]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus-unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #28797 from Werkov/eff_limits
[thirdparty/systemd.git] / src / core / dbus-unit.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include "sd-bus.h"
4
5 #include "alloc-util.h"
6 #include "bpf-firewall.h"
7 #include "bus-common-errors.h"
8 #include "bus-get-properties.h"
9 #include "bus-polkit.h"
10 #include "cgroup-util.h"
11 #include "condition.h"
12 #include "dbus-job.h"
13 #include "dbus-manager.h"
14 #include "dbus-unit.h"
15 #include "dbus-util.h"
16 #include "dbus.h"
17 #include "fd-util.h"
18 #include "install.h"
19 #include "locale-util.h"
20 #include "log.h"
21 #include "path-util.h"
22 #include "process-util.h"
23 #include "selinux-access.h"
24 #include "service.h"
25 #include "signal-util.h"
26 #include "special.h"
27 #include "string-table.h"
28 #include "string-util.h"
29 #include "strv.h"
30 #include "user-util.h"
31 #include "web-util.h"
32
33 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_collect_mode, collect_mode, CollectMode);
34 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_load_state, unit_load_state, UnitLoadState);
35 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_job_mode, job_mode, JobMode);
36 static BUS_DEFINE_PROPERTY_GET(property_get_description, "s", Unit, unit_description);
37 static BUS_DEFINE_PROPERTY_GET2(property_get_active_state, "s", Unit, unit_active_state, unit_active_state_to_string);
38 static BUS_DEFINE_PROPERTY_GET2(property_get_freezer_state, "s", Unit, unit_freezer_state, freezer_state_to_string);
39 static BUS_DEFINE_PROPERTY_GET(property_get_sub_state, "s", Unit, unit_sub_state_to_string);
40 static BUS_DEFINE_PROPERTY_GET2(property_get_unit_file_state, "s", Unit, unit_get_unit_file_state, unit_file_state_to_string);
41 static BUS_DEFINE_PROPERTY_GET(property_get_can_reload, "b", Unit, unit_can_reload);
42 static BUS_DEFINE_PROPERTY_GET(property_get_can_start, "b", Unit, unit_can_start_refuse_manual);
43 static BUS_DEFINE_PROPERTY_GET(property_get_can_stop, "b", Unit, unit_can_stop_refuse_manual);
44 static BUS_DEFINE_PROPERTY_GET(property_get_can_isolate, "b", Unit, unit_can_isolate_refuse_manual);
45 static BUS_DEFINE_PROPERTY_GET(property_get_can_freeze, "b", Unit, unit_can_freeze);
46 static BUS_DEFINE_PROPERTY_GET(property_get_need_daemon_reload, "b", Unit, unit_need_daemon_reload);
47 static BUS_DEFINE_PROPERTY_GET_GLOBAL(property_get_empty_strv, "as", 0);
48
49 static int property_get_can_clean(
50 sd_bus *bus,
51 const char *path,
52 const char *interface,
53 const char *property,
54 sd_bus_message *reply,
55 void *userdata,
56 sd_bus_error *error) {
57
58 Unit *u = userdata;
59 ExecCleanMask mask;
60 int r;
61
62 assert(bus);
63 assert(reply);
64
65 r = unit_can_clean(u, &mask);
66 if (r < 0)
67 return r;
68
69 r = sd_bus_message_open_container(reply, 'a', "s");
70 if (r < 0)
71 return r;
72
73 for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
74 if (!FLAGS_SET(mask, 1U << t))
75 continue;
76
77 r = sd_bus_message_append(reply, "s", exec_resource_type_to_string(t));
78 if (r < 0)
79 return r;
80 }
81
82 if (FLAGS_SET(mask, EXEC_CLEAN_FDSTORE)) {
83 r = sd_bus_message_append(reply, "s", "fdstore");
84 if (r < 0)
85 return r;
86 }
87
88 return sd_bus_message_close_container(reply);
89 }
90
91 static int property_get_names(
92 sd_bus *bus,
93 const char *path,
94 const char *interface,
95 const char *property,
96 sd_bus_message *reply,
97 void *userdata,
98 sd_bus_error *error) {
99
100 Unit *u = ASSERT_PTR(userdata);
101 const char *t;
102 int r;
103
104 assert(bus);
105 assert(reply);
106
107 r = sd_bus_message_open_container(reply, 'a', "s");
108 if (r < 0)
109 return r;
110
111 r = sd_bus_message_append(reply, "s", u->id);
112 if (r < 0)
113 return r;
114
115 SET_FOREACH(t, u->aliases) {
116 r = sd_bus_message_append(reply, "s", t);
117 if (r < 0)
118 return r;
119 }
120
121 return sd_bus_message_close_container(reply);
122 }
123
124 static int property_get_following(
125 sd_bus *bus,
126 const char *path,
127 const char *interface,
128 const char *property,
129 sd_bus_message *reply,
130 void *userdata,
131 sd_bus_error *error) {
132
133 Unit *u = userdata, *f;
134
135 assert(bus);
136 assert(reply);
137 assert(u);
138
139 f = unit_following(u);
140 return sd_bus_message_append(reply, "s", f ? f->id : NULL);
141 }
142
143 static int property_get_dependencies(
144 sd_bus *bus,
145 const char *path,
146 const char *interface,
147 const char *property,
148 sd_bus_message *reply,
149 void *userdata,
150 sd_bus_error *error) {
151
152 Unit *u = userdata, *other;
153 UnitDependency d;
154 Hashmap *deps;
155 void *v;
156 int r;
157
158 assert(bus);
159 assert(reply);
160 assert(u);
161
162 d = unit_dependency_from_string(property);
163 assert_se(d >= 0);
164
165 deps = unit_get_dependencies(u, d);
166
167 r = sd_bus_message_open_container(reply, 'a', "s");
168 if (r < 0)
169 return r;
170
171 HASHMAP_FOREACH_KEY(v, other, deps) {
172 r = sd_bus_message_append(reply, "s", other->id);
173 if (r < 0)
174 return r;
175 }
176
177 return sd_bus_message_close_container(reply);
178 }
179
180 static int property_get_mounts_for(
181 sd_bus *bus,
182 const char *path,
183 const char *interface,
184 const char *property,
185 sd_bus_message *reply,
186 void *userdata,
187 sd_bus_error *error) {
188
189 Hashmap **h = ASSERT_PTR(userdata);
190 const char *p;
191 void *v;
192 int r;
193
194 assert(bus);
195 assert(reply);
196
197 r = sd_bus_message_open_container(reply, 'a', "s");
198 if (r < 0)
199 return r;
200
201 HASHMAP_FOREACH_KEY(v, p, *h) {
202 r = sd_bus_message_append(reply, "s", p);
203 if (r < 0)
204 return r;
205 }
206
207 return sd_bus_message_close_container(reply);
208 }
209
210 static int property_get_unit_file_preset(
211 sd_bus *bus,
212 const char *path,
213 const char *interface,
214 const char *property,
215 sd_bus_message *reply,
216 void *userdata,
217 sd_bus_error *error) {
218
219 Unit *u = ASSERT_PTR(userdata);
220 int r;
221
222 assert(bus);
223 assert(reply);
224
225 r = unit_get_unit_file_preset(u);
226
227 return sd_bus_message_append(reply, "s", preset_action_past_tense_to_string(r));
228 }
229
230 static int property_get_job(
231 sd_bus *bus,
232 const char *path,
233 const char *interface,
234 const char *property,
235 sd_bus_message *reply,
236 void *userdata,
237 sd_bus_error *error) {
238
239 _cleanup_free_ char *p = NULL;
240 Job **j = ASSERT_PTR(userdata);
241
242 assert(bus);
243 assert(reply);
244
245 if (!*j)
246 return sd_bus_message_append(reply, "(uo)", 0, "/");
247
248 p = job_dbus_path(*j);
249 if (!p)
250 return -ENOMEM;
251
252 return sd_bus_message_append(reply, "(uo)", (*j)->id, p);
253 }
254
255 static int property_get_conditions(
256 sd_bus *bus,
257 const char *path,
258 const char *interface,
259 const char *property,
260 sd_bus_message *reply,
261 void *userdata,
262 sd_bus_error *error) {
263
264 const char *(*to_string)(ConditionType type) = NULL;
265 Condition **list = ASSERT_PTR(userdata);
266 int r;
267
268 assert(bus);
269 assert(reply);
270
271 to_string = streq(property, "Asserts") ? assert_type_to_string : condition_type_to_string;
272
273 r = sd_bus_message_open_container(reply, 'a', "(sbbsi)");
274 if (r < 0)
275 return r;
276
277 LIST_FOREACH(conditions, c, *list) {
278 int tristate;
279
280 tristate =
281 c->result == CONDITION_UNTESTED ? 0 :
282 c->result == CONDITION_SUCCEEDED ? 1 : -1;
283
284 r = sd_bus_message_append(reply, "(sbbsi)",
285 to_string(c->type),
286 c->trigger, c->negate,
287 c->parameter, tristate);
288 if (r < 0)
289 return r;
290
291 }
292
293 return sd_bus_message_close_container(reply);
294 }
295
296 static int property_get_load_error(
297 sd_bus *bus,
298 const char *path,
299 const char *interface,
300 const char *property,
301 sd_bus_message *reply,
302 void *userdata,
303 sd_bus_error *error) {
304
305 _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
306 Unit *u = ASSERT_PTR(userdata);
307 int r;
308
309 assert(bus);
310 assert(reply);
311
312 r = bus_unit_validate_load_state(u, &e);
313 if (r < 0)
314 return sd_bus_message_append(reply, "(ss)", e.name, e.message);
315
316 return sd_bus_message_append(reply, "(ss)", NULL, NULL);
317 }
318
319 static int property_get_markers(
320 sd_bus *bus,
321 const char *path,
322 const char *interface,
323 const char *property,
324 sd_bus_message *reply,
325 void *userdata,
326 sd_bus_error *error) {
327
328 unsigned *markers = ASSERT_PTR(userdata);
329 int r;
330
331 assert(bus);
332 assert(reply);
333
334 r = sd_bus_message_open_container(reply, 'a', "s");
335 if (r < 0)
336 return r;
337
338 /* Make sure out values fit in the bitfield. */
339 assert_cc(_UNIT_MARKER_MAX <= sizeof(((Unit){}).markers) * 8);
340
341 for (UnitMarker m = 0; m < _UNIT_MARKER_MAX; m++)
342 if (FLAGS_SET(*markers, 1u << m)) {
343 r = sd_bus_message_append(reply, "s", unit_marker_to_string(m));
344 if (r < 0)
345 return r;
346 }
347
348 return sd_bus_message_close_container(reply);
349 }
350
351 static const char *const polkit_message_for_job[_JOB_TYPE_MAX] = {
352 [JOB_START] = N_("Authentication is required to start '$(unit)'."),
353 [JOB_STOP] = N_("Authentication is required to stop '$(unit)'."),
354 [JOB_RELOAD] = N_("Authentication is required to reload '$(unit)'."),
355 [JOB_RESTART] = N_("Authentication is required to restart '$(unit)'."),
356 [JOB_TRY_RESTART] = N_("Authentication is required to restart '$(unit)'."),
357 };
358
359 int bus_unit_method_start_generic(
360 sd_bus_message *message,
361 Unit *u,
362 JobType job_type,
363 bool reload_if_possible,
364 sd_bus_error *error) {
365
366 BusUnitQueueFlags job_flags = reload_if_possible ? BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE : 0;
367 const char *smode, *verb;
368 JobMode mode;
369 int r;
370
371 assert(message);
372 assert(u);
373 assert(job_type >= 0 && job_type < _JOB_TYPE_MAX);
374
375 r = mac_selinux_unit_access_check(
376 u, message,
377 job_type_to_access_method(job_type),
378 error);
379 if (r < 0)
380 return r;
381
382 r = sd_bus_message_read(message, "s", &smode);
383 if (r < 0)
384 return r;
385
386 mode = job_mode_from_string(smode);
387 if (mode < 0)
388 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
389
390 if (reload_if_possible)
391 verb = strjoina("reload-or-", job_type_to_string(job_type));
392 else
393 verb = job_type_to_string(job_type);
394
395 if (sd_bus_message_is_method_call(message, NULL, "StartUnitWithFlags")) {
396 uint64_t input_flags = 0;
397
