]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus-unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #29152 from poettering/pidref-more
[thirdparty/systemd.git] / src / core / dbus-unit.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include "sd-bus.h"
4
5 #include "alloc-util.h"
6 #include "bpf-firewall.h"
7 #include "bus-common-errors.h"
8 #include "bus-get-properties.h"
9 #include "bus-polkit.h"
10 #include "cgroup-util.h"
11 #include "condition.h"
12 #include "dbus-job.h"
13 #include "dbus-manager.h"
14 #include "dbus-unit.h"
15 #include "dbus-util.h"
16 #include "dbus.h"
17 #include "fd-util.h"
18 #include "install.h"
19 #include "locale-util.h"
20 #include "log.h"
21 #include "path-util.h"
22 #include "process-util.h"
23 #include "selinux-access.h"
24 #include "service.h"
25 #include "signal-util.h"
26 #include "special.h"
27 #include "string-table.h"
28 #include "string-util.h"
29 #include "strv.h"
30 #include "user-util.h"
31 #include "web-util.h"
32
33 static bool unit_can_start_refuse_manual(Unit *u) {
34 return unit_can_start(u) && !u->refuse_manual_start;
35 }
36
37 static bool unit_can_stop_refuse_manual(Unit *u) {
38 return unit_can_stop(u) && !u->refuse_manual_stop;
39 }
40
41 static bool unit_can_isolate_refuse_manual(Unit *u) {
42 return unit_can_isolate(u) && !u->refuse_manual_start;
43 }
44
45 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_collect_mode, collect_mode, CollectMode);
46 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_load_state, unit_load_state, UnitLoadState);
47 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_job_mode, job_mode, JobMode);
48 static BUS_DEFINE_PROPERTY_GET(property_get_description, "s", Unit, unit_description);
49 static BUS_DEFINE_PROPERTY_GET2(property_get_active_state, "s", Unit, unit_active_state, unit_active_state_to_string);
50 static BUS_DEFINE_PROPERTY_GET2(property_get_freezer_state, "s", Unit, unit_freezer_state, freezer_state_to_string);
51 static BUS_DEFINE_PROPERTY_GET(property_get_sub_state, "s", Unit, unit_sub_state_to_string);
52 static BUS_DEFINE_PROPERTY_GET2(property_get_unit_file_state, "s", Unit, unit_get_unit_file_state, unit_file_state_to_string);
53 static BUS_DEFINE_PROPERTY_GET(property_get_can_reload, "b", Unit, unit_can_reload);
54 static BUS_DEFINE_PROPERTY_GET(property_get_can_start, "b", Unit, unit_can_start_refuse_manual);
55 static BUS_DEFINE_PROPERTY_GET(property_get_can_stop, "b", Unit, unit_can_stop_refuse_manual);
56 static BUS_DEFINE_PROPERTY_GET(property_get_can_isolate, "b", Unit, unit_can_isolate_refuse_manual);
57 static BUS_DEFINE_PROPERTY_GET(property_get_can_freeze, "b", Unit, unit_can_freeze);
58 static BUS_DEFINE_PROPERTY_GET(property_get_need_daemon_reload, "b", Unit, unit_need_daemon_reload);
59 static BUS_DEFINE_PROPERTY_GET_GLOBAL(property_get_empty_strv, "as", 0);
60
61 static int property_get_can_clean(
62 sd_bus *bus,
63 const char *path,
64 const char *interface,
65 const char *property,
66 sd_bus_message *reply,
67 void *userdata,
68 sd_bus_error *error) {
69
70 Unit *u = userdata;
71 ExecCleanMask mask;
72 int r;
73
74 assert(bus);
75 assert(reply);
76
77 r = unit_can_clean(u, &mask);
78 if (r < 0)
79 return r;
80
81 r = sd_bus_message_open_container(reply, 'a', "s");
82 if (r < 0)
83 return r;
84
85 for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
86 if (!FLAGS_SET(mask, 1U << t))
87 continue;
88
89 r = sd_bus_message_append(reply, "s", exec_resource_type_to_string(t));
90 if (r < 0)
91 return r;
92 }
93
94 if (FLAGS_SET(mask, EXEC_CLEAN_FDSTORE)) {
95 r = sd_bus_message_append(reply, "s", "fdstore");
96 if (r < 0)
97 return r;
98 }
99
100 return sd_bus_message_close_container(reply);
101 }
102
103 static int property_get_names(
104 sd_bus *bus,
105 const char *path,
106 const char *interface,
107 const char *property,
108 sd_bus_message *reply,
109 void *userdata,
110 sd_bus_error *error) {
111
112 Unit *u = ASSERT_PTR(userdata);
113 const char *t;
114 int r;
115
116 assert(bus);
117 assert(reply);
118
119 r = sd_bus_message_open_container(reply, 'a', "s");
120 if (r < 0)
121 return r;
122
123 r = sd_bus_message_append(reply, "s", u->id);
124 if (r < 0)
125 return r;
126
127 SET_FOREACH(t, u->aliases) {
128 r = sd_bus_message_append(reply, "s", t);
129 if (r < 0)
130 return r;
131 }
132
133 return sd_bus_message_close_container(reply);
134 }
135
136 static int property_get_following(
137 sd_bus *bus,
138 const char *path,
139 const char *interface,
140 const char *property,
141 sd_bus_message *reply,
142 void *userdata,
143 sd_bus_error *error) {
144
145 Unit *u = userdata, *f;
146
147 assert(bus);
148 assert(reply);
149 assert(u);
150
151 f = unit_following(u);
152 return sd_bus_message_append(reply, "s", f ? f->id : NULL);
153 }
154
155 static int property_get_dependencies(
156 sd_bus *bus,
157 const char *path,
158 const char *interface,
159 const char *property,
160 sd_bus_message *reply,
161 void *userdata,
162 sd_bus_error *error) {
163
164 Unit *u = userdata, *other;
165 UnitDependency d;
166 Hashmap *deps;
167 void *v;
168 int r;
169
170 assert(bus);
171 assert(reply);
172 assert(u);
173
174 d = unit_dependency_from_string(property);
175 assert_se(d >= 0);
176
177 deps = unit_get_dependencies(u, d);
178
179 r = sd_bus_message_open_container(reply, 'a', "s");
180 if (r < 0)
181 return r;
182
183 HASHMAP_FOREACH_KEY(v, other, deps) {
184 r = sd_bus_message_append(reply, "s", other->id);
185 if (r < 0)
186 return r;
187 }
188
189 return sd_bus_message_close_container(reply);
190 }
191
192 static int property_get_requires_mounts_for(
193 sd_bus *bus,
194 const char *path,
195 const char *interface,
196 const char *property,
197 sd_bus_message *reply,
198 void *userdata,
199 sd_bus_error *error) {
200
201 Hashmap **h = ASSERT_PTR(userdata);
202 const char *p;
203 void *v;
204 int r;
205
206 assert(bus);
207 assert(reply);
208
209 r = sd_bus_message_open_container(reply, 'a', "s");
210 if (r < 0)
211 return r;
212
213 HASHMAP_FOREACH_KEY(v, p, *h) {
214 r = sd_bus_message_append(reply, "s", p);
215 if (r < 0)
216 return r;
217 }
218
219 return sd_bus_message_close_container(reply);
220 }
221
222 static int property_get_unit_file_preset(
223 sd_bus *bus,
224 const char *path,
225 const char *interface,
226 const char *property,
227 sd_bus_message *reply,
228 void *userdata,
229 sd_bus_error *error) {
230
231 Unit *u = ASSERT_PTR(userdata);
232 int r;
233
234 assert(bus);
235 assert(reply);
236
237 r = unit_get_unit_file_preset(u);
238
239 return sd_bus_message_append(reply, "s", preset_action_past_tense_to_string(r));
240 }
241
242 static int property_get_job(
243 sd_bus *bus,
244 const char *path,
245 const char *interface,
246 const char *property,
247 sd_bus_message *reply,
248 void *userdata,
249 sd_bus_error *error) {
250
251 _cleanup_free_ char *p = NULL;
252 Job **j = ASSERT_PTR(userdata);
253
254 assert(bus);
255 assert(reply);
256
257 if (!*j)
258 return sd_bus_message_append(reply, "(uo)", 0, "/");
259
260 p = job_dbus_path(*j);
261 if (!p)
262 return -ENOMEM;
263
264 return sd_bus_message_append(reply, "(uo)", (*j)->id, p);
265 }
266
267 static int property_get_conditions(
268 sd_bus *bus,
269 const char *path,
270 const char *interface,
271 const char *property,
272 sd_bus_message *reply,
273 void *userdata,
274 sd_bus_error *error) {
275
276 const char *(*to_string)(ConditionType type) = NULL;
277 Condition **list = ASSERT_PTR(userdata);
278 int r;
279
280 assert(bus);
281 assert(reply);
282
283 to_string = streq(property, "Asserts") ? assert_type_to_string : condition_type_to_string;
284
285 r = sd_bus_message_open_container(reply, 'a', "(sbbsi)");
286 if (r < 0)
287 return r;
288
289 LIST_FOREACH(conditions, c, *list) {
290 int tristate;
291
292 tristate =
293 c->result == CONDITION_UNTESTED ? 0 :
294 c->result == CONDITION_SUCCEEDED ? 1 : -1;
295
296 r = sd_bus_message_append(reply, "(sbbsi)",
297 to_string(c->type),
298 c->trigger, c->negate,
299 c->parameter, tristate);
300 if (r < 0)
301 return r;
302
303 }
304
305 return sd_bus_message_close_container(reply);
306 }
307
308 static int property_get_load_error(
309 sd_bus *bus,
310 const char *path,
311 const char *interface,
312 const char *property,
313 sd_bus_message *reply,
314 void *userdata,
315 sd_bus_error *error) {
316
317 _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
318 Unit *u = ASSERT_PTR(userdata);
319 int r;
320
321 assert(bus);
322 assert(reply);
323
324 r = bus_unit_validate_load_state(u, &e);
325 if (r < 0)
326 return sd_bus_message_append(reply, "(ss)", e.name, e.message);
327
328 return sd_bus_message_append(reply, "(ss)", NULL, NULL);
329 }
330
331 static int property_get_markers(
332 sd_bus *bus,
333 const char *path,
334 const char *interface,
335 const char *property,
336 sd_bus_message *reply,
337 void *userdata,
338 sd_bus_error *error) {
339
340 unsigned *markers = ASSERT_PTR(userdata);
341 int r;
342
343 assert(bus);
344 assert(reply);
345
346 r = sd_bus_message_open_container(reply, 'a', "s");
347 if (r < 0)
348 return r;
349
350 /* Make sure out values fit in the bitfield. */
351 assert_cc(_UNIT_MARKER_MAX <= sizeof(((Unit){}).markers) * 8);
352
353 for (UnitMarker m = 0; m < _UNIT_MARKER_MAX; m++)
354 if (FLAGS_SET(*markers, 1u << m)) {
355 r = sd_bus_message_append(reply, "s", unit_marker_to_string(m));
356 if (r < 0)
357 return r;
358 }
359
360 return sd_bus_message_close_container(reply);
361 }
362
363 static const char *const polkit_message_for_job[_JOB_TYPE_MAX] = {
364 [JOB_START] = N_("Authentication is required to start '$(unit)'."),
365 [JOB_STOP] = N_("Authentication is required to stop '$(unit)'."),
366 [JOB_RELOAD] = N_("Authentication is required to reload '$(unit)'."),
367 [JOB_RESTART] = N_("Authentication is required to restart '$(unit)'."),
368 [JOB_TRY_RESTART] = N_("Authentication is required to restart '$(unit)'."),
369 };
370
371 int bus_unit_method_start_generic(
372 sd_bus_message *message,
373 Unit *u,
374 JobType job_type,
375 bool reload_if_possible,
376 sd_bus_error *error) {
377
378 BusUnitQueueFlags job_flags = reload_if_possible ? BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE : 0;
379 const char *smode, *verb;
380 JobMode mode;
381 int r;
382
383 assert(message);
384 assert(u);
385 assert(job_type >= 0 && job_type < _JOB_TYPE_MAX);
386
387 r = mac_selinux_unit_access_check(
388 u, message,
389 job_type_to_access_method(job_type),
390 error);
391 if (r < 0)
392 return r;
