
3029
bd44e61b
LP		 3030void unit_unwatch_all_pids(Unit *u) {
3031 assert(u);
3032
3033 while (!set_isempty(u->pids))
495e75ed 3034 unit_unwatch_pidref(u, set_first(u->pids));
bd44e61b 3035
efdb0237 3036 u->pids = set_free(u->pids);
a911bb9a
LP		 3037}
3038
50be4f4a 3039static void unit_tidy_watch_pids(Unit *u) {
495e75ed 3040 PidRef *except1, *except2, *e;
a911bb9a
LP		 3041
3042 assert(u);
3043
3044 /* Cleans dead PIDs from our list */
3045
50be4f4a
LP		 3046 except1 = unit_main_pid(u);
3047 except2 = unit_control_pid(u);
3048
90e74a66 3049 SET_FOREACH(e, u->pids) {
495e75ed 3050 if (pidref_equal(except1, e) || pidref_equal(except2, e))
a911bb9a
LP		 3051 continue;
3052
4d9f092b 3053 if (pidref_is_unwaited(e) <= 0)
495e75ed 3054 unit_unwatch_pidref(u, e);
a911bb9a 3055 }
87f0e418
LP		 3056}
3057
50be4f4a 3058static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
99534007 3059 Unit *u = ASSERT_PTR(userdata);
50be4f4a
LP		 3060
3061 assert(s);
50be4f4a
LP		 3062
3063 unit_tidy_watch_pids(u);
3064 unit_watch_all_pids(u);
3065
3066 /* If the PID set is empty now, then let's finish this off. */
3067 unit_synthesize_cgroup_empty_event(u);
3068
3069 return 0;
3070}
3071
3072int unit_enqueue_rewatch_pids(Unit *u) {
3073 int r;
3074
3075 assert(u);
3076
3077 if (!u->cgroup_path)
3078 return -ENOENT;
3079
3080 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
3081 if (r < 0)
3082 return r;
3083 if (r > 0) /* On unified we can use proper notifications */
3084 return 0;
3085
3086 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
3087 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
3088 * involves issuing kill(pid, 0) on all processes we watch. */
3089
3090 if (!u->rewatch_pids_event_source) {
3091 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
3092
3093 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
3094 if (r < 0)
3095 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
3096
3097 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
3098 if (r < 0)
28b77ab2 3099 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
50be4f4a
LP		 3100
3101 (void) sd_event_source_set_description(s, "tidy-watch-pids");
3102
3103 u->rewatch_pids_event_source = TAKE_PTR(s);
3104 }
3105
3106 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
3107 if (r < 0)
3108 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
3109
3110 return 0;
3111}
3112
3113void unit_dequeue_rewatch_pids(Unit *u) {
3114 int r;
3115 assert(u);
3116
3117 if (!u->rewatch_pids_event_source)
3118 return;
3119
3120 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
3121 if (r < 0)
3122 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
3123
5dcadb4c 3124 u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source);
50be4f4a
LP		 3125}
3126
87f0e418
LP		 3127bool unit_job_is_applicable(Unit *u, JobType j) {
3128 assert(u);
3129 assert(j >= 0 && j < _JOB_TYPE_MAX);
3130
3131 switch (j) {
3132
3133 case JOB_VERIFY_ACTIVE:
3134 case JOB_START:
e0209d83 3135 case JOB_NOP:
f5869324 3136 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
86b52a39 3137 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
f5869324 3138 * jobs for it. */
87f0e418
LP		 3139 return true;
3140
f5869324
LP		 3141 case JOB_STOP:
3142 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
86b52a39 3143 * external events), hence it makes no sense to permit enqueuing such a request either. */
f5869324
LP		 3144 return !u->perpetual;
3145
87f0e418
LP		 3146 case JOB_RESTART:
3147 case JOB_TRY_RESTART:
f5869324 3148 return unit_can_stop(u) && unit_can_start(u);
87f0e418
LP		 3149
3150 case JOB_RELOAD:
3282591d 3151 case JOB_TRY_RELOAD:
87f0e418
LP		 3152 return unit_can_reload(u);
3153
3154 case JOB_RELOAD_OR_START:
3155 return unit_can_reload(u) && unit_can_start(u);
3156
3157 default:
04499a70 3158 assert_not_reached();
87f0e418
LP		 3159 }
3160}
3161
83110824
YW		 3162static Hashmap *unit_get_dependency_hashmap_per_type(Unit *u, UnitDependency d) {
3163 Hashmap *deps;
3164
3165 assert(u);
3166 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3167
3168 deps = hashmap_get(u->dependencies, UNIT_DEPENDENCY_TO_PTR(d));
3169 if (!deps) {
3170 _cleanup_hashmap_free_ Hashmap *h = NULL;
3171
3172 h = hashmap_new(NULL);
3173 if (!h)
3174 return NULL;
3175
3176 if (hashmap_ensure_put(&u->dependencies, NULL, UNIT_DEPENDENCY_TO_PTR(d), h) < 0)
3177 return NULL;
3178
3179 deps = TAKE_PTR(h);
3180 }
3181
3182 return deps;
3183}
3184
3185typedef enum NotifyDependencyFlags {
3186 NOTIFY_DEPENDENCY_UPDATE_FROM = 1 << 0,
3187 NOTIFY_DEPENDENCY_UPDATE_TO = 1 << 1,
3188} NotifyDependencyFlags;
3189
3190static int unit_add_dependency_impl(
eef85c4a
LP		 3191 Unit *u,
3192 UnitDependency d,
3193 Unit *other,
eef85c4a 3194 UnitDependencyMask mask) {
87f0e418
LP		 3195
3196 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
fb138166
ZJS		 3197 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3198 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3199 [UNIT_WANTS] = UNIT_WANTED_BY,
3200 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3201 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3202 [UNIT_UPHOLDS] = UNIT_UPHELD_BY,
3203 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3204 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3205 [UNIT_WANTED_BY] = UNIT_WANTS,
3206 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3207 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3208 [UNIT_UPHELD_BY] = UNIT_UPHOLDS,
3209 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3210 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3211 [UNIT_BEFORE] = UNIT_AFTER,
3212 [UNIT_AFTER] = UNIT_BEFORE,
3213 [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF,
3214 [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS,
3215 [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF,
3216 [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE,
3217 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3218 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3219 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
85e9a101 3220 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
fb138166
ZJS		 3221 [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM,
3222 [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO,
3223 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */
3224 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3225 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3226 [UNIT_IN_SLICE] = UNIT_SLICE_OF,
3227 [UNIT_SLICE_OF] = UNIT_IN_SLICE,
87f0e418 3228 };
83110824
YW		 3229
3230 Hashmap *u_deps, *other_deps;
3231 UnitDependencyInfo u_info, u_info_old, other_info, other_info_old;
3232 NotifyDependencyFlags flags = 0;
3233 int r;
3234
3235 assert(u);
3236 assert(other);
3237 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3238 assert(inverse_table[d] >= 0 && inverse_table[d] < _UNIT_DEPENDENCY_MAX);
3239 assert(mask > 0 && mask < _UNIT_DEPENDENCY_MASK_FULL);
3240
3241 /* Ensure the following two hashmaps for each unit exist:
3242 * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo),
3243 * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */
3244 u_deps = unit_get_dependency_hashmap_per_type(u, d);
3245 if (!u_deps)
3246 return -ENOMEM;
3247
3248 other_deps = unit_get_dependency_hashmap_per_type(other, inverse_table[d]);
3249 if (!other_deps)
3250 return -ENOMEM;
3251
3252 /* Save the original dependency info. */
3253 u_info.data = u_info_old.data = hashmap_get(u_deps, other);
3254 other_info.data = other_info_old.data = hashmap_get(other_deps, u);
3255
3256 /* Update dependency info. */
3257 u_info.origin_mask |= mask;
3258 other_info.destination_mask |= mask;
3259
3260 /* Save updated dependency info. */
3261 if (u_info.data != u_info_old.data) {
3262 r = hashmap_replace(u_deps, other, u_info.data);
3263 if (r < 0)
3264 return r;
3265
3266 flags = NOTIFY_DEPENDENCY_UPDATE_FROM;
3267 }
3268
3269 if (other_info.data != other_info_old.data) {
3270 r = hashmap_replace(other_deps, u, other_info.data);
3271 if (r < 0) {
3272 if (u_info.data != u_info_old.data) {
3273 /* Restore the old dependency. */
3274 if (u_info_old.data)
3275 (void) hashmap_update(u_deps, other, u_info_old.data);
3276 else
3277 hashmap_remove(u_deps, other);
3278 }
3279 return r;
3280 }
3281
3282 flags |= NOTIFY_DEPENDENCY_UPDATE_TO;
3283 }
3284
3285 return flags;
3286}
3287
3288int unit_add_dependency(
3289 Unit *u,
3290 UnitDependency d,
3291 Unit *other,
3292 bool add_reference,
3293 UnitDependencyMask mask) {
3294
15ed3c3a 3295 UnitDependencyAtom a;
eef85c4a 3296 int r;
15ed3c3a
LP		 3297
3298 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3299 * there, no need to notify! */
83110824 3300 NotifyDependencyFlags notify_flags;
87f0e418
LP		 3301
3302 assert(u);
3303 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
87f0e418
LP		 3304 assert(other);
3305
9f151f29
LP		 3306 u = unit_follow_merge(u);
3307 other = unit_follow_merge(other);
15ed3c3a
LP		 3308 a = unit_dependency_to_atom(d);
3309 assert(a >= 0);
9f151f29 3310
15ed3c3a 3311 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
d1fab3fe 3312 if (u == other) {
ed991163
YW		 3313 if (unit_should_warn_about_dependency(d))
3314 log_unit_warning(u, "Dependency %s=%s is dropped.",
3315 unit_dependency_to_string(d), u->id);
87f0e418 3316 return 0;
d1fab3fe 3317 }
87f0e418 3318
f14d6810
MG		 3319 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3320 return 0;
3321
15ed3c3a
LP		 3322 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3323 * running timeout at a specific time. */
3324 if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) {
b862c257 3325 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
c80a9a33
LP		 3326 return 0;
3327 }
3328
15ed3c3a 3329 if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) {
c80a9a33
LP		 3330 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3331 return 0;
3332 }
3333
15ed3c3a 3334 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger)
c80a9a33
LP		 3335 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3336 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
15ed3c3a 3337 if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger)
c80a9a33
LP		 3338 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3339 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3340
d219a2b0
LP		 3341 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE)
3342 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3343 "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id);
3344 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE)
3345 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3346 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id);
3347
3348 if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u))
3349 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3350 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id);
3351
3352 if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other))
3353 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3354 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id);
3355
83110824 3356 r = unit_add_dependency_impl(u, d, other, mask);
613b411c 3357 if (r < 0)
87f0e418 3358 return r;
83110824 3359 notify_flags = r;
613b411c
LP		 3360
3361 if (add_reference) {
83110824 3362 r = unit_add_dependency_impl(u, UNIT_REFERENCES, other, mask);
613b411c 3363 if (r < 0)
701cc384 3364 return r;
83110824 3365 notify_flags |= r;
613b411c 3366 }
87f0e418 3367
83110824 3368 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_FROM))
5177cb0a 3369 unit_add_to_dbus_queue(u);
83110824 3370 if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_TO))
ac17080c 3371 unit_add_to_dbus_queue(other);
15ed3c3a 3372
83110824 3373 return notify_flags != 0;
87f0e418 3374}
0301abf4 3375
eef85c4a 3376int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
5ee8e988 3377 int r = 0, s = 0;
2c966c03
LP		 3378
3379 assert(u);
5ee8e988 3380 assert(d >= 0 || e >= 0);
2c966c03 3381
5ee8e988
LB		 3382 if (d >= 0) {
3383 r = unit_add_dependency(u, d, other, add_reference, mask);
3384 if (r < 0)
3385 return r;
3386 }
2c966c03 3387
5ee8e988
LB		 3388 if (e >= 0) {
3389 s = unit_add_dependency(u, e, other, add_reference, mask);
3390 if (s < 0)
3391 return s;
3392 }
a8c5a4c6
YW		 3393
3394 return r > 0 || s > 0;
2c966c03
LP		 3395}
3396
23e8c796 3397static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
7410616c 3398 int r;
9e2f7c11
LP		 3399
3400 assert(u);
23e8c796 3401 assert(name);
7410616c
LP		 3402 assert(buf);
3403 assert(ret);
9e2f7c11 3404
7410616c
LP		 3405 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3406 *buf = NULL;
3407 *ret = name;
3408 return 0;
9e2f7c11
LP		 3409 }
3410
ac155bb8 3411 if (u->instance)
7410616c 3412 r = unit_name_replace_instance(name, u->instance, buf);
9e2f7c11 3413 else {
ae018d9b 3414 _cleanup_free_ char *i = NULL;
9e2f7c11 3415
7410616c
LP		 3416 r = unit_name_to_prefix(u->id, &i);
3417 if (r < 0)
3418 return r;
9e2f7c11 3419
7410616c 3420 r = unit_name_replace_instance(name, i, buf);
9e2f7c11 3421 }
7410616c
LP		 3422 if (r < 0)
3423 return r;
9e2f7c11 3424
7410616c
LP		 3425 *ret = *buf;
3426 return 0;
9e2f7c11
LP		 3427}
3428
35d8c19a 3429int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3430 _cleanup_free_ char *buf = NULL;
09b6b09f
LP		 3431 Unit *other;
3432 int r;
3433
9e2f7c11 3434 assert(u);
35d8c19a 3435 assert(name);
09b6b09f 3436
23e8c796 3437 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3438 if (r < 0)
3439 return r;
09b6b09f 3440
f14d6810
MG		 3441 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3442 return 0;
3443