398 r = sd_bus_message_read(message, "t", &input_flags);
399 if (r < 0)
400 return r;
401 /* Let clients know that this version doesn't support any flags at the moment. */
402 if (input_flags != 0)
403 return sd_bus_reply_method_errorf(message, SD_BUS_ERROR_INVALID_ARGS,
404 "Invalid 'flags' parameter '%" PRIu64 "'",
405 input_flags);
406 }
407
408 r = bus_verify_manage_units_async_full(
409 u,
410 verb,
411 polkit_message_for_job[job_type],
412 message,
413 error);
414 if (r < 0)
415 return r;
416 if (r == 0)
417 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
418
419 return bus_unit_queue_job(message, u, job_type, mode, job_flags, error);
420 }
421
422 static int bus_unit_method_start(sd_bus_message *message, void *userdata, sd_bus_error *error) {
423 return bus_unit_method_start_generic(message, userdata, JOB_START, false, error);
424 }
425
426 static int bus_unit_method_stop(sd_bus_message *message, void *userdata, sd_bus_error *error) {
427 return bus_unit_method_start_generic(message, userdata, JOB_STOP, false, error);
428 }
429
430 static int bus_unit_method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
431 return bus_unit_method_start_generic(message, userdata, JOB_RELOAD, false, error);
432 }
433
434 static int bus_unit_method_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
435 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, false, error);
436 }
437
438 static int bus_unit_method_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
439 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, false, error);
440 }
441
442 static int bus_unit_method_reload_or_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
443 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, true, error);
444 }
445
446 static int bus_unit_method_reload_or_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
447 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, true, error);
448 }
449
450 int bus_unit_method_enqueue_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
451 BusUnitQueueFlags flags = BUS_UNIT_QUEUE_VERBOSE_REPLY;
452 const char *jtype, *smode;
453 Unit *u = ASSERT_PTR(userdata);
454 JobType type;
455 JobMode mode;
456 int r;
457
458 assert(message);
459
460 r = sd_bus_message_read(message, "ss", &jtype, &smode);
461 if (r < 0)
462 return r;
463
464 /* Parse the two magic reload types "reload-or-…" manually */
465 if (streq(jtype, "reload-or-restart")) {
466 type = JOB_RESTART;
467 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
468 } else if (streq(jtype, "reload-or-try-restart")) {
469 type = JOB_TRY_RESTART;
470 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
471 } else {
472 /* And the rest generically */
473 type = job_type_from_string(jtype);
474 if (type < 0)
475 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job type %s invalid", jtype);
476 }
477
478 mode = job_mode_from_string(smode);
479 if (mode < 0)
480 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
481
482 r = mac_selinux_unit_access_check(
483 u, message,
484 job_type_to_access_method(type),
485 error);
486 if (r < 0)
487 return r;
488
489 r = bus_verify_manage_units_async_full(
490 u,
491 jtype,
492 polkit_message_for_job[type],
493 message,
494 error);
495 if (r < 0)
496 return r;
497 if (r == 0)
498 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
499
500 return bus_unit_queue_job(message, u, type, mode, flags, error);
501 }
502
503 int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
504 Unit *u = ASSERT_PTR(userdata);
505 int32_t value = 0;
506 const char *swho;
507 int32_t signo;
508 KillWho who;
509 int r, code;
510
511 assert(message);
512
513 r = mac_selinux_unit_access_check(u, message, "stop", error);
514 if (r < 0)
515 return r;
516
517 r = sd_bus_message_read(message, "si", &swho, &signo);
518 if (r < 0)
519 return r;
520
521 if (startswith(sd_bus_message_get_member(message), "QueueSignal")) {
522 r = sd_bus_message_read(message, "i", &value);
523 if (r < 0)
524 return r;
525
526 code = SI_QUEUE;
527 } else
528 code = SI_USER;
529
530 if (isempty(swho))
531 who = KILL_ALL;
532 else {
533 who = kill_who_from_string(swho);
534 if (who < 0)
535 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument: %s", swho);
536 }
537
538 if (!SIGNAL_VALID(signo))
539 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
540
541 if (code == SI_QUEUE && !((signo >= SIGRTMIN) && (signo <= SIGRTMAX)))
542 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
543 "Value parameter only accepted for realtime signals (SIGRTMIN…SIGRTMAX), refusing for signal SIG%s.", signal_to_string(signo));
544
545 r = bus_verify_manage_units_async_full(
546 u,
547 "kill",
548 N_("Authentication is required to send a UNIX signal to the processes of '$(unit)'."),
549 message,
550 error);
551 if (r < 0)
552 return r;
553 if (r == 0)
554 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
555
556 r = unit_kill(u, who, signo, code, value, error);
557 if (r < 0)
558 return r;
559
560 return sd_bus_reply_method_return(message, NULL);
561 }
562
563 int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
564 Unit *u = ASSERT_PTR(userdata);
565 int r;
566
567 assert(message);
568
569 r = mac_selinux_unit_access_check(u, message, "reload", error);
570 if (r < 0)
571 return r;
572
573 r = bus_verify_manage_units_async_full(
574 u,
575 "reset-failed",
576 N_("Authentication is required to reset the \"failed\" state of '$(unit)'."),
577 message,
578 error);
579 if (r < 0)
580 return r;
581 if (r == 0)
582 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
583
584 unit_reset_failed(u);
585
586 return sd_bus_reply_method_return(message, NULL);
587 }
588
589 int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
590 Unit *u = ASSERT_PTR(userdata);
591 int runtime, r;
592
593 assert(message);
594
595 r = mac_selinux_unit_access_check(u, message, "start", error);
596 if (r < 0)
597 return r;
598
599 r = sd_bus_message_read(message, "b", &runtime);
600 if (r < 0)
601 return r;
602
603 r = bus_verify_manage_units_async_full(
604 u,
605 "set-property",
606 N_("Authentication is required to set properties on '$(unit)'."),
607 message,
608 error);
609 if (r < 0)
610 return r;
611 if (r == 0)
612 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
613
614 r = bus_unit_set_properties(u, message, runtime ? UNIT_RUNTIME : UNIT_PERSISTENT, true, error);
615 if (r < 0)
616 return r;
617
618 return sd_bus_reply_method_return(message, NULL);
619 }
620
621 int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
622 Unit *u = ASSERT_PTR(userdata);
623 int r;
624
625 assert(message);
626
627 r = mac_selinux_unit_access_check(u, message, "start", error);
628 if (r < 0)
629 return r;
630
631 r = bus_verify_manage_units_async_full(
632 u,
633 "ref",
634 /* polkit_message= */ NULL,
635 message,
636 error);
637 if (r < 0)
638 return r;
639 if (r == 0)
640 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
641
642 r = bus_unit_track_add_sender(u, message);
643 if (r < 0)
644 return r;
645
646 return sd_bus_reply_method_return(message, NULL);
647 }
648
649 int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
650 Unit *u = ASSERT_PTR(userdata);
651 int r;
652
653 assert(message);
654
655 r = bus_unit_track_remove_sender(u, message);
656 if (r == -EUNATCH)
657 return sd_bus_error_set(error, BUS_ERROR_NOT_REFERENCED, "Unit has not been referenced yet.");
658 if (r < 0)
659 return r;
660
661 return sd_bus_reply_method_return(message, NULL);
662 }
663
664 int bus_unit_method_clean(sd_bus_message *message, void *userdata, sd_bus_error *error) {
665 ExecCleanMask mask = 0;
666 Unit *u = ASSERT_PTR(userdata);
667 int r;
668
669 assert(message);
670
671 r = mac_selinux_unit_access_check(u, message, "stop", error);
672 if (r < 0)
673 return r;
674
675 r = sd_bus_message_enter_container(message, 'a', "s");
676 if (r < 0)
677 return r;
678
679 for (;;) {
680 ExecCleanMask m;
681 const char *i;
682
683 r = sd_bus_message_read(message, "s", &i);
684 if (r < 0)
685 return r;
686 if (r == 0)
687 break;
688
689 m = exec_clean_mask_from_string(i);
690 if (m < 0)
691 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
692
693 mask |= m;
694 }
695
696 r = sd_bus_message_exit_container(message);
697 if (r < 0)
698 return r;
699
700 r = bus_verify_manage_units_async_full(
701 u,
702 "clean",
703 N_("Authentication is required to delete files and directories associated with '$(unit)'."),
704 message,
705 error);
706 if (r < 0)
707 return r;
708 if (r == 0)
709 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
710
711 r = unit_clean(u, mask);
712 if (r == -EOPNOTSUPP)
713 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support cleaning.", u->id);
714 if (r == -EUNATCH)
715 return sd_bus_error_set(error, BUS_ERROR_NOTHING_TO_CLEAN, "No matching resources found.");
716 if (r == -EBUSY)
717 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit is not inactive or has pending job.");
718 if (r < 0)
719 return r;
720
721 return sd_bus_reply_method_return(message, NULL);
722 }
723
724 static int bus_unit_method_freezer_generic(sd_bus_message *message, void *userdata, sd_bus_error *error, FreezerAction action) {
725 const char* perm;
726 int (*method)(Unit*);
727 Unit *u = ASSERT_PTR(userdata);
728 bool reply_no_delay = false;
729 int r;
730
731 assert(message);
732 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
733
734 if (action == FREEZER_FREEZE) {
735 perm = "stop";
736 method = unit_freeze;
737 } else {
738 perm = "start";
739 method = unit_thaw;
740 }
741
742 r = mac_selinux_unit_access_check(u, message, perm, error);
743 if (r < 0)
744 return r;
745
746 r = bus_verify_manage_units_async_full(
747 u,
748 perm,
749 N_("Authentication is required to freeze or thaw the processes of '$(unit)' unit."),
750 message,
751 error);
752 if (r < 0)
753 return r;
754 if (r == 0)
755 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
756
757 r = method(u);
758 if (r == -EOPNOTSUPP)
759 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support freezing.", u->id);
760 if (r == -EBUSY)
761 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit has a pending job.");
762 if (r == -EHOSTDOWN)
763 return sd_bus_error_set(error, BUS_ERROR_UNIT_INACTIVE, "Unit is inactive.");
764 if (r == -EALREADY)
765 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Previously requested freezer operation for unit '%s' is still in progress.", u->id);
766 if (r < 0)
767 return r;
768 if (r == 0)
769 reply_no_delay = true;
770
771 if (u->pending_freezer_invocation) {
772 bus_unit_send_pending_freezer_message(u, true);
