]>
Commit | Line | Data |
---|---|---|
1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ | |
2 | ||
3 | #include <errno.h> | |
4 | #include <stdlib.h> | |
5 | #include <sys/prctl.h> | |
6 | #include <unistd.h> | |
7 | ||
8 | #include "sd-id128.h" | |
9 | #include "sd-messages.h" | |
10 | ||
11 | #include "all-units.h" | |
12 | #include "alloc-util.h" | |
13 | #include "bpf-firewall.h" | |
14 | #include "bpf-foreign.h" | |
15 | #include "bpf-socket-bind.h" | |
16 | #include "bus-common-errors.h" | |
17 | #include "bus-internal.h" | |
18 | #include "bus-util.h" | |
19 | #include "cgroup-setup.h" | |
20 | #include "cgroup-util.h" | |
21 | #include "chase.h" | |
22 | #include "core-varlink.h" | |
23 | #include "dbus-unit.h" | |
24 | #include "dbus.h" | |
25 | #include "dropin.h" | |
26 | #include "env-util.h" | |
27 | #include "escape.h" | |
28 | #include "exec-credential.h" | |
29 | #include "execute.h" | |
30 | #include "fd-util.h" | |
31 | #include "fileio-label.h" | |
32 | #include "fileio.h" | |
33 | #include "format-util.h" | |
34 | #include "id128-util.h" | |
35 | #include "install.h" | |
36 | #include "iovec-util.h" | |
37 | #include "label-util.h" | |
38 | #include "load-dropin.h" | |
39 | #include "load-fragment.h" | |
40 | #include "log.h" | |
41 | #include "logarithm.h" | |
42 | #include "macro.h" | |
43 | #include "mkdir-label.h" | |
44 | #include "path-util.h" | |
45 | #include "process-util.h" | |
46 | #include "rm-rf.h" | |
47 | #include "serialize.h" | |
48 | #include "set.h" | |
49 | #include "signal-util.h" | |
50 | #include "sparse-endian.h" | |
51 | #include "special.h" | |
52 | #include "specifier.h" | |
53 | #include "stat-util.h" | |
54 | #include "stdio-util.h" | |
55 | #include "string-table.h" | |
56 | #include "string-util.h" | |
57 | #include "strv.h" | |
58 | #include "terminal-util.h" | |
59 | #include "tmpfile-util.h" | |
60 | #include "umask-util.h" | |
61 | #include "unit-name.h" | |
62 | #include "unit.h" | |
63 | #include "user-util.h" | |
64 | #include "virt.h" | |
65 | #if BPF_FRAMEWORK | |
66 | #include "bpf-link.h" | |
67 | #endif | |
68 | ||
69 | /* Thresholds for logging at INFO level about resource consumption */ | |
70 | #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC) | |
71 | #define MENTIONWORTHY_MEMORY_BYTES (64 * U64_MB) | |
72 | #define MENTIONWORTHY_IO_BYTES (1 * U64_MB) | |
73 | #define MENTIONWORTHY_IP_BYTES UINT64_C(0) | |
74 | ||
75 | /* Thresholds for logging at NOTICE level about resource consumption */ | |
76 | #define NOTICEWORTHY_CPU_NSEC (10 * NSEC_PER_MINUTE) | |
77 | #define NOTICEWORTHY_MEMORY_BYTES (512 * U64_MB) | |
78 | #define NOTICEWORTHY_IO_BYTES (10 * U64_MB) | |
79 | #define NOTICEWORTHY_IP_BYTES (128 * U64_MB) | |
80 | ||
81 | const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = { | |
82 | [UNIT_SERVICE] = &service_vtable, | |
83 | [UNIT_SOCKET] = &socket_vtable, | |
84 | [UNIT_TARGET] = &target_vtable, | |
85 | [UNIT_DEVICE] = &device_vtable, | |
86 | [UNIT_MOUNT] = &mount_vtable, | |
87 | [UNIT_AUTOMOUNT] = &automount_vtable, | |
88 | [UNIT_SWAP] = &swap_vtable, | |
89 | [UNIT_TIMER] = &timer_vtable, | |
90 | [UNIT_PATH] = &path_vtable, | |
91 | [UNIT_SLICE] = &slice_vtable, | |
92 | [UNIT_SCOPE] = &scope_vtable, | |
93 | }; | |
94 | ||
95 | Unit* unit_new(Manager *m, size_t size) { | |
96 | Unit *u; | |
97 | ||
98 | assert(m); | |
99 | assert(size >= sizeof(Unit)); | |
100 | ||
101 | u = malloc0(size); | |
102 | if (!u) | |
103 | return NULL; | |
104 | ||
105 | u->manager = m; | |
106 | u->type = _UNIT_TYPE_INVALID; | |
107 | u->default_dependencies = true; | |
108 | u->unit_file_state = _UNIT_FILE_STATE_INVALID; | |
109 | u->unit_file_preset = -1; | |
110 | u->on_failure_job_mode = JOB_REPLACE; | |
111 | u->on_success_job_mode = JOB_FAIL; | |
112 | u->job_timeout = USEC_INFINITY; | |
113 | u->job_running_timeout = USEC_INFINITY; | |
114 | u->ref_uid = UID_INVALID; | |
115 | u->ref_gid = GID_INVALID; | |
116 | ||
117 | u->failure_action_exit_status = u->success_action_exit_status = -1; | |
118 | ||
119 | u->last_section_private = -1; | |
120 | ||
121 | u->start_ratelimit = (const RateLimit) { | |
122 | m->defaults.start_limit_interval, | |
123 | m->defaults.start_limit_burst, | |
124 | }; | |
125 | ||
126 | u->auto_start_stop_ratelimit = (const RateLimit) { | |
127 | .interval = 10 * USEC_PER_SEC, | |
128 | .burst = 16 | |
129 | }; | |
130 | ||
131 | unit_reset_memory_accounting_last(u); | |
132 | unit_reset_io_accounting_last(u); | |
133 | ||
134 | return u; | |
135 | } | |
136 | ||
137 | int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) { | |
138 | _cleanup_(unit_freep) Unit *u = NULL; | |
139 | int r; | |
140 | ||
141 | u = unit_new(m, size); | |
142 | if (!u) | |
143 | return -ENOMEM; | |
144 | ||
145 | r = unit_add_name(u, name); | |
146 | if (r < 0) | |
147 | return r; | |
148 | ||
149 | *ret = TAKE_PTR(u); | |
150 | ||
151 | return r; | |
152 | } | |
153 | ||
154 | bool unit_has_name(const Unit *u, const char *name) { | |
155 | assert(u); | |
156 | assert(name); | |
157 | ||
158 | return streq_ptr(name, u->id) || | |
159 | set_contains(u->aliases, name); | |
160 | } | |
161 | ||
162 | static void unit_init(Unit *u) { | |
163 | CGroupContext *cc; | |
164 | ExecContext *ec; | |
165 | KillContext *kc; | |
166 | ||
167 | assert(u); | |
168 | assert(u->manager); | |
169 | assert(u->type >= 0); | |
170 | ||
171 | cc = unit_get_cgroup_context(u); | |
172 | if (cc) { | |
173 | cgroup_context_init(cc); | |
174 | ||
175 | /* Copy in the manager defaults into the cgroup | |
176 | * context, _before_ the rest of the settings have | |
177 | * been initialized */ | |
178 | ||
179 | cc->cpu_accounting = u->manager->defaults.cpu_accounting; | |
180 | cc->io_accounting = u->manager->defaults.io_accounting; | |
181 | cc->blockio_accounting = u->manager->defaults.blockio_accounting; | |
182 | cc->memory_accounting = u->manager->defaults.memory_accounting; | |
183 | cc->tasks_accounting = u->manager->defaults.tasks_accounting; | |
184 | cc->ip_accounting = u->manager->defaults.ip_accounting; | |
185 | ||
186 | if (u->type != UNIT_SLICE) | |
187 | cc->tasks_max = u->manager->defaults.tasks_max; | |
188 | ||
189 | cc->memory_pressure_watch = u->manager->defaults.memory_pressure_watch; | |
190 | cc->memory_pressure_threshold_usec = u->manager->defaults.memory_pressure_threshold_usec; | |
191 | } | |
192 | ||
193 | ec = unit_get_exec_context(u); | |
194 | if (ec) { | |
195 | exec_context_init(ec); | |
196 | ||
197 | if (u->manager->defaults.oom_score_adjust_set) { | |
198 | ec->oom_score_adjust = u->manager->defaults.oom_score_adjust; | |
199 | ec->oom_score_adjust_set = true; | |
200 | } | |
201 | ||
202 | if (MANAGER_IS_SYSTEM(u->manager)) | |
203 | ec->keyring_mode = EXEC_KEYRING_SHARED; | |
204 | else { | |
205 | ec->keyring_mode = EXEC_KEYRING_INHERIT; | |
206 | ||
207 | /* User manager might have its umask redefined by PAM or UMask=. In this | |
208 | * case let the units it manages inherit this value by default. They can | |
209 | * still tune this value through their own unit file */ | |
210 | (void) get_process_umask(0, &ec->umask); | |
211 | } | |
212 | } | |
213 | ||
214 | kc = unit_get_kill_context(u); | |
215 | if (kc) | |
216 | kill_context_init(kc); | |
217 | ||
218 | if (UNIT_VTABLE(u)->init) | |
219 | UNIT_VTABLE(u)->init(u); | |
220 | } | |
221 | ||
222 | static int unit_add_alias(Unit *u, char *donated_name) { | |
223 | int r; | |
224 | ||
225 | /* Make sure that u->names is allocated. We may leave u->names | |
226 | * empty if we fail later, but this is not a problem. */ | |
227 | r = set_ensure_put(&u->aliases, &string_hash_ops, donated_name); | |
228 | if (r < 0) | |
229 | return r; | |
230 | assert(r > 0); | |
231 | ||
232 | return 0; | |
233 | } | |
234 | ||
235 | int unit_add_name(Unit *u, const char *text) { | |
236 | _cleanup_free_ char *name = NULL, *instance = NULL; | |
237 | UnitType t; | |
238 | int r; | |
239 | ||
240 | assert(u); | |
241 | assert(text); | |
242 | ||
243 | if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) { | |
244 | if (!u->instance) | |
245 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
246 | "Instance is not set when adding name '%s'.", text); | |
247 | ||
248 | r = unit_name_replace_instance(text, u->instance, &name); | |
249 | if (r < 0) | |
250 | return log_unit_debug_errno(u, r, | |
251 | "Failed to build instance name from '%s': %m", text); | |
252 | } else { | |
253 | name = strdup(text); | |
254 | if (!name) | |
255 | return -ENOMEM; | |
256 | } | |
257 | ||
258 | if (unit_has_name(u, name)) | |
259 | return 0; | |
260 | ||
261 | if (hashmap_contains(u->manager->units, name)) | |
262 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST), | |
263 | "Unit already exist when adding name '%s'.", name); | |
264 | ||
265 | if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) | |
266 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
267 | "Name '%s' is invalid.", name); | |
268 | ||
269 | t = unit_name_to_type(name); | |
270 | if (t < 0) | |
271 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
272 | "failed to derive unit type from name '%s'.", name); | |
273 | ||
274 | if (u->type != _UNIT_TYPE_INVALID && t != u->type) | |
275 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
276 | "Unit type is illegal: u->type(%d) and t(%d) for name '%s'.", | |
277 | u->type, t, name); | |
278 | ||
279 | r = unit_name_to_instance(name, &instance); | |
280 | if (r < 0) | |
281 | return log_unit_debug_errno(u, r, "Failed to extract instance from name '%s': %m", name); | |
282 | ||
283 | if (instance && !unit_type_may_template(t)) | |
284 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "Templates are not allowed for name '%s'.", name); | |
285 | ||
286 | /* Ensure that this unit either has no instance, or that the instance matches. */ | |
287 | if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance)) | |
288 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
289 | "Cannot add name %s, the instances don't match (\"%s\" != \"%s\").", | |
290 | name, instance, u->instance); | |
291 | ||
292 | if (u->id && !unit_type_may_alias(t)) | |
293 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST), | |
294 | "Cannot add name %s, aliases are not allowed for %s units.", | |
295 | name, unit_type_to_string(t)); | |
296 | ||
297 | if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES) | |
298 | return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "Cannot add name, manager has too many units."); | |
299 | ||
300 | /* Add name to the global hashmap first, because that's easier to undo */ | |
301 | r = hashmap_put(u->manager->units, name, u); | |
302 | if (r < 0) | |
303 | return log_unit_debug_errno(u, r, "Add unit to hashmap failed for name '%s': %m", text); | |
304 | ||
305 | if (u->id) { | |
306 | r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */ | |
307 | if (r < 0) { | |
308 | hashmap_remove(u->manager->units, name); | |
309 | return r; | |
310 | } | |
311 | TAKE_PTR(name); | |
312 | ||
313 | } else { | |
314 | /* A new name, we don't need the set yet. */ | |
315 | assert(u->type == _UNIT_TYPE_INVALID); | |
316 | assert(!u->instance); | |
317 | ||
318 | u->type = t; | |
319 | u->id = TAKE_PTR(name); | |
320 | u->instance = TAKE_PTR(instance); | |
321 | ||
322 | LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u); | |
323 | unit_init(u); | |
324 | } | |
325 | ||
326 | unit_add_to_dbus_queue(u); | |
327 | return 0; | |
328 | } | |
329 | ||
330 | int unit_choose_id(Unit *u, const char *name) { | |
331 | _cleanup_free_ char *t = NULL; | |
332 | char *s; | |
333 | int r; | |
334 | ||
335 | assert(u); | |
336 | assert(name); | |
337 | ||
338 | if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) { | |
339 | if (!u->instance) | |
340 | return -EINVAL; | |
341 | ||
342 | r = unit_name_replace_instance(name, u->instance, &t); | |
343 | if (r < 0) | |
344 | return r; | |
345 | ||
346 | name = t; | |
347 | } | |
348 | ||
349 | if (streq_ptr(u->id, name)) | |
350 | return 0; /* Nothing to do. */ | |
351 | ||
352 | /* Selects one of the aliases of this unit as the id */ | |
353 | s = set_get(u->aliases, (char*) name); | |
354 | if (!s) | |
355 | return -ENOENT; | |
356 | ||
357 | if (u->id) { | |
358 | r = set_remove_and_put(u->aliases, name, u->id); | |
359 | if (r < 0) | |
360 | return r; | |
361 | } else | |
362 | assert_se(set_remove(u->aliases, name)); /* see set_get() above… */ | |
363 | ||
364 | u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */ | |
365 | unit_add_to_dbus_queue(u); | |
366 | ||
367 | return 0; | |
368 | } | |
369 | ||
370 | int unit_set_description(Unit *u, const char *description) { | |
371 | int r; | |
372 | ||
373 | assert(u); | |
374 | ||
375 | r = free_and_strdup(&u->description, empty_to_null(description)); | |
376 | if (r < 0) | |
377 | return r; | |
378 | if (r > 0) | |
379 | unit_add_to_dbus_queue(u); | |
380 | ||
381 | return 0; | |
382 | } | |
383 | ||
384 | static bool unit_success_failure_handler_has_jobs(Unit *unit) { | |
385 | Unit *other; | |
386 | ||
387 | UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_SUCCESS) | |
388 | if (other->job || other->nop_job) | |
389 | return true; | |
390 | ||
391 | UNIT_FOREACH_DEPENDENCY(other, unit, UNIT_ATOM_ON_FAILURE) | |
392 | if (other->job || other->nop_job) | |
393 | return true; | |
394 | ||
395 | return false; | |
396 | } | |
397 | ||
398 | void unit_release_resources(Unit *u) { | |
399 | UnitActiveState state; | |
400 | ExecContext *ec; | |
401 | ||
402 | assert(u); | |
403 | ||
404 | if (u->job || u->nop_job) | |
405 | return; | |
406 | ||
407 | if (u->perpetual) | |
408 | return; | |
409 | ||
410 | state = unit_active_state(u); | |
411 | if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED)) | |
412 | return; | |
413 | ||
414 | if (unit_will_restart(u)) | |
415 | return; | |
416 | ||
417 | ec = unit_get_exec_context(u); | |
418 | if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART) | |
419 | exec_context_destroy_runtime_directory(ec, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]); | |
420 | ||
421 | if (UNIT_VTABLE(u)->release_resources) | |
422 | UNIT_VTABLE(u)->release_resources(u); | |
423 | } | |
424 | ||
425 | bool unit_may_gc(Unit *u) { | |
426 | UnitActiveState state; | |
427 | int r; | |
428 | ||
429 | assert(u); | |
430 | ||
431 | /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true when the | |
432 | * unit may be collected, and false if there's some reason to keep it loaded. | |
433 | * | |
434 | * References from other units are *not* checked here. Instead, this is done in unit_gc_sweep(), but | |
435 | * using markers to properly collect dependency loops. | |
436 | */ | |
437 | ||
438 | if (u->job || u->nop_job) | |
439 | return false; | |
440 | ||
441 | if (u->perpetual) | |
442 | return false; | |
443 | ||
444 | /* if we saw a cgroup empty event for this unit, stay around until we processed it so that we remove | |
445 | * the empty cgroup if possible. Similar, process any pending OOM events if they are already queued | |
446 | * before we release the unit. */ | |
447 | if (u->in_cgroup_empty_queue || u->in_cgroup_oom_queue) | |
448 | return false; | |
449 | ||
450 | /* Make sure to send out D-Bus events before we unload the unit */ | |
451 | if (u->in_dbus_queue) | |
452 | return false; | |
453 | ||
454 | if (sd_bus_track_count(u->bus_track) > 0) | |
455 | return false; | |
456 | ||
457 | state = unit_active_state(u); | |
458 | ||
459 | /* But we keep the unit object around for longer when it is referenced or configured to not be | |
460 | * gc'ed */ | |
461 | switch (u->collect_mode) { | |
462 | ||
463 | case COLLECT_INACTIVE: | |
464 | if (state != UNIT_INACTIVE) | |
465 | return false; | |
466 | ||
467 | break; | |
468 | ||
469 | case COLLECT_INACTIVE_OR_FAILED: | |
470 | if (!UNIT_IS_INACTIVE_OR_FAILED(state)) | |
471 | return false; | |
472 | ||
473 | break; | |
474 | ||
475 | default: | |
476 | assert_not_reached(); | |
477 | } | |
478 | ||
479 | /* Check if any OnFailure= or on Success= jobs may be pending */ | |
480 | if (unit_success_failure_handler_has_jobs(u)) | |
481 | return false; | |
482 | ||
483 | /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay | |
484 | * around. Units with active processes should never be collected. */ | |
485 | r = unit_cgroup_is_empty(u); | |
486 | if (r <= 0 && r != -ENXIO) | |
487 | return false; /* ENXIO means: currently not realized */ | |
488 | ||
489 | if (!UNIT_VTABLE(u)->may_gc) | |
490 | return true; | |
491 | ||
492 | return UNIT_VTABLE(u)->may_gc(u); | |
493 | } | |
494 | ||
495 | void unit_add_to_load_queue(Unit *u) { | |
496 | assert(u); | |
497 | assert(u->type != _UNIT_TYPE_INVALID); | |
498 | ||
499 | if (u->load_state != UNIT_STUB || u->in_load_queue) | |
500 | return; | |
501 | ||
502 | LIST_PREPEND(load_queue, u->manager->load_queue, u); | |
503 | u->in_load_queue = true; | |
504 | } | |
505 | ||
506 | void unit_add_to_cleanup_queue(Unit *u) { | |
507 | assert(u); | |
508 | ||
509 | if (u->in_cleanup_queue) | |
510 | return; | |
511 | ||
512 | LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u); | |
513 | u->in_cleanup_queue = true; | |
514 | } | |
515 | ||
516 | void unit_add_to_gc_queue(Unit *u) { | |
517 | assert(u); | |
518 | ||
519 | if (u->in_gc_queue || u->in_cleanup_queue) | |
520 | return; | |
521 | ||
522 | if (!unit_may_gc(u)) | |
523 | return; | |
524 | ||
525 | LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u); | |
526 | u->in_gc_queue = true; | |
527 | } | |
528 | ||
529 | void unit_add_to_dbus_queue(Unit *u) { | |
530 | assert(u); | |
531 | assert(u->type != _UNIT_TYPE_INVALID); | |
532 | ||
533 | if (u->load_state == UNIT_STUB || u->in_dbus_queue) | |
534 | return; | |
535 | ||
536 | /* Shortcut things if nobody cares */ | |
537 | if (sd_bus_track_count(u->manager->subscribed) <= 0 && | |
538 | sd_bus_track_count(u->bus_track) <= 0 && | |
539 | set_isempty(u->manager->private_buses)) { | |
540 | u->sent_dbus_new_signal = true; | |
541 | return; | |
542 | } | |
543 | ||
544 | LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u); | |
545 | u->in_dbus_queue = true; | |
546 | } | |
547 | ||
548 | void unit_submit_to_stop_when_unneeded_queue(Unit *u) { | |
549 | assert(u); | |
550 | ||
551 | if (u->in_stop_when_unneeded_queue) | |
552 | return; | |
553 | ||
554 | if (!u->stop_when_unneeded) | |
555 | return; | |
556 | ||
557 | if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) | |
558 | return; | |
559 | ||
560 | LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u); | |
561 | u->in_stop_when_unneeded_queue = true; | |
562 | } | |
563 | ||
564 | void unit_submit_to_start_when_upheld_queue(Unit *u) { | |
565 | assert(u); | |
566 | ||
567 | if (u->in_start_when_upheld_queue) | |
568 | return; | |
569 | ||
570 | if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u))) | |
571 | return; | |
572 | ||
573 | if (!unit_has_dependency(u, UNIT_ATOM_START_STEADILY, NULL)) | |
574 | return; | |
575 | ||
576 | LIST_PREPEND(start_when_upheld_queue, u->manager->start_when_upheld_queue, u); | |
577 | u->in_start_when_upheld_queue = true; | |
578 | } | |
579 | ||
580 | void unit_submit_to_stop_when_bound_queue(Unit *u) { | |
581 | assert(u); | |
582 | ||
583 | if (u->in_stop_when_bound_queue) | |
584 | return; | |
585 | ||
586 | if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) | |
587 | return; | |
588 | ||
589 | if (!unit_has_dependency(u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT, NULL)) | |
590 | return; | |
591 | ||
592 | LIST_PREPEND(stop_when_bound_queue, u->manager->stop_when_bound_queue, u); | |
593 | u->in_stop_when_bound_queue = true; | |
594 | } | |
595 | ||
596 | static bool unit_can_release_resources(Unit *u) { | |
597 | ExecContext *ec; | |
598 | ||
599 | assert(u); | |
600 | ||
601 | if (UNIT_VTABLE(u)->release_resources) | |
602 | return true; | |
603 | ||
604 | ec = unit_get_exec_context(u); | |
605 | if (ec && ec->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART) | |
606 | return true; | |
607 | ||
608 | return false; | |
609 | } | |
610 | ||
611 | void unit_submit_to_release_resources_queue(Unit *u) { | |
612 | assert(u); | |
613 | ||
614 | if (u->in_release_resources_queue) | |
615 | return; | |
616 | ||
617 | if (u->job || u->nop_job) | |
618 | return; | |
619 | ||
620 | if (u->perpetual) | |
621 | return; | |
622 | ||
623 | if (!unit_can_release_resources(u)) | |
624 | return; | |
625 | ||
626 | LIST_PREPEND(release_resources_queue, u->manager->release_resources_queue, u); | |
627 | u->in_release_resources_queue = true; | |
628 | } | |
629 | ||
630 | static void unit_clear_dependencies(Unit *u) { | |
631 | assert(u); | |
632 | ||
633 | /* Removes all dependencies configured on u and their reverse dependencies. */ | |
634 | ||
635 | for (Hashmap *deps; (deps = hashmap_steal_first(u->dependencies));) { | |
636 | ||
637 | for (Unit *other; (other = hashmap_steal_first_key(deps));) { | |
638 | Hashmap *other_deps; | |
639 | ||
640 | HASHMAP_FOREACH(other_deps, other->dependencies) | |
641 | hashmap_remove(other_deps, u); | |
642 | ||
643 | unit_add_to_gc_queue(other); | |
644 | } | |
645 | ||
646 | hashmap_free(deps); | |
647 | } | |
648 | ||
649 | u->dependencies = hashmap_free(u->dependencies); | |
650 | } | |
651 | ||
652 | static void unit_remove_transient(Unit *u) { | |
653 | assert(u); | |
654 | ||
655 | if (!u->transient) | |
656 | return; | |
657 | ||
658 | if (u->fragment_path) | |
659 | (void) unlink(u->fragment_path); | |
660 | ||
661 | STRV_FOREACH(i, u->dropin_paths) { | |
662 | _cleanup_free_ char *p = NULL, *pp = NULL; | |
663 | ||
664 | if (path_extract_directory(*i, &p) < 0) /* Get the drop-in directory from the drop-in file */ | |
665 | continue; | |
666 | ||
667 | if (path_extract_directory(p, &pp) < 0) /* Get the config directory from the drop-in directory */ | |
668 | continue; | |
669 | ||
670 | /* Only drop transient drop-ins */ | |
671 | if (!path_equal(u->manager->lookup_paths.transient, pp)) | |
672 | continue; | |
673 | ||
674 | (void) unlink(*i); | |
675 | (void) rmdir(p); | |
676 | } | |
677 | } | |
678 | ||
679 | static void unit_free_mounts_for(Unit *u) { | |
680 | assert(u); | |
681 | ||
682 | for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) { | |
683 | for (;;) { | |
684 | _cleanup_free_ char *path = NULL; | |
685 | ||
686 | path = hashmap_steal_first_key(u->mounts_for[t]); | |
687 | if (!path) | |
688 | break; | |
689 | ||
690 | char s[strlen(path) + 1]; | |
691 | ||
692 | PATH_FOREACH_PREFIX_MORE(s, path) { | |
693 | char *y; | |
694 | Set *x; | |
695 | ||
696 | x = hashmap_get2(u->manager->units_needing_mounts_for[t], s, (void**) &y); | |
697 | if (!x) | |
698 | continue; | |
699 | ||
700 | (void) set_remove(x, u); | |
701 | ||
702 | if (set_isempty(x)) { | |
703 | assert_se(hashmap_remove(u->manager->units_needing_mounts_for[t], y)); | |
704 | free(y); | |
705 | set_free(x); | |
706 | } | |
707 | } | |
708 | } | |
709 | ||
710 | u->mounts_for[t] = hashmap_free(u->mounts_for[t]); | |
711 | } | |
712 | } | |
713 | ||
714 | static void unit_done(Unit *u) { | |
715 | ExecContext *ec; | |
716 | CGroupContext *cc; | |
717 | ||
718 | assert(u); | |
719 | ||
720 | if (u->type < 0) | |
721 | return; | |
722 | ||
723 | if (UNIT_VTABLE(u)->done) | |
724 | UNIT_VTABLE(u)->done(u); | |
725 | ||
726 | ec = unit_get_exec_context(u); | |
727 | if (ec) | |
728 | exec_context_done(ec); | |
729 | ||
730 | cc = unit_get_cgroup_context(u); | |
731 | if (cc) | |
732 | cgroup_context_done(cc); | |
733 | } | |
734 | ||
735 | Unit* unit_free(Unit *u) { | |
736 | Unit *slice; | |
737 | char *t; | |
738 | ||
739 | if (!u) | |
740 | return NULL; | |
741 | ||
742 | sd_event_source_disable_unref(u->auto_start_stop_event_source); | |
743 | ||
744 | u->transient_file = safe_fclose(u->transient_file); | |
745 | ||
746 | if (!MANAGER_IS_RELOADING(u->manager)) | |
747 | unit_remove_transient(u); | |
748 | ||
749 | bus_unit_send_removed_signal(u); | |
750 | ||
751 | unit_done(u); | |
752 | ||
753 | unit_dequeue_rewatch_pids(u); | |
754 | ||
755 | u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); | |
756 | u->bus_track = sd_bus_track_unref(u->bus_track); | |
757 | u->deserialized_refs = strv_free(u->deserialized_refs); | |
758 | u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation); | |
759 | ||
760 | unit_free_mounts_for(u); | |
761 | ||
762 | SET_FOREACH(t, u->aliases) | |
763 | hashmap_remove_value(u->manager->units, t, u); | |
764 | if (u->id) | |
765 | hashmap_remove_value(u->manager->units, u->id, u); | |
766 | ||
767 | if (!sd_id128_is_null(u->invocation_id)) | |
768 | hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u); | |
769 | ||
770 | if (u->job) { | |
771 | Job *j = u->job; | |
772 | job_uninstall(j); | |
773 | job_free(j); | |
774 | } | |
775 | ||
776 | if (u->nop_job) { | |
777 | Job *j = u->nop_job; | |
778 | job_uninstall(j); | |
779 | job_free(j); | |
780 | } | |
781 | ||
782 | /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we | |
783 | * detach the unit from slice tree in order to eliminate its effect on controller masks. */ | |
784 | slice = UNIT_GET_SLICE(u); | |
785 | unit_clear_dependencies(u); | |
786 | if (slice) | |
787 | unit_add_family_to_cgroup_realize_queue(slice); | |
788 | ||
789 | if (u->on_console) | |
790 | manager_unref_console(u->manager); | |
791 | ||
792 | unit_release_cgroup(u); | |
793 | ||
794 | if (!MANAGER_IS_RELOADING(u->manager)) | |
795 | unit_unlink_state_files(u); | |
796 | ||
797 | unit_unref_uid_gid(u, false); | |
798 | ||
799 | (void) manager_update_failed_units(u->manager, u, false); | |
800 | set_remove(u->manager->startup_units, u); | |
801 | ||
802 | unit_unwatch_all_pids(u); | |
803 | ||
804 | while (u->refs_by_target) | |
805 | unit_ref_unset(u->refs_by_target); | |
806 | ||
807 | if (u->type != _UNIT_TYPE_INVALID) | |
808 | LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u); | |
809 | ||
810 | if (u->in_load_queue) | |
811 | LIST_REMOVE(load_queue, u->manager->load_queue, u); | |
812 | ||
813 | if (u->in_dbus_queue) | |
814 | LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u); | |
815 | ||
816 | if (u->in_cleanup_queue) | |
817 | LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u); | |
818 | ||
819 | if (u->in_gc_queue) | |
820 | LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u); | |
821 | ||
822 | if (u->in_cgroup_realize_queue) | |
823 | LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u); | |
824 | ||
825 | if (u->in_cgroup_empty_queue) | |
826 | LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u); | |
827 | ||
828 | if (u->in_cgroup_oom_queue) | |
829 | LIST_REMOVE(cgroup_oom_queue, u->manager->cgroup_oom_queue, u); | |
830 | ||
831 | if (u->in_target_deps_queue) | |
832 | LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u); | |
833 | ||
834 | if (u->in_stop_when_unneeded_queue) | |
835 | LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u); | |
836 | ||
837 | if (u->in_start_when_upheld_queue) | |
838 | LIST_REMOVE(start_when_upheld_queue, u->manager->start_when_upheld_queue, u); | |
839 | ||
840 | if (u->in_stop_when_bound_queue) | |
841 | LIST_REMOVE(stop_when_bound_queue, u->manager->stop_when_bound_queue, u); | |
842 | ||
843 | if (u->in_release_resources_queue) | |
844 | LIST_REMOVE(release_resources_queue, u->manager->release_resources_queue, u); | |
845 | ||
846 | bpf_firewall_close(u); | |
847 | ||
848 | condition_free_list(u->conditions); | |
849 | condition_free_list(u->asserts); | |
850 | ||
851 | free(u->description); | |
852 | strv_free(u->documentation); | |
853 | free(u->fragment_path); | |
854 | free(u->source_path); | |
855 | strv_free(u->dropin_paths); | |
856 | free(u->instance); | |
857 | ||
858 | free(u->job_timeout_reboot_arg); | |
859 | free(u->reboot_arg); | |
860 | ||
861 | free(u->access_selinux_context); | |
862 | ||
863 | set_free_free(u->aliases); | |
864 | free(u->id); | |
865 | ||
866 | activation_details_unref(u->activation_details); | |
867 | ||
868 | return mfree(u); | |
869 | } | |
870 | ||
871 | FreezerState unit_freezer_state(Unit *u) { | |
872 | assert(u); | |
873 | ||
874 | return u->freezer_state; | |
875 | } | |
876 | ||
877 | UnitActiveState unit_active_state(Unit *u) { | |
878 | assert(u); | |
879 | ||
880 | if (u->load_state == UNIT_MERGED) | |
881 | return unit_active_state(unit_follow_merge(u)); | |
882 | ||
883 | /* After a reload it might happen that a unit is not correctly | |
884 | * loaded but still has a process around. That's why we won't | |
