]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:


742be9eabdaaf3eab26901dc417148eb73f6f715
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
65
66 int config_parse_unit_deps(
67 const char *unit,
68 const char *filename,
69 unsigned line,
70 const char *section,
71 unsigned section_line,
72 const char *lvalue,
73 int ltype,
74 const char *rvalue,
75 void *data,
76 void *userdata) {
77
78 UnitDependency d = ltype;
79 Unit *u = userdata;
80 const char *p;
81
82 assert(filename);
83 assert(lvalue);
84 assert(rvalue);
85
86 p = rvalue;
87 for (;;) {
88 _cleanup_free_ char *word = NULL, *k = NULL;
89 int r;
90
91 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
92 if (r == 0)
93 break;
94 if (r == -ENOMEM)
95 return log_oom();
96 if (r < 0) {
97 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
98 break;
99 }
100
101 r = unit_name_printf(u, word, &k);
102 if (r < 0) {
103 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
104 continue;
105 }
106
107 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
108 if (r < 0)
109 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
110 }
111
112 return 0;
113 }
114
115 int config_parse_obsolete_unit_deps(
116 const char *unit,
117 const char *filename,
118 unsigned line,
119 const char *section,
120 unsigned section_line,
121 const char *lvalue,
122 int ltype,
123 const char *rvalue,
124 void *data,
125 void *userdata) {
126
127 log_syntax(unit, LOG_WARNING, filename, line, 0,
128 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
129
130 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
131 }
132
133 int config_parse_unit_string_printf(
134 const char *unit,
135 const char *filename,
136 unsigned line,
137 const char *section,
138 unsigned section_line,
139 const char *lvalue,
140 int ltype,
141 const char *rvalue,
142 void *data,
143 void *userdata) {
144
145 _cleanup_free_ char *k = NULL;
146 Unit *u = userdata;
147 int r;
148
149 assert(filename);
150 assert(lvalue);
151 assert(rvalue);
152 assert(u);
153
154 r = unit_full_printf(u, rvalue, &k);
155 if (r < 0) {
156 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
157 return 0;
158 }
159
160 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
161 }
162
163 int config_parse_unit_strv_printf(
164 const char *unit,
165 const char *filename,
166 unsigned line,
167 const char *section,
168 unsigned section_line,
169 const char *lvalue,
170 int ltype,
171 const char *rvalue,
172 void *data,
173 void *userdata) {
174
175 Unit *u = userdata;
176 _cleanup_free_ char *k = NULL;
177 int r;
178
179 assert(filename);
180 assert(lvalue);
181 assert(rvalue);
182 assert(u);
183
184 r = unit_full_printf(u, rvalue, &k);
185 if (r < 0) {
186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
187 return 0;
188 }
189
190 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
191 }
192
193 int config_parse_unit_path_printf(
194 const char *unit,
195 const char *filename,
196 unsigned line,
197 const char *section,
198 unsigned section_line,
199 const char *lvalue,
200 int ltype,
201 const char *rvalue,
202 void *data,
203 void *userdata) {
204
205 _cleanup_free_ char *k = NULL;
206 Unit *u = userdata;
207 int r;
208 bool fatal = ltype;
209
210 assert(filename);
211 assert(lvalue);
212 assert(rvalue);
213 assert(u);
214
215 /* Let's not bother with anything that is too long */
216 if (strlen(rvalue) >= PATH_MAX) {
217 log_syntax(unit, LOG_ERR, filename, line, 0,
218 "%s value too long%s.",
219 lvalue, fatal ? "" : ", ignoring");
220 return fatal ? -ENAMETOOLONG : 0;
221 }
222
223 r = unit_full_printf(u, rvalue, &k);
224 if (r < 0) {
225 log_syntax(unit, LOG_ERR, filename, line, r,
226 "Failed to resolve unit specifiers in '%s'%s: %m",
227 rvalue, fatal ? "" : ", ignoring");
228 return fatal ? -ENOEXEC : 0;
229 }
230
231 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
232 }
233
234 int config_parse_unit_path_strv_printf(
235 const char *unit,
236 const char *filename,
237 unsigned line,
238 const char *section,
239 unsigned section_line,
240 const char *lvalue,
241 int ltype,
242 const char *rvalue,
243 void *data,
244 void *userdata) {
245
246 char ***x = data;
247 Unit *u = userdata;
248 int r;
249 const char *p;
250
251 assert(filename);
252 assert(lvalue);
253 assert(rvalue);
254 assert(u);
255
256 if (isempty(rvalue)) {
257 *x = strv_free(*x);
258 return 0;
259 }
260
261 for (p = rvalue;;) {
262 _cleanup_free_ char *word = NULL, *k = NULL;
263
264 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
265 if (r == 0)
266 return 0;
267 if (r == -ENOMEM)
268 return log_oom();
269 if (r < 0) {
270 log_syntax(unit, LOG_WARNING, filename, line, r,
271 "Invalid syntax, ignoring: %s", rvalue);
272 return 0;
273 }
274
275 r = unit_full_printf(u, word, &k);
276 if (r < 0) {
277 log_syntax(unit, LOG_ERR, filename, line, r,
278 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
279 return 0;
280 }
281
282 if (!utf8_is_valid(k)) {
283 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
284 return 0;
285 }
286
287 if (!path_is_absolute(k)) {
288 log_syntax(unit, LOG_ERR, filename, line, 0,
289 "Symlink path is not absolute: %s", k);
290 return 0;
291 }
292
293 path_kill_slashes(k);
294
295 r = strv_push(x, k);
296 if (r < 0)
297 return log_oom();
298 k = NULL;
299 }
300 }
301
302 int config_parse_socket_listen(const char *unit,
303 const char *filename,
304 unsigned line,
305 const char *section,
306 unsigned section_line,
307 const char *lvalue,
308 int ltype,
309 const char *rvalue,
310 void *data,
311 void *userdata) {
312
313 _cleanup_free_ SocketPort *p = NULL;
314 SocketPort *tail;
315 Socket *s;
316 int r;
317