773 assert(!u->pending_freezer_invocation);
774 }
775
776 u->pending_freezer_invocation = sd_bus_message_ref(message);
777
778 if (reply_no_delay) {
779 r = bus_unit_send_pending_freezer_message(u, false);
780 if (r < 0)
781 return r;
782 }
783
784 return 1;
785 }
786
787 int bus_unit_method_thaw(sd_bus_message *message, void *userdata, sd_bus_error *error) {
788 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_THAW);
789 }
790
791 int bus_unit_method_freeze(sd_bus_message *message, void *userdata, sd_bus_error *error) {
792 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_FREEZE);
793 }
794
795 static int property_get_refs(
796 sd_bus *bus,
797 const char *path,
798 const char *interface,
799 const char *property,
800 sd_bus_message *reply,
801 void *userdata,
802 sd_bus_error *error) {
803
804 Unit *u = userdata;
805 int r;
806
807 assert(bus);
808 assert(reply);
809
810 r = sd_bus_message_open_container(reply, 'a', "s");
811 if (r < 0)
812 return r;
813
814 for (const char *i = sd_bus_track_first(u->bus_track); i; i = sd_bus_track_next(u->bus_track)) {
815 int c;
816
817 c = sd_bus_track_count_name(u->bus_track, i);
818 if (c < 0)
819 return c;
820
821 /* Add the item multiple times if the ref count for each is above 1 */
822 for (int k = 0; k < c; k++) {
823 r = sd_bus_message_append(reply, "s", i);
824 if (r < 0)
825 return r;
826 }
827 }
828
829 return sd_bus_message_close_container(reply);
830 }
831
832 const sd_bus_vtable bus_unit_vtable[] = {
833 SD_BUS_VTABLE_START(0),
834
835 SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Unit, id), SD_BUS_VTABLE_PROPERTY_CONST),
836 SD_BUS_PROPERTY("Names", "as", property_get_names, 0, SD_BUS_VTABLE_PROPERTY_CONST),
837 SD_BUS_PROPERTY("Following", "s", property_get_following, 0, 0),
838 SD_BUS_PROPERTY("Requires", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
839 SD_BUS_PROPERTY("Requisite", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
840 SD_BUS_PROPERTY("Wants", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
841 SD_BUS_PROPERTY("BindsTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
842 SD_BUS_PROPERTY("PartOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
843 SD_BUS_PROPERTY("Upholds", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
844 SD_BUS_PROPERTY("RequiredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
845 SD_BUS_PROPERTY("RequisiteOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
846 SD_BUS_PROPERTY("WantedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
847 SD_BUS_PROPERTY("BoundBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
848 SD_BUS_PROPERTY("UpheldBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
849 SD_BUS_PROPERTY("ConsistsOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
850 SD_BUS_PROPERTY("Conflicts", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
851 SD_BUS_PROPERTY("ConflictedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
852 SD_BUS_PROPERTY("Before", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
853 SD_BUS_PROPERTY("After", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
854 SD_BUS_PROPERTY("OnSuccess", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
855 SD_BUS_PROPERTY("OnSuccessOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
856 SD_BUS_PROPERTY("OnFailure", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
857 SD_BUS_PROPERTY("OnFailureOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
858 SD_BUS_PROPERTY("Triggers", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
859 SD_BUS_PROPERTY("TriggeredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
860 SD_BUS_PROPERTY("PropagatesReloadTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
861 SD_BUS_PROPERTY("ReloadPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
862 SD_BUS_PROPERTY("PropagatesStopTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
863 SD_BUS_PROPERTY("StopPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
864 SD_BUS_PROPERTY("JoinsNamespaceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
865 SD_BUS_PROPERTY("SliceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
866 SD_BUS_PROPERTY("RequiresMountsFor", "as", property_get_mounts_for, offsetof(Unit, mounts_for[UNIT_MOUNT_REQUIRES]), SD_BUS_VTABLE_PROPERTY_CONST),
867 SD_BUS_PROPERTY("WantsMountsFor", "as", property_get_mounts_for, offsetof(Unit, mounts_for[UNIT_MOUNT_WANTS]), SD_BUS_VTABLE_PROPERTY_CONST),
868 SD_BUS_PROPERTY("Documentation", "as", NULL, offsetof(Unit, documentation), SD_BUS_VTABLE_PROPERTY_CONST),
869 SD_BUS_PROPERTY("Description", "s", property_get_description, 0, SD_BUS_VTABLE_PROPERTY_CONST),
870 SD_BUS_PROPERTY("AccessSELinuxContext", "s", NULL, offsetof(Unit, access_selinux_context), SD_BUS_VTABLE_PROPERTY_CONST),
871 SD_BUS_PROPERTY("LoadState", "s", property_get_load_state, offsetof(Unit, load_state), SD_BUS_VTABLE_PROPERTY_CONST),
872 SD_BUS_PROPERTY("ActiveState", "s", property_get_active_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
873 SD_BUS_PROPERTY("FreezerState", "s", property_get_freezer_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
874 SD_BUS_PROPERTY("SubState", "s", property_get_sub_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
875 SD_BUS_PROPERTY("FragmentPath", "s", NULL, offsetof(Unit, fragment_path), SD_BUS_VTABLE_PROPERTY_CONST),
876 SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Unit, source_path), SD_BUS_VTABLE_PROPERTY_CONST),
877 SD_BUS_PROPERTY("DropInPaths", "as", NULL, offsetof(Unit, dropin_paths), SD_BUS_VTABLE_PROPERTY_CONST),
878 SD_BUS_PROPERTY("UnitFileState", "s", property_get_unit_file_state, 0, 0),
879 SD_BUS_PROPERTY("UnitFilePreset", "s", property_get_unit_file_preset, 0, 0),
880 BUS_PROPERTY_DUAL_TIMESTAMP("StateChangeTimestamp", offsetof(Unit, state_change_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
881 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveExitTimestamp", offsetof(Unit, inactive_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
882 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveEnterTimestamp", offsetof(Unit, active_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
883 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveExitTimestamp", offsetof(Unit, active_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
884 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveEnterTimestamp", offsetof(Unit, inactive_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
885 SD_BUS_PROPERTY("CanStart", "b", property_get_can_start, 0, SD_BUS_VTABLE_PROPERTY_CONST),
886 SD_BUS_PROPERTY("CanStop", "b", property_get_can_stop, 0, SD_BUS_VTABLE_PROPERTY_CONST),
887 SD_BUS_PROPERTY("CanReload", "b", property_get_can_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
888 SD_BUS_PROPERTY("CanIsolate", "b", property_get_can_isolate, 0, SD_BUS_VTABLE_PROPERTY_CONST),
889 SD_BUS_PROPERTY("CanClean", "as", property_get_can_clean, 0, SD_BUS_VTABLE_PROPERTY_CONST),
890 SD_BUS_PROPERTY("CanFreeze", "b", property_get_can_freeze, 0, SD_BUS_VTABLE_PROPERTY_CONST),
891 SD_BUS_PROPERTY("Job", "(uo)", property_get_job, offsetof(Unit, job), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
892 SD_BUS_PROPERTY("StopWhenUnneeded", "b", bus_property_get_bool, offsetof(Unit, stop_when_unneeded), SD_BUS_VTABLE_PROPERTY_CONST),
893 SD_BUS_PROPERTY("RefuseManualStart", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_start), SD_BUS_VTABLE_PROPERTY_CONST),
894 SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
895 SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
896 SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
897 SD_BUS_PROPERTY("SurviveFinalKillSignal", "b", bus_property_get_bool, offsetof(Unit, survive_final_kill_signal), SD_BUS_VTABLE_PROPERTY_CONST),
898 SD_BUS_PROPERTY("OnSuccesJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), /* deprecated */
899 SD_BUS_PROPERTY("OnSuccessJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
900 SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
901 SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
902 SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, 0),
903 SD_BUS_PROPERTY("Markers", "as", property_get_markers, offsetof(Unit, markers), 0),
904 SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
905 SD_BUS_PROPERTY("JobRunningTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_running_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
906 SD_BUS_PROPERTY("JobTimeoutAction", "s", bus_property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),
907 SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
908 SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
909 SD_BUS_PROPERTY("AssertResult", "b", bus_property_get_bool, offsetof(Unit, assert_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
910 BUS_PROPERTY_DUAL_TIMESTAMP("ConditionTimestamp", offsetof(Unit, condition_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
911 BUS_PROPERTY_DUAL_TIMESTAMP("AssertTimestamp", offsetof(Unit, assert_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
912 SD_BUS_PROPERTY("Conditions", "a(sbbsi)", property_get_conditions, offsetof(Unit, conditions), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
913 SD_BUS_PROPERTY("Asserts", "a(sbbsi)", property_get_conditions, offsetof(Unit, asserts), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
914 SD_BUS_PROPERTY("LoadError", "(ss)", property_get_load_error, 0, SD_BUS_VTABLE_PROPERTY_CONST),
915 SD_BUS_PROPERTY("Transient", "b", bus_property_get_bool, offsetof(Unit, transient), SD_BUS_VTABLE_PROPERTY_CONST),
916 SD_BUS_PROPERTY("Perpetual", "b", bus_property_get_bool, offsetof(Unit, perpetual), SD_BUS_VTABLE_PROPERTY_CONST),
917 SD_BUS_PROPERTY("StartLimitIntervalUSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
918 SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_ratelimit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
919 SD_BUS_PROPERTY("StartLimitAction", "s", bus_property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST),
920 SD_BUS_PROPERTY("FailureAction", "s", bus_property_get_emergency_action, offsetof(Unit, failure_action), SD_BUS_VTABLE_PROPERTY_CONST),
921 SD_BUS_PROPERTY("FailureActionExitStatus", "i", bus_property_get_int, offsetof(Unit, failure_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
922 SD_BUS_PROPERTY("SuccessAction", "s", bus_property_get_emergency_action, offsetof(Unit, success_action), SD_BUS_VTABLE_PROPERTY_CONST),
923 SD_BUS_PROPERTY("SuccessActionExitStatus", "i", bus_property_get_int, offsetof(Unit, success_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
