]> git.ipfire.org Git - thirdparty/systemd.git/blob - load-fragment.c
execute: support basic filesystem namespacing
[thirdparty/systemd.git] / load-fragment.c
1 /*-*- Mode: C; c-basic-offset: 8 -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <linux/oom.h>
23 #include <assert.h>
24 #include <errno.h>
25 #include <string.h>
26 #include <unistd.h>
27 #include <fcntl.h>
28 #include <sched.h>
29 #include <sys/prctl.h>
30 #include <sys/mount.h>
31
32 #include "unit.h"
33 #include "strv.h"
34 #include "conf-parser.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "ioprio.h"
38 #include "securebits.h"
39 #include "missing.h"
40 #include "unit-name.h"
41
42 #define DEFINE_CONFIG_PARSE_ENUM(function,name,type,msg) \
43 static int function( \
44 const char *filename, \
45 unsigned line, \
46 const char *section, \
47 const char *lvalue, \
48 const char *rvalue, \
49 void *data, \
50 void *userdata) { \
51 \
52 type *i = data, x; \
53 \
54 assert(filename); \
55 assert(lvalue); \
56 assert(rvalue); \
57 assert(data); \
58 \
59 if ((x = name##_from_string(rvalue)) < 0) { \
60 log_error("[%s:%u] " msg ": %s", filename, line, rvalue); \
61 return -EBADMSG; \
62 } \
63 \
64 *i = x; \
65 \
66 return 0; \
67 }
68
69 static int config_parse_deps(
70 const char *filename,
71 unsigned line,
72 const char *section,
73 const char *lvalue,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = PTR_TO_UINT(data);
79 Unit *u = userdata;
80 char *w;
81 size_t l;
82 char *state;
83
84 assert(filename);
85 assert(lvalue);
86 assert(rvalue);
87
88 FOREACH_WORD(w, l, rvalue, state) {
89 char *t, *k;
90 int r;
91
92 if (!(t = strndup(w, l)))
93 return -ENOMEM;
94
95 k = unit_name_printf(u, t);
96 free(t);
97
98 if (!k)
99 return -ENOMEM;
100
101 r = unit_add_dependency_by_name(u, d, k, NULL, true);
102 free(k);
103
104 if (r < 0)
105 return r;
106 }
107
108 return 0;
109 }
110
111 static int config_parse_names(
112 const char *filename,
113 unsigned line,
114 const char *section,
115 const char *lvalue,
116 const char *rvalue,
117 void *data,
118 void *userdata) {
119
120 Unit *u = userdata;
121 char *w;
122 size_t l;
123 char *state;
124
125 assert(filename);
126 assert(lvalue);
127 assert(rvalue);
128 assert(data);
129
130 FOREACH_WORD(w, l, rvalue, state) {
131 char *t, *k;
132 int r;
133
134 if (!(t = strndup(w, l)))
135 return -ENOMEM;
136
137 k = unit_name_printf(u, t);
138 free(t);
139
140 if (!k)
141 return -ENOMEM;
142
143 r = unit_merge_by_name(u, k);
144 free(k);
145
146 if (r < 0)
147 return r;
148 }
149
150 return 0;
151 }
152
153 static int config_parse_listen(
154 const char *filename,
155 unsigned line,
156 const char *section,
157 const char *lvalue,
158 const char *rvalue,
159 void *data,
160 void *userdata) {
161
162 int r;
163 SocketPort *p;
164 Socket *s;
165
166 assert(filename);
167 assert(lvalue);
168 assert(rvalue);
169 assert(data);
170
171 s = (Socket*) data;
172
173 if (!(p = new0(SocketPort, 1)))
174 return -ENOMEM;
175
176 if (streq(lvalue, "ListenFIFO")) {
177 p->type = SOCKET_FIFO;
178
179 if (!(p->path = strdup(rvalue))) {
180 free(p);
181 return -ENOMEM;
182 }
183 } else {
184 p->type = SOCKET_SOCKET;
185
186 if ((r = socket_address_parse(&p->address, rvalue)) < 0) {
187 log_error("[%s:%u] Failed to parse address value: %s", filename, line, rvalue);
188 free(p);
189 return r;
190 }
191
192 if (streq(lvalue, "ListenStream"))
193 p->address.type = SOCK_STREAM;
194 else if (streq(lvalue, "ListenDatagram"))
195 p->address.type = SOCK_DGRAM;
196 else {
197 assert(streq(lvalue, "ListenSequentialPacket"));
198 p->address.type = SOCK_SEQPACKET;
199 }
200
201 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
202 free(p);
203 return -EPROTONOSUPPORT;
204 }
205 }
206
207 p->fd = -1;
208 LIST_PREPEND(SocketPort, port, s->ports, p);
209
210 return 0;
211 }
212
213 static int config_parse_socket_bind(
214 const char *filename,
215 unsigned line,
216 const char *section,
217 const char *lvalue,
218 const char *rvalue,
219 void *data,
220 void *userdata) {
221
222 int r;
223 Socket *s;
224
225 assert(filename);
226 assert(lvalue);
227 assert(rvalue);
228 assert(data);
229
230 s = (Socket*) data;
231
232 if ((r = parse_boolean(rvalue)) < 0) {
233 log_error("[%s:%u] Failed to parse bind IPv6 only value: %s", filename, line, rvalue);
234 return r;
235 }
236
237 s->bind_ipv6_only = r ? SOCKET_ADDRESS_IPV6_ONLY : SOCKET_ADDRESS_BOTH;
238
239 return 0;
240 }
241
242 static int config_parse_nice(
243 const char *filename,
244 unsigned line,
245 const char *section,
246 const char *lvalue,
247 const char *rvalue,
248 void *data,
249 void *userdata) {
250
251 ExecContext *c = data;