35d8c19a 3444 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
8afbb8e1
LP		 3445 if (r < 0)
3446 return r;
9e2f7c11 3447
eef85c4a 3448 return unit_add_dependency(u, d, other, add_reference, mask);
09b6b09f
LP		 3449}
3450
5a724170 3451int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
7410616c 3452 _cleanup_free_ char *buf = NULL;
2c966c03
LP		 3453 Unit *other;
3454 int r;
2c966c03
LP		 3455
3456 assert(u);
5a724170 3457 assert(name);
2c966c03 3458
23e8c796 3459 r = resolve_template(u, name, &buf, &name);
7410616c
LP		 3460 if (r < 0)
3461 return r;
2c966c03 3462
f14d6810
MG		 3463 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3464 return 0;
3465
5a724170 3466 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3f3cc397 3467 if (r < 0)
68eda4bd 3468 return r;
2c966c03 3469
eef85c4a 3470 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2c966c03
LP		 3471}
3472
0301abf4 3473int set_unit_path(const char *p) {
0301abf4 3474 /* This is mostly for debug purposes */
7c248223 3475 return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1));
0301abf4 3476}
88066b3a 3477
ea430986 3478char *unit_dbus_path(Unit *u) {
ea430986
LP		 3479 assert(u);
3480
ac155bb8 3481 if (!u->id)
04ade7d2
LP		 3482 return NULL;
3483
48899192 3484 return unit_dbus_path_from_name(u->id);
ea430986
LP		 3485}
3486
4b58153d
LP		 3487char *unit_dbus_path_invocation_id(Unit *u) {
3488 assert(u);
3489
3490 if (sd_id128_is_null(u->invocation_id))
3491 return NULL;
3492
3493 return unit_dbus_path_from_name(u->invocation_id_string);
3494}
3495
2d3b784d 3496int unit_set_invocation_id(Unit *u, sd_id128_t id) {
db868d45
ZJS		 3497 int r;
3498
3499 assert(u);
3500
3501 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3502
3503 if (sd_id128_equal(u->invocation_id, id))
3504 return 0;
3505
3506 if (!sd_id128_is_null(u->invocation_id))
3507 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3508
3509 if (sd_id128_is_null(id)) {
3510 r = 0;
3511 goto reset;
3512 }
3513
3514 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3515 if (r < 0)
3516 goto reset;
3517
3518 u->invocation_id = id;
3519 sd_id128_to_string(id, u->invocation_id_string);
3520
3521 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3522 if (r < 0)
3523 goto reset;
3524
3525 return 0;
3526
3527reset:
3528 u->invocation_id = SD_ID128_NULL;
3529 u->invocation_id_string[0] = 0;
3530 return r;
3531}
3532
899acf5c 3533int unit_set_slice(Unit *u, Unit *slice) {
d219a2b0
LP		 3534 int r;
3535
d79200e2
LP		 3536 assert(u);
3537 assert(slice);
3538
d219a2b0
LP		 3539 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3540 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3541 * slice is derived from the name). Make sure the unit we set is actually a slice. */
d79200e2
LP		 3542
3543 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3544 return -EOPNOTSUPP;
3545
3546 if (u->type == UNIT_SLICE)
3547 return -EINVAL;
3548
102ef982
LP		 3549 if (unit_active_state(u) != UNIT_INACTIVE)
3550 return -EBUSY;
3551
d79200e2
LP		 3552 if (slice->type != UNIT_SLICE)
3553 return -EINVAL;
3554
efdb0237
LP		 3555 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3556 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3557 return -EPERM;
3558
12f64221 3559 if (UNIT_GET_SLICE(u) == slice)
d79200e2
LP		 3560 return 0;
3561
99e66921 3562 /* Disallow slice changes if @u is already bound to cgroups */
12f64221 3563 if (UNIT_GET_SLICE(u) && u->cgroup_realized)
d79200e2
LP		 3564 return -EBUSY;
3565
899acf5c
AZ		 3566 /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */
3567 if (UNIT_GET_SLICE(u))
3568 unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY);
3569
3570 r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY);
d219a2b0
LP		 3571 if (r < 0)
3572 return r;
3573
d79200e2
LP		 3574 return 1;
3575}
3576
3577int unit_set_default_slice(Unit *u) {
a8833944 3578 const char *slice_name;
a016b922
LP		 3579 Unit *slice;
3580 int r;
3581
3582 assert(u);
3583
f14d6810
MG		 3584 if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES))
3585 return 0;
3586
12f64221 3587 if (UNIT_GET_SLICE(u))
a016b922
LP		 3588 return 0;
3589
a8833944
LP		 3590 if (u->instance) {
3591 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
68eda4bd 3592
a8833944
LP		 3593 /* Implicitly place all instantiated units in their
3594 * own per-template slice */
3595
7410616c
LP		 3596 r = unit_name_to_prefix(u->id, &prefix);
3597 if (r < 0)
3598 return r;
a8833944
LP		 3599
3600 /* The prefix is already escaped, but it might include
3601 * "-" which has a special meaning for slice units,
3602 * hence escape it here extra. */
7410616c 3603 escaped = unit_name_escape(prefix);
a8833944
LP		 3604 if (!escaped)
3605 return -ENOMEM;
3606
463d0d15 3607 if (MANAGER_IS_SYSTEM(u->manager))
00e7b3c8 3608 slice_name = strjoina("system-", escaped, ".slice");
a8833944 3609 else
7f3b86a4 3610 slice_name = strjoina("app-", escaped, ".slice");
5ee24fa0
ZJS		 3611
3612 } else if (unit_is_extrinsic(u))
3613 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3614 * the root slice. They don't really belong in one of the subslices. */
3615 slice_name = SPECIAL_ROOT_SLICE;
3616
3617 else if (MANAGER_IS_SYSTEM(u->manager))
3618 slice_name = SPECIAL_SYSTEM_SLICE;
3619 else
3620 slice_name = SPECIAL_APP_SLICE;
a8833944
LP		 3621
3622 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
a016b922
LP		 3623 if (r < 0)
3624 return r;
3625
899acf5c 3626 return unit_set_slice(u, slice);
a016b922
LP		 3627}
3628
9444b1f2 3629const char *unit_slice_name(Unit *u) {
12f64221 3630 Unit *slice;
9444b1f2
LP		 3631 assert(u);
3632
12f64221
LP		 3633 slice = UNIT_GET_SLICE(u);
3634 if (!slice)
9444b1f2
LP		 3635 return NULL;
3636
12f64221 3637 return slice->id;
9444b1f2
LP		 3638}
3639
f6ff8c29 3640int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
78edb35a 3641 _cleanup_free_ char *t = NULL;
f6ff8c29
LP		 3642 int r;
3643
3644 assert(u);
3645 assert(type);
3646 assert(_found);
3647
7410616c
LP		 3648 r = unit_name_change_suffix(u->id, type, &t);
3649 if (r < 0)
3650 return r;
3651 if (unit_has_name(u, t))
3652 return -EINVAL;
f6ff8c29 3653
ac155bb8 3654 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
9e2f7c11 3655 assert(r < 0 || *_found != u);
f6ff8c29
LP		 3656 return r;
3657}
3658
bbc29086 3659static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
fc67a943 3660 const char *new_owner;
99534007 3661 Unit *u = ASSERT_PTR(userdata);
bbc29086
DM		 3662 int r;
3663
3664 assert(message);
bbc29086 3665
fc67a943 3666 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
bbc29086
DM		 3667 if (r < 0) {
3668 bus_log_parse_error(r);
3669 return 0;
3670 }
3671
3672 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3673 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
a5a8776a
MJ		 3674
3675 return 0;
3676}
3677
3678static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3679 const sd_bus_error *e;
3680 const char *new_owner;
99534007 3681 Unit *u = ASSERT_PTR(userdata);
a5a8776a
MJ		 3682 int r;
3683
3684 assert(message);
a5a8776a
MJ		 3685
3686 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3687
a5a8776a 3688 e = sd_bus_message_get_error(message);
a5a8776a 3689 if (e) {
91053fc9 3690 if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) {
33322185
YW		 3691 r = sd_bus_error_get_errno(e);
3692 log_unit_error_errno(u, r,
3693 "Unexpected error response from GetNameOwner(): %s",
3694 bus_error_message(e, r));
3695 }
a5a8776a 3696
fc67a943
LP		 3697 new_owner = NULL;
3698 } else {
3699 r = sd_bus_message_read(message, "s", &new_owner);
3700 if (r < 0)
3701 return bus_log_parse_error(r);
a5a8776a 3702
fc67a943
LP		 3703 assert(!isempty(new_owner));
3704 }
a5a8776a
MJ		 3705
3706 if (UNIT_VTABLE(u)->bus_name_owner_change)
fc67a943 3707 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
bbc29086
DM		 3708
3709 return 0;
3710}
3711
9806e87d 3712int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
8df433d7 3713 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
9806e87d 3714 const char *match;
8df433d7 3715 usec_t timeout_usec = 0;
a5b07847 3716 int r;
bbc29086 3717
9806e87d
LP		 3718 assert(u);
3719 assert(bus);
3720 assert(name);
bbc29086 3721
a5b07847 3722 if (u->match_bus_slot || u->get_name_owner_slot)
bbc29086
DM		 3723 return -EBUSY;
3724
8df433d7 3725 /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus
3726 * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default
3727 * value defined above. */
3728 if (UNIT_VTABLE(u)->get_timeout_start_usec)
3729 timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u);
3730
9806e87d 3731 match = strjoina("type='signal',"
81d62103
ZJS		 3732 "sender='org.freedesktop.DBus',"
3733 "path='/org/freedesktop/DBus',"
3734 "interface='org.freedesktop.DBus',"
3735 "member='NameOwnerChanged',"
3736 "arg0='", name, "'");
bbc29086 3737
8df433d7 3738 r = bus_add_match_full(
3739 bus,
3740 &u->match_bus_slot,
3741 true,
3742 match,
3743 signal_name_owner_changed,
3744 NULL,
3745 u,
3746 timeout_usec);
a5a8776a
MJ		 3747 if (r < 0)
3748 return r;
3749
8df433d7 3750 r = sd_bus_message_new_method_call(
a5b07847 3751 bus,
8df433d7 3752 &m,
a5b07847
LP		 3753 "org.freedesktop.DBus",
3754 "/org/freedesktop/DBus",
3755 "org.freedesktop.DBus",
8df433d7 3756 "GetNameOwner");
3757 if (r < 0)
3758 return r;
3759
3760 r = sd_bus_message_append(m, "s", name);
3761 if (r < 0)
3762 return r;
3763
3764 r = sd_bus_call_async(
3765 bus,
3766 &u->get_name_owner_slot,
3767 m,
a5b07847
LP		 3768 get_name_owner_handler,
3769 u,
8df433d7 3770 timeout_usec);
3771
a5b07847
LP		 3772 if (r < 0) {
3773 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3774 return r;
3775 }
3776
3777 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3778 return 0;
bbc29086
DM		 3779}
3780
05e343b7 3781int unit_watch_bus_name(Unit *u, const char *name) {
bbc29086
DM		 3782 int r;
3783
05e343b7
LP		 3784 assert(u);
3785 assert(name);
3786
3787 /* Watch a specific name on the bus. We only support one unit
3788 * watching each name for now. */
3789
bbc29086
DM		 3790 if (u->manager->api_bus) {
3791 /* If the bus is already available, install the match directly.
3792 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
9806e87d 3793 r = unit_install_bus_match(u, u->manager->api_bus, name);
bbc29086 3794 if (r < 0)
8ea823b6 3795 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
bbc29086
DM		 3796 }
3797
3798 r = hashmap_put(u->manager->watch_bus, name, u);
3799 if (r < 0) {
3800 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5b07847 3801 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
bbc29086
DM		 3802 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3803 }
3804
3805 return 0;
05e343b7
LP		 3806}
3807
3808void unit_unwatch_bus_name(Unit *u, const char *name) {
3809 assert(u);
3810 assert(name);
3811
8367fea5 3812 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
bbc29086 3813 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
a5a8776a 3814 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
05e343b7
LP		 3815}
3816
d336ba9f 3817int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
68eda4bd 3818 _cleanup_free_ char *e = NULL;
44b0d1fd 3819 Unit *device;
6e2ef85b
LP		 3820 int r;
3821
3822 assert(u);
3823
6e2ef85b 3824 /* Adds in links to the device node that this unit is based on */
47bc12e1
LP		 3825 if (isempty(what))
3826 return 0;
6e2ef85b 3827
8407a5d0 3828 if (!is_device_path(what))
6e2ef85b
LP		 3829 return 0;
3830
44b0d1fd 3831 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
1c2e9646 3832 if (!unit_type_supported(UNIT_DEVICE))
47bc12e1
LP		 3833 return 0;
3834
7410616c
LP		 3835 r = unit_name_from_path(what, ".device", &e);
3836 if (r < 0)
3837 return r;
6e2ef85b 3838
ac155bb8 3839 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
6e2ef85b
LP		 3840 if (r < 0)
3841 return r;
3842
ebc8968b
FB		 3843 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3844 dep = UNIT_BINDS_TO;
3845
d336ba9f
FB		 3846 return unit_add_two_dependencies(u, UNIT_AFTER,
3847 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3848 device, true, mask);
6e2ef85b 3849}
a16e1123 3850
44b0d1fd
LP		 3851int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
3852 _cleanup_free_ char *escaped = NULL, *target = NULL;
3853 int r;
3854
3855 assert(u);
3856
3857 if (isempty(what))
3858 return 0;
3859
3860 if (!path_startswith(what, "/dev/"))
3861 return 0;
3862
3863 /* If we don't support devices, then also don't bother with blockdev@.target */
3864 if (!unit_type_supported(UNIT_DEVICE))
3865 return 0;
3866
3867 r = unit_name_path_escape(what, &escaped);
3868 if (r < 0)
3869 return r;
3870
3871 r = unit_name_build("blockdev", escaped, ".target", &target);
3872 if (r < 0)
3873 return r;
3874
3875 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
3876}
3877
be847e82 3878int unit_coldplug(Unit *u) {
95f74928 3879 int r = 0;
cca098b0
LP		 3880
3881 assert(u);
3882
f0831ed2 3883 /* Make sure we don't enter a loop, when coldplugging recursively. */
f78f265f
LP		 3884 if (u->coldplugged)
3885 return 0;
3886
3887 u->coldplugged = true;
3888
95f74928
MY		 3889 STRV_FOREACH(i, u->deserialized_refs)
3890 RET_GATHER(r, bus_unit_track_add_name(u, *i));
3891
05a98afd 3892 u->deserialized_refs = strv_free(u->deserialized_refs);
cca098b0 3893
95f74928
MY		 3894 if (UNIT_VTABLE(u)->coldplug)
3895 RET_GATHER(r, UNIT_VTABLE(u)->coldplug(u));
5a6158b6 3896
95f74928
MY		 3897 if (u->job)
3898 RET_GATHER(r, job_coldplug(u->job));
3899 if (u->nop_job)
3900 RET_GATHER(r, job_coldplug(u->nop_job));
cca098b0 3901
49b6babb 3902 unit_modify_nft_set(u, /* add = */ true);
05a98afd 3903 return r;
cca098b0
LP		 3904}