318 assert(filename);
319 assert(lvalue);
320 assert(rvalue);
321 assert(data);
322
323 s = SOCKET(data);
324
325 if (isempty(rvalue)) {
326 /* An empty assignment removes all ports */
327 socket_free_ports(s);
328 return 0;
329 }
330
331 p = new0(SocketPort, 1);
332 if (!p)
333 return log_oom();
334
335 if (ltype != SOCKET_SOCKET) {
336
337 p->type = ltype;
338 r = unit_full_printf(UNIT(s), rvalue, &p->path);
339 if (r < 0) {
340 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
341 return 0;
342 }
343
344 path_kill_slashes(p->path);
345
346 } else if (streq(lvalue, "ListenNetlink")) {
347 _cleanup_free_ char *k = NULL;
348
349 p->type = SOCKET_SOCKET;
350 r = unit_full_printf(UNIT(s), rvalue, &k);
351 if (r < 0) {
352 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
353 return 0;
354 }
355
356 r = socket_address_parse_netlink(&p->address, k);
357 if (r < 0) {
358 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
359 return 0;
360 }
361
362 } else {
363 _cleanup_free_ char *k = NULL;
364
365 p->type = SOCKET_SOCKET;
366 r = unit_full_printf(UNIT(s), rvalue, &k);
367 if (r < 0) {
368 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
369 return 0;
370 }
371
372 r = socket_address_parse_and_warn(&p->address, k);
373 if (r < 0) {
374 if (r != -EAFNOSUPPORT)
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
376 return 0;
377 }
378
379 if (streq(lvalue, "ListenStream"))
380 p->address.type = SOCK_STREAM;
381 else if (streq(lvalue, "ListenDatagram"))
382 p->address.type = SOCK_DGRAM;
383 else {
384 assert(streq(lvalue, "ListenSequentialPacket"));
385 p->address.type = SOCK_SEQPACKET;
386 }
387
388 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
389 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
390 return 0;
391 }
392 }
393
394 p->fd = -1;
395 p->auxiliary_fds = NULL;
396 p->n_auxiliary_fds = 0;
397 p->socket = s;
398
399 LIST_FIND_TAIL(port, s->ports, tail);
400 LIST_INSERT_AFTER(port, s->ports, tail, p);
401
402 p = NULL;
403
404 return 0;
405 }
406
407 static int supported_socket_protocol_from_string(const char *s) {
408 int r;
409
410 if (isempty(s))
411 return IPPROTO_IP;
412
413 r = socket_protocol_from_name(s);
414 if (r < 0)
415 return -EINVAL;
416 if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP))
417 return -EPROTONOSUPPORT;
418
419 return r;
420 }
421
422 DEFINE_CONFIG_PARSE(config_parse_socket_protocol, supported_socket_protocol_from_string, "Failed to parse socket protocol");
423 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value");
424
425 int config_parse_exec_nice(
426 const char *unit,
427 const char *filename,
428 unsigned line,
429 const char *section,
430 unsigned section_line,
431 const char *lvalue,
432 int ltype,
433 const char *rvalue,
434 void *data,
435 void *userdata) {
436
437 ExecContext *c = data;
438 int priority, r;
439
440 assert(filename);
441 assert(lvalue);
442 assert(rvalue);
443 assert(data);
444
445 if (isempty(rvalue)) {
446 c->nice_set = false;
447 return 0;
448 }
449
450 r = parse_nice(rvalue, &priority);
451 if (r < 0) {
452 if (r == -ERANGE)
453 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
454 else
455 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
456 return 0;
457 }
458
459 c->nice = priority;
460 c->nice_set = true;
461
462 return 0;
463 }
464
465 int config_parse_exec_oom_score_adjust(
466 const char* unit,
467 const char *filename,
468 unsigned line,
469 const char *section,
470 unsigned section_line,
471 const char *lvalue,
472 int ltype,
473 const char *rvalue,
474 void *data,
475 void *userdata) {
476
477 ExecContext *c = data;
478 int oa, r;
479
480 assert(filename);
481 assert(lvalue);
482 assert(rvalue);
483 assert(data);
484
485 if (isempty(rvalue)) {
486 c->oom_score_adjust_set = false;
487 return 0;
488 }
489
490 r = parse_oom_score_adjust(rvalue, &oa);
491 if (r < 0) {
492 if (r == -ERANGE)
493 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
494 else
495 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
496 return 0;
497 }
498
499 c->oom_score_adjust = oa;
500 c->oom_score_adjust_set = true;
501
502 return 0;
503 }
504
505 int config_parse_exec(
506 const char *unit,
507 const char *filename,
508 unsigned line,
509 const char *section,
510 unsigned section_line,
511 const char *lvalue,
512 int ltype,
513 const char *rvalue,
514 void *data,
515 void *userdata) {
516
517 ExecCommand **e = data;
518 Unit *u = userdata;
519 const char *p;
520 bool semicolon;
521 int r;
522
523 assert(filename);
524 assert(lvalue);
525 assert(rvalue);
526 assert(e);
527
528 e += ltype;
529 rvalue += strspn(rvalue, WHITESPACE);
530
531 if (isempty(rvalue)) {
532 /* An empty assignment resets the list */
533 *e = exec_command_free_list(*e);
534 return 0;
535 }
536
537 p = rvalue;
538 do {
539 _cleanup_free_ char *path = NULL, *firstword = NULL;
540 ExecCommandFlags flags = 0;
541 bool ignore = false, separate_argv0 = false;
542 _cleanup_free_ ExecCommand *nce = NULL;
543 _cleanup_strv_free_ char **n = NULL;
544 size_t nlen = 0, nbufsize = 0;
545 const char *f;
546
547 semicolon = false;
548
549 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
550 if (r <= 0)
551 return 0;
552
553 f = firstword;
554 for (;;) {
555 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
556 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
557 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
558 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
559 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
560 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
561 * other sandboxing, with some special exceptions for changing UID.