924 SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
925 SD_BUS_PROPERTY("InvocationID", "ay", bus_property_get_id128, offsetof(Unit, invocation_id), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
926 SD_BUS_PROPERTY("CollectMode", "s", property_get_collect_mode, offsetof(Unit, collect_mode), SD_BUS_VTABLE_PROPERTY_CONST),
927 SD_BUS_PROPERTY("Refs", "as", property_get_refs, 0, 0),
928 SD_BUS_PROPERTY("ActivationDetails", "a(ss)", bus_property_get_activation_details, offsetof(Unit, activation_details), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
929
930 SD_BUS_METHOD_WITH_ARGS("Start",
931 SD_BUS_ARGS("s", mode),
932 SD_BUS_RESULT("o", job),
933 bus_unit_method_start,
934 SD_BUS_VTABLE_UNPRIVILEGED),
935 SD_BUS_METHOD_WITH_ARGS("Stop",
936 SD_BUS_ARGS("s", mode),
937 SD_BUS_RESULT("o", job),
938 bus_unit_method_stop,
939 SD_BUS_VTABLE_UNPRIVILEGED),
940 SD_BUS_METHOD_WITH_ARGS("Reload",
941 SD_BUS_ARGS("s", mode),
942 SD_BUS_RESULT("o", job),
943 bus_unit_method_reload,
944 SD_BUS_VTABLE_UNPRIVILEGED),
945 SD_BUS_METHOD_WITH_ARGS("Restart",
946 SD_BUS_ARGS("s", mode),
947 SD_BUS_RESULT("o", job),
948 bus_unit_method_restart,
949 SD_BUS_VTABLE_UNPRIVILEGED),
950 SD_BUS_METHOD_WITH_ARGS("TryRestart",
951 SD_BUS_ARGS("s", mode),
952 SD_BUS_RESULT("o", job),
953 bus_unit_method_try_restart,
954 SD_BUS_VTABLE_UNPRIVILEGED),
955 SD_BUS_METHOD_WITH_ARGS("ReloadOrRestart",
956 SD_BUS_ARGS("s", mode),
957 SD_BUS_RESULT("o", job),
958 bus_unit_method_reload_or_restart,
959 SD_BUS_VTABLE_UNPRIVILEGED),
960 SD_BUS_METHOD_WITH_ARGS("ReloadOrTryRestart",
961 SD_BUS_ARGS("s", mode),
962 SD_BUS_RESULT("o", job),
963 bus_unit_method_reload_or_try_restart,
964 SD_BUS_VTABLE_UNPRIVILEGED),
965 SD_BUS_METHOD_WITH_ARGS("EnqueueJob",
966 SD_BUS_ARGS("s", job_type, "s", job_mode),
967 SD_BUS_RESULT("u", job_id, "o", job_path, "s", unit_id, "o", unit_path, "s", job_type, "a(uosos)", affected_jobs),
968 bus_unit_method_enqueue_job,
969 SD_BUS_VTABLE_UNPRIVILEGED),
970 SD_BUS_METHOD_WITH_ARGS("Kill",
971 SD_BUS_ARGS("s", whom, "i", signal),
972 SD_BUS_NO_RESULT,
973 bus_unit_method_kill,
974 SD_BUS_VTABLE_UNPRIVILEGED),
975 SD_BUS_METHOD_WITH_ARGS("QueueSignal",
976 SD_BUS_ARGS("s", whom, "i", signal, "i", value),
977 SD_BUS_NO_RESULT,
978 bus_unit_method_kill,
979 SD_BUS_VTABLE_UNPRIVILEGED),
980 SD_BUS_METHOD("ResetFailed",
981 NULL,
982 NULL,
983 bus_unit_method_reset_failed,
984 SD_BUS_VTABLE_UNPRIVILEGED),
985 SD_BUS_METHOD_WITH_ARGS("SetProperties",
986 SD_BUS_ARGS("b", runtime, "a(sv)", properties),
987 SD_BUS_NO_RESULT,
988 bus_unit_method_set_properties,
989 SD_BUS_VTABLE_UNPRIVILEGED),
990 SD_BUS_METHOD("Ref",
991 NULL,
992 NULL,
993 bus_unit_method_ref,
994 SD_BUS_VTABLE_UNPRIVILEGED),
995 SD_BUS_METHOD("Unref",
996 NULL,
997 NULL,
998 bus_unit_method_unref,
999 SD_BUS_VTABLE_UNPRIVILEGED),
1000 SD_BUS_METHOD_WITH_ARGS("Clean",
1001 SD_BUS_ARGS("as", mask),
1002 SD_BUS_NO_RESULT,
1003 bus_unit_method_clean,
1004 SD_BUS_VTABLE_UNPRIVILEGED),
1005 SD_BUS_METHOD("Freeze",
1006 NULL,
1007 NULL,
1008 bus_unit_method_freeze,
1009 SD_BUS_VTABLE_UNPRIVILEGED),
1010 SD_BUS_METHOD("Thaw",
1011 NULL,
1012 NULL,
1013 bus_unit_method_thaw,
1014 SD_BUS_VTABLE_UNPRIVILEGED),
1015
1016 /* For dependency types we don't support anymore always return an empty array */
1017 SD_BUS_PROPERTY("RequiresOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1018 SD_BUS_PROPERTY("RequisiteOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1019 SD_BUS_PROPERTY("RequiredByOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1020 SD_BUS_PROPERTY("RequisiteOfOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1021 /* Obsolete alias names */
1022 SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1023 SD_BUS_PROPERTY("StartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1024
1025 SD_BUS_VTABLE_END
1026 };
1027
1028 static int property_get_slice(
1029 sd_bus *bus,
1030 const char *path,
1031 const char *interface,
1032 const char *property,
1033 sd_bus_message *reply,
1034 void *userdata,
1035 sd_bus_error *error) {
1036
1037 Unit *u = ASSERT_PTR(userdata);
1038
1039 assert(bus);
1040 assert(reply);
1041
1042 return sd_bus_message_append(reply, "s", unit_slice_name(u));
1043 }
1044
1045 static int property_get_current_memory(
1046 sd_bus *bus,
1047 const char *path,
1048 const char *interface,
1049 const char *property,
1050 sd_bus_message *reply,
1051 void *userdata,
1052 sd_bus_error *error) {
1053
1054 uint64_t sz = UINT64_MAX;
1055 Unit *u = ASSERT_PTR(userdata);
1056 int r;
1057
1058 assert(bus);
1059 assert(reply);
1060
1061 r = unit_get_memory_current(u, &sz);
1062 if (r < 0 && r != -ENODATA)
1063 log_unit_warning_errno(u, r, "Failed to get current memory usage from cgroup: %m");
1064
1065 return sd_bus_message_append(reply, "t", sz);
1066 }
1067
1068 static int property_get_available_memory(
1069 sd_bus *bus,
1070 const char *path,
1071 const char *interface,
1072 const char *property,
1073 sd_bus_message *reply,
1074 void *userdata,
1075 sd_bus_error *error) {
1076
1077 uint64_t sz = UINT64_MAX;
1078 Unit *u = ASSERT_PTR(userdata);
1079 int r;
1080
1081 assert(bus);
1082 assert(reply);
1083
1084 r = unit_get_memory_available(u, &sz);
1085 if (r < 0 && r != -ENODATA)
1086 log_unit_warning_errno(u, r, "Failed to get total available memory from cgroup: %m");
1087
1088 return sd_bus_message_append(reply, "t", sz);
1089 }
1090
1091 static int property_get_memory_accounting(
1092 sd_bus *bus,
1093 const char *path,
1094 const char *interface,
1095 const char *property,
1096 sd_bus_message *reply,
1097 void *userdata,
1098 sd_bus_error *error) {
1099
1100 Unit *u = ASSERT_PTR(userdata);
1101 CGroupMemoryAccountingMetric metric;
1102 uint64_t sz = UINT64_MAX;
1103
1104 assert(bus);
1105 assert(reply);
1106
1107 assert_se((metric = cgroup_memory_accounting_metric_from_string(property)) >= 0);
1108 (void) unit_get_memory_accounting(u, metric, &sz);
1109 return sd_bus_message_append(reply, "t", sz);
1110 }
1111
1112 static int property_get_current_tasks(
1113 sd_bus *bus,
1114 const char *path,
1115 const char *interface,
1116 const char *property,
1117 sd_bus_message *reply,
1118 void *userdata,
1119 sd_bus_error *error) {
1120
1121 uint64_t cn = UINT64_MAX;
1122 Unit *u = ASSERT_PTR(userdata);
1123 int r;
1124
1125 assert(bus);
1126 assert(reply);
1127
1128 r = unit_get_tasks_current(u, &cn);
1129 if (r < 0 && r != -ENODATA)
1130 log_unit_warning_errno(u, r, "Failed to get pids.current attribute: %m");
1131
1132 return sd_bus_message_append(reply, "t", cn);
1133 }
1134
1135 static int property_get_cpu_usage(
1136 sd_bus *bus,
1137 const char *path,
1138 const char *interface,
1139 const char *property,
1140 sd_bus_message *reply,
1141 void *userdata,
1142 sd_bus_error *error) {
1143
1144 nsec_t ns = NSEC_INFINITY;
1145 Unit *u = ASSERT_PTR(userdata);
1146 int r;
1147
1148 assert(bus);
1149 assert(reply);
1150
1151 r = unit_get_cpu_usage(u, &ns);
1152 if (r < 0 && r != -ENODATA)
1153 log_unit_warning_errno(u, r, "Failed to get cpuacct.usage attribute: %m");
1154
1155 return sd_bus_message_append(reply, "t", ns);
1156 }
1157
1158 static int property_get_cpuset_cpus(
1159 sd_bus *bus,
1160 const char *path,
1161 const char *interface,
1162 const char *property,
1163 sd_bus_message *reply,
1164 void *userdata,
1165 sd_bus_error *error) {
1166
1167 Unit *u = ASSERT_PTR(userdata);
1168 _cleanup_(cpu_set_reset) CPUSet cpus = {};
1169 _cleanup_free_ uint8_t *array = NULL;
1170 size_t allocated;
1171
1172 assert(bus);
1173 assert(reply);
1174
1175 (void) unit_get_cpuset(u, &cpus, "cpuset.cpus.effective");
1176 (void) cpu_set_to_dbus(&cpus, &array, &allocated);
1177 return sd_bus_message_append_array(reply, 'y', array, allocated);
1178 }
1179
1180 static int property_get_cpuset_mems(
1181 sd_bus *bus,
1182 const char *path,
1183 const char *interface,
1184 const char *property,
1185 sd_bus_message *reply,
1186 void *userdata,
1187 sd_bus_error *error) {
1188
1189 Unit *u = ASSERT_PTR(userdata);
1190 _cleanup_(cpu_set_reset) CPUSet mems = {};
1191 _cleanup_free_ uint8_t *array = NULL;
1192 size_t allocated;
1193
1194 assert(bus);
1195 assert(reply);
1196
1197 (void) unit_get_cpuset(u, &mems, "cpuset.mems.effective");
1198 (void) cpu_set_to_dbus(&mems, &array, &allocated);
1199 return sd_bus_message_append_array(reply, 'y', array, allocated);
1200 }
1201
1202 static int property_get_cgroup(
1203 sd_bus *bus,
1204 const char *path,
1205 const char *interface,
1206 const char *property,
1207 sd_bus_message *reply,
1208 void *userdata,
1209 sd_bus_error *error) {
1210
1211 Unit *u = ASSERT_PTR(userdata);
1212 const char *t = NULL;
1213
1214 assert(bus);
1215 assert(reply);
1216
1217 /* Three cases: a) u->cgroup_path is NULL, in which case the
1218 * unit has no control group, which we report as the empty
1219 * string. b) u->cgroup_path is the empty string, which
1220 * indicates the root cgroup, which we report as "/". c) all
1221 * other cases we report as-is. */
1222
1223 if (u->cgroup_path)
1224 t = empty_to_root(u->cgroup_path);
1225
1226 return sd_bus_message_append(reply, "s", t);
1227 }
1228
1229 static int append_process(sd_bus_message *reply, const char *p, PidRef *pid, Set *pids) {
1230 _cleanup_free_ char *buf = NULL, *cmdline = NULL;
1231 int r;
1232
1233 assert(reply);
1234 assert(pidref_is_set(pid));
1235
1236 r = set_put(pids, PID_TO_PTR(pid->pid));
1237 if (IN_SET(r, 0, -EEXIST))
1238 return 0;
1239 if (r < 0)
1240 return r;
1241
1242 if (!p) {
1243 r = cg_pidref_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &buf);
1244 if (r == -ESRCH)
1245 return 0;
1246 if (r < 0)
1247 return r;
1248
1249 p = buf;
1250 }
1251
1252 (void) pidref_get_cmdline(
1253 pid,
1254 SIZE_MAX,
1255 PROCESS_CMDLINE_COMM_FALLBACK | PROCESS_CMDLINE_QUOTE,
1256 &cmdline);
1257
1258 return sd_bus_message_append(reply,
1259 "(sus)",
1260 p,
1261 (uint32_t) pid->pid,
1262 cmdline);
1263 }
1264
1265 static int append_cgroup(sd_bus_message *reply, const char *p, Set *pids) {
1266 _cleanup_closedir_ DIR *d = NULL;
1267 _cleanup_fclose_ FILE *f = NULL;
1268 int r;
1269
1270 assert(reply);
1271 assert(p);
1272
1273 r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, p, &f);
1274 if (r == -ENOENT)
1275 return 0;
1276 if (r < 0)
1277 return r;
1278
1279 for (;;) {
1280 _cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
1281
1282 /* libvirt / qemu uses threaded mode and cgroup.procs cannot be read at the lower levels.