393
394 r = sd_bus_message_read(message, "s", &smode);
395 if (r < 0)
396 return r;
397
398 mode = job_mode_from_string(smode);
399 if (mode < 0)
400 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
401
402 if (reload_if_possible)
403 verb = strjoina("reload-or-", job_type_to_string(job_type));
404 else
405 verb = job_type_to_string(job_type);
406
407 if (sd_bus_message_is_method_call(message, NULL, "StartUnitWithFlags")) {
408 uint64_t input_flags = 0;
409
410 r = sd_bus_message_read(message, "t", &input_flags);
411 if (r < 0)
412 return r;
413 /* Let clients know that this version doesn't support any flags at the moment. */
414 if (input_flags != 0)
415 return sd_bus_reply_method_errorf(message, SD_BUS_ERROR_INVALID_ARGS,
416 "Invalid 'flags' parameter '%" PRIu64 "'",
417 input_flags);
418 }
419
420 r = bus_verify_manage_units_async_full(
421 u,
422 verb,
423 CAP_SYS_ADMIN,
424 polkit_message_for_job[job_type],
425 true,
426 message,
427 error);
428 if (r < 0)
429 return r;
430 if (r == 0)
431 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
432
433 return bus_unit_queue_job(message, u, job_type, mode, job_flags, error);
434 }
435
436 static int bus_unit_method_start(sd_bus_message *message, void *userdata, sd_bus_error *error) {
437 return bus_unit_method_start_generic(message, userdata, JOB_START, false, error);
438 }
439
440 static int bus_unit_method_stop(sd_bus_message *message, void *userdata, sd_bus_error *error) {
441 return bus_unit_method_start_generic(message, userdata, JOB_STOP, false, error);
442 }
443
444 static int bus_unit_method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
445 return bus_unit_method_start_generic(message, userdata, JOB_RELOAD, false, error);
446 }
447
448 static int bus_unit_method_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
449 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, false, error);
450 }
451
452 static int bus_unit_method_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
453 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, false, error);
454 }
455
456 static int bus_unit_method_reload_or_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
457 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, true, error);
458 }
459
460 static int bus_unit_method_reload_or_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
461 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, true, error);
462 }
463
464 int bus_unit_method_enqueue_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
465 BusUnitQueueFlags flags = BUS_UNIT_QUEUE_VERBOSE_REPLY;
466 const char *jtype, *smode;
467 Unit *u = ASSERT_PTR(userdata);
468 JobType type;
469 JobMode mode;
470 int r;
471
472 assert(message);
473
474 r = sd_bus_message_read(message, "ss", &jtype, &smode);
475 if (r < 0)
476 return r;
477
478 /* Parse the two magic reload types "reload-or-…" manually */
479 if (streq(jtype, "reload-or-restart")) {
480 type = JOB_RESTART;
481 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
482 } else if (streq(jtype, "reload-or-try-restart")) {
483 type = JOB_TRY_RESTART;
484 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
485 } else {
486 /* And the rest generically */
487 type = job_type_from_string(jtype);
488 if (type < 0)
489 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job type %s invalid", jtype);
490 }
491
492 mode = job_mode_from_string(smode);
493 if (mode < 0)
494 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
495
496 r = mac_selinux_unit_access_check(
497 u, message,
498 job_type_to_access_method(type),
499 error);
500 if (r < 0)
501 return r;
502
503 r = bus_verify_manage_units_async_full(
504 u,
505 jtype,
506 CAP_SYS_ADMIN,
507 polkit_message_for_job[type],
508 true,
509 message,
510 error);
511 if (r < 0)
512 return r;
513 if (r == 0)
514 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
515
516 return bus_unit_queue_job(message, u, type, mode, flags, error);
517 }
518
519 int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
520 Unit *u = ASSERT_PTR(userdata);
521 int32_t value = 0;
522 const char *swho;
523 int32_t signo;
524 KillWho who;
525 int r, code;
526
527 assert(message);
528
529 r = mac_selinux_unit_access_check(u, message, "stop", error);
530 if (r < 0)
531 return r;
532
533 r = sd_bus_message_read(message, "si", &swho, &signo);
534 if (r < 0)
535 return r;
536
537 if (startswith(sd_bus_message_get_member(message), "QueueSignal")) {
538 r = sd_bus_message_read(message, "i", &value);
539 if (r < 0)
540 return r;
541
542 code = SI_QUEUE;
543 } else
544 code = SI_USER;
545
546 if (isempty(swho))
547 who = KILL_ALL;
548 else {
549 who = kill_who_from_string(swho);
550 if (who < 0)
551 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument: %s", swho);
552 }
553
554 if (!SIGNAL_VALID(signo))
555 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
556
557 if (code == SI_QUEUE && !((signo >= SIGRTMIN) && (signo <= SIGRTMAX)))
558 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
559 "Value parameter only accepted for realtime signals (SIGRTMIN…SIGRTMAX), refusing for signal SIG%s.", signal_to_string(signo));
560
561 r = bus_verify_manage_units_async_full(
562 u,
563 "kill",
564 CAP_KILL,
565 N_("Authentication is required to send a UNIX signal to the processes of '$(unit)'."),
566 true,
567 message,
568 error);
569 if (r < 0)
570 return r;
571 if (r == 0)
572 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
573
574 r = unit_kill(u, who, signo, code, value, error);
575 if (r < 0)
576 return r;
577
578 return sd_bus_reply_method_return(message, NULL);
579 }
580
581 int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
582 Unit *u = ASSERT_PTR(userdata);
583 int r;
584
585 assert(message);
586
587 r = mac_selinux_unit_access_check(u, message, "reload", error);
588 if (r < 0)
589 return r;
590
591 r = bus_verify_manage_units_async_full(
592 u,
593 "reset-failed",
594 CAP_SYS_ADMIN,
595 N_("Authentication is required to reset the \"failed\" state of '$(unit)'."),
596 true,
597 message,
598 error);
599 if (r < 0)
600 return r;
601 if (r == 0)
602 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
603
604 unit_reset_failed(u);
605
606 return sd_bus_reply_method_return(message, NULL);
607 }
608
609 int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
610 Unit *u = ASSERT_PTR(userdata);
611 int runtime, r;
612
613 assert(message);
614
615 r = mac_selinux_unit_access_check(u, message, "start", error);
616 if (r < 0)
617 return r;
618
619 r = sd_bus_message_read(message, "b", &runtime);
620 if (r < 0)
621 return r;
622
623 r = bus_verify_manage_units_async_full(
624 u,
625 "set-property",
626 CAP_SYS_ADMIN,
627 N_("Authentication is required to set properties on '$(unit)'."),
628 true,
629 message,
630 error);
631 if (r < 0)
632 return r;
633 if (r == 0)
634 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
635
636 r = bus_unit_set_properties(u, message, runtime ? UNIT_RUNTIME : UNIT_PERSISTENT, true, error);
637 if (r < 0)
638 return r;
639
640 return sd_bus_reply_method_return(message, NULL);
641 }
642
643 int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
644 Unit *u = ASSERT_PTR(userdata);
645 int r;
646
647 assert(message);
648
649 r = mac_selinux_unit_access_check(u, message, "start", error);
650 if (r < 0)
651 return r;
652
653 r = bus_verify_manage_units_async_full(
654 u,
655 "ref",
656 CAP_SYS_ADMIN,
657 NULL,
658 false,
659 message,
660 error);
661 if (r < 0)
662 return r;
663 if (r == 0)
664 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
665
666 r = bus_unit_track_add_sender(u, message);
667 if (r < 0)
668 return r;
669
670 return sd_bus_reply_method_return(message, NULL);
671 }
672
673 int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
674 Unit *u = ASSERT_PTR(userdata);
675 int r;
676
677 assert(message);
678
679 r = bus_unit_track_remove_sender(u, message);
680 if (r == -EUNATCH)
681 return sd_bus_error_set(error, BUS_ERROR_NOT_REFERENCED, "Unit has not been referenced yet.");
682 if (r < 0)
683 return r;
684
685 return sd_bus_reply_method_return(message, NULL);
686 }
687
688 int bus_unit_method_clean(sd_bus_message *message, void *userdata, sd_bus_error *error) {
689 ExecCleanMask mask = 0;
690 Unit *u = ASSERT_PTR(userdata);
691 int r;
692
693 assert(message);
694
695 r = mac_selinux_unit_access_check(u, message, "stop", error);
696 if (r < 0)
697 return r;
698
699 r = sd_bus_message_enter_container(message, 'a', "s");
700 if (r < 0)
701 return r;
702
703 for (;;) {
704 ExecCleanMask m;
705 const char *i;
706
707 r = sd_bus_message_read(message, "s", &i);
708 if (r < 0)
709 return r;
710 if (r == 0)
711 break;
712
713 m = exec_clean_mask_from_string(i);
714 if (m < 0)
715 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
716
717 mask |= m;
718 }
719
720 r = sd_bus_message_exit_container(message);
721 if (r < 0)
722 return r;
723
724 r = bus_verify_manage_units_async_full(
725 u,
726 "clean",
727 CAP_DAC_OVERRIDE,
728 N_("Authentication is required to delete files and directories associated with '$(unit)'."),
729 true,
730 message,
731 error);
732 if (r < 0)
733 return r;
734 if (r == 0)
735 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
736
737 r = unit_clean(u, mask);
738 if (r == -EOPNOTSUPP)
739 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support cleaning.", u->id);
740 if (r == -EUNATCH)
741 return sd_bus_error_set(error, BUS_ERROR_NOTHING_TO_CLEAN, "No matching resources found.");
742 if (r == -EBUSY)
743 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit is not inactive or has pending job.");
744 if (r < 0)
745 return r;
746
747 return sd_bus_reply_method_return(message, NULL);
748 }
749
750 static int bus_unit_method_freezer_generic(sd_bus_message *message, void *userdata, sd_bus_error *error, FreezerAction action) {
751 const char* perm;
752 int (*method)(Unit*);
753 Unit *u = ASSERT_PTR(userdata);
754 bool reply_no_delay = false;
755 int r;
756
757 assert(message);
758 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
759
760 if (action == FREEZER_FREEZE) {
761 perm = "stop";
762 method = unit_freeze;
763 } else {
764 perm = "start";
765 method = unit_thaw;
766 }
767
768 r = mac_selinux_unit_access_check(u, message, perm, error);
769 if (r < 0)
770 return r;
771
772 r = bus_verify_manage_units_async_full(
773 u,
774 perm,
775 CAP_SYS_ADMIN,
776 N_("Authentication is required to freeze or thaw the processes of '$(unit)' unit."),
777 true,
778 message,
779 error);