562 *
563 * The idea is that '!!' may be used to write services that can take benefit of systemd's
564 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
565 * privilege dropping within the daemon if the kernel does not offer that. */
566
567 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
568 flags |= EXEC_COMMAND_IGNORE_FAILURE;
569 ignore = true;
570 } else if (*f == '@' && !separate_argv0)
571 separate_argv0 = true;
572 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
573 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
574 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
575 flags |= EXEC_COMMAND_NO_SETUID;
576 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
577 flags &= ~EXEC_COMMAND_NO_SETUID;
578 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
579 } else
580 break;
581 f++;
582 }
583
584 r = unit_full_printf(u, f, &path);
585 if (r < 0) {
586 log_syntax(unit, LOG_ERR, filename, line, r,
587 "Failed to resolve unit specifiers in '%s'%s: %m",
588 f, ignore ? ", ignoring" : "");
589 return ignore ? 0 : -ENOEXEC;
590 }
591
592 if (isempty(path)) {
593 /* First word is either "-" or "@" with no command. */
594 log_syntax(unit, LOG_ERR, filename, line, 0,
595 "Empty path in command line%s: '%s'",
596 ignore ? ", ignoring" : "", rvalue);
597 return ignore ? 0 : -ENOEXEC;
598 }
599 if (!string_is_safe(path)) {
600 log_syntax(unit, LOG_ERR, filename, line, 0,
601 "Executable name contains special characters%s: %s",
602 ignore ? ", ignoring" : "", path);
603 return ignore ? 0 : -ENOEXEC;
604 }
605 if (endswith(path, "/")) {
606 log_syntax(unit, LOG_ERR, filename, line, 0,
607 "Executable path specifies a directory%s: %s",
608 ignore ? ", ignoring" : "", path);
609 return ignore ? 0 : -ENOEXEC;
610 }
611
612 if (!path_is_absolute(path)) {
613 const char *prefix;
614 bool found = false;
615
616 if (!filename_is_valid(path)) {
617 log_syntax(unit, LOG_ERR, filename, line, 0,
618 "Neither a valid executable name nor an absolute path%s: %s",
619 ignore ? ", ignoring" : "", path);
620 return ignore ? 0 : -ENOEXEC;
621 }
622
623 /* Resolve a single-component name to a full path */
624 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
625 _cleanup_free_ char *fullpath = NULL;
626
627 fullpath = strjoin(prefix, "/", path);
628 if (!fullpath)
629 return log_oom();
630
631 if (access(fullpath, F_OK) >= 0) {
632 free_and_replace(path, fullpath);
633 found = true;
634 break;
635 }
636 }
637
638 if (!found) {
639 log_syntax(unit, LOG_ERR, filename, line, 0,
640 "Executable \"%s\" not found in path \"%s\"%s",
641 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
642 return ignore ? 0 : -ENOEXEC;
643 }
644 }
645
646 if (!separate_argv0) {
647 char *w = NULL;
648
649 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
650 return log_oom();
651
652 w = strdup(path);
653 if (!w)
654 return log_oom();
655 n[nlen++] = w;
656 n[nlen] = NULL;
657 }
658
659 path_kill_slashes(path);
660
661 while (!isempty(p)) {
662 _cleanup_free_ char *word = NULL, *resolved = NULL;
663
664 /* Check explicitly for an unquoted semicolon as
665 * command separator token. */
666 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
667 p++;
668 p += strspn(p, WHITESPACE);
669 semicolon = true;
670 break;
671 }
672
673 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
674 * extract_first_word() would return the same for all of those. */
675 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
676 char *w;
677
678 p += 2;
679 p += strspn(p, WHITESPACE);
680
681 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
682 return log_oom();
683
684 w = strdup(";");
685 if (!w)
686 return log_oom();
687 n[nlen++] = w;
688 n[nlen] = NULL;
689 continue;
690 }
691
692 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
693 if (r == 0)
694 break;
695 if (r < 0)
696 return ignore ? 0 : -ENOEXEC;
697
698 r = unit_full_printf(u, word, &resolved);
699 if (r < 0) {
700 log_syntax(unit, LOG_ERR, filename, line, r,
701 "Failed to resolve unit specifiers in %s%s: %m",
702 word, ignore ? ", ignoring" : "");
703 return ignore ? 0 : -ENOEXEC;
704 }
705
706 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
707 return log_oom();
708
709 n[nlen++] = TAKE_PTR(resolved);
710 n[nlen] = NULL;
711 }
712
713 if (!n || !n[0]) {
714 log_syntax(unit, LOG_ERR, filename, line, 0,
715 "Empty executable name or zeroeth argument%s: %s",
716 ignore ? ", ignoring" : "", rvalue);
717 return ignore ? 0 : -ENOEXEC;
718 }
719
720 nce = new0(ExecCommand, 1);
721 if (!nce)
722 return log_oom();
723
724 nce->argv = TAKE_PTR(n);
725 nce->path = TAKE_PTR(path);
726 nce->flags = flags;
727
728 exec_command_append_list(e, nce);
729
730 /* Do not _cleanup_free_ these. */
731 nce = NULL;
732
733 rvalue = p;
734 } while (semicolon);
735
736 return 0;
737 }
738
739 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
740 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
741
742 int config_parse_socket_bindtodevice(
743 const char* unit,
744 const char *filename,
745 unsigned line,
746 const char *section,
747 unsigned section_line,
748 const char *lvalue,
749 int ltype,
750 const char *rvalue,
751 void *data,
752 void *userdata) {
753
754 Socket *s = data;
755
756 assert(filename);
757 assert(lvalue);
758 assert(rvalue);
759 assert(data);
760
761 if (isempty(rvalue) || streq(rvalue, "*")) {
762 s->bind_to_device = mfree(s->bind_to_device);
763 return 0;
764 }
765
766 if (!ifname_valid(rvalue)) {
767 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
768 return 0;
769 }
770
771 free_and_strdup(&s->bind_to_device, rvalue);
772
773 return 0;
774 }
775
776 int config_parse_exec_input(
777 const char *unit,
778 const char *filename,
779 unsigned line,
780 const char *section,
781 unsigned section_line,
782 const char *lvalue,
783 int ltype,
784 const char *rvalue,
785 void *data,
786 void *userdata) {
787
788 ExecContext *c = data;
789 Unit *u = userdata;
790 const char *n;
791 ExecInput ei;
792 int r;
793
794 assert(data);
795 assert(filename);
796 assert(line);
797 assert(rvalue);
798