1283 * From https://docs.kernel.org/admin-guide/cgroup-v2.html#threads, “cgroup.procs” in a
1284 * threaded domain cgroup contains the PIDs of all processes in the subtree and is not
1285 * readable in the subtree proper. */
1286
1287 r = cg_read_pidref(f, &pidref);
1288 if (IN_SET(r, 0, -EOPNOTSUPP))
1289 break;
1290 if (r < 0)
1291 return r;
1292
1293 r = pidref_is_kernel_thread(&pidref);
1294 if (r == -ESRCH) /* gone by now */
1295 continue;
1296 if (r < 0)
1297 log_debug_errno(r, "Failed to determine if " PID_FMT " is a kernel thread, assuming not: %m", pidref.pid);
1298 if (r > 0)
1299 continue;
1300
1301 r = append_process(reply, p, &pidref, pids);
1302 if (r < 0)
1303 return r;
1304 }
1305
1306 r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, p, &d);
1307 if (r == -ENOENT)
1308 return 0;
1309 if (r < 0)
1310 return r;
1311
1312 for (;;) {
1313 _cleanup_free_ char *g = NULL, *j = NULL;
1314
1315 r = cg_read_subgroup(d, &g);
1316 if (r < 0)
1317 return r;
1318 if (r == 0)
1319 break;
1320
1321 j = path_join(empty_to_root(p), g);
1322 if (!j)
1323 return -ENOMEM;
1324
1325 r = append_cgroup(reply, j, pids);
1326 if (r < 0)
1327 return r;
1328 }
1329
1330 return 0;
1331 }
1332
1333 int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1334 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1335 _cleanup_set_free_ Set *pids = NULL;
1336 Unit *u = userdata;
1337 int r;
1338
1339 assert(message);
1340
1341 r = mac_selinux_unit_access_check(u, message, "status", error);
1342 if (r < 0)
1343 return r;
1344
1345 pids = set_new(NULL);
1346 if (!pids)
1347 return -ENOMEM;
1348
1349 r = sd_bus_message_new_method_return(message, &reply);
1350 if (r < 0)
1351 return r;
1352
1353 r = sd_bus_message_open_container(reply, 'a', "(sus)");
1354 if (r < 0)
1355 return r;
1356
1357 if (u->cgroup_path) {
1358 r = append_cgroup(reply, u->cgroup_path, pids);
1359 if (r < 0)
1360 return r;
1361 }
1362
1363 /* The main and control pids might live outside of the cgroup, hence fetch them separately */
1364 PidRef *pid = unit_main_pid(u);
1365 if (pidref_is_set(pid)) {
1366 r = append_process(reply, NULL, pid, pids);
1367 if (r < 0)
1368 return r;
1369 }
1370
1371 pid = unit_control_pid(u);
1372 if (pidref_is_set(pid)) {
1373 r = append_process(reply, NULL, pid, pids);
1374 if (r < 0)
1375 return r;
1376 }
1377
1378 r = sd_bus_message_close_container(reply);
1379 if (r < 0)
1380 return r;
1381
1382 return sd_bus_send(NULL, reply, NULL);
1383 }
1384
1385 static int property_get_ip_counter(
1386 sd_bus *bus,
1387 const char *path,
1388 const char *interface,
1389 const char *property,
1390 sd_bus_message *reply,
1391 void *userdata,
1392 sd_bus_error *error) {
1393
1394 uint64_t value = UINT64_MAX;
1395 Unit *u = ASSERT_PTR(userdata);
1396 CGroupIPAccountingMetric metric;
1397
1398 assert(bus);
1399 assert(reply);
1400 assert(property);
1401
1402 assert_se((metric = cgroup_ip_accounting_metric_from_string(property)) >= 0);
1403 (void) unit_get_ip_accounting(u, metric, &value);
1404 return sd_bus_message_append(reply, "t", value);
1405 }
1406
1407 static int property_get_io_counter(
1408 sd_bus *bus,
1409 const char *path,
1410 const char *interface,
1411 const char *property,
1412 sd_bus_message *reply,
1413 void *userdata,
1414 sd_bus_error *error) {
1415
1416 uint64_t value = UINT64_MAX;
1417 Unit *u = ASSERT_PTR(userdata);
1418 ssize_t metric;
1419
1420 assert(bus);
1421 assert(reply);
1422 assert(property);
1423
1424 assert_se((metric = cgroup_io_accounting_metric_from_string(property)) >= 0);
1425 (void) unit_get_io_accounting(u, metric, /* allow_cache= */ false, &value);
1426 return sd_bus_message_append(reply, "t", value);
1427 }
1428
1429 static int property_get_effective_limit(
1430 sd_bus *bus,
1431 const char *path,
1432 const char *interface,
1433 const char *property,
1434 sd_bus_message *reply,
1435 void *userdata,
1436 sd_bus_error *error) {
1437
1438 uint64_t value = CGROUP_LIMIT_MAX;
1439 Unit *u = ASSERT_PTR(userdata);
1440 ssize_t type;
1441
1442 assert(bus);
1443 assert(reply);
1444 assert(property);
1445
1446 assert_se((type = cgroup_limit_type_from_string(property)) >= 0);
1447 (void) unit_get_effective_limit(u, type, &value);
1448 return sd_bus_message_append(reply, "t", value);
1449 }
1450
1451 int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1452 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
1453 _cleanup_set_free_ Set *pids = NULL;
1454 Unit *u = userdata;
1455 const char *path;
1456 int r;
1457
1458 assert(message);
1459
1460 /* This migrates the processes with the specified PIDs into the cgroup of this unit, optionally below a
1461 * specified cgroup path. Obviously this only works for units that actually maintain a cgroup
1462 * representation. If a process is already in the cgroup no operation is executed – in this case the specified
1463 * subcgroup path has no effect! */
1464
1465 r = mac_selinux_unit_access_check(u, message, "start", error);
1466 if (r < 0)
1467 return r;
1468
1469 r = sd_bus_message_read(message, "s", &path);
1470 if (r < 0)
1471 return r;
1472
1473 path = empty_to_null(path);
1474 if (path) {
1475 if (!path_is_absolute(path))
1476 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", path);
1477
1478 if (!path_is_normalized(path))
1479 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", path);
1480 }
1481
1482 if (!unit_cgroup_delegate(u))
1483 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Process migration not available on non-delegated units.");
1484
1485 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
1486 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Unit is not active, refusing.");
1487
1488 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds);
1489 if (r < 0)
1490 return r;
1491
1492 r = sd_bus_message_enter_container(message, 'a', "u");
1493 if (r < 0)
1494 return r;
1495 for (;;) {
1496 _cleanup_(pidref_freep) PidRef *pidref = NULL;
1497 uid_t process_uid, sender_uid;
1498 uint32_t upid;
1499 pid_t pid;
1500
1501 r = sd_bus_message_read(message, "u", &upid);
1502 if (r < 0)
1503 return r;
1504 if (r == 0)
1505 break;
1506
1507 if (upid == 0) {
1508 r = sd_bus_creds_get_pid(creds, &pid);
1509 if (r < 0)
1510 return r;
1511 } else
1512 pid = (uid_t) upid;
1513
1514 r = pidref_new_from_pid(pid, &pidref);
1515 if (r < 0)
1516 return r;
1517
1518 /* Filter out duplicates */
1519 if (set_contains(pids, pidref))
1520 continue;
1521
1522 /* Check if this process is suitable for attaching to this unit */
1523 r = unit_pid_attachable(u, pidref, error);
1524 if (r < 0)
1525 return r;
1526
1527 /* Let's query the sender's UID, so that we can make our security decisions */
1528 r = sd_bus_creds_get_euid(creds, &sender_uid);
1529 if (r < 0)
1530 return r;
1531
1532 /* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
1533 * then the process' UID and the target unit's UID have to match the sender's UID */
1534 if (sender_uid != 0 && sender_uid != getuid()) {
1535 r = pidref_get_uid(pidref, &process_uid);
1536 if (r < 0)
1537 return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
1538
1539 if (process_uid != sender_uid)
1540 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by client's UID. Refusing.", pid);
1541 if (process_uid != u->ref_uid)
1542 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid);
1543 }
1544
1545 r = set_ensure_consume(&pids, &pidref_hash_ops_free, TAKE_PTR(pidref));
1546 if (r < 0)
1547 return r;
1548 }
1549
1550 r = sd_bus_message_exit_container(message);
1551 if (r < 0)
1552 return r;
1553
1554 r = unit_attach_pids_to_cgroup(u, pids, path);
1555 if (r < 0)
1556 return sd_bus_error_set_errnof(error, r, "Failed to attach processes to control group: %m");
1557
1558 return sd_bus_reply_method_return(message, NULL);
1559 }
1560
1561 const sd_bus_vtable bus_unit_cgroup_vtable[] = {
1562 SD_BUS_VTABLE_START(0),
1563 SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
1564 SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
1565 SD_BUS_PROPERTY("ControlGroupId", "t", NULL, offsetof(Unit, cgroup_id), 0),
1566 SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
1567 SD_BUS_PROPERTY("MemoryPeak", "t", property_get_memory_accounting, 0, 0),
1568 SD_BUS_PROPERTY("MemorySwapCurrent", "t", property_get_memory_accounting, 0, 0),
1569 SD_BUS_PROPERTY("MemorySwapPeak", "t", property_get_memory_accounting, 0, 0),
1570 SD_BUS_PROPERTY("MemoryZSwapCurrent", "t", property_get_memory_accounting, 0, 0),
1571 SD_BUS_PROPERTY("MemoryAvailable", "t", property_get_available_memory, 0, 0),
1572 SD_BUS_PROPERTY("EffectiveMemoryMax", "t", property_get_effective_limit, 0, 0),
1573 SD_BUS_PROPERTY("EffectiveMemoryHigh", "t", property_get_effective_limit, 0, 0),
1574 SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
1575 SD_BUS_PROPERTY("EffectiveCPUs", "ay", property_get_cpuset_cpus, 0, 0),
1576 SD_BUS_PROPERTY("EffectiveMemoryNodes", "ay", property_get_cpuset_mems, 0, 0),
1577 SD_BUS_PROPERTY("TasksCurrent", "t", property_get_current_tasks, 0, 0),
1578 SD_BUS_PROPERTY("EffectiveTasksMax", "t", property_get_effective_limit, 0, 0),
1579 SD_BUS_PROPERTY("IPIngressBytes", "t", property_get_ip_counter, 0, 0),
1580 SD_BUS_PROPERTY("IPIngressPackets", "t", property_get_ip_counter, 0, 0),
1581 SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0),
1582 SD_BUS_PROPERTY("IPEgressPackets", "t", property_get_ip_counter, 0, 0),
1583 SD_BUS_PROPERTY("IOReadBytes", "t", property_get_io_counter, 0, 0),
1584 SD_BUS_PROPERTY("IOReadOperations", "t", property_get_io_counter, 0, 0),
1585 SD_BUS_PROPERTY("IOWriteBytes", "t", property_get_io_counter, 0, 0),
1586 SD_BUS_PROPERTY("IOWriteOperations", "t", property_get_io_counter, 0, 0),
1587
1588 SD_BUS_METHOD_WITH_ARGS("GetProcesses",
1589 SD_BUS_NO_ARGS,
1590 SD_BUS_ARGS("a(sus)", processes),
1591 bus_unit_method_get_processes,
1592 SD_BUS_VTABLE_UNPRIVILEGED),
1593
1594 SD_BUS_METHOD_WITH_ARGS("AttachProcesses",
1595 SD_BUS_ARGS("s", subcgroup, "au", pids),
1596 SD_BUS_NO_RESULT,
1597 bus_unit_method_attach_processes,
1598 SD_BUS_VTABLE_UNPRIVILEGED),
1599
1600 SD_BUS_VTABLE_END
1601 };
1602
1603 static int send_new_signal(sd_bus *bus, void *userdata) {
1604 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1605 _cleanup_free_ char *p = NULL;
1606 Unit *u = ASSERT_PTR(userdata);
1607 int r;
1608
1609 assert(bus);
1610
1611 p = unit_dbus_path(u);