3905
f0831ed2
LP		 3906void unit_catchup(Unit *u) {
3907 assert(u);
3908
3909 if (UNIT_VTABLE(u)->catchup)
3910 UNIT_VTABLE(u)->catchup(u);
869f52f2
DS		 3911
3912 unit_cgroup_catchup(u);
f0831ed2
LP		 3913}
3914
ba25d39e 3915static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
21b95806
ZJS		 3916 struct stat st;
3917
3918 if (!path)
3919 return false;
3920
77969722
LP		 3921 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3922 * are never out-of-date. */
3923 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3924 return false;
3925
21b95806
ZJS		 3926 if (stat(path, &st) < 0)
3927 /* What, cannot access this anymore? */
3928 return true;
3929
ba25d39e
ZJS		 3930 if (path_masked)
3931 /* For masked files check if they are still so */
3932 return !null_or_empty(&st);
3933 else
3a8db9fe 3934 /* For non-empty files check the mtime */
87ec20ef 3935 return timespec_load(&st.st_mtim) > mtime;
21b95806
ZJS		 3936
3937 return false;
3938}
3939
45fb0699 3940bool unit_need_daemon_reload(Unit *u) {
a82b8b3d 3941 _cleanup_strv_free_ char **dropins = NULL;
1b64d026 3942
45fb0699 3943 assert(u);
a82b8b3d
MY		 3944 assert(u->manager);
3945
3946 if (u->manager->unit_file_state_outdated)
3947 return true;
45fb0699 3948
ba25d39e
ZJS		 3949 /* For unit files, we allow masking… */
3950 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3951 u->load_state == UNIT_MASKED))
21b95806 3952 return true;
5f4b19f4 3953
ba25d39e
ZJS		 3954 /* Source paths should not be masked… */
3955 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
ab932a62 3956 return true;
ae7a7182 3957
19a44dfe 3958 if (u->load_state == UNIT_LOADED)
a82b8b3d
MY		 3959 (void) unit_find_dropin_paths(u, &dropins);
3960 if (!strv_equal(u->dropin_paths, dropins))
ab932a62 3961 return true;
6d10d308 3962
ba25d39e 3963 /* … any drop-ins that are masked are simply omitted from the list. */
ab932a62 3964 STRV_FOREACH(path, u->dropin_paths)
ba25d39e 3965 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
ab932a62 3966 return true;
21b95806 3967
ab932a62 3968 return false;
45fb0699
LP		 3969}
3970
fdf20a31 3971void unit_reset_failed(Unit *u) {
5632e374
LP		 3972 assert(u);
3973
fdf20a31
MM		 3974 if (UNIT_VTABLE(u)->reset_failed)
3975 UNIT_VTABLE(u)->reset_failed(u);
6bf0f408 3976
7bf081a1 3977 ratelimit_reset(&u->start_ratelimit);
6bf0f408 3978 u->start_limit_hit = false;
5632e374
LP		 3979}
3980
a7f241db
LP		 3981Unit *unit_following(Unit *u) {
3982 assert(u);
3983
3984 if (UNIT_VTABLE(u)->following)
3985 return UNIT_VTABLE(u)->following(u);
3986
3987 return NULL;
3988}
3989
31afa0a4 3990bool unit_stop_pending(Unit *u) {
18ffdfda
LP		 3991 assert(u);
3992
31afa0a4
LP		 3993 /* This call does check the current state of the unit. It's
3994 * hence useful to be called from state change calls of the
3995 * unit itself, where the state isn't updated yet. This is
3996 * different from unit_inactive_or_pending() which checks both
3997 * the current state and for a queued job. */
18ffdfda 3998
28a2dfe8 3999 return unit_has_job_type(u, JOB_STOP);
31afa0a4
LP		 4000}
4001
4002bool unit_inactive_or_pending(Unit *u) {
4003 assert(u);
4004
4005 /* Returns true if the unit is inactive or going down */
18ffdfda 4006
d956ac29
LP		 4007 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
4008 return true;
4009
31afa0a4 4010 if (unit_stop_pending(u))
18ffdfda
LP		 4011 return true;
4012
4013 return false;
4014}
4015
31afa0a4 4016bool unit_active_or_pending(Unit *u) {
f976f3f6
LP		 4017 assert(u);
4018
f60c2665 4019 /* Returns true if the unit is active or going up */
f976f3f6
LP		 4020
4021 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
4022 return true;
4023
ac155bb8 4024 if (u->job &&
3742095b 4025 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
f976f3f6
LP		 4026 return true;
4027
4028 return false;
4029}
4030
52a12341
YW		 4031bool unit_will_restart_default(Unit *u) {
4032 assert(u);
4033
28a2dfe8 4034 return unit_has_job_type(u, JOB_START);
52a12341
YW		 4035}
4036
deb4e708
MK		 4037bool unit_will_restart(Unit *u) {
4038 assert(u);
4039
4040 if (!UNIT_VTABLE(u)->will_restart)
4041 return false;
4042
4043 return UNIT_VTABLE(u)->will_restart(u);
4044}
4045
38c41427
NK		 4046void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
4047 assert(u);
4048
4049 if (UNIT_VTABLE(u)->notify_cgroup_oom)
4050 UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
4051}
4052
82659fd7 4053static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
af4fa99d 4054 _cleanup_set_free_ Set *pid_set = NULL;
82659fd7
LP		 4055 int r;
4056
d5099efc 4057 pid_set = set_new(NULL);
82659fd7
LP		 4058 if (!pid_set)
4059 return NULL;
4060
4061 /* Exclude the main/control pids from being killed via the cgroup */
4062 if (main_pid > 0) {
fea72cc0 4063 r = set_put(pid_set, PID_TO_PTR(main_pid));
82659fd7 4064 if (r < 0)
95f14a3e 4065 return NULL;
82659fd7
LP		 4066 }
4067
4068 if (control_pid > 0) {
fea72cc0 4069 r = set_put(pid_set, PID_TO_PTR(control_pid));
82659fd7 4070 if (r < 0)
95f14a3e 4071 return NULL;
82659fd7
LP		 4072 }
4073
95f14a3e 4074 return TAKE_PTR(pid_set);
82659fd7
LP		 4075}
4076
4d1b2df1 4077static int kill_common_log(const PidRef *pid, int signo, void *userdata) {
d9911002 4078 _cleanup_free_ char *comm = NULL;
99534007 4079 Unit *u = ASSERT_PTR(userdata);
d9911002 4080
4d1b2df1
LP		 4081 (void) pidref_get_comm(pid, &comm);
4082
d9911002 4083 log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.",
4d1b2df1 4084 signal_to_string(signo), pid->pid, strna(comm));
d9911002
LP		 4085
4086 return 1;
4087}
4088
37eb258e
LP		 4089static int kill_or_sigqueue(PidRef* pidref, int signo, int code, int value) {
4090 assert(pidref_is_set(pidref));
a721cd00
LP		 4091 assert(SIGNAL_VALID(signo));
4092
4093 switch (code) {
4094
4095 case SI_USER:
37eb258e
LP		 4096 log_debug("Killing " PID_FMT " with signal SIG%s.", pidref->pid, signal_to_string(signo));
4097 return pidref_kill(pidref, signo);
a721cd00
LP		 4098
4099 case SI_QUEUE:
37eb258e
LP		 4100 log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pidref->pid, signal_to_string(signo));
4101 return pidref_sigqueue(pidref, signo, value);
a721cd00
LP		 4102
4103 default:
4104 assert_not_reached();
4105 }
4106}
4107
37eb258e 4108int unit_kill(
d91c34f2
LP		 4109 Unit *u,
4110 KillWho who,
4111 int signo,
a721cd00
LP		 4112 int code,
4113 int value,
718db961 4114 sd_bus_error *error) {
d91c34f2 4115
37eb258e 4116 PidRef *main_pid, *control_pid;
ac5e3a50 4117 bool killed = false;
a721cd00 4118 int ret = 0, r;
814cc562 4119
8aff7ac4
LP		 4120 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
4121 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
4122 * stop a service ourselves. */
4123
a721cd00
LP		 4124 assert(u);
4125 assert(who >= 0);
4126 assert(who < _KILL_WHO_MAX);
4127 assert(SIGNAL_VALID(signo));
4128 assert(IN_SET(code, SI_USER, SI_QUEUE));
4129
37eb258e
LP		 4130 main_pid = unit_main_pid(u);
4131 control_pid = unit_control_pid(u);
4132
4133 if (!UNIT_HAS_CGROUP_CONTEXT(u) && !main_pid && !control_pid)
4134 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit type does not support process killing.");
4135
ac5e3a50 4136 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
37eb258e 4137 if (!main_pid)
7358dc02 4138 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
37eb258e 4139 if (!pidref_is_set(main_pid))
7358dc02 4140 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
814cc562
MS		 4141 }
4142
ac5e3a50 4143 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
37eb258e 4144 if (!control_pid)
7358dc02 4145 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
37eb258e 4146 if (!pidref_is_set(control_pid))
7358dc02 4147 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
814cc562
MS		 4148 }
4149
37eb258e 4150 if (pidref_is_set(control_pid) &&
a721cd00
LP		 4151 IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
4152 _cleanup_free_ char *comm = NULL;
d7d74854 4153 (void) pidref_get_comm(control_pid, &comm);
d9911002 4154
a721cd00
LP		 4155 r = kill_or_sigqueue(control_pid, signo, code, value);
4156 if (r < 0) {
4157 ret = r;
4158
4159 /* Report this failure both to the logs and to the client */
4160 sd_bus_error_set_errnof(
4161 error, r,
4162 "Failed to send signal SIG%s to control process " PID_FMT " (%s): %m",
37eb258e 4163 signal_to_string(signo), control_pid->pid, strna(comm));
a721cd00
LP		 4164 log_unit_warning_errno(
4165 u, r,
4166 "Failed to send signal SIG%s to control process " PID_FMT " (%s) on client request: %m",
37eb258e 4167 signal_to_string(signo), control_pid->pid, strna(comm));
a721cd00
LP		 4168 } else {
4169 log_unit_info(u, "Sent signal SIG%s to control process " PID_FMT " (%s) on client request.",
37eb258e 4170 signal_to_string(signo), control_pid->pid, strna(comm));
a721cd00 4171 killed = true;
ac5e3a50 4172 }
a721cd00 4173 }
814cc562 4174
37eb258e 4175 if (pidref_is_set(main_pid) &&
a721cd00 4176 IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) {
a721cd00 4177 _cleanup_free_ char *comm = NULL;
d7d74854 4178 (void) pidref_get_comm(main_pid, &comm);
d9911002 4179
a721cd00
LP		 4180 r = kill_or_sigqueue(main_pid, signo, code, value);
4181 if (r < 0) {
4182 if (ret == 0) {
4183 ret = r;
4184
4185 sd_bus_error_set_errnof(
4186 error, r,
4187 "Failed to send signal SIG%s to main process " PID_FMT " (%s): %m",
37eb258e 4188 signal_to_string(signo), main_pid->pid, strna(comm));
d9911002 4189 }
a721cd00
LP		 4190
4191 log_unit_warning_errno(
4192 u, r,
4193 "Failed to send signal SIG%s to main process " PID_FMT " (%s) on client request: %m",
37eb258e 4194 signal_to_string(signo), main_pid->pid, strna(comm));
a721cd00
LP		 4195
4196 } else {
4197 log_unit_info(u, "Sent signal SIG%s to main process " PID_FMT " (%s) on client request.",
37eb258e 4198 signal_to_string(signo), main_pid->pid, strna(comm));
a721cd00 4199 killed = true;
ac5e3a50 4200 }
a721cd00 4201 }
814cc562 4202
a721cd00
LP		 4203 /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it
4204 * doesn't really make much sense (and given that enqueued values are a relatively expensive
4205 * resource, and we shouldn't allow us to be subjects for such allocation sprees) */
4206 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path && code == SI_USER) {
814cc562 4207 _cleanup_set_free_ Set *pid_set = NULL;
814cc562 4208
82659fd7 4209 /* Exclude the main/control pids from being killed via the cgroup */
37eb258e 4210 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
814cc562 4211 if (!pid_set)
d9911002
LP		 4212 return log_oom();
4213
bd1791b5 4214 r = cg_kill_recursive(u->cgroup_path, signo, 0, pid_set, kill_common_log, u);
a721cd00
LP		 4215 if (r < 0) {
4216 if (!IN_SET(r, -ESRCH, -ENOENT)) {
4217 if (ret == 0) {
4218 ret = r;
4219
d9911002 4220 sd_bus_error_set_errnof(
a721cd00 4221 error, r,
d9911002
LP		 4222 "Failed to send signal SIG%s to auxiliary processes: %m",
4223 signal_to_string(signo));
a721cd00 4224 }
d9911002 4225
a721cd00
LP		 4226 log_unit_warning_errno(
4227 u, r,
d9911002
LP		 4228 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
4229 signal_to_string(signo));
4230 }
4231 } else
ac5e3a50 4232 killed = true;
814cc562
MS		 4233 }
4234
2ae0508e 4235 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
a721cd00 4236 if (ret == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL))
2ae0508e 4237 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill");
ac5e3a50 4238
a721cd00 4239 return ret;
814cc562
MS		 4240}
4241
6210e7fc
LP		 4242int unit_following_set(Unit *u, Set **s) {
4243 assert(u);
4244 assert(s);
4245
4246 if (UNIT_VTABLE(u)->following_set)
4247 return UNIT_VTABLE(u)->following_set(u, s);
4248
4249 *s = NULL;
4250 return 0;
4251}
4252
a4375746 4253UnitFileState unit_get_unit_file_state(Unit *u) {
0ec0deaa
LP		 4254 int r;
4255
a4375746
LP		 4256 assert(u);
4257
0ec0deaa
LP		 4258 if (u->unit_file_state < 0 && u->fragment_path) {
4259 r = unit_file_get_state(
4870133b 4260 u->manager->runtime_scope,
0ec0deaa 4261 NULL,
9ea3a0e7 4262 u->id,
0ec0deaa
LP		 4263 &u->unit_file_state);
4264 if (r < 0)
4265 u->unit_file_state = UNIT_FILE_BAD;
4266 }
a4375746 4267
ac155bb8 4268 return u->unit_file_state;
a4375746
LP		 4269}
4270
e77e07f6 4271PresetAction unit_get_unit_file_preset(Unit *u) {
a99626c1
LP		 4272 int r;
4273
d2dc52db
LP		 4274 assert(u);
4275
a99626c1
LP		 4276 if (u->unit_file_preset < 0 && u->fragment_path) {
4277 _cleanup_free_ char *bn = NULL;
4278
4279 r = path_extract_filename(u->fragment_path, &bn);
4280 if (r < 0)
4281 return (u->unit_file_preset = r);
4282
4283 if (r == O_DIRECTORY)
4284 return (u->unit_file_preset = -EISDIR);
4285
d2dc52db 4286 u->unit_file_preset = unit_file_query_preset(
4870133b 4287 u->manager->runtime_scope,
0ec0deaa 4288 NULL,
a99626c1 4289 bn,
8f7b2566 4290 NULL);
a99626c1 4291 }
d2dc52db
LP		 4292
4293 return u->unit_file_preset;
4294}
4295
7f7d01ed 4296Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
57020a3a 4297 assert(ref);
7f7d01ed
ZJS		 4298 assert(source);
4299 assert(target);
57020a3a 4300
7f7d01ed 4301 if (ref->target)
57020a3a
LP		 4302 unit_ref_unset(ref);
4303
7f7d01ed
ZJS		 4304 ref->source = source;
4305 ref->target = target;
4306 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4307 return target;
57020a3a
LP		 4308}
4309
4310void unit_ref_unset(UnitRef *ref) {
4311 assert(ref);
4312
7f7d01ed 4313 if (!ref->target)
57020a3a
LP		 4314 return;
4315
b75102e5
LP		 4316 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4317 * be unreferenced now. */
7f7d01ed 4318 unit_add_to_gc_queue(ref->target);
b75102e5 4319
7f7d01ed
ZJS		 4320 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4321 ref->source = ref->target = NULL;