885 | * shortcut failed loading to UNIT_INACTIVE_FAILED. */ | |
886 | ||
887 | return UNIT_VTABLE(u)->active_state(u); | |
888 | } | |
889 | ||
890 | const char* unit_sub_state_to_string(Unit *u) { | |
891 | assert(u); | |
892 | ||
893 | return UNIT_VTABLE(u)->sub_state_to_string(u); | |
894 | } | |
895 | ||
896 | static int unit_merge_names(Unit *u, Unit *other) { | |
897 | char *name; | |
898 | int r; | |
899 | ||
900 | assert(u); | |
901 | assert(other); | |
902 | ||
903 | r = unit_add_alias(u, other->id); | |
904 | if (r < 0) | |
905 | return r; | |
906 | ||
907 | r = set_move(u->aliases, other->aliases); | |
908 | if (r < 0) { | |
909 | set_remove(u->aliases, other->id); | |
910 | return r; | |
911 | } | |
912 | ||
913 | TAKE_PTR(other->id); | |
914 | other->aliases = set_free_free(other->aliases); | |
915 | ||
916 | SET_FOREACH(name, u->aliases) | |
917 | assert_se(hashmap_replace(u->manager->units, name, u) == 0); | |
918 | ||
919 | return 0; | |
920 | } | |
921 | ||
922 | static int unit_reserve_dependencies(Unit *u, Unit *other) { | |
923 | size_t n_reserve; | |
924 | Hashmap* deps; | |
925 | void *d; | |
926 | int r; | |
927 | ||
928 | assert(u); | |
929 | assert(other); | |
930 | ||
931 | /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot | |
932 | * fail. | |
933 | * | |
934 | * First make some room in the per dependency type hashmaps. Using the summed size of both units' | |
935 | * hashmaps is an estimate that is likely too high since they probably use some of the same | |
936 | * types. But it's never too low, and that's all we need. */ | |
937 | ||
938 | n_reserve = MIN(hashmap_size(other->dependencies), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX, hashmap_size(u->dependencies))); | |
939 | if (n_reserve > 0) { | |
940 | r = hashmap_ensure_allocated(&u->dependencies, NULL); | |
941 | if (r < 0) | |
942 | return r; | |
943 | ||
944 | r = hashmap_reserve(u->dependencies, n_reserve); | |
945 | if (r < 0) | |
946 | return r; | |
947 | } | |
948 | ||
949 | /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the | |
950 | * other unit's dependencies. | |
951 | * | |
952 | * NB: If u does not have a dependency set allocated for some dependency type, there is no need to | |
953 | * reserve anything for. In that case other's set will be transferred as a whole to u by | |
954 | * complete_move(). */ | |
955 | ||
956 | HASHMAP_FOREACH_KEY(deps, d, u->dependencies) { | |
957 | Hashmap *other_deps; | |
958 | ||
959 | other_deps = hashmap_get(other->dependencies, d); | |
960 | ||
961 | r = hashmap_reserve(deps, hashmap_size(other_deps)); | |
962 | if (r < 0) | |
963 | return r; | |
964 | } | |
965 | ||
966 | return 0; | |
967 | } | |
968 | ||
969 | static bool unit_should_warn_about_dependency(UnitDependency dependency) { | |
970 | /* Only warn about some unit types */ | |
971 | return IN_SET(dependency, | |
972 | UNIT_CONFLICTS, | |
973 | UNIT_CONFLICTED_BY, | |
974 | UNIT_BEFORE, | |
975 | UNIT_AFTER, | |
976 | UNIT_ON_SUCCESS, | |
977 | UNIT_ON_FAILURE, | |
978 | UNIT_TRIGGERS, | |
979 | UNIT_TRIGGERED_BY); | |
980 | } | |
981 | ||
982 | static int unit_per_dependency_type_hashmap_update( | |
983 | Hashmap *per_type, | |
984 | Unit *other, | |
985 | UnitDependencyMask origin_mask, | |
986 | UnitDependencyMask destination_mask) { | |
987 | ||
988 | UnitDependencyInfo info; | |
989 | int r; | |
990 | ||
991 | assert(other); | |
992 | assert_cc(sizeof(void*) == sizeof(info)); | |
993 | ||
994 | /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it | |
995 | * exists, or insert it anew if not. */ | |
996 | ||
997 | info.data = hashmap_get(per_type, other); | |
998 | if (info.data) { | |
999 | /* Entry already exists. Add in our mask. */ | |
1000 | ||
1001 | if (FLAGS_SET(origin_mask, info.origin_mask) && | |
1002 | FLAGS_SET(destination_mask, info.destination_mask)) | |
1003 | return 0; /* NOP */ | |
1004 | ||
1005 | info.origin_mask |= origin_mask; | |
1006 | info.destination_mask |= destination_mask; | |
1007 | ||
1008 | r = hashmap_update(per_type, other, info.data); | |
1009 | } else { | |
1010 | info = (UnitDependencyInfo) { | |
1011 | .origin_mask = origin_mask, | |
1012 | .destination_mask = destination_mask, | |
1013 | }; | |
1014 | ||
1015 | r = hashmap_put(per_type, other, info.data); | |
1016 | } | |
1017 | if (r < 0) | |
1018 | return r; | |
1019 | ||
1020 | return 1; | |
1021 | } | |
1022 | ||
1023 | static void unit_merge_dependencies(Unit *u, Unit *other) { | |
1024 | Hashmap *deps; | |
1025 | void *dt; /* Actually of type UnitDependency, except that we don't bother casting it here, | |
1026 | * since the hashmaps all want it as void pointer. */ | |
1027 | ||
1028 | assert(u); | |
1029 | assert(other); | |
1030 | ||
1031 | if (u == other) | |
1032 | return; | |
1033 | ||
1034 | /* First, remove dependency to other. */ | |
1035 | HASHMAP_FOREACH_KEY(deps, dt, u->dependencies) { | |
1036 | if (hashmap_remove(deps, other) && unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt))) | |
1037 | log_unit_warning(u, "Dependency %s=%s is dropped, as %s is merged into %s.", | |
1038 | unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)), | |
1039 | other->id, other->id, u->id); | |
1040 | ||
1041 | if (hashmap_isempty(deps)) | |
1042 | hashmap_free(hashmap_remove(u->dependencies, dt)); | |
1043 | } | |
1044 | ||
1045 | for (;;) { | |
1046 | _cleanup_hashmap_free_ Hashmap *other_deps = NULL; | |
1047 | UnitDependencyInfo di_back; | |
1048 | Unit *back; | |
1049 | ||
1050 | /* Let's focus on one dependency type at a time, that 'other' has defined. */ | |
1051 | other_deps = hashmap_steal_first_key_and_value(other->dependencies, &dt); | |
1052 | if (!other_deps) | |
1053 | break; /* done! */ | |
1054 | ||
1055 | deps = hashmap_get(u->dependencies, dt); | |
1056 | ||
1057 | /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the | |
1058 | * referenced units as 'back'. */ | |
1059 | HASHMAP_FOREACH_KEY(di_back.data, back, other_deps) { | |
1060 | Hashmap *back_deps; | |
1061 | void *back_dt; | |
1062 | ||
1063 | if (back == u) { | |
1064 | /* This is a dependency pointing back to the unit we want to merge with? | |
1065 | * Suppress it (but warn) */ | |
1066 | if (unit_should_warn_about_dependency(UNIT_DEPENDENCY_FROM_PTR(dt))) | |
1067 | log_unit_warning(u, "Dependency %s=%s in %s is dropped, as %s is merged into %s.", | |
1068 | unit_dependency_to_string(UNIT_DEPENDENCY_FROM_PTR(dt)), | |
1069 | u->id, other->id, other->id, u->id); | |
1070 | ||
1071 | hashmap_remove(other_deps, back); | |
1072 | continue; | |
1073 | } | |
1074 | ||
1075 | /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to | |
1076 | * point to 'u' instead. */ | |
1077 | HASHMAP_FOREACH_KEY(back_deps, back_dt, back->dependencies) { | |
1078 | UnitDependencyInfo di_move; | |
1079 | ||
1080 | di_move.data = hashmap_remove(back_deps, other); | |
1081 | if (!di_move.data) | |
1082 | continue; | |
1083 | ||
1084 | assert_se(unit_per_dependency_type_hashmap_update( | |
1085 | back_deps, | |
1086 | u, | |
1087 | di_move.origin_mask, | |
1088 | di_move.destination_mask) >= 0); | |
1089 | } | |
1090 | ||
1091 | /* The target unit already has dependencies of this type, let's then merge this individually. */ | |
1092 | if (deps) | |
1093 | assert_se(unit_per_dependency_type_hashmap_update( | |
1094 | deps, | |
1095 | back, | |
1096 | di_back.origin_mask, | |
1097 | di_back.destination_mask) >= 0); | |
1098 | } | |
1099 | ||
1100 | /* Now all references towards 'other' of the current type 'dt' are corrected to point to 'u'. | |
1101 | * Lets's now move the deps of type 'dt' from 'other' to 'u'. If the unit does not have | |
1102 | * dependencies of this type, let's move them per type wholesale. */ | |
1103 | if (!deps) | |
1104 | assert_se(hashmap_put(u->dependencies, dt, TAKE_PTR(other_deps)) >= 0); | |
1105 | } | |
1106 | ||
1107 | other->dependencies = hashmap_free(other->dependencies); | |
1108 | } | |
1109 | ||
1110 | int unit_merge(Unit *u, Unit *other) { | |
1111 | int r; | |
1112 | ||
1113 | assert(u); | |
1114 | assert(other); | |
1115 | assert(u->manager == other->manager); | |
1116 | assert(u->type != _UNIT_TYPE_INVALID); | |
1117 | ||
1118 | other = unit_follow_merge(other); | |
1119 | ||
1120 | if (other == u) | |
1121 | return 0; | |
1122 | ||
1123 | if (u->type != other->type) | |
1124 | return -EINVAL; | |
1125 | ||
1126 | if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */ | |
1127 | return -EEXIST; | |
1128 | ||
1129 | if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND)) | |
1130 | return -EEXIST; | |
1131 | ||
1132 | if (!streq_ptr(u->instance, other->instance)) | |
1133 | return -EINVAL; | |
1134 | ||
1135 | if (other->job) | |
1136 | return -EEXIST; | |
1137 | ||
1138 | if (other->nop_job) | |
1139 | return -EEXIST; | |
1140 | ||
1141 | if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) | |
1142 | return -EEXIST; | |
1143 | ||
1144 | /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we | |
1145 | * fail. We don't have a way to undo reservations. A reservation is not a leak. */ | |
1146 | r = unit_reserve_dependencies(u, other); | |
1147 | if (r < 0) | |
1148 | return r; | |
1149 | ||
1150 | /* Redirect all references */ | |
1151 | while (other->refs_by_target) | |
1152 | unit_ref_set(other->refs_by_target, other->refs_by_target->source, u); | |
1153 | ||
1154 | /* Merge dependencies */ | |
1155 | unit_merge_dependencies(u, other); | |
1156 | ||
1157 | /* Merge names. It is better to do that after merging deps, otherwise the log message contains n/a. */ | |
1158 | r = unit_merge_names(u, other); | |
1159 | if (r < 0) | |
1160 | return r; | |
1161 | ||
1162 | other->load_state = UNIT_MERGED; | |
1163 | other->merged_into = u; | |
1164 | ||
1165 | if (!u->activation_details) | |
1166 | u->activation_details = activation_details_ref(other->activation_details); | |
1167 | ||
1168 | /* If there is still some data attached to the other node, we | |
1169 | * don't need it anymore, and can free it. */ | |
1170 | if (other->load_state != UNIT_STUB) | |
1171 | if (UNIT_VTABLE(other)->done) | |
1172 | UNIT_VTABLE(other)->done(other); | |
1173 | ||
1174 | unit_add_to_dbus_queue(u); | |
1175 | unit_add_to_cleanup_queue(other); | |
1176 | ||
1177 | return 0; | |
1178 | } | |
1179 | ||
1180 | int unit_merge_by_name(Unit *u, const char *name) { | |
1181 | _cleanup_free_ char *s = NULL; | |
1182 | Unit *other; | |
1183 | int r; | |
1184 | ||
1185 | /* Either add name to u, or if a unit with name already exists, merge it with u. | |
1186 | * If name is a template, do the same for name@instance, where instance is u's instance. */ | |
1187 | ||
1188 | assert(u); | |
1189 | assert(name); | |
1190 | ||
1191 | if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) { | |
1192 | if (!u->instance) | |
1193 | return -EINVAL; | |
1194 | ||
1195 | r = unit_name_replace_instance(name, u->instance, &s); | |
1196 | if (r < 0) | |
1197 | return r; | |
1198 | ||
1199 | name = s; | |
1200 | } | |
1201 | ||
1202 | other = manager_get_unit(u->manager, name); | |
1203 | if (other) | |
1204 | return unit_merge(u, other); | |
1205 | ||
1206 | return unit_add_name(u, name); | |
1207 | } | |
1208 | ||
1209 | Unit* unit_follow_merge(Unit *u) { | |
1210 | assert(u); | |
1211 | ||
1212 | while (u->load_state == UNIT_MERGED) | |
1213 | assert_se(u = u->merged_into); | |
1214 | ||
1215 | return u; | |
1216 | } | |
1217 | ||
1218 | int unit_add_exec_dependencies(Unit *u, ExecContext *c) { | |
1219 | int r; | |
1220 | ||
1221 | assert(u); | |
1222 | assert(c); | |
1223 | ||
1224 | /* Unlike unit_add_dependency() or friends, this always returns 0 on success. */ | |
1225 | ||
1226 | if (c->working_directory) { | |
1227 | r = unit_add_mounts_for( | |
1228 | u, | |
1229 | c->working_directory, | |
1230 | UNIT_DEPENDENCY_FILE, | |
1231 | c->working_directory_missing_ok ? UNIT_MOUNT_WANTS : UNIT_MOUNT_REQUIRES); | |
1232 | if (r < 0) | |
1233 | return r; | |
1234 | } | |
1235 | ||
1236 | if (c->root_directory) { | |
1237 | r = unit_add_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS); | |
1238 | if (r < 0) | |
1239 | return r; | |
1240 | } | |
1241 | ||
1242 | if (c->root_image) { | |
1243 | r = unit_add_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS); | |
1244 | if (r < 0) | |
1245 | return r; | |
1246 | } | |
1247 | ||
1248 | for (ExecDirectoryType dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) { | |
1249 | if (!u->manager->prefix[dt]) | |
1250 | continue; | |
1251 | ||
1252 | FOREACH_ARRAY(i, c->directories[dt].items, c->directories[dt].n_items) { | |
1253 | _cleanup_free_ char *p = NULL; | |
1254 | ||
1255 | p = path_join(u->manager->prefix[dt], i->path); | |
1256 | if (!p) | |
1257 | return -ENOMEM; | |
1258 | ||
1259 | r = unit_add_mounts_for(u, p, UNIT_DEPENDENCY_FILE, UNIT_MOUNT_REQUIRES); | |
1260 | if (r < 0) | |
1261 | return r; | |
1262 | } | |
1263 | } | |
1264 | ||
1265 | if (!MANAGER_IS_SYSTEM(u->manager)) | |
1266 | return 0; | |
1267 | ||
1268 | /* For the following three directory types we need write access, and /var/ is possibly on the root | |
1269 | * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */ | |
1270 | if (c->directories[EXEC_DIRECTORY_STATE].n_items > 0 || | |
1271 | c->directories[EXEC_DIRECTORY_CACHE].n_items > 0 || | |
1272 | c->directories[EXEC_DIRECTORY_LOGS].n_items > 0) { | |
1273 | r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE); | |
1274 | if (r < 0) | |
1275 | return r; | |
1276 | } | |
1277 | ||
1278 | if (c->private_tmp) { | |
1279 | r = unit_add_mounts_for(u, "/tmp", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS); | |
1280 | if (r < 0) | |
1281 | return r; | |
1282 | ||
1283 | r = unit_add_mounts_for(u, "/var/tmp", UNIT_DEPENDENCY_FILE, UNIT_MOUNT_WANTS); | |
1284 | if (r < 0) | |
1285 | return r; | |
1286 | ||
1287 | r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE); | |
1288 | if (r < 0) | |
1289 | return r; | |
1290 | } | |
1291 | ||
1292 | if (c->root_image) { | |
1293 | /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an | |
1294 | * implicit dependency on udev */ | |
1295 | ||
1296 | r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE); | |
1297 | if (r < 0) | |
1298 | return r; | |
1299 | } | |
1300 | ||
1301 | if (!IN_SET(c->std_output, | |
1302 | EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE, | |
1303 | EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) && | |
1304 | !IN_SET(c->std_error, | |
1305 | EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE, | |
1306 | EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) && | |
1307 | !c->log_namespace) | |
1308 | return 0; | |
1309 | ||
1310 | /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon | |
1311 | * is run first. */ | |
1312 | ||
1313 | if (c->log_namespace) { | |
1314 | static const struct { | |
1315 | const char *template; | |
1316 | UnitType type; | |
1317 | } deps[] = { | |
1318 | { "systemd-journald", UNIT_SOCKET, }, | |
1319 | { "systemd-journald-varlink", UNIT_SOCKET, }, | |
1320 | { "systemd-journald-sync", UNIT_SERVICE, }, | |
1321 | }; | |
1322 | ||
1323 | FOREACH_ELEMENT(i, deps) { | |
1324 | _cleanup_free_ char *unit = NULL; | |
1325 | ||
1326 | r = unit_name_build_from_type(i->template, c->log_namespace, i->type, &unit); | |
1327 | if (r < 0) | |
1328 | return r; | |
1329 | ||
1330 | r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, unit, true, UNIT_DEPENDENCY_FILE); | |
1331 | if (r < 0) | |
1332 | return r; | |
1333 | } | |
1334 | } else { | |
1335 | r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE); | |
1336 | if (r < 0) | |
1337 | return r; | |
1338 | } | |
1339 | ||
1340 | r = unit_add_default_credential_dependencies(u, c); | |
1341 | if (r < 0) | |
1342 | return r; | |
1343 | ||
1344 | return 0; | |
1345 | } | |
1346 | ||
1347 | const char* unit_description(Unit *u) { | |
1348 | assert(u); | |
1349 | ||
1350 | if (u->description) | |
1351 | return u->description; | |
1352 | ||
1353 | return strna(u->id); | |
1354 | } | |
1355 | ||
1356 | const char* unit_status_string(Unit *u, char **ret_combined_buffer) { | |
1357 | assert(u); | |
1358 | assert(u->id); | |
1359 | ||
1360 | /* Return u->id, u->description, or "{u->id} - {u->description}". | |
1361 | * Versions with u->description are only used if it is set. | |
1362 | * The last option is used if configured and the caller provided the 'ret_combined_buffer' | |
1363 | * pointer. | |
1364 | * | |
1365 | * Note that *ret_combined_buffer may be set to NULL. */ | |
1366 | ||
1367 | if (!u->description || | |
1368 | u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME || | |
1369 | (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && !ret_combined_buffer) || | |
1370 | streq(u->description, u->id)) { | |
1371 | ||
1372 | if (ret_combined_buffer) | |
1373 | *ret_combined_buffer = NULL; | |
1374 | return u->id; | |
1375 | } | |
1376 | ||
1377 | if (ret_combined_buffer) { | |
1378 | if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED) { | |
1379 | *ret_combined_buffer = strjoin(u->id, " - ", u->description); | |
1380 | if (*ret_combined_buffer) | |
1381 | return *ret_combined_buffer; | |
1382 | log_oom(); /* Fall back to ->description */ | |
1383 | } else | |
1384 | *ret_combined_buffer = NULL; | |
1385 | } | |
1386 | ||
1387 | return u->description; | |
1388 | } | |
1389 | ||
1390 | /* Common implementation for multiple backends */ | |
1391 | int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) { | |
1392 | int r; | |
1393 | ||
1394 | assert(u); | |
1395 | ||
1396 | /* Load a .{service,socket,...} file */ | |
1397 | r = unit_load_fragment(u); | |
1398 | if (r < 0) | |
1399 | return r; | |
1400 | ||
1401 | if (u->load_state == UNIT_STUB) { | |
1402 | if (fragment_required) | |
1403 | return -ENOENT; | |
1404 | ||
1405 | u->load_state = UNIT_LOADED; | |
1406 | } | |
1407 | ||
1408 | /* Load drop-in directory data. If u is an alias, we might be reloading the | |
1409 | * target unit needlessly. But we cannot be sure which drops-ins have already | |
1410 | * been loaded and which not, at least without doing complicated book-keeping, | |
1411 | * so let's always reread all drop-ins. */ | |
1412 | r = unit_load_dropin(unit_follow_merge(u)); | |
1413 | if (r < 0) | |
1414 | return r; | |
1415 | ||
1416 | if (u->source_path) { | |
1417 | struct stat st; | |
1418 | ||
1419 | if (stat(u->source_path, &st) >= 0) | |
1420 | u->source_mtime = timespec_load(&st.st_mtim); | |
1421 | else | |
1422 | u->source_mtime = 0; | |
1423 | } | |
1424 | ||
1425 | return 0; | |
1426 | } | |
1427 | ||
1428 | void unit_add_to_target_deps_queue(Unit *u) { | |
1429 | Manager *m = ASSERT_PTR(ASSERT_PTR(u)->manager); | |
1430 | ||
1431 | if (u->in_target_deps_queue) | |
1432 | return; | |
1433 | ||
1434 | LIST_PREPEND(target_deps_queue, m->target_deps_queue, u); | |
1435 | u->in_target_deps_queue = true; | |
1436 | } | |
1437 | ||
1438 | int unit_add_default_target_dependency(Unit *u, Unit *target) { | |
1439 | assert(u); | |
1440 | assert(target); | |
1441 | ||
1442 | if (target->type != UNIT_TARGET) | |
1443 | return 0; | |
1444 | ||
1445 | /* Only add the dependency if both units are loaded, so that | |
1446 | * that loop check below is reliable */ | |
1447 | if (u->load_state != UNIT_LOADED || | |
1448 | target->load_state != UNIT_LOADED) | |
1449 | return 0; | |
1450 | ||
1451 | /* If either side wants no automatic dependencies, then let's | |
1452 | * skip this */ | |
1453 | if (!u->default_dependencies || | |
1454 | !target->default_dependencies) | |
1455 | return 0; | |
1456 | ||
1457 | /* Don't create loops */ | |
1458 | if (unit_has_dependency(target, UNIT_ATOM_BEFORE, u)) | |
1459 | return 0; | |
1460 | ||
1461 | return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT); | |
1462 | } | |
1463 | ||
1464 | static int unit_add_slice_dependencies(Unit *u) { | |
1465 | Unit *slice; | |
1466 | ||
1467 | assert(u); | |
1468 | ||
1469 | if (!UNIT_HAS_CGROUP_CONTEXT(u)) | |
1470 | return 0; | |
1471 | ||
1472 | /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the | |
1473 | name), while all other units are ordered based on configuration (as in their case Slice= configures the | |
1474 | relationship). */ | |
1475 | UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE; | |
1476 | ||
1477 | slice = UNIT_GET_SLICE(u); | |
1478 | if (slice) { | |
1479 | if (!IN_SET(slice->freezer_state, FREEZER_RUNNING, FREEZER_THAWING)) | |
1480 | u->freezer_state = FREEZER_FROZEN_BY_PARENT; | |
1481 | ||
1482 | return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, slice, true, mask); | |
1483 | } | |
1484 | ||
1485 | if (unit_has_name(u, SPECIAL_ROOT_SLICE)) | |
1486 | return 0; | |
1487 | ||
1488 | return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask); | |
1489 | } | |
1490 | ||
1491 | static int unit_add_mount_dependencies(Unit *u) { | |
1492 | bool changed = false; | |
1493 | int r; | |
1494 | ||
1495 | assert(u); | |
1496 | ||
1497 | for (UnitMountDependencyType t = 0; t < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX; ++t) { | |
1498 | UnitDependencyInfo di; | |
1499 | const char *path; | |
1500 | ||
1501 | HASHMAP_FOREACH_KEY(di.data, path, u->mounts_for[t]) { | |
1502 | ||
1503 | char prefix[strlen(ASSERT_PTR(path)) + 1]; | |
1504 | ||
1505 | PATH_FOREACH_PREFIX_MORE(prefix, path) { | |
1506 | _cleanup_free_ char *p = NULL; | |
1507 | Unit *m; | |
1508 | ||
1509 | r = unit_name_from_path(prefix, ".mount", &p); | |
1510 | if (r == -EINVAL) | |
1511 | continue; /* If the path cannot be converted to a mount unit name, | |
1512 | * then it's not manageable as a unit by systemd, and | |
1513 | * hence we don't need a dependency on it. Let's thus | |
1514 | * silently ignore the issue. */ | |
1515 | if (r < 0) | |
1516 | return r; | |
1517 | ||
1518 | m = manager_get_unit(u->manager, p); | |
1519 | if (!m) { | |
1520 | /* Make sure to load the mount unit if it exists. If so the | |
1521 | * dependencies on this unit will be added later during the loading | |
1522 | * of the mount unit. */ | |
1523 | (void) manager_load_unit_prepare( | |
1524 | u->manager, | |
1525 | p, | |
1526 | /* path= */NULL, | |
1527 | /* e= */NULL, | |
1528 | &m); | |
1529 | continue; | |
1530 | } | |
1531 | if (m == u) | |
1532 | continue; | |
1533 | ||
1534 | if (m->load_state != UNIT_LOADED) | |
1535 | continue; | |
1536 | ||
1537 | r = unit_add_dependency( | |
1538 | u, | |
1539 | UNIT_AFTER, | |
1540 | m, | |
1541 | /* add_reference= */ true, | |
1542 | di.origin_mask); | |
1543 | if (r < 0) | |
1544 | return r; | |
1545 | changed = changed || r > 0; | |
1546 | ||
1547 | if (m->fragment_path) { | |
1548 | r = unit_add_dependency( | |
1549 | u, | |
1550 | unit_mount_dependency_type_to_dependency_type(t), | |
1551 | m, | |
1552 | /* add_reference= */ true, | |
1553 | di.origin_mask); | |
1554 | if (r < 0) | |
1555 | return r; | |
1556 | changed = changed || r > 0; | |
1557 | } | |
1558 | } | |
1559 | } | |
1560 | } | |
1561 | ||
1562 | return changed; | |
1563 | } | |
1564 | ||
1565 | static int unit_add_oomd_dependencies(Unit *u) { | |
1566 | CGroupContext *c; | |
1567 | CGroupMask mask; | |
1568 | int r; | |
1569 | ||
1570 | assert(u); | |
1571 | ||
1572 | if (!u->default_dependencies) | |
1573 | return 0; | |
1574 | ||
1575 | c = unit_get_cgroup_context(u); | |
1576 | if (!c) | |
1577 | return 0; | |
1578 | ||
1579 | bool wants_oomd = c->moom_swap == MANAGED_OOM_KILL || c->moom_mem_pressure == MANAGED_OOM_KILL; | |
1580 | if (!wants_oomd) | |
1581 | return 0; | |
1582 | ||
1583 | if (!cg_all_unified()) | |
1584 | return 0; | |
1585 | ||
1586 | r = cg_mask_supported(&mask); | |
1587 | if (r < 0) | |
1588 | return log_debug_errno(r, "Failed to determine supported controllers: %m"); | |
1589 | ||
1590 | if (!FLAGS_SET(mask, CGROUP_MASK_MEMORY)) | |
1591 | return 0; | |
1592 | ||
1593 | return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE); | |
1594 | } | |
1595 | ||
1596 | static int unit_add_startup_units(Unit *u) { | |
1597 | if (!unit_has_startup_cgroup_constraints(u)) | |
1598 | return 0; | |
1599 | ||
1600 | return set_ensure_put(&u->manager->startup_units, NULL, u); | |
1601 | } | |
1602 | ||
1603 | static int unit_validate_on_failure_job_mode( | |
1604 | Unit *u, | |
1605 | const char *job_mode_setting, | |
1606 | JobMode job_mode, | |
1607 | const char *dependency_name, | |
1608 | UnitDependencyAtom atom) { | |
1609 | ||
1610 | Unit *other, *found = NULL; | |
1611 | ||
1612 | if (job_mode != JOB_ISOLATE) | |
1613 | return 0; | |
1614 | ||
1615 | UNIT_FOREACH_DEPENDENCY(other, u, atom) { | |
1616 | if (!found) | |
1617 | found = other; | |
1618 | else if (found != other) | |
1619 | return log_unit_error_errno( | |
1620 | u, SYNTHETIC_ERRNO(ENOEXEC), | |
1621 | "More than one %s dependencies specified but %sisolate set. Refusing.", | |
1622 | dependency_name, job_mode_setting); | |
1623 | } | |
1624 | ||
1625 | return 0; | |
1626 | } | |
1627 | ||
1628 | int unit_load(Unit *u) { | |
1629 | int r; | |
1630 | ||
1631 | assert(u); | |
1632 | ||
1633 | if (u->in_load_queue) { | |
1634 | LIST_REMOVE(load_queue, u->manager->load_queue, u); | |
1635 | u->in_load_queue = false; | |
1636 | } | |
1637 | ||
1638 | if (u->type == _UNIT_TYPE_INVALID) | |
1639 | return -EINVAL; | |
1640 | ||
1641 | if (u->load_state != UNIT_STUB) | |
1642 | return 0; | |
1643 | ||
1644 | if (u->transient_file) { | |
1645 | /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup | |
1646 | * is complete, hence let's synchronize the unit file we just wrote to disk. */ | |
1647 | ||
1648 | r = fflush_and_check(u->transient_file); | |
1649 | if (r < 0) | |
1650 | goto fail; | |
1651 | ||
1652 | u->transient_file = safe_fclose(u->transient_file); | |
1653 | u->fragment_mtime = now(CLOCK_REALTIME); | |
1654 | } | |
1655 | ||
1656 | r = UNIT_VTABLE(u)->load(u); | |
1657 | if (r < 0) | |
1658 | goto fail; | |
1659 | ||
1660 | assert(u->load_state != UNIT_STUB); | |
1661 | ||
1662 | if (u->load_state == UNIT_LOADED) { | |
1663 | unit_add_to_target_deps_queue(u); | |
1664 | ||
1665 | r = unit_add_slice_dependencies(u); | |
1666 | if (r < 0) | |
1667 | goto fail; | |
1668 | ||
1669 | r = unit_add_mount_dependencies(u); | |
1670 | if (r < 0) | |
1671 | goto fail; | |
1672 | ||
1673 | r = unit_add_oomd_dependencies(u); | |
1674 | if (r < 0) | |
1675 | goto fail; | |
1676 | ||
1677 | r = unit_add_startup_units(u); | |
1678 | if (r < 0) | |
1679 | goto fail; | |
1680 | ||
1681 | r = unit_validate_on_failure_job_mode(u, "OnSuccessJobMode=", u->on_success_job_mode, "OnSuccess=", UNIT_ATOM_ON_SUCCESS); | |
1682 | if (r < 0) | |
1683 | goto fail; | |
1684 | ||
1685 | r = unit_validate_on_failure_job_mode(u, "OnFailureJobMode=", u->on_failure_job_mode, "OnFailure=", UNIT_ATOM_ON_FAILURE); | |
1686 | if (r < 0) | |
1687 | goto fail; | |
1688 | ||
1689 | if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout) | |
1690 | log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect."); | |
1691 | ||
1692 | /* We finished loading, let's ensure our parents recalculate the members mask */ | |
1693 | unit_invalidate_cgroup_members_masks(u); | |
1694 | } | |
1695 | ||
1696 | assert((u->load_state != UNIT_MERGED) == !u->merged_into); | |
1697 | ||
1698 | unit_add_to_dbus_queue(unit_follow_merge(u)); | |
1699 | unit_add_to_gc_queue(u); | |
1700 | (void) manager_varlink_send_managed_oom_update(u); | |
1701 | ||
1702 | return 0; | |
1703 | ||
1704 | fail: | |
1705 | /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code | |
1706 | * should hence return ENOEXEC to ensure units are placed in this state after loading. */ | |
1707 | ||
1708 | u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : | |
1709 | r == -ENOEXEC ? UNIT_BAD_SETTING : | |
1710 | UNIT_ERROR; | |
1711 | u->load_error = r; | |
1712 | ||
1713 | /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time | |
1714 | * an attempt is made to load this unit, we know we need to check again. */ | |
1715 | if (u->load_state == UNIT_NOT_FOUND) | |
1716 | u->fragment_not_found_timestamp_hash = u->manager->unit_cache_timestamp_hash; | |
1717 | ||
1718 | unit_add_to_dbus_queue(u); | |
1719 | unit_add_to_gc_queue(u); | |
1720 | ||
1721 | return log_unit_debug_errno(u, r, "Failed to load configuration: %m"); | |
1722 | } | |
1723 | ||
1724 | _printf_(7, 8) | |
1725 | static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) { | |
1726 | Unit *u = userdata; | |
1727 | va_list ap; | |
1728 | int r; | |
1729 | ||
1730 | if (u && !unit_log_level_test(u, level)) | |
1731 | return -ERRNO_VALUE(error); | |
1732 | ||
1733 | va_start(ap, format); | |