1612 if (!p)
1613 return -ENOMEM;
1614
1615 r = sd_bus_message_new_signal(
1616 bus,
1617 &m,
1618 "/org/freedesktop/systemd1",
1619 "org.freedesktop.systemd1.Manager",
1620 "UnitNew");
1621 if (r < 0)
1622 return r;
1623
1624 r = sd_bus_message_append(m, "so", u->id, p);
1625 if (r < 0)
1626 return r;
1627
1628 return sd_bus_send(bus, m, NULL);
1629 }
1630
1631 static int send_changed_signal(sd_bus *bus, void *userdata) {
1632 _cleanup_free_ char *p = NULL;
1633 Unit *u = ASSERT_PTR(userdata);
1634 int r;
1635
1636 assert(bus);
1637
1638 p = unit_dbus_path(u);
1639 if (!p)
1640 return -ENOMEM;
1641
1642 /* Send a properties changed signal. First for the specific
1643 * type, then for the generic unit. The clients may rely on
1644 * this order to get atomic behavior if needed. */
1645
1646 r = sd_bus_emit_properties_changed_strv(
1647 bus, p,
1648 unit_dbus_interface_from_type(u->type),
1649 NULL);
1650 if (r < 0)
1651 return r;
1652
1653 return sd_bus_emit_properties_changed_strv(
1654 bus, p,
1655 "org.freedesktop.systemd1.Unit",
1656 NULL);
1657 }
1658
1659 void bus_unit_send_change_signal(Unit *u) {
1660 int r;
1661 assert(u);
1662
1663 if (u->in_dbus_queue) {
1664 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
1665 u->in_dbus_queue = false;
1666
1667 /* The unit might be good to be GC once its pending signals have been sent */
1668 unit_add_to_gc_queue(u);
1669 }
1670
1671 if (!u->id)
1672 return;
1673
1674 r = bus_foreach_bus(u->manager, u->bus_track, u->sent_dbus_new_signal ? send_changed_signal : send_new_signal, u);
1675 if (r < 0)
1676 log_unit_debug_errno(u, r, "Failed to send unit change signal for %s: %m", u->id);
1677
1678 u->sent_dbus_new_signal = true;
1679 }
1680
1681 void bus_unit_send_pending_change_signal(Unit *u, bool including_new) {
1682
1683 /* Sends out any pending change signals, but only if they really are pending. This call is used when we are
1684 * about to change state in order to force out a PropertiesChanged signal beforehand if there was one pending
1685 * so that clients can follow the full state transition */
1686
1687 if (!u->in_dbus_queue) /* If not enqueued, don't bother */
1688 return;
1689
1690 if (!u->sent_dbus_new_signal && !including_new) /* If the unit was never announced, don't bother, it's fine if
1691 * the unit appears in the new state right-away (except if the
1692 * caller explicitly asked us to send it anyway) */
1693 return;
1694
1695 if (MANAGER_IS_RELOADING(u->manager)) /* Don't generate unnecessary PropertiesChanged signals for the same unit
1696 * when we are reloading. */
1697 return;
1698
1699 bus_unit_send_change_signal(u);
1700 }
1701
1702 int bus_unit_send_pending_freezer_message(Unit *u, bool cancelled) {
1703 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1704 int r;
1705
1706 assert(u);
1707
1708 if (!u->pending_freezer_invocation)
1709 return 0;
1710
1711 if (cancelled)
1712 r = sd_bus_message_new_method_error(
1713 u->pending_freezer_invocation,
1714 &reply,
1715 &SD_BUS_ERROR_MAKE_CONST(
1716 BUS_ERROR_FREEZE_CANCELLED, "Freeze operation aborted"));
1717 else
1718 r = sd_bus_message_new_method_return(u->pending_freezer_invocation, &reply);
1719 if (r < 0)
1720 return r;
1721
1722 r = sd_bus_send(NULL, reply, NULL);
1723 if (r < 0)
1724 log_warning_errno(r, "Failed to send queued message, ignoring: %m");
1725
1726 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
1727
1728 return 0;
1729 }
1730
1731 static int send_removed_signal(sd_bus *bus, void *userdata) {
1732 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1733 _cleanup_free_ char *p = NULL;
1734 Unit *u = ASSERT_PTR(userdata);
1735 int r;
1736
1737 assert(bus);
1738
1739 p = unit_dbus_path(u);
1740 if (!p)
1741 return -ENOMEM;
1742
1743 r = sd_bus_message_new_signal(
1744 bus,
1745 &m,
1746 "/org/freedesktop/systemd1",
1747 "org.freedesktop.systemd1.Manager",
1748 "UnitRemoved");
1749 if (r < 0)
1750 return r;
1751
1752 r = sd_bus_message_append(m, "so", u->id, p);
1753 if (r < 0)
1754 return r;
1755
1756 return sd_bus_send(bus, m, NULL);
1757 }
1758
1759 void bus_unit_send_removed_signal(Unit *u) {
1760 int r;
1761 assert(u);
1762
1763 if (!u->sent_dbus_new_signal || u->in_dbus_queue)
1764 bus_unit_send_change_signal(u);
1765
1766 if (!u->id)
1767 return;
1768
1769 r = bus_foreach_bus(u->manager, u->bus_track, send_removed_signal, u);
1770 if (r < 0)
1771 log_unit_debug_errno(u, r, "Failed to send unit remove signal for %s: %m", u->id);
1772 }
1773
1774 int bus_unit_queue_job_one(
1775 sd_bus_message *message,
1776 Unit *u,
1777 JobType type,
1778 JobMode mode,
1779 BusUnitQueueFlags flags,
1780 sd_bus_message *reply,
1781 sd_bus_error *error) {
1782
1783 _cleanup_set_free_ Set *affected = NULL;
1784 _cleanup_free_ char *job_path = NULL, *unit_path = NULL;
1785 Job *j, *a;
1786 int r;
1787
1788 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
1789 if (type == JOB_RESTART)
1790 type = JOB_RELOAD_OR_START;
1791 else if (type == JOB_TRY_RESTART)
1792 type = JOB_TRY_RELOAD;
1793 }
1794
1795 if (type == JOB_STOP &&
1796 IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
1797 unit_active_state(u) == UNIT_INACTIVE)
1798 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
1799
1800 if ((type == JOB_START && u->refuse_manual_start) ||
1801 (type == JOB_STOP && u->refuse_manual_stop) ||
1802 (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
1803 (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
1804 return sd_bus_error_setf(error,
1805 BUS_ERROR_ONLY_BY_DEPENDENCY,
1806 "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).",
1807 u->id);
1808
1809 /* dbus-broker issues StartUnit for activation requests, and Type=dbus services automatically
1810 * gain dependency on dbus.socket. Therefore, if dbus has a pending stop job, the new start
1811 * job that pulls in dbus again would cause job type conflict. Let's avoid that by rejecting
1812 * job enqueuing early.
1813 *
1814 * Note that unlike signal_activation_request(), we can't use unit_inactive_or_pending()
1815 * here. StartUnit is a more generic interface, and thus users are allowed to use e.g. systemctl
1816 * to start Type=dbus services even when dbus is inactive. */
1817 if (type == JOB_START && u->type == UNIT_SERVICE && SERVICE(u)->type == SERVICE_DBUS)
1818 FOREACH_STRING(dbus_unit, SPECIAL_DBUS_SOCKET, SPECIAL_DBUS_SERVICE) {
1819 Unit *dbus;
1820
1821 dbus = manager_get_unit(u->manager, dbus_unit);
1822 if (dbus && unit_stop_pending(dbus))
1823 return sd_bus_error_setf(error,
1824 BUS_ERROR_SHUTTING_DOWN,
1825 "Operation for unit %s refused, D-Bus is shutting down.",
1826 u->id);
1827 }
1828
1829 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY)) {
1830 affected = set_new(NULL);
1831 if (!affected)
1832 return -ENOMEM;
1833 }
1834
1835 r = manager_add_job(u->manager, type, u, mode, affected, error, &j);
1836 if (r < 0)
1837 return r;
1838
1839 r = bus_job_track_sender(j, message);
1840 if (r < 0)
1841 return r;
1842
1843 /* Before we send the method reply, force out the announcement JobNew for this job */
1844 bus_job_send_pending_change_signal(j, true);
1845
1846 job_path = job_dbus_path(j);
1847 if (!job_path)
1848 return -ENOMEM;
1849
1850 /* The classic response is just a job object path */
1851 if (!FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY))
1852 return sd_bus_message_append(reply, "o", job_path);
1853
1854 /* In verbose mode respond with the anchor job plus everything that has been affected */
1855
1856 unit_path = unit_dbus_path(j->unit);
1857 if (!unit_path)
1858 return -ENOMEM;
1859
1860 r = sd_bus_message_append(reply, "uosos",
1861 j->id, job_path,
1862 j->unit->id, unit_path,
1863 job_type_to_string(j->type));
1864 if (r < 0)
1865 return r;
1866
1867 r = sd_bus_message_open_container(reply, 'a', "(uosos)");
1868 if (r < 0)
1869 return r;
1870
1871 SET_FOREACH(a, affected) {
1872 if (a->id == j->id)
1873 continue;
1874
1875 /* Free paths from previous iteration */
1876 job_path = mfree(job_path);
1877 unit_path = mfree(unit_path);
1878
1879 job_path = job_dbus_path(a);
1880 if (!job_path)
1881 return -ENOMEM;
1882
1883 unit_path = unit_dbus_path(a->unit);
1884 if (!unit_path)
1885 return -ENOMEM;
1886
1887 r = sd_bus_message_append(reply, "(uosos)",
1888 a->id, job_path,
1889 a->unit->id, unit_path,
1890 job_type_to_string(a->type));
1891 if (r < 0)
1892 return r;
1893 }
1894
1895 return sd_bus_message_close_container(reply);
1896 }
1897
1898 int bus_unit_queue_job(
1899 sd_bus_message *message,
1900 Unit *u,
1901 JobType type,
1902 JobMode mode,
1903 BusUnitQueueFlags flags,
1904 sd_bus_error *error) {
1905
1906 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1907 int r;
1908
1909 assert(message);
1910 assert(u);
1911 assert(type >= 0 && type < _JOB_TYPE_MAX);
1912 assert(mode >= 0 && mode < _JOB_MODE_MAX);
1913
1914 r = mac_selinux_unit_access_check(
1915 u, message,
1916 job_type_to_access_method(type),
1917 error);
1918 if (r < 0)
1919 return r;
1920
1921 r = sd_bus_message_new_method_return(message, &reply);
1922 if (r < 0)
1923 return r;
1924
1925 r = bus_unit_queue_job_one(message, u, type, mode, flags, reply, error);
1926 if (r < 0)
1927 return r;
1928
1929 return sd_bus_send(NULL, reply, NULL);
1930 }
1931
1932 static int bus_unit_set_live_property(
1933 Unit *u,
1934 const char *name,
1935 sd_bus_message *message,
1936 UnitWriteFlags flags,
1937 sd_bus_error *error) {
1938
1939 int r;
1940
1941 assert(u);
1942 assert(name);
1943 assert(message);
1944
1945 /* Handles setting properties both "live" (i.e. at any time during runtime), and during creation (for
1946 * transient units that are being created). */
1947
1948 if (streq(name, "Description")) {
1949 const char *d;
1950
1951 r = sd_bus_message_read(message, "s", &d);
1952 if (r < 0)
1953 return r;
1954
1955 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1956 r = unit_set_description(u, d);
1957 if (r < 0)
1958 return r;
1959
1960 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "Description=%s", d);
1961 }
1962
1963 return 1;
1964 }
1965
1966 /* A setting that only applies to active units. We don't actually write this to /run, this state is
1967 * managed internally. "+foo" sets flag foo, "-foo" unsets flag foo, just "foo" resets flags to
1968 * foo. The last type cannot be mixed with "+" or "-". */
1969
1970 if (streq(name, "Markers")) {
1971 unsigned settings = 0, mask = 0;