57020a3a
LP		 4322}
4323
29206d46
LP		 4324static int user_from_unit_name(Unit *u, char **ret) {
4325
4326 static const uint8_t hash_key[] = {
4327 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4328 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4329 };
4330
4331 _cleanup_free_ char *n = NULL;
4332 int r;
4333
4334 r = unit_name_to_prefix(u->id, &n);
4335 if (r < 0)
4336 return r;
4337
7a8867ab 4338 if (valid_user_group_name(n, 0)) {
ae2a15bc 4339 *ret = TAKE_PTR(n);
29206d46
LP		 4340 return 0;
4341 }
4342
4343 /* If we can't use the unit name as a user name, then let's hash it and use that */
4344 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4345 return -ENOMEM;
4346
4347 return 0;
4348}
4349
598459ce
LP		 4350int unit_patch_contexts(Unit *u) {
4351 CGroupContext *cc;
4352 ExecContext *ec;
cba6e062
LP		 4353 int r;
4354
e06c73cc 4355 assert(u);
e06c73cc 4356
598459ce
LP		 4357 /* Patch in the manager defaults into the exec and cgroup
4358 * contexts, _after_ the rest of the settings have been
4359 * initialized */
085afe36 4360
598459ce
LP		 4361 ec = unit_get_exec_context(u);
4362 if (ec) {
4363 /* This only copies in the ones that need memory */
12375b95 4364 for (unsigned i = 0; i < _RLIMIT_MAX; i++)
c9e120e0
LP		 4365 if (u->manager->defaults.rlimit[i] && !ec->rlimit[i]) {
4366 ec->rlimit[i] = newdup(struct rlimit, u->manager->defaults.rlimit[i], 1);
598459ce
LP		 4367 if (!ec->rlimit[i])
4368 return -ENOMEM;
4369 }
4370
463d0d15 4371 if (MANAGER_IS_USER(u->manager) &&
598459ce
LP		 4372 !ec->working_directory) {
4373
4374 r = get_home_dir(&ec->working_directory);
4375 if (r < 0)
4376 return r;
4c08c824
LP		 4377
4378 /* Allow user services to run, even if the
4379 * home directory is missing */
4380 ec->working_directory_missing_ok = true;
cba6e062
LP		 4381 }
4382
598459ce 4383 if (ec->private_devices)
2cd0a735 4384 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
502d704e
DH		 4385
4386 if (ec->protect_kernel_modules)
4387 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
29206d46 4388
84703040
KK		 4389 if (ec->protect_kernel_logs)
4390 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4391
fc64760d
KK		 4392 if (ec->protect_clock)
4393 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4394
29206d46
LP		 4395 if (ec->dynamic_user) {
4396 if (!ec->user) {
4397 r = user_from_unit_name(u, &ec->user);
4398 if (r < 0)
4399 return r;
4400 }
4401
4402 if (!ec->group) {
4403 ec->group = strdup(ec->user);
4404 if (!ec->group)
4405 return -ENOMEM;
4406 }
4407
bf65b7e0
LP		 4408 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4409 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4410 * sandbox. */
63bb64a0 4411
29206d46 4412 ec->private_tmp = true;
00d9ef85 4413 ec->remove_ipc = true;
63bb64a0
LP		 4414 ec->protect_system = PROTECT_SYSTEM_STRICT;
4415 if (ec->protect_home == PROTECT_HOME_NO)
4416 ec->protect_home = PROTECT_HOME_READ_ONLY;
bf65b7e0
LP		 4417
4418 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4419 * them. */
4420 ec->no_new_privileges = true;
4421 ec->restrict_suid_sgid = true;
29206d46 4422 }
a2ab603c
YW		 4423
4424 for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
4425 exec_directory_sort(ec->directories + dt);
cba6e062
LP		 4426 }
4427
598459ce 4428 cc = unit_get_cgroup_context(u);
fe65e88b 4429 if (cc && ec) {
f513e420 4430
fe65e88b 4431 if (ec->private_devices &&
084870f9
ZJS		 4432 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4433 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
fe65e88b 4434
63857bf4
LB		 4435 /* Only add these if needed, as they imply that everything else is blocked. */
4436 if (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow) {
4437 if (ec->root_image || ec->mount_images) {
4438
4439 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4440 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
a1044811 4441 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
63857bf4
LB		 4442 if (r < 0)
4443 return r;
4444 }
4445 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
a1044811 4446 r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE|CGROUP_DEVICE_MKNOD);
63857bf4
LB		 4447 if (r < 0)
4448 return r;
4449 }
fe65e88b 4450
63857bf4
LB		 4451 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4452 * Same for mapper and verity. */
4453 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4454 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4455 if (r < 0)
4456 return r;
4457 }
0cffae95 4458 }
867af728 4459
63857bf4 4460 if (ec->protect_clock) {
a1044811 4461 r = cgroup_context_add_device_allow(cc, "char-rtc", CGROUP_DEVICE_READ);
0cffae95
LB		 4462 if (r < 0)
4463 return r;
4464 }
398dc7d3
LB		 4465
4466 /* If there are encrypted credentials we might need to access the TPM. */
50a4217b 4467 if (exec_context_has_encrypted_credentials(ec)) {
a1044811 4468 r = cgroup_context_add_device_allow(cc, "char-tpm", CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE);
d5902569
AD		 4469 if (r < 0)
4470 return r;
4471 }
fe65e88b 4472 }
598459ce 4473 }
f1660f96 4474
cba6e062 4475 return 0;
e06c73cc
LP		 4476}
4477
c2503e35 4478ExecContext *unit_get_exec_context(const Unit *u) {
3ef63c31
LP		 4479 size_t offset;
4480 assert(u);
4481
598459ce
LP		 4482 if (u->type < 0)
4483 return NULL;
4484
3ef63c31
LP		 4485 offset = UNIT_VTABLE(u)->exec_context_offset;
4486 if (offset <= 0)
4487 return NULL;
4488
4489 return (ExecContext*) ((uint8_t*) u + offset);
4490}
4491
718db961
LP		 4492KillContext *unit_get_kill_context(Unit *u) {
4493 size_t offset;
4494 assert(u);
4495
598459ce
LP		 4496 if (u->type < 0)
4497 return NULL;
4498
718db961
LP		 4499 offset = UNIT_VTABLE(u)->kill_context_offset;
4500 if (offset <= 0)
4501 return NULL;
4502
4503 return (KillContext*) ((uint8_t*) u + offset);
4504}
4505
4ad49000
LP		 4506CGroupContext *unit_get_cgroup_context(Unit *u) {
4507 size_t offset;
4508
598459ce
LP		 4509 if (u->type < 0)
4510 return NULL;
4511
4ad49000
LP		 4512 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4513 if (offset <= 0)
4514 return NULL;
4515
4516 return (CGroupContext*) ((uint8_t*) u + offset);
4517}
4518
28135da3 4519ExecRuntime *unit_get_exec_runtime(Unit *u) {
613b411c
LP		 4520 size_t offset;
4521
598459ce
LP		 4522 if (u->type < 0)
4523 return NULL;
4524
613b411c
LP		 4525 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4526 if (offset <= 0)
4527 return NULL;
4528
28135da3 4529 return *(ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 4530}
4531
2e59b241 4532static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
3f5e8115
LP		 4533 assert(u);
4534
2e59b241 4535 if (UNIT_WRITE_FLAGS_NOOP(flags))
4f4afc88
LP		 4536 return NULL;
4537
39591351
LP		 4538 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4539 return u->manager->lookup_paths.transient;
26d04f86 4540
2e59b241 4541 if (flags & UNIT_PERSISTENT)
4f4afc88 4542 return u->manager->lookup_paths.persistent_control;
26d04f86 4543
2e59b241
LP		 4544 if (flags & UNIT_RUNTIME)
4545 return u->manager->lookup_paths.runtime_control;
4546
39591351 4547 return NULL;
71645aca
LP		 4548}
4549
68ecb48b
ZJS		 4550const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4551 assert(s);
8c41640a 4552 assert(popcount(flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C)) <= 1);
68ecb48b 4553 assert(buf);
24536beb
ZJS		 4554
4555 _cleanup_free_ char *t = NULL;
2e59b241 4556
68ecb48b
ZJS		 4557 /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and
4558 * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is
4559 * written to *buf. This means the return value always contains a properly escaped version, but *buf
4560 * only contains a pointer if an allocation was made. Callers can use this to optimize memory
4561 * allocations. */
2e59b241
LP		 4562
4563 if (flags & UNIT_ESCAPE_SPECIFIERS) {
24536beb
ZJS		 4564 t = specifier_escape(s);
4565 if (!t)
2e59b241
LP		 4566 return NULL;
4567
24536beb 4568 s = t;
2e59b241
LP		 4569 }
4570
4a055e5a 4571 /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for
e7416db1 4572 * ExecStart= and friends, i.e. '$' and quotes. */
24536beb 4573
8c41640a 4574 if (flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX)) {
e7416db1
ZJS		 4575 char *t2;
4576
8c41640a
ZJS		 4577 if (flags & UNIT_ESCAPE_EXEC_SYNTAX_ENV) {
4578 t2 = strreplace(s, "$", "$$");
4579 if (!t2)
4580 return NULL;
4581 free_and_replace(t, t2);
4582 }
e7416db1 4583
8c41640a 4584 t2 = shell_escape(t ?: s, "\"");
24536beb
ZJS		 4585 if (!t2)
4586 return NULL;
4587 free_and_replace(t, t2);
4588
4589 s = t;
2e59b241 4590
24536beb 4591 } else if (flags & UNIT_ESCAPE_C) {
e7416db1
ZJS		 4592 char *t2;
4593
4594 t2 = cescape(s);
24536beb 4595 if (!t2)
2e59b241 4596 return NULL;
24536beb 4597 free_and_replace(t, t2);
2e59b241 4598
24536beb 4599 s = t;
2e59b241
LP		 4600 }
4601
68ecb48b
ZJS		 4602 *buf = TAKE_PTR(t);
4603 return s;
2e59b241
LP		 4604}
4605
4606char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4607 _cleanup_free_ char *result = NULL;
319a4f4b 4608 size_t n = 0;
2e59b241 4609
24536beb
ZJS		 4610 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command
4611 * lines in a way suitable for ExecStart= stanzas. */
2e59b241
LP		 4612
4613 STRV_FOREACH(i, l) {
4614 _cleanup_free_ char *buf = NULL;
4615 const char *p;
4616 size_t a;
4617 char *q;
4618
4619 p = unit_escape_setting(*i, flags, &buf);
4620 if (!p)
4621 return NULL;
4622
4623 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
319a4f4b 4624 if (!GREEDY_REALLOC(result, n + a + 1))
2e59b241
LP		 4625 return NULL;
4626
4627 q = result + n;
4628 if (n > 0)
4629 *(q++) = ' ';
4630
4631 *(q++) = '"';
4632 q = stpcpy(q, p);
4633 *(q++) = '"';
4634
4635 n += a;
4636 }
4637
319a4f4b 4638 if (!GREEDY_REALLOC(result, n + 1))
2e59b241
LP		 4639 return NULL;
4640
4641 result[n] = 0;
4642
ae2a15bc 4643 return TAKE_PTR(result);
2e59b241
LP		 4644}
4645
4646int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4647 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
2a9a6f8a 4648 const char *dir, *wrapped;
26d04f86 4649 int r;
71645aca
LP		 4650
4651 assert(u);
2e59b241
LP		 4652 assert(name);
4653 assert(data);
4654
4655 if (UNIT_WRITE_FLAGS_NOOP(flags))
4656 return 0;
4657
4658 data = unit_escape_setting(data, flags, &escaped);
4659 if (!data)
4660 return -ENOMEM;
4661
4662 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4663 * previous section header is the same */
4664
4665 if (flags & UNIT_PRIVATE) {
4666 if (!UNIT_VTABLE(u)->private_section)
4667 return -EINVAL;
4668
4669 if (!u->transient_file || u->last_section_private < 0)
4670 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4671 else if (u->last_section_private == 0)
4672 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4673 } else {
4674 if (!u->transient_file || u->last_section_private < 0)
4675 data = strjoina("[Unit]\n", data);
4676 else if (u->last_section_private > 0)
4677 data = strjoina("\n[Unit]\n", data);
4678 }
71645aca 4679
4f4afc88
LP		 4680 if (u->transient_file) {
4681 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4682 * write to the transient unit file. */
4683 fputs(data, u->transient_file);
4f4afc88 4684
2e59b241
LP		 4685 if (!endswith(data, "\n"))
4686 fputc('\n', u->transient_file);
4687
4688 /* Remember which section we wrote this entry to */
4689 u->last_section_private = !!(flags & UNIT_PRIVATE);
8e2af478 4690 return 0;
2e59b241 4691 }
8e2af478 4692
2e59b241 4693 dir = unit_drop_in_dir(u, flags);
39591351
LP		 4694 if (!dir)
4695 return -EINVAL;
71645aca 4696
2a9a6f8a 4697 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
3f71dec5 4698 "# or an equivalent operation. Do not edit.\n",
2a9a6f8a
ZJS		 4699 data,
4700 "\n");
e20b2a86 4701
815b09d3 4702 r = drop_in_file(dir, u->id, 50, name, &p, &q);
adb76a70
WC		 4703 if (r < 0)
4704 return r;
4705
45639f1b 4706 (void) mkdir_p_label(p, 0755);
4dba44a5
ZJS		 4707
4708 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4709 * recreate the cache after every drop-in we write. */
4710 if (u->manager->unit_path_cache) {
be327321 4711 r = set_put_strdup(&u->manager->unit_path_cache, p);
4dba44a5
ZJS		 4712 if (r < 0)
4713 return r;
4714 }
4715
2a9a6f8a 4716 r = write_string_file_atomic_label(q, wrapped);
adb76a70
WC		 4717 if (r < 0)
4718 return r;
4719
815b09d3 4720 r = strv_push(&u->dropin_paths, q);
adb76a70
WC		 4721 if (r < 0)
4722 return r;
815b09d3 4723 q = NULL;
adb76a70 4724
adb76a70
WC		 4725 strv_uniq(u->dropin_paths);
4726
4727 u->dropin_mtime = now(CLOCK_REALTIME);
4728
4729 return 0;
26d04f86 4730}
71645aca 4731
2e59b241 4732int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
b9ec9359
LP		 4733 _cleanup_free_ char *p = NULL;
4734 va_list ap;
4735 int r;
4736
4737 assert(u);
4738 assert(name);
4739 assert(format);
4740
2e59b241 4741 if (UNIT_WRITE_FLAGS_NOOP(flags))
b9ec9359
LP		 4742 return 0;
4743
4744 va_start(ap, format);
4745 r = vasprintf(&p, format, ap);
4746 va_end(ap);
4747
4748 if (r < 0)
4749 return -ENOMEM;
4750
2e59b241 4751 return unit_write_setting(u, flags, name, p);
b9ec9359 4752}
71645aca 4753
c2756a68 4754int unit_make_transient(Unit *u) {
0126c8f3 4755 _cleanup_free_ char *path = NULL;
4f4afc88 4756 FILE *f;
4f4afc88 4757
c2756a68
LP		 4758 assert(u);
4759
3f5e8115
LP		 4760 if (!UNIT_VTABLE(u)->can_transient)
4761 return -EOPNOTSUPP;
4762
45639f1b
LP		 4763 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4764
657ee2d8 4765 path = path_join(u->manager->lookup_paths.transient, u->id);
4f4afc88
LP		 4766 if (!path)
4767 return -ENOMEM;
4768
4769 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4770 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4771