1734 | if (u) | |
1735 | r = log_object_internalv(level, error, file, line, func, | |
1736 | u->manager->unit_log_field, | |
1737 | u->id, | |
1738 | u->manager->invocation_log_field, | |
1739 | u->invocation_id_string, | |
1740 | format, ap); | |
1741 | else | |
1742 | r = log_internalv(level, error, file, line, func, format, ap); | |
1743 | va_end(ap); | |
1744 | ||
1745 | return r; | |
1746 | } | |
1747 | ||
1748 | static bool unit_test_condition(Unit *u) { | |
1749 | _cleanup_strv_free_ char **env = NULL; | |
1750 | int r; | |
1751 | ||
1752 | assert(u); | |
1753 | ||
1754 | dual_timestamp_now(&u->condition_timestamp); | |
1755 | ||
1756 | r = manager_get_effective_environment(u->manager, &env); | |
1757 | if (r < 0) { | |
1758 | log_unit_error_errno(u, r, "Failed to determine effective environment: %m"); | |
1759 | u->condition_result = true; | |
1760 | } else | |
1761 | u->condition_result = condition_test_list( | |
1762 | u->conditions, | |
1763 | env, | |
1764 | condition_type_to_string, | |
1765 | log_unit_internal, | |
1766 | u); | |
1767 | ||
1768 | unit_add_to_dbus_queue(u); | |
1769 | return u->condition_result; | |
1770 | } | |
1771 | ||
1772 | static bool unit_test_assert(Unit *u) { | |
1773 | _cleanup_strv_free_ char **env = NULL; | |
1774 | int r; | |
1775 | ||
1776 | assert(u); | |
1777 | ||
1778 | dual_timestamp_now(&u->assert_timestamp); | |
1779 | ||
1780 | r = manager_get_effective_environment(u->manager, &env); | |
1781 | if (r < 0) { | |
1782 | log_unit_error_errno(u, r, "Failed to determine effective environment: %m"); | |
1783 | u->assert_result = CONDITION_ERROR; | |
1784 | } else | |
1785 | u->assert_result = condition_test_list( | |
1786 | u->asserts, | |
1787 | env, | |
1788 | assert_type_to_string, | |
1789 | log_unit_internal, | |
1790 | u); | |
1791 | ||
1792 | unit_add_to_dbus_queue(u); | |
1793 | return u->assert_result; | |
1794 | } | |
1795 | ||
1796 | void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *format, const char *ident) { | |
1797 | if (log_get_show_color()) { | |
1798 | if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_COMBINED && strchr(ident, ' ')) | |
1799 | ident = strjoina(ANSI_HIGHLIGHT, u->id, ANSI_NORMAL, " - ", u->description); | |
1800 | else | |
1801 | ident = strjoina(ANSI_HIGHLIGHT, ident, ANSI_NORMAL); | |
1802 | } | |
1803 | ||
1804 | DISABLE_WARNING_FORMAT_NONLITERAL; | |
1805 | manager_status_printf(u->manager, status_type, status, format, ident); | |
1806 | REENABLE_WARNING; | |
1807 | } | |
1808 | ||
1809 | int unit_test_start_limit(Unit *u) { | |
1810 | const char *reason; | |
1811 | ||
1812 | assert(u); | |
1813 | ||
1814 | if (ratelimit_below(&u->start_ratelimit)) { | |
1815 | u->start_limit_hit = false; | |
1816 | return 0; | |
1817 | } | |
1818 | ||
1819 | log_unit_warning(u, "Start request repeated too quickly."); | |
1820 | u->start_limit_hit = true; | |
1821 | ||
1822 | reason = strjoina("unit ", u->id, " failed"); | |
1823 | ||
1824 | emergency_action(u->manager, u->start_limit_action, | |
1825 | EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN, | |
1826 | u->reboot_arg, -1, reason); | |
1827 | ||
1828 | return -ECANCELED; | |
1829 | } | |
1830 | ||
1831 | static bool unit_verify_deps(Unit *u) { | |
1832 | Unit *other; | |
1833 | ||
1834 | assert(u); | |
1835 | ||
1836 | /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined | |
1837 | * with After=. We do not check Requires= or Requisite= here as they only should have an effect on | |
1838 | * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies | |
1839 | * that are not used in conjunction with After= as for them any such check would make things entirely | |
1840 | * racy. */ | |
1841 | ||
1842 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) { | |
1843 | ||
1844 | if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other)) | |
1845 | continue; | |
1846 | ||
1847 | if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) { | |
1848 | log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id); | |
1849 | return false; | |
1850 | } | |
1851 | } | |
1852 | ||
1853 | return true; | |
1854 | } | |
1855 | ||
1856 | /* Errors that aren't really errors: | |
1857 | * -EALREADY: Unit is already started. | |
1858 | * -ECOMM: Condition failed | |
1859 | * -EAGAIN: An operation is already in progress. Retry later. | |
1860 | * | |
1861 | * Errors that are real errors: | |
1862 | * -EBADR: This unit type does not support starting. | |
1863 | * -ECANCELED: Start limit hit, too many requests for now | |
1864 | * -EPROTO: Assert failed | |
1865 | * -EINVAL: Unit not loaded | |
1866 | * -EOPNOTSUPP: Unit type not supported | |
1867 | * -ENOLINK: The necessary dependencies are not fulfilled. | |
1868 | * -ESTALE: This unit has been started before and can't be started a second time | |
1869 | * -ENOENT: This is a triggering unit and unit to trigger is not loaded | |
1870 | */ | |
1871 | int unit_start(Unit *u, ActivationDetails *details) { | |
1872 | UnitActiveState state; | |
1873 | Unit *following; | |
1874 | int r; | |
1875 | ||
1876 | assert(u); | |
1877 | ||
1878 | /* Let's hold off running start jobs for mount units when /proc/self/mountinfo monitor is ratelimited. */ | |
1879 | if (UNIT_VTABLE(u)->subsystem_ratelimited) { | |
1880 | r = UNIT_VTABLE(u)->subsystem_ratelimited(u->manager); | |
1881 | if (r < 0) | |
1882 | return r; | |
1883 | if (r > 0) | |
1884 | return -EAGAIN; | |
1885 | } | |
1886 | ||
1887 | /* If this is already started, then this will succeed. Note that this will even succeed if this unit | |
1888 | * is not startable by the user. This is relied on to detect when we need to wait for units and when | |
1889 | * waiting is finished. */ | |
1890 | state = unit_active_state(u); | |
1891 | if (UNIT_IS_ACTIVE_OR_RELOADING(state)) | |
1892 | return -EALREADY; | |
1893 | if (state == UNIT_MAINTENANCE) | |
1894 | return -EAGAIN; | |
1895 | ||
1896 | /* Units that aren't loaded cannot be started */ | |
1897 | if (u->load_state != UNIT_LOADED) | |
1898 | return -EINVAL; | |
1899 | ||
1900 | /* Refuse starting scope units more than once */ | |
1901 | if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp)) | |
1902 | return -ESTALE; | |
1903 | ||
1904 | /* If the conditions were unmet, don't do anything at all. If we already are activating this call might | |
1905 | * still be useful to speed up activation in case there is some hold-off time, but we don't want to | |
1906 | * recheck the condition in that case. */ | |
1907 | if (state != UNIT_ACTIVATING && | |
1908 | !unit_test_condition(u)) | |
1909 | return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition not met. Not starting unit."); | |
1910 | ||
1911 | /* If the asserts failed, fail the entire job */ | |
1912 | if (state != UNIT_ACTIVATING && | |
1913 | !unit_test_assert(u)) | |
1914 | return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed."); | |
1915 | ||
1916 | /* Units of types that aren't supported cannot be started. Note that we do this test only after the | |
1917 | * condition checks, so that we rather return condition check errors (which are usually not | |
1918 | * considered a true failure) than "not supported" errors (which are considered a failure). | |
1919 | */ | |
1920 | if (!unit_type_supported(u->type)) | |
1921 | return -EOPNOTSUPP; | |
1922 | ||
1923 | /* Let's make sure that the deps really are in order before we start this. Normally the job engine | |
1924 | * should have taken care of this already, but let's check this here again. After all, our | |
1925 | * dependencies might not be in effect anymore, due to a reload or due to an unmet condition. */ | |
1926 | if (!unit_verify_deps(u)) | |
1927 | return -ENOLINK; | |
1928 | ||
1929 | /* Forward to the main object, if we aren't it. */ | |
1930 | following = unit_following(u); | |
1931 | if (following) { | |
1932 | log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id); | |
1933 | return unit_start(following, details); | |
1934 | } | |
1935 | ||
1936 | /* Check to make sure the unit isn't frozen */ | |
1937 | if (u->freezer_state != FREEZER_RUNNING) | |
1938 | return -EDEADLK; | |
1939 | ||
1940 | /* Check our ability to start early so that failure conditions don't cause us to enter a busy loop. */ | |
1941 | if (UNIT_VTABLE(u)->can_start) { | |
1942 | r = UNIT_VTABLE(u)->can_start(u); | |
1943 | if (r < 0) | |
1944 | return r; | |
1945 | } | |
1946 | ||
1947 | /* If it is stopped, but we cannot start it, then fail */ | |
1948 | if (!UNIT_VTABLE(u)->start) | |
1949 | return -EBADR; | |
1950 | ||
1951 | /* We don't suppress calls to ->start() here when we are already starting, to allow this request to | |
1952 | * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it | |
1953 | * waits for a holdoff timer to elapse before it will start again. */ | |
1954 | ||
1955 | unit_add_to_dbus_queue(u); | |
1956 | ||
1957 | if (!u->activation_details) /* Older details object wins */ | |
1958 | u->activation_details = activation_details_ref(details); | |
1959 | ||
1960 | return UNIT_VTABLE(u)->start(u); | |
1961 | } | |
1962 | ||
1963 | bool unit_can_start(Unit *u) { | |
1964 | assert(u); | |
1965 | ||
1966 | if (u->load_state != UNIT_LOADED) | |
1967 | return false; | |
1968 | ||
1969 | if (!unit_type_supported(u->type)) | |
1970 | return false; | |
1971 | ||
1972 | /* Scope units may be started only once */ | |
1973 | if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp)) | |
1974 | return false; | |
1975 | ||
1976 | return !!UNIT_VTABLE(u)->start; | |
1977 | } | |
1978 | ||
1979 | bool unit_can_isolate(Unit *u) { | |
1980 | assert(u); | |
1981 | ||
1982 | return unit_can_start(u) && | |
1983 | u->allow_isolate; | |
1984 | } | |
1985 | ||
1986 | /* Errors: | |
1987 | * -EBADR: This unit type does not support stopping. | |
1988 | * -EALREADY: Unit is already stopped. | |
1989 | * -EAGAIN: An operation is already in progress. Retry later. | |
1990 | * -EDEADLK: Unit is frozen | |
1991 | */ | |
1992 | int unit_stop(Unit *u) { | |
1993 | UnitActiveState state; | |
1994 | Unit *following; | |
1995 | ||
1996 | assert(u); | |
1997 | ||
1998 | state = unit_active_state(u); | |
1999 | if (UNIT_IS_INACTIVE_OR_FAILED(state)) | |
2000 | return -EALREADY; | |
2001 | ||
2002 | following = unit_following(u); | |
2003 | if (following) { | |
2004 | log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id); | |
2005 | return unit_stop(following); | |
2006 | } | |
2007 | ||
2008 | /* Check to make sure the unit isn't frozen */ | |
2009 | if (u->freezer_state != FREEZER_RUNNING) | |
2010 | return -EDEADLK; | |
2011 | ||
2012 | if (!UNIT_VTABLE(u)->stop) | |
2013 | return -EBADR; | |
2014 | ||
2015 | unit_add_to_dbus_queue(u); | |
2016 | ||
2017 | return UNIT_VTABLE(u)->stop(u); | |
2018 | } | |
2019 | ||
2020 | bool unit_can_stop(Unit *u) { | |
2021 | assert(u); | |
2022 | ||
2023 | /* Note: if we return true here, it does not mean that the unit may be successfully stopped. | |
2024 | * Extrinsic units follow external state and they may stop following external state changes | |
2025 | * (hence we return true here), but an attempt to do this through the manager will fail. */ | |
2026 | ||
2027 | if (!unit_type_supported(u->type)) | |
2028 | return false; | |
2029 | ||
2030 | if (u->perpetual) | |
2031 | return false; | |
2032 | ||
2033 | return !!UNIT_VTABLE(u)->stop; | |
2034 | } | |
2035 | ||
2036 | /* Errors: | |
2037 | * -EBADR: This unit type does not support reloading. | |
2038 | * -ENOEXEC: Unit is not started. | |
2039 | * -EAGAIN: An operation is already in progress. Retry later. | |
2040 | * -EDEADLK: Unit is frozen. | |
2041 | */ | |
2042 | int unit_reload(Unit *u) { | |
2043 | UnitActiveState state; | |
2044 | Unit *following; | |
2045 | ||
2046 | assert(u); | |
2047 | ||
2048 | if (u->load_state != UNIT_LOADED) | |
2049 | return -EINVAL; | |
2050 | ||
2051 | if (!unit_can_reload(u)) | |
2052 | return -EBADR; | |
2053 | ||
2054 | state = unit_active_state(u); | |
2055 | if (state == UNIT_RELOADING) | |
2056 | return -EAGAIN; | |
2057 | ||
2058 | if (state != UNIT_ACTIVE) | |
2059 | return log_unit_warning_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "Unit cannot be reloaded because it is inactive."); | |
2060 | ||
2061 | following = unit_following(u); | |
2062 | if (following) { | |
2063 | log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id); | |
2064 | return unit_reload(following); | |
2065 | } | |
2066 | ||
2067 | /* Check to make sure the unit isn't frozen */ | |
2068 | if (u->freezer_state != FREEZER_RUNNING) | |
2069 | return -EDEADLK; | |
2070 | ||
2071 | unit_add_to_dbus_queue(u); | |
2072 | ||
2073 | if (!UNIT_VTABLE(u)->reload) { | |
2074 | /* Unit doesn't have a reload function, but we need to propagate the reload anyway */ | |
2075 | unit_notify(u, unit_active_state(u), unit_active_state(u), /* reload_success = */ true); | |
2076 | return 0; | |
2077 | } | |
2078 | ||
2079 | return UNIT_VTABLE(u)->reload(u); | |
2080 | } | |
2081 | ||
2082 | bool unit_can_reload(Unit *u) { | |
2083 | assert(u); | |
2084 | ||
2085 | if (UNIT_VTABLE(u)->can_reload) | |
2086 | return UNIT_VTABLE(u)->can_reload(u); | |
2087 | ||
2088 | if (unit_has_dependency(u, UNIT_ATOM_PROPAGATES_RELOAD_TO, NULL)) | |
2089 | return true; | |
2090 | ||
2091 | return UNIT_VTABLE(u)->reload; | |
2092 | } | |
2093 | ||
2094 | bool unit_is_unneeded(Unit *u) { | |
2095 | Unit *other; | |
2096 | assert(u); | |
2097 | ||
2098 | if (!u->stop_when_unneeded) | |
2099 | return false; | |
2100 | ||
2101 | /* Don't clean up while the unit is transitioning or is even inactive. */ | |
2102 | if (unit_active_state(u) != UNIT_ACTIVE) | |
2103 | return false; | |
2104 | if (u->job) | |
2105 | return false; | |
2106 | ||
2107 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED) { | |
2108 | /* If a dependent unit has a job queued, is active or transitioning, or is marked for | |
2109 | * restart, then don't clean this one up. */ | |
2110 | ||
2111 | if (other->job) | |
2112 | return false; | |
2113 | ||
2114 | if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) | |
2115 | return false; | |
2116 | ||
2117 | if (unit_will_restart(other)) | |
2118 | return false; | |
2119 | } | |
2120 | ||
2121 | return true; | |
2122 | } | |
2123 | ||
2124 | bool unit_is_upheld_by_active(Unit *u, Unit **ret_culprit) { | |
2125 | Unit *other; | |
2126 | ||
2127 | assert(u); | |
2128 | ||
2129 | /* Checks if the unit needs to be started because it currently is not running, but some other unit | |
2130 | * that is active declared an Uphold= dependencies on it */ | |
2131 | ||
2132 | if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) || u->job) { | |
2133 | if (ret_culprit) | |
2134 | *ret_culprit = NULL; | |
2135 | return false; | |
2136 | } | |
2137 | ||
2138 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_START_STEADILY) { | |
2139 | if (other->job) | |
2140 | continue; | |
2141 | ||
2142 | if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) { | |
2143 | if (ret_culprit) | |
2144 | *ret_culprit = other; | |
2145 | return true; | |
2146 | } | |
2147 | } | |
2148 | ||
2149 | if (ret_culprit) | |
2150 | *ret_culprit = NULL; | |
2151 | return false; | |
2152 | } | |
2153 | ||
2154 | bool unit_is_bound_by_inactive(Unit *u, Unit **ret_culprit) { | |
2155 | Unit *other; | |
2156 | ||
2157 | assert(u); | |
2158 | ||
2159 | /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop | |
2160 | * because the other unit is down. */ | |
2161 | ||
2162 | if (unit_active_state(u) != UNIT_ACTIVE || u->job) { | |
2163 | /* Don't clean up while the unit is transitioning or is even inactive. */ | |
2164 | if (ret_culprit) | |
2165 | *ret_culprit = NULL; | |
2166 | return false; | |
2167 | } | |
2168 | ||
2169 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT) { | |
2170 | if (other->job) | |
2171 | continue; | |
2172 | ||
2173 | if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) { | |
2174 | if (ret_culprit) | |
2175 | *ret_culprit = other; | |
2176 | ||
2177 | return true; | |
2178 | } | |
2179 | } | |
2180 | ||
2181 | if (ret_culprit) | |
2182 | *ret_culprit = NULL; | |
2183 | return false; | |
2184 | } | |
2185 | ||
2186 | static void check_unneeded_dependencies(Unit *u) { | |
2187 | Unit *other; | |
2188 | assert(u); | |
2189 | ||
2190 | /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */ | |
2191 | ||
2192 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE) | |
2193 | unit_submit_to_stop_when_unneeded_queue(other); | |
2194 | } | |
2195 | ||
2196 | static void check_uphold_dependencies(Unit *u) { | |
2197 | Unit *other; | |
2198 | assert(u); | |
2199 | ||
2200 | /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */ | |
2201 | ||
2202 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE) | |
2203 | unit_submit_to_start_when_upheld_queue(other); | |
2204 | } | |
2205 | ||
2206 | static void check_bound_by_dependencies(Unit *u) { | |
2207 | Unit *other; | |
2208 | assert(u); | |
2209 | ||
2210 | /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */ | |
2211 | ||
2212 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE) | |
2213 | unit_submit_to_stop_when_bound_queue(other); | |
2214 | } | |
2215 | ||
2216 | static void retroactively_start_dependencies(Unit *u) { | |
2217 | Unit *other; | |
2218 | ||
2219 | assert(u); | |
2220 | assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))); | |
2221 | ||
2222 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_REPLACE) /* Requires= + BindsTo= */ | |
2223 | if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) && | |
2224 | !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other))) | |
2225 | (void) manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL); | |
2226 | ||
2227 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_START_FAIL) /* Wants= */ | |
2228 | if (!unit_has_dependency(u, UNIT_ATOM_AFTER, other) && | |
2229 | !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other))) | |
2230 | (void) manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL); | |
2231 | ||
2232 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_START) /* Conflicts= (and inverse) */ | |
2233 | if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other))) | |
2234 | (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL); | |
2235 | } | |
2236 | ||
2237 | static void retroactively_stop_dependencies(Unit *u) { | |
2238 | Unit *other; | |
2239 | ||
2240 | assert(u); | |
2241 | assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u))); | |
2242 | ||
2243 | /* Pull down units which are bound to us recursively if enabled */ | |
2244 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP) /* BoundBy= */ | |
2245 | if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other))) | |
2246 | (void) manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL); | |
2247 | } | |
2248 | ||
2249 | void unit_start_on_failure( | |
2250 | Unit *u, | |
2251 | const char *dependency_name, | |
2252 | UnitDependencyAtom atom, | |
2253 | JobMode job_mode) { | |
2254 | ||
2255 | int n_jobs = -1; | |
2256 | Unit *other; | |
2257 | int r; | |
2258 | ||
2259 | assert(u); | |
2260 | assert(dependency_name); | |
2261 | assert(IN_SET(atom, UNIT_ATOM_ON_SUCCESS, UNIT_ATOM_ON_FAILURE)); | |
2262 | ||
2263 | /* Act on OnFailure= and OnSuccess= dependencies */ | |
2264 | ||
2265 | UNIT_FOREACH_DEPENDENCY(other, u, atom) { | |
2266 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
2267 | ||
2268 | if (n_jobs < 0) { | |
2269 | log_unit_info(u, "Triggering %s dependencies.", dependency_name); | |
2270 | n_jobs = 0; | |
2271 | } | |
2272 | ||
2273 | r = manager_add_job(u->manager, JOB_START, other, job_mode, NULL, &error, NULL); | |
2274 | if (r < 0) | |
2275 | log_unit_warning_errno( | |
2276 | u, r, "Failed to enqueue %s job, ignoring: %s", | |
2277 | dependency_name, bus_error_message(&error, r)); | |
2278 | n_jobs++; | |
2279 | } | |
2280 | ||
2281 | if (n_jobs >= 0) | |
2282 | log_unit_debug(u, "Triggering %s dependencies done (%i %s).", | |
2283 | dependency_name, n_jobs, n_jobs == 1 ? "job" : "jobs"); | |
2284 | } | |
2285 | ||
2286 | void unit_trigger_notify(Unit *u) { | |
2287 | Unit *other; | |
2288 | ||
2289 | assert(u); | |
2290 | ||
2291 | UNIT_FOREACH_DEPENDENCY(other, u, UNIT_ATOM_TRIGGERED_BY) | |
2292 | if (UNIT_VTABLE(other)->trigger_notify) | |
2293 | UNIT_VTABLE(other)->trigger_notify(other, u); | |
2294 | } | |
2295 | ||
2296 | static int raise_level(int log_level, bool condition_info, bool condition_notice) { | |
2297 | if (condition_notice && log_level > LOG_NOTICE) | |
2298 | return LOG_NOTICE; | |
2299 | if (condition_info && log_level > LOG_INFO) | |
2300 | return LOG_INFO; | |
2301 | return log_level; | |
2302 | } | |
2303 | ||
2304 | static int unit_log_resources(Unit *u) { | |
2305 | ||
2306 | static const struct { | |
2307 | const char *journal_field; | |
2308 | const char *message_suffix; | |
2309 | } memory_fields[_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1] = { | |
2310 | [CGROUP_MEMORY_PEAK] = { "MEMORY_PEAK", "memory peak" }, | |
2311 | [CGROUP_MEMORY_SWAP_PEAK] = { "MEMORY_SWAP_PEAK", "memory swap peak" }, | |
2312 | }, ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = { | |
2313 | [CGROUP_IP_INGRESS_BYTES] = { "IP_METRIC_INGRESS_BYTES", "incoming IP traffic" }, | |
2314 | [CGROUP_IP_EGRESS_BYTES] = { "IP_METRIC_EGRESS_BYTES", "outgoing IP traffic" }, | |
2315 | [CGROUP_IP_INGRESS_PACKETS] = { "IP_METRIC_INGRESS_PACKETS", NULL }, | |
2316 | [CGROUP_IP_EGRESS_PACKETS] = { "IP_METRIC_EGRESS_PACKETS", NULL }, | |
2317 | }, io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = { | |
2318 | [CGROUP_IO_READ_BYTES] = { "IO_METRIC_READ_BYTES", "read from disk" }, | |
2319 | [CGROUP_IO_WRITE_BYTES] = { "IO_METRIC_WRITE_BYTES", "written to disk" }, | |
2320 | [CGROUP_IO_READ_OPERATIONS] = { "IO_METRIC_READ_OPERATIONS", NULL }, | |
2321 | [CGROUP_IO_WRITE_OPERATIONS] = { "IO_METRIC_WRITE_OPERATIONS", NULL }, | |
2322 | }; | |
2323 | ||
2324 | struct iovec *iovec = NULL; | |
2325 | size_t n_iovec = 0; | |
2326 | _cleanup_free_ char *message = NULL, *t = NULL; | |
2327 | nsec_t cpu_nsec = NSEC_INFINITY; | |
2328 | int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */ | |
2329 | ||
2330 | assert(u); | |
2331 | ||
2332 | CLEANUP_ARRAY(iovec, n_iovec, iovec_array_free); | |
2333 | ||
2334 | iovec = new(struct iovec, 1 + (_CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST + 1) + | |
2335 | _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4); | |
2336 | if (!iovec) | |
2337 | return log_oom(); | |
2338 | ||
2339 | /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource | |
2340 | * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced | |
2341 | * information and the complete data in structured fields. */ | |
2342 | ||
2343 | (void) unit_get_cpu_usage(u, &cpu_nsec); | |
2344 | if (cpu_nsec != NSEC_INFINITY) { | |
2345 | /* Format the CPU time for inclusion in the structured log message */ | |
2346 | if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, cpu_nsec) < 0) | |
2347 | return log_oom(); | |
2348 | iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t)); | |
2349 | ||
2350 | /* Format the CPU time for inclusion in the human language message string */ | |
2351 | if (strextendf_with_separator(&message, ", ", | |
2352 | "Consumed %s CPU time", | |
2353 | FORMAT_TIMESPAN(cpu_nsec / NSEC_PER_USEC, USEC_PER_MSEC)) < 0) | |
2354 | return log_oom(); | |
2355 | ||
2356 | log_level = raise_level(log_level, | |
2357 | cpu_nsec > MENTIONWORTHY_CPU_NSEC, | |
2358 | cpu_nsec > NOTICEWORTHY_CPU_NSEC); | |
2359 | } | |
2360 | ||
2361 | for (CGroupMemoryAccountingMetric metric = 0; metric <= _CGROUP_MEMORY_ACCOUNTING_METRIC_CACHED_LAST; metric++) { | |
2362 | uint64_t value = UINT64_MAX; | |
2363 | ||
2364 | assert(memory_fields[metric].journal_field); | |
2365 | assert(memory_fields[metric].message_suffix); | |
2366 | ||
2367 | (void) unit_get_memory_accounting(u, metric, &value); | |
2368 | if (value == UINT64_MAX) | |
2369 | continue; | |
2370 | ||
2371 | if (asprintf(&t, "%s=%" PRIu64, memory_fields[metric].journal_field, value) < 0) | |
2372 | return log_oom(); | |
2373 | iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t)); | |
2374 | ||
2375 | /* If value is 0, we don't log it in the MESSAGE= field. */ | |
2376 | if (value == 0) | |
2377 | continue; | |
2378 | ||
2379 | if (strextendf_with_separator(&message, ", ", "%s %s", | |
2380 | FORMAT_BYTES(value), memory_fields[metric].message_suffix) < 0) | |
2381 | return log_oom(); | |
2382 | ||
2383 | log_level = raise_level(log_level, | |
2384 | value > MENTIONWORTHY_MEMORY_BYTES, | |
2385 | value > NOTICEWORTHY_MEMORY_BYTES); | |
2386 | } | |
2387 | ||
2388 | for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) { | |
2389 | uint64_t value = UINT64_MAX; | |
2390 | ||
2391 | assert(io_fields[k].journal_field); | |
2392 | ||
2393 | (void) unit_get_io_accounting(u, k, k > 0, &value); | |
2394 | if (value == UINT64_MAX) | |
2395 | continue; | |
2396 | ||
2397 | /* Format IO accounting data for inclusion in the structured log message */ | |
2398 | if (asprintf(&t, "%s=%" PRIu64, io_fields[k].journal_field, value) < 0) | |
2399 | return log_oom(); | |
2400 | iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t)); | |
2401 | ||
2402 | /* If value is 0, we don't log it in the MESSAGE= field. */ | |
2403 | if (value == 0) | |
2404 | continue; | |
2405 | ||
2406 | /* Format the IO accounting data for inclusion in the human language message string, but only | |
2407 | * for the bytes counters (and not for the operations counters) */ | |
2408 | if (io_fields[k].message_suffix) { | |
2409 | if (strextendf_with_separator(&message, ", ", "%s %s", | |
2410 | FORMAT_BYTES(value), io_fields[k].message_suffix) < 0) | |
2411 | return log_oom(); | |
2412 | ||
2413 | log_level = raise_level(log_level, | |
2414 | value > MENTIONWORTHY_IO_BYTES, | |
2415 | value > NOTICEWORTHY_IO_BYTES); | |
2416 | } | |
2417 | } | |
2418 | ||
2419 | for (CGroupIPAccountingMetric m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) { | |
2420 | uint64_t value = UINT64_MAX; | |
2421 | ||
2422 | assert(ip_fields[m].journal_field); | |
2423 | ||
2424 | (void) unit_get_ip_accounting(u, m, &value); | |
2425 | if (value == UINT64_MAX) | |
2426 | continue; | |
2427 | ||
2428 | /* Format IP accounting data for inclusion in the structured log message */ | |
2429 | if (asprintf(&t, "%s=%" PRIu64, ip_fields[m].journal_field, value) < 0) | |
2430 | return log_oom(); | |
2431 | iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t)); | |
2432 | ||
2433 | /* If value is 0, we don't log it in the MESSAGE= field. */ | |
2434 | if (value == 0) | |
2435 | continue; | |
2436 | ||
2437 | /* Format the IP accounting data for inclusion in the human language message string, but only | |
2438 | * for the bytes counters (and not for the packets counters) */ | |
2439 | if (ip_fields[m].message_suffix) { | |
2440 | if (strextendf_with_separator(&message, ", ", "%s %s", | |
2441 | FORMAT_BYTES(value), ip_fields[m].message_suffix) < 0) | |
2442 | return log_oom(); | |
2443 | ||
2444 | log_level = raise_level(log_level, | |
2445 | value > MENTIONWORTHY_IP_BYTES, | |
2446 | value > NOTICEWORTHY_IP_BYTES); | |
2447 | } | |
2448 | } | |
2449 | ||
2450 | /* This check is here because it is the earliest point following all possible log_level assignments. | |
2451 | * (If log_level is assigned anywhere after this point, move this check.) */ | |
2452 | if (!unit_log_level_test(u, log_level)) | |
2453 | return 0; | |
2454 | ||
2455 | /* Is there any accounting data available at all? */ | |
2456 | if (n_iovec == 0) { | |
2457 | assert(!message); | |
2458 | return 0; | |
2459 | } | |
2460 | ||
2461 | t = strjoin("MESSAGE=", u->id, ": ", message ?: "Completed", "."); | |
2462 | if (!t) | |
2463 | return log_oom(); | |
2464 | iovec[n_iovec++] = IOVEC_MAKE_STRING(TAKE_PTR(t)); | |
2465 | ||
2466 | if (!set_iovec_string_field(iovec, &n_iovec, "MESSAGE_ID=", SD_MESSAGE_UNIT_RESOURCES_STR)) | |
2467 | return log_oom(); | |
2468 | ||
2469 | if (!set_iovec_string_field(iovec, &n_iovec, u->manager->unit_log_field, u->id)) | |
2470 | return log_oom(); | |
2471 | ||
2472 | if (!set_iovec_string_field(iovec, &n_iovec, u->manager->invocation_log_field, u->invocation_id_string)) | |
2473 | return log_oom(); | |
2474 | ||
2475 | log_unit_struct_iovec(u, log_level, iovec, n_iovec); | |
2476 | ||
2477 | return 0; | |
2478 | } | |
2479 | ||
2480 | static void unit_update_on_console(Unit *u) { | |
2481 | bool b; | |
2482 | ||
2483 | assert(u); | |
