]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus-unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #28436 from rpigott/zsh-fixups
[thirdparty/systemd.git] / src / core / dbus-unit.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include "sd-bus.h"
4
5 #include "alloc-util.h"
6 #include "bpf-firewall.h"
7 #include "bus-common-errors.h"
8 #include "bus-get-properties.h"
9 #include "bus-polkit.h"
10 #include "cgroup-util.h"
11 #include "condition.h"
12 #include "dbus-job.h"
13 #include "dbus-manager.h"
14 #include "dbus-unit.h"
15 #include "dbus-util.h"
16 #include "dbus.h"
17 #include "fd-util.h"
18 #include "install.h"
19 #include "locale-util.h"
20 #include "log.h"
21 #include "path-util.h"
22 #include "process-util.h"
23 #include "selinux-access.h"
24 #include "service.h"
25 #include "signal-util.h"
26 #include "special.h"
27 #include "string-table.h"
28 #include "string-util.h"
29 #include "strv.h"
30 #include "user-util.h"
31 #include "web-util.h"
32
33 static bool unit_can_start_refuse_manual(Unit *u) {
34 return unit_can_start(u) && !u->refuse_manual_start;
35 }
36
37 static bool unit_can_stop_refuse_manual(Unit *u) {
38 return unit_can_stop(u) && !u->refuse_manual_stop;
39 }
40
41 static bool unit_can_isolate_refuse_manual(Unit *u) {
42 return unit_can_isolate(u) && !u->refuse_manual_start;
43 }
44
45 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_collect_mode, collect_mode, CollectMode);
46 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_load_state, unit_load_state, UnitLoadState);
47 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_job_mode, job_mode, JobMode);
48 static BUS_DEFINE_PROPERTY_GET(property_get_description, "s", Unit, unit_description);
49 static BUS_DEFINE_PROPERTY_GET2(property_get_active_state, "s", Unit, unit_active_state, unit_active_state_to_string);
50 static BUS_DEFINE_PROPERTY_GET2(property_get_freezer_state, "s", Unit, unit_freezer_state, freezer_state_to_string);
51 static BUS_DEFINE_PROPERTY_GET(property_get_sub_state, "s", Unit, unit_sub_state_to_string);
52 static BUS_DEFINE_PROPERTY_GET2(property_get_unit_file_state, "s", Unit, unit_get_unit_file_state, unit_file_state_to_string);
53 static BUS_DEFINE_PROPERTY_GET(property_get_can_reload, "b", Unit, unit_can_reload);
54 static BUS_DEFINE_PROPERTY_GET(property_get_can_start, "b", Unit, unit_can_start_refuse_manual);
55 static BUS_DEFINE_PROPERTY_GET(property_get_can_stop, "b", Unit, unit_can_stop_refuse_manual);
56 static BUS_DEFINE_PROPERTY_GET(property_get_can_isolate, "b", Unit, unit_can_isolate_refuse_manual);
57 static BUS_DEFINE_PROPERTY_GET(property_get_can_freeze, "b", Unit, unit_can_freeze);
58 static BUS_DEFINE_PROPERTY_GET(property_get_need_daemon_reload, "b", Unit, unit_need_daemon_reload);
59 static BUS_DEFINE_PROPERTY_GET_GLOBAL(property_get_empty_strv, "as", 0);
60
61 static int property_get_can_clean(
62 sd_bus *bus,
63 const char *path,
64 const char *interface,
65 const char *property,
66 sd_bus_message *reply,
67 void *userdata,
68 sd_bus_error *error) {
69
70 Unit *u = userdata;
71 ExecCleanMask mask;
72 int r;
73
74 assert(bus);
75 assert(reply);
76
77 r = unit_can_clean(u, &mask);
78 if (r < 0)
79 return r;
80
81 r = sd_bus_message_open_container(reply, 'a', "s");
82 if (r < 0)
83 return r;
84
85 for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
86 if (!FLAGS_SET(mask, 1U << t))
87 continue;
88
89 r = sd_bus_message_append(reply, "s", exec_resource_type_to_string(t));
90 if (r < 0)
91 return r;
92 }
93
94 if (FLAGS_SET(mask, EXEC_CLEAN_FDSTORE)) {
95 r = sd_bus_message_append(reply, "s", "fdstore");
96 if (r < 0)
97 return r;
98 }
99
100 return sd_bus_message_close_container(reply);
101 }
102
103 static int property_get_names(
104 sd_bus *bus,
105 const char *path,
106 const char *interface,
107 const char *property,
108 sd_bus_message *reply,
109 void *userdata,
110 sd_bus_error *error) {
111
112 Unit *u = ASSERT_PTR(userdata);
113 const char *t;
114 int r;
115
116 assert(bus);
117 assert(reply);
118
119 r = sd_bus_message_open_container(reply, 'a', "s");
120 if (r < 0)
121 return r;
122
123 r = sd_bus_message_append(reply, "s", u->id);
124 if (r < 0)
125 return r;
126
127 SET_FOREACH(t, u->aliases) {
128 r = sd_bus_message_append(reply, "s", t);
129 if (r < 0)
130 return r;
131 }
132
133 return sd_bus_message_close_container(reply);
134 }
135
136 static int property_get_following(
137 sd_bus *bus,
138 const char *path,
139 const char *interface,
140 const char *property,
141 sd_bus_message *reply,
142 void *userdata,
143 sd_bus_error *error) {
144
145 Unit *u = userdata, *f;
146
147 assert(bus);
148 assert(reply);
149 assert(u);
150
151 f = unit_following(u);
152 return sd_bus_message_append(reply, "s", f ? f->id : NULL);
153 }
154
155 static int property_get_dependencies(
156 sd_bus *bus,
157 const char *path,
158 const char *interface,
159 const char *property,
160 sd_bus_message *reply,
161 void *userdata,
162 sd_bus_error *error) {
163
164 Unit *u = userdata, *other;
165 UnitDependency d;
166 Hashmap *deps;
167 void *v;
168 int r;
169
170 assert(bus);
171 assert(reply);
172 assert(u);
173
174 d = unit_dependency_from_string(property);
175 assert_se(d >= 0);
176
177 deps = unit_get_dependencies(u, d);
178
179 r = sd_bus_message_open_container(reply, 'a', "s");
180 if (r < 0)
181 return r;
182
183 HASHMAP_FOREACH_KEY(v, other, deps) {
184 r = sd_bus_message_append(reply, "s", other->id);
185 if (r < 0)
186 return r;
187 }
188
189 return sd_bus_message_close_container(reply);
190 }
191
192 static int property_get_requires_mounts_for(
193 sd_bus *bus,
194 const char *path,
195 const char *interface,
196 const char *property,
197 sd_bus_message *reply,
198 void *userdata,
199 sd_bus_error *error) {
200
201 Hashmap **h = ASSERT_PTR(userdata);
202 const char *p;
203 void *v;
204 int r;
205
206 assert(bus);
207 assert(reply);
208
209 r = sd_bus_message_open_container(reply, 'a', "s");
210 if (r < 0)
211 return r;
212
213 HASHMAP_FOREACH_KEY(v, p, *h) {
214 r = sd_bus_message_append(reply, "s", p);
215 if (r < 0)
216 return r;
217 }
218
219 return sd_bus_message_close_container(reply);
220 }
221
222 static int property_get_unit_file_preset(
223 sd_bus *bus,
224 const char *path,
225 const char *interface,
226 const char *property,
227 sd_bus_message *reply,
228 void *userdata,
229 sd_bus_error *error) {
230
231 Unit *u = ASSERT_PTR(userdata);
232 int r;
233
234 assert(bus);
235 assert(reply);
236
237 r = unit_get_unit_file_preset(u);
238
239 return sd_bus_message_append(reply, "s", preset_action_past_tense_to_string(r));
240 }
241
242 static int property_get_job(
243 sd_bus *bus,
244 const char *path,
245 const char *interface,
246 const char *property,
247 sd_bus_message *reply,
248 void *userdata,
249 sd_bus_error *error) {
250
251 _cleanup_free_ char *p = NULL;
252 Job **j = ASSERT_PTR(userdata);
253
254 assert(bus);
255 assert(reply);
256
257 if (!*j)
258 return sd_bus_message_append(reply, "(uo)", 0, "/");
259
260 p = job_dbus_path(*j);
261 if (!p)
262 return -ENOMEM;
263
264 return sd_bus_message_append(reply, "(uo)", (*j)->id, p);
265 }
266
267 static int property_get_conditions(
268 sd_bus *bus,
269 const char *path,
270 const char *interface,
271 const char *property,
272 sd_bus_message *reply,
273 void *userdata,
274 sd_bus_error *error) {
275
276 const char *(*to_string)(ConditionType type) = NULL;
277 Condition **list = ASSERT_PTR(userdata);
278 int r;
279
280 assert(bus);
281 assert(reply);
282
283 to_string = streq(property, "Asserts") ? assert_type_to_string : condition_type_to_string;
284
285 r = sd_bus_message_open_container(reply, 'a', "(sbbsi)");
286 if (r < 0)
287 return r;
288
289 LIST_FOREACH(conditions, c, *list) {
290 int tristate;
291
292 tristate =
293 c->result == CONDITION_UNTESTED ? 0 :
294 c->result == CONDITION_SUCCEEDED ? 1 : -1;
295
296 r = sd_bus_message_append(reply, "(sbbsi)",
297 to_string(c->type),
298 c->trigger, c->negate,
299 c->parameter, tristate);
300 if (r < 0)
301 return r;
302
303 }
304
305 return sd_bus_message_close_container(reply);
306 }
307
308 static int property_get_load_error(
309 sd_bus *bus,
310 const char *path,
311 const char *interface,
312 const char *property,
313 sd_bus_message *reply,
314 void *userdata,
315 sd_bus_error *error) {
316
317 _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
318 Unit *u = ASSERT_PTR(userdata);
319 int r;
320
321 assert(bus);
322 assert(reply);
323
324 r = bus_unit_validate_load_state(u, &e);
325 if (r < 0)
326 return sd_bus_message_append(reply, "(ss)", e.name, e.message);
327
328 return sd_bus_message_append(reply, "(ss)", NULL, NULL);
329 }
330
331 static int property_get_markers(
332 sd_bus *bus,
333 const char *path,
334 const char *interface,
335 const char *property,
336 sd_bus_message *reply,
337 void *userdata,
338 sd_bus_error *error) {
339
340 unsigned *markers = ASSERT_PTR(userdata);
341 int r;
342
343 assert(bus);
344 assert(reply);
345
346 r = sd_bus_message_open_container(reply, 'a', "s");
347 if (r < 0)
348 return r;
349
350 /* Make sure out values fit in the bitfield. */
351 assert_cc(_UNIT_MARKER_MAX <= sizeof(((Unit){}).markers) * 8);
352
353 for (UnitMarker m = 0; m < _UNIT_MARKER_MAX; m++)
354 if (FLAGS_SET(*markers, 1u << m)) {
355 r = sd_bus_message_append(reply, "s", unit_marker_to_string(m));
356 if (r < 0)
357 return r;
358 }
359
360 return sd_bus_message_close_container(reply);
361 }
362
363 static const char *const polkit_message_for_job[_JOB_TYPE_MAX] = {
364 [JOB_START] = N_("Authentication is required to start '$(unit)'."),
365 [JOB_STOP] = N_("Authentication is required to stop '$(unit)'."),
366 [JOB_RELOAD] = N_("Authentication is required to reload '$(unit)'."),
367 [JOB_RESTART] = N_("Authentication is required to restart '$(unit)'."),
368 [JOB_TRY_RESTART] = N_("Authentication is required to restart '$(unit)'."),
369 };
370
371 int bus_unit_method_start_generic(
372 sd_bus_message *message,
373 Unit *u,
374 JobType job_type,
375 bool reload_if_possible,
376 sd_bus_error *error) {
377
378 BusUnitQueueFlags job_flags = reload_if_possible ? BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE : 0;
379 const char *smode, *verb;
380 JobMode mode;
381 int r;
382
383 assert(message);
384 assert(u);
385 assert(job_type >= 0 && job_type < _JOB_TYPE_MAX);
386
387 r = mac_selinux_unit_access_check(
388 u, message,
389 job_type_to_access_method(job_type),
390 error);
391 if (r < 0)
392 return r;
393
394 r = sd_bus_message_read(message, "s", &smode);