780 if (r < 0)
781 return r;
782 if (r == 0)
783 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
784
785 r = method(u);
786 if (r == -EOPNOTSUPP)
787 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support freezing.", u->id);
788 if (r == -EBUSY)
789 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit has a pending job.");
790 if (r == -EHOSTDOWN)
791 return sd_bus_error_set(error, BUS_ERROR_UNIT_INACTIVE, "Unit is inactive.");
792 if (r == -EALREADY)
793 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Previously requested freezer operation for unit '%s' is still in progress.", u->id);
794 if (r < 0)
795 return r;
796 if (r == 0)
797 reply_no_delay = true;
798
799 if (u->pending_freezer_invocation) {
800 bus_unit_send_pending_freezer_message(u, true);
801 assert(!u->pending_freezer_invocation);
802 }
803
804 u->pending_freezer_invocation = sd_bus_message_ref(message);
805
806 if (reply_no_delay) {
807 r = bus_unit_send_pending_freezer_message(u, false);
808 if (r < 0)
809 return r;
810 }
811
812 return 1;
813 }
814
815 int bus_unit_method_thaw(sd_bus_message *message, void *userdata, sd_bus_error *error) {
816 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_THAW);
817 }
818
819 int bus_unit_method_freeze(sd_bus_message *message, void *userdata, sd_bus_error *error) {
820 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_FREEZE);
821 }
822
823 static int property_get_refs(
824 sd_bus *bus,
825 const char *path,
826 const char *interface,
827 const char *property,
828 sd_bus_message *reply,
829 void *userdata,
830 sd_bus_error *error) {
831
832 Unit *u = userdata;
833 int r;
834
835 assert(bus);
836 assert(reply);
837
838 r = sd_bus_message_open_container(reply, 'a', "s");
839 if (r < 0)
840 return r;
841
842 for (const char *i = sd_bus_track_first(u->bus_track); i; i = sd_bus_track_next(u->bus_track)) {
843 int c;
844
845 c = sd_bus_track_count_name(u->bus_track, i);
846 if (c < 0)
847 return c;
848
849 /* Add the item multiple times if the ref count for each is above 1 */
850 for (int k = 0; k < c; k++) {
851 r = sd_bus_message_append(reply, "s", i);
852 if (r < 0)
853 return r;
854 }
855 }
856
857 return sd_bus_message_close_container(reply);
858 }
859
860 const sd_bus_vtable bus_unit_vtable[] = {
861 SD_BUS_VTABLE_START(0),
862
863 SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Unit, id), SD_BUS_VTABLE_PROPERTY_CONST),
864 SD_BUS_PROPERTY("Names", "as", property_get_names, 0, SD_BUS_VTABLE_PROPERTY_CONST),
865 SD_BUS_PROPERTY("Following", "s", property_get_following, 0, 0),
866 SD_BUS_PROPERTY("Requires", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
867 SD_BUS_PROPERTY("Requisite", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
868 SD_BUS_PROPERTY("Wants", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
869 SD_BUS_PROPERTY("BindsTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
870 SD_BUS_PROPERTY("PartOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
871 SD_BUS_PROPERTY("Upholds", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
872 SD_BUS_PROPERTY("RequiredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
873 SD_BUS_PROPERTY("RequisiteOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
874 SD_BUS_PROPERTY("WantedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
875 SD_BUS_PROPERTY("BoundBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
876 SD_BUS_PROPERTY("UpheldBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
877 SD_BUS_PROPERTY("ConsistsOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
878 SD_BUS_PROPERTY("Conflicts", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
879 SD_BUS_PROPERTY("ConflictedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
880 SD_BUS_PROPERTY("Before", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
881 SD_BUS_PROPERTY("After", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
882 SD_BUS_PROPERTY("OnSuccess", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
883 SD_BUS_PROPERTY("OnSuccessOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
884 SD_BUS_PROPERTY("OnFailure", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
885 SD_BUS_PROPERTY("OnFailureOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
886 SD_BUS_PROPERTY("Triggers", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
887 SD_BUS_PROPERTY("TriggeredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
888 SD_BUS_PROPERTY("PropagatesReloadTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
889 SD_BUS_PROPERTY("ReloadPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
890 SD_BUS_PROPERTY("PropagatesStopTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
891 SD_BUS_PROPERTY("StopPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
892 SD_BUS_PROPERTY("JoinsNamespaceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
893 SD_BUS_PROPERTY("SliceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
894 SD_BUS_PROPERTY("RequiresMountsFor", "as", property_get_requires_mounts_for, offsetof(Unit, requires_mounts_for), SD_BUS_VTABLE_PROPERTY_CONST),
895 SD_BUS_PROPERTY("Documentation", "as", NULL, offsetof(Unit, documentation), SD_BUS_VTABLE_PROPERTY_CONST),
896 SD_BUS_PROPERTY("Description", "s", property_get_description, 0, SD_BUS_VTABLE_PROPERTY_CONST),
897 SD_BUS_PROPERTY("AccessSELinuxContext", "s", NULL, offsetof(Unit, access_selinux_context), SD_BUS_VTABLE_PROPERTY_CONST),
898 SD_BUS_PROPERTY("LoadState", "s", property_get_load_state, offsetof(Unit, load_state), SD_BUS_VTABLE_PROPERTY_CONST),
899 SD_BUS_PROPERTY("ActiveState", "s", property_get_active_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
900 SD_BUS_PROPERTY("FreezerState", "s", property_get_freezer_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
901 SD_BUS_PROPERTY("SubState", "s", property_get_sub_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
902 SD_BUS_PROPERTY("FragmentPath", "s", NULL, offsetof(Unit, fragment_path), SD_BUS_VTABLE_PROPERTY_CONST),
903 SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Unit, source_path), SD_BUS_VTABLE_PROPERTY_CONST),
904 SD_BUS_PROPERTY("DropInPaths", "as", NULL, offsetof(Unit, dropin_paths), SD_BUS_VTABLE_PROPERTY_CONST),
905 SD_BUS_PROPERTY("UnitFileState", "s", property_get_unit_file_state, 0, 0),
906 SD_BUS_PROPERTY("UnitFilePreset", "s", property_get_unit_file_preset, 0, 0),
907 BUS_PROPERTY_DUAL_TIMESTAMP("StateChangeTimestamp", offsetof(Unit, state_change_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
908 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveExitTimestamp", offsetof(Unit, inactive_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
909 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveEnterTimestamp", offsetof(Unit, active_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
910 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveExitTimestamp", offsetof(Unit, active_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
911 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveEnterTimestamp", offsetof(Unit, inactive_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
912 SD_BUS_PROPERTY("CanStart", "b", property_get_can_start, 0, SD_BUS_VTABLE_PROPERTY_CONST),
913 SD_BUS_PROPERTY("CanStop", "b", property_get_can_stop, 0, SD_BUS_VTABLE_PROPERTY_CONST),
914 SD_BUS_PROPERTY("CanReload", "b", property_get_can_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
915 SD_BUS_PROPERTY("CanIsolate", "b", property_get_can_isolate, 0, SD_BUS_VTABLE_PROPERTY_CONST),
916 SD_BUS_PROPERTY("CanClean", "as", property_get_can_clean, 0, SD_BUS_VTABLE_PROPERTY_CONST),
917 SD_BUS_PROPERTY("CanFreeze", "b", property_get_can_freeze, 0, SD_BUS_VTABLE_PROPERTY_CONST),
918 SD_BUS_PROPERTY("Job", "(uo)", property_get_job, offsetof(Unit, job), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
919 SD_BUS_PROPERTY("StopWhenUnneeded", "b", bus_property_get_bool, offsetof(Unit, stop_when_unneeded), SD_BUS_VTABLE_PROPERTY_CONST),
920 SD_BUS_PROPERTY("RefuseManualStart", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_start), SD_BUS_VTABLE_PROPERTY_CONST),
921 SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
922 SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
923 SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
924 SD_BUS_PROPERTY("OnSuccesJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), /* deprecated */
925 SD_BUS_PROPERTY("OnSuccessJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
926 SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
927 SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
928 SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, 0),
929 SD_BUS_PROPERTY("Markers", "as", property_get_markers, offsetof(Unit, markers), 0),
930 SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
931 SD_BUS_PROPERTY("JobRunningTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_running_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
932 SD_BUS_PROPERTY("JobTimeoutAction", "s", bus_property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),
933 SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
934 SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
935 SD_BUS_PROPERTY("AssertResult", "b", bus_property_get_bool, offsetof(Unit, assert_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
936 BUS_PROPERTY_DUAL_TIMESTAMP("ConditionTimestamp", offsetof(Unit, condition_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
937 BUS_PROPERTY_DUAL_TIMESTAMP("AssertTimestamp", offsetof(Unit, assert_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
938 SD_BUS_PROPERTY("Conditions", "a(sbbsi)", property_get_conditions, offsetof(Unit, conditions), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
939 SD_BUS_PROPERTY("Asserts", "a(sbbsi)", property_get_conditions, offsetof(Unit, asserts), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
940 SD_BUS_PROPERTY("LoadError", "(ss)", property_get_load_error, 0, SD_BUS_VTABLE_PROPERTY_CONST),
941 SD_BUS_PROPERTY("Transient", "b", bus_property_get_bool, offsetof(Unit, transient), SD_BUS_VTABLE_PROPERTY_CONST),
942 SD_BUS_PROPERTY("Perpetual", "b", bus_property_get_bool, offsetof(Unit, perpetual), SD_BUS_VTABLE_PROPERTY_CONST),
943 SD_BUS_PROPERTY("StartLimitIntervalUSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
944 SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_ratelimit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
945 SD_BUS_PROPERTY("StartLimitAction", "s", bus_property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST),