2053593f 4772 WITH_UMASK(0022) {
4f4afc88 4773 f = fopen(path, "we");
0126c8f3 4774 if (!f)
78e334b5 4775 return -errno;
4f4afc88
LP		 4776 }
4777
0126c8f3 4778 safe_fclose(u->transient_file);
4f4afc88
LP		 4779 u->transient_file = f;
4780
0126c8f3 4781 free_and_replace(u->fragment_path, path);
7c65093a 4782
7c65093a
LP		 4783 u->source_path = mfree(u->source_path);
4784 u->dropin_paths = strv_free(u->dropin_paths);
4785 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4786
4f4afc88
LP		 4787 u->load_state = UNIT_STUB;
4788 u->load_error = 0;
4789 u->transient = true;
4790
7c65093a
LP		 4791 unit_add_to_dbus_queue(u);
4792 unit_add_to_gc_queue(u);
c2756a68 4793
4f4afc88
LP		 4794 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4795 u->transient_file);
4796
3f5e8115 4797 return 0;
c2756a68
LP		 4798}
4799
4d1b2df1 4800static int log_kill(const PidRef *pid, int sig, void *userdata) {
1d98fef1
LP		 4801 _cleanup_free_ char *comm = NULL;
4802
4d1b2df1
LP		 4803 assert(pidref_is_set(pid));
4804
4805 (void) pidref_get_comm(pid, &comm);
1d98fef1
LP		 4806
4807 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4808 only, like for example systemd's own PAM stub process. */
4809 if (comm && comm[0] == '(')
500cd2e8 4810 /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1
4811 * here to let the manager know that a process was killed. */
4812 return 1;
1d98fef1
LP		 4813
4814 log_unit_notice(userdata,
4815 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4d1b2df1 4816 pid->pid,
1d98fef1
LP		 4817 strna(comm),
4818 signal_to_string(sig));
c53d2d54
DB		 4819
4820 return 1;
1d98fef1
LP		 4821}
4822
efa75d70
LP		 4823static int operation_to_signal(
4824 const KillContext *c,
4825 KillOperation k,
4826 bool *ret_noteworthy) {
4827
1d98fef1
LP		 4828 assert(c);
4829
4830 switch (k) {
4831
4832 case KILL_TERMINATE:
4833 case KILL_TERMINATE_AND_LOG:
efa75d70 4834 *ret_noteworthy = false;
1d98fef1
LP		 4835 return c->kill_signal;
4836
a232ebcc 4837 case KILL_RESTART:
efa75d70 4838 *ret_noteworthy = false;
a232ebcc
ZJS		 4839 return restart_kill_signal(c);
4840
1d98fef1 4841 case KILL_KILL:
efa75d70 4842 *ret_noteworthy = true;
fbb48d4c 4843 return c->final_kill_signal;
1d98fef1 4844
c87700a1 4845 case KILL_WATCHDOG:
efa75d70 4846 *ret_noteworthy = true;
c87700a1 4847 return c->watchdog_signal;
1d98fef1
LP		 4848
4849 default:
04499a70 4850 assert_not_reached();
1d98fef1
LP		 4851 }
4852}
4853
cd2086fe
LP		 4854int unit_kill_context(
4855 Unit *u,
4856 KillContext *c,
db2cb23b 4857 KillOperation k,
7901288a
LP		 4858 PidRef* main_pid,
4859 PidRef* control_pid,
cd2086fe
LP		 4860 bool main_pid_alien) {
4861
1d98fef1 4862 bool wait_for_exit = false, send_sighup;
59ec09a8 4863 cg_kill_log_func_t log_func = NULL;
b821a397 4864 int sig, r;
cd2086fe
LP		 4865
4866 assert(u);
4867 assert(c);
4868
8aff7ac4
LP		 4869 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4870 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4871 * which is used for user-requested killing of unit processes. */
1d98fef1 4872
cd2086fe
LP		 4873 if (c->kill_mode == KILL_NONE)
4874 return 0;
4875
4ab1670f
ZJS		 4876 bool noteworthy;
4877 sig = operation_to_signal(c, k, &noteworthy);
4878 if (noteworthy)
4879 log_func = log_kill;
1d98fef1
LP		 4880
4881 send_sighup =
4882 c->send_sighup &&
4883 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4884 sig != SIGHUP;
4885
7901288a 4886 if (pidref_is_set(main_pid)) {
1d98fef1 4887 if (log_func)
4d1b2df1 4888 log_func(main_pid, sig, u);
cd2086fe 4889
7901288a 4890 r = pidref_kill_and_sigcont(main_pid, sig);
cd2086fe
LP		 4891 if (r < 0 && r != -ESRCH) {
4892 _cleanup_free_ char *comm = NULL;
d7d74854 4893 (void) pidref_get_comm(main_pid, &comm);
cd2086fe 4894
7901288a 4895 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid->pid, strna(comm));
82659fd7 4896 } else {
bc6aed7b
LP		 4897 if (!main_pid_alien)
4898 wait_for_exit = true;
82659fd7 4899
1d98fef1 4900 if (r != -ESRCH && send_sighup)
7901288a 4901 (void) pidref_kill(main_pid, SIGHUP);
82659fd7 4902 }
cd2086fe
LP		 4903 }
4904
7901288a 4905 if (pidref_is_set(control_pid)) {
1d98fef1 4906 if (log_func)
4d1b2df1 4907 log_func(control_pid, sig, u);
cd2086fe 4908
7901288a 4909 r = pidref_kill_and_sigcont(control_pid, sig);
cd2086fe
LP		 4910 if (r < 0 && r != -ESRCH) {
4911 _cleanup_free_ char *comm = NULL;
d7d74854 4912 (void) pidref_get_comm(control_pid, &comm);
cd2086fe 4913
7901288a 4914 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid->pid, strna(comm));
82659fd7 4915 } else {
cd2086fe 4916 wait_for_exit = true;
82659fd7 4917
1d98fef1 4918 if (r != -ESRCH && send_sighup)
7901288a 4919 (void) pidref_kill(control_pid, SIGHUP);
82659fd7 4920 }
cd2086fe
LP		 4921 }
4922
b821a397
LP		 4923 if (u->cgroup_path &&
4924 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
cd2086fe
LP		 4925 _cleanup_set_free_ Set *pid_set = NULL;
4926
82659fd7 4927 /* Exclude the main/control pids from being killed via the cgroup */
7901288a 4928 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
cd2086fe
LP		 4929 if (!pid_set)
4930 return -ENOMEM;
4931
bd1791b5
LP		 4932 r = cg_kill_recursive(
4933 u->cgroup_path,
4934 sig,
4935 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4936 pid_set,
4937 log_func, u);
cd2086fe 4938 if (r < 0) {
4c701096 4939 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
6178e2f8 4940 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(u->cgroup_path));
b821a397 4941
82659fd7 4942 } else if (r > 0) {
bc6aed7b 4943
1d9cc876
LP		 4944 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4945 * we are running in a container or if this is a delegation unit, simply because cgroup
4946 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4947 * of containers it can be confused easily by left-over directories in the cgroup — which
4948 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4949 * there we get proper events. Hence rely on them. */
efdb0237 4950
c22800e4 4951 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
1d9cc876 4952 (detect_container() == 0 && !unit_cgroup_delegate(u)))
e9db43d5 4953 wait_for_exit = true;
58ea275a 4954
1d98fef1 4955 if (send_sighup) {
82659fd7
LP		 4956 set_free(pid_set);
4957
7901288a 4958 pid_set = unit_pid_set(main_pid ? main_pid->pid : 0, control_pid ? control_pid->pid : 0);
82659fd7
LP		 4959 if (!pid_set)
4960 return -ENOMEM;
4961
bd1791b5
LP		 4962 (void) cg_kill_recursive(
4963 u->cgroup_path,
4964 SIGHUP,
4965 CGROUP_IGNORE_SELF,
4966 pid_set,
4967 /* kill_log= */ NULL,
4968 /* userdata= */ NULL);
82659fd7
LP		 4969 }
4970 }
cd2086fe
LP		 4971 }
4972
4973 return wait_for_exit;
4974}
4975
9e615fa3
LB		 4976int unit_add_mounts_for(Unit *u, const char *path, UnitDependencyMask mask, UnitMountDependencyType type) {
4977 Hashmap **unit_map, **manager_map;
a57f7e2c
LP		 4978 int r;
4979
4980 assert(u);
4981 assert(path);
9e615fa3
LB		 4982 assert(type >= 0 && type < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX);
4983
4984 unit_map = &u->mounts_for[type];
4985 manager_map = &u->manager->units_needing_mounts_for[type];
a57f7e2c 4986
ac19bdd0
ZJS		 4987 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4988 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4989 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4990 * appearing mount units can easily determine which units to make themselves a dependency of. */
a57f7e2c 4991
70b64bd3
ZJS		 4992 if (!path_is_absolute(path))
4993 return -EINVAL;
4994
9e615fa3 4995 if (hashmap_contains(*unit_map, path)) /* Exit quickly if the path is already covered. */
ac19bdd0 4996 return 0;
eef85c4a 4997
ac19bdd0
ZJS		 4998 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4999 * only after simplification, since path_is_normalized() rejects paths with '.'.
5000 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
cf3d95b2
YW		 5001 _cleanup_free_ char *p = NULL;
5002 r = path_simplify_alloc(path, &p);
5003 if (r < 0)
5004 return r;
5005 path = p;
a57f7e2c 5006
ca8700e9 5007 if (!path_is_normalized(path))
a57f7e2c 5008 return -EPERM;
a57f7e2c 5009
ac19bdd0 5010 UnitDependencyInfo di = {
eef85c4a
LP		 5011 .origin_mask = mask
5012 };
5013
9e615fa3 5014 r = hashmap_ensure_put(unit_map, &path_hash_ops, p, di.data);
ca8700e9 5015 if (r < 0)
a57f7e2c 5016 return r;
ac19bdd0
ZJS		 5017 assert(r > 0);
5018 TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */
a57f7e2c 5019
4cb06c59 5020 char prefix[strlen(path) + 1];
ca8700e9 5021 PATH_FOREACH_PREFIX_MORE(prefix, path) {
a57f7e2c
LP		 5022 Set *x;
5023
9e615fa3 5024 x = hashmap_get(*manager_map, prefix);
a57f7e2c 5025 if (!x) {
ca8700e9 5026 _cleanup_free_ char *q = NULL;
a57f7e2c 5027
9e615fa3 5028 r = hashmap_ensure_allocated(manager_map, &path_hash_ops);
742f41ad
LP		 5029 if (r < 0)
5030 return r;
a57f7e2c
LP		 5031
5032 q = strdup(prefix);
5033 if (!q)
5034 return -ENOMEM;
5035
d5099efc 5036 x = set_new(NULL);
ca8700e9 5037 if (!x)
a57f7e2c 5038 return -ENOMEM;
a57f7e2c 5039
9e615fa3 5040 r = hashmap_put(*manager_map, q, x);
a57f7e2c 5041 if (r < 0) {
a57f7e2c
LP		 5042 set_free(x);
5043 return r;
5044 }
ca8700e9 5045 q = NULL;
a57f7e2c
LP		 5046 }
5047
5048 r = set_put(x, u);
5049 if (r < 0)
5050 return r;
5051 }
5052
5053 return 0;
5054}
5055
613b411c 5056int unit_setup_exec_runtime(Unit *u) {
28135da3 5057 _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL;
15220772 5058 _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL;
83123a44 5059 _cleanup_set_free_ Set *units = NULL;
28135da3 5060 ExecRuntime **rt;
15220772 5061 ExecContext *ec;
613b411c 5062 size_t offset;
613b411c 5063 Unit *other;
e8a565cb 5064 int r;
613b411c
LP		 5065
5066 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5067 assert(offset > 0);
5068
28135da3
DDM		 5069 /* Check if there already is an ExecRuntime for this unit? */
5070 rt = (ExecRuntime**) ((uint8_t*) u + offset);
613b411c
LP		 5071 if (*rt)
5072 return 0;
5073
15220772
DDM		 5074 ec = unit_get_exec_context(u);
5075 assert(ec);
5076
83123a44
YW		 5077 r = unit_get_transitive_dependency_set(u, UNIT_ATOM_JOINS_NAMESPACE_OF, &units);
5078 if (r < 0)
5079 return r;
5080
613b411c 5081 /* Try to get it from somebody else */
83123a44 5082 SET_FOREACH(other, units) {
28135da3
DDM		 5083 r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr);
5084 if (r < 0)
5085 return r;
5086 if (r > 0)
5087 break;
5088 }
5089
5090 if (!esr) {
15220772 5091 r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr);
28135da3
DDM		 5092 if (r < 0)
5093 return r;
613b411c
LP		 5094 }
5095
15220772
DDM		 5096 if (ec->dynamic_user) {
5097 r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds);
5098 if (r < 0)
5099 return r;
5100 }
5101
9c0c6701 5102 r = exec_runtime_make(u, ec, esr, dcreds, rt);
28135da3
DDM		 5103 if (r < 0)
5104 return r;
5105
5106 TAKE_PTR(esr);
15220772 5107 TAKE_PTR(dcreds);
28135da3
DDM		 5108
5109 return r;
613b411c
LP		 5110}
5111
1c2e9646 5112bool unit_type_supported(UnitType t) {
88e4bfa6
MS		 5113 static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */
5114 int r;
5115
ffcf54d4 5116 assert(t >= 0 && t < _UNIT_TYPE_MAX);
1c2e9646 5117
88e4bfa6
MS		 5118 if (cache[t] == 0) {
5119 char *e;
5120
5121 e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t));
5122
5123 r = getenv_bool(ascii_strupper(e));
5124 if (r < 0 && r != -ENXIO)
5125 log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e);
5126
5127 cache[t] = r == 0 ? -1 : 1;
5128 }
5129 if (cache[t] < 0)
5130 return false;
5131
1c2e9646
LP		 5132 if (!unit_vtable[t]->supported)
5133 return true;
5134
5135 return unit_vtable[t]->supported();
5136}
5137
8b4305c7
LP		 5138void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5139 int r;
5140
5141 assert(u);
5142 assert(where);
5143
c2503e35
RH		 5144 if (!unit_log_level_test(u, LOG_NOTICE))
5145 return;
5146
db55bbf2 5147 r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false);
3f602115 5148 if (r > 0 || r == -ENOTDIR)
8b4305c7
LP		 5149 return;
5150 if (r < 0) {
5151 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5152 return;
5153 }
5154
c2503e35
RH		 5155 log_unit_struct(u, LOG_NOTICE,
5156 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5157 LOG_UNIT_INVOCATION_ID(u),
5158 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
5159 "WHERE=%s", where);
8b4305c7
LP		 5160}
5161
25cd4964 5162int unit_fail_if_noncanonical(Unit *u, const char* where) {
58d9d89b 5163 _cleanup_free_ char *canonical_where = NULL;
8b4305c7
LP		 5164 int r;
5165
5166 assert(u);
5167 assert(where);
5168
f461a28d 5169 r = chase(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
8b4305c7 5170 if (r < 0) {
25cd4964 5171 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
8b4305c7
LP		 5172 return 0;
5173 }
25cd4964
AJ		 5174
5175 /* We will happily ignore a trailing slash (or any redundant slashes) */
5176 if (path_equal(where, canonical_where))
8b4305c7
LP		 5177 return 0;
5178
25cd4964 5179 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
c2503e35
RH		 5180 log_unit_struct(u, LOG_ERR,
5181 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5182 LOG_UNIT_INVOCATION_ID(u),
5183 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
5184 "WHERE=%s", where);
8b4305c7
LP		 5185
5186 return -ELOOP;
5187}
0f13f3bd
LP		 5188
5189bool unit_is_pristine(Unit *u) {
5190 assert(u);
5191
1f832446
ZJS		 5192 /* Check if the unit already exists or is already around, in a number of different ways. Note that to
5193 * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED
5194 * even though nothing was actually loaded, as those unit types don't require a file on disk.