395 if (r < 0)
396 return r;
397
398 mode = job_mode_from_string(smode);
399 if (mode < 0)
400 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
401
402 if (reload_if_possible)
403 verb = strjoina("reload-or-", job_type_to_string(job_type));
404 else
405 verb = job_type_to_string(job_type);
406
407 if (sd_bus_message_is_method_call(message, NULL, "StartUnitWithFlags")) {
408 uint64_t input_flags = 0;
409
410 r = sd_bus_message_read(message, "t", &input_flags);
411 if (r < 0)
412 return r;
413 /* Let clients know that this version doesn't support any flags at the moment. */
414 if (input_flags != 0)
415 return sd_bus_reply_method_errorf(message, SD_BUS_ERROR_INVALID_ARGS,
416 "Invalid 'flags' parameter '%" PRIu64 "'",
417 input_flags);
418 }
419
420 r = bus_verify_manage_units_async_full(
421 u,
422 verb,
423 CAP_SYS_ADMIN,
424 polkit_message_for_job[job_type],
425 true,
426 message,
427 error);
428 if (r < 0)
429 return r;
430 if (r == 0)
431 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
432
433 return bus_unit_queue_job(message, u, job_type, mode, job_flags, error);
434 }
435
436 static int bus_unit_method_start(sd_bus_message *message, void *userdata, sd_bus_error *error) {
437 return bus_unit_method_start_generic(message, userdata, JOB_START, false, error);
438 }
439
440 static int bus_unit_method_stop(sd_bus_message *message, void *userdata, sd_bus_error *error) {
441 return bus_unit_method_start_generic(message, userdata, JOB_STOP, false, error);
442 }
443
444 static int bus_unit_method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
445 return bus_unit_method_start_generic(message, userdata, JOB_RELOAD, false, error);
446 }
447
448 static int bus_unit_method_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
449 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, false, error);
450 }
451
452 static int bus_unit_method_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
453 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, false, error);
454 }
455
456 static int bus_unit_method_reload_or_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
457 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, true, error);
458 }
459
460 static int bus_unit_method_reload_or_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
461 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, true, error);
462 }
463
464 int bus_unit_method_enqueue_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
465 BusUnitQueueFlags flags = BUS_UNIT_QUEUE_VERBOSE_REPLY;
466 const char *jtype, *smode;
467 Unit *u = ASSERT_PTR(userdata);
468 JobType type;
469 JobMode mode;
470 int r;
471
472 assert(message);
473
474 r = sd_bus_message_read(message, "ss", &jtype, &smode);
475 if (r < 0)
476 return r;
477
478 /* Parse the two magic reload types "reload-or-…" manually */
479 if (streq(jtype, "reload-or-restart")) {
480 type = JOB_RESTART;
481 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
482 } else if (streq(jtype, "reload-or-try-restart")) {
483 type = JOB_TRY_RESTART;
484 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
485 } else {
486 /* And the rest generically */
487 type = job_type_from_string(jtype);
488 if (type < 0)
489 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job type %s invalid", jtype);
490 }
491
492 mode = job_mode_from_string(smode);
493 if (mode < 0)
494 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
495
496 r = mac_selinux_unit_access_check(
497 u, message,
498 job_type_to_access_method(type),
499 error);
500 if (r < 0)
501 return r;
502
503 r = bus_verify_manage_units_async_full(
504 u,
505 jtype,
506 CAP_SYS_ADMIN,
507 polkit_message_for_job[type],
508 true,
509 message,
510 error);
511 if (r < 0)
512 return r;
513 if (r == 0)
514 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
515
516 return bus_unit_queue_job(message, u, type, mode, flags, error);
517 }
518
519 int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
520 Unit *u = ASSERT_PTR(userdata);
521 int32_t value = 0;
522 const char *swho;
523 int32_t signo;
524 KillWho who;
525 int r, code;
526
527 assert(message);
528
529 r = mac_selinux_unit_access_check(u, message, "stop", error);
530 if (r < 0)
531 return r;
532
533 r = sd_bus_message_read(message, "si", &swho, &signo);
534 if (r < 0)
535 return r;
536
537 if (startswith(sd_bus_message_get_member(message), "QueueSignal")) {
538 r = sd_bus_message_read(message, "i", &value);
539 if (r < 0)
540 return r;
541
542 code = SI_QUEUE;
543 } else
544 code = SI_USER;
545
546 if (isempty(swho))
547 who = KILL_ALL;
548 else {
549 who = kill_who_from_string(swho);
550 if (who < 0)
551 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument: %s", swho);
552 }
553
554 if (!SIGNAL_VALID(signo))
555 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
556
557 if (code == SI_QUEUE && !((signo >= SIGRTMIN) && (signo <= SIGRTMAX)))
558 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
559 "Value parameter only accepted for realtime signals (SIGRTMIN…SIGRTMAX), refusing for signal SIG%s.", signal_to_string(signo));
560
561 r = bus_verify_manage_units_async_full(
562 u,
563 "kill",
564 CAP_KILL,
565 N_("Authentication is required to send a UNIX signal to the processes of '$(unit)'."),
566 true,
567 message,
568 error);
569 if (r < 0)
570 return r;
571 if (r == 0)
572 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
573
574 r = unit_kill(u, who, signo, code, value, error);
575 if (r < 0)
576 return r;
577
578 return sd_bus_reply_method_return(message, NULL);
579 }
580
581 int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
582 Unit *u = ASSERT_PTR(userdata);
583 int r;
584
585 assert(message);
586
587 r = mac_selinux_unit_access_check(u, message, "reload", error);
588 if (r < 0)
589 return r;
590
591 r = bus_verify_manage_units_async_full(
592 u,
593 "reset-failed",
594 CAP_SYS_ADMIN,
595 N_("Authentication is required to reset the \"failed\" state of '$(unit)'."),
596 true,
597 message,
598 error);
599 if (r < 0)
600 return r;
601 if (r == 0)
602 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
603
604 unit_reset_failed(u);
605
606 return sd_bus_reply_method_return(message, NULL);
607 }
608
609 int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
610 Unit *u = ASSERT_PTR(userdata);
611 int runtime, r;
612
613 assert(message);
614
615 r = mac_selinux_unit_access_check(u, message, "start", error);
616 if (r < 0)
617 return r;
618
619 r = sd_bus_message_read(message, "b", &runtime);
620 if (r < 0)
621 return r;
622
623 r = bus_verify_manage_units_async_full(
624 u,
625 "set-property",
626 CAP_SYS_ADMIN,
627 N_("Authentication is required to set properties on '$(unit)'."),
628 true,
629 message,
630 error);
631 if (r < 0)
632 return r;
633 if (r == 0)
634 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
635
636 r = bus_unit_set_properties(u, message, runtime ? UNIT_RUNTIME : UNIT_PERSISTENT, true, error);
637 if (r < 0)
638 return r;
639
640 return sd_bus_reply_method_return(message, NULL);
641 }
642
643 int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
644 Unit *u = ASSERT_PTR(userdata);
645 int r;
646
647 assert(message);
648
649 r = mac_selinux_unit_access_check(u, message, "start", error);
650 if (r < 0)
651 return r;
652
653 r = bus_verify_manage_units_async_full(
654 u,
655 "ref",
656 CAP_SYS_ADMIN,
657 NULL,
658 false,
659 message,
660 error);
661 if (r < 0)
662 return r;
663 if (r == 0)
664 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
665
666 r = bus_unit_track_add_sender(u, message);
667 if (r < 0)
668 return r;
669
670 return sd_bus_reply_method_return(message, NULL);
671 }
672
673 int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
674 Unit *u = ASSERT_PTR(userdata);
675 int r;
676
677 assert(message);
678
679 r = bus_unit_track_remove_sender(u, message);
680 if (r == -EUNATCH)
681 return sd_bus_error_set(error, BUS_ERROR_NOT_REFERENCED, "Unit has not been referenced yet.");
682 if (r < 0)
683 return r;
684
685 return sd_bus_reply_method_return(message, NULL);
686 }
687
688 int bus_unit_method_clean(sd_bus_message *message, void *userdata, sd_bus_error *error) {
689 ExecCleanMask mask = 0;
690 Unit *u = ASSERT_PTR(userdata);
691 int r;
692
693 assert(message);
694
695 r = mac_selinux_unit_access_check(u, message, "stop", error);
696 if (r < 0)
697 return r;
698
699 r = sd_bus_message_enter_container(message, 'a', "s");
700 if (r < 0)
701 return r;
702
703 for (;;) {
704 ExecCleanMask m;
705 const char *i;
706
707 r = sd_bus_message_read(message, "s", &i);
708 if (r < 0)
709 return r;
710 if (r == 0)
711 break;
712
713 m = exec_clean_mask_from_string(i);
714 if (m < 0)
715 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
716
717 mask |= m;
718 }
719
720 r = sd_bus_message_exit_container(message);
721 if (r < 0)
722 return r;
723
724 r = bus_verify_manage_units_async_full(
725 u,
726 "clean",
727 CAP_DAC_OVERRIDE,
728 N_("Authentication is required to delete files and directories associated with '$(unit)'."),
729 true,
730 message,
731 error);
732 if (r < 0)
733 return r;
734 if (r == 0)
735 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
736
737 r = unit_clean(u, mask);
738 if (r == -EOPNOTSUPP)
739 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support cleaning.", u->id);
740 if (r == -EUNATCH)
741 return sd_bus_error_set(error, BUS_ERROR_NOTHING_TO_CLEAN, "No matching resources found.");
742 if (r == -EBUSY)
743 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit is not inactive or has pending job.");
744 if (r < 0)
745 return r;
746
747 return sd_bus_reply_method_return(message, NULL);
748 }
749
750 static int bus_unit_method_freezer_generic(sd_bus_message *message, void *userdata, sd_bus_error *error, FreezerAction action) {
751 const char* perm;
752 int (*method)(Unit*);
753 Unit *u = ASSERT_PTR(userdata);
754 bool reply_no_delay = false;
755 int r;
756
757 assert(message);
758 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
759
760 if (action == FREEZER_FREEZE) {
761 perm = "stop";
762 method = unit_freeze;
763 } else {
764 perm = "start";
765 method = unit_thaw;
766 }
767
768 r = mac_selinux_unit_access_check(u, message, perm, error);
769 if (r < 0)
770 return r;
771
772 r = bus_verify_manage_units_async_full(
773 u,
774 perm,
775 CAP_SYS_ADMIN,
776 N_("Authentication is required to freeze or thaw the processes of '$(unit)' unit."),
777 true,
778 message,
779 error);
780 if (r < 0)
781 return r;
782 if (r == 0)
783 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
784