799 n = startswith(rvalue, "fd:");
800 if (n) {
801 _cleanup_free_ char *resolved = NULL;
802
803 r = unit_full_printf(u, n, &resolved);
804 if (r < 0)
805 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
806
807 if (isempty(resolved))
808 resolved = mfree(resolved);
809 else if (!fdname_is_valid(resolved)) {
810 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
811 return -EINVAL;
812 }
813
814 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
815
816 ei = EXEC_INPUT_NAMED_FD;
817
818 } else if ((n = startswith(rvalue, "file:"))) {
819 _cleanup_free_ char *resolved = NULL;
820
821 r = unit_full_printf(u, n, &resolved);
822 if (r < 0)
823 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
824
825 if (!path_is_absolute(resolved)) {
826 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
827 return -EINVAL;
828 }
829
830 if (!path_is_normalized(resolved)) {
831 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
832 return -EINVAL;
833 }
834
835 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
836
837 ei = EXEC_INPUT_FILE;
838
839 } else {
840 ei = exec_input_from_string(rvalue);
841 if (ei < 0) {
842 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
843 return 0;
844 }
845 }
846
847 c->std_input = ei;
848 return 0;
849 }
850
851 int config_parse_exec_input_text(
852 const char *unit,
853 const char *filename,
854 unsigned line,
855 const char *section,
856 unsigned section_line,
857 const char *lvalue,
858 int ltype,
859 const char *rvalue,
860 void *data,
861 void *userdata) {
862
863 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
864 ExecContext *c = data;
865 Unit *u = userdata;
866 size_t sz;
867 void *p;
868 int r;
869
870 assert(data);
871 assert(filename);
872 assert(line);
873 assert(rvalue);
874
875 if (isempty(rvalue)) {
876 /* Reset if the empty string is assigned */
877 c->stdin_data = mfree(c->stdin_data);
878 c->stdin_data_size = 0;
879 return 0;
880 }
881
882 r = cunescape(rvalue, 0, &unescaped);
883 if (r < 0)
884 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
885
886 r = unit_full_printf(u, unescaped, &resolved);
887 if (r < 0)
888 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
889
890 sz = strlen(resolved);
891 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
892 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
893 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
894 return -E2BIG;
895 }
896
897 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
898 if (!p)
899 return log_oom();
900
901 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
902
903 c->stdin_data = p;
904 c->stdin_data_size += sz + 1;
905
906 return 0;
907 }
908
909 int config_parse_exec_input_data(
910 const char *unit,
911 const char *filename,
912 unsigned line,
913 const char *section,
914 unsigned section_line,
915 const char *lvalue,
916 int ltype,
917 const char *rvalue,
918 void *data,
919 void *userdata) {
920
921 _cleanup_free_ void *p = NULL;
922 ExecContext *c = data;
923 size_t sz;
924 void *q;
925 int r;
926
927 assert(data);
928 assert(filename);
929 assert(line);
930 assert(rvalue);
931
932 if (isempty(rvalue)) {
933 /* Reset if the empty string is assigned */
934 c->stdin_data = mfree(c->stdin_data);
935 c->stdin_data_size = 0;
936 return 0;
937 }
938
939 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
940 if (r < 0)
941 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
942
943 assert(sz > 0);
944
945 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
946 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
947 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
948 return -E2BIG;
949 }
950
951 q = realloc(c->stdin_data, c->stdin_data_size + sz);
952 if (!q)
953 return log_oom();
954
955 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
956
957 c->stdin_data = q;
958 c->stdin_data_size += sz;
959
960 return 0;
961 }
962
963 int config_parse_exec_output(
964 const char *unit,
965 const char *filename,
966 unsigned line,
967 const char *section,
968 unsigned section_line,
969 const char *lvalue,
970 int ltype,
971 const char *rvalue,
972 void *data,
973 void *userdata) {
974
975 _cleanup_free_ char *resolved = NULL;
976 const char *n;
977 ExecContext *c = data;
978 Unit *u = userdata;
979 ExecOutput eo;
980 int r;
981
982 assert(data);
983 assert(filename);
984 assert(line);
985 assert(lvalue);
986 assert(rvalue);
987
988 n = startswith(rvalue, "fd:");
989 if (n) {
990 r = unit_full_printf(u, n, &resolved);
991 if (r < 0)
992 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
993
994 if (isempty(resolved))
995 resolved = mfree(resolved);
996 else if (!fdname_is_valid(resolved)) {
997 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
998 return -EINVAL;
999 }
1000
1001 eo = EXEC_OUTPUT_NAMED_FD;
1002
1003 } else if ((n = startswith(rvalue, "file:"))) {
1004
1005 r = unit_full_printf(u, n, &resolved);
1006 if (r < 0)
1007 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1008
1009 if (!path_is_absolute(resolved)) {
1010 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1011 return -EINVAL;
1012 }
1013
1014 if (!path_is_normalized(resolved)) {
1015 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1016 return -EINVAL;
1017 }
1018
1019 eo = EXEC_OUTPUT_FILE;
1020
1021 } else {
1022 eo = exec_output_from_string(rvalue);
1023 if (eo < 0) {
1024 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1025 return 0;
1026 }
1027 }
1028
1029 if (streq(lvalue, "StandardOutput")) {
1030 if (eo == EXEC_OUTPUT_NAMED_FD)
1031 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1032 else
1033 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1034
1035 c->std_output = eo;
1036
1037 } else {
1038 assert(streq(lvalue, "StandardError"));
1039
1040 if (eo == EXEC_OUTPUT_NAMED_FD)
1041 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1042 else
1043 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1044
1045 c->std_error = eo;
1046 }
1047
1048 return 0;
1049 }
1050
1051 int config_parse_exec_io_class(const char *unit,
1052 const char *filename,
1053 unsigned line,
1054 const char *section,