252 int priority, r;
253
254 assert(filename);
255 assert(lvalue);
256 assert(rvalue);
257 assert(data);
258
259 if ((r = safe_atoi(rvalue, &priority)) < 0) {
260 log_error("[%s:%u] Failed to parse nice priority: %s", filename, line, rvalue);
261 return r;
262 }
263
264 if (priority < PRIO_MIN || priority >= PRIO_MAX) {
265 log_error("[%s:%u] Nice priority out of range: %s", filename, line, rvalue);
266 return -ERANGE;
267 }
268
269 c->nice = priority;
270 c->nice_set = false;
271
272 return 0;
273 }
274
275 static int config_parse_oom_adjust(
276 const char *filename,
277 unsigned line,
278 const char *section,
279 const char *lvalue,
280 const char *rvalue,
281 void *data,
282 void *userdata) {
283
284 ExecContext *c = data;
285 int oa, r;
286
287 assert(filename);
288 assert(lvalue);
289 assert(rvalue);
290 assert(data);
291
292 if ((r = safe_atoi(rvalue, &oa)) < 0) {
293 log_error("[%s:%u] Failed to parse OOM adjust value: %s", filename, line, rvalue);
294 return r;
295 }
296
297 if (oa < OOM_DISABLE || oa > OOM_ADJUST_MAX) {
298 log_error("[%s:%u] OOM adjust value out of range: %s", filename, line, rvalue);
299 return -ERANGE;
300 }
301
302 c->oom_adjust = oa;
303 c->oom_adjust_set = true;
304
305 return 0;
306 }
307
308 static int config_parse_mode(
309 const char *filename,
310 unsigned line,
311 const char *section,
312 const char *lvalue,
313 const char *rvalue,
314 void *data,
315 void *userdata) {
316
317 mode_t *m = data;
318 long l;
319 char *x = NULL;
320
321 assert(filename);
322 assert(lvalue);
323 assert(rvalue);
324 assert(data);
325
326 errno = 0;
327 l = strtol(rvalue, &x, 8);
328 if (!x || *x || errno) {
329 log_error("[%s:%u] Failed to parse mode value: %s", filename, line, rvalue);
330 return errno ? -errno : -EINVAL;
331 }
332
333 if (l < 0000 || l > 07777) {
334 log_error("[%s:%u] mode value out of range: %s", filename, line, rvalue);
335 return -ERANGE;
336 }
337
338 *m = (mode_t) l;
339 return 0;
340 }
341
342 static int config_parse_exec(
343 const char *filename,
344 unsigned line,
345 const char *section,
346 const char *lvalue,
347 const char *rvalue,
348 void *data,
349 void *userdata) {
350
351 ExecCommand **e = data, *nce = NULL;
352 char **n;
353 char *w;
354 unsigned k;
355 size_t l;
356 char *state;
357
358 assert(filename);
359 assert(lvalue);
360 assert(rvalue);
361 assert(data);
362
363 k = 0;
364 FOREACH_WORD_QUOTED(w, l, rvalue, state)
365 k++;
366
367 if (!(n = new(char*, k+1)))
368 return -ENOMEM;
369
370 k = 0;
371 FOREACH_WORD_QUOTED(w, l, rvalue, state)
372 if (!(n[k++] = strndup(w, l)))
373 goto fail;
374
375 n[k] = NULL;
376
377 if (!n[0] || !path_is_absolute(n[0])) {
378 log_error("[%s:%u] Invalid executable path in command line: %s", filename, line, rvalue);
379 strv_free(n);
380 return -EINVAL;
381 }
382
383 if (!(nce = new0(ExecCommand, 1)))
384 goto fail;
385
386 nce->argv = n;
387 if (!(nce->path = strdup(n[0])))
388 goto fail;
389
390 exec_command_append_list(e, nce);
391
392 return 0;
393
394 fail:
395 for (; k > 0; k--)
396 free(n[k-1]);
397 free(n);
398
399 free(nce);
400
401 return -ENOMEM;
402 }
403
404 static int config_parse_usec(
405 const char *filename,
406 unsigned line,
407 const char *section,
408 const char *lvalue,
409 const char *rvalue,
410 void *data,
411 void *userdata) {
412
413 usec_t *usec = data;
414 unsigned long long u;
415 int r;
416
417 assert(filename);
418 assert(lvalue);
419 assert(rvalue);
420 assert(data);
421
422 if ((r = safe_atollu(rvalue, &u)) < 0) {
423 log_error("[%s:%u] Failed to parse time value: %s", filename, line, rvalue);
424 return r;
425 }
426
427 /* We actually assume the user configures seconds. Later on we
428 * might choose to support suffixes for time values, to
429 * configure bigger or smaller units */
430
431 *usec = u * USEC_PER_SEC;
432
433 return 0;
434 }
435
436 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
437 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
438
439 static int config_parse_bindtodevice(
440 const char *filename,
441 unsigned line,
442 const char *section,
443 const char *lvalue,
444 const char *rvalue,
445 void *data,
446 void *userdata) {
447
448 Socket *s = data;
449 char *n;
450
451 assert(filename);
452 assert(lvalue);
453 assert(rvalue);
454 assert(data);
455
456 if (rvalue[0] && !streq(rvalue, "*")) {
457 if (!(n = strdup(rvalue)))
458 return -ENOMEM;
459 } else
460 n = NULL;
461
462 free(s->bind_to_device);
463 s->bind_to_device = n;
464
465 return 0;
466 }
467
468 DEFINE_CONFIG_PARSE_ENUM(config_parse_output, exec_output, ExecOutput, "Failed to parse output specifier");