785 r = method(u);
786 if (r == -EOPNOTSUPP)
787 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not support freezing.", u->id);
788 if (r == -EBUSY)
789 return sd_bus_error_set(error, BUS_ERROR_UNIT_BUSY, "Unit has a pending job.");
790 if (r == -EHOSTDOWN)
791 return sd_bus_error_set(error, BUS_ERROR_UNIT_INACTIVE, "Unit is inactive.");
792 if (r == -EALREADY)
793 return sd_bus_error_setf(error, SD_BUS_ERROR_FAILED, "Previously requested freezer operation for unit '%s' is still in progress.", u->id);
794 if (r < 0)
795 return r;
796 if (r == 0)
797 reply_no_delay = true;
798
799 if (u->pending_freezer_invocation) {
800 bus_unit_send_pending_freezer_message(u, true);
801 assert(!u->pending_freezer_invocation);
802 }
803
804 u->pending_freezer_invocation = sd_bus_message_ref(message);
805
806 if (reply_no_delay) {
807 r = bus_unit_send_pending_freezer_message(u, false);
808 if (r < 0)
809 return r;
810 }
811
812 return 1;
813 }
814
815 int bus_unit_method_thaw(sd_bus_message *message, void *userdata, sd_bus_error *error) {
816 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_THAW);
817 }
818
819 int bus_unit_method_freeze(sd_bus_message *message, void *userdata, sd_bus_error *error) {
820 return bus_unit_method_freezer_generic(message, userdata, error, FREEZER_FREEZE);
821 }
822
823 static int property_get_refs(
824 sd_bus *bus,
825 const char *path,
826 const char *interface,
827 const char *property,
828 sd_bus_message *reply,
829 void *userdata,
830 sd_bus_error *error) {
831
832 Unit *u = userdata;
833 int r;
834
835 assert(bus);
836 assert(reply);
837
838 r = sd_bus_message_open_container(reply, 'a', "s");
839 if (r < 0)
840 return r;
841
842 for (const char *i = sd_bus_track_first(u->bus_track); i; i = sd_bus_track_next(u->bus_track)) {
843 int c;
844
845 c = sd_bus_track_count_name(u->bus_track, i);
846 if (c < 0)
847 return c;
848
849 /* Add the item multiple times if the ref count for each is above 1 */
850 for (int k = 0; k < c; k++) {
851 r = sd_bus_message_append(reply, "s", i);
852 if (r < 0)
853 return r;
854 }
855 }
856
857 return sd_bus_message_close_container(reply);
858 }
859
860 const sd_bus_vtable bus_unit_vtable[] = {
861 SD_BUS_VTABLE_START(0),
862
863 SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Unit, id), SD_BUS_VTABLE_PROPERTY_CONST),
864 SD_BUS_PROPERTY("Names", "as", property_get_names, 0, SD_BUS_VTABLE_PROPERTY_CONST),
865 SD_BUS_PROPERTY("Following", "s", property_get_following, 0, 0),
866 SD_BUS_PROPERTY("Requires", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
867 SD_BUS_PROPERTY("Requisite", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
868 SD_BUS_PROPERTY("Wants", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
869 SD_BUS_PROPERTY("BindsTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
870 SD_BUS_PROPERTY("PartOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
871 SD_BUS_PROPERTY("Upholds", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
872 SD_BUS_PROPERTY("RequiredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
873 SD_BUS_PROPERTY("RequisiteOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
874 SD_BUS_PROPERTY("WantedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
875 SD_BUS_PROPERTY("BoundBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
876 SD_BUS_PROPERTY("UpheldBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
877 SD_BUS_PROPERTY("ConsistsOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
878 SD_BUS_PROPERTY("Conflicts", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
879 SD_BUS_PROPERTY("ConflictedBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
880 SD_BUS_PROPERTY("Before", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
881 SD_BUS_PROPERTY("After", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
882 SD_BUS_PROPERTY("OnSuccess", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
883 SD_BUS_PROPERTY("OnSuccessOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
884 SD_BUS_PROPERTY("OnFailure", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
885 SD_BUS_PROPERTY("OnFailureOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
886 SD_BUS_PROPERTY("Triggers", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
887 SD_BUS_PROPERTY("TriggeredBy", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
888 SD_BUS_PROPERTY("PropagatesReloadTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
889 SD_BUS_PROPERTY("ReloadPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
890 SD_BUS_PROPERTY("PropagatesStopTo", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
891 SD_BUS_PROPERTY("StopPropagatedFrom", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
892 SD_BUS_PROPERTY("JoinsNamespaceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
893 SD_BUS_PROPERTY("SliceOf", "as", property_get_dependencies, 0, SD_BUS_VTABLE_PROPERTY_CONST),
894 SD_BUS_PROPERTY("RequiresMountsFor", "as", property_get_requires_mounts_for, offsetof(Unit, requires_mounts_for), SD_BUS_VTABLE_PROPERTY_CONST),
895 SD_BUS_PROPERTY("Documentation", "as", NULL, offsetof(Unit, documentation), SD_BUS_VTABLE_PROPERTY_CONST),
896 SD_BUS_PROPERTY("Description", "s", property_get_description, 0, SD_BUS_VTABLE_PROPERTY_CONST),
897 SD_BUS_PROPERTY("AccessSELinuxContext", "s", NULL, offsetof(Unit, access_selinux_context), SD_BUS_VTABLE_PROPERTY_CONST),
898 SD_BUS_PROPERTY("LoadState", "s", property_get_load_state, offsetof(Unit, load_state), SD_BUS_VTABLE_PROPERTY_CONST),
899 SD_BUS_PROPERTY("ActiveState", "s", property_get_active_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
900 SD_BUS_PROPERTY("FreezerState", "s", property_get_freezer_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
901 SD_BUS_PROPERTY("SubState", "s", property_get_sub_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
902 SD_BUS_PROPERTY("FragmentPath", "s", NULL, offsetof(Unit, fragment_path), SD_BUS_VTABLE_PROPERTY_CONST),
903 SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Unit, source_path), SD_BUS_VTABLE_PROPERTY_CONST),
904 SD_BUS_PROPERTY("DropInPaths", "as", NULL, offsetof(Unit, dropin_paths), SD_BUS_VTABLE_PROPERTY_CONST),
905 SD_BUS_PROPERTY("UnitFileState", "s", property_get_unit_file_state, 0, 0),
906 SD_BUS_PROPERTY("UnitFilePreset", "s", property_get_unit_file_preset, 0, 0),
907 BUS_PROPERTY_DUAL_TIMESTAMP("StateChangeTimestamp", offsetof(Unit, state_change_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
908 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveExitTimestamp", offsetof(Unit, inactive_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
909 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveEnterTimestamp", offsetof(Unit, active_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
910 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveExitTimestamp", offsetof(Unit, active_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
911 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveEnterTimestamp", offsetof(Unit, inactive_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
912 SD_BUS_PROPERTY("CanStart", "b", property_get_can_start, 0, SD_BUS_VTABLE_PROPERTY_CONST),
913 SD_BUS_PROPERTY("CanStop", "b", property_get_can_stop, 0, SD_BUS_VTABLE_PROPERTY_CONST),
914 SD_BUS_PROPERTY("CanReload", "b", property_get_can_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
915 SD_BUS_PROPERTY("CanIsolate", "b", property_get_can_isolate, 0, SD_BUS_VTABLE_PROPERTY_CONST),
916 SD_BUS_PROPERTY("CanClean", "as", property_get_can_clean, 0, SD_BUS_VTABLE_PROPERTY_CONST),
917 SD_BUS_PROPERTY("CanFreeze", "b", property_get_can_freeze, 0, SD_BUS_VTABLE_PROPERTY_CONST),
918 SD_BUS_PROPERTY("Job", "(uo)", property_get_job, offsetof(Unit, job), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
919 SD_BUS_PROPERTY("StopWhenUnneeded", "b", bus_property_get_bool, offsetof(Unit, stop_when_unneeded), SD_BUS_VTABLE_PROPERTY_CONST),
920 SD_BUS_PROPERTY("RefuseManualStart", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_start), SD_BUS_VTABLE_PROPERTY_CONST),
921 SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
922 SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
923 SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
924 SD_BUS_PROPERTY("IgnoreOnSoftReboot", "b", bus_property_get_bool, offsetof(Unit, ignore_on_soft_reboot), SD_BUS_VTABLE_PROPERTY_CONST),
925 SD_BUS_PROPERTY("OnSuccesJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), /* deprecated */
926 SD_BUS_PROPERTY("OnSuccessJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
927 SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
928 SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
929 SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, 0),
930 SD_BUS_PROPERTY("Markers", "as", property_get_markers, offsetof(Unit, markers), 0),
931 SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
932 SD_BUS_PROPERTY("JobRunningTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_running_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
933 SD_BUS_PROPERTY("JobTimeoutAction", "s", bus_property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),
934 SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
935 SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
936 SD_BUS_PROPERTY("AssertResult", "b", bus_property_get_bool, offsetof(Unit, assert_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
937 BUS_PROPERTY_DUAL_TIMESTAMP("ConditionTimestamp", offsetof(Unit, condition_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
938 BUS_PROPERTY_DUAL_TIMESTAMP("AssertTimestamp", offsetof(Unit, assert_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
939 SD_BUS_PROPERTY("Conditions", "a(sbbsi)", property_get_conditions, offsetof(Unit, conditions), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
940 SD_BUS_PROPERTY("Asserts", "a(sbbsi)", property_get_conditions, offsetof(Unit, asserts), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
941 SD_BUS_PROPERTY("LoadError", "(ss)", property_get_load_error, 0, SD_BUS_VTABLE_PROPERTY_CONST),
942 SD_BUS_PROPERTY("Transient", "b", bus_property_get_bool, offsetof(Unit, transient), SD_BUS_VTABLE_PROPERTY_CONST),
943 SD_BUS_PROPERTY("Perpetual", "b", bus_property_get_bool, offsetof(Unit, perpetual), SD_BUS_VTABLE_PROPERTY_CONST),
944 SD_BUS_PROPERTY("StartLimitIntervalUSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
945 SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_ratelimit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