946 SD_BUS_PROPERTY("FailureAction", "s", bus_property_get_emergency_action, offsetof(Unit, failure_action), SD_BUS_VTABLE_PROPERTY_CONST),
947 SD_BUS_PROPERTY("FailureActionExitStatus", "i", bus_property_get_int, offsetof(Unit, failure_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
948 SD_BUS_PROPERTY("SuccessAction", "s", bus_property_get_emergency_action, offsetof(Unit, success_action), SD_BUS_VTABLE_PROPERTY_CONST),
949 SD_BUS_PROPERTY("SuccessActionExitStatus", "i", bus_property_get_int, offsetof(Unit, success_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
950 SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
951 SD_BUS_PROPERTY("InvocationID", "ay", bus_property_get_id128, offsetof(Unit, invocation_id), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
952 SD_BUS_PROPERTY("CollectMode", "s", property_get_collect_mode, offsetof(Unit, collect_mode), SD_BUS_VTABLE_PROPERTY_CONST),
953 SD_BUS_PROPERTY("Refs", "as", property_get_refs, 0, 0),
954 SD_BUS_PROPERTY("ActivationDetails", "a(ss)", bus_property_get_activation_details, offsetof(Unit, activation_details), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
955
956 SD_BUS_METHOD_WITH_ARGS("Start",
957 SD_BUS_ARGS("s", mode),
958 SD_BUS_RESULT("o", job),
959 bus_unit_method_start,
960 SD_BUS_VTABLE_UNPRIVILEGED),
961 SD_BUS_METHOD_WITH_ARGS("Stop",
962 SD_BUS_ARGS("s", mode),
963 SD_BUS_RESULT("o", job),
964 bus_unit_method_stop,
965 SD_BUS_VTABLE_UNPRIVILEGED),
966 SD_BUS_METHOD_WITH_ARGS("Reload",
967 SD_BUS_ARGS("s", mode),
968 SD_BUS_RESULT("o", job),
969 bus_unit_method_reload,
970 SD_BUS_VTABLE_UNPRIVILEGED),
971 SD_BUS_METHOD_WITH_ARGS("Restart",
972 SD_BUS_ARGS("s", mode),
973 SD_BUS_RESULT("o", job),
974 bus_unit_method_restart,
975 SD_BUS_VTABLE_UNPRIVILEGED),
976 SD_BUS_METHOD_WITH_ARGS("TryRestart",
977 SD_BUS_ARGS("s", mode),
978 SD_BUS_RESULT("o", job),
979 bus_unit_method_try_restart,
980 SD_BUS_VTABLE_UNPRIVILEGED),
981 SD_BUS_METHOD_WITH_ARGS("ReloadOrRestart",
982 SD_BUS_ARGS("s", mode),
983 SD_BUS_RESULT("o", job),
984 bus_unit_method_reload_or_restart,
985 SD_BUS_VTABLE_UNPRIVILEGED),
986 SD_BUS_METHOD_WITH_ARGS("ReloadOrTryRestart",
987 SD_BUS_ARGS("s", mode),
988 SD_BUS_RESULT("o", job),
989 bus_unit_method_reload_or_try_restart,
990 SD_BUS_VTABLE_UNPRIVILEGED),
991 SD_BUS_METHOD_WITH_ARGS("EnqueueJob",
992 SD_BUS_ARGS("s", job_type, "s", job_mode),
993 SD_BUS_RESULT("u", job_id, "o", job_path, "s", unit_id, "o", unit_path, "s", job_type, "a(uosos)", affected_jobs),
994 bus_unit_method_enqueue_job,
995 SD_BUS_VTABLE_UNPRIVILEGED),
996 SD_BUS_METHOD_WITH_ARGS("Kill",
997 SD_BUS_ARGS("s", whom, "i", signal),
998 SD_BUS_NO_RESULT,
999 bus_unit_method_kill,
1000 SD_BUS_VTABLE_UNPRIVILEGED),
1001 SD_BUS_METHOD_WITH_ARGS("QueueSignal",
1002 SD_BUS_ARGS("s", whom, "i", signal, "i", value),
1003 SD_BUS_NO_RESULT,
1004 bus_unit_method_kill,
1005 SD_BUS_VTABLE_UNPRIVILEGED),
1006 SD_BUS_METHOD("ResetFailed",
1007 NULL,
1008 NULL,
1009 bus_unit_method_reset_failed,
1010 SD_BUS_VTABLE_UNPRIVILEGED),
1011 SD_BUS_METHOD_WITH_ARGS("SetProperties",
1012 SD_BUS_ARGS("b", runtime, "a(sv)", properties),
1013 SD_BUS_NO_RESULT,
1014 bus_unit_method_set_properties,
1015 SD_BUS_VTABLE_UNPRIVILEGED),
1016 SD_BUS_METHOD("Ref",
1017 NULL,
1018 NULL,
1019 bus_unit_method_ref,
1020 SD_BUS_VTABLE_UNPRIVILEGED),
1021 SD_BUS_METHOD("Unref",
1022 NULL,
1023 NULL,
1024 bus_unit_method_unref,
1025 SD_BUS_VTABLE_UNPRIVILEGED),
1026 SD_BUS_METHOD_WITH_ARGS("Clean",
1027 SD_BUS_ARGS("as", mask),
1028 SD_BUS_NO_RESULT,
1029 bus_unit_method_clean,
1030 SD_BUS_VTABLE_UNPRIVILEGED),
1031 SD_BUS_METHOD("Freeze",
1032 NULL,
1033 NULL,
1034 bus_unit_method_freeze,
1035 SD_BUS_VTABLE_UNPRIVILEGED),
1036 SD_BUS_METHOD("Thaw",
1037 NULL,
1038 NULL,
1039 bus_unit_method_thaw,
1040 SD_BUS_VTABLE_UNPRIVILEGED),
1041
1042 /* For dependency types we don't support anymore always return an empty array */
1043 SD_BUS_PROPERTY("RequiresOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1044 SD_BUS_PROPERTY("RequisiteOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1045 SD_BUS_PROPERTY("RequiredByOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1046 SD_BUS_PROPERTY("RequisiteOfOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1047 /* Obsolete alias names */
1048 SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1049 SD_BUS_PROPERTY("StartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1050
1051 SD_BUS_VTABLE_END
1052 };
1053
1054 static int property_get_slice(
1055 sd_bus *bus,
1056 const char *path,
1057 const char *interface,
1058 const char *property,
1059 sd_bus_message *reply,
1060 void *userdata,
1061 sd_bus_error *error) {
1062
1063 Unit *u = ASSERT_PTR(userdata);
1064
1065 assert(bus);
1066 assert(reply);
1067
1068 return sd_bus_message_append(reply, "s", unit_slice_name(u));
1069 }
1070
1071 static int property_get_current_memory(
1072 sd_bus *bus,
1073 const char *path,
1074 const char *interface,
1075 const char *property,
1076 sd_bus_message *reply,
1077 void *userdata,
1078 sd_bus_error *error) {
1079
1080 uint64_t sz = UINT64_MAX;
1081 Unit *u = ASSERT_PTR(userdata);
1082 int r;
1083
1084 assert(bus);
1085 assert(reply);
1086
1087 r = unit_get_memory_current(u, &sz);
1088 if (r < 0 && r != -ENODATA)
1089 log_unit_warning_errno(u, r, "Failed to get memory.usage_in_bytes attribute: %m");
1090
1091 return sd_bus_message_append(reply, "t", sz);
1092 }
1093
1094 static int property_get_available_memory(
1095 sd_bus *bus,
1096 const char *path,
1097 const char *interface,
1098 const char *property,
1099 sd_bus_message *reply,
1100 void *userdata,
1101 sd_bus_error *error) {
1102
1103 uint64_t sz = UINT64_MAX;
1104 Unit *u = ASSERT_PTR(userdata);
1105 int r;
1106
1107 assert(bus);
1108 assert(reply);
1109
1110 r = unit_get_memory_available(u, &sz);
1111 if (r < 0 && r != -ENODATA)
1112 log_unit_warning_errno(u, r, "Failed to get total available memory from cgroup: %m");
1113
1114 return sd_bus_message_append(reply, "t", sz);
1115 }
1116
1117 static int property_get_current_tasks(
1118 sd_bus *bus,
1119 const char *path,
1120 const char *interface,
1121 const char *property,
1122 sd_bus_message *reply,
1123 void *userdata,
1124 sd_bus_error *error) {
1125
1126 uint64_t cn = UINT64_MAX;
1127 Unit *u = ASSERT_PTR(userdata);
1128 int r;
1129
1130 assert(bus);
1131 assert(reply);
1132
1133 r = unit_get_tasks_current(u, &cn);
1134 if (r < 0 && r != -ENODATA)
1135 log_unit_warning_errno(u, r, "Failed to get pids.current attribute: %m");
1136
1137 return sd_bus_message_append(reply, "t", cn);
1138 }
1139
1140 static int property_get_cpu_usage(
1141 sd_bus *bus,
1142 const char *path,
1143 const char *interface,
1144 const char *property,
1145 sd_bus_message *reply,
1146 void *userdata,
1147 sd_bus_error *error) {
1148
1149 nsec_t ns = NSEC_INFINITY;
1150 Unit *u = ASSERT_PTR(userdata);
1151 int r;
1152
1153 assert(bus);
1154 assert(reply);
1155
1156 r = unit_get_cpu_usage(u, &ns);
1157 if (r < 0 && r != -ENODATA)
1158 log_unit_warning_errno(u, r, "Failed to get cpuacct.usage attribute: %m");
1159
1160 return sd_bus_message_append(reply, "t", ns);
1161 }
1162
1163 static int property_get_cpuset_cpus(
1164 sd_bus *bus,
1165 const char *path,
1166 const char *interface,
1167 const char *property,
1168 sd_bus_message *reply,
1169 void *userdata,
1170 sd_bus_error *error) {
1171
1172 Unit *u = ASSERT_PTR(userdata);
1173 _cleanup_(cpu_set_reset) CPUSet cpus = {};
1174 _cleanup_free_ uint8_t *array = NULL;
1175 size_t allocated;
1176
1177 assert(bus);
1178 assert(reply);
1179
1180 (void) unit_get_cpuset(u, &cpus, "cpuset.cpus.effective");
1181 (void) cpu_set_to_dbus(&cpus, &array, &allocated);
1182 return sd_bus_message_append_array(reply, 'y', array, allocated);
1183 }
1184
1185 static int property_get_cpuset_mems(
1186 sd_bus *bus,
1187 const char *path,
1188 const char *interface,
1189 const char *property,
1190 sd_bus_message *reply,
1191 void *userdata,
1192 sd_bus_error *error) {
1193
1194 Unit *u = ASSERT_PTR(userdata);
1195 _cleanup_(cpu_set_reset) CPUSet mems = {};
1196 _cleanup_free_ uint8_t *array = NULL;
1197 size_t allocated;
1198
1199 assert(bus);
1200 assert(reply);
1201
1202 (void) unit_get_cpuset(u, &mems, "cpuset.mems.effective");
1203 (void) cpu_set_to_dbus(&mems, &array, &allocated);
1204 return sd_bus_message_append_array(reply, 'y', array, allocated);
1205 }
1206
1207 static int property_get_cgroup(
1208 sd_bus *bus,
1209 const char *path,
1210 const char *interface,
1211 const char *property,
1212 sd_bus_message *reply,
1213 void *userdata,
1214 sd_bus_error *error) {
1215
1216 Unit *u = ASSERT_PTR(userdata);
1217 const char *t = NULL;
1218
1219 assert(bus);
1220 assert(reply);
1221
1222 /* Three cases: a) u->cgroup_path is NULL, in which case the
1223 * unit has no control group, which we report as the empty
1224 * string. b) u->cgroup_path is the empty string, which
1225 * indicates the root cgroup, which we report as "/". c) all
1226 * other cases we report as-is. */
1227
1228 if (u->cgroup_path)
1229 t = empty_to_root(u->cgroup_path);
1230
1231 return sd_bus_message_append(reply, "s", t);
1232 }
1233
1234 static int append_process(sd_bus_message *reply, const char *p, pid_t pid, Set *pids) {
1235 _cleanup_free_ char *buf = NULL, *cmdline = NULL;
1236 int r;
1237
1238 assert(reply);
1239 assert(pid > 0);
1240
1241 r = set_put(pids, PID_TO_PTR(pid));
1242 if (IN_SET(r, 0, -EEXIST))
1243 return 0;
1244 if (r < 0)
1245 return r;
1246
1247 if (!p) {
1248 r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &buf);
1249 if (r == -ESRCH)
1250 return 0;
1251 if (r < 0)
1252 return r;
1253
1254 p = buf;
1255 }
1256
1257 (void) get_process_cmdline(pid, SIZE_MAX,
1258 PROCESS_CMDLINE_COMM_FALLBACK | PROCESS_CMDLINE_QUOTE,
1259 &cmdline);
1260
1261 return sd_bus_message_append(reply,
1262 "(sus)",
1263 p,
1264 (uint32_t) pid,
1265 cmdline);
1266 }
1267
1268 static int append_cgroup(sd_bus_message *reply, const char *p, Set *pids) {
1269 _cleanup_closedir_ DIR *d = NULL;
1270 _cleanup_fclose_ FILE *f = NULL;
1271 int r;
1272
1273 assert(reply);
1274 assert(p);
1275
1276 r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, p, &f);
1277 if (r == -ENOENT)
1278 return 0;
1279 if (r < 0)
1280 return r;
1281
1282 for (;;) {
1283 pid_t pid;
1284
1285 /* libvirt / qemu uses threaded mode and cgroup.procs cannot be read at the lower levels.