2484 | ||
2485 | b = unit_needs_console(u); | |
2486 | if (u->on_console == b) | |
2487 | return; | |
2488 | ||
2489 | u->on_console = b; | |
2490 | if (b) | |
2491 | manager_ref_console(u->manager); | |
2492 | else | |
2493 | manager_unref_console(u->manager); | |
2494 | } | |
2495 | ||
2496 | static void unit_emit_audit_start(Unit *u) { | |
2497 | assert(u); | |
2498 | ||
2499 | if (UNIT_VTABLE(u)->audit_start_message_type <= 0) | |
2500 | return; | |
2501 | ||
2502 | /* Write audit record if we have just finished starting up */ | |
2503 | manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ true); | |
2504 | u->in_audit = true; | |
2505 | } | |
2506 | ||
2507 | static void unit_emit_audit_stop(Unit *u, UnitActiveState state) { | |
2508 | assert(u); | |
2509 | ||
2510 | if (UNIT_VTABLE(u)->audit_start_message_type <= 0) | |
2511 | return; | |
2512 | ||
2513 | if (u->in_audit) { | |
2514 | /* Write audit record if we have just finished shutting down */ | |
2515 | manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ state == UNIT_INACTIVE); | |
2516 | u->in_audit = false; | |
2517 | } else { | |
2518 | /* Hmm, if there was no start record written write it now, so that we always have a nice pair */ | |
2519 | manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_start_message_type, /* success= */ state == UNIT_INACTIVE); | |
2520 | ||
2521 | if (state == UNIT_INACTIVE) | |
2522 | manager_send_unit_audit(u->manager, u, UNIT_VTABLE(u)->audit_stop_message_type, /* success= */ true); | |
2523 | } | |
2524 | } | |
2525 | ||
2526 | static bool unit_process_job(Job *j, UnitActiveState ns, bool reload_success) { | |
2527 | bool unexpected = false; | |
2528 | JobResult result; | |
2529 | ||
2530 | assert(j); | |
2531 | ||
2532 | if (j->state == JOB_WAITING) | |
2533 | /* So we reached a different state for this job. Let's see if we can run it now if it failed previously | |
2534 | * due to EAGAIN. */ | |
2535 | job_add_to_run_queue(j); | |
2536 | ||
2537 | /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and | |
2538 | * hence needs to invalidate jobs. */ | |
2539 | ||
2540 | switch (j->type) { | |
2541 | ||
2542 | case JOB_START: | |
2543 | case JOB_VERIFY_ACTIVE: | |
2544 | ||
2545 | if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) | |
2546 | job_finish_and_invalidate(j, JOB_DONE, true, false); | |
2547 | else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) { | |
2548 | unexpected = true; | |
2549 | ||
2550 | if (UNIT_IS_INACTIVE_OR_FAILED(ns)) { | |
2551 | if (ns == UNIT_FAILED) | |
2552 | result = JOB_FAILED; | |
2553 | else | |
2554 | result = JOB_DONE; | |
2555 | ||
2556 | job_finish_and_invalidate(j, result, true, false); | |
2557 | } | |
2558 | } | |
2559 | ||
2560 | break; | |
2561 | ||
2562 | case JOB_RELOAD: | |
2563 | case JOB_RELOAD_OR_START: | |
2564 | case JOB_TRY_RELOAD: | |
2565 | ||
2566 | if (j->state == JOB_RUNNING) { | |
2567 | if (ns == UNIT_ACTIVE) | |
2568 | job_finish_and_invalidate(j, reload_success ? JOB_DONE : JOB_FAILED, true, false); | |
2569 | else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) { | |
2570 | unexpected = true; | |
2571 | ||
2572 | if (UNIT_IS_INACTIVE_OR_FAILED(ns)) | |
2573 | job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false); | |
2574 | } | |
2575 | } | |
2576 | ||
2577 | break; | |
2578 | ||
2579 | case JOB_STOP: | |
2580 | case JOB_RESTART: | |
2581 | case JOB_TRY_RESTART: | |
2582 | ||
2583 | if (UNIT_IS_INACTIVE_OR_FAILED(ns)) | |
2584 | job_finish_and_invalidate(j, JOB_DONE, true, false); | |
2585 | else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) { | |
2586 | unexpected = true; | |
2587 | job_finish_and_invalidate(j, JOB_FAILED, true, false); | |
2588 | } | |
2589 | ||
2590 | break; | |
2591 | ||
2592 | default: | |
2593 | assert_not_reached(); | |
2594 | } | |
2595 | ||
2596 | return unexpected; | |
2597 | } | |
2598 | ||
2599 | void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) { | |
2600 | const char *reason; | |
2601 | Manager *m; | |
2602 | ||
2603 | assert(u); | |
2604 | assert(os < _UNIT_ACTIVE_STATE_MAX); | |
2605 | assert(ns < _UNIT_ACTIVE_STATE_MAX); | |
2606 | ||
2607 | /* Note that this is called for all low-level state changes, even if they might map to the same high-level | |
2608 | * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is | |
2609 | * remounted this function will be called too! */ | |
2610 | ||
2611 | m = u->manager; | |
2612 | ||
2613 | /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in | |
2614 | * the bus queue, so that any job change signal queued will force out the unit change signal first. */ | |
2615 | unit_add_to_dbus_queue(u); | |
2616 | ||
2617 | /* Update systemd-oomd on the property/state change */ | |
2618 | if (os != ns) { | |
2619 | /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop | |
2620 | * monitoring. | |
2621 | * Also send an update whenever the unit goes active; this is to handle a case where an override file | |
2622 | * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to | |
2623 | * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't | |
2624 | * have the information on the property. Thus, indiscriminately send an update. */ | |
2625 | if (UNIT_IS_INACTIVE_OR_FAILED(ns) || UNIT_IS_ACTIVE_OR_RELOADING(ns)) | |
2626 | (void) manager_varlink_send_managed_oom_update(u); | |
2627 | } | |
2628 | ||
2629 | /* Update timestamps for state changes */ | |
2630 | if (!MANAGER_IS_RELOADING(m)) { | |
2631 | dual_timestamp_now(&u->state_change_timestamp); | |
2632 | ||
2633 | if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns)) | |
2634 | u->inactive_exit_timestamp = u->state_change_timestamp; | |
2635 | else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns)) | |
2636 | u->inactive_enter_timestamp = u->state_change_timestamp; | |
2637 | ||
2638 | if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns)) | |
2639 | u->active_enter_timestamp = u->state_change_timestamp; | |
2640 | else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns)) | |
2641 | u->active_exit_timestamp = u->state_change_timestamp; | |
2642 | } | |
2643 | ||
2644 | /* Keep track of failed units */ | |
2645 | (void) manager_update_failed_units(m, u, ns == UNIT_FAILED); | |
2646 | ||
2647 | /* Make sure the cgroup and state files are always removed when we become inactive */ | |
2648 | if (UNIT_IS_INACTIVE_OR_FAILED(ns)) { | |
2649 | SET_FLAG(u->markers, | |
2650 | (1u << UNIT_MARKER_NEEDS_RELOAD)|(1u << UNIT_MARKER_NEEDS_RESTART), | |
2651 | false); | |
2652 | unit_prune_cgroup(u); | |
2653 | unit_unlink_state_files(u); | |
2654 | } else if (ns != os && ns == UNIT_RELOADING) | |
2655 | SET_FLAG(u->markers, 1u << UNIT_MARKER_NEEDS_RELOAD, false); | |
2656 | ||
2657 | unit_update_on_console(u); | |
2658 | ||
2659 | if (!MANAGER_IS_RELOADING(m)) { | |
2660 | bool unexpected; | |
2661 | ||
2662 | /* Let's propagate state changes to the job */ | |
2663 | if (u->job) | |
2664 | unexpected = unit_process_job(u->job, ns, reload_success); | |
2665 | else | |
2666 | unexpected = true; | |
2667 | ||
2668 | /* If this state change happened without being requested by a job, then let's retroactively start or | |
2669 | * stop dependencies. We skip that step when deserializing, since we don't want to create any | |
2670 | * additional jobs just because something is already activated. */ | |
2671 | ||
2672 | if (unexpected) { | |
2673 | if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns)) | |
2674 | retroactively_start_dependencies(u); | |
2675 | else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns)) | |
2676 | retroactively_stop_dependencies(u); | |
2677 | } | |
2678 | ||
2679 | if (ns != os && ns == UNIT_FAILED) { | |
2680 | log_unit_debug(u, "Unit entered failed state."); | |
2681 | unit_start_on_failure(u, "OnFailure=", UNIT_ATOM_ON_FAILURE, u->on_failure_job_mode); | |
2682 | } | |
2683 | ||
2684 | if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) { | |
2685 | /* This unit just finished starting up */ | |
2686 | ||
2687 | unit_emit_audit_start(u); | |
2688 | manager_send_unit_plymouth(m, u); | |
2689 | manager_send_unit_supervisor(m, u, /* active= */ true); | |
2690 | } | |
2691 | ||
2692 | if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) { | |
2693 | /* This unit just stopped/failed. */ | |
2694 | ||
2695 | unit_emit_audit_stop(u, ns); | |
2696 | manager_send_unit_supervisor(m, u, /* active= */ false); | |
2697 | unit_log_resources(u); | |
2698 | } | |
2699 | ||
2700 | if (ns == UNIT_INACTIVE && !IN_SET(os, UNIT_FAILED, UNIT_INACTIVE, UNIT_MAINTENANCE)) | |
2701 | unit_start_on_failure(u, "OnSuccess=", UNIT_ATOM_ON_SUCCESS, u->on_success_job_mode); | |
2702 | } | |
2703 | ||
2704 | manager_recheck_journal(m); | |
2705 | manager_recheck_dbus(m); | |
2706 | ||
2707 | unit_trigger_notify(u); | |
2708 | ||
2709 | if (!MANAGER_IS_RELOADING(m)) { | |
2710 | if (os != UNIT_FAILED && ns == UNIT_FAILED) { | |
2711 | reason = strjoina("unit ", u->id, " failed"); | |
2712 | emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason); | |
2713 | } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) { | |
2714 | reason = strjoina("unit ", u->id, " succeeded"); | |
2715 | emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason); | |
2716 | } | |
2717 | } | |
2718 | ||
2719 | /* And now, add the unit or depending units to various queues that will act on the new situation if | |
2720 | * needed. These queues generally check for continuous state changes rather than events (like most of | |
2721 | * the state propagation above), and do work deferred instead of instantly, since they typically | |
2722 | * don't want to run during reloading, and usually involve checking combined state of multiple units | |
2723 | * at once. */ | |
2724 | ||
2725 | if (UNIT_IS_INACTIVE_OR_FAILED(ns)) { | |
2726 | /* Stop unneeded units and bound-by units regardless if going down was expected or not */ | |
2727 | check_unneeded_dependencies(u); | |
2728 | check_bound_by_dependencies(u); | |
2729 | ||
2730 | /* Maybe someone wants us to remain up? */ | |
2731 | unit_submit_to_start_when_upheld_queue(u); | |
2732 | ||
2733 | /* Maybe the unit should be GC'ed now? */ | |
2734 | unit_add_to_gc_queue(u); | |
2735 | ||
2736 | /* Maybe we can release some resources now? */ | |
2737 | unit_submit_to_release_resources_queue(u); | |
2738 | } | |
2739 | ||
2740 | if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) { | |
2741 | /* Start uphold units regardless if going up was expected or not */ | |
2742 | check_uphold_dependencies(u); | |
2743 | ||
2744 | /* Maybe we finished startup and are now ready for being stopped because unneeded? */ | |
2745 | unit_submit_to_stop_when_unneeded_queue(u); | |
2746 | ||
2747 | /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens | |
2748 | * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to | |
2749 | * inactive, without ever entering started.) */ | |
2750 | unit_submit_to_stop_when_bound_queue(u); | |
2751 | } | |
2752 | } | |
2753 | ||
2754 | int unit_watch_pidref(Unit *u, const PidRef *pid, bool exclusive) { | |
2755 | _cleanup_(pidref_freep) PidRef *pid_dup = NULL; | |
2756 | int r; | |
2757 | ||
2758 | /* Adds a specific PID to the set of PIDs this unit watches. */ | |
2759 | ||
2760 | assert(u); | |
2761 | assert(pidref_is_set(pid)); | |
2762 | ||
2763 | /* Caller might be sure that this PID belongs to this unit only. Let's take this | |
2764 | * opportunity to remove any stalled references to this PID as they can be created | |
2765 | * easily (when watching a process which is not our direct child). */ | |
2766 | if (exclusive) | |
2767 | manager_unwatch_pidref(u->manager, pid); | |
2768 | ||
2769 | if (set_contains(u->pids, pid)) /* early exit if already being watched */ | |
2770 | return 0; | |
2771 | ||
2772 | r = pidref_dup(pid, &pid_dup); | |
2773 | if (r < 0) | |
2774 | return r; | |
2775 | ||
2776 | /* First, insert into the set of PIDs maintained by the unit */ | |
2777 | r = set_ensure_put(&u->pids, &pidref_hash_ops_free, pid_dup); | |
2778 | if (r < 0) | |
2779 | return r; | |
2780 | ||
2781 | pid = TAKE_PTR(pid_dup); /* continue with our copy now that we have installed it properly in our set */ | |
2782 | ||
2783 | /* Second, insert it into the simple global table, see if that works */ | |
2784 | r = hashmap_ensure_put(&u->manager->watch_pids, &pidref_hash_ops_free, pid, u); | |
2785 | if (r != -EEXIST) | |
2786 | return r; | |
2787 | ||
2788 | /* OK, the key is already assigned to a different unit. That's fine, then add us via the second | |
2789 | * hashmap that points to an array. */ | |
2790 | ||
2791 | PidRef *old_pid = NULL; | |
2792 | Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &old_pid); | |
2793 | ||
2794 | /* Count entries in array */ | |
2795 | size_t n = 0; | |
2796 | for (; array && array[n]; n++) | |
2797 | ; | |
2798 | ||
2799 | /* Allocate a new array */ | |
2800 | _cleanup_free_ Unit **new_array = new(Unit*, n + 2); | |
2801 | if (!new_array) | |
2802 | return -ENOMEM; | |
2803 | ||
2804 | /* Append us to the end */ | |
2805 | memcpy_safe(new_array, array, sizeof(Unit*) * n); | |
2806 | new_array[n] = u; | |
2807 | new_array[n+1] = NULL; | |
2808 | ||
2809 | /* Make sure the hashmap is allocated */ | |
2810 | r = hashmap_ensure_allocated(&u->manager->watch_pids_more, &pidref_hash_ops_free); | |
2811 | if (r < 0) | |
2812 | return r; | |
2813 | ||
2814 | /* Add or replace the old array */ | |
2815 | r = hashmap_replace(u->manager->watch_pids_more, old_pid ?: pid, new_array); | |
2816 | if (r < 0) | |
2817 | return r; | |
2818 | ||
2819 | TAKE_PTR(new_array); /* Now part of the hash table */ | |
2820 | free(array); /* Which means we can now delete the old version */ | |
2821 | return 0; | |
2822 | } | |
2823 | ||
2824 | int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) { | |
2825 | _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL; | |
2826 | int r; | |
2827 | ||
2828 | assert(u); | |
2829 | assert(pid_is_valid(pid)); | |
2830 | ||
2831 | r = pidref_set_pid(&pidref, pid); | |
2832 | if (r < 0) | |
2833 | return r; | |
2834 | ||
2835 | return unit_watch_pidref(u, &pidref, exclusive); | |
2836 | } | |
2837 | ||
2838 | void unit_unwatch_pidref(Unit *u, const PidRef *pid) { | |
2839 | assert(u); | |
2840 | assert(pidref_is_set(pid)); | |
2841 | ||
2842 | /* Remove from the set we maintain for this unit. (And destroy the returned pid eventually) */ | |
2843 | _cleanup_(pidref_freep) PidRef *pid1 = set_remove(u->pids, pid); | |
2844 | if (!pid1) | |
2845 | return; /* Early exit if this PID was never watched by us */ | |
2846 | ||
2847 | /* First let's drop the unit from the simple hash table, if it is included there */ | |
2848 | PidRef *pid2 = NULL; | |
2849 | Unit *uu = hashmap_get2(u->manager->watch_pids, pid, (void**) &pid2); | |
2850 | ||
2851 | /* Quick validation: iff we are in the watch_pids table then the PidRef object must be the same as in our local pids set */ | |
2852 | assert((uu == u) == (pid1 == pid2)); | |
2853 | ||
2854 | if (uu == u) | |
2855 | /* OK, we are in the first table. Let's remove it there then, and we are done already. */ | |
2856 | assert_se(hashmap_remove_value(u->manager->watch_pids, pid2, uu)); | |
2857 | else { | |
2858 | /* We weren't in the first table, then let's consult the 2nd table that points to an array */ | |
2859 | PidRef *pid3 = NULL; | |
2860 | Unit **array = hashmap_get2(u->manager->watch_pids_more, pid, (void**) &pid3); | |
2861 | ||
2862 | /* Let's iterate through the array, dropping our own entry */ | |
2863 | size_t m = 0, n = 0; | |
2864 | for (; array && array[n]; n++) | |
2865 | if (array[n] != u) | |
2866 | array[m++] = array[n]; | |
2867 | if (n == m) | |
2868 | return; /* Not there */ | |
2869 | ||
2870 | array[m] = NULL; /* set trailing NULL marker on the new end */ | |
2871 | ||
2872 | if (m == 0) { | |
2873 | /* The array is now empty, remove the entire entry */ | |
2874 | assert_se(hashmap_remove_value(u->manager->watch_pids_more, pid3, array)); | |
2875 | free(array); | |
2876 | } else { | |
2877 | /* The array is not empty, but let's make sure the entry is not keyed by the PidRef | |
2878 | * we will delete, but by the PidRef object of the Unit that is now first in the | |
2879 | * array. */ | |
2880 | ||
2881 | PidRef *new_pid3 = ASSERT_PTR(set_get(array[0]->pids, pid)); | |
2882 | assert_se(hashmap_replace(u->manager->watch_pids_more, new_pid3, array) >= 0); | |
2883 | } | |
2884 | } | |
2885 | } | |
2886 | ||
2887 | void unit_unwatch_pid(Unit *u, pid_t pid) { | |
2888 | return unit_unwatch_pidref(u, &PIDREF_MAKE_FROM_PID(pid)); | |
2889 | } | |
2890 | ||
2891 | void unit_unwatch_all_pids(Unit *u) { | |
2892 | assert(u); | |
2893 | ||
2894 | while (!set_isempty(u->pids)) | |
2895 | unit_unwatch_pidref(u, set_first(u->pids)); | |
2896 | ||
2897 | u->pids = set_free(u->pids); | |
2898 | } | |
2899 | ||
2900 | void unit_unwatch_pidref_done(Unit *u, PidRef *pidref) { | |
2901 | assert(u); | |
2902 | ||
2903 | if (!pidref_is_set(pidref)) | |
2904 | return; | |
2905 | ||
2906 | unit_unwatch_pidref(u, pidref); | |
2907 | pidref_done(pidref); | |
2908 | } | |
2909 | ||
2910 | static void unit_tidy_watch_pids(Unit *u) { | |
2911 | PidRef *except1, *except2, *e; | |
2912 | ||
2913 | assert(u); | |
2914 | ||
2915 | /* Cleans dead PIDs from our list */ | |
2916 | ||
2917 | except1 = unit_main_pid(u); | |
2918 | except2 = unit_control_pid(u); | |
2919 | ||
2920 | SET_FOREACH(e, u->pids) { | |
2921 | if (pidref_equal(except1, e) || pidref_equal(except2, e)) | |
2922 | continue; | |
2923 | ||
2924 | if (pidref_is_unwaited(e) <= 0) | |
2925 | unit_unwatch_pidref(u, e); | |
2926 | } | |
2927 | } | |
2928 | ||
2929 | static int on_rewatch_pids_event(sd_event_source *s, void *userdata) { | |
2930 | Unit *u = ASSERT_PTR(userdata); | |
2931 | ||
2932 | assert(s); | |
2933 | ||
2934 | unit_tidy_watch_pids(u); | |
2935 | (void) unit_watch_all_pids(u); | |
2936 | ||
2937 | /* If the PID set is empty now, then let's finish this off. */ | |
2938 | unit_synthesize_cgroup_empty_event(u); | |
2939 | ||
2940 | return 0; | |
2941 | } | |
2942 | ||
2943 | int unit_enqueue_rewatch_pids(Unit *u) { | |
2944 | int r; | |
2945 | ||
2946 | assert(u); | |
2947 | ||
2948 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
2949 | if (!crt || !crt->cgroup_path) | |
2950 | return -ENOENT; | |
2951 | ||
2952 | r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER); | |
2953 | if (r < 0) | |
2954 | return r; | |
2955 | if (r > 0) /* On unified we can use proper notifications */ | |
2956 | return 0; | |
2957 | ||
2958 | /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new | |
2959 | * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it | |
2960 | * involves issuing kill(pid, 0) on all processes we watch. */ | |
2961 | ||
2962 | if (!u->rewatch_pids_event_source) { | |
2963 | _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL; | |
2964 | ||
2965 | r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u); | |
2966 | if (r < 0) | |
2967 | return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m"); | |
2968 | ||
2969 | r = sd_event_source_set_priority(s, EVENT_PRIORITY_REWATCH_PIDS); | |
2970 | if (r < 0) | |
2971 | return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m"); | |
2972 | ||
2973 | (void) sd_event_source_set_description(s, "tidy-watch-pids"); | |
2974 | ||
2975 | u->rewatch_pids_event_source = TAKE_PTR(s); | |
2976 | } | |
2977 | ||
2978 | r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT); | |
2979 | if (r < 0) | |
2980 | return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m"); | |
2981 | ||
2982 | return 0; | |
2983 | } | |
2984 | ||
2985 | void unit_dequeue_rewatch_pids(Unit *u) { | |
2986 | int r; | |
2987 | assert(u); | |
2988 | ||
2989 | if (!u->rewatch_pids_event_source) | |
2990 | return; | |
2991 | ||
2992 | r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF); | |
2993 | if (r < 0) | |
2994 | log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m"); | |
2995 | ||
2996 | u->rewatch_pids_event_source = sd_event_source_disable_unref(u->rewatch_pids_event_source); | |
2997 | } | |
2998 | ||
2999 | bool unit_job_is_applicable(Unit *u, JobType j) { | |
3000 | assert(u); | |
3001 | assert(j >= 0 && j < _JOB_TYPE_MAX); | |
3002 | ||
3003 | switch (j) { | |
3004 | ||
3005 | case JOB_VERIFY_ACTIVE: | |
3006 | case JOB_START: | |
3007 | case JOB_NOP: | |
3008 | /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not | |
3009 | * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing | |
3010 | * jobs for it. */ | |
3011 | return true; | |
3012 | ||
3013 | case JOB_STOP: | |
3014 | /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to | |
3015 | * external events), hence it makes no sense to permit enqueuing such a request either. */ | |
3016 | return !u->perpetual; | |
3017 | ||
3018 | case JOB_RESTART: | |
3019 | case JOB_TRY_RESTART: | |
3020 | return unit_can_stop(u) && unit_can_start(u); | |
3021 | ||
3022 | case JOB_RELOAD: | |
3023 | case JOB_TRY_RELOAD: | |
3024 | return unit_can_reload(u); | |
3025 | ||
3026 | case JOB_RELOAD_OR_START: | |
3027 | return unit_can_reload(u) && unit_can_start(u); | |
3028 | ||
3029 | default: | |
3030 | assert_not_reached(); | |
3031 | } | |
3032 | } | |
3033 | ||
3034 | static Hashmap *unit_get_dependency_hashmap_per_type(Unit *u, UnitDependency d) { | |
3035 | Hashmap *deps; | |
3036 | ||
3037 | assert(u); | |
3038 | assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX); | |
3039 | ||
3040 | deps = hashmap_get(u->dependencies, UNIT_DEPENDENCY_TO_PTR(d)); | |
3041 | if (!deps) { | |
3042 | _cleanup_hashmap_free_ Hashmap *h = NULL; | |
3043 | ||
3044 | h = hashmap_new(NULL); | |
3045 | if (!h) | |
3046 | return NULL; | |
3047 | ||
3048 | if (hashmap_ensure_put(&u->dependencies, NULL, UNIT_DEPENDENCY_TO_PTR(d), h) < 0) | |
3049 | return NULL; | |
3050 | ||
3051 | deps = TAKE_PTR(h); | |
3052 | } | |
3053 | ||
3054 | return deps; | |
3055 | } | |
3056 | ||
3057 | typedef enum NotifyDependencyFlags { | |
3058 | NOTIFY_DEPENDENCY_UPDATE_FROM = 1 << 0, | |
3059 | NOTIFY_DEPENDENCY_UPDATE_TO = 1 << 1, | |
3060 | } NotifyDependencyFlags; | |
3061 | ||
3062 | static int unit_add_dependency_impl( | |
3063 | Unit *u, | |
3064 | UnitDependency d, | |
3065 | Unit *other, | |
3066 | UnitDependencyMask mask) { | |
3067 | ||
3068 | static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = { | |
3069 | [UNIT_REQUIRES] = UNIT_REQUIRED_BY, | |
3070 | [UNIT_REQUISITE] = UNIT_REQUISITE_OF, | |
3071 | [UNIT_WANTS] = UNIT_WANTED_BY, | |
3072 | [UNIT_BINDS_TO] = UNIT_BOUND_BY, | |
3073 | [UNIT_PART_OF] = UNIT_CONSISTS_OF, | |
3074 | [UNIT_UPHOLDS] = UNIT_UPHELD_BY, | |
3075 | [UNIT_REQUIRED_BY] = UNIT_REQUIRES, | |
3076 | [UNIT_REQUISITE_OF] = UNIT_REQUISITE, | |
3077 | [UNIT_WANTED_BY] = UNIT_WANTS, | |
3078 | [UNIT_BOUND_BY] = UNIT_BINDS_TO, | |
3079 | [UNIT_CONSISTS_OF] = UNIT_PART_OF, | |
3080 | [UNIT_UPHELD_BY] = UNIT_UPHOLDS, | |
3081 | [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY, | |
3082 | [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS, | |
3083 | [UNIT_BEFORE] = UNIT_AFTER, | |
3084 | [UNIT_AFTER] = UNIT_BEFORE, | |
3085 | [UNIT_ON_SUCCESS] = UNIT_ON_SUCCESS_OF, | |
3086 | [UNIT_ON_SUCCESS_OF] = UNIT_ON_SUCCESS, | |
3087 | [UNIT_ON_FAILURE] = UNIT_ON_FAILURE_OF, | |
3088 | [UNIT_ON_FAILURE_OF] = UNIT_ON_FAILURE, | |
3089 | [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY, | |
3090 | [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS, | |
3091 | [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM, | |
3092 | [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO, | |
3093 | [UNIT_PROPAGATES_STOP_TO] = UNIT_STOP_PROPAGATED_FROM, | |
3094 | [UNIT_STOP_PROPAGATED_FROM] = UNIT_PROPAGATES_STOP_TO, | |
3095 | [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF, /* symmetric! 👓 */ | |
3096 | [UNIT_REFERENCES] = UNIT_REFERENCED_BY, | |
3097 | [UNIT_REFERENCED_BY] = UNIT_REFERENCES, | |
3098 | [UNIT_IN_SLICE] = UNIT_SLICE_OF, | |
3099 | [UNIT_SLICE_OF] = UNIT_IN_SLICE, | |
3100 | }; | |
3101 | ||
3102 | Hashmap *u_deps, *other_deps; | |
3103 | UnitDependencyInfo u_info, u_info_old, other_info, other_info_old; | |
3104 | NotifyDependencyFlags flags = 0; | |
3105 | int r; | |
3106 | ||
3107 | assert(u); | |
3108 | assert(other); | |
3109 | assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX); | |
3110 | assert(inverse_table[d] >= 0 && inverse_table[d] < _UNIT_DEPENDENCY_MAX); | |
3111 | assert(mask > 0 && mask < _UNIT_DEPENDENCY_MASK_FULL); | |
3112 | ||
3113 | /* Ensure the following two hashmaps for each unit exist: | |
3114 | * - the top-level dependency hashmap that maps UnitDependency → Hashmap(Unit* → UnitDependencyInfo), | |
3115 | * - the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency type. */ | |
3116 | u_deps = unit_get_dependency_hashmap_per_type(u, d); | |
3117 | if (!u_deps) | |
3118 | return -ENOMEM; | |
3119 | ||
3120 | other_deps = unit_get_dependency_hashmap_per_type(other, inverse_table[d]); | |
3121 | if (!other_deps) | |
3122 | return -ENOMEM; | |
3123 | ||
3124 | /* Save the original dependency info. */ | |
3125 | u_info.data = u_info_old.data = hashmap_get(u_deps, other); | |
3126 | other_info.data = other_info_old.data = hashmap_get(other_deps, u); | |
3127 | ||
3128 | /* Update dependency info. */ | |
3129 | u_info.origin_mask |= mask; | |
3130 | other_info.destination_mask |= mask; | |
3131 | ||
3132 | /* Save updated dependency info. */ | |
3133 | if (u_info.data != u_info_old.data) { | |
3134 | r = hashmap_replace(u_deps, other, u_info.data); | |
3135 | if (r < 0) | |
3136 | return r; | |
3137 | ||
3138 | flags = NOTIFY_DEPENDENCY_UPDATE_FROM; | |
3139 | } | |
3140 | ||
3141 | if (other_info.data != other_info_old.data) { | |
3142 | r = hashmap_replace(other_deps, u, other_info.data); | |
3143 | if (r < 0) { | |
3144 | if (u_info.data != u_info_old.data) { | |
3145 | /* Restore the old dependency. */ | |
3146 | if (u_info_old.data) | |
3147 | (void) hashmap_update(u_deps, other, u_info_old.data); | |
3148 | else | |
3149 | hashmap_remove(u_deps, other); | |
3150 | } | |
3151 | return r; | |
3152 | } | |
3153 | ||
3154 | flags |= NOTIFY_DEPENDENCY_UPDATE_TO; | |
3155 | } | |
3156 | ||
3157 | return flags; | |
3158 | } | |
3159 | ||
3160 | int unit_add_dependency( | |
3161 | Unit *u, | |
3162 | UnitDependency d, | |
3163 | Unit *other, | |
3164 | bool add_reference, | |
3165 | UnitDependencyMask mask) { | |
3166 | ||
3167 | UnitDependencyAtom a; | |
3168 | int r; | |
3169 | ||
3170 | /* Helper to know whether sending a notification is necessary or not: if the dependency is already | |
3171 | * there, no need to notify! */ | |
3172 | NotifyDependencyFlags notify_flags; | |
3173 | ||
3174 | assert(u); | |
3175 | assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX); | |
3176 | assert(other); | |
3177 | ||
3178 | u = unit_follow_merge(u); | |
3179 | other = unit_follow_merge(other); | |
3180 | a = unit_dependency_to_atom(d); | |
3181 | assert(a >= 0); | |
3182 | ||
3183 | /* We won't allow dependencies on ourselves. We will not consider them an error however. */ | |
3184 | if (u == other) { | |
3185 | if (unit_should_warn_about_dependency(d)) | |
3186 | log_unit_warning(u, "Dependency %s=%s is dropped.", | |
3187 | unit_dependency_to_string(d), u->id); | |
3188 | return 0; | |
3189 | } | |
3190 | ||
3191 | if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES)) | |
3192 | return 0; | |
3193 | ||
3194 | /* Note that ordering a device unit after a unit is permitted since it allows its job running | |
3195 | * timeout to be started at a specific time. */ | |
3196 | if (FLAGS_SET(a, UNIT_ATOM_BEFORE) && other->type == UNIT_DEVICE) { | |
3197 | log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id); | |
3198 | return 0; | |
3199 | } | |
3200 | ||
3201 | if (FLAGS_SET(a, UNIT_ATOM_ON_FAILURE) && !UNIT_VTABLE(u)->can_fail) { | |
3202 | log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type)); | |
3203 | return 0; | |
3204 | } | |
3205 | ||
3206 | if (FLAGS_SET(a, UNIT_ATOM_TRIGGERS) && !UNIT_VTABLE(u)->can_trigger) | |
3207 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3208 | "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type)); | |
3209 | if (FLAGS_SET(a, UNIT_ATOM_TRIGGERED_BY) && !UNIT_VTABLE(other)->can_trigger) | |
3210 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3211 | "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type)); | |
3212 | ||
3213 | if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && other->type != UNIT_SLICE) | |