469 DEFINE_CONFIG_PARSE_ENUM(config_parse_input, exec_input, ExecInput, "Failed to parse input specifier");
470
471 static int config_parse_facility(
472 const char *filename,
473 unsigned line,
474 const char *section,
475 const char *lvalue,
476 const char *rvalue,
477 void *data,
478 void *userdata) {
479
480
481 int *o = data, x;
482
483 assert(filename);
484 assert(lvalue);
485 assert(rvalue);
486 assert(data);
487
488 if ((x = log_facility_from_string(rvalue)) < 0) {
489 log_error("[%s:%u] Failed to parse log facility: %s", filename, line, rvalue);
490 return -EBADMSG;
491 }
492
493 *o = LOG_MAKEPRI(x, LOG_PRI(*o));
494
495 return 0;
496 }
497
498 static int config_parse_level(
499 const char *filename,
500 unsigned line,
501 const char *section,
502 const char *lvalue,
503 const char *rvalue,
504 void *data,
505 void *userdata) {
506
507
508 int *o = data, x;
509
510 assert(filename);
511 assert(lvalue);
512 assert(rvalue);
513 assert(data);
514
515 if ((x = log_level_from_string(rvalue)) < 0) {
516 log_error("[%s:%u] Failed to parse log level: %s", filename, line, rvalue);
517 return -EBADMSG;
518 }
519
520 *o = LOG_MAKEPRI(LOG_FAC(*o), x);
521 return 0;
522 }
523
524 static int config_parse_io_class(
525 const char *filename,
526 unsigned line,
527 const char *section,
528 const char *lvalue,
529 const char *rvalue,
530 void *data,
531 void *userdata) {
532
533 ExecContext *c = data;
534 int x;
535
536 assert(filename);
537 assert(lvalue);
538 assert(rvalue);
539 assert(data);
540
541 if ((x = ioprio_class_from_string(rvalue)) < 0) {
542 log_error("[%s:%u] Failed to parse IO scheduling class: %s", filename, line, rvalue);
543 return -EBADMSG;
544 }
545
546 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
547 c->ioprio_set = true;
548
549 return 0;
550 }
551
552 static int config_parse_io_priority(
553 const char *filename,
554 unsigned line,
555 const char *section,
556 const char *lvalue,
557 const char *rvalue,
558 void *data,
559 void *userdata) {
560
561 ExecContext *c = data;
562 int i;
563
564 assert(filename);
565 assert(lvalue);
566 assert(rvalue);
567 assert(data);
568
569 if (safe_atoi(rvalue, &i) < 0 || i < 0 || i >= IOPRIO_BE_NR) {
570 log_error("[%s:%u] Failed to parse io priority: %s", filename, line, rvalue);
571 return -EBADMSG;
572 }
573
574 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
575 c->ioprio_set = true;
576
577 return 0;
578 }
579
580 static int config_parse_cpu_sched_policy(
581 const char *filename,
582 unsigned line,
583 const char *section,
584 const char *lvalue,
585 const char *rvalue,
586 void *data,
587 void *userdata) {
588
589
590 ExecContext *c = data;
591 int x;
592
593 assert(filename);
594 assert(lvalue);
595 assert(rvalue);
596 assert(data);
597
598 if ((x = sched_policy_from_string(rvalue)) < 0) {
599 log_error("[%s:%u] Failed to parse CPU scheduling policy: %s", filename, line, rvalue);
600 return -EBADMSG;
601 }
602
603 c->cpu_sched_policy = x;
604 c->cpu_sched_set = true;
605
606 return 0;
607 }
608
609 static int config_parse_cpu_sched_prio(
610 const char *filename,
611 unsigned line,
612 const char *section,
613 const char *lvalue,
614 const char *rvalue,
615 void *data,
616 void *userdata) {
617
618 ExecContext *c = data;
619 int i;
620
621 assert(filename);
622 assert(lvalue);
623 assert(rvalue);
624 assert(data);
625
626 /* On Linux RR/FIFO have the same range */
627 if (safe_atoi(rvalue, &i) < 0 || i < sched_get_priority_min(SCHED_RR) || i > sched_get_priority_max(SCHED_RR)) {
628 log_error("[%s:%u] Failed to parse CPU scheduling priority: %s", filename, line, rvalue);
629 return -EBADMSG;
630 }
631
632 c->cpu_sched_priority = i;
633 c->cpu_sched_set = true;
634
635 return 0;
636 }
637
638 static int config_parse_cpu_affinity(
639 const char *filename,
640 unsigned line,
641 const char *section,
642 const char *lvalue,
643 const char *rvalue,
644 void *data,
645 void *userdata) {
646
647 ExecContext *c = data;
648 char *w;
649 size_t l;
650 char *state;
651
652 assert(filename);
653 assert(lvalue);
654 assert(rvalue);
655 assert(data);
656
657 FOREACH_WORD(w, l, rvalue, state) {
658 char *t;
659 int r;
660 unsigned cpu;
661
662 if (!(t = strndup(w, l)))
663 return -ENOMEM;
664
665 r = safe_atou(t, &cpu);
666 free(t);
667
668 if (r < 0 || cpu >= CPU_SETSIZE) {
669 log_error("[%s:%u] Failed to parse CPU affinity: %s", filename, line, rvalue);
670 return -EBADMSG;
671 }
672
673 CPU_SET(cpu, &c->cpu_affinity);
674 }
675
676 c->cpu_affinity_set = true;
677
678 return 0;
679 }
680
681 static int config_parse_capabilities(
682 const char *filename,
683 unsigned line,
684 const char *section,
685 const char *lvalue,