1055 unsigned section_line,
1056 const char *lvalue,
1057 int ltype,
1058 const char *rvalue,
1059 void *data,
1060 void *userdata) {
1061
1062 ExecContext *c = data;
1063 int x;
1064
1065 assert(filename);
1066 assert(lvalue);
1067 assert(rvalue);
1068 assert(data);
1069
1070 if (isempty(rvalue)) {
1071 c->ioprio_set = false;
1072 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1073 return 0;
1074 }
1075
1076 x = ioprio_class_from_string(rvalue);
1077 if (x < 0) {
1078 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1079 return 0;
1080 }
1081
1082 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1083 c->ioprio_set = true;
1084
1085 return 0;
1086 }
1087
1088 int config_parse_exec_io_priority(const char *unit,
1089 const char *filename,
1090 unsigned line,
1091 const char *section,
1092 unsigned section_line,
1093 const char *lvalue,
1094 int ltype,
1095 const char *rvalue,
1096 void *data,
1097 void *userdata) {
1098
1099 ExecContext *c = data;
1100 int i, r;
1101
1102 assert(filename);
1103 assert(lvalue);
1104 assert(rvalue);
1105 assert(data);
1106
1107 if (isempty(rvalue)) {
1108 c->ioprio_set = false;
1109 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1110 return 0;
1111 }
1112
1113 r = ioprio_parse_priority(rvalue, &i);
1114 if (r < 0) {
1115 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1116 return 0;
1117 }
1118
1119 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1120 c->ioprio_set = true;
1121
1122 return 0;
1123 }
1124
1125 int config_parse_exec_cpu_sched_policy(const char *unit,
1126 const char *filename,
1127 unsigned line,
1128 const char *section,
1129 unsigned section_line,
1130 const char *lvalue,
1131 int ltype,
1132 const char *rvalue,
1133 void *data,
1134 void *userdata) {
1135
1136 ExecContext *c = data;
1137 int x;
1138
1139 assert(filename);
1140 assert(lvalue);
1141 assert(rvalue);
1142 assert(data);
1143
1144 if (isempty(rvalue)) {
1145 c->cpu_sched_set = false;
1146 c->cpu_sched_policy = SCHED_OTHER;
1147 c->cpu_sched_priority = 0;
1148 return 0;
1149 }
1150
1151 x = sched_policy_from_string(rvalue);
1152 if (x < 0) {
1153 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1154 return 0;
1155 }
1156
1157 c->cpu_sched_policy = x;
1158 /* Moving to or from real-time policy? We need to adjust the priority */
1159 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1160 c->cpu_sched_set = true;
1161
1162 return 0;
1163 }
1164
1165 int config_parse_exec_cpu_sched_prio(const char *unit,
1166 const char *filename,
1167 unsigned line,
1168 const char *section,
1169 unsigned section_line,
1170 const char *lvalue,
1171 int ltype,
1172 const char *rvalue,
1173 void *data,
1174 void *userdata) {
1175
1176 ExecContext *c = data;
1177 int i, min, max, r;
1178
1179 assert(filename);
1180 assert(lvalue);
1181 assert(rvalue);
1182 assert(data);
1183
1184 r = safe_atoi(rvalue, &i);
1185 if (r < 0) {
1186 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1187 return 0;
1188 }
1189
1190 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1191 min = sched_get_priority_min(c->cpu_sched_policy);
1192 max = sched_get_priority_max(c->cpu_sched_policy);
1193
1194 if (i < min || i > max) {
1195 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1196 return 0;
1197 }
1198
1199 c->cpu_sched_priority = i;
1200 c->cpu_sched_set = true;
1201
1202 return 0;
1203 }
1204
1205 int config_parse_exec_cpu_affinity(const char *unit,
1206 const char *filename,
1207 unsigned line,
1208 const char *section,
1209 unsigned section_line,
1210 const char *lvalue,
1211 int ltype,
1212 const char *rvalue,
1213 void *data,
1214 void *userdata) {
1215
1216 ExecContext *c = data;
1217 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1218 int ncpus;
1219
1220 assert(filename);
1221 assert(lvalue);
1222 assert(rvalue);
1223 assert(data);
1224
1225 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1226 if (ncpus < 0)
1227 return ncpus;
1228
1229 if (ncpus == 0) {
1230 /* An empty assignment resets the CPU list */
1231 c->cpuset = cpu_set_mfree(c->cpuset);
1232 c->cpuset_ncpus = 0;
1233 return 0;
1234 }
1235
1236 if (!c->cpuset) {
1237 c->cpuset = TAKE_PTR(cpuset);
1238 c->cpuset_ncpus = (unsigned) ncpus;
1239 return 0;
1240 }
1241
1242 if (c->cpuset_ncpus < (unsigned) ncpus) {
1243 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1244 CPU_FREE(c->cpuset);
1245 c->cpuset = TAKE_PTR(cpuset);
1246 c->cpuset_ncpus = (unsigned) ncpus;
1247 return 0;
1248 }
1249
1250 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1251
1252 return 0;
1253 }
1254
1255 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits");
1256
1257 int config_parse_capability_set(
1258 const char *unit,
1259 const char *filename,
1260 unsigned line,
1261 const char *section,
1262 unsigned section_line,
1263 const char *lvalue,
1264 int ltype,
1265 const char *rvalue,
1266 void *data,
1267 void *userdata) {
1268
1269 uint64_t *capability_set = data;
1270 uint64_t sum = 0, initial = 0;
1271 bool invert = false;
1272 int r;
1273
1274 assert(filename);
1275 assert(lvalue);
1276 assert(rvalue);
1277 assert(data);
1278
1279 if (rvalue[0] == '~') {
1280 invert = true;
1281 rvalue++;
1282 }
1283
1284 if (streq(lvalue, "CapabilityBoundingSet"))
1285 initial = CAP_ALL; /* initialized to all bits on */
1286 /* else "AmbientCapabilities" initialized to all bits off */
1287
1288 r = capability_set_from_string(rvalue, &sum);
1289 if (r < 0) {
1290 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1291 return 0;
1292 }
1293
1294 if (sum == 0 || *capability_set == initial)
1295 /* "", "~" or uninitialized data -> replace */
1296 *capability_set = invert ? ~sum : sum;
1297 else {
1298 /* previous data -> merge */
1299 if (invert)
1300 *capability_set &= ~sum;
1301 else
1302 *capability_set |= sum;
1303 }
1304
1305 return 0;
1306 }
1307
1308 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
1309 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
1310 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
1311
1312 int config_parse_exec_selinux_context(