5195 *
5196 * Note that we don't check for drop-ins here, because we allow drop-ins for transient units
5197 * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service:
5198 * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf.
5199 */
0f13f3bd 5200
b146a734
ZJS		 5201 return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) &&
5202 !u->fragment_path &&
5203 !u->source_path &&
b146a734
ZJS		 5204 !u->job &&
5205 !u->merged_into;
0f13f3bd 5206}
291d565a 5207
37eb258e 5208PidRef* unit_control_pid(Unit *u) {
291d565a
LP		 5209 assert(u);
5210
5211 if (UNIT_VTABLE(u)->control_pid)
5212 return UNIT_VTABLE(u)->control_pid(u);
5213
37eb258e 5214 return NULL;
291d565a
LP		 5215}
5216
37eb258e 5217PidRef* unit_main_pid(Unit *u) {
291d565a
LP		 5218 assert(u);
5219
5220 if (UNIT_VTABLE(u)->main_pid)
5221 return UNIT_VTABLE(u)->main_pid(u);
5222
37eb258e 5223 return NULL;
291d565a 5224}
00d9ef85 5225
3bb48b19
TM		 5226static void unit_modify_user_nft_set(Unit *u, bool add, NFTSetSource source, uint32_t element) {
5227 int r;
5228
5229 assert(u);
5230
5231 if (!MANAGER_IS_SYSTEM(u->manager))
5232 return;
5233
5234 CGroupContext *c;
5235 c = unit_get_cgroup_context(u);
5236 if (!c)
5237 return;
5238
5239 if (!u->manager->fw_ctx) {
5240 r = fw_ctx_new_full(&u->manager->fw_ctx, /* init_tables= */ false);
5241 if (r < 0)
5242 return;
5243
5244 assert(u->manager->fw_ctx);
5245 }
5246
5247 FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) {
5248 if (nft_set->source != source)
5249 continue;
5250
5251 r = nft_set_element_modify_any(u->manager->fw_ctx, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element));
5252 if (r < 0)
5253 log_warning_errno(r, "Failed to %s NFT set: family %s, table %s, set %s, ID %u, ignoring: %m",
5254 add? "add" : "delete", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5255 else
5256 log_debug("%s NFT set: family %s, table %s, set %s, ID %u",
5257 add? "Added" : "Deleted", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element);
5258 }
5259}
5260
00d9ef85
LP		 5261static void unit_unref_uid_internal(
5262 Unit *u,
5263 uid_t *ref_uid,
5264 bool destroy_now,
5265 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5266
5267 assert(u);
5268 assert(ref_uid);
5269 assert(_manager_unref_uid);
5270
5271 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5272 * gid_t are actually the same time, with the same validity rules.
5273 *
5274 * Drops a reference to UID/GID from a unit. */
5275
5276 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5277 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5278
5279 if (!uid_is_valid(*ref_uid))
5280 return;
5281
5282 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5283 *ref_uid = UID_INVALID;
5284}
5285
b90cf102 5286static void unit_unref_uid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5287 assert(u);
5288
5289 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_USER, u->ref_uid);
5290
00d9ef85
LP		 5291 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5292}
5293
b90cf102 5294static void unit_unref_gid(Unit *u, bool destroy_now) {
3bb48b19
TM		 5295 assert(u);
5296
5297 unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_GROUP, u->ref_gid);
5298
00d9ef85
LP		 5299 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5300}
5301
b90cf102
LP		 5302void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5303 assert(u);
5304
5305 unit_unref_uid(u, destroy_now);
5306 unit_unref_gid(u, destroy_now);
5307}
5308
00d9ef85
LP		 5309static int unit_ref_uid_internal(
5310 Unit *u,
5311 uid_t *ref_uid,
5312 uid_t uid,
5313 bool clean_ipc,
5314 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5315
5316 int r;
5317
5318 assert(u);
5319 assert(ref_uid);
5320 assert(uid_is_valid(uid));
5321 assert(_manager_ref_uid);
5322
5323 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5324 * are actually the same type, and have the same validity rules.
5325 *
5326 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5327 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5328 * drops to zero. */
5329
5330 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5331 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5332
5333 if (*ref_uid == uid)
5334 return 0;
5335
5336 if (uid_is_valid(*ref_uid)) /* Already set? */
5337 return -EBUSY;
5338
5339 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5340 if (r < 0)
5341 return r;
5342
5343 *ref_uid = uid;
5344 return 1;
5345}
5346
b90cf102 5347static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
00d9ef85
LP		 5348 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5349}
5350
b90cf102 5351static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
00d9ef85
LP		 5352 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5353}
5354
5355static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5356 int r = 0, q = 0;
5357
5358 assert(u);
5359
5360 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5361
5362 if (uid_is_valid(uid)) {
5363 r = unit_ref_uid(u, uid, clean_ipc);
5364 if (r < 0)
5365 return r;
5366 }
5367
5368 if (gid_is_valid(gid)) {
5369 q = unit_ref_gid(u, gid, clean_ipc);
5370 if (q < 0) {
5371 if (r > 0)
5372 unit_unref_uid(u, false);
5373
5374 return q;
5375 }
5376 }
5377
5378 return r > 0 || q > 0;
5379}
5380
5381int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5382 ExecContext *c;
5383 int r;
5384
5385 assert(u);
5386
5387 c = unit_get_exec_context(u);
5388
5389 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5390 if (r < 0)
5391 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5392
3bb48b19
TM		 5393 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_USER, uid);
5394 unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_GROUP, gid);
5395
00d9ef85
LP		 5396 return r;
5397}
5398
00d9ef85
LP		 5399void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5400 int r;
5401
5402 assert(u);
5403
5404 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5405 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5406 * objects when no service references the UID/GID anymore. */
5407
5408 r = unit_ref_uid_gid(u, uid, gid);
5409 if (r > 0)
37d0b962 5410 unit_add_to_dbus_queue(u);
00d9ef85 5411}
4b58153d 5412
4b58153d
LP		 5413int unit_acquire_invocation_id(Unit *u) {
5414 sd_id128_t id;
5415 int r;
5416
5417 assert(u);
5418
5419 r = sd_id128_randomize(&id);
5420 if (r < 0)
5421 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5422
5423 r = unit_set_invocation_id(u, id);
5424 if (r < 0)
5425 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5426
af92c603 5427 unit_add_to_dbus_queue(u);
4b58153d
LP		 5428 return 0;
5429}
f0d47797 5430
1ad6e8b3 5431int unit_set_exec_params(Unit *u, ExecParameters *p) {
bb5232b6 5432 const char *confirm_spawn;
1ad6e8b3
LP		 5433 int r;
5434
7960b0c7
LP		 5435 assert(u);
5436 assert(p);
f0d47797 5437
004c7f16 5438 /* Copy parameters from manager */
1ad6e8b3
LP		 5439 r = manager_get_effective_environment(u->manager, &p->environment);
5440 if (r < 0)
5441 return r;
5442
170d978b
LP		 5443 p->runtime_scope = u->manager->runtime_scope;
5444
bb5232b6
LB		 5445 confirm_spawn = manager_get_confirm_spawn(u->manager);
5446 if (confirm_spawn) {
5447 p->confirm_spawn = strdup(confirm_spawn);
5448 if (!p->confirm_spawn)
5449 return -ENOMEM;
5450 }
5451
004c7f16
LP		 5452 p->cgroup_supported = u->manager->cgroup_supported;
5453 p->prefix = u->manager->prefix;
5454 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5455
5238e957 5456 /* Copy parameters from unit */
7960b0c7 5457 p->cgroup_path = u->cgroup_path;
1d9cc876 5458 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
1ad6e8b3 5459
2ad591a3
LP		 5460 p->received_credentials_directory = u->manager->received_credentials_directory;
5461 p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory;
bb0c0d6f 5462
c8ccd444 5463 p->shall_confirm_spawn = u->manager->confirm_spawn;
154eb43f
LB		 5464
5465 p->fallback_smack_process_label = u->manager->defaults.smack_process_label;
5466
5467 if (u->manager->restrict_fs && p->bpf_outer_map_fd < 0) {
5468 int fd = lsm_bpf_map_restrict_fs_fd(u);
5469 if (fd < 0)
5470 return fd;
5471
5472 p->bpf_outer_map_fd = fd;
5473 }
5474
b646fc32
LB		 5475 p->user_lookup_fd = u->manager->user_lookup_fds[1];
5476
5477 p->cgroup_id = u->cgroup_id;
5478 p->invocation_id = u->invocation_id;
5479 sd_id128_to_string(p->invocation_id, p->invocation_id_string);
5480 p->unit_id = strdup(u->id);
5481 if (!p->unit_id)
5482 return -ENOMEM;
154eb43f 5483
1ad6e8b3 5484 return 0;
f0d47797 5485}
a79279c7 5486
4775b55d
LP		 5487int unit_fork_helper_process(Unit *u, const char *name, PidRef *ret) {
5488 pid_t pid;
a79279c7
LP		 5489 int r;
5490
5491 assert(u);
5492 assert(ret);
5493
5494 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5495 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5496
5497 (void) unit_realize_cgroup(u);
5498
e9ccae31 5499 r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid);
4775b55d
LP		 5500 if (r < 0)
5501 return r;
5502 if (r > 0) {
5503 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
5504 int q;
5505
5506 /* Parent */
5507
5508 q = pidref_set_pid(&pidref, pid);
5509 if (q < 0)
5510 return q;
5511
5512 *ret = TAKE_PIDREF(pidref);
4c253ed1 5513 return r;
4775b55d
LP		 5514 }
5515
5516 /* Child */
a79279c7 5517
9c274488
LP		 5518 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE);
5519 (void) ignore_signals(SIGPIPE);
a79279c7 5520
4c253ed1
LP		 5521 if (u->cgroup_path) {
5522 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5523 if (r < 0) {
6178e2f8 5524 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(u->cgroup_path));
4c253ed1 5525 _exit(EXIT_CGROUP);
a79279c7 5526 }
a79279c7
LP		 5527 }
5528
4c253ed1 5529 return 0;
a79279c7 5530}
c999cf38 5531
4775b55d
LP		 5532int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) {
5533 _cleanup_(pidref_done) PidRef pid = PIDREF_NULL;
810ef318
YW		 5534 int r;
5535
5536 assert(u);
5537 assert(ret_pid);
5538
5539 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5540 if (r < 0)
5541 return r;
5542 if (r == 0) {
5543 int ret = EXIT_SUCCESS;
810ef318
YW		 5544
5545 STRV_FOREACH(i, paths) {
5546 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5547 if (r < 0) {
5548 log_error_errno(r, "Failed to remove '%s': %m", *i);
5549 ret = EXIT_FAILURE;
5550 }
5551 }
5552
5553 _exit(ret);
5554 }
5555
495e75ed 5556 r = unit_watch_pidref(u, &pid, /* exclusive= */ true);
810ef318
YW		 5557 if (r < 0)
5558 return r;
5559
4775b55d 5560 *ret_pid = TAKE_PIDREF(pid);
810ef318
YW		 5561 return 0;
5562}
5563
15ed3c3a
LP		 5564static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) {
5565 assert(deps);
c999cf38
LP		 5566 assert(other);
5567
15ed3c3a 5568 if (di.origin_mask == 0 && di.destination_mask == 0)
c999cf38 5569 /* No bit set anymore, let's drop the whole entry */
15ed3c3a
LP		 5570 assert_se(hashmap_remove(deps, other));
5571 else
c999cf38 5572 /* Mask was reduced, let's update the entry */
15ed3c3a 5573 assert_se(hashmap_update(deps, other, di.data) == 0);
c999cf38
LP		 5574}
5575
5576void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
15ed3c3a 5577 Hashmap *deps;
c999cf38
LP		 5578 assert(u);
5579
5580 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5581
5582 if (mask == 0)
5583 return;
5584
15ed3c3a 5585 HASHMAP_FOREACH(deps, u->dependencies) {
c999cf38
LP		 5586 bool done;
5587
5588 do {
5589 UnitDependencyInfo di;
5590 Unit *other;
c999cf38
LP		 5591
5592 done = true;
5593
15ed3c3a
LP		 5594 HASHMAP_FOREACH_KEY(di.data, other, deps) {
5595 Hashmap *other_deps;
5596
1d6cc5d0 5597 if (FLAGS_SET(~mask, di.origin_mask))
c999cf38 5598 continue;
15ed3c3a 5599
c999cf38 5600 di.origin_mask &= ~mask;
15ed3c3a 5601 unit_update_dependency_mask(deps, other, di);
c999cf38 5602
defe63b0
LP		 5603 /* We updated the dependency from our unit to the other unit now. But most
5604 * dependencies imply a reverse dependency. Hence, let's delete that one
5605 * too. For that we go through all dependency types on the other unit and
5606 * delete all those which point to us and have the right mask set. */
c999cf38 5607
15ed3c3a 5608 HASHMAP_FOREACH(other_deps, other->dependencies) {
c999cf38
LP		 5609 UnitDependencyInfo dj;
5610
15ed3c3a 5611 dj.data = hashmap_get(other_deps, u);
1d6cc5d0 5612 if (FLAGS_SET(~mask, dj.destination_mask))
c999cf38 5613 continue;
c999cf38 5614
15ed3c3a
LP		 5615 dj.destination_mask &= ~mask;
5616 unit_update_dependency_mask(other_deps, u, dj);
c999cf38
LP		 5617 }
5618
5619 unit_add_to_gc_queue(other);
5620
156ba52b
YW		 5621 /* The unit 'other' may not be wanted by the unit 'u'. */
5622 unit_submit_to_stop_when_unneeded_queue(other);
5623
c999cf38
LP		 5624 done = false;
5625 break;
5626 }
5627
5628 } while (!done);
5629 }
5630}
d3070fbd 5631
2f8c48b6
AZ		 5632static int unit_get_invocation_path(Unit *u, char **ret) {
5633 char *p;
5634 int r;
5635
5636 assert(u);
5637 assert(ret);
5638
5639 if (MANAGER_IS_SYSTEM(u->manager))
5640 p = strjoin("/run/systemd/units/invocation:", u->id);
5641 else {
5642 _cleanup_free_ char *user_path = NULL;
5643 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5644 if (r < 0)
5645 return r;
5646 p = strjoin(user_path, u->id);
5647 }
5648
5649 if (!p)
5650 return -ENOMEM;
5651
5652 *ret = p;
5653 return 0;
5654}
5655
d3070fbd 5656static int unit_export_invocation_id(Unit *u) {
2f8c48b6 5657 _cleanup_free_ char *p = NULL;
d3070fbd
LP		 5658 int r;
5659
5660 assert(u);
5661
5662 if (u->exported_invocation_id)
5663 return 0;
5664
5665 if (sd_id128_is_null(u->invocation_id))
5666 return 0;
5667
2f8c48b6
AZ		 5668 r = unit_get_invocation_path(u, &p);
5669 if (r < 0)
5670 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5671
a3f5fd96 5672 r = symlink_atomic_label(u->invocation_id_string, p);
d3070fbd
LP		 5673 if (r < 0)
5674 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5675
5676 u->exported_invocation_id = true;
5677 return 0;
5678}
5679
5680static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5681 const char *p;
5682 char buf[2];
5683 int r;
5684
5685 assert(u);
5686 assert(c);
5687
5688 if (u->exported_log_level_max)
5689 return 0;
5690
5691 if (c->log_level_max < 0)
5692 return 0;
5693
5694 assert(c->log_level_max <= 7);
5695
5696 buf[0] = '0' + c->log_level_max;
5697 buf[1] = 0;
5698
5699 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5700 r = symlink_atomic(buf, p);
5701 if (r < 0)
5702 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5703
5704 u->exported_log_level_max = true;
5705 return 0;
5706}
5707
5708static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
254d1313 5709 _cleanup_close_ int fd = -EBADF;
d3070fbd
LP		 5710 struct iovec *iovec;
5711 const char *p;
5712 char *pattern;
5713 le64_t *sizes;
5714 ssize_t n;
d3070fbd
LP		 5715 int r;
5716
5717 if (u->exported_log_extra_fields)
5718 return 0;
5719
5720 if (c->n_log_extra_fields <= 0)
5721 return 0;
5722
5723 sizes = newa(le64_t, c->n_log_extra_fields);
5724 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5725
12375b95 5726 for (size_t i = 0; i < c->n_log_extra_fields; i++) {
d3070fbd
LP		 5727 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5728
5729 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5730 iovec[i*2+1] = c->log_extra_fields[i];
5731 }
5732
5733 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5734 pattern = strjoina(p, ".XXXXXX");
5735
5736 fd = mkostemp_safe(pattern);
5737 if (fd < 0)
5738 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5739
5740 n = writev(fd, iovec, c->n_log_extra_fields*2);
5741 if (n < 0) {
5742 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5743 goto fail;
5744 }
5745
5746 (void) fchmod(fd, 0644);
5747
5748 if (rename(pattern, p) < 0) {
5749 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5750 goto fail;
5751 }
5752
5753 u->exported_log_extra_fields = true;
5754 return 0;
5755
5756fail:
5757 (void) unlink(pattern);
5758 return r;
5759}
5760
5ac1530e 5761static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5762 _cleanup_free_ char *buf = NULL;
5763 const char *p;
5764 int r;
5765
5766 assert(u);
5767 assert(c);
5768
5ac1530e 5769 if (u->exported_log_ratelimit_interval)
90fc172e
AZ		 5770 return 0;
5771
5ac1530e 5772 if (c->log_ratelimit_interval_usec == 0)
90fc172e
AZ		 5773 return 0;
5774
5775 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5776
5ac1530e 5777 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
90fc172e
AZ		 5778 return log_oom();
5779
5780 r = symlink_atomic(buf, p);
5781 if (r < 0)
5782 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5783
5ac1530e 5784 u->exported_log_ratelimit_interval = true;
90fc172e
AZ		 5785 return 0;
5786}
5787
5ac1530e 5788static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
90fc172e
AZ		 5789 _cleanup_free_ char *buf = NULL;
5790 const char *p;
5791 int r;
5792
5793 assert(u);
5794 assert(c);
5795
5ac1530e 5796 if (u->exported_log_ratelimit_burst)
90fc172e
AZ		 5797 return 0;
5798
5ac1530e 5799 if (c->log_ratelimit_burst == 0)
90fc172e
AZ		 5800 return 0;
5801
5802 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5803
5ac1530e 5804 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
90fc172e
AZ		 5805 return log_oom();
5806
5807 r = symlink_atomic(buf, p);
5808 if (r < 0)
5809 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5810
5ac1530e 5811 u->exported_log_ratelimit_burst = true;
90fc172e
AZ		 5812 return 0;
5813}
5814
d3070fbd
LP		 5815void unit_export_state_files(Unit *u) {
5816 const ExecContext *c;
5817
5818 assert(u);
5819
5820 if (!u->id)
5821 return;
5822
638cece4 5823 if (MANAGER_IS_TEST_RUN(u->manager))
8f632531
LP		 5824 return;
5825
d3070fbd
LP		 5826 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5827 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5828 * the IPC system itself and PID 1 also log to the journal.