1286 * From https://docs.kernel.org/admin-guide/cgroup-v2.html#threads,
1287 * “cgroup.procs” in a threaded domain cgroup contains the PIDs of all processes in
1288 * the subtree and is not readable in the subtree proper. */
1289 r = cg_read_pid(f, &pid);
1290 if (IN_SET(r, 0, -EOPNOTSUPP))
1291 break;
1292 if (r < 0)
1293 return r;
1294
1295 if (is_kernel_thread(pid) > 0)
1296 continue;
1297
1298 r = append_process(reply, p, pid, pids);
1299 if (r < 0)
1300 return r;
1301 }
1302
1303 r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, p, &d);
1304 if (r == -ENOENT)
1305 return 0;
1306 if (r < 0)
1307 return r;
1308
1309 for (;;) {
1310 _cleanup_free_ char *g = NULL, *j = NULL;
1311
1312 r = cg_read_subgroup(d, &g);
1313 if (r < 0)
1314 return r;
1315 if (r == 0)
1316 break;
1317
1318 j = path_join(empty_to_root(p), g);
1319 if (!j)
1320 return -ENOMEM;
1321
1322 r = append_cgroup(reply, j, pids);
1323 if (r < 0)
1324 return r;
1325 }
1326
1327 return 0;
1328 }
1329
1330 int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1331 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1332 _cleanup_set_free_ Set *pids = NULL;
1333 Unit *u = userdata;
1334 int r;
1335
1336 assert(message);
1337
1338 r = mac_selinux_unit_access_check(u, message, "status", error);
1339 if (r < 0)
1340 return r;
1341
1342 pids = set_new(NULL);
1343 if (!pids)
1344 return -ENOMEM;
1345
1346 r = sd_bus_message_new_method_return(message, &reply);
1347 if (r < 0)
1348 return r;
1349
1350 r = sd_bus_message_open_container(reply, 'a', "(sus)");
1351 if (r < 0)
1352 return r;
1353
1354 if (u->cgroup_path) {
1355 r = append_cgroup(reply, u->cgroup_path, pids);
1356 if (r < 0)
1357 return r;
1358 }
1359
1360 /* The main and control pids might live outside of the cgroup, hence fetch them separately */
1361 PidRef *pid = unit_main_pid(u);
1362 if (pidref_is_set(pid)) {
1363 r = append_process(reply, NULL, pid->pid, pids);
1364 if (r < 0)
1365 return r;
1366 }
1367
1368 pid = unit_control_pid(u);
1369 if (pidref_is_set(pid)) {
1370 r = append_process(reply, NULL, pid->pid, pids);
1371 if (r < 0)
1372 return r;
1373 }
1374
1375 r = sd_bus_message_close_container(reply);
1376 if (r < 0)
1377 return r;
1378
1379 return sd_bus_send(NULL, reply, NULL);
1380 }
1381
1382 static int property_get_ip_counter(
1383 sd_bus *bus,
1384 const char *path,
1385 const char *interface,
1386 const char *property,
1387 sd_bus_message *reply,
1388 void *userdata,
1389 sd_bus_error *error) {
1390
1391 static const char *const table[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
1392 [CGROUP_IP_INGRESS_BYTES] = "IPIngressBytes",
1393 [CGROUP_IP_EGRESS_BYTES] = "IPEgressBytes",
1394 [CGROUP_IP_INGRESS_PACKETS] = "IPIngressPackets",
1395 [CGROUP_IP_EGRESS_PACKETS] = "IPEgressPackets",
1396 };
1397
1398 uint64_t value = UINT64_MAX;
1399 Unit *u = ASSERT_PTR(userdata);
1400 ssize_t metric;
1401
1402 assert(bus);
1403 assert(reply);
1404 assert(property);
1405
1406 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1407 (void) unit_get_ip_accounting(u, metric, &value);
1408 return sd_bus_message_append(reply, "t", value);
1409 }
1410
1411 static int property_get_io_counter(
1412 sd_bus *bus,
1413 const char *path,
1414 const char *interface,
1415 const char *property,
1416 sd_bus_message *reply,
1417 void *userdata,
1418 sd_bus_error *error) {
1419
1420 static const char *const table[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
1421 [CGROUP_IO_READ_BYTES] = "IOReadBytes",
1422 [CGROUP_IO_WRITE_BYTES] = "IOWriteBytes",
1423 [CGROUP_IO_READ_OPERATIONS] = "IOReadOperations",
1424 [CGROUP_IO_WRITE_OPERATIONS] = "IOWriteOperations",
1425 };
1426
1427 uint64_t value = UINT64_MAX;
1428 Unit *u = ASSERT_PTR(userdata);
1429 ssize_t metric;
1430
1431 assert(bus);
1432 assert(reply);
1433 assert(property);
1434
1435 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1436 (void) unit_get_io_accounting(u, metric, false, &value);
1437 return sd_bus_message_append(reply, "t", value);
1438 }
1439
1440 int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1441
1442 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
1443 _cleanup_set_free_ Set *pids = NULL;
1444 Unit *u = userdata;
1445 const char *path;
1446 int r;
1447
1448 assert(message);
1449
1450 /* This migrates the processes with the specified PIDs into the cgroup of this unit, optionally below a
1451 * specified cgroup path. Obviously this only works for units that actually maintain a cgroup
1452 * representation. If a process is already in the cgroup no operation is executed – in this case the specified
1453 * subcgroup path has no effect! */
1454
1455 r = mac_selinux_unit_access_check(u, message, "start", error);
1456 if (r < 0)
1457 return r;
1458
1459 r = sd_bus_message_read(message, "s", &path);
1460 if (r < 0)
1461 return r;
1462
1463 path = empty_to_null(path);
1464 if (path) {
1465 if (!path_is_absolute(path))
1466 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", path);
1467
1468 if (!path_is_normalized(path))
1469 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", path);
1470 }
1471
1472 if (!unit_cgroup_delegate(u))
1473 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Process migration not available on non-delegated units.");
1474
1475 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
1476 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Unit is not active, refusing.");
1477
1478 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds);
1479 if (r < 0)
1480 return r;
1481
1482 r = sd_bus_message_enter_container(message, 'a', "u");
1483 if (r < 0)
1484 return r;
1485 for (;;) {
1486 uid_t process_uid, sender_uid;
1487 uint32_t upid;
1488 pid_t pid;
1489
1490 r = sd_bus_message_read(message, "u", &upid);
1491 if (r < 0)
1492 return r;
1493 if (r == 0)
1494 break;
1495
1496 if (upid == 0) {
1497 r = sd_bus_creds_get_pid(creds, &pid);
1498 if (r < 0)
1499 return r;
1500 } else
1501 pid = (uid_t) upid;
1502
1503 /* Filter out duplicates */
1504 if (set_contains(pids, PID_TO_PTR(pid)))
1505 continue;
1506
1507 /* Check if this process is suitable for attaching to this unit */
1508 r = unit_pid_attachable(u, pid, error);
1509 if (r < 0)
1510 return r;
1511
1512 /* Let's query the sender's UID, so that we can make our security decisions */
1513 r = sd_bus_creds_get_euid(creds, &sender_uid);
1514 if (r < 0)
1515 return r;
1516
1517 /* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
1518 * then the process' UID and the target unit's UID have to match the sender's UID */
1519 if (sender_uid != 0 && sender_uid != getuid()) {
1520 r = get_process_uid(pid, &process_uid);
1521 if (r < 0)
1522 return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
1523
1524 if (process_uid != sender_uid)
1525 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by client's UID. Refusing.", pid);
1526 if (process_uid != u->ref_uid)
1527 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid);
1528 }
1529
1530 if (!pids) {
1531 pids = set_new(NULL);
1532 if (!pids)
1533 return -ENOMEM;
1534 }
1535
1536 r = set_put(pids, PID_TO_PTR(pid));
1537 if (r < 0)
1538 return r;
1539 }
1540
1541 r = sd_bus_message_exit_container(message);
1542 if (r < 0)
1543 return r;
1544
1545 r = unit_attach_pids_to_cgroup(u, pids, path);
1546 if (r < 0)
1547 return sd_bus_error_set_errnof(error, r, "Failed to attach processes to control group: %m");
1548
1549 return sd_bus_reply_method_return(message, NULL);
1550 }
1551
1552 const sd_bus_vtable bus_unit_cgroup_vtable[] = {
1553 SD_BUS_VTABLE_START(0),
1554 SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
1555 SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
1556 SD_BUS_PROPERTY("ControlGroupId", "t", NULL, offsetof(Unit, cgroup_id), 0),
1557 SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
1558 SD_BUS_PROPERTY("MemoryAvailable", "t", property_get_available_memory, 0, 0),
1559 SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
1560 SD_BUS_PROPERTY("EffectiveCPUs", "ay", property_get_cpuset_cpus, 0, 0),
1561 SD_BUS_PROPERTY("EffectiveMemoryNodes", "ay", property_get_cpuset_mems, 0, 0),
1562 SD_BUS_PROPERTY("TasksCurrent", "t", property_get_current_tasks, 0, 0),
1563 SD_BUS_PROPERTY("IPIngressBytes", "t", property_get_ip_counter, 0, 0),
1564 SD_BUS_PROPERTY("IPIngressPackets", "t", property_get_ip_counter, 0, 0),
1565 SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0),
1566 SD_BUS_PROPERTY("IPEgressPackets", "t", property_get_ip_counter, 0, 0),
1567 SD_BUS_PROPERTY("IOReadBytes", "t", property_get_io_counter, 0, 0),
1568 SD_BUS_PROPERTY("IOReadOperations", "t", property_get_io_counter, 0, 0),
1569 SD_BUS_PROPERTY("IOWriteBytes", "t", property_get_io_counter, 0, 0),
1570 SD_BUS_PROPERTY("IOWriteOperations", "t", property_get_io_counter, 0, 0),
1571
1572 SD_BUS_METHOD_WITH_ARGS("GetProcesses",
1573 SD_BUS_NO_ARGS,
1574 SD_BUS_ARGS("a(sus)", processes),
1575 bus_unit_method_get_processes,
1576 SD_BUS_VTABLE_UNPRIVILEGED),
1577
1578 SD_BUS_METHOD_WITH_ARGS("AttachProcesses",
1579 SD_BUS_ARGS("s", subcgroup, "au", pids),
1580 SD_BUS_NO_RESULT,
1581 bus_unit_method_attach_processes,
1582 SD_BUS_VTABLE_UNPRIVILEGED),
1583
1584 SD_BUS_VTABLE_END
1585 };
1586
1587 static int send_new_signal(sd_bus *bus, void *userdata) {
1588 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1589 _cleanup_free_ char *p = NULL;
1590 Unit *u = ASSERT_PTR(userdata);
1591 int r;
1592
1593 assert(bus);
1594
1595 p = unit_dbus_path(u);
1596 if (!p)
1597 return -ENOMEM;
1598
1599 r = sd_bus_message_new_signal(
1600 bus,
1601 &m,
1602 "/org/freedesktop/systemd1",
1603 "org.freedesktop.systemd1.Manager",
1604 "UnitNew");
1605 if (r < 0)
1606 return r;
1607
1608 r = sd_bus_message_append(m, "so", u->id, p);
1609 if (r < 0)
1610 return r;
1611
1612 return sd_bus_send(bus, m, NULL);
1613 }
1614
1615 static int send_changed_signal(sd_bus *bus, void *userdata) {
1616 _cleanup_free_ char *p = NULL;
1617 Unit *u = ASSERT_PTR(userdata);
1618 int r;
1619
1620 assert(bus);
1621
1622 p = unit_dbus_path(u);
1623 if (!p)
1624 return -ENOMEM;
1625