1972 bool some_plus_minus = false, some_absolute = false;
1973
1974 r = sd_bus_message_enter_container(message, 'a', "s");
1975 if (r < 0)
1976 return r;
1977
1978 for (;;) {
1979 const char *word;
1980 bool b;
1981
1982 r = sd_bus_message_read(message, "s", &word);
1983 if (r < 0)
1984 return r;
1985 if (r == 0)
1986 break;
1987
1988 if (IN_SET(word[0], '+', '-')) {
1989 b = word[0] == '+';
1990 word++;
1991 some_plus_minus = true;
1992 } else {
1993 b = true;
1994 some_absolute = true;
1995 }
1996
1997 UnitMarker m = unit_marker_from_string(word);
1998 if (m < 0)
1999 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING,
2000 "Unknown marker \"%s\".", word);
2001
2002 SET_FLAG(settings, 1u << m, b);
2003 SET_FLAG(mask, 1u << m, true);
2004 }
2005
2006 r = sd_bus_message_exit_container(message);
2007 if (r < 0)
2008 return r;
2009
2010 if (some_plus_minus && some_absolute)
2011 return sd_bus_error_set(error, BUS_ERROR_BAD_UNIT_SETTING, "Bad marker syntax.");
2012
2013 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2014 if (some_absolute)
2015 u->markers = settings;
2016 else
2017 u->markers = settings | (u->markers & ~mask);
2018 }
2019
2020 return 1;
2021 }
2022
2023 return 0;
2024 }
2025
2026 static int bus_set_transient_emergency_action(
2027 Unit *u,
2028 const char *name,
2029 EmergencyAction *p,
2030 sd_bus_message *message,
2031 UnitWriteFlags flags,
2032 sd_bus_error *error) {
2033
2034 const char *s;
2035 EmergencyAction v;
2036 int r;
2037
2038 assert(p);
2039
2040 r = sd_bus_message_read(message, "s", &s);
2041 if (r < 0)
2042 return r;
2043
2044 r = parse_emergency_action(s, u->manager->runtime_scope, &v);
2045 if (r < 0)
2046 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
2047 r == -EOPNOTSUPP ? "%s setting invalid for manager type: %s"
2048 : "Invalid %s setting: %s",
2049 name, s);
2050
2051 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2052 *p = v;
2053 unit_write_settingf(u, flags, name,
2054 "%s=%s", name, s);
2055 }
2056
2057 return 1;
2058 }
2059
2060 static int bus_set_transient_exit_status(
2061 Unit *u,
2062 const char *name,
2063 int *p,
2064 sd_bus_message *message,
2065 UnitWriteFlags flags,
2066 sd_bus_error *error) {
2067
2068 int32_t k;
2069 int r;
2070
2071 assert(p);
2072
2073 r = sd_bus_message_read(message, "i", &k);
2074 if (r < 0)
2075 return r;
2076
2077 if (k > 255)
2078 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Exit status must be in range 0…255 or negative.");
2079
2080 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2081 *p = k < 0 ? -1 : k;
2082
2083 if (k < 0)
2084 unit_write_settingf(u, flags, name, "%s=", name);
2085 else
2086 unit_write_settingf(u, flags, name, "%s=%i", name, k);
2087 }
2088
2089 return 1;
2090 }
2091
2092 static BUS_DEFINE_SET_TRANSIENT_PARSE(collect_mode, CollectMode, collect_mode_from_string);
2093 static BUS_DEFINE_SET_TRANSIENT_PARSE(job_mode, JobMode, job_mode_from_string);
2094
2095 static int bus_set_transient_conditions(
2096 Unit *u,
2097 const char *name,
2098 Condition **list,
2099 bool is_condition,
2100 sd_bus_message *message,
2101 UnitWriteFlags flags,
2102 sd_bus_error *error) {
2103
2104 const char *type_name, *param;
2105 int trigger, negate, r;
2106 bool empty = true;
2107
2108 assert(list);
2109
2110 r = sd_bus_message_enter_container(message, 'a', "(sbbs)");
2111 if (r < 0)
2112 return r;
2113
2114 while ((r = sd_bus_message_read(message, "(sbbs)", &type_name, &trigger, &negate, &param)) > 0) {
2115 ConditionType t;
2116
2117 t = is_condition ? condition_type_from_string(type_name) : assert_type_from_string(type_name);
2118 if (t < 0)
2119 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid condition type: %s", type_name);
2120
2121 if (isempty(param))
2122 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Condition parameter in %s is empty", type_name);
2123
2124 if (condition_takes_path(t) && !path_is_absolute(param))
2125 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path in condition %s is not absolute: %s", type_name, param);
2126
2127 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2128 Condition *c;
2129
2130 c = condition_new(t, param, trigger, negate);
2131 if (!c)
2132 return -ENOMEM;
2133
2134 LIST_PREPEND(conditions, *list, c);
2135
2136 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name,
2137 "%s=%s%s%s", type_name,
2138 trigger ? "|" : "", negate ? "!" : "", param);
2139 }
2140
2141 empty = false;
2142 }
2143 if (r < 0)
2144 return r;
2145
2146 r = sd_bus_message_exit_container(message);
2147 if (r < 0)
2148 return r;
2149
2150 if (!UNIT_WRITE_FLAGS_NOOP(flags) && empty) {
2151 *list = condition_free_list(*list);
2152 unit_write_settingf(u, flags, name, "%sNull=", is_condition ? "Condition" : "Assert");
2153 }
2154
2155 return 1;
2156 }
2157
2158 static int bus_unit_set_transient_property(
2159 Unit *u,
2160 const char *name,
2161 sd_bus_message *message,
2162 UnitWriteFlags flags,
2163 sd_bus_error *error) {
2164
2165 UnitDependency d;
2166 int r;
2167
2168 assert(u);
2169 assert(name);
2170 assert(message);
2171
2172 /* Handles settings when transient units are created. This settings cannot be altered anymore after
2173 * the unit has been created. */
2174
2175 if (streq(name, "SourcePath"))
2176 return bus_set_transient_path(u, name, &u->source_path, message, flags, error);
2177
2178 if (streq(name, "StopWhenUnneeded"))
2179 return bus_set_transient_bool(u, name, &u->stop_when_unneeded, message, flags, error);
2180
2181 if (streq(name, "RefuseManualStart"))
2182 return bus_set_transient_bool(u, name, &u->refuse_manual_start, message, flags, error);
2183
2184 if (streq(name, "RefuseManualStop"))
2185 return bus_set_transient_bool(u, name, &u->refuse_manual_stop, message, flags, error);
2186
2187 if (streq(name, "AllowIsolate"))
2188 return bus_set_transient_bool(u, name, &u->allow_isolate, message, flags, error);
2189
2190 if (streq(name, "DefaultDependencies"))
2191 return bus_set_transient_bool(u, name, &u->default_dependencies, message, flags, error);
2192
2193 if (streq(name, "SurviveFinalKillSignal"))
2194 return bus_set_transient_bool(u, name, &u->survive_final_kill_signal, message, flags, error);
2195
2196 if (streq(name, "OnSuccessJobMode"))
2197 return bus_set_transient_job_mode(u, name, &u->on_success_job_mode, message, flags, error);
2198
2199 if (streq(name, "OnFailureJobMode"))
2200 return bus_set_transient_job_mode(u, name, &u->on_failure_job_mode, message, flags, error);
2201
2202 if (streq(name, "IgnoreOnIsolate"))
2203 return bus_set_transient_bool(u, name, &u->ignore_on_isolate, message, flags, error);
2204
2205 if (streq(name, "JobTimeoutUSec")) {
2206 r = bus_set_transient_usec_fix_0(u, name, &u->job_timeout, message, flags, error);
2207 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags) && !u->job_running_timeout_set)
2208 u->job_running_timeout = u->job_timeout;
2209 }
2210
2211 if (streq(name, "JobRunningTimeoutUSec")) {
2212 r = bus_set_transient_usec_fix_0(u, name, &u->job_running_timeout, message, flags, error);
2213 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags))
2214 u->job_running_timeout_set = true;
2215
2216 return r;
2217 }
2218
2219 if (streq(name, "JobTimeoutAction"))
2220 return bus_set_transient_emergency_action(u, name, &u->job_timeout_action, message, flags, error);
2221
2222 if (streq(name, "JobTimeoutRebootArgument"))
2223 return bus_set_transient_string(u, name, &u->job_timeout_reboot_arg, message, flags, error);
2224
2225 if (streq(name, "StartLimitIntervalUSec"))
2226 return bus_set_transient_usec(u, name, &u->start_ratelimit.interval, message, flags, error);
2227
2228 if (streq(name, "StartLimitBurst"))
2229 return bus_set_transient_unsigned(u, name, &u->start_ratelimit.burst, message, flags, error);
2230
2231 if (streq(name, "StartLimitAction"))
2232 return bus_set_transient_emergency_action(u, name, &u->start_limit_action, message, flags, error);
2233
2234 if (streq(name, "FailureAction"))
2235 return bus_set_transient_emergency_action(u, name, &u->failure_action, message, flags, error);
2236
2237 if (streq(name, "SuccessAction"))
2238 return bus_set_transient_emergency_action(u, name, &u->success_action, message, flags, error);
2239
2240 if (streq(name, "FailureActionExitStatus"))
2241 return bus_set_transient_exit_status(u, name, &u->failure_action_exit_status, message, flags, error);
2242
2243 if (streq(name, "SuccessActionExitStatus"))
2244 return bus_set_transient_exit_status(u, name, &u->success_action_exit_status, message, flags, error);
2245
2246 if (streq(name, "RebootArgument"))
2247 return bus_set_transient_string(u, name, &u->reboot_arg, message, flags, error);
2248
2249 if (streq(name, "CollectMode"))
2250 return bus_set_transient_collect_mode(u, name, &u->collect_mode, message, flags, error);
2251
2252 if (streq(name, "Conditions"))
2253 return bus_set_transient_conditions(u, name, &u->conditions, true, message, flags, error);
2254
2255 if (streq(name, "Asserts"))
2256 return bus_set_transient_conditions(u, name, &u->asserts, false, message, flags, error);
2257
2258 if (streq(name, "Documentation")) {
2259 _cleanup_strv_free_ char **l = NULL;
2260
2261 r = sd_bus_message_read_strv(message, &l);
2262 if (r < 0)
2263 return r;
2264
2265 STRV_FOREACH(p, l)
2266 if (!documentation_url_is_valid(*p))
2267 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid URL in %s: %s", name, *p);
2268
2269 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2270 if (strv_isempty(l)) {
2271 u->documentation = strv_free(u->documentation);
2272 unit_write_settingf(u, flags, name, "%s=", name);
2273 } else {
2274 strv_extend_strv(&u->documentation, l, false);
2275
2276 STRV_FOREACH(p, l)
2277 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2278 }
2279 }
2280
2281 return 1;
2282
2283 } else if (streq(name, "Slice")) {
2284 Unit *slice;
2285 const char *s;
2286
2287 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2288 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "The slice property is only available for units with control groups.");
2289 if (u->type == UNIT_SLICE)
2290 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Slice may not be set for slice units.");
2291 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
2292 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot set slice for init.scope");
2293