686 const char *rvalue,
687 void *data,
688 void *userdata) {
689
690 ExecContext *c = data;
691 cap_t cap;
692
693 assert(filename);
694 assert(lvalue);
695 assert(rvalue);
696 assert(data);
697
698 if (!(cap = cap_from_text(rvalue))) {
699 if (errno == ENOMEM)
700 return -ENOMEM;
701
702 log_error("[%s:%u] Failed to parse capabilities: %s", filename, line, rvalue);
703 return -EBADMSG;
704 }
705
706 if (c->capabilities)
707 cap_free(c->capabilities);
708 c->capabilities = cap;
709
710 return 0;
711 }
712
713 static int config_parse_secure_bits(
714 const char *filename,
715 unsigned line,
716 const char *section,
717 const char *lvalue,
718 const char *rvalue,
719 void *data,
720 void *userdata) {
721
722 ExecContext *c = data;
723 char *w;
724 size_t l;
725 char *state;
726
727 assert(filename);
728 assert(lvalue);
729 assert(rvalue);
730 assert(data);
731
732 FOREACH_WORD(w, l, rvalue, state) {
733 if (first_word(w, "keep-caps"))
734 c->secure_bits |= SECURE_KEEP_CAPS;
735 else if (first_word(w, "keep-caps-locked"))
736 c->secure_bits |= SECURE_KEEP_CAPS_LOCKED;
737 else if (first_word(w, "no-setuid-fixup"))
738 c->secure_bits |= SECURE_NO_SETUID_FIXUP;
739 else if (first_word(w, "no-setuid-fixup-locked"))
740 c->secure_bits |= SECURE_NO_SETUID_FIXUP_LOCKED;
741 else if (first_word(w, "noroot"))
742 c->secure_bits |= SECURE_NOROOT;
743 else if (first_word(w, "noroot-locked"))
744 c->secure_bits |= SECURE_NOROOT_LOCKED;
745 else {
746 log_error("[%s:%u] Failed to parse secure bits: %s", filename, line, rvalue);
747 return -EBADMSG;
748 }
749 }
750
751 return 0;
752 }
753
754 static int config_parse_bounding_set(
755 const char *filename,
756 unsigned line,
757 const char *section,
758 const char *lvalue,
759 const char *rvalue,
760 void *data,
761 void *userdata) {
762
763 ExecContext *c = data;
764 char *w;
765 size_t l;
766 char *state;
767
768 assert(filename);
769 assert(lvalue);
770 assert(rvalue);
771 assert(data);
772
773 FOREACH_WORD(w, l, rvalue, state) {
774 char *t;
775 int r;
776 cap_value_t cap;
777
778 if (!(t = strndup(w, l)))
779 return -ENOMEM;
780
781 r = cap_from_name(t, &cap);
782 free(t);
783
784 if (r < 0) {
785 log_error("[%s:%u] Failed to parse capability bounding set: %s", filename, line, rvalue);
786 return -EBADMSG;
787 }
788
789 c->capability_bounding_set_drop |= 1 << cap;
790 }
791
792 return 0;
793 }
794
795 static int config_parse_timer_slack_ns(
796 const char *filename,
797 unsigned line,
798 const char *section,
799 const char *lvalue,
800 const char *rvalue,
801 void *data,
802 void *userdata) {
803
804 ExecContext *c = data;
805 unsigned long u;
806 int r;
807
808 assert(filename);
809 assert(lvalue);
810 assert(rvalue);
811 assert(data);
812
813 if ((r = safe_atolu(rvalue, &u)) < 0) {
814 log_error("[%s:%u] Failed to parse time slack value: %s", filename, line, rvalue);
815 return r;
816 }
817
818 c->timer_slack_ns = u;
819
820 return 0;
821 }
822
823 static int config_parse_limit(
824 const char *filename,
825 unsigned line,
826 const char *section,
827 const char *lvalue,
828 const char *rvalue,
829 void *data,
830 void *userdata) {
831
832 struct rlimit **rl = data;
833 unsigned long long u;
834 int r;
835
836 assert(filename);
837 assert(lvalue);
838 assert(rvalue);
839 assert(data);
840
841 if ((r = safe_atollu(rvalue, &u)) < 0) {
842 log_error("[%s:%u] Failed to parse resource value: %s", filename, line, rvalue);
843 return r;
844 }
845
846 if (!*rl)
847 if (!(*rl = new(struct rlimit, 1)))
848 return -ENOMEM;
849
850 (*rl)->rlim_cur = (*rl)->rlim_max = (rlim_t) u;
851 return 0;
852 }
853
854 static int config_parse_cgroup(
855 const char *filename,
856 unsigned line,
857 const char *section,
858 const char *lvalue,
859 const char *rvalue,
860 void *data,
861 void *userdata) {
862
863 Unit *u = userdata;
864 char *w;
865 size_t l;
866 char *state;
867
868 FOREACH_WORD(w, l, rvalue, state) {
869 char *t;
870 int r;
871
872 if (!(t = strndup(w, l)))
873 return -ENOMEM;
874
875 r = unit_add_cgroup_from_text(u, t);
876 free(t);
877
878 if (r < 0)
879 return r;
880 }
881
882 return 0;
883 }
884
885 static int config_parse_sysv_priority(
886 const char *filename,
887 unsigned line,
888 const char *section,
889 const char *lvalue,
890 const char *rvalue,
891 void *data,
892 void *userdata) {
893
894 int *priority = data;
895 int r, i;
896
897 assert(filename);
898 assert(lvalue);
899 assert(rvalue);
900 assert(data);
901
902 if ((r = safe_atoi(rvalue, &i)) < 0 || i < 0) {
903 log_error("[%s:%u] Failed to parse SysV start priority: %s", filename, line, rvalue);
904 return r;
905 }
906
907 *priority = (int) i;
908 return 0;
909 }