3214 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3215 | "Requested dependency Slice=%s refused (%s is not a slice unit).", other->id, other->id); | |
3216 | if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && u->type != UNIT_SLICE) | |
3217 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3218 | "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other->id, u->id); | |
3219 | ||
3220 | if (FLAGS_SET(a, UNIT_ATOM_IN_SLICE) && !UNIT_HAS_CGROUP_CONTEXT(u)) | |
3221 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3222 | "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other->id, u->id); | |
3223 | ||
3224 | if (FLAGS_SET(a, UNIT_ATOM_SLICE_OF) && !UNIT_HAS_CGROUP_CONTEXT(other)) | |
3225 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL), | |
3226 | "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other->id, other->id); | |
3227 | ||
3228 | r = unit_add_dependency_impl(u, d, other, mask); | |
3229 | if (r < 0) | |
3230 | return r; | |
3231 | notify_flags = r; | |
3232 | ||
3233 | if (add_reference) { | |
3234 | r = unit_add_dependency_impl(u, UNIT_REFERENCES, other, mask); | |
3235 | if (r < 0) | |
3236 | return r; | |
3237 | notify_flags |= r; | |
3238 | } | |
3239 | ||
3240 | if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_FROM)) | |
3241 | unit_add_to_dbus_queue(u); | |
3242 | if (FLAGS_SET(notify_flags, NOTIFY_DEPENDENCY_UPDATE_TO)) | |
3243 | unit_add_to_dbus_queue(other); | |
3244 | ||
3245 | return notify_flags != 0; | |
3246 | } | |
3247 | ||
3248 | int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) { | |
3249 | int r = 0, s = 0; | |
3250 | ||
3251 | assert(u); | |
3252 | assert(d >= 0 || e >= 0); | |
3253 | ||
3254 | if (d >= 0) { | |
3255 | r = unit_add_dependency(u, d, other, add_reference, mask); | |
3256 | if (r < 0) | |
3257 | return r; | |
3258 | } | |
3259 | ||
3260 | if (e >= 0) { | |
3261 | s = unit_add_dependency(u, e, other, add_reference, mask); | |
3262 | if (s < 0) | |
3263 | return s; | |
3264 | } | |
3265 | ||
3266 | return r > 0 || s > 0; | |
3267 | } | |
3268 | ||
3269 | static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) { | |
3270 | int r; | |
3271 | ||
3272 | assert(u); | |
3273 | assert(name); | |
3274 | assert(buf); | |
3275 | assert(ret); | |
3276 | ||
3277 | if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) { | |
3278 | *buf = NULL; | |
3279 | *ret = name; | |
3280 | return 0; | |
3281 | } | |
3282 | ||
3283 | if (u->instance) | |
3284 | r = unit_name_replace_instance(name, u->instance, buf); | |
3285 | else { | |
3286 | _cleanup_free_ char *i = NULL; | |
3287 | ||
3288 | r = unit_name_to_prefix(u->id, &i); | |
3289 | if (r < 0) | |
3290 | return r; | |
3291 | ||
3292 | r = unit_name_replace_instance(name, i, buf); | |
3293 | } | |
3294 | if (r < 0) | |
3295 | return r; | |
3296 | ||
3297 | *ret = *buf; | |
3298 | return 0; | |
3299 | } | |
3300 | ||
3301 | int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) { | |
3302 | _cleanup_free_ char *buf = NULL; | |
3303 | Unit *other; | |
3304 | int r; | |
3305 | ||
3306 | assert(u); | |
3307 | assert(name); | |
3308 | ||
3309 | r = resolve_template(u, name, &buf, &name); | |
3310 | if (r < 0) | |
3311 | return r; | |
3312 | ||
3313 | if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES)) | |
3314 | return 0; | |
3315 | ||
3316 | r = manager_load_unit(u->manager, name, NULL, NULL, &other); | |
3317 | if (r < 0) | |
3318 | return r; | |
3319 | ||
3320 | return unit_add_dependency(u, d, other, add_reference, mask); | |
3321 | } | |
3322 | ||
3323 | int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) { | |
3324 | _cleanup_free_ char *buf = NULL; | |
3325 | Unit *other; | |
3326 | int r; | |
3327 | ||
3328 | assert(u); | |
3329 | assert(name); | |
3330 | ||
3331 | r = resolve_template(u, name, &buf, &name); | |
3332 | if (r < 0) | |
3333 | return r; | |
3334 | ||
3335 | if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES)) | |
3336 | return 0; | |
3337 | ||
3338 | r = manager_load_unit(u->manager, name, NULL, NULL, &other); | |
3339 | if (r < 0) | |
3340 | return r; | |
3341 | ||
3342 | return unit_add_two_dependencies(u, d, e, other, add_reference, mask); | |
3343 | } | |
3344 | ||
3345 | int set_unit_path(const char *p) { | |
3346 | /* This is mostly for debug purposes */ | |
3347 | return RET_NERRNO(setenv("SYSTEMD_UNIT_PATH", p, 1)); | |
3348 | } | |
3349 | ||
3350 | char *unit_dbus_path(Unit *u) { | |
3351 | assert(u); | |
3352 | ||
3353 | if (!u->id) | |
3354 | return NULL; | |
3355 | ||
3356 | return unit_dbus_path_from_name(u->id); | |
3357 | } | |
3358 | ||
3359 | char *unit_dbus_path_invocation_id(Unit *u) { | |
3360 | assert(u); | |
3361 | ||
3362 | if (sd_id128_is_null(u->invocation_id)) | |
3363 | return NULL; | |
3364 | ||
3365 | return unit_dbus_path_from_name(u->invocation_id_string); | |
3366 | } | |
3367 | ||
3368 | int unit_set_invocation_id(Unit *u, sd_id128_t id) { | |
3369 | int r; | |
3370 | ||
3371 | assert(u); | |
3372 | ||
3373 | /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */ | |
3374 | ||
3375 | if (sd_id128_equal(u->invocation_id, id)) | |
3376 | return 0; | |
3377 | ||
3378 | if (!sd_id128_is_null(u->invocation_id)) | |
3379 | (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u); | |
3380 | ||
3381 | if (sd_id128_is_null(id)) { | |
3382 | r = 0; | |
3383 | goto reset; | |
3384 | } | |
3385 | ||
3386 | r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops); | |
3387 | if (r < 0) | |
3388 | goto reset; | |
3389 | ||
3390 | u->invocation_id = id; | |
3391 | sd_id128_to_string(id, u->invocation_id_string); | |
3392 | ||
3393 | r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u); | |
3394 | if (r < 0) | |
3395 | goto reset; | |
3396 | ||
3397 | return 0; | |
3398 | ||
3399 | reset: | |
3400 | u->invocation_id = SD_ID128_NULL; | |
3401 | u->invocation_id_string[0] = 0; | |
3402 | return r; | |
3403 | } | |
3404 | ||
3405 | int unit_set_slice(Unit *u, Unit *slice) { | |
3406 | int r; | |
3407 | ||
3408 | assert(u); | |
3409 | assert(slice); | |
3410 | ||
3411 | /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units | |
3412 | * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent | |
3413 | * slice is derived from the name). Make sure the unit we set is actually a slice. */ | |
3414 | ||
3415 | if (!UNIT_HAS_CGROUP_CONTEXT(u)) | |
3416 | return -EOPNOTSUPP; | |
3417 | ||
3418 | if (u->type == UNIT_SLICE) | |
3419 | return -EINVAL; | |
3420 | ||
3421 | if (unit_active_state(u) != UNIT_INACTIVE) | |
3422 | return -EBUSY; | |
3423 | ||
3424 | if (slice->type != UNIT_SLICE) | |
3425 | return -EINVAL; | |
3426 | ||
3427 | if (unit_has_name(u, SPECIAL_INIT_SCOPE) && | |
3428 | !unit_has_name(slice, SPECIAL_ROOT_SLICE)) | |
3429 | return -EPERM; | |
3430 | ||
3431 | if (UNIT_GET_SLICE(u) == slice) | |
3432 | return 0; | |
3433 | ||
3434 | /* Disallow slice changes if @u is already bound to cgroups */ | |
3435 | if (UNIT_GET_SLICE(u)) { | |
3436 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
3437 | if (crt && crt->cgroup_realized) | |
3438 | return -EBUSY; | |
3439 | } | |
3440 | ||
3441 | /* Remove any slices assigned prior; we should only have one UNIT_IN_SLICE dependency */ | |
3442 | if (UNIT_GET_SLICE(u)) | |
3443 | unit_remove_dependencies(u, UNIT_DEPENDENCY_SLICE_PROPERTY); | |
3444 | ||
3445 | r = unit_add_dependency(u, UNIT_IN_SLICE, slice, true, UNIT_DEPENDENCY_SLICE_PROPERTY); | |
3446 | if (r < 0) | |
3447 | return r; | |
3448 | ||
3449 | return 1; | |
3450 | } | |
3451 | ||
3452 | int unit_set_default_slice(Unit *u) { | |
3453 | const char *slice_name; | |
3454 | Unit *slice; | |
3455 | int r; | |
3456 | ||
3457 | assert(u); | |
3458 | ||
3459 | if (u->manager && FLAGS_SET(u->manager->test_run_flags, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES)) | |
3460 | return 0; | |
3461 | ||
3462 | if (UNIT_GET_SLICE(u)) | |
3463 | return 0; | |
3464 | ||
3465 | if (u->instance) { | |
3466 | _cleanup_free_ char *prefix = NULL, *escaped = NULL; | |
3467 | ||
3468 | /* Implicitly place all instantiated units in their | |
3469 | * own per-template slice */ | |
3470 | ||
3471 | r = unit_name_to_prefix(u->id, &prefix); | |
3472 | if (r < 0) | |
3473 | return r; | |
3474 | ||
3475 | /* The prefix is already escaped, but it might include | |
3476 | * "-" which has a special meaning for slice units, | |
3477 | * hence escape it here extra. */ | |
3478 | escaped = unit_name_escape(prefix); | |
3479 | if (!escaped) | |
3480 | return -ENOMEM; | |
3481 | ||
3482 | if (MANAGER_IS_SYSTEM(u->manager)) | |
3483 | slice_name = strjoina("system-", escaped, ".slice"); | |
3484 | else | |
3485 | slice_name = strjoina("app-", escaped, ".slice"); | |
3486 | ||
3487 | } else if (unit_is_extrinsic(u)) | |
3488 | /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in | |
3489 | * the root slice. They don't really belong in one of the subslices. */ | |
3490 | slice_name = SPECIAL_ROOT_SLICE; | |
3491 | ||
3492 | else if (MANAGER_IS_SYSTEM(u->manager)) | |
3493 | slice_name = SPECIAL_SYSTEM_SLICE; | |
3494 | else | |
3495 | slice_name = SPECIAL_APP_SLICE; | |
3496 | ||
3497 | r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice); | |
3498 | if (r < 0) | |
3499 | return r; | |
3500 | ||
3501 | return unit_set_slice(u, slice); | |
3502 | } | |
3503 | ||
3504 | const char *unit_slice_name(Unit *u) { | |
3505 | Unit *slice; | |
3506 | assert(u); | |
3507 | ||
3508 | slice = UNIT_GET_SLICE(u); | |
3509 | if (!slice) | |
3510 | return NULL; | |
3511 | ||
3512 | return slice->id; | |
3513 | } | |
3514 | ||
3515 | int unit_load_related_unit(Unit *u, const char *type, Unit **_found) { | |
3516 | _cleanup_free_ char *t = NULL; | |
3517 | int r; | |
3518 | ||
3519 | assert(u); | |
3520 | assert(type); | |
3521 | assert(_found); | |
3522 | ||
3523 | r = unit_name_change_suffix(u->id, type, &t); | |
3524 | if (r < 0) | |
3525 | return r; | |
3526 | if (unit_has_name(u, t)) | |
3527 | return -EINVAL; | |
3528 | ||
3529 | r = manager_load_unit(u->manager, t, NULL, NULL, _found); | |
3530 | assert(r < 0 || *_found != u); | |
3531 | return r; | |
3532 | } | |
3533 | ||
3534 | static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) { | |
3535 | const char *new_owner; | |
3536 | Unit *u = ASSERT_PTR(userdata); | |
3537 | int r; | |
3538 | ||
3539 | assert(message); | |
3540 | ||
3541 | r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner); | |
3542 | if (r < 0) { | |
3543 | bus_log_parse_error(r); | |
3544 | return 0; | |
3545 | } | |
3546 | ||
3547 | if (UNIT_VTABLE(u)->bus_name_owner_change) | |
3548 | UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner)); | |
3549 | ||
3550 | return 0; | |
3551 | } | |
3552 | ||
3553 | static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) { | |
3554 | const sd_bus_error *e; | |
3555 | const char *new_owner; | |
3556 | Unit *u = ASSERT_PTR(userdata); | |
3557 | int r; | |
3558 | ||
3559 | assert(message); | |
3560 | ||
3561 | u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot); | |
3562 | ||
3563 | e = sd_bus_message_get_error(message); | |
3564 | if (e) { | |
3565 | if (!sd_bus_error_has_name(e, SD_BUS_ERROR_NAME_HAS_NO_OWNER)) { | |
3566 | r = sd_bus_error_get_errno(e); | |
3567 | log_unit_error_errno(u, r, | |
3568 | "Unexpected error response from GetNameOwner(): %s", | |
3569 | bus_error_message(e, r)); | |
3570 | } | |
3571 | ||
3572 | new_owner = NULL; | |
3573 | } else { | |
3574 | r = sd_bus_message_read(message, "s", &new_owner); | |
3575 | if (r < 0) | |
3576 | return bus_log_parse_error(r); | |
3577 | ||
3578 | assert(!isempty(new_owner)); | |
3579 | } | |
3580 | ||
3581 | if (UNIT_VTABLE(u)->bus_name_owner_change) | |
3582 | UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner); | |
3583 | ||
3584 | return 0; | |
3585 | } | |
3586 | ||
3587 | int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) { | |
3588 | _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; | |
3589 | const char *match; | |
3590 | usec_t timeout_usec = 0; | |
3591 | int r; | |
3592 | ||
3593 | assert(u); | |
3594 | assert(bus); | |
3595 | assert(name); | |
3596 | ||
3597 | if (u->match_bus_slot || u->get_name_owner_slot) | |
3598 | return -EBUSY; | |
3599 | ||
3600 | /* NameOwnerChanged and GetNameOwner is used to detect when a service finished starting up. The dbus | |
3601 | * call timeout shouldn't be earlier than that. If we couldn't get the start timeout, use the default | |
3602 | * value defined above. */ | |
3603 | if (UNIT_VTABLE(u)->get_timeout_start_usec) | |
3604 | timeout_usec = UNIT_VTABLE(u)->get_timeout_start_usec(u); | |
3605 | ||
3606 | match = strjoina("type='signal'," | |
3607 | "sender='org.freedesktop.DBus'," | |
3608 | "path='/org/freedesktop/DBus'," | |
3609 | "interface='org.freedesktop.DBus'," | |
3610 | "member='NameOwnerChanged'," | |
3611 | "arg0='", name, "'"); | |
3612 | ||
3613 | r = bus_add_match_full( | |
3614 | bus, | |
3615 | &u->match_bus_slot, | |
3616 | true, | |
3617 | match, | |
3618 | signal_name_owner_changed, | |
3619 | NULL, | |
3620 | u, | |
3621 | timeout_usec); | |
3622 | if (r < 0) | |
3623 | return r; | |
3624 | ||
3625 | r = sd_bus_message_new_method_call( | |
3626 | bus, | |
3627 | &m, | |
3628 | "org.freedesktop.DBus", | |
3629 | "/org/freedesktop/DBus", | |
3630 | "org.freedesktop.DBus", | |
3631 | "GetNameOwner"); | |
3632 | if (r < 0) | |
3633 | return r; | |
3634 | ||
3635 | r = sd_bus_message_append(m, "s", name); | |
3636 | if (r < 0) | |
3637 | return r; | |
3638 | ||
3639 | r = sd_bus_call_async( | |
3640 | bus, | |
3641 | &u->get_name_owner_slot, | |
3642 | m, | |
3643 | get_name_owner_handler, | |
3644 | u, | |
3645 | timeout_usec); | |
3646 | ||
3647 | if (r < 0) { | |
3648 | u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); | |
3649 | return r; | |
3650 | } | |
3651 | ||
3652 | log_unit_debug(u, "Watching D-Bus name '%s'.", name); | |
3653 | return 0; | |
3654 | } | |
3655 | ||
3656 | int unit_watch_bus_name(Unit *u, const char *name) { | |
3657 | int r; | |
3658 | ||
3659 | assert(u); | |
3660 | assert(name); | |
3661 | ||
3662 | /* Watch a specific name on the bus. We only support one unit | |
3663 | * watching each name for now. */ | |
3664 | ||
3665 | if (u->manager->api_bus) { | |
3666 | /* If the bus is already available, install the match directly. | |
3667 | * Otherwise, just put the name in the list. bus_setup_api() will take care later. */ | |
3668 | r = unit_install_bus_match(u, u->manager->api_bus, name); | |
3669 | if (r < 0) | |
3670 | return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name); | |
3671 | } | |
3672 | ||
3673 | r = hashmap_put(u->manager->watch_bus, name, u); | |
3674 | if (r < 0) { | |
3675 | u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); | |
3676 | u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot); | |
3677 | return log_warning_errno(r, "Failed to put bus name to hashmap: %m"); | |
3678 | } | |
3679 | ||
3680 | return 0; | |
3681 | } | |
3682 | ||
3683 | void unit_unwatch_bus_name(Unit *u, const char *name) { | |
3684 | assert(u); | |
3685 | assert(name); | |
3686 | ||
3687 | (void) hashmap_remove_value(u->manager->watch_bus, name, u); | |
3688 | u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot); | |
3689 | u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot); | |
3690 | } | |
3691 | ||
3692 | int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) { | |
3693 | _cleanup_free_ char *e = NULL; | |
3694 | Unit *device; | |
3695 | int r; | |
3696 | ||
3697 | assert(u); | |
3698 | ||
3699 | /* Adds in links to the device node that this unit is based on */ | |
3700 | if (isempty(what)) | |
3701 | return 0; | |
3702 | ||
3703 | if (!is_device_path(what)) | |
3704 | return 0; | |
3705 | ||
3706 | /* When device units aren't supported (such as in a container), don't create dependencies on them. */ | |
3707 | if (!unit_type_supported(UNIT_DEVICE)) | |
3708 | return 0; | |
3709 | ||
3710 | r = unit_name_from_path(what, ".device", &e); | |
3711 | if (r < 0) | |
3712 | return r; | |
3713 | ||
3714 | r = manager_load_unit(u->manager, e, NULL, NULL, &device); | |
3715 | if (r < 0) | |
3716 | return r; | |
3717 | ||
3718 | if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u)) | |
3719 | dep = UNIT_BINDS_TO; | |
3720 | ||
3721 | return unit_add_two_dependencies(u, UNIT_AFTER, | |
3722 | MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS, | |
3723 | device, true, mask); | |
3724 | } | |
3725 | ||
3726 | int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) { | |
3727 | _cleanup_free_ char *escaped = NULL, *target = NULL; | |
3728 | int r; | |
3729 | ||
3730 | assert(u); | |
3731 | ||
3732 | if (isempty(what)) | |
3733 | return 0; | |
3734 | ||
3735 | if (!path_startswith(what, "/dev/")) | |
3736 | return 0; | |
3737 | ||
3738 | /* If we don't support devices, then also don't bother with blockdev@.target */ | |
3739 | if (!unit_type_supported(UNIT_DEVICE)) | |
3740 | return 0; | |
3741 | ||
3742 | r = unit_name_path_escape(what, &escaped); | |
3743 | if (r < 0) | |
3744 | return r; | |
3745 | ||
3746 | r = unit_name_build("blockdev", escaped, ".target", &target); | |
3747 | if (r < 0) | |
3748 | return r; | |
3749 | ||
3750 | return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask); | |
3751 | } | |
3752 | ||
3753 | int unit_coldplug(Unit *u) { | |
3754 | int r = 0; | |
3755 | ||
3756 | assert(u); | |
3757 | ||
3758 | /* Make sure we don't enter a loop, when coldplugging recursively. */ | |
3759 | if (u->coldplugged) | |
3760 | return 0; | |
3761 | ||
3762 | u->coldplugged = true; | |
3763 | ||
3764 | STRV_FOREACH(i, u->deserialized_refs) | |
3765 | RET_GATHER(r, bus_unit_track_add_name(u, *i)); | |
3766 | ||
3767 | u->deserialized_refs = strv_free(u->deserialized_refs); | |
3768 | ||
3769 | if (UNIT_VTABLE(u)->coldplug) | |
3770 | RET_GATHER(r, UNIT_VTABLE(u)->coldplug(u)); | |
3771 | ||
3772 | if (u->job) | |
3773 | RET_GATHER(r, job_coldplug(u->job)); | |
3774 | if (u->nop_job) | |
3775 | RET_GATHER(r, job_coldplug(u->nop_job)); | |
3776 | ||
3777 | unit_modify_nft_set(u, /* add = */ true); | |
3778 | return r; | |
3779 | } | |
3780 | ||
3781 | void unit_catchup(Unit *u) { | |
3782 | assert(u); | |
3783 | ||
3784 | if (UNIT_VTABLE(u)->catchup) | |
3785 | UNIT_VTABLE(u)->catchup(u); | |
3786 | ||
3787 | unit_cgroup_catchup(u); | |
3788 | } | |
3789 | ||
3790 | static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) { | |
3791 | struct stat st; | |
3792 | ||
3793 | if (!path) | |
3794 | return false; | |
3795 | ||
3796 | /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we | |
3797 | * are never out-of-date. */ | |
3798 | if (PATH_STARTSWITH_SET(path, "/proc", "/sys")) | |
3799 | return false; | |
3800 | ||
3801 | if (stat(path, &st) < 0) | |
3802 | /* What, cannot access this anymore? */ | |
3803 | return true; | |
3804 | ||
3805 | if (path_masked) | |
3806 | /* For masked files check if they are still so */ | |
3807 | return !null_or_empty(&st); | |
3808 | else | |
3809 | /* For non-empty files check the mtime */ | |
3810 | return timespec_load(&st.st_mtim) > mtime; | |
3811 | ||
3812 | return false; | |
3813 | } | |
3814 | ||
3815 | bool unit_need_daemon_reload(Unit *u) { | |
3816 | _cleanup_strv_free_ char **dropins = NULL; | |
3817 | ||
3818 | assert(u); | |
3819 | assert(u->manager); | |
3820 | ||
3821 | if (u->manager->unit_file_state_outdated) | |
3822 | return true; | |
3823 | ||
3824 | /* For unit files, we allow masking… */ | |
3825 | if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime, | |
3826 | u->load_state == UNIT_MASKED)) | |
3827 | return true; | |
3828 | ||
3829 | /* Source paths should not be masked… */ | |
3830 | if (fragment_mtime_newer(u->source_path, u->source_mtime, false)) | |
3831 | return true; | |
3832 | ||
3833 | if (u->load_state == UNIT_LOADED) | |
3834 | (void) unit_find_dropin_paths(u, &dropins); | |
3835 | if (!strv_equal(u->dropin_paths, dropins)) | |
3836 | return true; | |
3837 | ||
3838 | /* … any drop-ins that are masked are simply omitted from the list. */ | |
3839 | STRV_FOREACH(path, u->dropin_paths) | |
3840 | if (fragment_mtime_newer(*path, u->dropin_mtime, false)) | |
3841 | return true; | |
3842 | ||
3843 | return false; | |
3844 | } | |
3845 | ||
3846 | void unit_reset_failed(Unit *u) { | |
3847 | assert(u); | |
3848 | ||
3849 | if (UNIT_VTABLE(u)->reset_failed) | |
3850 | UNIT_VTABLE(u)->reset_failed(u); | |
3851 | ||
3852 | ratelimit_reset(&u->start_ratelimit); | |
3853 | u->start_limit_hit = false; | |
3854 | } | |
3855 | ||
3856 | Unit *unit_following(Unit *u) { | |
3857 | assert(u); | |
3858 | ||
3859 | if (UNIT_VTABLE(u)->following) | |
3860 | return UNIT_VTABLE(u)->following(u); | |
3861 | ||
3862 | return NULL; | |
3863 | } | |
3864 | ||
3865 | bool unit_stop_pending(Unit *u) { | |
3866 | assert(u); | |
3867 | ||
3868 | /* This call does check the current state of the unit. It's | |
3869 | * hence useful to be called from state change calls of the | |
3870 | * unit itself, where the state isn't updated yet. This is | |
3871 | * different from unit_inactive_or_pending() which checks both | |
3872 | * the current state and for a queued job. */ | |
3873 | ||
3874 | return unit_has_job_type(u, JOB_STOP); | |
3875 | } | |
3876 | ||
3877 | bool unit_inactive_or_pending(Unit *u) { | |
3878 | assert(u); | |
3879 | ||
3880 | /* Returns true if the unit is inactive or going down */ | |
3881 | ||
3882 | if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u))) | |
3883 | return true; | |
3884 | ||
3885 | if (unit_stop_pending(u)) | |
3886 | return true; | |
3887 | ||
3888 | return false; | |
3889 | } | |
3890 | ||
3891 | bool unit_active_or_pending(Unit *u) { | |
3892 | assert(u); | |
3893 | ||
3894 | /* Returns true if the unit is active or going up */ | |
3895 | ||
3896 | if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) | |
3897 | return true; | |
3898 | ||
3899 | if (u->job && | |
3900 | IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART)) | |
3901 | return true; | |
3902 | ||
3903 | return false; | |
3904 | } | |
3905 | ||
3906 | bool unit_will_restart_default(Unit *u) { | |
3907 | assert(u); | |
3908 | ||
3909 | return unit_has_job_type(u, JOB_START); | |
3910 | } | |
3911 | ||
3912 | bool unit_will_restart(Unit *u) { | |
3913 | assert(u); | |
3914 | ||
3915 | if (!UNIT_VTABLE(u)->will_restart) | |
3916 | return false; | |
3917 | ||
3918 | return UNIT_VTABLE(u)->will_restart(u); | |
3919 | } | |
3920 | ||
3921 | void unit_notify_cgroup_oom(Unit *u, bool managed_oom) { | |
3922 | assert(u); | |
3923 | ||
3924 | if (UNIT_VTABLE(u)->notify_cgroup_oom) | |
3925 | UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom); | |
3926 | } | |
3927 | ||
3928 | static int unit_pid_set(Unit *u, Set **pid_set) { | |
3929 | int r; | |
3930 | ||
3931 | assert(u); | |
3932 | assert(pid_set); | |
3933 | ||
3934 | set_clear(*pid_set); /* This updates input. */ | |
3935 | ||
3936 | /* Exclude the main/control pids from being killed via the cgroup */ | |
3937 | ||
3938 | PidRef *pid; | |
3939 | FOREACH_ARGUMENT(pid, unit_main_pid(u), unit_control_pid(u)) | |
3940 | if (pidref_is_set(pid)) { | |
3941 | r = set_ensure_put(pid_set, NULL, PID_TO_PTR(pid->pid)); | |
3942 | if (r < 0) | |
3943 | return r; | |
3944 | } | |
3945 | ||
3946 | return 0; | |
3947 | } | |
3948 | ||
3949 | static int kill_common_log(const PidRef *pid, int signo, void *userdata) { | |
3950 | _cleanup_free_ char *comm = NULL; | |
3951 | Unit *u = ASSERT_PTR(userdata); | |
3952 | ||
3953 | (void) pidref_get_comm(pid, &comm); | |
3954 | ||
3955 | log_unit_info(u, "Sending signal SIG%s to process " PID_FMT " (%s) on client request.", | |
3956 | signal_to_string(signo), pid->pid, strna(comm)); | |
3957 | ||
3958 | return 1; | |
3959 | } | |
3960 | ||
3961 | static int kill_or_sigqueue(PidRef* pidref, int signo, int code, int value) { | |
3962 | assert(pidref_is_set(pidref)); | |
3963 | assert(SIGNAL_VALID(signo)); | |
3964 | ||
3965 | switch (code) { | |
3966 | ||
3967 | case SI_USER: | |
3968 | log_debug("Killing " PID_FMT " with signal SIG%s.", pidref->pid, signal_to_string(signo)); | |
3969 | return pidref_kill(pidref, signo); | |
3970 | ||
3971 | case SI_QUEUE: | |
3972 | log_debug("Enqueuing value %i to " PID_FMT " on signal SIG%s.", value, pidref->pid, signal_to_string(signo)); | |
3973 | return pidref_sigqueue(pidref, signo, value); | |
3974 | ||
3975 | default: | |
3976 | assert_not_reached(); | |
3977 | } | |
3978 | } | |
3979 | ||
3980 | static int unit_kill_one( | |
3981 | Unit *u, | |
3982 | PidRef *pidref, | |
3983 | const char *type, | |
3984 | int signo, | |
3985 | int code, | |
3986 | int value, | |
3987 | sd_bus_error *ret_error) { | |
3988 | ||
3989 | int r; | |
3990 | ||
3991 | assert(u); | |
3992 | assert(type); | |
3993 | ||
3994 | if (!pidref_is_set(pidref)) | |
3995 | return 0; | |
3996 | ||
3997 | _cleanup_free_ char *comm = NULL; | |
3998 | (void) pidref_get_comm(pidref, &comm); | |
3999 | ||
4000 | r = kill_or_sigqueue(pidref, signo, code, value); | |
4001 | if (r == -ESRCH) | |
4002 | return 0; | |
4003 | if (r < 0) { | |
4004 | /* Report this failure both to the logs and to the client */ | |
4005 | if (ret_error) | |
4006 | sd_bus_error_set_errnof( | |
4007 | ret_error, r, | |
4008 | "Failed to send signal SIG%s to %s process " PID_FMT " (%s): %m", | |
4009 | signal_to_string(signo), type, pidref->pid, strna(comm)); | |
4010 | ||
4011 | return log_unit_warning_errno( | |
4012 | u, r, | |
4013 | "Failed to send signal SIG%s to %s process " PID_FMT " (%s) on client request: %m", | |
4014 | signal_to_string(signo), type, pidref->pid, strna(comm)); | |
4015 | } | |
4016 | ||
4017 | log_unit_info(u, "Sent signal SIG%s to %s process " PID_FMT " (%s) on client request.", | |
4018 | signal_to_string(signo), type, pidref->pid, strna(comm)); | |
4019 | return 1; /* killed */ | |
4020 | } | |
4021 | ||
4022 | int unit_kill( | |
4023 | Unit *u, | |
4024 | KillWho who, | |
4025 | int signo, | |
4026 | int code, | |
4027 | int value, | |
4028 | sd_bus_error *ret_error) { | |
4029 | ||
4030 | PidRef *main_pid, *control_pid; | |
4031 | bool killed = false; | |
4032 | int ret = 0, r; | |
4033 | ||
4034 | /* This is the common implementation for explicit user-requested killing of unit processes, shared by | |
4035 | * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to | |
4036 | * stop a service ourselves. */ | |
4037 | ||
4038 | assert(u); | |
4039 | assert(who >= 0); | |
4040 | assert(who < _KILL_WHO_MAX); | |
4041 | assert(SIGNAL_VALID(signo)); | |
4042 | assert(IN_SET(code, SI_USER, SI_QUEUE)); | |
4043 | ||
4044 | main_pid = unit_main_pid(u); | |
4045 | control_pid = unit_control_pid(u); | |
4046 | ||
4047 | if (!UNIT_HAS_CGROUP_CONTEXT(u) && !main_pid && !control_pid) | |
4048 | return sd_bus_error_setf(ret_error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit type does not support process killing."); | |
4049 | ||
4050 | if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) { | |
4051 | if (!main_pid) | |
4052 | return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type)); | |
4053 | if (!pidref_is_set(main_pid)) | |
4054 | return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill"); | |
4055 | } | |
4056 | ||
4057 | if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) { | |
4058 | if (!control_pid) | |
4059 | return sd_bus_error_setf(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type)); | |
4060 | if (!pidref_is_set(control_pid)) | |
4061 | return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill"); | |
4062 | } | |
4063 | ||
4064 | if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL)) { | |
4065 | r = unit_kill_one(u, control_pid, "control", signo, code, value, ret_error); | |
4066 | RET_GATHER(ret, r); | |
4067 | killed = killed || r > 0; | |
4068 | } | |
4069 | ||
4070 | if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL)) { | |
4071 | r = unit_kill_one(u, main_pid, "main", signo, code, value, ret >= 0 ? ret_error : NULL); | |
4072 | RET_GATHER(ret, r); | |
4073 | killed = killed || r > 0; | |
4074 | } | |
4075 | ||
4076 | /* Note: if we shall enqueue rather than kill we won't do this via the cgroup mechanism, since it | |
4077 | * doesn't really make much sense (and given that enqueued values are a relatively expensive | |
4078 | * resource, and we shouldn't allow us to be subjects for such allocation sprees) */ | |
4079 | if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && code == SI_USER) { | |
4080 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
4081 | ||