5829 *
5830 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5831 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5832 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5833 * namespace at least.
5834 *
5835 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5836 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5837 * them with one. */
5838
5839 (void) unit_export_invocation_id(u);
5840
2f8c48b6
AZ		 5841 if (!MANAGER_IS_SYSTEM(u->manager))
5842 return;
5843
d3070fbd
LP		 5844 c = unit_get_exec_context(u);
5845 if (c) {
5846 (void) unit_export_log_level_max(u, c);
5847 (void) unit_export_log_extra_fields(u, c);
5ac1530e
ZJS		 5848 (void) unit_export_log_ratelimit_interval(u, c);
5849 (void) unit_export_log_ratelimit_burst(u, c);
d3070fbd
LP		 5850 }
5851}
5852
5853void unit_unlink_state_files(Unit *u) {
5854 const char *p;
5855
5856 assert(u);
5857
5858 if (!u->id)
5859 return;
5860
d3070fbd
LP		 5861 /* Undoes the effect of unit_export_state() */
5862
5863 if (u->exported_invocation_id) {
2f8c48b6
AZ		 5864 _cleanup_free_ char *invocation_path = NULL;
5865 int r = unit_get_invocation_path(u, &invocation_path);
5866 if (r >= 0) {
5867 (void) unlink(invocation_path);
5868 u->exported_invocation_id = false;
5869 }
d3070fbd
LP		 5870 }
5871
2f8c48b6
AZ		 5872 if (!MANAGER_IS_SYSTEM(u->manager))
5873 return;
5874
d3070fbd
LP		 5875 if (u->exported_log_level_max) {
5876 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5877 (void) unlink(p);
5878
5879 u->exported_log_level_max = false;
5880 }
5881
5882 if (u->exported_log_extra_fields) {
5883 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5884 (void) unlink(p);
5885
5886 u->exported_log_extra_fields = false;
5887 }
90fc172e 5888
5ac1530e 5889 if (u->exported_log_ratelimit_interval) {
90fc172e
AZ		 5890 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5891 (void) unlink(p);
5892
5ac1530e 5893 u->exported_log_ratelimit_interval = false;
90fc172e
AZ		 5894 }
5895
5ac1530e 5896 if (u->exported_log_ratelimit_burst) {
90fc172e
AZ		 5897 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5898 (void) unlink(p);
5899
5ac1530e 5900 u->exported_log_ratelimit_burst = false;
90fc172e 5901 }
d3070fbd 5902}
5afe510c 5903
3c7416b6
LP		 5904int unit_prepare_exec(Unit *u) {
5905 int r;
5906
5907 assert(u);
5908
fab34748
KL		 5909 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5910 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5911 r = bpf_firewall_load_custom(u);
5912 if (r < 0)
5913 return r;
5914
3c7416b6
LP		 5915 /* Prepares everything so that we can fork of a process for this unit */
5916
5917 (void) unit_realize_cgroup(u);
5918
5919 if (u->reset_accounting) {
9b2559a1 5920 (void) unit_reset_accounting(u);
3c7416b6
LP		 5921 u->reset_accounting = false;
5922 }
5923
5924 unit_export_state_files(u);
5925
5926 r = unit_setup_exec_runtime(u);
5927 if (r < 0)
5928 return r;
5929
3c7416b6
LP		 5930 return 0;
5931}
5932
4c425434
LP		 5933static bool ignore_leftover_process(const char *comm) {
5934 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5935}
5936
4d1b2df1 5937int unit_log_leftover_process_start(const PidRef *pid, int sig, void *userdata) {
a4634b21
LP		 5938 _cleanup_free_ char *comm = NULL;
5939
4d1b2df1
LP		 5940 assert(pidref_is_set(pid));
5941
5942 (void) pidref_get_comm(pid, &comm);
a4634b21 5943
4c425434 5944 if (ignore_leftover_process(comm))
c53d2d54 5945 return 0;
a4634b21 5946
4c425434
LP		 5947 /* During start we print a warning */
5948
a4634b21
LP		 5949 log_unit_warning(userdata,
5950 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5951 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
4d1b2df1 5952 pid->pid, strna(comm));
c53d2d54
DB		 5953
5954 return 1;
a4634b21
LP		 5955}
5956
4d1b2df1 5957int unit_log_leftover_process_stop(const PidRef *pid, int sig, void *userdata) {
4c425434
LP		 5958 _cleanup_free_ char *comm = NULL;
5959
4d1b2df1
LP		 5960 assert(pidref_is_set(pid));
5961
5962 (void) pidref_get_comm(pid, &comm);
4c425434
LP		 5963
5964 if (ignore_leftover_process(comm))
5965 return 0;
5966
5967 /* During stop we only print an informational message */
5968
5969 log_unit_info(userdata,
5970 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
4d1b2df1 5971 pid->pid, strna(comm));
4c425434
LP		 5972
5973 return 1;
5974}
5975
5976int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
a4634b21
LP		 5977 assert(u);
5978
5979 (void) unit_pick_cgroup_path(u);
5980
5981 if (!u->cgroup_path)
c53d2d54 5982 return 0;
a4634b21 5983
bd1791b5
LP		 5984 return cg_kill_recursive(
5985 u->cgroup_path,
5986 /* sig= */ 0,
5987 /* flags= */ 0,
5988 /* set= */ NULL,
5989 log_func,
5990 u);
a4634b21
LP		 5991}
5992
bb2c7685
LP		 5993bool unit_needs_console(Unit *u) {
5994 ExecContext *ec;
5995 UnitActiveState state;
5996
5997 assert(u);
5998
5999 state = unit_active_state(u);
6000
6001 if (UNIT_IS_INACTIVE_OR_FAILED(state))
6002 return false;
6003
6004 if (UNIT_VTABLE(u)->needs_console)
6005 return UNIT_VTABLE(u)->needs_console(u);
6006
6007 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
6008 ec = unit_get_exec_context(u);
6009 if (!ec)
6010 return false;
6011
6012 return exec_context_may_touch_console(ec);
6013}
6014
495e75ed 6015int unit_pid_attachable(Unit *u, PidRef *pid, sd_bus_error *error) {
6592b975
LP		 6016 int r;
6017
6018 assert(u);
6019
6020 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
6021 * and not a kernel thread either */
6022
6023 /* First, a simple range check */
495e75ed
LP		 6024 if (!pidref_is_set(pid))
6025 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier is not valid.");
6592b975
LP		 6026
6027 /* Some extra safety check */
a7a87769 6028 if (pid->pid == 1 || pidref_is_self(pid))
495e75ed 6029 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid->pid);
6592b975
LP		 6030
6031 /* Don't even begin to bother with kernel threads */
fc87713b 6032 r = pidref_is_kernel_thread(pid);
6592b975 6033 if (r == -ESRCH)
495e75ed 6034 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid->pid);
6592b975 6035 if (r < 0)
495e75ed 6036 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid->pid);
6592b975 6037 if (r > 0)
495e75ed 6038 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid->pid);
6592b975
LP		 6039
6040 return 0;
6041}
6042
523ee2d4
LP		 6043void unit_log_success(Unit *u) {
6044 assert(u);
6045
edf2ee22
JM		 6046 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
6047 * This message has low information value for regular users and it might be a bit overwhelming on a system with
6048 * a lot of devices. */
6049 log_unit_struct(u,
6050 MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO,
c2503e35
RH		 6051 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
6052 LOG_UNIT_INVOCATION_ID(u),
6053 LOG_UNIT_MESSAGE(u, "Deactivated successfully."));
523ee2d4
LP		 6054}
6055
7c047d74
LP		 6056void unit_log_failure(Unit *u, const char *result) {
6057 assert(u);
6058 assert(result);
6059
c2503e35
RH		 6060 log_unit_struct(u, LOG_WARNING,
6061 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
6062 LOG_UNIT_INVOCATION_ID(u),
6063 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
6064 "UNIT_RESULT=%s", result);
7c047d74
LP		 6065}
6066
31cd5f63
AZ		 6067void unit_log_skip(Unit *u, const char *result) {
6068 assert(u);
6069 assert(result);
6070
c2503e35
RH		 6071 log_unit_struct(u, LOG_INFO,
6072 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
6073 LOG_UNIT_INVOCATION_ID(u),
6074 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
6075 "UNIT_RESULT=%s", result);
31cd5f63
AZ		 6076}
6077
91bbd9b7
LP		 6078void unit_log_process_exit(
6079 Unit *u,
91bbd9b7
LP		 6080 const char *kind,
6081 const char *command,
5cc2cd1c 6082 bool success,
91bbd9b7
LP		 6083 int code,
6084 int status) {
6085
5cc2cd1c
ZJS		 6086 int level;
6087
91bbd9b7
LP		 6088 assert(u);
6089 assert(kind);
6090
5cc2cd1c
ZJS		 6091 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6092 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6093 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6094 * WARNING. */
6095 if (success)
6096 level = LOG_DEBUG;
6097 else if (code == CLD_EXITED)
6098 level = LOG_NOTICE;
6099 else
91bbd9b7
LP		 6100 level = LOG_WARNING;
6101
c2503e35
RH		 6102 log_unit_struct(u, level,
6103 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
58441bc1 6104 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s",
c2503e35
RH		 6105 kind,
6106 sigchld_code_to_string(code), status,
6107 strna(code == CLD_EXITED
6108 ? exit_status_to_string(status, EXIT_STATUS_FULL)
58441bc1
ZJS		 6109 : signal_to_string(status)),
6110 success ? " (success)" : ""),
c2503e35
RH		 6111 "EXIT_CODE=%s", sigchld_code_to_string(code),
6112 "EXIT_STATUS=%i", status,
6113 "COMMAND=%s", strna(command),
6114 LOG_UNIT_INVOCATION_ID(u));
91bbd9b7
LP		 6115}
6116
7af67e9a
LP		 6117int unit_exit_status(Unit *u) {
6118 assert(u);
6119
6120 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6121 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6122 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6123 * service process has exited abnormally (signal/coredump). */
6124
6125 if (!UNIT_VTABLE(u)->exit_status)
6126 return -EOPNOTSUPP;
6127
6128 return UNIT_VTABLE(u)->exit_status(u);
6129}
6130
6131int unit_failure_action_exit_status(Unit *u) {
6132 int r;
6133
6134 assert(u);
6135
6136 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6137
6138 if (u->failure_action_exit_status >= 0)
6139 return u->failure_action_exit_status;
6140
6141 r = unit_exit_status(u);
6142 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6143 return 255;
6144
6145 return r;
6146}
6147
6148int unit_success_action_exit_status(Unit *u) {
6149 int r;
6150
6151 assert(u);
6152
6153 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6154
6155 if (u->success_action_exit_status >= 0)
6156 return u->success_action_exit_status;
6157
6158 r = unit_exit_status(u);
6159 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6160 return 255;
6161
6162 return r;
6163}
6164
a4191c9f
LP		 6165int unit_test_trigger_loaded(Unit *u) {
6166 Unit *trigger;
6167
6168 /* Tests whether the unit to trigger is loaded */
6169
6170 trigger = UNIT_TRIGGER(u);
6171 if (!trigger)
e7b9f4d9
ZJS		 6172 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6173 "Refusing to start, no unit to trigger.");
a4191c9f 6174 if (trigger->load_state != UNIT_LOADED)
e7b9f4d9
ZJS		 6175 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6176 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
a4191c9f
LP		 6177
6178 return 0;
6179}
6180
bb0c0d6f
LP		 6181void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
6182 assert(u);
6183 assert(context);
6184
1ba84fef
LP		 6185 /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */
6186 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO)
95939aed 6187 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
bb0c0d6f 6188
1e122561 6189 exec_context_destroy_credentials(u);
b9f976fb 6190 exec_context_destroy_mount_ns_dir(u);
95939aed
YW		 6191}
6192
380dc8b0
LP		 6193int unit_clean(Unit *u, ExecCleanMask mask) {
6194 UnitActiveState state;
6195
6196 assert(u);
6197
6198 /* Special return values:
6199 *
6200 * -EOPNOTSUPP → cleaning not supported for this unit type
6201 * -EUNATCH → cleaning not defined for this resource type
6202 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6203 * a job queued or similar
6204 */
6205
6206 if (!UNIT_VTABLE(u)->clean)
6207 return -EOPNOTSUPP;
6208
6209 if (mask == 0)
6210 return -EUNATCH;
6211
6212 if (u->load_state != UNIT_LOADED)
6213 return -EBUSY;
6214
6215 if (u->job)
6216 return -EBUSY;
6217
6218 state = unit_active_state(u);
4f06325c 6219 if (state != UNIT_INACTIVE)
380dc8b0
LP		 6220 return -EBUSY;
6221
6222 return UNIT_VTABLE(u)->clean(u, mask);
6223}
6224
6225int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6226 assert(u);
6227
6228 if (!UNIT_VTABLE(u)->clean ||
6229 u->load_state != UNIT_LOADED) {