910
911 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
912
913 static int config_parse_mount_flags(
914 const char *filename,
915 unsigned line,
916 const char *section,
917 const char *lvalue,
918 const char *rvalue,
919 void *data,
920 void *userdata) {
921
922 ExecContext *c = data;
923 char *w;
924 size_t l;
925 char *state;
926 unsigned long flags = 0;
927
928 assert(filename);
929 assert(lvalue);
930 assert(rvalue);
931 assert(data);
932
933 FOREACH_WORD(w, l, rvalue, state) {
934 if (strncmp(w, "shared", l) == 0)
935 flags |= MS_SHARED;
936 else if (strncmp(w, "slave", l) == 0)
937 flags |= MS_SLAVE;
938 else if (strncmp(w, "private", l) == 0)
939 flags |= MS_PRIVATE;
940 else {
941 log_error("[%s:%u] Failed to parse mount flags: %s", filename, line, rvalue);
942 return -EINVAL;
943 }
944 }
945
946 c->mount_flags = flags;
947 return 0;
948 }
949
950 #define FOLLOW_MAX 8
951
952 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
953 unsigned c = 0;
954 int fd, r;
955 FILE *f;
956 char *id = NULL;
957
958 assert(filename);
959 assert(*filename);
960 assert(_f);
961 assert(names);
962
963 /* This will update the filename pointer if the loaded file is
964 * reached by a symlink. The old string will be freed. */
965
966 for (;;) {
967 char *target, *k, *name;
968
969 if (c++ >= FOLLOW_MAX)
970 return -ELOOP;
971
972 path_kill_slashes(*filename);
973
974 /* Add the file name we are currently looking at to
975 * the names of this unit */
976 name = file_name_from_path(*filename);
977 if (!(id = set_get(names, name))) {
978
979 if (!(id = strdup(name)))
980 return -ENOMEM;
981
982 if ((r = set_put(names, id)) < 0) {
983 free(id);
984 return r;
985 }
986 }
987
988 /* Try to open the file name, but don't if its a symlink */
989 if ((fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW)) >= 0)
990 break;
991
992 if (errno != ELOOP)
993 return -errno;
994
995 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
996 if ((r = readlink_malloc(*filename, &target)) < 0)
997 return r;
998
999 k = file_in_same_dir(*filename, target);
1000 free(target);
1001
1002 if (!k)
1003 return -ENOMEM;
1004
1005 free(*filename);
1006 *filename = k;
1007 }
1008
1009 if (!(f = fdopen(fd, "r"))) {
1010 r = -errno;
1011 close_nointr_nofail(fd);
1012 return r;
1013 }
1014
1015 *_f = f;
1016 *_final = id;
1017 return 0;
1018 }
1019
1020 static int merge_by_names(Unit **u, Set *names, const char *id) {
1021 char *k;
1022 int r;
1023
1024 assert(u);
1025 assert(*u);
1026 assert(names);
1027
1028 /* Let's try to add in all symlink names we found */
1029 while ((k = set_steal_first(names))) {
1030
1031 /* First try to merge in the other name into our
1032 * unit */
1033 if ((r = unit_merge_by_name(*u, k)) < 0) {
1034 Unit *other;
1035
1036 /* Hmm, we couldn't merge the other unit into
1037 * ours? Then let's try it the other way
1038 * round */
1039
1040 other = manager_get_unit((*u)->meta.manager, k);
1041 free(k);
1042
1043 if (other)
1044 if ((r = unit_merge(other, *u)) >= 0) {
1045 *u = other;
1046 return merge_by_names(u, names, NULL);
1047 }
1048
1049 return r;
1050 }
1051
1052 if (id == k)
1053 unit_choose_id(*u, id);
1054
1055 free(k);
1056 }
1057
1058 return 0;
1059 }
1060
1061 static void dump_items(FILE *f, const ConfigItem *items) {
1062 const ConfigItem *i;
1063 const char *prev_section = NULL;
1064 bool not_first = false;
1065
1066 struct {
1067 ConfigParserCallback callback;
1068 const char *rvalue;
1069 } table[] = {
1070 { config_parse_int, "INTEGER" },
1071 { config_parse_unsigned, "UNSIGNED" },
1072 { config_parse_size, "SIZE" },
1073 { config_parse_bool, "BOOLEAN" },
1074 { config_parse_string, "STRING" },
1075 { config_parse_path, "PATH" },
1076 { config_parse_strv, "STRING [...]" },
1077 { config_parse_nice, "NICE" },
1078 { config_parse_oom_adjust, "OOMADJUST" },
1079 { config_parse_io_class, "IOCLASS" },
1080 { config_parse_io_priority, "IOPRIORITY" },
1081 { config_parse_cpu_sched_policy, "CPUSCHEDPOLICY" },
1082 { config_parse_cpu_sched_prio, "CPUSCHEDPRIO" },
1083 { config_parse_cpu_affinity, "CPUAFFINITY" },
1084 { config_parse_mode, "MODE" },
1085 { config_parse_output, "OUTPUT" },
1086 { config_parse_input, "INPUT" },
1087 { config_parse_facility, "FACILITY" },
1088 { config_parse_level, "LEVEL" },
1089 { config_parse_capabilities, "CAPABILITIES" },
1090 { config_parse_secure_bits, "SECUREBITS" },
1091 { config_parse_bounding_set, "BOUNDINGSET" },
1092 { config_parse_timer_slack_ns, "TIMERSLACK" },
1093 { config_parse_limit, "LIMIT" },
1094 { config_parse_cgroup, "CGROUP [...]" },
1095 { config_parse_deps, "UNIT [...]" },
1096 { config_parse_names, "UNIT [...]" },