1626 /* Send a properties changed signal. First for the specific
1627 * type, then for the generic unit. The clients may rely on
1628 * this order to get atomic behavior if needed. */
1629
1630 r = sd_bus_emit_properties_changed_strv(
1631 bus, p,
1632 unit_dbus_interface_from_type(u->type),
1633 NULL);
1634 if (r < 0)
1635 return r;
1636
1637 return sd_bus_emit_properties_changed_strv(
1638 bus, p,
1639 "org.freedesktop.systemd1.Unit",
1640 NULL);
1641 }
1642
1643 void bus_unit_send_change_signal(Unit *u) {
1644 int r;
1645 assert(u);
1646
1647 if (u->in_dbus_queue) {
1648 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
1649 u->in_dbus_queue = false;
1650
1651 /* The unit might be good to be GC once its pending signals have been sent */
1652 unit_add_to_gc_queue(u);
1653 }
1654
1655 if (!u->id)
1656 return;
1657
1658 r = bus_foreach_bus(u->manager, u->bus_track, u->sent_dbus_new_signal ? send_changed_signal : send_new_signal, u);
1659 if (r < 0)
1660 log_unit_debug_errno(u, r, "Failed to send unit change signal for %s: %m", u->id);
1661
1662 u->sent_dbus_new_signal = true;
1663 }
1664
1665 void bus_unit_send_pending_change_signal(Unit *u, bool including_new) {
1666
1667 /* Sends out any pending change signals, but only if they really are pending. This call is used when we are
1668 * about to change state in order to force out a PropertiesChanged signal beforehand if there was one pending
1669 * so that clients can follow the full state transition */
1670
1671 if (!u->in_dbus_queue) /* If not enqueued, don't bother */
1672 return;
1673
1674 if (!u->sent_dbus_new_signal && !including_new) /* If the unit was never announced, don't bother, it's fine if
1675 * the unit appears in the new state right-away (except if the
1676 * caller explicitly asked us to send it anyway) */
1677 return;
1678
1679 if (MANAGER_IS_RELOADING(u->manager)) /* Don't generate unnecessary PropertiesChanged signals for the same unit
1680 * when we are reloading. */
1681 return;
1682
1683 bus_unit_send_change_signal(u);
1684 }
1685
1686 int bus_unit_send_pending_freezer_message(Unit *u, bool cancelled) {
1687 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1688 int r;
1689
1690 assert(u);
1691
1692 if (!u->pending_freezer_invocation)
1693 return 0;
1694
1695 if (cancelled)
1696 r = sd_bus_message_new_method_error(
1697 u->pending_freezer_invocation,
1698 &reply,
1699 &SD_BUS_ERROR_MAKE_CONST(
1700 BUS_ERROR_FREEZE_CANCELLED, "Freeze operation aborted"));
1701 else
1702 r = sd_bus_message_new_method_return(u->pending_freezer_invocation, &reply);
1703 if (r < 0)
1704 return r;
1705
1706 r = sd_bus_send(NULL, reply, NULL);
1707 if (r < 0)
1708 log_warning_errno(r, "Failed to send queued message, ignoring: %m");
1709
1710 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
1711
1712 return 0;
1713 }
1714
1715 static int send_removed_signal(sd_bus *bus, void *userdata) {
1716 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1717 _cleanup_free_ char *p = NULL;
1718 Unit *u = ASSERT_PTR(userdata);
1719 int r;
1720
1721 assert(bus);
1722
1723 p = unit_dbus_path(u);
1724 if (!p)
1725 return -ENOMEM;
1726
1727 r = sd_bus_message_new_signal(
1728 bus,
1729 &m,
1730 "/org/freedesktop/systemd1",
1731 "org.freedesktop.systemd1.Manager",
1732 "UnitRemoved");
1733 if (r < 0)
1734 return r;
1735
1736 r = sd_bus_message_append(m, "so", u->id, p);
1737 if (r < 0)
1738 return r;
1739
1740 return sd_bus_send(bus, m, NULL);
1741 }
1742
1743 void bus_unit_send_removed_signal(Unit *u) {
1744 int r;
1745 assert(u);
1746
1747 if (!u->sent_dbus_new_signal || u->in_dbus_queue)
1748 bus_unit_send_change_signal(u);
1749
1750 if (!u->id)
1751 return;
1752
1753 r = bus_foreach_bus(u->manager, u->bus_track, send_removed_signal, u);
1754 if (r < 0)
1755 log_unit_debug_errno(u, r, "Failed to send unit remove signal for %s: %m", u->id);
1756 }
1757
1758 int bus_unit_queue_job_one(
1759 sd_bus_message *message,
1760 Unit *u,
1761 JobType type,
1762 JobMode mode,
1763 BusUnitQueueFlags flags,
1764 sd_bus_message *reply,
1765 sd_bus_error *error) {
1766
1767 _cleanup_set_free_ Set *affected = NULL;
1768 _cleanup_free_ char *job_path = NULL, *unit_path = NULL;
1769 Job *j, *a;
1770 int r;
1771
1772 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
1773 if (type == JOB_RESTART)
1774 type = JOB_RELOAD_OR_START;
1775 else if (type == JOB_TRY_RESTART)
1776 type = JOB_TRY_RELOAD;
1777 }
1778
1779 if (type == JOB_STOP &&
1780 IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
1781 unit_active_state(u) == UNIT_INACTIVE)
1782 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
1783
1784 if ((type == JOB_START && u->refuse_manual_start) ||
1785 (type == JOB_STOP && u->refuse_manual_stop) ||
1786 (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
1787 (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
1788 return sd_bus_error_setf(error,
1789 BUS_ERROR_ONLY_BY_DEPENDENCY,
1790 "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).",
1791 u->id);
1792
1793 /* dbus-broker issues StartUnit for activation requests, and Type=dbus services automatically
1794 * gain dependency on dbus.socket. Therefore, if dbus has a pending stop job, the new start
1795 * job that pulls in dbus again would cause job type conflict. Let's avoid that by rejecting
1796 * job enqueuing early.
1797 *
1798 * Note that unlike signal_activation_request(), we can't use unit_inactive_or_pending()
1799 * here. StartUnit is a more generic interface, and thus users are allowed to use e.g. systemctl
1800 * to start Type=dbus services even when dbus is inactive. */
1801 if (type == JOB_START && u->type == UNIT_SERVICE && SERVICE(u)->type == SERVICE_DBUS)
1802 FOREACH_STRING(dbus_unit, SPECIAL_DBUS_SOCKET, SPECIAL_DBUS_SERVICE) {
1803 Unit *dbus;
1804
1805 dbus = manager_get_unit(u->manager, dbus_unit);
1806 if (dbus && unit_stop_pending(dbus))
1807 return sd_bus_error_setf(error,
1808 BUS_ERROR_SHUTTING_DOWN,
1809 "Operation for unit %s refused, D-Bus is shutting down.",
1810 u->id);
1811 }
1812
1813 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY)) {
1814 affected = set_new(NULL);
1815 if (!affected)
1816 return -ENOMEM;
1817 }
1818
1819 r = manager_add_job(u->manager, type, u, mode, affected, error, &j);
1820 if (r < 0)
1821 return r;
1822
1823 r = bus_job_track_sender(j, message);
1824 if (r < 0)
1825 return r;
1826
1827 /* Before we send the method reply, force out the announcement JobNew for this job */
1828 bus_job_send_pending_change_signal(j, true);
1829
1830 job_path = job_dbus_path(j);
1831 if (!job_path)
1832 return -ENOMEM;
1833
1834 /* The classic response is just a job object path */
1835 if (!FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY))
1836 return sd_bus_message_append(reply, "o", job_path);
1837
1838 /* In verbose mode respond with the anchor job plus everything that has been affected */
1839
1840 unit_path = unit_dbus_path(j->unit);
1841 if (!unit_path)
1842 return -ENOMEM;
1843
1844 r = sd_bus_message_append(reply, "uosos",
1845 j->id, job_path,
1846 j->unit->id, unit_path,
1847 job_type_to_string(j->type));
1848 if (r < 0)
1849 return r;
1850
1851 r = sd_bus_message_open_container(reply, 'a', "(uosos)");
1852 if (r < 0)
1853 return r;
1854
1855 SET_FOREACH(a, affected) {
1856 if (a->id == j->id)
1857 continue;
1858
1859 /* Free paths from previous iteration */
1860 job_path = mfree(job_path);
1861 unit_path = mfree(unit_path);
1862
1863 job_path = job_dbus_path(a);
1864 if (!job_path)
1865 return -ENOMEM;
1866
1867 unit_path = unit_dbus_path(a->unit);
1868 if (!unit_path)
1869 return -ENOMEM;
1870
1871 r = sd_bus_message_append(reply, "(uosos)",
1872 a->id, job_path,
1873 a->unit->id, unit_path,
1874 job_type_to_string(a->type));
1875 if (r < 0)
1876 return r;
1877 }
1878
1879 return sd_bus_message_close_container(reply);
1880 }
1881
1882 int bus_unit_queue_job(
1883 sd_bus_message *message,
1884 Unit *u,
1885 JobType type,
1886 JobMode mode,
1887 BusUnitQueueFlags flags,
1888 sd_bus_error *error) {
1889
1890 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1891 int r;
1892
1893 assert(message);
1894 assert(u);
1895 assert(type >= 0 && type < _JOB_TYPE_MAX);
1896 assert(mode >= 0 && mode < _JOB_MODE_MAX);
1897
1898 r = mac_selinux_unit_access_check(
1899 u, message,
1900 job_type_to_access_method(type),
1901 error);
1902 if (r < 0)
1903 return r;
1904
1905 r = sd_bus_message_new_method_return(message, &reply);
1906 if (r < 0)
1907 return r;
1908
1909 r = bus_unit_queue_job_one(message, u, type, mode, flags, reply, error);
1910 if (r < 0)
1911 return r;
1912
1913 return sd_bus_send(NULL, reply, NULL);
1914 }
1915
1916 static int bus_unit_set_live_property(
1917 Unit *u,
1918 const char *name,
1919 sd_bus_message *message,
1920 UnitWriteFlags flags,
1921 sd_bus_error *error) {
1922
1923 int r;
1924
1925 assert(u);
1926 assert(name);
1927 assert(message);
1928
1929 /* Handles setting properties both "live" (i.e. at any time during runtime), and during creation (for
1930 * transient units that are being created). */
1931
1932 if (streq(name, "Description")) {
1933 const char *d;
1934
1935 r = sd_bus_message_read(message, "s", &d);
1936 if (r < 0)
1937 return r;
1938
1939 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1940 r = unit_set_description(u, d);
1941 if (r < 0)
1942 return r;
1943
1944 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "Description=%s", d);
1945 }
1946
1947 return 1;
1948 }
1949
1950 /* A setting that only applies to active units. We don't actually write this to /run, this state is
1951 * managed internally. "+foo" sets flag foo, "-foo" unsets flag foo, just "foo" resets flags to
1952 * foo. The last type cannot be mixed with "+" or "-". */
1953
1954 if (streq(name, "Markers")) {
1955 unsigned settings = 0, mask = 0;
1956 bool some_plus_minus = false, some_absolute = false;
1957
1958 r = sd_bus_message_enter_container(message, 'a', "s");
1959 if (r < 0)
1960 return r;
1961
1962 for (;;) {
1963 const char *word;
1964 bool b;
1965
1966 r = sd_bus_message_read(message, "s", &word);
1967 if (r < 0)
1968 return r;
1969 if (r == 0)
1970 break;
1971