1313 const char *unit,
1314 const char *filename,
1315 unsigned line,
1316 const char *section,
1317 unsigned section_line,
1318 const char *lvalue,
1319 int ltype,
1320 const char *rvalue,
1321 void *data,
1322 void *userdata) {
1323
1324 ExecContext *c = data;
1325 Unit *u = userdata;
1326 bool ignore;
1327 char *k;
1328 int r;
1329
1330 assert(filename);
1331 assert(lvalue);
1332 assert(rvalue);
1333 assert(data);
1334
1335 if (isempty(rvalue)) {
1336 c->selinux_context = mfree(c->selinux_context);
1337 c->selinux_context_ignore = false;
1338 return 0;
1339 }
1340
1341 if (rvalue[0] == '-') {
1342 ignore = true;
1343 rvalue++;
1344 } else
1345 ignore = false;
1346
1347 r = unit_full_printf(u, rvalue, &k);
1348 if (r < 0) {
1349 log_syntax(unit, LOG_ERR, filename, line, r,
1350 "Failed to resolve unit specifiers in '%s'%s: %m",
1351 rvalue, ignore ? ", ignoring" : "");
1352 return ignore ? 0 : -ENOEXEC;
1353 }
1354
1355 free_and_replace(c->selinux_context, k);
1356 c->selinux_context_ignore = ignore;
1357
1358 return 0;
1359 }
1360
1361 int config_parse_exec_apparmor_profile(
1362 const char *unit,
1363 const char *filename,
1364 unsigned line,
1365 const char *section,
1366 unsigned section_line,
1367 const char *lvalue,
1368 int ltype,
1369 const char *rvalue,
1370 void *data,
1371 void *userdata) {
1372
1373 ExecContext *c = data;
1374 Unit *u = userdata;
1375 bool ignore;
1376 char *k;
1377 int r;
1378
1379 assert(filename);
1380 assert(lvalue);
1381 assert(rvalue);
1382 assert(data);
1383
1384 if (isempty(rvalue)) {
1385 c->apparmor_profile = mfree(c->apparmor_profile);
1386 c->apparmor_profile_ignore = false;
1387 return 0;
1388 }
1389
1390 if (rvalue[0] == '-') {
1391 ignore = true;
1392 rvalue++;
1393 } else
1394 ignore = false;
1395
1396 r = unit_full_printf(u, rvalue, &k);
1397 if (r < 0) {
1398 log_syntax(unit, LOG_ERR, filename, line, r,
1399 "Failed to resolve unit specifiers in '%s'%s: %m",
1400 rvalue, ignore ? ", ignoring" : "");
1401 return ignore ? 0 : -ENOEXEC;
1402 }
1403
1404 free_and_replace(c->apparmor_profile, k);
1405 c->apparmor_profile_ignore = ignore;
1406
1407 return 0;
1408 }
1409
1410 int config_parse_exec_smack_process_label(
1411 const char *unit,
1412 const char *filename,
1413 unsigned line,
1414 const char *section,
1415 unsigned section_line,
1416 const char *lvalue,
1417 int ltype,
1418 const char *rvalue,
1419 void *data,
1420 void *userdata) {
1421
1422 ExecContext *c = data;
1423 Unit *u = userdata;
1424 bool ignore;
1425 char *k;
1426 int r;
1427
1428 assert(filename);
1429 assert(lvalue);
1430 assert(rvalue);
1431 assert(data);
1432
1433 if (isempty(rvalue)) {
1434 c->smack_process_label = mfree(c->smack_process_label);
1435 c->smack_process_label_ignore = false;
1436 return 0;
1437 }
1438
1439 if (rvalue[0] == '-') {
1440 ignore = true;
1441 rvalue++;
1442 } else
1443 ignore = false;
1444
1445 r = unit_full_printf(u, rvalue, &k);
1446 if (r < 0) {
1447 log_syntax(unit, LOG_ERR, filename, line, r,
1448 "Failed to resolve unit specifiers in '%s'%s: %m",
1449 rvalue, ignore ? ", ignoring" : "");
1450 return ignore ? 0 : -ENOEXEC;
1451 }
1452
1453 free_and_replace(c->smack_process_label, k);
1454 c->smack_process_label_ignore = ignore;
1455
1456 return 0;
1457 }
1458
1459 int config_parse_timer(const char *unit,
1460 const char *filename,
1461 unsigned line,
1462 const char *section,
1463 unsigned section_line,
1464 const char *lvalue,
1465 int ltype,
1466 const char *rvalue,
1467 void *data,
1468 void *userdata) {
1469
1470 Timer *t = data;
1471 usec_t usec = 0;
1472 TimerValue *v;
1473 TimerBase b;
1474 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1475 Unit *u = userdata;
1476 _cleanup_free_ char *k = NULL;
1477 int r;
1478
1479 assert(filename);
1480 assert(lvalue);
1481 assert(rvalue);
1482 assert(data);
1483
1484 if (isempty(rvalue)) {
1485 /* Empty assignment resets list */
1486 timer_free_values(t);
1487 return 0;
1488 }
1489
1490 b = timer_base_from_string(lvalue);
1491 if (b < 0) {
1492 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1493 return 0;
1494 }
1495
1496 r = unit_full_printf(u, rvalue, &k);
1497 if (r < 0) {
1498 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1499 return 0;
1500 }
1501
1502 if (b == TIMER_CALENDAR) {
1503 if (calendar_spec_from_string(k, &c) < 0) {
1504 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1505 return 0;
1506 }
1507 } else
1508 if (parse_sec(k, &usec) < 0) {
1509 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1510 return 0;
1511 }
1512
1513 v = new0(TimerValue, 1);
1514 if (!v)
1515 return log_oom();
1516
1517 v->base = b;
1518 v->value = usec;
1519 v->calendar_spec = TAKE_PTR(c);
1520
1521 LIST_PREPEND(value, t->values, v);
1522
1523 return 0;
1524 }
1525
1526 int config_parse_trigger_unit(
1527 const char *unit,
1528 const char *filename,
1529 unsigned line,
1530 const char *section,
1531 unsigned section_line,
1532 const char *lvalue,
1533 int ltype,
1534 const char *rvalue,
1535 void *data,
1536 void *userdata) {
1537
1538 _cleanup_free_ char *p = NULL;
1539 Unit *u = data;
1540 UnitType type;
1541 int r;
1542
1543 assert(filename);
1544 assert(lvalue);
1545 assert(rvalue);
1546 assert(data);
1547
1548 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1549 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1550 return 0;
1551 }
1552
1553 r = unit_name_printf(u, rvalue, &p);
1554 if (r < 0) {
1555 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1556 return 0;
1557 }
1558
1559 type = unit_name_to_type(p);
1560 if (type < 0) {
1561 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1562 return 0;
1563 }
1564 if (unit_has_name(u, p)) {
1565 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1566 return 0;
1567 }
1568
1569 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1570 if (r < 0) {
1571 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1572 return 0;
1573 }
1574
1575 return 0;
1576 }
1577
1578 int config_parse_path_spec(const char *unit,
1579 const char *filename,
1580 unsigned line,
1581 const char *section,