946 SD_BUS_PROPERTY("StartLimitAction", "s", bus_property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST),
947 SD_BUS_PROPERTY("FailureAction", "s", bus_property_get_emergency_action, offsetof(Unit, failure_action), SD_BUS_VTABLE_PROPERTY_CONST),
948 SD_BUS_PROPERTY("FailureActionExitStatus", "i", bus_property_get_int, offsetof(Unit, failure_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
949 SD_BUS_PROPERTY("SuccessAction", "s", bus_property_get_emergency_action, offsetof(Unit, success_action), SD_BUS_VTABLE_PROPERTY_CONST),
950 SD_BUS_PROPERTY("SuccessActionExitStatus", "i", bus_property_get_int, offsetof(Unit, success_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
951 SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
952 SD_BUS_PROPERTY("InvocationID", "ay", bus_property_get_id128, offsetof(Unit, invocation_id), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
953 SD_BUS_PROPERTY("CollectMode", "s", property_get_collect_mode, offsetof(Unit, collect_mode), SD_BUS_VTABLE_PROPERTY_CONST),
954 SD_BUS_PROPERTY("Refs", "as", property_get_refs, 0, 0),
955 SD_BUS_PROPERTY("ActivationDetails", "a(ss)", bus_property_get_activation_details, offsetof(Unit, activation_details), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
956
957 SD_BUS_METHOD_WITH_ARGS("Start",
958 SD_BUS_ARGS("s", mode),
959 SD_BUS_RESULT("o", job),
960 bus_unit_method_start,
961 SD_BUS_VTABLE_UNPRIVILEGED),
962 SD_BUS_METHOD_WITH_ARGS("Stop",
963 SD_BUS_ARGS("s", mode),
964 SD_BUS_RESULT("o", job),
965 bus_unit_method_stop,
966 SD_BUS_VTABLE_UNPRIVILEGED),
967 SD_BUS_METHOD_WITH_ARGS("Reload",
968 SD_BUS_ARGS("s", mode),
969 SD_BUS_RESULT("o", job),
970 bus_unit_method_reload,
971 SD_BUS_VTABLE_UNPRIVILEGED),
972 SD_BUS_METHOD_WITH_ARGS("Restart",
973 SD_BUS_ARGS("s", mode),
974 SD_BUS_RESULT("o", job),
975 bus_unit_method_restart,
976 SD_BUS_VTABLE_UNPRIVILEGED),
977 SD_BUS_METHOD_WITH_ARGS("TryRestart",
978 SD_BUS_ARGS("s", mode),
979 SD_BUS_RESULT("o", job),
980 bus_unit_method_try_restart,
981 SD_BUS_VTABLE_UNPRIVILEGED),
982 SD_BUS_METHOD_WITH_ARGS("ReloadOrRestart",
983 SD_BUS_ARGS("s", mode),
984 SD_BUS_RESULT("o", job),
985 bus_unit_method_reload_or_restart,
986 SD_BUS_VTABLE_UNPRIVILEGED),
987 SD_BUS_METHOD_WITH_ARGS("ReloadOrTryRestart",
988 SD_BUS_ARGS("s", mode),
989 SD_BUS_RESULT("o", job),
990 bus_unit_method_reload_or_try_restart,
991 SD_BUS_VTABLE_UNPRIVILEGED),
992 SD_BUS_METHOD_WITH_ARGS("EnqueueJob",
993 SD_BUS_ARGS("s", job_type, "s", job_mode),
994 SD_BUS_RESULT("u", job_id, "o", job_path, "s", unit_id, "o", unit_path, "s", job_type, "a(uosos)", affected_jobs),
995 bus_unit_method_enqueue_job,
996 SD_BUS_VTABLE_UNPRIVILEGED),
997 SD_BUS_METHOD_WITH_ARGS("Kill",
998 SD_BUS_ARGS("s", whom, "i", signal),
999 SD_BUS_NO_RESULT,
1000 bus_unit_method_kill,
1001 SD_BUS_VTABLE_UNPRIVILEGED),
1002 SD_BUS_METHOD_WITH_ARGS("QueueSignal",
1003 SD_BUS_ARGS("s", whom, "i", signal, "i", value),
1004 SD_BUS_NO_RESULT,
1005 bus_unit_method_kill,
1006 SD_BUS_VTABLE_UNPRIVILEGED),
1007 SD_BUS_METHOD("ResetFailed",
1008 NULL,
1009 NULL,
1010 bus_unit_method_reset_failed,
1011 SD_BUS_VTABLE_UNPRIVILEGED),
1012 SD_BUS_METHOD_WITH_ARGS("SetProperties",
1013 SD_BUS_ARGS("b", runtime, "a(sv)", properties),
1014 SD_BUS_NO_RESULT,
1015 bus_unit_method_set_properties,
1016 SD_BUS_VTABLE_UNPRIVILEGED),
1017 SD_BUS_METHOD("Ref",
1018 NULL,
1019 NULL,
1020 bus_unit_method_ref,
1021 SD_BUS_VTABLE_UNPRIVILEGED),
1022 SD_BUS_METHOD("Unref",
1023 NULL,
1024 NULL,
1025 bus_unit_method_unref,
1026 SD_BUS_VTABLE_UNPRIVILEGED),
1027 SD_BUS_METHOD_WITH_ARGS("Clean",
1028 SD_BUS_ARGS("as", mask),
1029 SD_BUS_NO_RESULT,
1030 bus_unit_method_clean,
1031 SD_BUS_VTABLE_UNPRIVILEGED),
1032 SD_BUS_METHOD("Freeze",
1033 NULL,
1034 NULL,
1035 bus_unit_method_freeze,
1036 SD_BUS_VTABLE_UNPRIVILEGED),
1037 SD_BUS_METHOD("Thaw",
1038 NULL,
1039 NULL,
1040 bus_unit_method_thaw,
1041 SD_BUS_VTABLE_UNPRIVILEGED),
1042
1043 /* For dependency types we don't support anymore always return an empty array */
1044 SD_BUS_PROPERTY("RequiresOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1045 SD_BUS_PROPERTY("RequisiteOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1046 SD_BUS_PROPERTY("RequiredByOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1047 SD_BUS_PROPERTY("RequisiteOfOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
1048 /* Obsolete alias names */
1049 SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1050 SD_BUS_PROPERTY("StartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
1051
1052 SD_BUS_VTABLE_END
1053 };
1054
1055 static int property_get_slice(
1056 sd_bus *bus,
1057 const char *path,
1058 const char *interface,
1059 const char *property,
1060 sd_bus_message *reply,
1061 void *userdata,
1062 sd_bus_error *error) {
1063
1064 Unit *u = ASSERT_PTR(userdata);
1065
1066 assert(bus);
1067 assert(reply);
1068
1069 return sd_bus_message_append(reply, "s", unit_slice_name(u));
1070 }
1071
1072 static int property_get_current_memory(
1073 sd_bus *bus,
1074 const char *path,
1075 const char *interface,
1076 const char *property,
1077 sd_bus_message *reply,
1078 void *userdata,
1079 sd_bus_error *error) {
1080
1081 uint64_t sz = UINT64_MAX;
1082 Unit *u = ASSERT_PTR(userdata);
1083 int r;
1084
1085 assert(bus);
1086 assert(reply);
1087
1088 r = unit_get_memory_current(u, &sz);
1089 if (r < 0 && r != -ENODATA)
1090 log_unit_warning_errno(u, r, "Failed to get memory.usage_in_bytes attribute: %m");
1091
1092 return sd_bus_message_append(reply, "t", sz);
1093 }
1094
1095 static int property_get_available_memory(
1096 sd_bus *bus,
1097 const char *path,
1098 const char *interface,
1099 const char *property,
1100 sd_bus_message *reply,
1101 void *userdata,
1102 sd_bus_error *error) {
1103
1104 uint64_t sz = UINT64_MAX;
1105 Unit *u = ASSERT_PTR(userdata);
1106 int r;
1107
1108 assert(bus);
1109 assert(reply);
1110
1111 r = unit_get_memory_available(u, &sz);
1112 if (r < 0 && r != -ENODATA)
1113 log_unit_warning_errno(u, r, "Failed to get total available memory from cgroup: %m");
1114
1115 return sd_bus_message_append(reply, "t", sz);
1116 }
1117
1118 static int property_get_current_tasks(
1119 sd_bus *bus,
1120 const char *path,
1121 const char *interface,
1122 const char *property,
1123 sd_bus_message *reply,
1124 void *userdata,
1125 sd_bus_error *error) {
1126
1127 uint64_t cn = UINT64_MAX;
1128 Unit *u = ASSERT_PTR(userdata);
1129 int r;
1130
1131 assert(bus);
1132 assert(reply);
1133
1134 r = unit_get_tasks_current(u, &cn);
1135 if (r < 0 && r != -ENODATA)
1136 log_unit_warning_errno(u, r, "Failed to get pids.current attribute: %m");
1137
1138 return sd_bus_message_append(reply, "t", cn);
1139 }
1140
1141 static int property_get_cpu_usage(
1142 sd_bus *bus,
1143 const char *path,
1144 const char *interface,
1145 const char *property,
1146 sd_bus_message *reply,
1147 void *userdata,
1148 sd_bus_error *error) {
1149
1150 nsec_t ns = NSEC_INFINITY;
1151 Unit *u = ASSERT_PTR(userdata);
1152 int r;
1153
1154 assert(bus);
1155 assert(reply);
1156
1157 r = unit_get_cpu_usage(u, &ns);
1158 if (r < 0 && r != -ENODATA)
1159 log_unit_warning_errno(u, r, "Failed to get cpuacct.usage attribute: %m");
1160
1161 return sd_bus_message_append(reply, "t", ns);
1162 }
1163
1164 static int property_get_cpuset_cpus(
1165 sd_bus *bus,
1166 const char *path,
1167 const char *interface,
1168 const char *property,
1169 sd_bus_message *reply,
1170 void *userdata,
1171 sd_bus_error *error) {
1172
1173 Unit *u = ASSERT_PTR(userdata);
1174 _cleanup_(cpu_set_reset) CPUSet cpus = {};
1175 _cleanup_free_ uint8_t *array = NULL;
1176 size_t allocated;
1177
1178 assert(bus);
1179 assert(reply);
1180
1181 (void) unit_get_cpuset(u, &cpus, "cpuset.cpus.effective");
1182 (void) cpu_set_to_dbus(&cpus, &array, &allocated);
1183 return sd_bus_message_append_array(reply, 'y', array, allocated);
1184 }
1185
1186 static int property_get_cpuset_mems(
1187 sd_bus *bus,
1188 const char *path,
1189 const char *interface,
1190 const char *property,
1191 sd_bus_message *reply,
1192 void *userdata,
1193 sd_bus_error *error) {
1194
1195 Unit *u = ASSERT_PTR(userdata);
1196 _cleanup_(cpu_set_reset) CPUSet mems = {};
1197 _cleanup_free_ uint8_t *array = NULL;
1198 size_t allocated;
1199
1200 assert(bus);
1201 assert(reply);
1202
1203 (void) unit_get_cpuset(u, &mems, "cpuset.mems.effective");
1204 (void) cpu_set_to_dbus(&mems, &array, &allocated);
1205 return sd_bus_message_append_array(reply, 'y', array, allocated);
1206 }
1207
1208 static int property_get_cgroup(
1209 sd_bus *bus,
1210 const char *path,
1211 const char *interface,
1212 const char *property,
1213 sd_bus_message *reply,
1214 void *userdata,
1215 sd_bus_error *error) {
1216
1217 Unit *u = ASSERT_PTR(userdata);
1218 const char *t = NULL;
1219
1220 assert(bus);
1221 assert(reply);
1222
1223 /* Three cases: a) u->cgroup_path is NULL, in which case the
1224 * unit has no control group, which we report as the empty
1225 * string. b) u->cgroup_path is the empty string, which
1226 * indicates the root cgroup, which we report as "/". c) all
1227 * other cases we report as-is. */
1228
1229 if (u->cgroup_path)
1230 t = empty_to_root(u->cgroup_path);
1231
1232 return sd_bus_message_append(reply, "s", t);
1233 }
1234
1235 static int append_process(sd_bus_message *reply, const char *p, pid_t pid, Set *pids) {
1236 _cleanup_free_ char *buf = NULL, *cmdline = NULL;
1237 int r;
1238
1239 assert(reply);
1240 assert(pid > 0);
1241
1242 r = set_put(pids, PID_TO_PTR(pid));
1243 if (IN_SET(r, 0, -EEXIST))
1244 return 0;
1245 if (r < 0)
1246 return r;
1247
1248 if (!p) {
1249 r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &buf);
1250 if (r == -ESRCH)
1251 return 0;
1252 if (r < 0)
1253 return r;
1254
1255 p = buf;
1256 }
1257
1258 (void) get_process_cmdline(pid, SIZE_MAX,
1259 PROCESS_CMDLINE_COMM_FALLBACK | PROCESS_CMDLINE_QUOTE,
1260 &cmdline);
1261
1262 return sd_bus_message_append(reply,
1263 "(sus)",
1264 p,
1265 (uint32_t) pid,
1266 cmdline);
1267 }
1268
1269 static int append_cgroup(sd_bus_message *reply, const char *p, Set *pids) {
1270 _cleanup_closedir_ DIR *d = NULL;
1271 _cleanup_fclose_ FILE *f = NULL;
1272 int r;
1273
1274 assert(reply);
1275 assert(p);
1276
1277 r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, p, &f);
1278 if (r == -ENOENT)
1279 return 0;
1280 if (r < 0)
1281 return r;
1282
1283 for (;;) {
1284 pid_t pid;
1285
1286 /* libvirt / qemu uses threaded mode and cgroup.procs cannot be read at the lower levels.