4082 | if (crt && crt->cgroup_path) { | |
4083 | _cleanup_set_free_ Set *pid_set = NULL; | |
4084 | ||
4085 | /* Exclude the main/control pids from being killed via the cgroup */ | |
4086 | r = unit_pid_set(u, &pid_set); | |
4087 | if (r < 0) | |
4088 | return log_oom(); | |
4089 | ||
4090 | r = cg_kill_recursive(crt->cgroup_path, signo, 0, pid_set, kill_common_log, u); | |
4091 | if (r < 0 && !IN_SET(r, -ESRCH, -ENOENT)) { | |
4092 | if (ret >= 0) | |
4093 | sd_bus_error_set_errnof( | |
4094 | ret_error, r, | |
4095 | "Failed to send signal SIG%s to auxiliary processes: %m", | |
4096 | signal_to_string(signo)); | |
4097 | ||
4098 | log_unit_warning_errno( | |
4099 | u, r, | |
4100 | "Failed to send signal SIG%s to auxiliary processes on client request: %m", | |
4101 | signal_to_string(signo)); | |
4102 | ||
4103 | RET_GATHER(ret, r); | |
4104 | } | |
4105 | ||
4106 | killed = killed || r >= 0; | |
4107 | } | |
4108 | } | |
4109 | ||
4110 | /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */ | |
4111 | if (ret >= 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL, KILL_MAIN_FAIL)) | |
4112 | return sd_bus_error_set_const(ret_error, BUS_ERROR_NO_SUCH_PROCESS, "No matching processes to kill"); | |
4113 | ||
4114 | return ret; | |
4115 | } | |
4116 | ||
4117 | int unit_following_set(Unit *u, Set **s) { | |
4118 | assert(u); | |
4119 | assert(s); | |
4120 | ||
4121 | if (UNIT_VTABLE(u)->following_set) | |
4122 | return UNIT_VTABLE(u)->following_set(u, s); | |
4123 | ||
4124 | *s = NULL; | |
4125 | return 0; | |
4126 | } | |
4127 | ||
4128 | UnitFileState unit_get_unit_file_state(Unit *u) { | |
4129 | int r; | |
4130 | ||
4131 | assert(u); | |
4132 | ||
4133 | if (u->unit_file_state < 0 && u->fragment_path) { | |
4134 | r = unit_file_get_state( | |
4135 | u->manager->runtime_scope, | |
4136 | NULL, | |
4137 | u->id, | |
4138 | &u->unit_file_state); | |
4139 | if (r < 0) | |
4140 | u->unit_file_state = UNIT_FILE_BAD; | |
4141 | } | |
4142 | ||
4143 | return u->unit_file_state; | |
4144 | } | |
4145 | ||
4146 | PresetAction unit_get_unit_file_preset(Unit *u) { | |
4147 | int r; | |
4148 | ||
4149 | assert(u); | |
4150 | ||
4151 | if (u->unit_file_preset < 0 && u->fragment_path) { | |
4152 | _cleanup_free_ char *bn = NULL; | |
4153 | ||
4154 | r = path_extract_filename(u->fragment_path, &bn); | |
4155 | if (r < 0) | |
4156 | return (u->unit_file_preset = r); | |
4157 | ||
4158 | if (r == O_DIRECTORY) | |
4159 | return (u->unit_file_preset = -EISDIR); | |
4160 | ||
4161 | u->unit_file_preset = unit_file_query_preset( | |
4162 | u->manager->runtime_scope, | |
4163 | NULL, | |
4164 | bn, | |
4165 | NULL); | |
4166 | } | |
4167 | ||
4168 | return u->unit_file_preset; | |
4169 | } | |
4170 | ||
4171 | Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) { | |
4172 | assert(ref); | |
4173 | assert(source); | |
4174 | assert(target); | |
4175 | ||
4176 | if (ref->target) | |
4177 | unit_ref_unset(ref); | |
4178 | ||
4179 | ref->source = source; | |
4180 | ref->target = target; | |
4181 | LIST_PREPEND(refs_by_target, target->refs_by_target, ref); | |
4182 | return target; | |
4183 | } | |
4184 | ||
4185 | void unit_ref_unset(UnitRef *ref) { | |
4186 | assert(ref); | |
4187 | ||
4188 | if (!ref->target) | |
4189 | return; | |
4190 | ||
4191 | /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might | |
4192 | * be unreferenced now. */ | |
4193 | unit_add_to_gc_queue(ref->target); | |
4194 | ||
4195 | LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref); | |
4196 | ref->source = ref->target = NULL; | |
4197 | } | |
4198 | ||
4199 | static int user_from_unit_name(Unit *u, char **ret) { | |
4200 | ||
4201 | static const uint8_t hash_key[] = { | |
4202 | 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96, | |
4203 | 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec | |
4204 | }; | |
4205 | ||
4206 | _cleanup_free_ char *n = NULL; | |
4207 | int r; | |
4208 | ||
4209 | r = unit_name_to_prefix(u->id, &n); | |
4210 | if (r < 0) | |
4211 | return r; | |
4212 | ||
4213 | if (valid_user_group_name(n, 0)) { | |
4214 | *ret = TAKE_PTR(n); | |
4215 | return 0; | |
4216 | } | |
4217 | ||
4218 | /* If we can't use the unit name as a user name, then let's hash it and use that */ | |
4219 | if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0) | |
4220 | return -ENOMEM; | |
4221 | ||
4222 | return 0; | |
4223 | } | |
4224 | ||
4225 | static int unit_verify_contexts(const Unit *u, const ExecContext *ec) { | |
4226 | assert(u); | |
4227 | ||
4228 | if (!ec) | |
4229 | return 0; | |
4230 | ||
4231 | if (MANAGER_IS_USER(u->manager) && ec->dynamic_user) | |
4232 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "DynamicUser= enabled for user unit, which is not supported. Refusing."); | |
4233 | ||
4234 | if (ec->dynamic_user && ec->working_directory_home) | |
4235 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOEXEC), "WorkingDirectory=~ is not allowed under DynamicUser=yes. Refusing."); | |
4236 | ||
4237 | return 0; | |
4238 | } | |
4239 | ||
4240 | int unit_patch_contexts(Unit *u) { | |
4241 | CGroupContext *cc; | |
4242 | ExecContext *ec; | |
4243 | int r; | |
4244 | ||
4245 | assert(u); | |
4246 | ||
4247 | /* Patch in the manager defaults into the exec and cgroup | |
4248 | * contexts, _after_ the rest of the settings have been | |
4249 | * initialized */ | |
4250 | ||
4251 | ec = unit_get_exec_context(u); | |
4252 | if (ec) { | |
4253 | /* This only copies in the ones that need memory */ | |
4254 | for (unsigned i = 0; i < _RLIMIT_MAX; i++) | |
4255 | if (u->manager->defaults.rlimit[i] && !ec->rlimit[i]) { | |
4256 | ec->rlimit[i] = newdup(struct rlimit, u->manager->defaults.rlimit[i], 1); | |
4257 | if (!ec->rlimit[i]) | |
4258 | return -ENOMEM; | |
4259 | } | |
4260 | ||
4261 | if (MANAGER_IS_USER(u->manager) && !ec->working_directory) { | |
4262 | r = get_home_dir(&ec->working_directory); | |
4263 | if (r < 0) | |
4264 | return r; | |
4265 | ||
4266 | if (!ec->working_directory_home) | |
4267 | /* If home directory is implied by us, allow it to be missing. */ | |
4268 | ec->working_directory_missing_ok = true; | |
4269 | } | |
4270 | ||
4271 | if (ec->private_devices) | |
4272 | ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO)); | |
4273 | ||
4274 | if (ec->protect_kernel_modules) | |
4275 | ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE); | |
4276 | ||
4277 | if (ec->protect_kernel_logs) | |
4278 | ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG); | |
4279 | ||
4280 | if (ec->protect_clock) | |
4281 | ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM)); | |
4282 | ||
4283 | if (ec->dynamic_user) { | |
4284 | if (!ec->user) { | |
4285 | r = user_from_unit_name(u, &ec->user); | |
4286 | if (r < 0) | |
4287 | return r; | |
4288 | } | |
4289 | ||
4290 | if (!ec->group) { | |
4291 | ec->group = strdup(ec->user); | |
4292 | if (!ec->group) | |
4293 | return -ENOMEM; | |
4294 | } | |
4295 | ||
4296 | /* If the dynamic user option is on, let's make sure that the unit can't leave its | |
4297 | * UID/GID around in the file system or on IPC objects. Hence enforce a strict | |
4298 | * sandbox. */ | |
4299 | ||
4300 | ec->private_tmp = true; | |
4301 | ec->remove_ipc = true; | |
4302 | ec->protect_system = PROTECT_SYSTEM_STRICT; | |
4303 | if (ec->protect_home == PROTECT_HOME_NO) | |
4304 | ec->protect_home = PROTECT_HOME_READ_ONLY; | |
4305 | ||
4306 | /* Make sure this service can neither benefit from SUID/SGID binaries nor create | |
4307 | * them. */ | |
4308 | ec->no_new_privileges = true; | |
4309 | ec->restrict_suid_sgid = true; | |
4310 | } | |
4311 | ||
4312 | FOREACH_ARRAY(d, ec->directories, _EXEC_DIRECTORY_TYPE_MAX) | |
4313 | exec_directory_sort(d); | |
4314 | } | |
4315 | ||
4316 | cc = unit_get_cgroup_context(u); | |
4317 | if (cc && ec) { | |
4318 | ||
4319 | if (ec->private_devices && | |
4320 | cc->device_policy == CGROUP_DEVICE_POLICY_AUTO) | |
4321 | cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED; | |
4322 | ||
4323 | /* Only add these if needed, as they imply that everything else is blocked. */ | |
4324 | if (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow) { | |
4325 | if (ec->root_image || ec->mount_images) { | |
4326 | ||
4327 | /* When RootImage= or MountImages= is specified, the following devices are touched. */ | |
4328 | FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") { | |
4329 | r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE); | |
4330 | if (r < 0) | |
4331 | return r; | |
4332 | } | |
4333 | FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") { | |
4334 | r = cgroup_context_add_device_allow(cc, p, CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE|CGROUP_DEVICE_MKNOD); | |
4335 | if (r < 0) | |
4336 | return r; | |
4337 | } | |
4338 | ||
4339 | /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices. | |
4340 | * Same for mapper and verity. */ | |
4341 | FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") { | |
4342 | r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE); | |
4343 | if (r < 0) | |
4344 | return r; | |
4345 | } | |
4346 | } | |
4347 | ||
4348 | if (ec->protect_clock) { | |
4349 | r = cgroup_context_add_device_allow(cc, "char-rtc", CGROUP_DEVICE_READ); | |
4350 | if (r < 0) | |
4351 | return r; | |
4352 | } | |
4353 | ||
4354 | /* If there are encrypted credentials we might need to access the TPM. */ | |
4355 | if (exec_context_has_encrypted_credentials(ec)) { | |
4356 | r = cgroup_context_add_device_allow(cc, "char-tpm", CGROUP_DEVICE_READ|CGROUP_DEVICE_WRITE); | |
4357 | if (r < 0) | |
4358 | return r; | |
4359 | } | |
4360 | } | |
4361 | } | |
4362 | ||
4363 | return unit_verify_contexts(u, ec); | |
4364 | } | |
4365 | ||
4366 | ExecContext *unit_get_exec_context(const Unit *u) { | |
4367 | size_t offset; | |
4368 | assert(u); | |
4369 | ||
4370 | if (u->type < 0) | |
4371 | return NULL; | |
4372 | ||
4373 | offset = UNIT_VTABLE(u)->exec_context_offset; | |
4374 | if (offset <= 0) | |
4375 | return NULL; | |
4376 | ||
4377 | return (ExecContext*) ((uint8_t*) u + offset); | |
4378 | } | |
4379 | ||
4380 | KillContext *unit_get_kill_context(const Unit *u) { | |
4381 | size_t offset; | |
4382 | assert(u); | |
4383 | ||
4384 | if (u->type < 0) | |
4385 | return NULL; | |
4386 | ||
4387 | offset = UNIT_VTABLE(u)->kill_context_offset; | |
4388 | if (offset <= 0) | |
4389 | return NULL; | |
4390 | ||
4391 | return (KillContext*) ((uint8_t*) u + offset); | |
4392 | } | |
4393 | ||
4394 | CGroupContext *unit_get_cgroup_context(const Unit *u) { | |
4395 | size_t offset; | |
4396 | ||
4397 | if (u->type < 0) | |
4398 | return NULL; | |
4399 | ||
4400 | offset = UNIT_VTABLE(u)->cgroup_context_offset; | |
4401 | if (offset <= 0) | |
4402 | return NULL; | |
4403 | ||
4404 | return (CGroupContext*) ((uint8_t*) u + offset); | |
4405 | } | |
4406 | ||
4407 | ExecRuntime *unit_get_exec_runtime(const Unit *u) { | |
4408 | size_t offset; | |
4409 | ||
4410 | if (u->type < 0) | |
4411 | return NULL; | |
4412 | ||
4413 | offset = UNIT_VTABLE(u)->exec_runtime_offset; | |
4414 | if (offset <= 0) | |
4415 | return NULL; | |
4416 | ||
4417 | return *(ExecRuntime**) ((uint8_t*) u + offset); | |
4418 | } | |
4419 | ||
4420 | CGroupRuntime *unit_get_cgroup_runtime(const Unit *u) { | |
4421 | size_t offset; | |
4422 | ||
4423 | if (u->type < 0) | |
4424 | return NULL; | |
4425 | ||
4426 | offset = UNIT_VTABLE(u)->cgroup_runtime_offset; | |
4427 | if (offset <= 0) | |
4428 | return NULL; | |
4429 | ||
4430 | return *(CGroupRuntime**) ((uint8_t*) u + offset); | |
4431 | } | |
4432 | ||
4433 | static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) { | |
4434 | assert(u); | |
4435 | ||
4436 | if (UNIT_WRITE_FLAGS_NOOP(flags)) | |
4437 | return NULL; | |
4438 | ||
4439 | if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */ | |
4440 | return u->manager->lookup_paths.transient; | |
4441 | ||
4442 | if (flags & UNIT_PERSISTENT) | |
4443 | return u->manager->lookup_paths.persistent_control; | |
4444 | ||
4445 | if (flags & UNIT_RUNTIME) | |
4446 | return u->manager->lookup_paths.runtime_control; | |
4447 | ||
4448 | return NULL; | |
4449 | } | |
4450 | ||
4451 | const char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) { | |
4452 | assert(s); | |
4453 | assert(popcount(flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX | UNIT_ESCAPE_C)) <= 1); | |
4454 | assert(buf); | |
4455 | ||
4456 | _cleanup_free_ char *t = NULL; | |
4457 | ||
4458 | /* Returns a string with any escaping done. If no escaping was necessary, *buf is set to NULL, and | |
4459 | * the input pointer is returned as-is. If an allocation was needed, the return buffer pointer is | |
4460 | * written to *buf. This means the return value always contains a properly escaped version, but *buf | |
4461 | * only contains a pointer if an allocation was made. Callers can use this to optimize memory | |
4462 | * allocations. */ | |
4463 | ||
4464 | if (flags & UNIT_ESCAPE_SPECIFIERS) { | |
4465 | t = specifier_escape(s); | |
4466 | if (!t) | |
4467 | return NULL; | |
4468 | ||
4469 | s = t; | |
4470 | } | |
4471 | ||
4472 | /* We either do C-escaping or shell-escaping, to additionally escape characters that we parse for | |
4473 | * ExecStart= and friends, i.e. '$' and quotes. */ | |
4474 | ||
4475 | if (flags & (UNIT_ESCAPE_EXEC_SYNTAX_ENV | UNIT_ESCAPE_EXEC_SYNTAX)) { | |
4476 | char *t2; | |
4477 | ||
4478 | if (flags & UNIT_ESCAPE_EXEC_SYNTAX_ENV) { | |
4479 | t2 = strreplace(s, "$", "$$"); | |
4480 | if (!t2) | |
4481 | return NULL; | |
4482 | free_and_replace(t, t2); | |
4483 | } | |
4484 | ||
4485 | t2 = shell_escape(t ?: s, "\""); | |
4486 | if (!t2) | |
4487 | return NULL; | |
4488 | free_and_replace(t, t2); | |
4489 | ||
4490 | s = t; | |
4491 | ||
4492 | } else if (flags & UNIT_ESCAPE_C) { | |
4493 | char *t2; | |
4494 | ||
4495 | t2 = cescape(s); | |
4496 | if (!t2) | |
4497 | return NULL; | |
4498 | free_and_replace(t, t2); | |
4499 | ||
4500 | s = t; | |
4501 | } | |
4502 | ||
4503 | *buf = TAKE_PTR(t); | |
4504 | return s; | |
4505 | } | |
4506 | ||
4507 | char* unit_concat_strv(char **l, UnitWriteFlags flags) { | |
4508 | _cleanup_free_ char *result = NULL; | |
4509 | size_t n = 0; | |
4510 | ||
4511 | /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command | |
4512 | * lines in a way suitable for ExecStart= stanzas. */ | |
4513 | ||
4514 | STRV_FOREACH(i, l) { | |
4515 | _cleanup_free_ char *buf = NULL; | |
4516 | const char *p; | |
4517 | size_t a; | |
4518 | char *q; | |
4519 | ||
4520 | p = unit_escape_setting(*i, flags, &buf); | |
4521 | if (!p) | |
4522 | return NULL; | |
4523 | ||
4524 | a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */ | |
4525 | if (!GREEDY_REALLOC(result, n + a + 1)) | |
4526 | return NULL; | |
4527 | ||
4528 | q = result + n; | |
4529 | if (n > 0) | |
4530 | *(q++) = ' '; | |
4531 | ||
4532 | *(q++) = '"'; | |
4533 | q = stpcpy(q, p); | |
4534 | *(q++) = '"'; | |
4535 | ||
4536 | n += a; | |
4537 | } | |
4538 | ||
4539 | if (!GREEDY_REALLOC(result, n + 1)) | |
4540 | return NULL; | |
4541 | ||
4542 | result[n] = 0; | |
4543 | ||
4544 | return TAKE_PTR(result); | |
4545 | } | |
4546 | ||
4547 | int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) { | |
4548 | _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL; | |
4549 | const char *dir, *wrapped; | |
4550 | int r; | |
4551 | ||
4552 | assert(u); | |
4553 | assert(name); | |
4554 | assert(data); | |
4555 | ||
4556 | if (UNIT_WRITE_FLAGS_NOOP(flags)) | |
4557 | return 0; | |
4558 | ||
4559 | data = unit_escape_setting(data, flags, &escaped); | |
4560 | if (!data) | |
4561 | return -ENOMEM; | |
4562 | ||
4563 | /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the | |
4564 | * previous section header is the same */ | |
4565 | ||
4566 | if (flags & UNIT_PRIVATE) { | |
4567 | if (!UNIT_VTABLE(u)->private_section) | |
4568 | return -EINVAL; | |
4569 | ||
4570 | if (!u->transient_file || u->last_section_private < 0) | |
4571 | data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data); | |
4572 | else if (u->last_section_private == 0) | |
4573 | data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data); | |
4574 | } else { | |
4575 | if (!u->transient_file || u->last_section_private < 0) | |
4576 | data = strjoina("[Unit]\n", data); | |
4577 | else if (u->last_section_private > 0) | |
4578 | data = strjoina("\n[Unit]\n", data); | |
4579 | } | |
4580 | ||
4581 | if (u->transient_file) { | |
4582 | /* When this is a transient unit file in creation, then let's not create a new drop-in but instead | |
4583 | * write to the transient unit file. */ | |
4584 | fputs(data, u->transient_file); | |
4585 | ||
4586 | if (!endswith(data, "\n")) | |
4587 | fputc('\n', u->transient_file); | |
4588 | ||
4589 | /* Remember which section we wrote this entry to */ | |
4590 | u->last_section_private = !!(flags & UNIT_PRIVATE); | |
4591 | return 0; | |
4592 | } | |
4593 | ||
4594 | dir = unit_drop_in_dir(u, flags); | |
4595 | if (!dir) | |
4596 | return -EINVAL; | |
4597 | ||
4598 | wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n" | |
4599 | "# or an equivalent operation. Do not edit.\n", | |
4600 | data, | |
4601 | "\n"); | |
4602 | ||
4603 | r = drop_in_file(dir, u->id, 50, name, &p, &q); | |
4604 | if (r < 0) | |
4605 | return r; | |
4606 | ||
4607 | (void) mkdir_p_label(p, 0755); | |
4608 | ||
4609 | /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly | |
4610 | * recreate the cache after every drop-in we write. */ | |
4611 | if (u->manager->unit_path_cache) { | |
4612 | r = set_put_strdup(&u->manager->unit_path_cache, p); | |
4613 | if (r < 0) | |
4614 | return r; | |
4615 | } | |
4616 | ||
4617 | r = write_string_file_atomic_label(q, wrapped); | |
4618 | if (r < 0) | |
4619 | return r; | |
4620 | ||
4621 | r = strv_push(&u->dropin_paths, q); | |
4622 | if (r < 0) | |
4623 | return r; | |
4624 | q = NULL; | |
4625 | ||
4626 | strv_uniq(u->dropin_paths); | |
4627 | ||
4628 | u->dropin_mtime = now(CLOCK_REALTIME); | |
4629 | ||
4630 | return 0; | |
4631 | } | |
4632 | ||
4633 | int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) { | |
4634 | _cleanup_free_ char *p = NULL; | |
4635 | va_list ap; | |
4636 | int r; | |
4637 | ||
4638 | assert(u); | |
4639 | assert(name); | |
4640 | assert(format); | |
4641 | ||
4642 | if (UNIT_WRITE_FLAGS_NOOP(flags)) | |
4643 | return 0; | |
4644 | ||
4645 | va_start(ap, format); | |
4646 | r = vasprintf(&p, format, ap); | |
4647 | va_end(ap); | |
4648 | ||
4649 | if (r < 0) | |
4650 | return -ENOMEM; | |
4651 | ||
4652 | return unit_write_setting(u, flags, name, p); | |
4653 | } | |
4654 | ||
4655 | int unit_make_transient(Unit *u) { | |
4656 | _cleanup_free_ char *path = NULL; | |
4657 | FILE *f; | |
4658 | ||
4659 | assert(u); | |
4660 | ||
4661 | if (!UNIT_VTABLE(u)->can_transient) | |
4662 | return -EOPNOTSUPP; | |
4663 | ||
4664 | (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755); | |
4665 | ||
4666 | path = path_join(u->manager->lookup_paths.transient, u->id); | |
4667 | if (!path) | |
4668 | return -ENOMEM; | |
4669 | ||
4670 | /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are | |
4671 | * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */ | |
4672 | ||
4673 | WITH_UMASK(0022) { | |
4674 | f = fopen(path, "we"); | |
4675 | if (!f) | |
4676 | return -errno; | |
4677 | } | |
4678 | ||
4679 | safe_fclose(u->transient_file); | |
4680 | u->transient_file = f; | |
4681 | ||
4682 | free_and_replace(u->fragment_path, path); | |
4683 | ||
4684 | u->source_path = mfree(u->source_path); | |
4685 | u->dropin_paths = strv_free(u->dropin_paths); | |
4686 | u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0; | |
4687 | ||
4688 | u->load_state = UNIT_STUB; | |
4689 | u->load_error = 0; | |
4690 | u->transient = true; | |
4691 | ||
4692 | unit_add_to_dbus_queue(u); | |
4693 | unit_add_to_gc_queue(u); | |
4694 | ||
4695 | fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n", | |
4696 | u->transient_file); | |
4697 | ||
4698 | return 0; | |
4699 | } | |
4700 | ||
4701 | static int log_kill(const PidRef *pid, int sig, void *userdata) { | |
4702 | _cleanup_free_ char *comm = NULL; | |
4703 | ||
4704 | assert(pidref_is_set(pid)); | |
4705 | ||
4706 | (void) pidref_get_comm(pid, &comm); | |
4707 | ||
4708 | /* Don't log about processes marked with brackets, under the assumption that these are temporary processes | |
4709 | only, like for example systemd's own PAM stub process. */ | |
4710 | if (comm && comm[0] == '(') | |
4711 | /* Although we didn't log anything, as this callback is used in unit_kill_context we must return 1 | |
4712 | * here to let the manager know that a process was killed. */ | |
4713 | return 1; | |
4714 | ||
4715 | log_unit_notice(userdata, | |
4716 | "Killing process " PID_FMT " (%s) with signal SIG%s.", | |
4717 | pid->pid, | |
4718 | strna(comm), | |
4719 | signal_to_string(sig)); | |
4720 | ||
4721 | return 1; | |
4722 | } | |
4723 | ||
4724 | static int operation_to_signal( | |
4725 | const KillContext *c, | |
4726 | KillOperation k, | |
4727 | bool *ret_noteworthy) { | |
4728 | ||
4729 | assert(c); | |
4730 | ||
4731 | switch (k) { | |
4732 | ||
4733 | case KILL_TERMINATE: | |
4734 | case KILL_TERMINATE_AND_LOG: | |
4735 | *ret_noteworthy = false; | |
4736 | return c->kill_signal; | |
4737 | ||
4738 | case KILL_RESTART: | |
4739 | *ret_noteworthy = false; | |
4740 | return restart_kill_signal(c); | |
4741 | ||
4742 | case KILL_KILL: | |
4743 | *ret_noteworthy = true; | |
4744 | return c->final_kill_signal; | |
4745 | ||
4746 | case KILL_WATCHDOG: | |
4747 | *ret_noteworthy = true; | |
4748 | return c->watchdog_signal; | |
4749 | ||
4750 | default: | |
4751 | assert_not_reached(); | |
4752 | } | |
4753 | } | |
4754 | ||
4755 | static int unit_kill_context_one( | |
4756 | Unit *u, | |
4757 | const PidRef *pidref, | |
4758 | const char *type, | |
4759 | bool is_alien, | |
4760 | int sig, | |
4761 | bool send_sighup, | |
4762 | cg_kill_log_func_t log_func) { | |
4763 | ||
4764 | int r; | |
4765 | ||
4766 | assert(u); | |
4767 | assert(type); | |
4768 | ||
4769 | /* This returns > 0 if it makes sense to wait for SIGCHLD for the process, == 0 if not. */ | |
4770 | ||
4771 | if (!pidref_is_set(pidref)) | |
4772 | return 0; | |
4773 | ||
4774 | if (log_func) | |
4775 | log_func(pidref, sig, u); | |
4776 | ||
4777 | r = pidref_kill_and_sigcont(pidref, sig); | |
4778 | if (r == -ESRCH) | |
4779 | return !is_alien; | |
4780 | if (r < 0) { | |
4781 | _cleanup_free_ char *comm = NULL; | |
4782 | ||
4783 | (void) pidref_get_comm(pidref, &comm); | |
4784 | return log_unit_warning_errno(u, r, "Failed to kill %s process " PID_FMT " (%s), ignoring: %m", type, pidref->pid, strna(comm)); | |
4785 | } | |
4786 | ||
4787 | if (send_sighup) | |
4788 | (void) pidref_kill(pidref, SIGHUP); | |
4789 | ||
4790 | return !is_alien; | |
4791 | } | |
4792 | ||
4793 | int unit_kill_context(Unit *u, KillOperation k) { | |
4794 | bool wait_for_exit = false, send_sighup; | |
4795 | cg_kill_log_func_t log_func = NULL; | |
4796 | int sig, r; | |
4797 | ||
4798 | assert(u); | |
4799 | ||
4800 | /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0 | |
4801 | * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common() | |
4802 | * which is used for user-requested killing of unit processes. */ | |
4803 | ||
4804 | KillContext *c = unit_get_kill_context(u); | |
4805 | if (!c || c->kill_mode == KILL_NONE) | |
4806 | return 0; | |
4807 | ||
4808 | bool noteworthy; | |
4809 | sig = operation_to_signal(c, k, ¬eworthy); | |
4810 | if (noteworthy) | |
4811 | log_func = log_kill; | |
4812 | ||
4813 | send_sighup = | |
4814 | c->send_sighup && | |
4815 | IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) && | |
4816 | sig != SIGHUP; | |
4817 | ||
4818 | bool is_alien; | |
4819 | PidRef *main_pid = unit_main_pid_full(u, &is_alien); | |
4820 | r = unit_kill_context_one(u, main_pid, "main", is_alien, sig, send_sighup, log_func); | |
4821 | wait_for_exit = wait_for_exit || r > 0; | |
4822 | ||
4823 | r = unit_kill_context_one(u, unit_control_pid(u), "control", /* is_alien = */ false, sig, send_sighup, log_func); | |
4824 | wait_for_exit = wait_for_exit || r > 0; | |
4825 | ||
4826 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
4827 | if (crt && crt->cgroup_path && | |
4828 | (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) { | |
4829 | _cleanup_set_free_ Set *pid_set = NULL; | |
4830 | ||
4831 | /* Exclude the main/control pids from being killed via the cgroup */ | |
4832 | r = unit_pid_set(u, &pid_set); | |
4833 | if (r < 0) | |
4834 | return r; | |
4835 | ||
4836 | r = cg_kill_recursive( | |
4837 | crt->cgroup_path, | |
4838 | sig, | |
4839 | CGROUP_SIGCONT|CGROUP_IGNORE_SELF, | |
4840 | pid_set, | |
4841 | log_func, u); | |
4842 | if (r < 0) { | |
4843 | if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT)) | |
4844 | log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", empty_to_root(crt->cgroup_path)); | |
4845 | ||
4846 | } else if (r > 0) { | |
4847 | ||
4848 | /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if | |
4849 | * we are running in a container or if this is a delegation unit, simply because cgroup | |
4850 | * notification is unreliable in these cases. It doesn't work at all in containers, and outside | |
4851 | * of containers it can be confused easily by left-over directories in the cgroup — which | |
4852 | * however should not exist in non-delegated units. On the unified hierarchy that's different, | |
4853 | * there we get proper events. Hence rely on them. */ | |
4854 | ||
4855 | if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 || | |
4856 | (detect_container() == 0 && !unit_cgroup_delegate(u))) | |
4857 | wait_for_exit = true; | |
4858 | ||
4859 | if (send_sighup) { | |
4860 | r = unit_pid_set(u, &pid_set); | |
4861 | if (r < 0) | |
4862 | return r; | |
4863 | ||
4864 | (void) cg_kill_recursive( | |
4865 | crt->cgroup_path, | |
4866 | SIGHUP, | |
4867 | CGROUP_IGNORE_SELF, | |
4868 | pid_set, | |
4869 | /* kill_log= */ NULL, | |
4870 | /* userdata= */ NULL); | |
4871 | } | |
4872 | } | |
4873 | } | |
4874 | ||
4875 | return wait_for_exit; | |
4876 | } | |
4877 | ||
4878 | int unit_add_mounts_for(Unit *u, const char *path, UnitDependencyMask mask, UnitMountDependencyType type) { | |
4879 | Hashmap **unit_map, **manager_map; | |
4880 | int r; | |
4881 | ||
4882 | assert(u); | |
4883 | assert(path); | |
4884 | assert(type >= 0 && type < _UNIT_MOUNT_DEPENDENCY_TYPE_MAX); | |
4885 | ||
4886 | unit_map = &u->mounts_for[type]; | |
4887 | manager_map = &u->manager->units_needing_mounts_for[type]; | |
4888 | ||
4889 | /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these | |
4890 | * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the | |
4891 | * dependency came to be). However, we build a prefix table for all possible prefixes so that new | |
4892 | * appearing mount units can easily determine which units to make themselves a dependency of. */ | |
4893 | ||
4894 | if (!path_is_absolute(path)) | |
4895 | return -EINVAL; | |
4896 | ||
4897 | if (hashmap_contains(*unit_map, path)) /* Exit quickly if the path is already covered. */ | |
4898 | return 0; | |
4899 | ||
4900 | /* Use the canonical form of the path as the stored key. We call path_is_normalized() | |
4901 | * only after simplification, since path_is_normalized() rejects paths with '.'. | |
4902 | * path_is_normalized() also verifies that the path fits in PATH_MAX. */ | |
4903 | _cleanup_free_ char *p = NULL; | |
4904 | r = path_simplify_alloc(path, &p); | |
4905 | if (r < 0) | |
4906 | return r; | |
4907 | path = p; | |
4908 | ||
4909 | if (!path_is_normalized(path)) | |
4910 | return -EPERM; | |
4911 | ||
4912 | UnitDependencyInfo di = { | |
4913 | .origin_mask = mask | |
4914 | }; | |
4915 | ||
4916 | r = hashmap_ensure_put(unit_map, &path_hash_ops, p, di.data); | |
4917 | if (r < 0) | |
4918 | return r; | |
4919 | assert(r > 0); | |
4920 | TAKE_PTR(p); /* path remains a valid pointer to the string stored in the hashmap */ | |
4921 | ||
4922 | char prefix[strlen(path) + 1]; | |
4923 | PATH_FOREACH_PREFIX_MORE(prefix, path) { | |
4924 | Set *x; | |
4925 | ||
4926 | x = hashmap_get(*manager_map, prefix); | |
4927 | if (!x) { | |
4928 | _cleanup_free_ char *q = NULL; | |
4929 | ||
4930 | r = hashmap_ensure_allocated(manager_map, &path_hash_ops); | |
4931 | if (r < 0) | |
4932 | return r; | |
4933 | ||
4934 | q = strdup(prefix); | |
4935 | if (!q) | |
4936 | return -ENOMEM; | |
4937 | ||
4938 | x = set_new(NULL); | |
4939 | if (!x) | |