1582 unsigned section_line,
1583 const char *lvalue,
1584 int ltype,
1585 const char *rvalue,
1586 void *data,
1587 void *userdata) {
1588
1589 Path *p = data;
1590 PathSpec *s;
1591 PathType b;
1592 _cleanup_free_ char *k = NULL;
1593 int r;
1594
1595 assert(filename);
1596 assert(lvalue);
1597 assert(rvalue);
1598 assert(data);
1599
1600 if (isempty(rvalue)) {
1601 /* Empty assignment clears list */
1602 path_free_specs(p);
1603 return 0;
1604 }
1605
1606 b = path_type_from_string(lvalue);
1607 if (b < 0) {
1608 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1609 return 0;
1610 }
1611
1612 r = unit_full_printf(UNIT(p), rvalue, &k);
1613 if (r < 0) {
1614 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1615 return 0;
1616 }
1617
1618 path_kill_slashes(k);
1619
1620 if (!path_is_absolute(k)) {
1621 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1622 return 0;
1623 }
1624
1625 s = new0(PathSpec, 1);
1626 if (!s)
1627 return log_oom();
1628
1629 s->unit = UNIT(p);
1630 s->path = TAKE_PTR(k);
1631 s->type = b;
1632 s->inotify_fd = -1;
1633
1634 LIST_PREPEND(spec, p->specs, s);
1635
1636 return 0;
1637 }
1638
1639 int config_parse_socket_service(
1640 const char *unit,
1641 const char *filename,
1642 unsigned line,
1643 const char *section,
1644 unsigned section_line,
1645 const char *lvalue,
1646 int ltype,
1647 const char *rvalue,
1648 void *data,
1649 void *userdata) {
1650
1651 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1652 _cleanup_free_ char *p = NULL;
1653 Socket *s = data;
1654 Unit *x;
1655 int r;
1656
1657 assert(filename);
1658 assert(lvalue);
1659 assert(rvalue);
1660 assert(data);
1661
1662 r = unit_name_printf(UNIT(s), rvalue, &p);
1663 if (r < 0) {
1664 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1665 return -ENOEXEC;
1666 }
1667
1668 if (!endswith(p, ".service")) {
1669 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1670 return -ENOEXEC;
1671 }
1672
1673 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1674 if (r < 0) {
1675 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1676 return -ENOEXEC;
1677 }
1678
1679 unit_ref_set(&s->service, UNIT(s), x);
1680
1681 return 0;
1682 }
1683
1684 int config_parse_fdname(
1685 const char *unit,
1686 const char *filename,
1687 unsigned line,
1688 const char *section,
1689 unsigned section_line,
1690 const char *lvalue,
1691 int ltype,
1692 const char *rvalue,
1693 void *data,
1694 void *userdata) {
1695
1696 _cleanup_free_ char *p = NULL;
1697 Socket *s = data;
1698 int r;
1699
1700 assert(filename);
1701 assert(lvalue);
1702 assert(rvalue);
1703 assert(data);
1704
1705 if (isempty(rvalue)) {
1706 s->fdname = mfree(s->fdname);
1707 return 0;
1708 }
1709
1710 r = unit_full_printf(UNIT(s), rvalue, &p);
1711 if (r < 0) {
1712 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1713 return 0;
1714 }
1715
1716 if (!fdname_is_valid(p)) {
1717 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1718 return 0;
1719 }
1720
1721 return free_and_replace(s->fdname, p);
1722 }
1723
1724 int config_parse_service_sockets(
1725 const char *unit,
1726 const char *filename,
1727 unsigned line,
1728 const char *section,
1729 unsigned section_line,
1730 const char *lvalue,
1731 int ltype,
1732 const char *rvalue,
1733 void *data,
1734 void *userdata) {
1735
1736 Service *s = data;
1737 const char *p;
1738 int r;
1739
1740 assert(filename);
1741 assert(lvalue);
1742 assert(rvalue);
1743 assert(data);
1744
1745 p = rvalue;
1746 for (;;) {
1747 _cleanup_free_ char *word = NULL, *k = NULL;
1748
1749 r = extract_first_word(&p, &word, NULL, 0);
1750 if (r == 0)
1751 break;
1752 if (r == -ENOMEM)
1753 return log_oom();
1754 if (r < 0) {
1755 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1756 break;
1757 }
1758
1759 r = unit_name_printf(UNIT(s), word, &k);
1760 if (r < 0) {
1761 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1762 continue;
1763 }
1764
1765 if (!endswith(k, ".socket")) {
1766 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1767 continue;
1768 }
1769
1770 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1771 if (r < 0)
1772 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1773
1774 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1775 if (r < 0)
1776 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1777 }
1778
1779 return 0;
1780 }
1781
1782 int config_parse_bus_name(
1783 const char *unit,
1784 const char *filename,
1785 unsigned line,
1786 const char *section,
1787 unsigned section_line,
1788 const char *lvalue,
1789 int ltype,
1790 const char *rvalue,
1791 void *data,
1792 void *userdata) {
1793
1794 _cleanup_free_ char *k = NULL;
1795 Unit *u = userdata;
1796 int r;
1797
1798 assert(filename);
1799 assert(lvalue);
1800 assert(rvalue);
1801 assert(u);
1802
1803 r = unit_full_printf(u, rvalue, &k);
1804 if (r < 0) {
1805 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1806 return 0;
1807 }
1808
1809 if (!service_name_is_valid(k)) {
1810 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1811 return 0;
1812 }
1813
1814 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1815 }
1816
1817 int config_parse_service_timeout(
1818 const char *unit,
1819 const char *filename,
1820 unsigned line,
1821 const char *section,
1822 unsigned section_line,
1823 const char *lvalue,
1824 int ltype,
1825 const char *rvalue,
1826 void *data,
1827 void *userdata) {
1828
1829 Service *s = userdata;
1830 usec_t usec;
1831 int r;
1832
1833 assert(filename);
1834 assert(lvalue);
1835 assert(rvalue);
1836 assert(s);
1837
1838 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1839
1840 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1841 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1842 * all other timeouts. */
1843 r = parse_sec_fix_0(rvalue, &usec);
1844 if (r < 0) {
1845 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1846 return 0;
1847 }
1848
1849 s->start_timeout_defined = true;
1850 s->timeout_start_usec = usec;
1851
1852 if (streq(lvalue, "TimeoutSec"))
1853 s->timeout_stop_usec = usec;
1854
1855 return 0;
1856 }
1857