1287 * From https://docs.kernel.org/admin-guide/cgroup-v2.html#threads,
1288 * “cgroup.procs” in a threaded domain cgroup contains the PIDs of all processes in
1289 * the subtree and is not readable in the subtree proper. */
1290 r = cg_read_pid(f, &pid);
1291 if (IN_SET(r, 0, -EOPNOTSUPP))
1292 break;
1293 if (r < 0)
1294 return r;
1295
1296 if (is_kernel_thread(pid) > 0)
1297 continue;
1298
1299 r = append_process(reply, p, pid, pids);
1300 if (r < 0)
1301 return r;
1302 }
1303
1304 r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, p, &d);
1305 if (r == -ENOENT)
1306 return 0;
1307 if (r < 0)
1308 return r;
1309
1310 for (;;) {
1311 _cleanup_free_ char *g = NULL, *j = NULL;
1312
1313 r = cg_read_subgroup(d, &g);
1314 if (r < 0)
1315 return r;
1316 if (r == 0)
1317 break;
1318
1319 j = path_join(empty_to_root(p), g);
1320 if (!j)
1321 return -ENOMEM;
1322
1323 r = append_cgroup(reply, j, pids);
1324 if (r < 0)
1325 return r;
1326 }
1327
1328 return 0;
1329 }
1330
1331 int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1332 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1333 _cleanup_set_free_ Set *pids = NULL;
1334 Unit *u = userdata;
1335 pid_t pid;
1336 int r;
1337
1338 assert(message);
1339
1340 r = mac_selinux_unit_access_check(u, message, "status", error);
1341 if (r < 0)
1342 return r;
1343
1344 pids = set_new(NULL);
1345 if (!pids)
1346 return -ENOMEM;
1347
1348 r = sd_bus_message_new_method_return(message, &reply);
1349 if (r < 0)
1350 return r;
1351
1352 r = sd_bus_message_open_container(reply, 'a', "(sus)");
1353 if (r < 0)
1354 return r;
1355
1356 if (u->cgroup_path) {
1357 r = append_cgroup(reply, u->cgroup_path, pids);
1358 if (r < 0)
1359 return r;
1360 }
1361
1362 /* The main and control pids might live outside of the cgroup, hence fetch them separately */
1363 pid = unit_main_pid(u);
1364 if (pid > 0) {
1365 r = append_process(reply, NULL, pid, pids);
1366 if (r < 0)
1367 return r;
1368 }
1369
1370 pid = unit_control_pid(u);
1371 if (pid > 0) {
1372 r = append_process(reply, NULL, pid, pids);
1373 if (r < 0)
1374 return r;
1375 }
1376
1377 r = sd_bus_message_close_container(reply);
1378 if (r < 0)
1379 return r;
1380
1381 return sd_bus_send(NULL, reply, NULL);
1382 }
1383
1384 static int property_get_ip_counter(
1385 sd_bus *bus,
1386 const char *path,
1387 const char *interface,
1388 const char *property,
1389 sd_bus_message *reply,
1390 void *userdata,
1391 sd_bus_error *error) {
1392
1393 static const char *const table[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
1394 [CGROUP_IP_INGRESS_BYTES] = "IPIngressBytes",
1395 [CGROUP_IP_EGRESS_BYTES] = "IPEgressBytes",
1396 [CGROUP_IP_INGRESS_PACKETS] = "IPIngressPackets",
1397 [CGROUP_IP_EGRESS_PACKETS] = "IPEgressPackets",
1398 };
1399
1400 uint64_t value = UINT64_MAX;
1401 Unit *u = ASSERT_PTR(userdata);
1402 ssize_t metric;
1403
1404 assert(bus);
1405 assert(reply);
1406 assert(property);
1407
1408 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1409 (void) unit_get_ip_accounting(u, metric, &value);
1410 return sd_bus_message_append(reply, "t", value);
1411 }
1412
1413 static int property_get_io_counter(
1414 sd_bus *bus,
1415 const char *path,
1416 const char *interface,
1417 const char *property,
1418 sd_bus_message *reply,
1419 void *userdata,
1420 sd_bus_error *error) {
1421
1422 static const char *const table[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
1423 [CGROUP_IO_READ_BYTES] = "IOReadBytes",
1424 [CGROUP_IO_WRITE_BYTES] = "IOWriteBytes",
1425 [CGROUP_IO_READ_OPERATIONS] = "IOReadOperations",
1426 [CGROUP_IO_WRITE_OPERATIONS] = "IOWriteOperations",
1427 };
1428
1429 uint64_t value = UINT64_MAX;
1430 Unit *u = ASSERT_PTR(userdata);
1431 ssize_t metric;
1432
1433 assert(bus);
1434 assert(reply);
1435 assert(property);
1436
1437 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1438 (void) unit_get_io_accounting(u, metric, false, &value);
1439 return sd_bus_message_append(reply, "t", value);
1440 }
1441
1442 int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1443
1444 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
1445 _cleanup_set_free_ Set *pids = NULL;
1446 Unit *u = userdata;
1447 const char *path;
1448 int r;
1449
1450 assert(message);
1451
1452 /* This migrates the processes with the specified PIDs into the cgroup of this unit, optionally below a
1453 * specified cgroup path. Obviously this only works for units that actually maintain a cgroup
1454 * representation. If a process is already in the cgroup no operation is executed – in this case the specified
1455 * subcgroup path has no effect! */
1456
1457 r = mac_selinux_unit_access_check(u, message, "start", error);
1458 if (r < 0)
1459 return r;
1460
1461 r = sd_bus_message_read(message, "s", &path);
1462 if (r < 0)
1463 return r;
1464
1465 path = empty_to_null(path);
1466 if (path) {
1467 if (!path_is_absolute(path))
1468 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", path);
1469
1470 if (!path_is_normalized(path))
1471 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", path);
1472 }
1473
1474 if (!unit_cgroup_delegate(u))
1475 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Process migration not available on non-delegated units.");
1476
1477 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
1478 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Unit is not active, refusing.");
1479
1480 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds);
1481 if (r < 0)
1482 return r;
1483
1484 r = sd_bus_message_enter_container(message, 'a', "u");
1485 if (r < 0)
1486 return r;
1487 for (;;) {
1488 uid_t process_uid, sender_uid;
1489 uint32_t upid;
1490 pid_t pid;
1491
1492 r = sd_bus_message_read(message, "u", &upid);
1493 if (r < 0)
1494 return r;
1495 if (r == 0)
1496 break;
1497
1498 if (upid == 0) {
1499 r = sd_bus_creds_get_pid(creds, &pid);
1500 if (r < 0)
1501 return r;
1502 } else
1503 pid = (uid_t) upid;
1504
1505 /* Filter out duplicates */
1506 if (set_contains(pids, PID_TO_PTR(pid)))
1507 continue;
1508
1509 /* Check if this process is suitable for attaching to this unit */
1510 r = unit_pid_attachable(u, pid, error);
1511 if (r < 0)
1512 return r;
1513
1514 /* Let's query the sender's UID, so that we can make our security decisions */
1515 r = sd_bus_creds_get_euid(creds, &sender_uid);
1516 if (r < 0)
1517 return r;
1518
1519 /* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
1520 * then the process' UID and the target unit's UID have to match the sender's UID */
1521 if (sender_uid != 0 && sender_uid != getuid()) {
1522 r = get_process_uid(pid, &process_uid);
1523 if (r < 0)
1524 return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
1525
1526 if (process_uid != sender_uid)
1527 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by client's UID. Refusing.", pid);
1528 if (process_uid != u->ref_uid)
1529 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid);
1530 }
1531
1532 if (!pids) {
1533 pids = set_new(NULL);
1534 if (!pids)
1535 return -ENOMEM;
1536 }
1537
1538 r = set_put(pids, PID_TO_PTR(pid));
1539 if (r < 0)
1540 return r;
1541 }
1542
1543 r = sd_bus_message_exit_container(message);
1544 if (r < 0)
1545 return r;
1546
1547 r = unit_attach_pids_to_cgroup(u, pids, path);
1548 if (r < 0)
1549 return sd_bus_error_set_errnof(error, r, "Failed to attach processes to control group: %m");
1550
1551 return sd_bus_reply_method_return(message, NULL);
1552 }
1553
1554 const sd_bus_vtable bus_unit_cgroup_vtable[] = {
1555 SD_BUS_VTABLE_START(0),
1556 SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
1557 SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
1558 SD_BUS_PROPERTY("ControlGroupId", "t", NULL, offsetof(Unit, cgroup_id), 0),
1559 SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
1560 SD_BUS_PROPERTY("MemoryAvailable", "t", property_get_available_memory, 0, 0),
1561 SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
1562 SD_BUS_PROPERTY("EffectiveCPUs", "ay", property_get_cpuset_cpus, 0, 0),
1563 SD_BUS_PROPERTY("EffectiveMemoryNodes", "ay", property_get_cpuset_mems, 0, 0),
1564 SD_BUS_PROPERTY("TasksCurrent", "t", property_get_current_tasks, 0, 0),
1565 SD_BUS_PROPERTY("IPIngressBytes", "t", property_get_ip_counter, 0, 0),
1566 SD_BUS_PROPERTY("IPIngressPackets", "t", property_get_ip_counter, 0, 0),
1567 SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0),
1568 SD_BUS_PROPERTY("IPEgressPackets", "t", property_get_ip_counter, 0, 0),
1569 SD_BUS_PROPERTY("IOReadBytes", "t", property_get_io_counter, 0, 0),
1570 SD_BUS_PROPERTY("IOReadOperations", "t", property_get_io_counter, 0, 0),
1571 SD_BUS_PROPERTY("IOWriteBytes", "t", property_get_io_counter, 0, 0),
1572 SD_BUS_PROPERTY("IOWriteOperations", "t", property_get_io_counter, 0, 0),
1573
1574 SD_BUS_METHOD_WITH_ARGS("GetProcesses",
1575 SD_BUS_NO_ARGS,
1576 SD_BUS_ARGS("a(sus)", processes),