1972 if (IN_SET(word[0], '+', '-')) {
1973 b = word[0] == '+';
1974 word++;
1975 some_plus_minus = true;
1976 } else {
1977 b = true;
1978 some_absolute = true;
1979 }
1980
1981 UnitMarker m = unit_marker_from_string(word);
1982 if (m < 0)
1983 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING,
1984 "Unknown marker \"%s\".", word);
1985
1986 SET_FLAG(settings, 1u << m, b);
1987 SET_FLAG(mask, 1u << m, true);
1988 }
1989
1990 r = sd_bus_message_exit_container(message);
1991 if (r < 0)
1992 return r;
1993
1994 if (some_plus_minus && some_absolute)
1995 return sd_bus_error_set(error, BUS_ERROR_BAD_UNIT_SETTING, "Bad marker syntax.");
1996
1997 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1998 if (some_absolute)
1999 u->markers = settings;
2000 else
2001 u->markers = settings | (u->markers & ~mask);
2002 }
2003
2004 return 1;
2005 }
2006
2007 return 0;
2008 }
2009
2010 static int bus_set_transient_emergency_action(
2011 Unit *u,
2012 const char *name,
2013 EmergencyAction *p,
2014 sd_bus_message *message,
2015 UnitWriteFlags flags,
2016 sd_bus_error *error) {
2017
2018 const char *s;
2019 EmergencyAction v;
2020 int r;
2021
2022 assert(p);
2023
2024 r = sd_bus_message_read(message, "s", &s);
2025 if (r < 0)
2026 return r;
2027
2028 r = parse_emergency_action(s, u->manager->runtime_scope, &v);
2029 if (r < 0)
2030 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
2031 r == -EOPNOTSUPP ? "%s setting invalid for manager type: %s"
2032 : "Invalid %s setting: %s",
2033 name, s);
2034
2035 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2036 *p = v;
2037 unit_write_settingf(u, flags, name,
2038 "%s=%s", name, s);
2039 }
2040
2041 return 1;
2042 }
2043
2044 static int bus_set_transient_exit_status(
2045 Unit *u,
2046 const char *name,
2047 int *p,
2048 sd_bus_message *message,
2049 UnitWriteFlags flags,
2050 sd_bus_error *error) {
2051
2052 int32_t k;
2053 int r;
2054
2055 assert(p);
2056
2057 r = sd_bus_message_read(message, "i", &k);
2058 if (r < 0)
2059 return r;
2060
2061 if (k > 255)
2062 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Exit status must be in range 0…255 or negative.");
2063
2064 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2065 *p = k < 0 ? -1 : k;
2066
2067 if (k < 0)
2068 unit_write_settingf(u, flags, name, "%s=", name);
2069 else
2070 unit_write_settingf(u, flags, name, "%s=%i", name, k);
2071 }
2072
2073 return 1;
2074 }
2075
2076 static BUS_DEFINE_SET_TRANSIENT_PARSE(collect_mode, CollectMode, collect_mode_from_string);
2077 static BUS_DEFINE_SET_TRANSIENT_PARSE(job_mode, JobMode, job_mode_from_string);
2078
2079 static int bus_set_transient_conditions(
2080 Unit *u,
2081 const char *name,
2082 Condition **list,
2083 bool is_condition,
2084 sd_bus_message *message,
2085 UnitWriteFlags flags,
2086 sd_bus_error *error) {
2087
2088 const char *type_name, *param;
2089 int trigger, negate, r;
2090 bool empty = true;
2091
2092 assert(list);
2093
2094 r = sd_bus_message_enter_container(message, 'a', "(sbbs)");
2095 if (r < 0)
2096 return r;
2097
2098 while ((r = sd_bus_message_read(message, "(sbbs)", &type_name, &trigger, &negate, &param)) > 0) {
2099 ConditionType t;
2100
2101 t = is_condition ? condition_type_from_string(type_name) : assert_type_from_string(type_name);
2102 if (t < 0)
2103 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid condition type: %s", type_name);
2104
2105 if (isempty(param))
2106 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Condition parameter in %s is empty", type_name);
2107
2108 if (condition_takes_path(t) && !path_is_absolute(param))
2109 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path in condition %s is not absolute: %s", type_name, param);
2110
2111 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2112 Condition *c;
2113
2114 c = condition_new(t, param, trigger, negate);
2115 if (!c)
2116 return -ENOMEM;
2117
2118 LIST_PREPEND(conditions, *list, c);
2119
2120 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name,
2121 "%s=%s%s%s", type_name,
2122 trigger ? "|" : "", negate ? "!" : "", param);
2123 }
2124
2125 empty = false;
2126 }
2127 if (r < 0)
2128 return r;
2129
2130 r = sd_bus_message_exit_container(message);
2131 if (r < 0)
2132 return r;
2133
2134 if (!UNIT_WRITE_FLAGS_NOOP(flags) && empty) {
2135 *list = condition_free_list(*list);
2136 unit_write_settingf(u, flags, name, "%sNull=", is_condition ? "Condition" : "Assert");
2137 }
2138
2139 return 1;
2140 }
2141
2142 static int bus_unit_set_transient_property(
2143 Unit *u,
2144 const char *name,
2145 sd_bus_message *message,
2146 UnitWriteFlags flags,
2147 sd_bus_error *error) {
2148
2149 UnitDependency d;
2150 int r;
2151
2152 assert(u);
2153 assert(name);
2154 assert(message);
2155
2156 /* Handles settings when transient units are created. This settings cannot be altered anymore after
2157 * the unit has been created. */
2158
2159 if (streq(name, "SourcePath"))
2160 return bus_set_transient_path(u, name, &u->source_path, message, flags, error);
2161
2162 if (streq(name, "StopWhenUnneeded"))
2163 return bus_set_transient_bool(u, name, &u->stop_when_unneeded, message, flags, error);
2164
2165 if (streq(name, "RefuseManualStart"))
2166 return bus_set_transient_bool(u, name, &u->refuse_manual_start, message, flags, error);
2167
2168 if (streq(name, "RefuseManualStop"))
2169 return bus_set_transient_bool(u, name, &u->refuse_manual_stop, message, flags, error);
2170
2171 if (streq(name, "AllowIsolate"))
2172 return bus_set_transient_bool(u, name, &u->allow_isolate, message, flags, error);
2173
2174 if (streq(name, "DefaultDependencies"))
2175 return bus_set_transient_bool(u, name, &u->default_dependencies, message, flags, error);
2176
2177 if (streq(name, "OnSuccessJobMode"))
2178 return bus_set_transient_job_mode(u, name, &u->on_success_job_mode, message, flags, error);
2179
2180 if (streq(name, "OnFailureJobMode"))
2181 return bus_set_transient_job_mode(u, name, &u->on_failure_job_mode, message, flags, error);
2182
2183 if (streq(name, "IgnoreOnIsolate"))
2184 return bus_set_transient_bool(u, name, &u->ignore_on_isolate, message, flags, error);
2185
2186 if (streq(name, "JobTimeoutUSec")) {
2187 r = bus_set_transient_usec_fix_0(u, name, &u->job_timeout, message, flags, error);
2188 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags) && !u->job_running_timeout_set)
2189 u->job_running_timeout = u->job_timeout;
2190 }
2191
2192 if (streq(name, "JobRunningTimeoutUSec")) {
2193 r = bus_set_transient_usec_fix_0(u, name, &u->job_running_timeout, message, flags, error);
2194 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags))
2195 u->job_running_timeout_set = true;
2196
2197 return r;
2198 }
2199
2200 if (streq(name, "JobTimeoutAction"))
2201 return bus_set_transient_emergency_action(u, name, &u->job_timeout_action, message, flags, error);
2202
2203 if (streq(name, "JobTimeoutRebootArgument"))
2204 return bus_set_transient_string(u, name, &u->job_timeout_reboot_arg, message, flags, error);
2205
2206 if (streq(name, "StartLimitIntervalUSec"))
2207 return bus_set_transient_usec(u, name, &u->start_ratelimit.interval, message, flags, error);
2208
2209 if (streq(name, "StartLimitBurst"))
2210 return bus_set_transient_unsigned(u, name, &u->start_ratelimit.burst, message, flags, error);
2211
2212 if (streq(name, "StartLimitAction"))
2213 return bus_set_transient_emergency_action(u, name, &u->start_limit_action, message, flags, error);
2214
2215 if (streq(name, "FailureAction"))
2216 return bus_set_transient_emergency_action(u, name, &u->failure_action, message, flags, error);
2217
2218 if (streq(name, "SuccessAction"))
2219 return bus_set_transient_emergency_action(u, name, &u->success_action, message, flags, error);
2220
2221 if (streq(name, "FailureActionExitStatus"))
2222 return bus_set_transient_exit_status(u, name, &u->failure_action_exit_status, message, flags, error);
2223
2224 if (streq(name, "SuccessActionExitStatus"))
2225 return bus_set_transient_exit_status(u, name, &u->success_action_exit_status, message, flags, error);
2226
2227 if (streq(name, "RebootArgument"))
2228 return bus_set_transient_string(u, name, &u->reboot_arg, message, flags, error);
2229
2230 if (streq(name, "CollectMode"))
2231 return bus_set_transient_collect_mode(u, name, &u->collect_mode, message, flags, error);
2232
2233 if (streq(name, "Conditions"))
2234 return bus_set_transient_conditions(u, name, &u->conditions, true, message, flags, error);
2235
2236 if (streq(name, "Asserts"))
2237 return bus_set_transient_conditions(u, name, &u->asserts, false, message, flags, error);
2238
2239 if (streq(name, "Documentation")) {
2240 _cleanup_strv_free_ char **l = NULL;
2241
2242 r = sd_bus_message_read_strv(message, &l);
2243 if (r < 0)
2244 return r;
2245
2246 STRV_FOREACH(p, l)
2247 if (!documentation_url_is_valid(*p))
2248 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid URL in %s: %s", name, *p);
2249
2250 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2251 if (strv_isempty(l)) {
2252 u->documentation = strv_free(u->documentation);
2253 unit_write_settingf(u, flags, name, "%s=", name);
2254 } else {
2255 strv_extend_strv(&u->documentation, l, false);
2256
2257 STRV_FOREACH(p, l)
2258 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2259 }
2260 }
2261
2262 return 1;
2263
2264 } else if (streq(name, "Slice")) {
2265 Unit *slice;
2266 const char *s;
2267
2268 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2269 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "The slice property is only available for units with control groups.");
2270 if (u->type == UNIT_SLICE)
2271 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Slice may not be set for slice units.");
2272 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
2273 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot set slice for init.scope");
2274
2275 r = sd_bus_message_read(message, "s", &s);
2276 if (r < 0)
2277 return r;
2278
2279 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
2280 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s);
2281