1097 { config_parse_exec, "PATH [ARGUMENT [...]]" },
1098 { config_parse_service_type, "SERVICETYPE" },
1099 { config_parse_service_restart, "SERVICERESTART" },
1100 { config_parse_sysv_priority, "SYSVPRIORITY" },
1101 { config_parse_kill_mode, "KILLMODE" },
1102 { config_parse_listen, "SOCKET [...]" },
1103 { config_parse_socket_bind, "SOCKETBIND" },
1104 { config_parse_bindtodevice, "NETWORKINTERFACE" }
1105 };
1106
1107 assert(f);
1108 assert(items);
1109
1110 for (i = items; i->lvalue; i++) {
1111 unsigned j;
1112 const char *rvalue = "OTHER";
1113
1114 if (!streq_ptr(i->section, prev_section)) {
1115 if (!not_first)
1116 not_first = true;
1117 else
1118 fputc('\n', f);
1119
1120 fprintf(f, "[%s]\n", i->section);
1121 prev_section = i->section;
1122 }
1123
1124 for (j = 0; j < ELEMENTSOF(table); j++)
1125 if (i->parse == table[j].callback) {
1126 rvalue = table[j].rvalue;
1127 break;
1128 }
1129
1130 fprintf(f, "%s=%s\n", i->lvalue, rvalue);
1131 }
1132 }
1133
1134 static int load_from_path(Unit *u, const char *path) {
1135
1136 static const char* const section_table[_UNIT_TYPE_MAX] = {
1137 [UNIT_SERVICE] = "Service",
1138 [UNIT_TIMER] = "Timer",
1139 [UNIT_SOCKET] = "Socket",
1140 [UNIT_TARGET] = "Target",
1141 [UNIT_DEVICE] = "Device",
1142 [UNIT_MOUNT] = "Mount",
1143 [UNIT_AUTOMOUNT] = "Automount",
1144 [UNIT_SNAPSHOT] = "Snapshot"
1145 };
1146
1147 #define EXEC_CONTEXT_CONFIG_ITEMS(context, section) \
1148 { "WorkingDirectory", config_parse_path, &(context).working_directory, section }, \
1149 { "RootDirectory", config_parse_path, &(context).root_directory, section }, \
1150 { "User", config_parse_string, &(context).user, section }, \
1151 { "Group", config_parse_string, &(context).group, section }, \
1152 { "SupplementaryGroups", config_parse_strv, &(context).supplementary_groups, section }, \
1153 { "Nice", config_parse_nice, &(context), section }, \
1154 { "OOMAdjust", config_parse_oom_adjust, &(context), section }, \
1155 { "IOSchedulingClass", config_parse_io_class, &(context), section }, \
1156 { "IOSchedulingPriority", config_parse_io_priority, &(context), section }, \
1157 { "CPUSchedulingPolicy", config_parse_cpu_sched_policy,&(context), section }, \
1158 { "CPUSchedulingPriority", config_parse_cpu_sched_prio, &(context), section }, \
1159 { "CPUSchedulingResetOnFork", config_parse_bool, &(context).cpu_sched_reset_on_fork, section }, \
1160 { "CPUAffinity", config_parse_cpu_affinity, &(context), section }, \
1161 { "UMask", config_parse_mode, &(context).umask, section }, \
1162 { "Environment", config_parse_strv, &(context).environment, section }, \
1163 { "StandardInput", config_parse_input, &(context).std_input, section }, \
1164 { "StandardOutput", config_parse_output, &(context).std_output, section }, \
1165 { "StandardError", config_parse_output, &(context).std_output, section }, \
1166 { "TTYPath", config_parse_path, &(context).tty_path, section }, \
1167 { "SyslogIdentifier", config_parse_string, &(context).syslog_identifier, section }, \
1168 { "SyslogFacility", config_parse_facility, &(context).syslog_priority, section }, \
1169 { "SyslogLevel", config_parse_level, &(context).syslog_priority, section }, \
1170 { "Capabilities", config_parse_capabilities, &(context), section }, \
1171 { "SecureBits", config_parse_secure_bits, &(context), section }, \
1172 { "CapabilityBoundingSetDrop", config_parse_bounding_set, &(context), section }, \
1173 { "TimerSlackNS", config_parse_timer_slack_ns, &(context), section }, \
1174 { "LimitCPU", config_parse_limit, &(context).rlimit[RLIMIT_CPU], section }, \
1175 { "LimitFSIZE", config_parse_limit, &(context).rlimit[RLIMIT_FSIZE], section }, \
1176 { "LimitDATA", config_parse_limit, &(context).rlimit[RLIMIT_DATA], section }, \
1177 { "LimitSTACK", config_parse_limit, &(context).rlimit[RLIMIT_STACK], section }, \
1178 { "LimitCORE", config_parse_limit, &(context).rlimit[RLIMIT_CORE], section }, \
1179 { "LimitRSS", config_parse_limit, &(context).rlimit[RLIMIT_RSS], section }, \
1180 { "LimitNOFILE", config_parse_limit, &(context).rlimit[RLIMIT_NOFILE], section }, \
1181 { "LimitAS", config_parse_limit, &(context).rlimit[RLIMIT_AS], section }, \
1182 { "LimitNPROC", config_parse_limit, &(context).rlimit[RLIMIT_NPROC], section }, \
1183 { "LimitMEMLOCK", config_parse_limit, &(context).rlimit[RLIMIT_MEMLOCK], section }, \
1184 { "LimitLOCKS", config_parse_limit, &(context).rlimit[RLIMIT_LOCKS], section }, \
1185 { "LimitSIGPENDING", config_parse_limit, &(context).rlimit[RLIMIT_SIGPENDING], section }, \
1186 { "LimitMSGQUEUE", config_parse_limit, &(context).rlimit[RLIMIT_MSGQUEUE], section }, \