4940 | return -ENOMEM; | |
4941 | ||
4942 | r = hashmap_put(*manager_map, q, x); | |
4943 | if (r < 0) { | |
4944 | set_free(x); | |
4945 | return r; | |
4946 | } | |
4947 | q = NULL; | |
4948 | } | |
4949 | ||
4950 | r = set_put(x, u); | |
4951 | if (r < 0) | |
4952 | return r; | |
4953 | } | |
4954 | ||
4955 | return 0; | |
4956 | } | |
4957 | ||
4958 | int unit_setup_exec_runtime(Unit *u) { | |
4959 | _cleanup_(exec_shared_runtime_unrefp) ExecSharedRuntime *esr = NULL; | |
4960 | _cleanup_(dynamic_creds_unrefp) DynamicCreds *dcreds = NULL; | |
4961 | _cleanup_set_free_ Set *units = NULL; | |
4962 | ExecRuntime **rt; | |
4963 | ExecContext *ec; | |
4964 | size_t offset; | |
4965 | Unit *other; | |
4966 | int r; | |
4967 | ||
4968 | offset = UNIT_VTABLE(u)->exec_runtime_offset; | |
4969 | assert(offset > 0); | |
4970 | ||
4971 | /* Check if there already is an ExecRuntime for this unit? */ | |
4972 | rt = (ExecRuntime**) ((uint8_t*) u + offset); | |
4973 | if (*rt) | |
4974 | return 0; | |
4975 | ||
4976 | ec = ASSERT_PTR(unit_get_exec_context(u)); | |
4977 | ||
4978 | r = unit_get_transitive_dependency_set(u, UNIT_ATOM_JOINS_NAMESPACE_OF, &units); | |
4979 | if (r < 0) | |
4980 | return r; | |
4981 | ||
4982 | /* Try to get it from somebody else */ | |
4983 | SET_FOREACH(other, units) { | |
4984 | r = exec_shared_runtime_acquire(u->manager, NULL, other->id, false, &esr); | |
4985 | if (r < 0) | |
4986 | return r; | |
4987 | if (r > 0) | |
4988 | break; | |
4989 | } | |
4990 | ||
4991 | if (!esr) { | |
4992 | r = exec_shared_runtime_acquire(u->manager, ec, u->id, true, &esr); | |
4993 | if (r < 0) | |
4994 | return r; | |
4995 | } | |
4996 | ||
4997 | if (ec->dynamic_user) { | |
4998 | r = dynamic_creds_make(u->manager, ec->user, ec->group, &dcreds); | |
4999 | if (r < 0) | |
5000 | return r; | |
5001 | } | |
5002 | ||
5003 | r = exec_runtime_make(u, ec, esr, dcreds, rt); | |
5004 | if (r < 0) | |
5005 | return r; | |
5006 | ||
5007 | TAKE_PTR(esr); | |
5008 | TAKE_PTR(dcreds); | |
5009 | ||
5010 | return r; | |
5011 | } | |
5012 | ||
5013 | CGroupRuntime *unit_setup_cgroup_runtime(Unit *u) { | |
5014 | size_t offset; | |
5015 | ||
5016 | assert(u); | |
5017 | ||
5018 | offset = UNIT_VTABLE(u)->cgroup_runtime_offset; | |
5019 | assert(offset > 0); | |
5020 | ||
5021 | CGroupRuntime **rt = (CGroupRuntime**) ((uint8_t*) u + offset); | |
5022 | if (*rt) | |
5023 | return *rt; | |
5024 | ||
5025 | return (*rt = cgroup_runtime_new()); | |
5026 | } | |
5027 | ||
5028 | bool unit_type_supported(UnitType t) { | |
5029 | static int8_t cache[_UNIT_TYPE_MAX] = {}; /* -1: disabled, 1: enabled: 0: don't know */ | |
5030 | int r; | |
5031 | ||
5032 | assert(t >= 0 && t < _UNIT_TYPE_MAX); | |
5033 | ||
5034 | if (cache[t] == 0) { | |
5035 | char *e; | |
5036 | ||
5037 | e = strjoina("SYSTEMD_SUPPORT_", unit_type_to_string(t)); | |
5038 | ||
5039 | r = getenv_bool(ascii_strupper(e)); | |
5040 | if (r < 0 && r != -ENXIO) | |
5041 | log_debug_errno(r, "Failed to parse $%s, ignoring: %m", e); | |
5042 | ||
5043 | cache[t] = r == 0 ? -1 : 1; | |
5044 | } | |
5045 | if (cache[t] < 0) | |
5046 | return false; | |
5047 | ||
5048 | if (!unit_vtable[t]->supported) | |
5049 | return true; | |
5050 | ||
5051 | return unit_vtable[t]->supported(); | |
5052 | } | |
5053 | ||
5054 | void unit_warn_if_dir_nonempty(Unit *u, const char* where) { | |
5055 | int r; | |
5056 | ||
5057 | assert(u); | |
5058 | assert(where); | |
5059 | ||
5060 | if (!unit_log_level_test(u, LOG_NOTICE)) | |
5061 | return; | |
5062 | ||
5063 | r = dir_is_empty(where, /* ignore_hidden_or_backup= */ false); | |
5064 | if (r > 0 || r == -ENOTDIR) | |
5065 | return; | |
5066 | if (r < 0) { | |
5067 | log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where); | |
5068 | return; | |
5069 | } | |
5070 | ||
5071 | log_unit_struct(u, LOG_NOTICE, | |
5072 | "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR, | |
5073 | LOG_UNIT_INVOCATION_ID(u), | |
5074 | LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where), | |
5075 | "WHERE=%s", where); | |
5076 | } | |
5077 | ||
5078 | int unit_fail_if_noncanonical(Unit *u, const char* where) { | |
5079 | _cleanup_free_ char *canonical_where = NULL; | |
5080 | int r; | |
5081 | ||
5082 | assert(u); | |
5083 | assert(where); | |
5084 | ||
5085 | r = chase(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL); | |
5086 | if (r < 0) { | |
5087 | log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where); | |
5088 | return 0; | |
5089 | } | |
5090 | ||
5091 | /* We will happily ignore a trailing slash (or any redundant slashes) */ | |
5092 | if (path_equal(where, canonical_where)) | |
5093 | return 0; | |
5094 | ||
5095 | /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */ | |
5096 | log_unit_struct(u, LOG_ERR, | |
5097 | "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR, | |
5098 | LOG_UNIT_INVOCATION_ID(u), | |
5099 | LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where), | |
5100 | "WHERE=%s", where); | |
5101 | ||
5102 | return -ELOOP; | |
5103 | } | |
5104 | ||
5105 | bool unit_is_pristine(Unit *u) { | |
5106 | assert(u); | |
5107 | ||
5108 | /* Check if the unit already exists or is already around, in a number of different ways. Note that to | |
5109 | * cater for unit types such as slice, we are generally fine with units that are marked UNIT_LOADED | |
5110 | * even though nothing was actually loaded, as those unit types don't require a file on disk. | |
5111 | * | |
5112 | * Note that we don't check for drop-ins here, because we allow drop-ins for transient units | |
5113 | * identically to non-transient units, both unit-specific and hierarchical. E.g. for a-b-c.service: | |
5114 | * service.d/….conf, a-.service.d/….conf, a-b-.service.d/….conf, a-b-c.service.d/….conf. | |
5115 | */ | |
5116 | ||
5117 | return IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) && | |
5118 | !u->fragment_path && | |
5119 | !u->source_path && | |
5120 | !u->job && | |
5121 | !u->merged_into; | |
5122 | } | |
5123 | ||
5124 | PidRef* unit_control_pid(Unit *u) { | |
5125 | assert(u); | |
5126 | ||
5127 | if (UNIT_VTABLE(u)->control_pid) | |
5128 | return UNIT_VTABLE(u)->control_pid(u); | |
5129 | ||
5130 | return NULL; | |
5131 | } | |
5132 | ||
5133 | PidRef* unit_main_pid_full(Unit *u, bool *ret_is_alien) { | |
5134 | assert(u); | |
5135 | ||
5136 | if (UNIT_VTABLE(u)->main_pid) | |
5137 | return UNIT_VTABLE(u)->main_pid(u, ret_is_alien); | |
5138 | ||
5139 | if (ret_is_alien) | |
5140 | *ret_is_alien = false; | |
5141 | return NULL; | |
5142 | } | |
5143 | ||
5144 | static void unit_modify_user_nft_set(Unit *u, bool add, NFTSetSource source, uint32_t element) { | |
5145 | int r; | |
5146 | ||
5147 | assert(u); | |
5148 | ||
5149 | if (!MANAGER_IS_SYSTEM(u->manager)) | |
5150 | return; | |
5151 | ||
5152 | CGroupContext *c; | |
5153 | c = unit_get_cgroup_context(u); | |
5154 | if (!c) | |
5155 | return; | |
5156 | ||
5157 | if (!u->manager->fw_ctx) { | |
5158 | r = fw_ctx_new_full(&u->manager->fw_ctx, /* init_tables= */ false); | |
5159 | if (r < 0) | |
5160 | return; | |
5161 | ||
5162 | assert(u->manager->fw_ctx); | |
5163 | } | |
5164 | ||
5165 | FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) { | |
5166 | if (nft_set->source != source) | |
5167 | continue; | |
5168 | ||
5169 | r = nft_set_element_modify_any(u->manager->fw_ctx, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element)); | |
5170 | if (r < 0) | |
5171 | log_warning_errno(r, "Failed to %s NFT set: family %s, table %s, set %s, ID %u, ignoring: %m", | |
5172 | add? "add" : "delete", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element); | |
5173 | else | |
5174 | log_debug("%s NFT set: family %s, table %s, set %s, ID %u", | |
5175 | add? "Added" : "Deleted", nfproto_to_string(nft_set->nfproto), nft_set->table, nft_set->set, element); | |
5176 | } | |
5177 | } | |
5178 | ||
5179 | static void unit_unref_uid_internal( | |
5180 | Unit *u, | |
5181 | uid_t *ref_uid, | |
5182 | bool destroy_now, | |
5183 | void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) { | |
5184 | ||
5185 | assert(u); | |
5186 | assert(ref_uid); | |
5187 | assert(_manager_unref_uid); | |
5188 | ||
5189 | /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and | |
5190 | * gid_t are actually the same time, with the same validity rules. | |
5191 | * | |
5192 | * Drops a reference to UID/GID from a unit. */ | |
5193 | ||
5194 | assert_cc(sizeof(uid_t) == sizeof(gid_t)); | |
5195 | assert_cc(UID_INVALID == (uid_t) GID_INVALID); | |
5196 | ||
5197 | if (!uid_is_valid(*ref_uid)) | |
5198 | return; | |
5199 | ||
5200 | _manager_unref_uid(u->manager, *ref_uid, destroy_now); | |
5201 | *ref_uid = UID_INVALID; | |
5202 | } | |
5203 | ||
5204 | static void unit_unref_uid(Unit *u, bool destroy_now) { | |
5205 | assert(u); | |
5206 | ||
5207 | unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_USER, u->ref_uid); | |
5208 | ||
5209 | unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid); | |
5210 | } | |
5211 | ||
5212 | static void unit_unref_gid(Unit *u, bool destroy_now) { | |
5213 | assert(u); | |
5214 | ||
5215 | unit_modify_user_nft_set(u, /* add = */ false, NFT_SET_SOURCE_GROUP, u->ref_gid); | |
5216 | ||
5217 | unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid); | |
5218 | } | |
5219 | ||
5220 | void unit_unref_uid_gid(Unit *u, bool destroy_now) { | |
5221 | assert(u); | |
5222 | ||
5223 | unit_unref_uid(u, destroy_now); | |
5224 | unit_unref_gid(u, destroy_now); | |
5225 | } | |
5226 | ||
5227 | static int unit_ref_uid_internal( | |
5228 | Unit *u, | |
5229 | uid_t *ref_uid, | |
5230 | uid_t uid, | |
5231 | bool clean_ipc, | |
5232 | int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) { | |
5233 | ||
5234 | int r; | |
5235 | ||
5236 | assert(u); | |
5237 | assert(ref_uid); | |
5238 | assert(uid_is_valid(uid)); | |
5239 | assert(_manager_ref_uid); | |
5240 | ||
5241 | /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t | |
5242 | * are actually the same type, and have the same validity rules. | |
5243 | * | |
5244 | * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a | |
5245 | * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter | |
5246 | * drops to zero. */ | |
5247 | ||
5248 | assert_cc(sizeof(uid_t) == sizeof(gid_t)); | |
5249 | assert_cc(UID_INVALID == (uid_t) GID_INVALID); | |
5250 | ||
5251 | if (*ref_uid == uid) | |
5252 | return 0; | |
5253 | ||
5254 | if (uid_is_valid(*ref_uid)) /* Already set? */ | |
5255 | return -EBUSY; | |
5256 | ||
5257 | r = _manager_ref_uid(u->manager, uid, clean_ipc); | |
5258 | if (r < 0) | |
5259 | return r; | |
5260 | ||
5261 | *ref_uid = uid; | |
5262 | return 1; | |
5263 | } | |
5264 | ||
5265 | static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) { | |
5266 | return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid); | |
5267 | } | |
5268 | ||
5269 | static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) { | |
5270 | return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid); | |
5271 | } | |
5272 | ||
5273 | static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) { | |
5274 | int r = 0, q = 0; | |
5275 | ||
5276 | assert(u); | |
5277 | ||
5278 | /* Reference both a UID and a GID in one go. Either references both, or neither. */ | |
5279 | ||
5280 | if (uid_is_valid(uid)) { | |
5281 | r = unit_ref_uid(u, uid, clean_ipc); | |
5282 | if (r < 0) | |
5283 | return r; | |
5284 | } | |
5285 | ||
5286 | if (gid_is_valid(gid)) { | |
5287 | q = unit_ref_gid(u, gid, clean_ipc); | |
5288 | if (q < 0) { | |
5289 | if (r > 0) | |
5290 | unit_unref_uid(u, false); | |
5291 | ||
5292 | return q; | |
5293 | } | |
5294 | } | |
5295 | ||
5296 | return r > 0 || q > 0; | |
5297 | } | |
5298 | ||
5299 | int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) { | |
5300 | ExecContext *c; | |
5301 | int r; | |
5302 | ||
5303 | assert(u); | |
5304 | ||
5305 | c = unit_get_exec_context(u); | |
5306 | ||
5307 | r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false); | |
5308 | if (r < 0) | |
5309 | return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m"); | |
5310 | ||
5311 | unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_USER, uid); | |
5312 | unit_modify_user_nft_set(u, /* add = */ true, NFT_SET_SOURCE_GROUP, gid); | |
5313 | ||
5314 | return r; | |
5315 | } | |
5316 | ||
5317 | void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) { | |
5318 | int r; | |
5319 | ||
5320 | assert(u); | |
5321 | ||
5322 | /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names | |
5323 | * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC | |
5324 | * objects when no service references the UID/GID anymore. */ | |
5325 | ||
5326 | r = unit_ref_uid_gid(u, uid, gid); | |
5327 | if (r > 0) | |
5328 | unit_add_to_dbus_queue(u); | |
5329 | } | |
5330 | ||
5331 | int unit_acquire_invocation_id(Unit *u) { | |
5332 | sd_id128_t id; | |
5333 | int r; | |
5334 | ||
5335 | assert(u); | |
5336 | ||
5337 | r = sd_id128_randomize(&id); | |
5338 | if (r < 0) | |
5339 | return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m"); | |
5340 | ||
5341 | r = unit_set_invocation_id(u, id); | |
5342 | if (r < 0) | |
5343 | return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m"); | |
5344 | ||
5345 | unit_add_to_dbus_queue(u); | |
5346 | return 0; | |
5347 | } | |
5348 | ||
5349 | int unit_set_exec_params(Unit *u, ExecParameters *p) { | |
5350 | int r; | |
5351 | ||
5352 | assert(u); | |
5353 | assert(p); | |
5354 | ||
5355 | /* Copy parameters from manager */ | |
5356 | r = manager_get_effective_environment(u->manager, &p->environment); | |
5357 | if (r < 0) | |
5358 | return r; | |
5359 | ||
5360 | p->runtime_scope = u->manager->runtime_scope; | |
5361 | ||
5362 | r = strdup_to(&p->confirm_spawn, manager_get_confirm_spawn(u->manager)); | |
5363 | if (r < 0) | |
5364 | return r; | |
5365 | ||
5366 | p->cgroup_supported = u->manager->cgroup_supported; | |
5367 | p->prefix = u->manager->prefix; | |
5368 | SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager)); | |
5369 | ||
5370 | /* Copy parameters from unit */ | |
5371 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
5372 | p->cgroup_path = crt ? crt->cgroup_path : NULL; | |
5373 | SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u)); | |
5374 | ||
5375 | p->received_credentials_directory = u->manager->received_credentials_directory; | |
5376 | p->received_encrypted_credentials_directory = u->manager->received_encrypted_credentials_directory; | |
5377 | ||
5378 | p->shall_confirm_spawn = u->manager->confirm_spawn; | |
5379 | ||
5380 | p->fallback_smack_process_label = u->manager->defaults.smack_process_label; | |
5381 | ||
5382 | if (u->manager->restrict_fs && p->bpf_restrict_fs_map_fd < 0) { | |
5383 | int fd = bpf_restrict_fs_map_fd(u); | |
5384 | if (fd < 0) | |
5385 | return fd; | |
5386 | ||
5387 | p->bpf_restrict_fs_map_fd = fd; | |
5388 | } | |
5389 | ||
5390 | p->user_lookup_fd = u->manager->user_lookup_fds[1]; | |
5391 | p->handoff_timestamp_fd = u->manager->handoff_timestamp_fds[1]; | |
5392 | ||
5393 | p->cgroup_id = crt ? crt->cgroup_id : 0; | |
5394 | p->invocation_id = u->invocation_id; | |
5395 | sd_id128_to_string(p->invocation_id, p->invocation_id_string); | |
5396 | p->unit_id = strdup(u->id); | |
5397 | if (!p->unit_id) | |
5398 | return -ENOMEM; | |
5399 | ||
5400 | return 0; | |
5401 | } | |
5402 | ||
5403 | int unit_fork_helper_process(Unit *u, const char *name, PidRef *ret) { | |
5404 | pid_t pid; | |
5405 | int r; | |
5406 | ||
5407 | assert(u); | |
5408 | assert(ret); | |
5409 | ||
5410 | /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child, | |
5411 | * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */ | |
5412 | ||
5413 | (void) unit_realize_cgroup(u); | |
5414 | ||
5415 | CGroupRuntime *crt = unit_setup_cgroup_runtime(u); | |
5416 | if (!crt) | |
5417 | return -ENOMEM; | |
5418 | ||
5419 | r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid); | |
5420 | if (r < 0) | |
5421 | return r; | |
5422 | if (r > 0) { | |
5423 | _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL; | |
5424 | int q; | |
5425 | ||
5426 | /* Parent */ | |
5427 | ||
5428 | q = pidref_set_pid(&pidref, pid); | |
5429 | if (q < 0) | |
5430 | return q; | |
5431 | ||
5432 | *ret = TAKE_PIDREF(pidref); | |
5433 | return r; | |
5434 | } | |
5435 | ||
5436 | /* Child */ | |
5437 | ||
5438 | (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE); | |
5439 | (void) ignore_signals(SIGPIPE); | |
5440 | ||
5441 | if (crt->cgroup_path) { | |
5442 | r = cg_attach_everywhere(u->manager->cgroup_supported, crt->cgroup_path, 0, NULL, NULL); | |
5443 | if (r < 0) { | |
5444 | log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", empty_to_root(crt->cgroup_path)); | |
5445 | _exit(EXIT_CGROUP); | |
5446 | } | |
5447 | } | |
5448 | ||
5449 | return 0; | |
5450 | } | |
5451 | ||
5452 | int unit_fork_and_watch_rm_rf(Unit *u, char **paths, PidRef *ret_pid) { | |
5453 | _cleanup_(pidref_done) PidRef pid = PIDREF_NULL; | |
5454 | int r; | |
5455 | ||
5456 | assert(u); | |
5457 | assert(ret_pid); | |
5458 | ||
5459 | r = unit_fork_helper_process(u, "(sd-rmrf)", &pid); | |
5460 | if (r < 0) | |
5461 | return r; | |
5462 | if (r == 0) { | |
5463 | int ret = EXIT_SUCCESS; | |
5464 | ||
5465 | STRV_FOREACH(i, paths) { | |
5466 | r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK); | |
5467 | if (r < 0) { | |
5468 | log_error_errno(r, "Failed to remove '%s': %m", *i); | |
5469 | ret = EXIT_FAILURE; | |
5470 | } | |
5471 | } | |
5472 | ||
5473 | _exit(ret); | |
5474 | } | |
5475 | ||
5476 | r = unit_watch_pidref(u, &pid, /* exclusive= */ true); | |
5477 | if (r < 0) | |
5478 | return r; | |
5479 | ||
5480 | *ret_pid = TAKE_PIDREF(pid); | |
5481 | return 0; | |
5482 | } | |
5483 | ||
5484 | static void unit_update_dependency_mask(Hashmap *deps, Unit *other, UnitDependencyInfo di) { | |
5485 | assert(deps); | |
5486 | assert(other); | |
5487 | ||
5488 | if (di.origin_mask == 0 && di.destination_mask == 0) | |
5489 | /* No bit set anymore, let's drop the whole entry */ | |
5490 | assert_se(hashmap_remove(deps, other)); | |
5491 | else | |
5492 | /* Mask was reduced, let's update the entry */ | |
5493 | assert_se(hashmap_update(deps, other, di.data) == 0); | |
5494 | } | |
5495 | ||
5496 | void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) { | |
5497 | Hashmap *deps; | |
5498 | assert(u); | |
5499 | ||
5500 | /* Removes all dependencies u has on other units marked for ownership by 'mask'. */ | |
5501 | ||
5502 | if (mask == 0) | |
5503 | return; | |
5504 | ||
5505 | HASHMAP_FOREACH(deps, u->dependencies) { | |
5506 | bool done; | |
5507 | ||
5508 | do { | |
5509 | UnitDependencyInfo di; | |
5510 | Unit *other; | |
5511 | ||
5512 | done = true; | |
5513 | ||
5514 | HASHMAP_FOREACH_KEY(di.data, other, deps) { | |
5515 | Hashmap *other_deps; | |
5516 | ||
5517 | if (FLAGS_SET(~mask, di.origin_mask)) | |
5518 | continue; | |
5519 | ||
5520 | di.origin_mask &= ~mask; | |
5521 | unit_update_dependency_mask(deps, other, di); | |
5522 | ||
5523 | /* We updated the dependency from our unit to the other unit now. But most | |
5524 | * dependencies imply a reverse dependency. Hence, let's delete that one | |
5525 | * too. For that we go through all dependency types on the other unit and | |
5526 | * delete all those which point to us and have the right mask set. */ | |
5527 | ||
5528 | HASHMAP_FOREACH(other_deps, other->dependencies) { | |
5529 | UnitDependencyInfo dj; | |
5530 | ||
5531 | dj.data = hashmap_get(other_deps, u); | |
5532 | if (FLAGS_SET(~mask, dj.destination_mask)) | |
5533 | continue; | |
5534 | ||
5535 | dj.destination_mask &= ~mask; | |
5536 | unit_update_dependency_mask(other_deps, u, dj); | |
5537 | } | |
5538 | ||
5539 | unit_add_to_gc_queue(other); | |
5540 | ||
5541 | /* The unit 'other' may not be wanted by the unit 'u'. */ | |
5542 | unit_submit_to_stop_when_unneeded_queue(other); | |
5543 | ||
5544 | done = false; | |
5545 | break; | |
5546 | } | |
5547 | ||
5548 | } while (!done); | |
5549 | } | |
5550 | } | |
5551 | ||
5552 | static int unit_get_invocation_path(Unit *u, char **ret) { | |
5553 | char *p; | |
5554 | int r; | |
5555 | ||
5556 | assert(u); | |
5557 | assert(ret); | |
5558 | ||
5559 | if (MANAGER_IS_SYSTEM(u->manager)) | |
5560 | p = strjoin("/run/systemd/units/invocation:", u->id); | |
5561 | else { | |
5562 | _cleanup_free_ char *user_path = NULL; | |
5563 | r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:"); | |
5564 | if (r < 0) | |
5565 | return r; | |
5566 | p = strjoin(user_path, u->id); | |
5567 | } | |
5568 | ||
5569 | if (!p) | |
5570 | return -ENOMEM; | |
5571 | ||
5572 | *ret = p; | |
5573 | return 0; | |
5574 | } | |
5575 | ||
5576 | static int unit_export_invocation_id(Unit *u) { | |
5577 | _cleanup_free_ char *p = NULL; | |
5578 | int r; | |
5579 | ||
5580 | assert(u); | |
5581 | ||
5582 | if (u->exported_invocation_id) | |
5583 | return 0; | |
5584 | ||
5585 | if (sd_id128_is_null(u->invocation_id)) | |
5586 | return 0; | |
5587 | ||
5588 | r = unit_get_invocation_path(u, &p); | |
5589 | if (r < 0) | |
5590 | return log_unit_debug_errno(u, r, "Failed to get invocation path: %m"); | |
5591 | ||
5592 | r = symlink_atomic_label(u->invocation_id_string, p); | |
5593 | if (r < 0) | |
5594 | return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p); | |
5595 | ||
5596 | u->exported_invocation_id = true; | |
5597 | return 0; | |
5598 | } | |
5599 | ||
5600 | static int unit_export_log_level_max(Unit *u, const ExecContext *c) { | |
5601 | const char *p; | |
5602 | char buf[2]; | |
5603 | int r; | |
5604 | ||
5605 | assert(u); | |
5606 | assert(c); | |
5607 | ||
5608 | if (u->exported_log_level_max) | |
5609 | return 0; | |
5610 | ||
5611 | if (c->log_level_max < 0) | |
5612 | return 0; | |
5613 | ||
5614 | assert(c->log_level_max <= 7); | |
5615 | ||
5616 | buf[0] = '0' + c->log_level_max; | |
5617 | buf[1] = 0; | |
5618 | ||
5619 | p = strjoina("/run/systemd/units/log-level-max:", u->id); | |
5620 | r = symlink_atomic(buf, p); | |
5621 | if (r < 0) | |
5622 | return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p); | |
5623 | ||
5624 | u->exported_log_level_max = true; | |
5625 | return 0; | |
5626 | } | |
5627 | ||
5628 | static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) { | |
5629 | _cleanup_close_ int fd = -EBADF; | |
5630 | struct iovec *iovec; | |
5631 | const char *p; | |
5632 | char *pattern; | |
5633 | le64_t *sizes; | |
5634 | ssize_t n; | |
5635 | int r; | |
5636 | ||
5637 | if (u->exported_log_extra_fields) | |
5638 | return 0; | |
5639 | ||
5640 | if (c->n_log_extra_fields <= 0) | |
5641 | return 0; | |
5642 | ||
5643 | sizes = newa(le64_t, c->n_log_extra_fields); | |
5644 | iovec = newa(struct iovec, c->n_log_extra_fields * 2); | |
5645 | ||
5646 | for (size_t i = 0; i < c->n_log_extra_fields; i++) { | |
5647 | sizes[i] = htole64(c->log_extra_fields[i].iov_len); | |
5648 | ||
5649 | iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t)); | |
5650 | iovec[i*2+1] = c->log_extra_fields[i]; | |
5651 | } | |
5652 | ||
5653 | p = strjoina("/run/systemd/units/log-extra-fields:", u->id); | |
5654 | pattern = strjoina(p, ".XXXXXX"); | |
5655 | ||
5656 | fd = mkostemp_safe(pattern); | |
5657 | if (fd < 0) | |
5658 | return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p); | |
5659 | ||
5660 | n = writev(fd, iovec, c->n_log_extra_fields*2); | |
5661 | if (n < 0) { | |
5662 | r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m"); | |
5663 | goto fail; | |
5664 | } | |
5665 | ||
5666 | (void) fchmod(fd, 0644); | |
5667 | ||
5668 | if (rename(pattern, p) < 0) { | |
5669 | r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m"); | |
5670 | goto fail; | |
5671 | } | |
5672 | ||
5673 | u->exported_log_extra_fields = true; | |
5674 | return 0; | |
5675 | ||
5676 | fail: | |
5677 | (void) unlink(pattern); | |
5678 | return r; | |
5679 | } | |
5680 | ||
5681 | static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) { | |
5682 | _cleanup_free_ char *buf = NULL; | |
5683 | const char *p; | |
5684 | int r; | |
5685 | ||
5686 | assert(u); | |
5687 | assert(c); | |
5688 | ||
5689 | if (u->exported_log_ratelimit_interval) | |
5690 | return 0; | |
5691 | ||
5692 | if (c->log_ratelimit_interval_usec == 0) | |
5693 | return 0; | |
5694 | ||
5695 | p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id); | |
5696 | ||
5697 | if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0) | |
5698 | return log_oom(); | |
5699 | ||
5700 | r = symlink_atomic(buf, p); | |
5701 | if (r < 0) | |
5702 | return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p); | |
5703 | ||
5704 | u->exported_log_ratelimit_interval = true; | |
5705 | return 0; | |
5706 | } | |
5707 | ||
5708 | static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) { | |
5709 | _cleanup_free_ char *buf = NULL; | |
5710 | const char *p; | |
5711 | int r; | |
5712 | ||
5713 | assert(u); | |
5714 | assert(c); | |
5715 | ||
5716 | if (u->exported_log_ratelimit_burst) | |
5717 | return 0; | |
5718 | ||
5719 | if (c->log_ratelimit_burst == 0) | |
5720 | return 0; | |
5721 | ||
5722 | p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id); | |
5723 | ||
5724 | if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0) | |
5725 | return log_oom(); | |
5726 | ||
5727 | r = symlink_atomic(buf, p); | |
5728 | if (r < 0) | |
5729 | return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p); | |
5730 | ||
5731 | u->exported_log_ratelimit_burst = true; | |
5732 | return 0; | |
5733 | } | |
5734 | ||
5735 | void unit_export_state_files(Unit *u) { | |
5736 | const ExecContext *c; | |
5737 | ||
5738 | assert(u); | |
5739 | ||
5740 | if (!u->id) | |
5741 | return; | |
5742 | ||
5743 | if (MANAGER_IS_TEST_RUN(u->manager)) | |
5744 | return; | |
5745 | ||
5746 | /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data | |
5747 | * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as | |
5748 | * the IPC system itself and PID 1 also log to the journal. | |
5749 | * | |
5750 | * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as | |
5751 | * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really | |
5752 | * apply to communication between the journal and systemd, as we assume that these two daemons live in the same | |
5753 | * namespace at least. | |
5754 | * | |
5755 | * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work | |
5756 | * better for storing small bits of data, in particular as we can write them with two system calls, and read | |
5757 | * them with one. */ | |
5758 | ||
5759 | (void) unit_export_invocation_id(u); | |
5760 | ||
5761 | if (!MANAGER_IS_SYSTEM(u->manager)) | |
5762 | return; | |
5763 | ||
5764 | c = unit_get_exec_context(u); | |
5765 | if (c) { | |
5766 | (void) unit_export_log_level_max(u, c); | |
5767 | (void) unit_export_log_extra_fields(u, c); | |
5768 | (void) unit_export_log_ratelimit_interval(u, c); | |
5769 | (void) unit_export_log_ratelimit_burst(u, c); | |
5770 | } | |
5771 | } | |
5772 | ||
5773 | void unit_unlink_state_files(Unit *u) { | |
5774 | const char *p; | |
5775 | ||
5776 | assert(u); | |
5777 | ||
5778 | if (!u->id) | |
5779 | return; | |
5780 | ||
5781 | /* Undoes the effect of unit_export_state() */ | |
5782 | ||
5783 | if (u->exported_invocation_id) { | |
5784 | _cleanup_free_ char *invocation_path = NULL; | |
5785 | int r = unit_get_invocation_path(u, &invocation_path); | |
5786 | if (r >= 0) { | |
5787 | (void) unlink(invocation_path); | |
5788 | u->exported_invocation_id = false; | |
5789 | } | |
5790 | } | |
5791 | ||
5792 | if (!MANAGER_IS_SYSTEM(u->manager)) | |
5793 | return; | |
5794 | ||
5795 | if (u->exported_log_level_max) { | |
5796 | p = strjoina("/run/systemd/units/log-level-max:", u->id); | |
5797 | (void) unlink(p); | |
5798 | ||
5799 | u->exported_log_level_max = false; | |
5800 | } | |
5801 | ||
5802 | if (u->exported_log_extra_fields) { | |
5803 | p = strjoina("/run/systemd/units/extra-fields:", u->id); | |
5804 | (void) unlink(p); | |
5805 | ||
5806 | u->exported_log_extra_fields = false; | |
5807 | } | |
5808 | ||
5809 | if (u->exported_log_ratelimit_interval) { | |
5810 | p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id); | |
5811 | (void) unlink(p); | |
5812 | ||
5813 | u->exported_log_ratelimit_interval = false; | |
5814 | } | |
5815 | ||
5816 | if (u->exported_log_ratelimit_burst) { | |
5817 | p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id); | |
5818 | (void) unlink(p); | |
5819 | ||
5820 | u->exported_log_ratelimit_burst = false; | |