2294 r = sd_bus_message_read(message, "s", &s);
2295 if (r < 0)
2296 return r;
2297
2298 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
2299 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s);
2300
2301 /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be
2302 * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare()
2303 * instead of manager_load_unit() on purpose, here. */
2304 r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice);
2305 if (r < 0)
2306 return r;
2307
2308 if (slice->type != UNIT_SLICE)
2309 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit name '%s' is not a slice", s);
2310
2311 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2312 r = unit_set_slice(u, slice);
2313 if (r < 0)
2314 return r;
2315
2316 unit_write_settingf(u, flags|UNIT_PRIVATE, name, "Slice=%s", s);
2317 }
2318
2319 return 1;
2320
2321 } else if (STR_IN_SET(name, "RequiresMountsFor", "WantsMountsFor")) {
2322 _cleanup_strv_free_ char **l = NULL;
2323
2324 r = sd_bus_message_read_strv(message, &l);
2325 if (r < 0)
2326 return r;
2327
2328 STRV_FOREACH(p, l) {
2329 path_simplify(*p);
2330
2331 if (!path_is_absolute(*p))
2332 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not absolute: %s", name, *p);
2333
2334 if (!path_is_valid(*p))
2335 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s has invalid length: %s", name, *p);
2336
2337 if (!path_is_normalized(*p))
2338 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not normalized: %s", name, *p);
2339
2340 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2341 r = unit_add_mounts_for(u, *p, UNIT_DEPENDENCY_FILE, unit_mount_dependency_type_from_string(name));
2342 if (r < 0)
2343 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to add requested mount \"%s\": %m", *p);
2344
2345 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2346 }
2347 }
2348
2349 return 1;
2350 }
2351
2352 if (streq(name, "RequiresOverridable"))
2353 d = UNIT_REQUIRES; /* redirect for obsolete unit dependency type */
2354 else if (streq(name, "RequisiteOverridable"))
2355 d = UNIT_REQUISITE; /* same here */
2356 else
2357 d = unit_dependency_from_string(name);
2358
2359 if (d >= 0) {
2360 const char *other;
2361
2362 if (!IN_SET(d,
2363 UNIT_REQUIRES,
2364 UNIT_REQUISITE,
2365 UNIT_WANTS,
2366 UNIT_BINDS_TO,
2367 UNIT_PART_OF,
2368 UNIT_UPHOLDS,
2369 UNIT_CONFLICTS,
2370 UNIT_BEFORE,
2371 UNIT_AFTER,
2372 UNIT_ON_SUCCESS,
2373 UNIT_ON_FAILURE,
2374 UNIT_PROPAGATES_RELOAD_TO,
2375 UNIT_RELOAD_PROPAGATED_FROM,
2376 UNIT_PROPAGATES_STOP_TO,
2377 UNIT_STOP_PROPAGATED_FROM,
2378 UNIT_JOINS_NAMESPACE_OF))
2379 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Dependency type %s may not be created transiently.", unit_dependency_to_string(d));
2380
2381 r = sd_bus_message_enter_container(message, 'a', "s");
2382 if (r < 0)
2383 return r;
2384
2385 while ((r = sd_bus_message_read(message, "s", &other)) > 0) {
2386 if (!unit_name_is_valid(other, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2387 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name %s", other);
2388
2389 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2390 _cleanup_free_ char *label = NULL;
2391
2392 r = unit_add_dependency_by_name(u, d, other, true, UNIT_DEPENDENCY_FILE);
2393 if (r < 0)
2394 return r;
2395
2396 label = strjoin(name, "-", other);
2397 if (!label)
2398 return -ENOMEM;
2399
2400 unit_write_settingf(u, flags, label, "%s=%s", unit_dependency_to_string(d), other);
2401 }
2402
2403 }
2404 if (r < 0)
2405 return r;
2406
2407 r = sd_bus_message_exit_container(message);
2408 if (r < 0)
2409 return r;
2410
2411 return 1;
2412
2413 } else if (streq(name, "AddRef")) {
2414
2415 int b;
2416
2417 /* Why is this called "AddRef" rather than just "Ref", or "Reference"? There's already a "Ref()" method
2418 * on the Unit interface, and it's probably not a good idea to expose a property and a method on the
2419 * same interface (well, strictly speaking AddRef isn't exposed as full property, we just read it for
2420 * transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
2421 * dependency type, hence let's not confuse things with that.
2422 *
2423 * Note that we don't actually add the reference to the bus track. We do that only after the setup of
2424 * the transient unit is complete, so that setting this property multiple times in the same transient
2425 * unit creation call doesn't count as individual references. */
2426
2427 r = sd_bus_message_read(message, "b", &b);
2428 if (r < 0)
2429 return r;
2430
2431 if (!UNIT_WRITE_FLAGS_NOOP(flags))
2432 u->bus_track_add = b;
2433
2434 return 1;
2435 }
2436
2437 return 0;
2438 }
2439
2440 int bus_unit_set_properties(
2441 Unit *u,
2442 sd_bus_message *message,
2443 UnitWriteFlags flags,
2444 bool commit,
2445 sd_bus_error *error) {
2446
2447 bool for_real = false;
2448 unsigned n = 0;
2449 int r;
2450
2451 assert(u);
2452 assert(message);
2453
2454 /* We iterate through the array twice. First run just checks if all passed data is valid, second run
2455 * actually applies it. This implements transaction-like behaviour without actually providing full
2456 * transactions. */
2457
2458 r = sd_bus_message_enter_container(message, 'a', "(sv)");
2459 if (r < 0)
2460 goto error;
2461
2462 for (;;) {
2463 const char *name;
2464 UnitWriteFlags f;
2465
2466 r = sd_bus_message_enter_container(message, 'r', "sv");
2467 if (r < 0)
2468 goto error;
2469 if (r == 0) {
2470 if (for_real || UNIT_WRITE_FLAGS_NOOP(flags))
2471 break;
2472
2473 /* Reached EOF. Let's try again, and this time for realz... */
2474 r = sd_bus_message_rewind(message, false);
2475 if (r < 0)
2476 goto error;
2477
2478 for_real = true;
2479 continue;
2480 }
2481
2482 r = sd_bus_message_read(message, "s", &name);
2483 if (r < 0)
2484 goto error;
2485
2486 r = sd_bus_message_enter_container(message, 'v', NULL);
2487 if (r < 0)
2488 goto error;
2489
2490 /* If not for real, then mask out the two target flags */
2491 f = for_real ? flags : (flags & ~(UNIT_RUNTIME|UNIT_PERSISTENT));
2492
2493 if (UNIT_VTABLE(u)->bus_set_property)
2494 r = UNIT_VTABLE(u)->bus_set_property(u, name, message, f, error);
2495 else
2496 r = 0;
2497 if (r == 0 && u->transient && u->load_state == UNIT_STUB)
2498 r = bus_unit_set_transient_property(u, name, message, f, error);
2499 if (r == 0)
2500 r = bus_unit_set_live_property(u, name, message, f, error);
2501 if (r < 0)
2502 goto error;
2503
2504 if (r == 0)
2505 return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY,
2506 "Cannot set property %s, or unknown property.", name);
2507
2508 r = sd_bus_message_exit_container(message);
2509 if (r < 0)
2510 goto error;
2511
2512 r = sd_bus_message_exit_container(message);
2513 if (r < 0)
2514 goto error;
2515
2516 n += for_real;
2517 }
2518
2519 r = sd_bus_message_exit_container(message);
2520 if (r < 0)
2521 goto error;
2522
2523 if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
2524 UNIT_VTABLE(u)->bus_commit_properties(u);
2525
2526 return n;
2527
2528 error:
2529 /* Pretty much any of the calls above can fail if the message is not formed properly
2530 * or if it has unexpected contents. Fill in a more informative error message here. */
2531 if (sd_bus_error_is_set(error))
2532 return r;
2533 return sd_bus_error_set_errnof(error, r,
2534 r == -ENXIO ? "Failed to set unit properties: Unexpected message contents"
2535 : "Failed to set unit properties: %m");
2536 }
2537
2538 int bus_unit_validate_load_state(Unit *u, sd_bus_error *error) {
2539 assert(u);
2540
2541 /* Generates a pretty error if a unit isn't properly loaded. */
2542
2543 switch (u->load_state) {
2544
2545 case UNIT_LOADED:
2546 return 0;
2547
2548 case UNIT_NOT_FOUND:
2549 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not found.", u->id);
2550
2551 case UNIT_BAD_SETTING:
2552 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING, "Unit %s has a bad unit file setting.", u->id);
2553
2554 case UNIT_ERROR: /* Only show .load_error in UNIT_ERROR state */
2555 return sd_bus_error_set_errnof(error, u->load_error,
2556 "Unit %s failed to load properly, please adjust/correct and reload service manager: %m", u->id);
2557
2558 case UNIT_MASKED:
2559 return sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED, "Unit %s is masked.", u->id);
2560
2561 case UNIT_STUB:
2562 case UNIT_MERGED:
2563 default:
2564 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unexpected load state of unit %s", u->id);
2565 }
2566 }
2567
2568 static int bus_unit_track_handler(sd_bus_track *t, void *userdata) {
2569 Unit *u = ASSERT_PTR(userdata);
2570
2571 assert(t);
2572
2573 u->bus_track = sd_bus_track_unref(u->bus_track); /* make sure we aren't called again */
2574
2575 /* If the client that tracks us disappeared, then there's reason to believe that the cgroup is empty now too,
2576 * let's see */
2577 unit_add_to_cgroup_empty_queue(u);
2578
2579 /* Also add the unit to the GC queue, after all if the client left it might be time to GC this unit */
2580 unit_add_to_gc_queue(u);
2581
2582 return 0;
2583 }
2584
2585 static int bus_unit_allocate_bus_track(Unit *u) {
2586 int r;
2587
2588 assert(u);
2589
2590 if (u->bus_track)
2591 return 0;
2592
2593 r = sd_bus_track_new(u->manager->api_bus, &u->bus_track, bus_unit_track_handler, u);
2594 if (r < 0)
2595 return r;
2596
2597 r = sd_bus_track_set_recursive(u->bus_track, true);
2598 if (r < 0) {
2599 u->bus_track = sd_bus_track_unref(u->bus_track);
2600 return r;
2601 }
2602
2603 return 0;
2604 }
2605
2606 int bus_unit_track_add_name(Unit *u, const char *name) {
2607 int r;
2608
2609 assert(u);
2610
2611 r = bus_unit_allocate_bus_track(u);
2612 if (r < 0)
2613 return r;
2614
2615 return sd_bus_track_add_name(u->bus_track, name);
2616 }
2617
2618 int bus_unit_track_add_sender(Unit *u, sd_bus_message *m) {
2619 int r;
2620
2621 assert(u);
2622
2623 r = bus_unit_allocate_bus_track(u);
2624 if (r < 0)
2625 return r;
2626
2627 return sd_bus_track_add_sender(u->bus_track, m);
2628 }
2629
2630 int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m) {
2631 assert(u);
2632
2633 /* If we haven't allocated the bus track object yet, then there's definitely no reference taken yet,
2634 * return an error */
2635 if (!u->bus_track)
2636 return -EUNATCH;
2637
2638 return sd_bus_track_remove_sender(u->bus_track, m);
2639 }
Unnamed repository; edit this file 'description' to name the repository.