1187 { "LimitNICE", config_parse_limit, &(context).rlimit[RLIMIT_NICE], section }, \
1188 { "LimitRTPRIO", config_parse_limit, &(context).rlimit[RLIMIT_RTPRIO], section }, \
1189 { "LimitRTTIME", config_parse_limit, &(context).rlimit[RLIMIT_RTTIME], section }, \
1190 { "ControlGroup", config_parse_cgroup, u, section }, \
1191 { "ReadWriteDirectories", config_parse_path_strv, &(context).read_write_dirs, section }, \
1192 { "ReadOnlyDirectories", config_parse_path_strv, &(context).read_only_dirs, section }, \
1193 { "InaccessibleDirectories",config_parse_path_strv, &(context).inaccessible_dirs, section }, \
1194 { "PrivateTmp", config_parse_bool, &(context).private_tmp, section }, \
1195 { "MountFlags", config_parse_mount_flags, &(context), section }
1196
1197 const ConfigItem items[] = {
1198 { "Names", config_parse_names, u, "Unit" },
1199 { "Description", config_parse_string, &u->meta.description, "Unit" },
1200 { "Requires", config_parse_deps, UINT_TO_PTR(UNIT_REQUIRES), "Unit" },
1201 { "RequiresOverridable", config_parse_deps, UINT_TO_PTR(UNIT_REQUIRES_OVERRIDABLE), "Unit" },
1202 { "Requisite", config_parse_deps, UINT_TO_PTR(UNIT_REQUISITE), "Unit" },
1203 { "RequisiteOverridable", config_parse_deps, UINT_TO_PTR(UNIT_REQUISITE_OVERRIDABLE), "Unit" },
1204 { "Wants", config_parse_deps, UINT_TO_PTR(UNIT_WANTS), "Unit" },
1205 { "Conflicts", config_parse_deps, UINT_TO_PTR(UNIT_CONFLICTS), "Unit" },
1206 { "Before", config_parse_deps, UINT_TO_PTR(UNIT_BEFORE), "Unit" },
1207 { "After", config_parse_deps, UINT_TO_PTR(UNIT_AFTER), "Unit" },
1208 { "RecursiveStop", config_parse_bool, &u->meta.recursive_stop, "Unit" },
1209 { "StopWhenUnneeded", config_parse_bool, &u->meta.stop_when_unneeded, "Unit" },
1210
1211 { "PIDFile", config_parse_path, &u->service.pid_file, "Service" },
1212 { "ExecStartPre", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START_PRE, "Service" },
1213 { "ExecStart", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START, "Service" },
1214 { "ExecStartPost", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START_POST, "Service" },
1215 { "ExecReload", config_parse_exec, u->service.exec_command+SERVICE_EXEC_RELOAD, "Service" },
1216 { "ExecStop", config_parse_exec, u->service.exec_command+SERVICE_EXEC_STOP, "Service" },
1217 { "ExecStopPost", config_parse_exec, u->service.exec_command+SERVICE_EXEC_STOP_POST, "Service" },
1218 { "RestartSec", config_parse_usec, &u->service.restart_usec, "Service" },
1219 { "TimeoutSec", config_parse_usec, &u->service.timeout_usec, "Service" },
1220 { "Type", config_parse_service_type, &u->service.type, "Service" },
1221 { "Restart", config_parse_service_restart, &u->service.restart, "Service" },
1222 { "PermissionsStartOnly", config_parse_bool, &u->service.permissions_start_only, "Service" },
1223 { "RootDirectoryStartOnly", config_parse_bool, &u->service.root_directory_start_only, "Service" },
1224 { "ValidNoProcess", config_parse_bool, &u->service.valid_no_process, "Service" },
1225 { "SysVStartPriority", config_parse_sysv_priority, &u->service.sysv_start_priority, "Service" },
1226 { "KillMode", config_parse_kill_mode, &u->service.kill_mode, "Service" },
1227 { "NonBlocking", config_parse_bool, &u->service.exec_context.non_blocking, "Service" },
1228 { "BusName", config_parse_string, &u->service.bus_name, "Service" },
1229 EXEC_CONTEXT_CONFIG_ITEMS(u->service.exec_context, "Service"),
1230
1231 { "ListenStream", config_parse_listen, &u->socket, "Socket" },
1232 { "ListenDatagram", config_parse_listen, &u->socket, "Socket" },
1233 { "ListenSequentialPacket", config_parse_listen, &u->socket, "Socket" },
1234 { "ListenFIFO", config_parse_listen, &u->socket, "Socket" },
1235 { "BindIPv6Only", config_parse_socket_bind, &u->socket, "Socket" },
1236 { "Backlog", config_parse_unsigned, &u->socket.backlog, "Socket" },
1237 { "BindToDevice", config_parse_bindtodevice, &u->socket, "Socket" },
1238 { "ExecStartPre", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_START_PRE, "Socket" },
1239 { "ExecStartPost", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_START_POST, "Socket" },
1240 { "ExecStopPre", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_STOP_PRE, "Socket" },
1241 { "ExecStopPost", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_STOP_POST, "Socket" },
1242 { "TimeoutSec", config_parse_usec, &u->socket.timeout_usec, "Socket" },
1243 { "DirectoryMode", config_parse_mode, &u->socket.directory_mode, "Socket" },
1244 { "SocketMode", config_parse_mode, &u->socket.socket_mode, "Socket" },
1245 { "KillMode", config_parse_kill_mode, &u->socket.kill_mode, "Socket" },