5821 | } | |
5822 | } | |
5823 | ||
5824 | int unit_prepare_exec(Unit *u) { | |
5825 | int r; | |
5826 | ||
5827 | assert(u); | |
5828 | ||
5829 | /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable. | |
5830 | * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */ | |
5831 | r = bpf_firewall_load_custom(u); | |
5832 | if (r < 0) | |
5833 | return r; | |
5834 | ||
5835 | /* Prepares everything so that we can fork of a process for this unit */ | |
5836 | ||
5837 | (void) unit_realize_cgroup(u); | |
5838 | ||
5839 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
5840 | if (crt && crt->reset_accounting) { | |
5841 | (void) unit_reset_accounting(u); | |
5842 | crt->reset_accounting = false; | |
5843 | } | |
5844 | ||
5845 | unit_export_state_files(u); | |
5846 | ||
5847 | r = unit_setup_exec_runtime(u); | |
5848 | if (r < 0) | |
5849 | return r; | |
5850 | ||
5851 | return 0; | |
5852 | } | |
5853 | ||
5854 | static bool ignore_leftover_process(const char *comm) { | |
5855 | return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */ | |
5856 | } | |
5857 | ||
5858 | int unit_log_leftover_process_start(const PidRef *pid, int sig, void *userdata) { | |
5859 | _cleanup_free_ char *comm = NULL; | |
5860 | ||
5861 | assert(pidref_is_set(pid)); | |
5862 | ||
5863 | (void) pidref_get_comm(pid, &comm); | |
5864 | ||
5865 | if (ignore_leftover_process(comm)) | |
5866 | return 0; | |
5867 | ||
5868 | /* During start we print a warning */ | |
5869 | ||
5870 | log_unit_warning(userdata, | |
5871 | "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n" | |
5872 | "This usually indicates unclean termination of a previous run, or service implementation deficiencies.", | |
5873 | pid->pid, strna(comm)); | |
5874 | ||
5875 | return 1; | |
5876 | } | |
5877 | ||
5878 | int unit_log_leftover_process_stop(const PidRef *pid, int sig, void *userdata) { | |
5879 | _cleanup_free_ char *comm = NULL; | |
5880 | ||
5881 | assert(pidref_is_set(pid)); | |
5882 | ||
5883 | (void) pidref_get_comm(pid, &comm); | |
5884 | ||
5885 | if (ignore_leftover_process(comm)) | |
5886 | return 0; | |
5887 | ||
5888 | /* During stop we only print an informational message */ | |
5889 | ||
5890 | log_unit_info(userdata, | |
5891 | "Unit process " PID_FMT " (%s) remains running after unit stopped.", | |
5892 | pid->pid, strna(comm)); | |
5893 | ||
5894 | return 1; | |
5895 | } | |
5896 | ||
5897 | int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) { | |
5898 | assert(u); | |
5899 | ||
5900 | (void) unit_pick_cgroup_path(u); | |
5901 | ||
5902 | CGroupRuntime *crt = unit_get_cgroup_runtime(u); | |
5903 | ||
5904 | if (!crt || !crt->cgroup_path) | |
5905 | return 0; | |
5906 | ||
5907 | return cg_kill_recursive( | |
5908 | crt->cgroup_path, | |
5909 | /* sig= */ 0, | |
5910 | /* flags= */ 0, | |
5911 | /* set= */ NULL, | |
5912 | log_func, | |
5913 | u); | |
5914 | } | |
5915 | ||
5916 | bool unit_needs_console(Unit *u) { | |
5917 | ExecContext *ec; | |
5918 | UnitActiveState state; | |
5919 | ||
5920 | assert(u); | |
5921 | ||
5922 | state = unit_active_state(u); | |
5923 | ||
5924 | if (UNIT_IS_INACTIVE_OR_FAILED(state)) | |
5925 | return false; | |
5926 | ||
5927 | if (UNIT_VTABLE(u)->needs_console) | |
5928 | return UNIT_VTABLE(u)->needs_console(u); | |
5929 | ||
5930 | /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */ | |
5931 | ec = unit_get_exec_context(u); | |
5932 | if (!ec) | |
5933 | return false; | |
5934 | ||
5935 | return exec_context_may_touch_console(ec); | |
5936 | } | |
5937 | ||
5938 | int unit_pid_attachable(Unit *u, const PidRef *pid, sd_bus_error *error) { | |
5939 | int r; | |
5940 | ||
5941 | assert(u); | |
5942 | ||
5943 | /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself, | |
5944 | * and not a kernel thread either */ | |
5945 | ||
5946 | /* First, a simple range check */ | |
5947 | if (!pidref_is_set(pid)) | |
5948 | return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier is not valid."); | |
5949 | ||
5950 | /* Some extra safety check */ | |
5951 | if (pid->pid == 1 || pidref_is_self(pid)) | |
5952 | return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid->pid); | |
5953 | ||
5954 | /* Don't even begin to bother with kernel threads */ | |
5955 | r = pidref_is_kernel_thread(pid); | |
5956 | if (r == -ESRCH) | |
5957 | return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid->pid); | |
5958 | if (r < 0) | |
5959 | return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid->pid); | |
5960 | if (r > 0) | |
5961 | return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid->pid); | |
5962 | ||
5963 | return 0; | |
5964 | } | |
5965 | ||
5966 | void unit_log_success(Unit *u) { | |
5967 | assert(u); | |
5968 | ||
5969 | /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode. | |
5970 | * This message has low information value for regular users and it might be a bit overwhelming on a system with | |
5971 | * a lot of devices. */ | |
5972 | log_unit_struct(u, | |
5973 | MANAGER_IS_USER(u->manager) ? LOG_DEBUG : LOG_INFO, | |
5974 | "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR, | |
5975 | LOG_UNIT_INVOCATION_ID(u), | |
5976 | LOG_UNIT_MESSAGE(u, "Deactivated successfully.")); | |
5977 | } | |
5978 | ||
5979 | void unit_log_failure(Unit *u, const char *result) { | |
5980 | assert(u); | |
5981 | assert(result); | |
5982 | ||
5983 | log_unit_struct(u, LOG_WARNING, | |
5984 | "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR, | |
5985 | LOG_UNIT_INVOCATION_ID(u), | |
5986 | LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result), | |
5987 | "UNIT_RESULT=%s", result); | |
5988 | } | |
5989 | ||
5990 | void unit_log_skip(Unit *u, const char *result) { | |
5991 | assert(u); | |
5992 | assert(result); | |
5993 | ||
5994 | log_unit_struct(u, LOG_INFO, | |
5995 | "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR, | |
5996 | LOG_UNIT_INVOCATION_ID(u), | |
5997 | LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result), | |
5998 | "UNIT_RESULT=%s", result); | |
5999 | } | |
6000 | ||
6001 | void unit_log_process_exit( | |
6002 | Unit *u, | |
6003 | const char *kind, | |
6004 | const char *command, | |
6005 | bool success, | |
6006 | int code, | |
6007 | int status) { | |
6008 | ||
6009 | int level; | |
6010 | ||
6011 | assert(u); | |
6012 | assert(kind); | |
6013 | ||
6014 | /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure | |
6015 | * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption | |
6016 | * that the service already logged the reason at a higher log level on its own. Otherwise, make it a | |
6017 | * WARNING. */ | |
6018 | if (success) | |
6019 | level = LOG_DEBUG; | |
6020 | else if (code == CLD_EXITED) | |
6021 | level = LOG_NOTICE; | |
6022 | else | |
6023 | level = LOG_WARNING; | |
6024 | ||
6025 | log_unit_struct(u, level, | |
6026 | "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR, | |
6027 | LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s%s", | |
6028 | kind, | |
6029 | sigchld_code_to_string(code), status, | |
6030 | strna(code == CLD_EXITED | |
6031 | ? exit_status_to_string(status, EXIT_STATUS_FULL) | |
6032 | : signal_to_string(status)), | |
6033 | success ? " (success)" : ""), | |
6034 | "EXIT_CODE=%s", sigchld_code_to_string(code), | |
6035 | "EXIT_STATUS=%i", status, | |
6036 | "COMMAND=%s", strna(command), | |
6037 | LOG_UNIT_INVOCATION_ID(u)); | |
6038 | } | |
6039 | ||
6040 | int unit_exit_status(Unit *u) { | |
6041 | assert(u); | |
6042 | ||
6043 | /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range | |
6044 | * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA | |
6045 | * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main | |
6046 | * service process has exited abnormally (signal/coredump). */ | |
6047 | ||
6048 | if (!UNIT_VTABLE(u)->exit_status) | |
6049 | return -EOPNOTSUPP; | |
6050 | ||
6051 | return UNIT_VTABLE(u)->exit_status(u); | |
6052 | } | |
6053 | ||
6054 | int unit_failure_action_exit_status(Unit *u) { | |
6055 | int r; | |
6056 | ||
6057 | assert(u); | |
6058 | ||
6059 | /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */ | |
6060 | ||
6061 | if (u->failure_action_exit_status >= 0) | |
6062 | return u->failure_action_exit_status; | |
6063 | ||
6064 | r = unit_exit_status(u); | |
6065 | if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */ | |
6066 | return 255; | |
6067 | ||
6068 | return r; | |
6069 | } | |
6070 | ||
6071 | int unit_success_action_exit_status(Unit *u) { | |
6072 | int r; | |
6073 | ||
6074 | assert(u); | |
6075 | ||
6076 | /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */ | |
6077 | ||
6078 | if (u->success_action_exit_status >= 0) | |
6079 | return u->success_action_exit_status; | |
6080 | ||
6081 | r = unit_exit_status(u); | |
6082 | if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */ | |
6083 | return 255; | |
6084 | ||
6085 | return r; | |
6086 | } | |
6087 | ||
6088 | int unit_test_trigger_loaded(Unit *u) { | |
6089 | Unit *trigger; | |
6090 | ||
6091 | /* Tests whether the unit to trigger is loaded */ | |
6092 | ||
6093 | trigger = UNIT_TRIGGER(u); | |
6094 | if (!trigger) | |
6095 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT), | |
6096 | "Refusing to start, no unit to trigger."); | |
6097 | if (trigger->load_state != UNIT_LOADED) | |
6098 | return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT), | |
6099 | "Refusing to start, unit %s to trigger not loaded.", trigger->id); | |
6100 | ||
6101 | return 0; | |
6102 | } | |
6103 | ||
6104 | void unit_destroy_runtime_data(Unit *u, const ExecContext *context) { | |
6105 | assert(u); | |
6106 | assert(context); | |
6107 | ||
6108 | /* EXEC_PRESERVE_RESTART is handled via unit_release_resources()! */ | |
6109 | if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO) | |
6110 | exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]); | |
6111 | ||
6112 | exec_context_destroy_credentials(u); | |
6113 | exec_context_destroy_mount_ns_dir(u); | |
6114 | } | |
6115 | ||
6116 | int unit_clean(Unit *u, ExecCleanMask mask) { | |
6117 | UnitActiveState state; | |
6118 | ||
6119 | assert(u); | |
6120 | ||
6121 | /* Special return values: | |
6122 | * | |
6123 | * -EOPNOTSUPP → cleaning not supported for this unit type | |
6124 | * -EUNATCH → cleaning not defined for this resource type | |
6125 | * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has | |
6126 | * a job queued or similar | |
6127 | */ | |
6128 | ||
6129 | if (!UNIT_VTABLE(u)->clean) | |
6130 | return -EOPNOTSUPP; | |
6131 | ||
6132 | if (mask == 0) | |
6133 | return -EUNATCH; | |
6134 | ||
6135 | if (u->load_state != UNIT_LOADED) | |
6136 | return -EBUSY; | |
6137 | ||
6138 | if (u->job) | |
6139 | return -EBUSY; | |
6140 | ||
6141 | state = unit_active_state(u); | |
6142 | if (state != UNIT_INACTIVE) | |
6143 | return -EBUSY; | |
6144 | ||
6145 | return UNIT_VTABLE(u)->clean(u, mask); | |
6146 | } | |
6147 | ||
6148 | int unit_can_clean(Unit *u, ExecCleanMask *ret) { | |
6149 | assert(u); | |
6150 | ||
6151 | if (!UNIT_VTABLE(u)->clean || | |
6152 | u->load_state != UNIT_LOADED) { | |
6153 | *ret = 0; | |
6154 | return 0; | |
6155 | } | |
6156 | ||
6157 | /* When the clean() method is set, can_clean() really should be set too */ | |
6158 | assert(UNIT_VTABLE(u)->can_clean); | |
6159 | ||
6160 | return UNIT_VTABLE(u)->can_clean(u, ret); | |
6161 | } | |
6162 | ||
6163 | bool unit_can_start_refuse_manual(Unit *u) { | |
6164 | return unit_can_start(u) && !u->refuse_manual_start; | |
6165 | } | |
6166 | ||
6167 | bool unit_can_stop_refuse_manual(Unit *u) { | |
6168 | return unit_can_stop(u) && !u->refuse_manual_stop; | |
6169 | } | |
6170 | ||
6171 | bool unit_can_isolate_refuse_manual(Unit *u) { | |
6172 | return unit_can_isolate(u) && !u->refuse_manual_start; | |
6173 | } | |
6174 | ||
6175 | void unit_next_freezer_state(Unit *u, FreezerAction action, FreezerState *ret, FreezerState *ret_target) { | |
6176 | Unit *slice; | |
6177 | FreezerState curr, parent, next, tgt; | |
6178 | ||
6179 | assert(u); | |
6180 | assert(IN_SET(action, FREEZER_FREEZE, FREEZER_PARENT_FREEZE, | |
6181 | FREEZER_THAW, FREEZER_PARENT_THAW)); | |
6182 | assert(ret); | |
6183 | assert(ret_target); | |
6184 | ||
6185 | /* This function determines the correct freezer state transitions for a unit | |
6186 | * given the action being requested. It returns the next state, and also the "target", | |
6187 | * which is either FREEZER_FROZEN or FREEZER_RUNNING, depending on what actual state we | |
6188 | * ultimately want to achieve. */ | |
6189 | ||
6190 | curr = u->freezer_state; | |
6191 | slice = UNIT_GET_SLICE(u); | |
6192 | if (slice) | |
6193 | parent = slice->freezer_state; | |
6194 | else | |
6195 | parent = FREEZER_RUNNING; | |
6196 | ||
6197 | if (action == FREEZER_FREEZE) { | |
6198 | /* We always "promote" a freeze initiated by parent into a normal freeze */ | |
6199 | if (IN_SET(curr, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT)) | |
6200 | next = FREEZER_FROZEN; | |
6201 | else | |
6202 | next = FREEZER_FREEZING; | |
6203 | } else if (action == FREEZER_THAW) { | |
6204 | /* Thawing is the most complicated operation here, because we can't thaw a unit | |
6205 | * if its parent is frozen. So we instead "demote" a normal freeze into a freeze | |
6206 | * initiated by parent if the parent is frozen */ | |
6207 | if (IN_SET(curr, FREEZER_RUNNING, FREEZER_THAWING, FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT)) | |
6208 | next = curr; | |
6209 | else if (curr == FREEZER_FREEZING) { | |
6210 | if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING)) | |
6211 | next = FREEZER_THAWING; | |
6212 | else | |
6213 | next = FREEZER_FREEZING_BY_PARENT; | |
6214 | } else { | |
6215 | assert(curr == FREEZER_FROZEN); | |
6216 | if (IN_SET(parent, FREEZER_RUNNING, FREEZER_THAWING)) | |
6217 | next = FREEZER_THAWING; | |
6218 | else | |
6219 | next = FREEZER_FROZEN_BY_PARENT; | |
6220 | } | |
6221 | } else if (action == FREEZER_PARENT_FREEZE) { | |
6222 | /* We need to avoid accidentally demoting units frozen manually */ | |
6223 | if (IN_SET(curr, FREEZER_FREEZING, FREEZER_FROZEN, FREEZER_FROZEN_BY_PARENT)) | |
6224 | next = curr; | |
6225 | else | |
6226 | next = FREEZER_FREEZING_BY_PARENT; | |
6227 | } else { | |
6228 | assert(action == FREEZER_PARENT_THAW); | |
6229 | ||
6230 | /* We don't want to thaw units from a parent if they were frozen | |
6231 | * manually, so for such units this action is a no-op */ | |
6232 | if (IN_SET(curr, FREEZER_RUNNING, FREEZER_FREEZING, FREEZER_FROZEN)) | |
6233 | next = curr; | |
6234 | else | |
6235 | next = FREEZER_THAWING; | |
6236 | } | |
6237 | ||
6238 | tgt = freezer_state_finish(next); | |
6239 | if (tgt == FREEZER_FROZEN_BY_PARENT) | |
6240 | tgt = FREEZER_FROZEN; | |
6241 | assert(IN_SET(tgt, FREEZER_RUNNING, FREEZER_FROZEN)); | |
6242 | ||
6243 | *ret = next; | |
6244 | *ret_target = tgt; | |
6245 | } | |
6246 | ||
6247 | bool unit_can_freeze(Unit *u) { | |
6248 | assert(u); | |
6249 | ||
6250 | if (unit_has_name(u, SPECIAL_ROOT_SLICE) || unit_has_name(u, SPECIAL_INIT_SCOPE)) | |
6251 | return false; | |
6252 | ||
6253 | if (UNIT_VTABLE(u)->can_freeze) | |
6254 | return UNIT_VTABLE(u)->can_freeze(u); | |
6255 | ||
6256 | return UNIT_VTABLE(u)->freezer_action; | |
6257 | } | |
6258 | ||
6259 | void unit_frozen(Unit *u) { | |
6260 | assert(u); | |
6261 | ||
6262 | u->freezer_state = u->freezer_state == FREEZER_FREEZING_BY_PARENT | |
6263 | ? FREEZER_FROZEN_BY_PARENT | |
6264 | : FREEZER_FROZEN; | |
6265 | ||
6266 | log_unit_debug(u, "Unit now %s.", freezer_state_to_string(u->freezer_state)); | |
6267 | ||
6268 | bus_unit_send_pending_freezer_message(u, false); | |
6269 | } | |
6270 | ||
6271 | void unit_thawed(Unit *u) { | |
6272 | assert(u); | |
6273 | ||
6274 | u->freezer_state = FREEZER_RUNNING; | |
6275 | ||
6276 | log_unit_debug(u, "Unit thawed."); | |
6277 | ||
6278 | bus_unit_send_pending_freezer_message(u, false); | |
6279 | } | |
6280 | ||
6281 | int unit_freezer_action(Unit *u, FreezerAction action) { | |
6282 | UnitActiveState s; | |
6283 | int r; | |
6284 | ||
6285 | assert(u); | |
6286 | assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW)); | |
6287 | ||
6288 | if (!cg_freezer_supported() || !unit_can_freeze(u)) | |
6289 | return -EOPNOTSUPP; | |
6290 | ||
6291 | if (u->job) | |
6292 | return -EBUSY; | |
6293 | ||
6294 | if (u->load_state != UNIT_LOADED) | |
6295 | return -EHOSTDOWN; | |
6296 | ||
6297 | s = unit_active_state(u); | |
6298 | if (s != UNIT_ACTIVE) | |
6299 | return -EHOSTDOWN; | |
6300 | ||
6301 | if (action == FREEZER_FREEZE && IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT)) | |
6302 | return -EALREADY; | |
6303 | if (action == FREEZER_THAW && u->freezer_state == FREEZER_THAWING) | |
6304 | return -EALREADY; | |
6305 | if (action == FREEZER_THAW && IN_SET(u->freezer_state, FREEZER_FREEZING_BY_PARENT, FREEZER_FROZEN_BY_PARENT)) | |
6306 | return -ECHILD; | |
6307 | ||
6308 | r = UNIT_VTABLE(u)->freezer_action(u, action); | |
6309 | if (r <= 0) | |
6310 | return r; | |
6311 | ||
6312 | assert(IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_FREEZING_BY_PARENT, FREEZER_THAWING)); | |
6313 | return 1; | |
6314 | } | |
6315 | ||
6316 | Condition *unit_find_failed_condition(Unit *u) { | |
6317 | Condition *failed_trigger = NULL; | |
6318 | bool has_succeeded_trigger = false; | |
6319 | ||
6320 | if (u->condition_result) | |
6321 | return NULL; | |
6322 | ||
6323 | LIST_FOREACH(conditions, c, u->conditions) | |
6324 | if (c->trigger) { | |
6325 | if (c->result == CONDITION_SUCCEEDED) | |
6326 | has_succeeded_trigger = true; | |
6327 | else if (!failed_trigger) | |
6328 | failed_trigger = c; | |
6329 | } else if (c->result != CONDITION_SUCCEEDED) | |
6330 | return c; | |
6331 | ||
6332 | return failed_trigger && !has_succeeded_trigger ? failed_trigger : NULL; | |
6333 | } | |
6334 | ||
6335 | static const char* const collect_mode_table[_COLLECT_MODE_MAX] = { | |
6336 | [COLLECT_INACTIVE] = "inactive", | |
6337 | [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed", | |
6338 | }; | |
6339 | ||
6340 | DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode); | |
6341 | ||
6342 | Unit* unit_has_dependency(const Unit *u, UnitDependencyAtom atom, Unit *other) { | |
6343 | Unit *i; | |
6344 | ||
6345 | assert(u); | |
6346 | ||
6347 | /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is | |
6348 | * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other' | |
6349 | * is NULL the first entry found), or NULL if not found. */ | |
6350 | ||
6351 | UNIT_FOREACH_DEPENDENCY(i, u, atom) | |
6352 | if (!other || other == i) | |
6353 | return i; | |
6354 | ||
6355 | return NULL; | |
6356 | } | |
6357 | ||
6358 | int unit_get_dependency_array(const Unit *u, UnitDependencyAtom atom, Unit ***ret_array) { | |
6359 | _cleanup_free_ Unit **array = NULL; | |
6360 | size_t n = 0; | |
6361 | Unit *other; | |
6362 | ||
6363 | assert(u); | |
6364 | assert(ret_array); | |
6365 | ||
6366 | /* Gets a list of units matching a specific atom as array. This is useful when iterating through | |
6367 | * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read | |
6368 | * while the dependency table is continuously updated. */ | |
6369 | ||
6370 | UNIT_FOREACH_DEPENDENCY(other, u, atom) { | |
6371 | if (!GREEDY_REALLOC(array, n + 1)) | |
6372 | return -ENOMEM; | |
6373 | ||
6374 | array[n++] = other; | |
6375 | } | |
6376 | ||
6377 | *ret_array = TAKE_PTR(array); | |
6378 | ||
6379 | assert(n <= INT_MAX); | |
6380 | return (int) n; | |
6381 | } | |
6382 | ||
6383 | int unit_get_transitive_dependency_set(Unit *u, UnitDependencyAtom atom, Set **ret) { | |
6384 | _cleanup_set_free_ Set *units = NULL, *queue = NULL; | |
6385 | Unit *other; | |
6386 | int r; | |
6387 | ||
6388 | assert(u); | |
6389 | assert(ret); | |
6390 | ||
6391 | /* Similar to unit_get_dependency_array(), but also search the same dependency in other units. */ | |
6392 | ||
6393 | do { | |
6394 | UNIT_FOREACH_DEPENDENCY(other, u, atom) { | |
6395 | r = set_ensure_put(&units, NULL, other); | |
6396 | if (r < 0) | |
6397 | return r; | |
6398 | if (r == 0) | |
6399 | continue; | |
6400 | r = set_ensure_put(&queue, NULL, other); | |
6401 | if (r < 0) | |
6402 | return r; | |
6403 | } | |
6404 | } while ((u = set_steal_first(queue))); | |
6405 | ||
6406 | *ret = TAKE_PTR(units); | |
6407 | return 0; | |
6408 | } | |
6409 | ||
6410 | int unit_arm_timer( | |
6411 | Unit *u, | |
6412 | sd_event_source **source, | |
6413 | bool relative, | |
6414 | usec_t usec, | |
6415 | sd_event_time_handler_t handler) { | |
6416 | ||
6417 | int r; | |
6418 | ||
6419 | assert(u); | |
6420 | assert(source); | |
6421 | assert(handler); | |
6422 | ||
6423 | if (*source) { | |
6424 | if (usec == USEC_INFINITY) | |
6425 | return sd_event_source_set_enabled(*source, SD_EVENT_OFF); | |
6426 | ||
6427 | r = (relative ? sd_event_source_set_time_relative : sd_event_source_set_time)(*source, usec); | |
6428 | if (r < 0) | |
6429 | return r; | |
6430 | ||
6431 | return sd_event_source_set_enabled(*source, SD_EVENT_ONESHOT); | |
6432 | } | |
6433 | ||
6434 | if (usec == USEC_INFINITY) | |
6435 | return 0; | |
6436 | ||
6437 | r = (relative ? sd_event_add_time_relative : sd_event_add_time)( | |
6438 | u->manager->event, | |
6439 | source, | |
6440 | CLOCK_MONOTONIC, | |
6441 | usec, 0, | |
6442 | handler, | |
6443 | u); | |
6444 | if (r < 0) | |
6445 | return r; | |
6446 | ||
6447 | const char *d = strjoina(unit_type_to_string(u->type), "-timer"); | |
6448 | (void) sd_event_source_set_description(*source, d); | |
6449 | ||
6450 | return 0; | |
6451 | } | |
6452 | ||
6453 | static int unit_get_nice(Unit *u) { | |
6454 | ExecContext *ec; | |
6455 | ||
6456 | ec = unit_get_exec_context(u); | |
6457 | return ec ? ec->nice : 0; | |
6458 | } | |
6459 | ||
6460 | static uint64_t unit_get_cpu_weight(Unit *u) { | |
6461 | CGroupContext *cc; | |
6462 | ||
6463 | cc = unit_get_cgroup_context(u); | |
6464 | return cc ? cgroup_context_cpu_weight(cc, manager_state(u->manager)) : CGROUP_WEIGHT_DEFAULT; | |
6465 | } | |
6466 | ||
6467 | int unit_compare_priority(Unit *a, Unit *b) { | |
6468 | int ret; | |
6469 | ||
6470 | ret = CMP(a->type, b->type); | |
6471 | if (ret != 0) | |
6472 | return -ret; | |
6473 | ||
6474 | ret = CMP(unit_get_cpu_weight(a), unit_get_cpu_weight(b)); | |
6475 | if (ret != 0) | |
6476 | return -ret; | |
6477 | ||
6478 | ret = CMP(unit_get_nice(a), unit_get_nice(b)); | |
6479 | if (ret != 0) | |
6480 | return ret; | |
6481 | ||
6482 | return strcmp(a->id, b->id); | |
6483 | } | |
6484 | ||
6485 | const ActivationDetailsVTable * const activation_details_vtable[_UNIT_TYPE_MAX] = { | |
6486 | [UNIT_PATH] = &activation_details_path_vtable, | |
6487 | [UNIT_TIMER] = &activation_details_timer_vtable, | |
6488 | }; | |
6489 | ||
6490 | ActivationDetails *activation_details_new(Unit *trigger_unit) { | |
6491 | _cleanup_free_ ActivationDetails *details = NULL; | |
6492 | ||
6493 | assert(trigger_unit); | |
6494 | assert(trigger_unit->type != _UNIT_TYPE_INVALID); | |
6495 | assert(trigger_unit->id); | |
6496 | ||
6497 | details = malloc0(activation_details_vtable[trigger_unit->type]->object_size); | |
6498 | if (!details) | |
6499 | return NULL; | |
6500 | ||
6501 | *details = (ActivationDetails) { | |
6502 | .n_ref = 1, | |
6503 | .trigger_unit_type = trigger_unit->type, | |
6504 | }; | |
6505 | ||
6506 | details->trigger_unit_name = strdup(trigger_unit->id); | |
6507 | if (!details->trigger_unit_name) | |
6508 | return NULL; | |
6509 | ||
6510 | if (ACTIVATION_DETAILS_VTABLE(details)->init) | |
6511 | ACTIVATION_DETAILS_VTABLE(details)->init(details, trigger_unit); | |
6512 | ||
6513 | return TAKE_PTR(details); | |
6514 | } | |
6515 | ||
6516 | static ActivationDetails *activation_details_free(ActivationDetails *details) { | |
6517 | if (!details) | |
6518 | return NULL; | |
6519 | ||
6520 | if (ACTIVATION_DETAILS_VTABLE(details)->done) | |
6521 | ACTIVATION_DETAILS_VTABLE(details)->done(details); | |
6522 | ||
6523 | free(details->trigger_unit_name); | |
6524 | ||
6525 | return mfree(details); | |
6526 | } | |
6527 | ||
6528 | void activation_details_serialize(ActivationDetails *details, FILE *f) { | |
6529 | if (!details || details->trigger_unit_type == _UNIT_TYPE_INVALID) | |
6530 | return; | |
6531 | ||
6532 | (void) serialize_item(f, "activation-details-unit-type", unit_type_to_string(details->trigger_unit_type)); | |
6533 | if (details->trigger_unit_name) | |
6534 | (void) serialize_item(f, "activation-details-unit-name", details->trigger_unit_name); | |
6535 | if (ACTIVATION_DETAILS_VTABLE(details)->serialize) | |
6536 | ACTIVATION_DETAILS_VTABLE(details)->serialize(details, f); | |
6537 | } | |
6538 | ||
6539 | int activation_details_deserialize(const char *key, const char *value, ActivationDetails **details) { | |
6540 | int r; | |
6541 | ||
6542 | assert(key); | |
6543 | assert(value); | |
6544 | assert(details); | |
6545 | ||
6546 | if (!*details) { | |
6547 | UnitType t; | |
6548 | ||
6549 | if (!streq(key, "activation-details-unit-type")) | |
6550 | return -EINVAL; | |
6551 | ||
6552 | t = unit_type_from_string(value); | |
6553 | if (t < 0) | |
6554 | return t; | |
6555 | ||
6556 | /* The activation details vtable has defined ops only for path and timer units */ | |
6557 | if (!activation_details_vtable[t]) | |
6558 | return -EINVAL; | |
6559 | ||
6560 | *details = malloc0(activation_details_vtable[t]->object_size); | |
6561 | if (!*details) | |
6562 | return -ENOMEM; | |
6563 | ||
6564 | **details = (ActivationDetails) { | |
6565 | .n_ref = 1, | |
6566 | .trigger_unit_type = t, | |
6567 | }; | |
6568 | ||
6569 | return 0; | |
6570 | } | |
6571 | ||
6572 | if (streq(key, "activation-details-unit-name")) { | |
6573 | r = free_and_strdup(&(*details)->trigger_unit_name, value); | |
6574 | if (r < 0) | |
6575 | return r; | |
6576 | ||
6577 | return 0; | |
6578 | } | |
6579 | ||
6580 | if (ACTIVATION_DETAILS_VTABLE(*details)->deserialize) | |
6581 | return ACTIVATION_DETAILS_VTABLE(*details)->deserialize(key, value, details); | |
6582 | ||
6583 | return -EINVAL; | |
6584 | } | |
6585 | ||
6586 | int activation_details_append_env(ActivationDetails *details, char ***strv) { | |
6587 | int r = 0; | |
6588 | ||
6589 | assert(strv); | |
6590 | ||
6591 | if (!details) | |
6592 | return 0; | |
6593 | ||
6594 | if (!isempty(details->trigger_unit_name)) { | |
6595 | char *s = strjoin("TRIGGER_UNIT=", details->trigger_unit_name); | |
6596 | if (!s) | |
6597 | return -ENOMEM; | |
6598 | ||
6599 | r = strv_consume(strv, TAKE_PTR(s)); | |
6600 | if (r < 0) | |
6601 | return r; | |
6602 | } | |
6603 | ||
6604 | if (ACTIVATION_DETAILS_VTABLE(details)->append_env) { | |
6605 | r = ACTIVATION_DETAILS_VTABLE(details)->append_env(details, strv); | |
6606 | if (r < 0) | |
6607 | return r; | |
6608 | } | |
6609 | ||
6610 | return r + !isempty(details->trigger_unit_name); /* Return the number of variables added to the env block */ | |
6611 | } | |
6612 | ||
6613 | int activation_details_append_pair(ActivationDetails *details, char ***strv) { | |
6614 | int r = 0; | |
6615 | ||
6616 | assert(strv); | |
6617 | ||
6618 | if (!details) | |
6619 | return 0; | |
6620 | ||
6621 | if (!isempty(details->trigger_unit_name)) { | |
6622 | r = strv_extend_many(strv, "trigger_unit", details->trigger_unit_name); | |
6623 | if (r < 0) | |
6624 | return r; | |
6625 | } | |
6626 | ||
6627 | if (ACTIVATION_DETAILS_VTABLE(details)->append_pair) { | |
6628 | r = ACTIVATION_DETAILS_VTABLE(details)->append_pair(details, strv); | |
6629 | if (r < 0) | |
6630 | return r; | |
6631 | } | |
6632 | ||
6633 | return r + !isempty(details->trigger_unit_name); /* Return the number of pairs added to the strv */ | |
6634 | } | |
6635 | ||
6636 | DEFINE_TRIVIAL_REF_UNREF_FUNC(ActivationDetails, activation_details, activation_details_free); | |
6637 | ||
6638 | static const char* const unit_mount_dependency_type_table[_UNIT_MOUNT_DEPENDENCY_TYPE_MAX] = { | |
6639 | [UNIT_MOUNT_WANTS] = "WantsMountsFor", | |
6640 | [UNIT_MOUNT_REQUIRES] = "RequiresMountsFor", | |
6641 | }; | |
6642 | ||
6643 | DEFINE_STRING_TABLE_LOOKUP(unit_mount_dependency_type, UnitMountDependencyType); | |
6644 | ||
6645 | UnitDependency unit_mount_dependency_type_to_dependency_type(UnitMountDependencyType t) { | |
6646 | switch (t) { | |
6647 | ||
6648 | case UNIT_MOUNT_WANTS: | |
6649 | return UNIT_WANTS; | |
6650 | ||
6651 | case UNIT_MOUNT_REQUIRES: | |
6652 | return UNIT_REQUIRES; | |
6653 | ||
6654 | default: | |
6655 | assert_not_reached(); | |
6656 | } | |
6657 | } |