6230 *ret = 0;
6231 return 0;
6232 }
6233
6234 /* When the clean() method is set, can_clean() really should be set too */
6235 assert(UNIT_VTABLE(u)->can_clean);
6236
6237 return UNIT_VTABLE(u)->can_clean(u, ret);
6238}
6239
f882c102
DDM		 6240bool unit_can_start_refuse_manual(Unit *u) {
6241 return unit_can_start(u) && !u->refuse_manual_start;
6242}
6243
6244bool unit_can_stop_refuse_manual(Unit *u) {
6245 return unit_can_stop(u) && !u->refuse_manual_stop;
6246}
6247
6248bool unit_can_isolate_refuse_manual(Unit *u) {
6249 return unit_can_isolate(u) && !u->refuse_manual_start;
6250}
6251
d9e45bc3
MS		 6252bool unit_can_freeze(Unit *u) {
6253 assert(u);
6254
6255 if (UNIT_VTABLE(u)->can_freeze)
6256 return UNIT_VTABLE(u)->can_freeze(u);
6257
6258 return UNIT_VTABLE(u)->freeze;
6259}
6260
6261void unit_frozen(Unit *u) {
6262 assert(u);
6263
6264 u->freezer_state = FREEZER_FROZEN;
6265
3d19e122 6266 bus_unit_send_pending_freezer_message(u, false);
d9e45bc3
MS		 6267}
6268
6269void unit_thawed(Unit *u) {
6270 assert(u);
6271
6272 u->freezer_state = FREEZER_RUNNING;
6273
3d19e122 6274 bus_unit_send_pending_freezer_message(u, false);
d9e45bc3
MS		 6275}
6276
6277static int unit_freezer_action(Unit *u, FreezerAction action) {
6278 UnitActiveState s;
6279 int (*method)(Unit*);
6280 int r;
6281
6282 assert(u);
6283 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6284
6285 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
6286 if (!method || !cg_freezer_supported())
6287 return -EOPNOTSUPP;
6288
6289 if (u->job)
6290 return -EBUSY;
6291
6292 if (u->load_state != UNIT_LOADED)
6293 return -EHOSTDOWN;
6294
6295 s = unit_active_state(u);
6296 if (s != UNIT_ACTIVE)
6297 return -EHOSTDOWN;
6298
3d19e122 6299 if ((IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING) && action == FREEZER_FREEZE) ||
6300 (u->freezer_state == FREEZER_THAWING && action == FREEZER_THAW))
d9e45bc3
MS		 6301 return -EALREADY;
6302
6303 r = method(u);
6304 if (r <= 0)
6305 return r;
6306
d171e72e
YW		 6307 assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING));
6308
d9e45bc3
MS		 6309 return 1;
6310}
6311
6312int unit_freeze(Unit *u) {
6313 return unit_freezer_action(u, FREEZER_FREEZE);
6314}
6315
6316int unit_thaw(Unit *u) {
6317 return unit_freezer_action(u, FREEZER_THAW);
6318}
6319
6320/* Wrappers around low-level cgroup freezer operations common for service and scope units */
6321int unit_freeze_vtable_common(Unit *u) {
6322 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
6323}
6324
6325int unit_thaw_vtable_common(Unit *u) {
6326 return unit_cgroup_freezer_action(u, FREEZER_THAW);
6327}
6328
6e548561 6329Condition *unit_find_failed_condition(Unit *u) {
03677889 6330 Condition *failed_trigger = NULL;
6e548561
DDM		 6331 bool has_succeeded_trigger = false;
6332
6333 if (u->condition_result)
6334 return NULL;
6335
6336 LIST_FOREACH(conditions, c, u->conditions)
6337 if (c->trigger) {
6338 if (c->result == CONDITION_SUCCEEDED)
6339 has_succeeded_trigger = true;
6340 else if (!failed_trigger)
6341 failed_trigger = c;
6342 } else if (c->result != CONDITION_SUCCEEDED)
6343 return c;
6344
6345 return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL;
6346}
6347
5afe510c
LP		 6348static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
6349 [COLLECT_INACTIVE] = "inactive",
6350 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6351};
6352
6353DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
15ed3c3a
LP		 6354
6355Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) {
6356 Unit *i;
6357
6358 assert(u);
6359
6360 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
6361 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
6362 * is NULL the first entry found), or NULL if not found. */
6363
6364 UNIT_FOREACH_DEPENDENCY(i, u, atom)
6365 if (!other || other == i)
6366 return i;
6367
6368 return NULL;
6369}
6370
6371int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) {
6372 _cleanup_free_ Unit **array = NULL;
6373 size_t n = 0;
6374 Unit *other;
6375
6376 assert(u);
6377 assert(ret_array);
6378
6379 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
6380 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
48008c1c 6381 * while the dependency table is continuously updated. */
15ed3c3a
LP		 6382
6383 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6384 if (!GREEDY_REALLOC(array, n + 1))
6385 return -ENOMEM;
6386
6387 array[n++] = other;
6388 }
6389
6390 *ret_array = TAKE_PTR(array);
6391
6392 assert(n <= INT_MAX);
6393 return (int) n;
6394}
48b92b37 6395
83123a44
YW		 6396int unit_get_transitive_dependency_set(Unit *u, UnitDependencyAtom atom, Set **ret) {
6397 _cleanup_set_free_ Set *units = NULL, *queue = NULL;
6398 Unit *other;
6399 int r;
6400
6401 assert(u);
6402 assert(ret);
6403
6404 /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */
6405
6406 do {
6407 UNIT_FOREACH_DEPENDENCY(other, u, atom) {
6408 r = set_ensure_put(&units, NULL, other);
6409 if (r < 0)
6410 return r;
6411 if (r == 0)
6412 continue;
6413 r = set_ensure_put(&queue, NULL, other);
6414 if (r < 0)
6415 return r;
6416 }
6417 } while ((u = set_steal_first(queue)));
6418
6419 *ret = TAKE_PTR(units);
6420 return 0;
6421}
6422
e9276800
LP		 6423int unit_arm_timer(
6424 Unit *u,
6425 sd_event_source **source,
6426 bool relative,
6427 usec_t usec,
6428 sd_event_time_handler_t handler) {
6429
6430 int r;
6431
6432 assert(u);
6433 assert(source);
6434 assert(handler);
6435
6436 if (*source) {
6437 if (usec == USEC_INFINITY)
6438 return sd_event_source_set_enabled(*source, SD_EVENT_OFF);
6439
6440 r = (relative ? sd_event_source_set_time_relative : sd_event_source_set_time)(*source, usec);
6441 if (r < 0)
6442 return r;
6443
6444 return sd_event_source_set_enabled(*source, SD_EVENT_ONESHOT);
6445 }
6446
6447 if (usec == USEC_INFINITY)
6448 return 0;
6449
6450 r = (relative ? sd_event_add_time_relative : sd_event_add_time)(
6451 u->manager->event,
6452 source,
6453 CLOCK_MONOTONIC,
6454 usec, 0,
6455 handler,
6456 u);
6457 if (r < 0)
6458 return r;
6459
6460 const char *d = strjoina(unit_type_to_string(u->type), "-timer");
6461 (void) sd_event_source_set_description(*source, d);
6462
6463 return 0;
6464}
6465
a8157796
LP		 6466static int unit_get_nice(Unit *u) {
6467 ExecContext *ec;
6468
6469 ec = unit_get_exec_context(u);
6470 return ec ? ec->nice : 0;
6471}
6472
6473static uint64_t unit_get_cpu_weight(Unit *u) {
6474 CGroupContext *cc;
6475
6476 cc = unit_get_cgroup_context(u);
6477 return cc ? cgroup_context_cpu_weight(cc, manager_state(u->manager)) : CGROUP_WEIGHT_DEFAULT;
6478}
6479
6480int unit_compare_priority(Unit *a, Unit *b) {
6481 int ret;
6482
6483 ret = CMP(a->type, b->type);
6484 if (ret != 0)
6485 return -ret;
6486
6487 ret = CMP(unit_get_cpu_weight(a), unit_get_cpu_weight(b));
6488 if (ret != 0)
6489 return -ret;
6490
6491 ret = CMP(unit_get_nice(a), unit_get_nice(b));
6492 if (ret != 0)
6493 return ret;
6494
6495 return strcmp(a->id, b->id);
6496}
6497
48b92b37 6498const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = {
4c420328 6499 [UNIT_PATH] = &activation_details_path_vtable,
c8bc7519 6500 [UNIT_TIMER] = &activation_details_timer_vtable,
48b92b37
LB		 6501};
6502
6503ActivationDetails *activation_details_new(Unit *trigger_unit) {
6504 _cleanup_free_ ActivationDetails *details = NULL;
6505
6506 assert(trigger_unit);
6507 assert(trigger_unit->type != _UNIT_TYPE_INVALID);
6508 assert(trigger_unit->id);
6509
6510 details = malloc0(activation_details_vtable[trigger_unit->type]->object_size);
6511 if (!details)
6512 return NULL;
6513
6514 *details = (ActivationDetails) {
6515 .n_ref = 1,
6516 .trigger_unit_type = trigger_unit->type,
6517 };
6518
6519 details->trigger_unit_name = strdup(trigger_unit->id);
6520 if (!details->trigger_unit_name)
6521 return NULL;
6522
6523 if (ACTIVATION_DETAILS_VTABLE(details)->init)
6524 ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit);
6525
6526 return TAKE_PTR(details);
6527}
6528
6529static ActivationDetails *activation_details_free(ActivationDetails *details) {
6530 if (!details)
6531 return NULL;
6532
6533 if (ACTIVATION_DETAILS_VTABLE(details)->done)
6534 ACTIVATION_DETAILS_VTABLE(details)->done(details);
6535
6536 free(details->trigger_unit_name);
6537
6538 return mfree(details);
6539}
6540
6541void activation_details_serialize(ActivationDetails *details, FILE *f) {
6542 if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID)
6543 return;
6544
6545 (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type));
6546 if (details->trigger_unit_name)
6547 (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name);
6548 if (ACTIVATION_DETAILS_VTABLE(details)->serialize)
6549 ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f);
6550}
6551
6552int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) {
e8dba806
FS		 6553 int r;
6554
48b92b37
LB		 6555 assert(key);
6556 assert(value);
6557 assert(details);
6558
6559 if (!*details) {
6560 UnitType t;
6561
6562 if (!streq(key, "activation-details-unit-type"))
6563 return -EINVAL;
6564
6565 t = unit_type_from_string(value);
210cb8d6
YW		 6566 if (t < 0)
6567 return t;
6568
6569 /* The activation details vtable has defined ops only for path and timer units */
6570 if (!activation_details_vtable[t])
48b92b37
LB		 6571 return -EINVAL;
6572
6573 *details = malloc0(activation_details_vtable[t]->object_size);
6574 if (!*details)
6575 return -ENOMEM;
6576
6577 **details = (ActivationDetails) {
6578 .n_ref = 1,
6579 .trigger_unit_type = t,
6580 };
6581
6582 return 0;
6583 }
6584
6585 if (streq(key, "activation-details-unit-name")) {
e8dba806
FS		 6586 r = free_and_strdup(&(*details)->trigger_unit_name, value);
6587 if (r < 0)
6588 return r;
48b92b37
LB		 6589
6590 return 0;
6591 }
6592
6593 if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize)
6594 return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details);
6595
6596 return -EINVAL;
6597}
6598
6599int activation_details_append_env(ActivationDetails *details, char ***strv) {
6600 int r = 0;
6601
6602 assert(strv);
6603
6604 if (!details)
6605 return 0;
6606
6607 if (!isempty(details->trigger_unit_name)) {
6608 char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name);
6609 if (!s)
6610 return -ENOMEM;
6611
6612 r = strv_consume(strv, TAKE_PTR(s));
6613 if (r < 0)
6614 return r;
6615 }
6616
6617 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6618 r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv);
6619 if (r < 0)
6620 return r;
6621 }
6622
6623 return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */
6624}
6625
6626int activation_details_append_pair(ActivationDetails *details, char ***strv) {
6627 int r = 0;
6628
6629 assert(strv);
6630
6631 if (!details)
6632 return 0;
6633
6634 if (!isempty(details->trigger_unit_name)) {
6635 r = strv_extend(strv, "trigger_unit");
6636 if (r < 0)
6637 return r;
6638
6639 r = strv_extend(strv, details->trigger_unit_name);
6640 if (r < 0)
6641 return r;
6642 }
6643
6644 if (ACTIVATION_DETAILS_VTABLE(details)->append_env) {
6645 r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv);
6646 if (r < 0)
6647 return r;
6648 }
6649
6650 return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */
6651}
6652
6653DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free);
9e615fa3
LB		 6654
6655static const char* const unit_mount_dependency_type_table[_UNIT_MOUNT_DEPENDENCY_TYPE_MAX] = {
6656 [UNIT_MOUNT_WANTS] = "WantsMountsFor",
6657 [UNIT_MOUNT_REQUIRES] = "RequiresMountsFor",
6658};
6659
6660DEFINE_STRING_TABLE_LOOKUP(unit_mount_dependency_type, UnitMountDependencyType);
6661
6662UnitDependency unit_mount_dependency_type_to_dependency_type(UnitMountDependencyType t) {
6663 switch (t) {
6664
6665 case UNIT_MOUNT_WANTS:
6666 return UNIT_WANTS;
6667
6668 case UNIT_MOUNT_REQUIRES:
6669 return UNIT_REQUIRES;
6670
6671 default:
6672 assert_not_reached();
6673 }
6674}
Unnamed repository; edit this file 'description' to name the repository.