2282 /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be
2283 * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare()
2284 * instead of manager_load_unit() on purpose, here. */
2285 r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice);
2286 if (r < 0)
2287 return r;
2288
2289 if (slice->type != UNIT_SLICE)
2290 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit name '%s' is not a slice", s);
2291
2292 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2293 r = unit_set_slice(u, slice);
2294 if (r < 0)
2295 return r;
2296
2297 unit_write_settingf(u, flags|UNIT_PRIVATE, name, "Slice=%s", s);
2298 }
2299
2300 return 1;
2301
2302 } else if (streq(name, "RequiresMountsFor")) {
2303 _cleanup_strv_free_ char **l = NULL;
2304
2305 r = sd_bus_message_read_strv(message, &l);
2306 if (r < 0)
2307 return r;
2308
2309 STRV_FOREACH(p, l) {
2310 path_simplify(*p);
2311
2312 if (!path_is_absolute(*p))
2313 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not absolute: %s", name, *p);
2314
2315 if (!path_is_valid(*p))
2316 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s has invalid length: %s", name, *p);
2317
2318 if (!path_is_normalized(*p))
2319 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not normalized: %s", name, *p);
2320
2321 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2322 r = unit_require_mounts_for(u, *p, UNIT_DEPENDENCY_FILE);
2323 if (r < 0)
2324 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to add required mount \"%s\": %m", *p);
2325
2326 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2327 }
2328 }
2329
2330 return 1;
2331 }
2332
2333 if (streq(name, "RequiresOverridable"))
2334 d = UNIT_REQUIRES; /* redirect for obsolete unit dependency type */
2335 else if (streq(name, "RequisiteOverridable"))
2336 d = UNIT_REQUISITE; /* same here */
2337 else
2338 d = unit_dependency_from_string(name);
2339
2340 if (d >= 0) {
2341 const char *other;
2342
2343 if (!IN_SET(d,
2344 UNIT_REQUIRES,
2345 UNIT_REQUISITE,
2346 UNIT_WANTS,
2347 UNIT_BINDS_TO,
2348 UNIT_PART_OF,
2349 UNIT_UPHOLDS,
2350 UNIT_CONFLICTS,
2351 UNIT_BEFORE,
2352 UNIT_AFTER,
2353 UNIT_ON_SUCCESS,
2354 UNIT_ON_FAILURE,
2355 UNIT_PROPAGATES_RELOAD_TO,
2356 UNIT_RELOAD_PROPAGATED_FROM,
2357 UNIT_PROPAGATES_STOP_TO,
2358 UNIT_STOP_PROPAGATED_FROM,
2359 UNIT_JOINS_NAMESPACE_OF))
2360 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Dependency type %s may not be created transiently.", unit_dependency_to_string(d));
2361
2362 r = sd_bus_message_enter_container(message, 'a', "s");
2363 if (r < 0)
2364 return r;
2365
2366 while ((r = sd_bus_message_read(message, "s", &other)) > 0) {
2367 if (!unit_name_is_valid(other, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2368 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name %s", other);
2369
2370 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2371 _cleanup_free_ char *label = NULL;
2372
2373 r = unit_add_dependency_by_name(u, d, other, true, UNIT_DEPENDENCY_FILE);
2374 if (r < 0)
2375 return r;
2376
2377 label = strjoin(name, "-", other);
2378 if (!label)
2379 return -ENOMEM;
2380
2381 unit_write_settingf(u, flags, label, "%s=%s", unit_dependency_to_string(d), other);
2382 }
2383
2384 }
2385 if (r < 0)
2386 return r;
2387
2388 r = sd_bus_message_exit_container(message);
2389 if (r < 0)
2390 return r;
2391
2392 return 1;
2393
2394 } else if (streq(name, "AddRef")) {
2395
2396 int b;
2397
2398 /* Why is this called "AddRef" rather than just "Ref", or "Reference"? There's already a "Ref()" method
2399 * on the Unit interface, and it's probably not a good idea to expose a property and a method on the
2400 * same interface (well, strictly speaking AddRef isn't exposed as full property, we just read it for
2401 * transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
2402 * dependency type, hence let's not confuse things with that.
2403 *
2404 * Note that we don't actually add the reference to the bus track. We do that only after the setup of
2405 * the transient unit is complete, so that setting this property multiple times in the same transient
2406 * unit creation call doesn't count as individual references. */
2407
2408 r = sd_bus_message_read(message, "b", &b);
2409 if (r < 0)
2410 return r;
2411
2412 if (!UNIT_WRITE_FLAGS_NOOP(flags))
2413 u->bus_track_add = b;
2414
2415 return 1;
2416 }
2417
2418 return 0;
2419 }
2420
2421 int bus_unit_set_properties(
2422 Unit *u,
2423 sd_bus_message *message,
2424 UnitWriteFlags flags,
2425 bool commit,
2426 sd_bus_error *error) {
2427
2428 bool for_real = false;
2429 unsigned n = 0;
2430 int r;
2431
2432 assert(u);
2433 assert(message);
2434
2435 /* We iterate through the array twice. First run just checks if all passed data is valid, second run
2436 * actually applies it. This implements transaction-like behaviour without actually providing full
2437 * transactions. */
2438
2439 r = sd_bus_message_enter_container(message, 'a', "(sv)");
2440 if (r < 0)
2441 goto error;
2442
2443 for (;;) {
2444 const char *name;
2445 UnitWriteFlags f;
2446
2447 r = sd_bus_message_enter_container(message, 'r', "sv");
2448 if (r < 0)
2449 goto error;
2450 if (r == 0) {
2451 if (for_real || UNIT_WRITE_FLAGS_NOOP(flags))
2452 break;
2453
2454 /* Reached EOF. Let's try again, and this time for realz... */
2455 r = sd_bus_message_rewind(message, false);
2456 if (r < 0)
2457 goto error;
2458
2459 for_real = true;
2460 continue;
2461 }
2462
2463 r = sd_bus_message_read(message, "s", &name);
2464 if (r < 0)
2465 goto error;
2466
2467 r = sd_bus_message_enter_container(message, 'v', NULL);
2468 if (r < 0)
2469 goto error;
2470
2471 /* If not for real, then mask out the two target flags */
2472 f = for_real ? flags : (flags & ~(UNIT_RUNTIME|UNIT_PERSISTENT));
2473
2474 if (UNIT_VTABLE(u)->bus_set_property)
2475 r = UNIT_VTABLE(u)->bus_set_property(u, name, message, f, error);
2476 else
2477 r = 0;
2478 if (r == 0 && u->transient && u->load_state == UNIT_STUB)
2479 r = bus_unit_set_transient_property(u, name, message, f, error);
2480 if (r == 0)
2481 r = bus_unit_set_live_property(u, name, message, f, error);
2482 if (r < 0)
2483 goto error;
2484
2485 if (r == 0)
2486 return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY,
2487 "Cannot set property %s, or unknown property.", name);
2488
2489 r = sd_bus_message_exit_container(message);
2490 if (r < 0)
2491 goto error;
2492
2493 r = sd_bus_message_exit_container(message);
2494 if (r < 0)
2495 goto error;
2496
2497 n += for_real;
2498 }
2499
2500 r = sd_bus_message_exit_container(message);
2501 if (r < 0)
2502 goto error;
2503
2504 if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
2505 UNIT_VTABLE(u)->bus_commit_properties(u);
2506
2507 return n;
2508
2509 error:
2510 /* Pretty much any of the calls above can fail if the message is not formed properly
2511 * or if it has unexpected contents. Fill in a more informative error message here. */
2512 if (sd_bus_error_is_set(error))
2513 return r;
2514 return sd_bus_error_set_errnof(error, r,
2515 r == -ENXIO ? "Failed to set unit properties: Unexpected message contents"
2516 : "Failed to set unit properties: %m");
2517 }
2518
2519 int bus_unit_validate_load_state(Unit *u, sd_bus_error *error) {
2520 assert(u);
2521
2522 /* Generates a pretty error if a unit isn't properly loaded. */
2523
2524 switch (u->load_state) {
2525
2526 case UNIT_LOADED:
2527 return 0;
2528
2529 case UNIT_NOT_FOUND:
2530 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not found.", u->id);
2531
2532 case UNIT_BAD_SETTING:
2533 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING, "Unit %s has a bad unit file setting.", u->id);
2534
2535 case UNIT_ERROR: /* Only show .load_error in UNIT_ERROR state */
2536 return sd_bus_error_set_errnof(error, u->load_error,
2537 "Unit %s failed to load properly, please adjust/correct and reload service manager: %m", u->id);
2538
2539 case UNIT_MASKED:
2540 return sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED, "Unit %s is masked.", u->id);
2541
2542 case UNIT_STUB:
2543 case UNIT_MERGED:
2544 default:
2545 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unexpected load state of unit %s", u->id);
2546 }
2547 }
2548
2549 static int bus_unit_track_handler(sd_bus_track *t, void *userdata) {
2550 Unit *u = ASSERT_PTR(userdata);
2551
2552 assert(t);
2553
2554 u->bus_track = sd_bus_track_unref(u->bus_track); /* make sure we aren't called again */
2555
2556 /* If the client that tracks us disappeared, then there's reason to believe that the cgroup is empty now too,
2557 * let's see */
2558 unit_add_to_cgroup_empty_queue(u);
2559
2560 /* Also add the unit to the GC queue, after all if the client left it might be time to GC this unit */
2561 unit_add_to_gc_queue(u);
2562
2563 return 0;
2564 }
2565
2566 static int bus_unit_allocate_bus_track(Unit *u) {
2567 int r;
2568
2569 assert(u);
2570
2571 if (u->bus_track)
2572 return 0;
2573
2574 r = sd_bus_track_new(u->manager->api_bus, &u->bus_track, bus_unit_track_handler, u);
2575 if (r < 0)
2576 return r;
2577
2578 r = sd_bus_track_set_recursive(u->bus_track, true);
2579 if (r < 0) {
2580 u->bus_track = sd_bus_track_unref(u->bus_track);
2581 return r;
2582 }
2583
2584 return 0;
2585 }
2586
2587 int bus_unit_track_add_name(Unit *u, const char *name) {
2588 int r;
2589
2590 assert(u);
2591
2592 r = bus_unit_allocate_bus_track(u);
2593 if (r < 0)
2594 return r;
2595
2596 return sd_bus_track_add_name(u->bus_track, name);
2597 }
2598
2599 int bus_unit_track_add_sender(Unit *u, sd_bus_message *m) {
2600 int r;
2601
2602 assert(u);
2603
2604 r = bus_unit_allocate_bus_track(u);
2605 if (r < 0)
2606 return r;
2607
2608 return sd_bus_track_add_sender(u->bus_track, m);
2609 }
2610
2611 int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m) {
2612 assert(u);
2613
2614 /* If we haven't allocated the bus track object yet, then there's definitely no reference taken yet,
2615 * return an error */
2616 if (!u->bus_track)
2617 return -EUNATCH;
2618
2619 return sd_bus_track_remove_sender(u->bus_track, m);
2620 }
Unnamed repository; edit this file 'description' to name the repository.