1577 bus_unit_method_get_processes,
1578 SD_BUS_VTABLE_UNPRIVILEGED),
1579
1580 SD_BUS_METHOD_WITH_ARGS("AttachProcesses",
1581 SD_BUS_ARGS("s", subcgroup, "au", pids),
1582 SD_BUS_NO_RESULT,
1583 bus_unit_method_attach_processes,
1584 SD_BUS_VTABLE_UNPRIVILEGED),
1585
1586 SD_BUS_VTABLE_END
1587 };
1588
1589 static int send_new_signal(sd_bus *bus, void *userdata) {
1590 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1591 _cleanup_free_ char *p = NULL;
1592 Unit *u = ASSERT_PTR(userdata);
1593 int r;
1594
1595 assert(bus);
1596
1597 p = unit_dbus_path(u);
1598 if (!p)
1599 return -ENOMEM;
1600
1601 r = sd_bus_message_new_signal(
1602 bus,
1603 &m,
1604 "/org/freedesktop/systemd1",
1605 "org.freedesktop.systemd1.Manager",
1606 "UnitNew");
1607 if (r < 0)
1608 return r;
1609
1610 r = sd_bus_message_append(m, "so", u->id, p);
1611 if (r < 0)
1612 return r;
1613
1614 return sd_bus_send(bus, m, NULL);
1615 }
1616
1617 static int send_changed_signal(sd_bus *bus, void *userdata) {
1618 _cleanup_free_ char *p = NULL;
1619 Unit *u = ASSERT_PTR(userdata);
1620 int r;
1621
1622 assert(bus);
1623
1624 p = unit_dbus_path(u);
1625 if (!p)
1626 return -ENOMEM;
1627
1628 /* Send a properties changed signal. First for the specific
1629 * type, then for the generic unit. The clients may rely on
1630 * this order to get atomic behavior if needed. */
1631
1632 r = sd_bus_emit_properties_changed_strv(
1633 bus, p,
1634 unit_dbus_interface_from_type(u->type),
1635 NULL);
1636 if (r < 0)
1637 return r;
1638
1639 return sd_bus_emit_properties_changed_strv(
1640 bus, p,
1641 "org.freedesktop.systemd1.Unit",
1642 NULL);
1643 }
1644
1645 void bus_unit_send_change_signal(Unit *u) {
1646 int r;
1647 assert(u);
1648
1649 if (u->in_dbus_queue) {
1650 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
1651 u->in_dbus_queue = false;
1652
1653 /* The unit might be good to be GC once its pending signals have been sent */
1654 unit_add_to_gc_queue(u);
1655 }
1656
1657 if (!u->id)
1658 return;
1659
1660 r = bus_foreach_bus(u->manager, u->bus_track, u->sent_dbus_new_signal ? send_changed_signal : send_new_signal, u);
1661 if (r < 0)
1662 log_unit_debug_errno(u, r, "Failed to send unit change signal for %s: %m", u->id);
1663
1664 u->sent_dbus_new_signal = true;
1665 }
1666
1667 void bus_unit_send_pending_change_signal(Unit *u, bool including_new) {
1668
1669 /* Sends out any pending change signals, but only if they really are pending. This call is used when we are
1670 * about to change state in order to force out a PropertiesChanged signal beforehand if there was one pending
1671 * so that clients can follow the full state transition */
1672
1673 if (!u->in_dbus_queue) /* If not enqueued, don't bother */
1674 return;
1675
1676 if (!u->sent_dbus_new_signal && !including_new) /* If the unit was never announced, don't bother, it's fine if
1677 * the unit appears in the new state right-away (except if the
1678 * caller explicitly asked us to send it anyway) */
1679 return;
1680
1681 if (MANAGER_IS_RELOADING(u->manager)) /* Don't generate unnecessary PropertiesChanged signals for the same unit
1682 * when we are reloading. */
1683 return;
1684
1685 bus_unit_send_change_signal(u);
1686 }
1687
1688 int bus_unit_send_pending_freezer_message(Unit *u, bool cancelled) {
1689 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1690 int r;
1691
1692 assert(u);
1693
1694 if (!u->pending_freezer_invocation)
1695 return 0;
1696
1697 if (cancelled)
1698 r = sd_bus_message_new_method_error(
1699 u->pending_freezer_invocation,
1700 &reply,
1701 &SD_BUS_ERROR_MAKE_CONST(
1702 BUS_ERROR_FREEZE_CANCELLED, "Freeze operation aborted"));
1703 else
1704 r = sd_bus_message_new_method_return(u->pending_freezer_invocation, &reply);
1705 if (r < 0)
1706 return r;
1707
1708 r = sd_bus_send(NULL, reply, NULL);
1709 if (r < 0)
1710 log_warning_errno(r, "Failed to send queued message, ignoring: %m");
1711
1712 u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
1713
1714 return 0;
1715 }
1716
1717 static int send_removed_signal(sd_bus *bus, void *userdata) {
1718 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1719 _cleanup_free_ char *p = NULL;
1720 Unit *u = ASSERT_PTR(userdata);
1721 int r;
1722
1723 assert(bus);
1724
1725 p = unit_dbus_path(u);
1726 if (!p)
1727 return -ENOMEM;
1728
1729 r = sd_bus_message_new_signal(
1730 bus,
1731 &m,
1732 "/org/freedesktop/systemd1",
1733 "org.freedesktop.systemd1.Manager",
1734 "UnitRemoved");
1735 if (r < 0)
1736 return r;
1737
1738 r = sd_bus_message_append(m, "so", u->id, p);
1739 if (r < 0)
1740 return r;
1741
1742 return sd_bus_send(bus, m, NULL);
1743 }
1744
1745 void bus_unit_send_removed_signal(Unit *u) {
1746 int r;
1747 assert(u);
1748
1749 if (!u->sent_dbus_new_signal || u->in_dbus_queue)
1750 bus_unit_send_change_signal(u);
1751
1752 if (!u->id)
1753 return;
1754
1755 r = bus_foreach_bus(u->manager, u->bus_track, send_removed_signal, u);
1756 if (r < 0)
1757 log_unit_debug_errno(u, r, "Failed to send unit remove signal for %s: %m", u->id);
1758 }
1759
1760 int bus_unit_queue_job_one(
1761 sd_bus_message *message,
1762 Unit *u,
1763 JobType type,
1764 JobMode mode,
1765 BusUnitQueueFlags flags,
1766 sd_bus_message *reply,
1767 sd_bus_error *error) {
1768
1769 _cleanup_set_free_ Set *affected = NULL;
1770 _cleanup_free_ char *job_path = NULL, *unit_path = NULL;
1771 Job *j, *a;
1772 int r;
1773
1774 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY)) {
1775 affected = set_new(NULL);
1776 if (!affected)
1777 return -ENOMEM;
1778 }
1779
1780 r = manager_add_job(u->manager, type, u, mode, affected, error, &j);
1781 if (r < 0)
1782 return r;
1783
1784 r = bus_job_track_sender(j, message);
1785 if (r < 0)
1786 return r;
1787
1788 /* Before we send the method reply, force out the announcement JobNew for this job */
1789 bus_job_send_pending_change_signal(j, true);
1790
1791 job_path = job_dbus_path(j);
1792 if (!job_path)
1793 return -ENOMEM;
1794
1795 /* The classic response is just a job object path */
1796 if (!FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY))
1797 return sd_bus_message_append(reply, "o", job_path);
1798
1799 /* In verbose mode respond with the anchor job plus everything that has been affected */
1800
1801 unit_path = unit_dbus_path(j->unit);
1802 if (!unit_path)
1803 return -ENOMEM;
1804
1805 r = sd_bus_message_append(reply, "uosos",
1806 j->id, job_path,
1807 j->unit->id, unit_path,
1808 job_type_to_string(j->type));
1809 if (r < 0)
1810 return r;
1811
1812 r = sd_bus_message_open_container(reply, 'a', "(uosos)");
1813 if (r < 0)
1814 return r;
1815
1816 SET_FOREACH(a, affected) {
1817 if (a->id == j->id)
1818 continue;
1819
1820 /* Free paths from previous iteration */
1821 job_path = mfree(job_path);
1822 unit_path = mfree(unit_path);
1823
1824 job_path = job_dbus_path(a);
1825 if (!job_path)
1826 return -ENOMEM;
1827
1828 unit_path = unit_dbus_path(a->unit);
1829 if (!unit_path)
1830 return -ENOMEM;
1831
1832 r = sd_bus_message_append(reply, "(uosos)",
1833 a->id, job_path,
1834 a->unit->id, unit_path,
1835 job_type_to_string(a->type));
1836 if (r < 0)
1837 return r;
1838 }
1839
1840 return sd_bus_message_close_container(reply);
1841 }
1842
1843 int bus_unit_queue_job(
1844 sd_bus_message *message,
1845 Unit *u,
1846 JobType type,
1847 JobMode mode,
1848 BusUnitQueueFlags flags,
1849 sd_bus_error *error) {
1850
1851 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1852 int r;
1853
1854 assert(message);
1855 assert(u);
1856 assert(type >= 0 && type < _JOB_TYPE_MAX);
1857 assert(mode >= 0 && mode < _JOB_MODE_MAX);
1858
1859 r = mac_selinux_unit_access_check(
1860 u, message,
1861 job_type_to_access_method(type),
1862 error);
1863 if (r < 0)
1864 return r;
1865
1866 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
1867 if (type == JOB_RESTART)
1868 type = JOB_RELOAD_OR_START;
1869 else if (type == JOB_TRY_RESTART)
1870 type = JOB_TRY_RELOAD;
1871 }
1872
1873 if (type == JOB_STOP &&
1874 IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
1875 unit_active_state(u) == UNIT_INACTIVE)
1876 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
1877
1878 if ((type == JOB_START && u->refuse_manual_start) ||
1879 (type == JOB_STOP && u->refuse_manual_stop) ||
1880 (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
1881 (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
1882 return sd_bus_error_setf(error,
1883 BUS_ERROR_ONLY_BY_DEPENDENCY,
1884 "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).",
1885 u->id);
1886
1887 /* dbus-broker issues StartUnit for activation requests, and Type=dbus services automatically
1888 * gain dependency on dbus.socket. Therefore, if dbus has a pending stop job, the new start
1889 * job that pulls in dbus again would cause job type conflict. Let's avoid that by rejecting
1890 * job enqueuing early.