1246 { "Accept", config_parse_bool, &u->socket.accept, "Socket" },
1247 EXEC_CONTEXT_CONFIG_ITEMS(u->socket.exec_context, "Socket"),
1248
1249 { "What", config_parse_string, &u->mount.parameters_fragment.what, "Mount" },
1250 { "Where", config_parse_path, &u->mount.where, "Mount" },
1251 { "Options", config_parse_string, &u->mount.parameters_fragment.options, "Mount" },
1252 { "Type", config_parse_string, &u->mount.parameters_fragment.fstype, "Mount" },
1253 { "TimeoutSec", config_parse_usec, &u->mount.timeout_usec, "Mount" },
1254 { "KillMode", config_parse_kill_mode, &u->mount.kill_mode, "Mount" },
1255 EXEC_CONTEXT_CONFIG_ITEMS(u->mount.exec_context, "Mount"),
1256
1257 { "Where", config_parse_path, &u->automount.where, "Automount" },
1258
1259 { NULL, NULL, NULL, NULL }
1260 };
1261
1262 #undef EXEC_CONTEXT_CONFIG_ITEMS
1263
1264 const char *sections[3];
1265 char *k;
1266 int r;
1267 Set *symlink_names;
1268 FILE *f = NULL;
1269 char *filename = NULL, *id = NULL;
1270 Unit *merged;
1271
1272 if (!u) {
1273 /* Dirty dirty hack. */
1274 dump_items((FILE*) path, items);
1275 return 0;
1276 }
1277
1278 assert(u);
1279 assert(path);
1280
1281 sections[0] = "Unit";
1282 sections[1] = section_table[u->meta.type];
1283 sections[2] = NULL;
1284
1285 if (!(symlink_names = set_new(string_hash_func, string_compare_func)))
1286 return -ENOMEM;
1287
1288 if (path_is_absolute(path)) {
1289
1290 if (!(filename = strdup(path))) {
1291 r = -ENOMEM;
1292 goto finish;
1293 }
1294
1295 if ((r = open_follow(&filename, &f, symlink_names, &id)) < 0) {
1296 free(filename);
1297 filename = NULL;
1298
1299 if (r != -ENOENT)
1300 goto finish;
1301 }
1302
1303 } else {
1304 char **p;
1305
1306 STRV_FOREACH(p, u->meta.manager->unit_path) {
1307
1308 /* Instead of opening the path right away, we manually
1309 * follow all symlinks and add their name to our unit
1310 * name set while doing so */
1311 if (!(filename = path_make_absolute(path, *p))) {
1312 r = -ENOMEM;
1313 goto finish;
1314 }
1315
1316 if ((r = open_follow(&filename, &f, symlink_names, &id)) < 0) {
1317 char *sn;
1318
1319 free(filename);
1320 filename = NULL;
1321
1322 if (r != -ENOENT)
1323 goto finish;
1324
1325 /* Empty the symlink names for the next run */
1326 while ((sn = set_steal_first(symlink_names)))
1327 free(sn);
1328
1329 continue;
1330 }
1331
1332 break;
1333 }
1334 }
1335
1336 if (!filename) {
1337 r = 0;
1338 goto finish;
1339 }
1340
1341 merged = u;
1342 if ((r = merge_by_names(&merged, symlink_names, id)) < 0)
1343 goto finish;
1344
1345 if (merged != u) {
1346 u->meta.load_state = UNIT_MERGED;
1347 r = 0;
1348 goto finish;
1349 }
1350
1351 /* Now, parse the file contents */
1352 if ((r = config_parse(filename, f, sections, items, u)) < 0)
1353 goto finish;
1354
1355 free(u->meta.fragment_path);
1356 u->meta.fragment_path = filename;
1357 filename = NULL;
1358
1359 u->meta.load_state = UNIT_LOADED;
1360 r = 0;
1361
1362 finish:
1363 while ((k = set_steal_first(symlink_names)))
1364 free(k);
1365
1366 set_free(symlink_names);
1367 free(filename);
1368
1369 if (f)
1370 fclose(f);
1371
1372 return r;
1373 }
1374
1375 int unit_load_fragment(Unit *u) {
1376 int r;
1377
1378 assert(u);
1379
1380 if (u->meta.fragment_path) {
1381
1382 if ((r = load_from_path(u, u->meta.fragment_path)) < 0)
1383 return r;
1384
1385 } else {
1386 Iterator i;
1387 const char *t;
1388
1389 /* Try to find the unit under its id */
1390 if ((r = load_from_path(u, u->meta.id)) < 0)
1391 return r;
1392
1393 /* Try to find an alias we can load this with */
1394 if (u->meta.load_state == UNIT_STUB)
1395 SET_FOREACH(t, u->meta.names, i) {
1396
1397 if (t == u->meta.id)
1398 continue;
1399
1400 if ((r = load_from_path(u, t)) < 0)
1401 return r;
1402
1403 if (u->meta.load_state != UNIT_STUB)
1404 break;
1405 }
1406
1407 /* Now, follow the same logic, but look for a template */
1408 if (u->meta.load_state == UNIT_STUB && u->meta.instance) {
1409 char *k;
1410
1411 if (!(k = unit_name_template(u->meta.id)))
1412 return -ENOMEM;
1413
1414 r = load_from_path(u, k);
1415 free(k);
1416
1417 if (r < 0)
1418 return r;
1419
1420 if (u->meta.load_state == UNIT_STUB)
1421 SET_FOREACH(t, u->meta.names, i) {
1422
1423 if (t == u->meta.id)
1424 continue;
1425
1426 if (!(k = unit_name_template(t)))
1427 return -ENOMEM;
1428
1429 r = load_from_path(u, k);
1430 free(k);
1431
1432 if (r < 0)
1433 return r;
1434
1435 if (u->meta.load_state != UNIT_STUB)
1436 break;
1437 }
1438 }
1439 }
1440
1441 return 0;
1442 }
1443
1444 void unit_dump_config_items(FILE *f) {
1445 /* OK, this wins a prize for extreme ugliness. */
1446
1447 load_from_path(NULL, (const void*) f);
1448 }