1891 *
1892 * Note that unlike signal_activation_request(), we can't use unit_inactive_or_pending()
1893 * here. StartUnit is a more generic interface, and thus users are allowed to use e.g. systemctl
1894 * to start Type=dbus services even when dbus is inactive. */
1895 if (type == JOB_START && u->type == UNIT_SERVICE && SERVICE(u)->type == SERVICE_DBUS)
1896 FOREACH_STRING(dbus_unit, SPECIAL_DBUS_SOCKET, SPECIAL_DBUS_SERVICE) {
1897 Unit *dbus;
1898
1899 dbus = manager_get_unit(u->manager, dbus_unit);
1900 if (dbus && unit_stop_pending(dbus))
1901 return sd_bus_error_setf(error,
1902 BUS_ERROR_SHUTTING_DOWN,
1903 "Operation for unit %s refused, D-Bus is shutting down.",
1904 u->id);
1905 }
1906
1907 r = sd_bus_message_new_method_return(message, &reply);
1908 if (r < 0)
1909 return r;
1910
1911 r = bus_unit_queue_job_one(message, u, type, mode, flags, reply, error);
1912 if (r < 0)
1913 return r;
1914
1915 return sd_bus_send(NULL, reply, NULL);
1916 }
1917
1918 static int bus_unit_set_live_property(
1919 Unit *u,
1920 const char *name,
1921 sd_bus_message *message,
1922 UnitWriteFlags flags,
1923 sd_bus_error *error) {
1924
1925 int r;
1926
1927 assert(u);
1928 assert(name);
1929 assert(message);
1930
1931 /* Handles setting properties both "live" (i.e. at any time during runtime), and during creation (for
1932 * transient units that are being created). */
1933
1934 if (streq(name, "Description")) {
1935 const char *d;
1936
1937 r = sd_bus_message_read(message, "s", &d);
1938 if (r < 0)
1939 return r;
1940
1941 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1942 r = unit_set_description(u, d);
1943 if (r < 0)
1944 return r;
1945
1946 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "Description=%s", d);
1947 }
1948
1949 return 1;
1950 }
1951
1952 /* A setting that only applies to active units. We don't actually write this to /run, this state is
1953 * managed internally. "+foo" sets flag foo, "-foo" unsets flag foo, just "foo" resets flags to
1954 * foo. The last type cannot be mixed with "+" or "-". */
1955
1956 if (streq(name, "Markers")) {
1957 unsigned settings = 0, mask = 0;
1958 bool some_plus_minus = false, some_absolute = false;
1959
1960 r = sd_bus_message_enter_container(message, 'a', "s");
1961 if (r < 0)
1962 return r;
1963
1964 for (;;) {
1965 const char *word;
1966 bool b;
1967
1968 r = sd_bus_message_read(message, "s", &word);
1969 if (r < 0)
1970 return r;
1971 if (r == 0)
1972 break;
1973
1974 if (IN_SET(word[0], '+', '-')) {
1975 b = word[0] == '+';
1976 word++;
1977 some_plus_minus = true;
1978 } else {
1979 b = true;
1980 some_absolute = true;
1981 }
1982
1983 UnitMarker m = unit_marker_from_string(word);
1984 if (m < 0)
1985 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING,
1986 "Unknown marker \"%s\".", word);
1987
1988 SET_FLAG(settings, 1u << m, b);
1989 SET_FLAG(mask, 1u << m, true);
1990 }
1991
1992 r = sd_bus_message_exit_container(message);
1993 if (r < 0)
1994 return r;
1995
1996 if (some_plus_minus && some_absolute)
1997 return sd_bus_error_set(error, BUS_ERROR_BAD_UNIT_SETTING, "Bad marker syntax.");
1998
1999 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2000 if (some_absolute)
2001 u->markers = settings;
2002 else
2003 u->markers = settings | (u->markers & ~mask);
2004 }
2005
2006 return 1;
2007 }
2008
2009 return 0;
2010 }
2011
2012 static int bus_set_transient_emergency_action(
2013 Unit *u,
2014 const char *name,
2015 EmergencyAction *p,
2016 sd_bus_message *message,
2017 UnitWriteFlags flags,
2018 sd_bus_error *error) {
2019
2020 const char *s;
2021 EmergencyAction v;
2022 int r;
2023
2024 assert(p);
2025
2026 r = sd_bus_message_read(message, "s", &s);
2027 if (r < 0)
2028 return r;
2029
2030 r = parse_emergency_action(s, u->manager->runtime_scope, &v);
2031 if (r < 0)
2032 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
2033 r == -EOPNOTSUPP ? "%s setting invalid for manager type: %s"
2034 : "Invalid %s setting: %s",
2035 name, s);
2036
2037 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2038 *p = v;
2039 unit_write_settingf(u, flags, name,
2040 "%s=%s", name, s);
2041 }
2042
2043 return 1;
2044 }
2045
2046 static int bus_set_transient_exit_status(
2047 Unit *u,
2048 const char *name,
2049 int *p,
2050 sd_bus_message *message,
2051 UnitWriteFlags flags,
2052 sd_bus_error *error) {
2053
2054 int32_t k;
2055 int r;
2056
2057 assert(p);
2058
2059 r = sd_bus_message_read(message, "i", &k);
2060 if (r < 0)
2061 return r;
2062
2063 if (k > 255)
2064 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Exit status must be in range 0…255 or negative.");
2065
2066 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2067 *p = k < 0 ? -1 : k;
2068
2069 if (k < 0)
2070 unit_write_settingf(u, flags, name, "%s=", name);
2071 else
2072 unit_write_settingf(u, flags, name, "%s=%i", name, k);
2073 }
2074
2075 return 1;
2076 }
2077
2078 static BUS_DEFINE_SET_TRANSIENT_PARSE(collect_mode, CollectMode, collect_mode_from_string);
2079 static BUS_DEFINE_SET_TRANSIENT_PARSE(job_mode, JobMode, job_mode_from_string);
2080
2081 static int bus_set_transient_conditions(
2082 Unit *u,
2083 const char *name,
2084 Condition **list,
2085 bool is_condition,
2086 sd_bus_message *message,
2087 UnitWriteFlags flags,
2088 sd_bus_error *error) {
2089
2090 const char *type_name, *param;
2091 int trigger, negate, r;
2092 bool empty = true;
2093
2094 assert(list);
2095
2096 r = sd_bus_message_enter_container(message, 'a', "(sbbs)");
2097 if (r < 0)
2098 return r;
2099
2100 while ((r = sd_bus_message_read(message, "(sbbs)", &type_name, &trigger, &negate, &param)) > 0) {
2101 ConditionType t;
2102
2103 t = is_condition ? condition_type_from_string(type_name) : assert_type_from_string(type_name);
2104 if (t < 0)
2105 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid condition type: %s", type_name);
2106
2107 if (isempty(param))
2108 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Condition parameter in %s is empty", type_name);
2109
2110 if (condition_takes_path(t) && !path_is_absolute(param))
2111 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path in condition %s is not absolute: %s", type_name, param);
2112
2113 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2114 Condition *c;
2115
2116 c = condition_new(t, param, trigger, negate);
2117 if (!c)
2118 return -ENOMEM;
2119
2120 LIST_PREPEND(conditions, *list, c);
2121
2122 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name,
2123 "%s=%s%s%s", type_name,
2124 trigger ? "|" : "", negate ? "!" : "", param);
2125 }
2126
2127 empty = false;
2128 }
2129 if (r < 0)
2130 return r;
2131
2132 r = sd_bus_message_exit_container(message);
2133 if (r < 0)
2134 return r;
2135
2136 if (!UNIT_WRITE_FLAGS_NOOP(flags) && empty) {
2137 *list = condition_free_list(*list);
2138 unit_write_settingf(u, flags, name, "%sNull=", is_condition ? "Condition" : "Assert");
2139 }
2140
2141 return 1;
2142 }
2143
2144 static int bus_unit_set_transient_property(
2145 Unit *u,
2146 const char *name,
2147 sd_bus_message *message,
2148 UnitWriteFlags flags,
2149 sd_bus_error *error) {
2150
2151 UnitDependency d;
2152 int r;
2153
2154 assert(u);
2155 assert(name);
2156 assert(message);
2157
2158 /* Handles settings when transient units are created. This settings cannot be altered anymore after
2159 * the unit has been created. */
2160
2161 if (streq(name, "SourcePath"))
2162 return bus_set_transient_path(u, name, &u->source_path, message, flags, error);
2163
2164 if (streq(name, "StopWhenUnneeded"))
2165 return bus_set_transient_bool(u, name, &u->stop_when_unneeded, message, flags, error);
2166
2167 if (streq(name, "RefuseManualStart"))
2168 return bus_set_transient_bool(u, name, &u->refuse_manual_start, message, flags, error);
2169
2170 if (streq(name, "RefuseManualStop"))
2171 return bus_set_transient_bool(u, name, &u->refuse_manual_stop, message, flags, error);
2172
2173 if (streq(name, "AllowIsolate"))
2174 return bus_set_transient_bool(u, name, &u->allow_isolate, message, flags, error);
2175
2176 if (streq(name, "DefaultDependencies"))
2177 return bus_set_transient_bool(u, name, &u->default_dependencies, message, flags, error);
2178
2179 if (streq(name, "IgnoreOnSoftReboot"))
2180 return bus_set_transient_bool(u, name, &u->ignore_on_soft_reboot, message, flags, error);
2181
2182 if (streq(name, "OnSuccessJobMode"))
2183 return bus_set_transient_job_mode(u, name, &u->on_success_job_mode, message, flags, error);
2184
2185 if (streq(name, "OnFailureJobMode"))
2186 return bus_set_transient_job_mode(u, name, &u->on_failure_job_mode, message, flags, error);
2187
2188 if (streq(name, "IgnoreOnIsolate"))
2189 return bus_set_transient_bool(u, name, &u->ignore_on_isolate, message, flags, error);
2190
2191 if (streq(name, "JobTimeoutUSec")) {
2192 r = bus_set_transient_usec_fix_0(u, name, &u->job_timeout, message, flags, error);
2193 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags) && !u->job_running_timeout_set)
2194 u->job_running_timeout = u->job_timeout;
2195 }
2196
2197 if (streq(name, "JobRunningTimeoutUSec")) {
2198 r = bus_set_transient_usec_fix_0(u, name, &u->job_running_timeout, message, flags, error);
2199 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags))
2200 u->job_running_timeout_set = true;
2201
2202 return r;
2203 }
2204
2205 if (streq(name, "JobTimeoutAction"))
2206 return bus_set_transient_emergency_action(u, name, &u->job_timeout_action, message, flags, error);
2207
2208 if (streq(name, "JobTimeoutRebootArgument"))
2209 return bus_set_transient_string(u, name, &u->job_timeout_reboot_arg, message, flags, error);
2210
2211 if (streq(name, "StartLimitIntervalUSec"))
2212 return bus_set_transient_usec(u, name, &u->start_ratelimit.interval, message, flags, error);
2213
2214 if (streq(name, "StartLimitBurst"))
2215 return bus_set_transient_unsigned(u, name, &u->start_ratelimit.burst, message, flags, error);
2216
2217 if (streq(name, "StartLimitAction"))
2218 return bus_set_transient_emergency_action(u, name, &u->start_limit_action, message, flags, error);
2219
2220 if (streq(name, "FailureAction"))
2221 return bus_set_transient_emergency_action(u, name, &u->failure_action, message, flags, error);
2222
2223 if (streq(name, "SuccessAction"))
2224 return bus_set_transient_emergency_action(u, name, &u->success_action, message, flags, error);
2225
2226 if (streq(name, "FailureActionExitStatus"))
2227 return bus_set_transient_exit_status(u, name, &u->failure_action_exit_status, message, flags, error);
2228
2229 if (streq(name, "SuccessActionExitStatus"))
2230 return bus_set_transient_exit_status(u, name, &u->success_action_exit_status, message, flags, error);
2231
2232 if (streq(name, "RebootArgument"))
2233 return bus_set_transient_string(u, name, &u->reboot_arg, message, flags, error);
2234
2235 if (streq(name, "CollectMode"))
2236 return bus_set_transient_collect_mode(u, name, &u->collect_mode, message, flags, error);
2237
2238 if (streq(name, "Conditions"))
2239 return bus_set_transient_conditions(u, name, &u->conditions, true, message, flags, error);
2240
2241 if (streq(name, "Asserts"))
2242 return bus_set_transient_conditions(u, name, &u->asserts, false, message, flags, error);
2243
2244 if (streq(name, "Documentation")) {
2245 _cleanup_strv_free_ char **l = NULL;
2246
2247 r = sd_bus_message_read_strv(message, &l);
2248 if (r < 0)
2249 return r;
2250
2251 STRV_FOREACH(p, l)
2252 if (!documentation_url_is_valid(*p))
2253 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid URL in %s: %s", name, *p);
2254
2255 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2256 if (strv_isempty(l)) {
2257 u->documentation = strv_free(u->documentation);
2258 unit_write_settingf(u, flags, name, "%s=", name);
2259 } else {
2260 strv_extend_strv(&u->documentation, l, false);
2261
2262 STRV_FOREACH(p, l)
2263 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2264 }
2265 }
2266
2267 return 1;
2268
2269 } else if (streq(name, "Slice")) {
2270 Unit *slice;
2271 const char *s;
2272
2273 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2274 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "The slice property is only available for units with control groups.");
2275 if (u->type == UNIT_SLICE)
2276 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Slice may not be set for slice units.");
2277 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
2278 return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot set slice for init.scope");
2279
2280 r = sd_bus_message_read(message, "s", &s);
2281 if (r < 0)
2282 return r;
2283
2284 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
2285 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s);
2286
2287 /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be
2288 * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare()
2289 * instead of manager_load_unit() on purpose, here. */
2290 r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice);
2291 if (r < 0)
2292 return r;
2293
2294 if (slice->type != UNIT_SLICE)
2295 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit name '%s' is not a slice", s);
2296
2297 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2298 r = unit_set_slice(u, slice);
2299 if (r < 0)
2300 return r;
2301
2302 unit_write_settingf(u, flags|UNIT_PRIVATE, name, "Slice=%s", s);
2303 }
2304
2305 return 1;
2306
2307 } else if (streq(name, "RequiresMountsFor")) {
2308 _cleanup_strv_free_ char **l = NULL;
2309
2310 r = sd_bus_message_read_strv(message, &l);
2311 if (r < 0)
2312 return r;
2313
2314 STRV_FOREACH(p, l) {
2315 path_simplify(*p);
2316
2317 if (!path_is_absolute(*p))
2318 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not absolute: %s", name, *p);
2319
2320 if (!path_is_valid(*p))
2321 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s has invalid length: %s", name, *p);
2322
2323 if (!path_is_normalized(*p))
2324 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not normalized: %s", name, *p);
2325
2326 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2327 r = unit_require_mounts_for(u, *p, UNIT_DEPENDENCY_FILE);
2328 if (r < 0)
2329 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to add required mount \"%s\": %m", *p);
2330
2331 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2332 }
2333 }
2334
2335 return 1;
2336 }
2337
2338 if (streq(name, "RequiresOverridable"))
2339 d = UNIT_REQUIRES; /* redirect for obsolete unit dependency type */
2340 else if (streq(name, "RequisiteOverridable"))
2341 d = UNIT_REQUISITE; /* same here */
2342 else
2343 d = unit_dependency_from_string(name);
2344
2345 if (d >= 0) {
2346 const char *other;
2347
2348 if (!IN_SET(d,
2349 UNIT_REQUIRES,
2350 UNIT_REQUISITE,
2351 UNIT_WANTS,
2352 UNIT_BINDS_TO,
2353 UNIT_PART_OF,
2354 UNIT_UPHOLDS,
2355 UNIT_CONFLICTS,
2356 UNIT_BEFORE,
2357 UNIT_AFTER,
2358 UNIT_ON_SUCCESS,
2359 UNIT_ON_FAILURE,
2360 UNIT_PROPAGATES_RELOAD_TO,
2361 UNIT_RELOAD_PROPAGATED_FROM,
2362 UNIT_PROPAGATES_STOP_TO,
2363 UNIT_STOP_PROPAGATED_FROM,
2364 UNIT_JOINS_NAMESPACE_OF))
2365 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Dependency type %s may not be created transiently.", unit_dependency_to_string(d));
2366
2367 r = sd_bus_message_enter_container(message, 'a', "s");
2368 if (r < 0)
2369 return r;
2370
2371 while ((r = sd_bus_message_read(message, "s", &other)) > 0) {
2372 if (!unit_name_is_valid(other, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2373 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name %s", other);
2374
2375 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2376 _cleanup_free_ char *label = NULL;
2377
2378 r = unit_add_dependency_by_name(u, d, other, true, UNIT_DEPENDENCY_FILE);
2379 if (r < 0)
2380 return r;
2381
2382 label = strjoin(name, "-", other);
2383 if (!label)
2384 return -ENOMEM;
2385
2386 unit_write_settingf(u, flags, label, "%s=%s", unit_dependency_to_string(d), other);
2387 }
2388
2389 }
2390 if (r < 0)
2391 return r;
2392
2393 r = sd_bus_message_exit_container(message);
2394 if (r < 0)
2395 return r;
2396
2397 return 1;
2398
2399 } else if (streq(name, "AddRef")) {
2400
2401 int b;
2402
2403 /* Why is this called "AddRef" rather than just "Ref", or "Reference"? There's already a "Ref()" method
2404 * on the Unit interface, and it's probably not a good idea to expose a property and a method on the
2405 * same interface (well, strictly speaking AddRef isn't exposed as full property, we just read it for
2406 * transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
2407 * dependency type, hence let's not confuse things with that.
2408 *
2409 * Note that we don't actually add the reference to the bus track. We do that only after the setup of
2410 * the transient unit is complete, so that setting this property multiple times in the same transient
2411 * unit creation call doesn't count as individual references. */
2412
2413 r = sd_bus_message_read(message, "b", &b);
2414 if (r < 0)
2415 return r;
2416
2417 if (!UNIT_WRITE_FLAGS_NOOP(flags))
2418 u->bus_track_add = b;
2419
2420 return 1;
2421 }
2422
2423 return 0;
2424 }
2425
2426 int bus_unit_set_properties(
2427 Unit *u,
2428 sd_bus_message *message,
2429 UnitWriteFlags flags,
2430 bool commit,
2431 sd_bus_error *error) {
2432
2433 bool for_real = false;
2434 unsigned n = 0;
2435 int r;
2436
2437 assert(u);
2438 assert(message);
2439
2440 /* We iterate through the array twice. First run just checks if all passed data is valid, second run
2441 * actually applies it. This implements transaction-like behaviour without actually providing full
2442 * transactions. */
2443
2444 r = sd_bus_message_enter_container(message, 'a', "(sv)");
2445 if (r < 0)
2446 goto error;
2447
2448 for (;;) {
2449 const char *name;
2450 UnitWriteFlags f;
2451
2452 r = sd_bus_message_enter_container(message, 'r', "sv");
2453 if (r < 0)
2454 goto error;
2455 if (r == 0) {
2456 if (for_real || UNIT_WRITE_FLAGS_NOOP(flags))
2457 break;
2458
2459 /* Reached EOF. Let's try again, and this time for realz... */
2460 r = sd_bus_message_rewind(message, false);
2461 if (r < 0)
2462 goto error;
2463
2464 for_real = true;
2465 continue;
2466 }
2467
2468 r = sd_bus_message_read(message, "s", &name);
2469 if (r < 0)
2470 goto error;
2471
2472 r = sd_bus_message_enter_container(message, 'v', NULL);
2473 if (r < 0)
2474 goto error;
2475
2476 /* If not for real, then mask out the two target flags */
2477 f = for_real ? flags : (flags & ~(UNIT_RUNTIME|UNIT_PERSISTENT));
2478
2479 if (UNIT_VTABLE(u)->bus_set_property)
2480 r = UNIT_VTABLE(u)->bus_set_property(u, name, message, f, error);
2481 else
2482 r = 0;
2483 if (r == 0 && u->transient && u->load_state == UNIT_STUB)
2484 r = bus_unit_set_transient_property(u, name, message, f, error);
2485 if (r == 0)
2486 r = bus_unit_set_live_property(u, name, message, f, error);
2487 if (r < 0)
2488 goto error;
2489
2490 if (r == 0)
2491 return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY,
2492 "Cannot set property %s, or unknown property.", name);
2493
2494 r = sd_bus_message_exit_container(message);
2495 if (r < 0)
2496 goto error;
2497
2498 r = sd_bus_message_exit_container(message);
2499 if (r < 0)
2500 goto error;
2501
2502 n += for_real;
2503 }
2504
2505 r = sd_bus_message_exit_container(message);
2506 if (r < 0)
2507 goto error;
2508
2509 if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
2510 UNIT_VTABLE(u)->bus_commit_properties(u);
2511
2512 return n;
2513
2514 error:
2515 /* Pretty much any of the calls above can fail if the message is not formed properly
2516 * or if it has unexpected contents. Fill in a more informative error message here. */
2517 if (sd_bus_error_is_set(error))
2518 return r;
2519 return sd_bus_error_set_errnof(error, r,
2520 r == -ENXIO ? "Failed to set unit properties: Unexpected message contents"
2521 : "Failed to set unit properties: %m");
2522 }
2523
2524 int bus_unit_validate_load_state(Unit *u, sd_bus_error *error) {
2525 assert(u);
2526
2527 /* Generates a pretty error if a unit isn't properly loaded. */
2528
2529 switch (u->load_state) {
2530
2531 case UNIT_LOADED:
2532 return 0;
2533
2534 case UNIT_NOT_FOUND:
2535 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not found.", u->id);
2536
2537 case UNIT_BAD_SETTING:
2538 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING, "Unit %s has a bad unit file setting.", u->id);
2539
2540 case UNIT_ERROR: /* Only show .load_error in UNIT_ERROR state */
2541 return sd_bus_error_set_errnof(error, u->load_error,
2542 "Unit %s failed to load properly, please adjust/correct and reload service manager: %m", u->id);
2543
2544 case UNIT_MASKED:
2545 return sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED, "Unit %s is masked.", u->id);
2546
2547 case UNIT_STUB:
2548 case UNIT_MERGED:
2549 default:
2550 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unexpected load state of unit %s", u->id);
2551 }
2552 }
2553
2554 static int bus_unit_track_handler(sd_bus_track *t, void *userdata) {
2555 Unit *u = ASSERT_PTR(userdata);
2556
2557 assert(t);
2558
2559 u->bus_track = sd_bus_track_unref(u->bus_track); /* make sure we aren't called again */
2560
2561 /* If the client that tracks us disappeared, then there's reason to believe that the cgroup is empty now too,
2562 * let's see */
2563 unit_add_to_cgroup_empty_queue(u);
2564
2565 /* Also add the unit to the GC queue, after all if the client left it might be time to GC this unit */
2566 unit_add_to_gc_queue(u);
2567
2568 return 0;
2569 }
2570
2571 static int bus_unit_allocate_bus_track(Unit *u) {
2572 int r;
2573
2574 assert(u);
2575
2576 if (u->bus_track)
2577 return 0;
2578
2579 r = sd_bus_track_new(u->manager->api_bus, &u->bus_track, bus_unit_track_handler, u);
2580 if (r < 0)
2581 return r;
2582
2583 r = sd_bus_track_set_recursive(u->bus_track, true);
2584 if (r < 0) {
2585 u->bus_track = sd_bus_track_unref(u->bus_track);
2586 return r;
2587 }
2588
2589 return 0;
2590 }
2591
2592 int bus_unit_track_add_name(Unit *u, const char *name) {
2593 int r;
2594
2595 assert(u);
2596
2597 r = bus_unit_allocate_bus_track(u);
2598 if (r < 0)
2599 return r;
2600
2601 return sd_bus_track_add_name(u->bus_track, name);
2602 }
2603
2604 int bus_unit_track_add_sender(Unit *u, sd_bus_message *m) {
2605 int r;
2606
2607 assert(u);
2608
2609 r = bus_unit_allocate_bus_track(u);
2610 if (r < 0)
2611 return r;
2612
2613 return sd_bus_track_add_sender(u->bus_track, m);
2614 }
2615
2616 int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m) {
2617 assert(u);
2618
2619 /* If we haven't allocated the bus track object yet, then there's definitely no reference taken yet,
2620 * return an error */
2621 if (!u->bus_track)
2622 return -EUNATCH;
2623
2624 return sd_bus_track_remove_sender(u->bus_track, m);
2625 }
Unnamed repository; edit this file 'description' to name the repository.