1858 int config_parse_sec_fix_0(
1859 const char *unit,
1860 const char *filename,
1861 unsigned line,
1862 const char *section,
1863 unsigned section_line,
1864 const char *lvalue,
1865 int ltype,
1866 const char *rvalue,
1867 void *data,
1868 void *userdata) {
1869
1870 usec_t *usec = data;
1871 int r;
1872
1873 assert(filename);
1874 assert(lvalue);
1875 assert(rvalue);
1876 assert(usec);
1877
1878 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1879 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1880 * timeout. */
1881
1882 r = parse_sec_fix_0(rvalue, usec);
1883 if (r < 0) {
1884 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1885 return 0;
1886 }
1887
1888 return 0;
1889 }
1890
1891 int config_parse_user_group(
1892 const char *unit,
1893 const char *filename,
1894 unsigned line,
1895 const char *section,
1896 unsigned section_line,
1897 const char *lvalue,
1898 int ltype,
1899 const char *rvalue,
1900 void *data,
1901 void *userdata) {
1902
1903 _cleanup_free_ char *k = NULL;
1904 char **user = data;
1905 Unit *u = userdata;
1906 int r;
1907
1908 assert(filename);
1909 assert(lvalue);
1910 assert(rvalue);
1911 assert(u);
1912
1913 if (isempty(rvalue)) {
1914 *user = mfree(*user);
1915 return 0;
1916 }
1917
1918 r = unit_full_printf(u, rvalue, &k);
1919 if (r < 0) {
1920 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1921 return -ENOEXEC;
1922 }
1923
1924 if (!valid_user_group_name_or_id(k)) {
1925 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1926 return -ENOEXEC;
1927 }
1928
1929 return free_and_replace(*user, k);
1930 }
1931
1932 int config_parse_user_group_strv(
1933 const char *unit,
1934 const char *filename,
1935 unsigned line,
1936 const char *section,
1937 unsigned section_line,
1938 const char *lvalue,
1939 int ltype,
1940 const char *rvalue,
1941 void *data,
1942 void *userdata) {
1943
1944 char ***users = data;
1945 Unit *u = userdata;
1946 const char *p = rvalue;
1947 int r;
1948
1949 assert(filename);
1950 assert(lvalue);
1951 assert(rvalue);
1952 assert(u);
1953
1954 if (isempty(rvalue)) {
1955 *users = strv_free(*users);
1956 return 0;
1957 }
1958
1959 for (;;) {
1960 _cleanup_free_ char *word = NULL, *k = NULL;
1961
1962 r = extract_first_word(&p, &word, NULL, 0);
1963 if (r == 0)
1964 break;
1965 if (r == -ENOMEM)
1966 return log_oom();
1967 if (r < 0) {
1968 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
1969 return -ENOEXEC;
1970 }
1971
1972 r = unit_full_printf(u, word, &k);
1973 if (r < 0) {
1974 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
1975 return -ENOEXEC;
1976 }
1977
1978 if (!valid_user_group_name_or_id(k)) {
1979 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1980 return -ENOEXEC;
1981 }
1982
1983 r = strv_push(users, k);
1984 if (r < 0)
1985 return log_oom();
1986
1987 k = NULL;
1988 }
1989
1990 return 0;
1991 }
1992
1993 int config_parse_working_directory(
1994 const char *unit,
1995 const char *filename,
1996 unsigned line,
1997 const char *section,
1998 unsigned section_line,
1999 const char *lvalue,
2000 int ltype,
2001 const char *rvalue,
2002 void *data,
2003 void *userdata) {
2004
2005 ExecContext *c = data;
2006 Unit *u = userdata;
2007 bool missing_ok;
2008 int r;
2009
2010 assert(filename);
2011 assert(lvalue);
2012 assert(rvalue);
2013 assert(c);
2014 assert(u);
2015
2016 if (isempty(rvalue)) {
2017 c->working_directory_home = false;
2018 c->working_directory = mfree(c->working_directory);
2019 return 0;
2020 }
2021
2022 if (rvalue[0] == '-') {
2023 missing_ok = true;
2024 rvalue++;
2025 } else
2026 missing_ok = false;
2027
2028 if (streq(rvalue, "~")) {
2029 c->working_directory_home = true;
2030 c->working_directory = mfree(c->working_directory);
2031 } else {
2032 _cleanup_free_ char *k = NULL;
2033
2034 r = unit_full_printf(u, rvalue, &k);
2035 if (r < 0) {
2036 log_syntax(unit, LOG_ERR, filename, line, r,
2037 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2038 rvalue, missing_ok ? ", ignoring" : "");
2039 return missing_ok ? 0 : -ENOEXEC;
2040 }
2041
2042 path_kill_slashes(k);
2043
2044 if (!utf8_is_valid(k)) {
2045 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2046 return missing_ok ? 0 : -ENOEXEC;
2047 }
2048
2049 if (!path_is_absolute(k)) {
2050 log_syntax(unit, LOG_ERR, filename, line, 0,
2051 "Working directory path '%s' is not absolute%s.",
2052 rvalue, missing_ok ? ", ignoring" : "");
2053 return missing_ok ? 0 : -ENOEXEC;
2054 }
2055
2056 c->working_directory_home = false;
2057 free_and_replace(c->working_directory, k);
2058 }
2059
2060 c->working_directory_missing_ok = missing_ok;
2061 return 0;
2062 }
2063
2064 int config_parse_unit_env_file(const char *unit,
2065 const char *filename,
2066 unsigned line,
2067 const char *section,
2068 unsigned section_line,
2069 const char *lvalue,
2070 int ltype,
2071 const char *rvalue,
2072 void *data,
2073 void *userdata) {
2074
2075 char ***env = data;
2076 Unit *u = userdata;
2077 _cleanup_free_ char *n = NULL;
2078 int r;
2079
2080 assert(filename);
2081 assert(lvalue);
2082 assert(rvalue);
2083 assert(data);
2084
2085 if (isempty(rvalue)) {
2086 /* Empty assignment frees the list */
2087 *env = strv_free(*env);
2088 return 0;
2089 }
2090
2091 r = unit_full_printf(u, rvalue, &n);
2092 if (r < 0) {
2093 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2094 return 0;
2095 }
2096
2097 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2098 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2099 return 0;
2100 }
2101
2102 r = strv_extend(env, n);
2103 if (r < 0)
2104 return log_oom();
2105
2106 return 0;
2107 }
2108
2109 int config_parse_environ(
2110 const char *unit,
2111 const char *filename,
2112 unsigned line,
2113 const char *section,
2114 unsigned section_line,
2115 const char *lvalue,
2116 int ltype,
2117 const char *rvalue,
2118 void *data,
2119 void *userdata) {
2120
2121 Unit *u = userdata;
2122 char ***env = data;
2123 const char *p;
2124 int r;
2125
2126 assert(filename);
2127 assert(lvalue);
2128 assert(rvalue);
2129 assert(data);
2130
2131 if (isempty(rvalue)) {
2132 /* Empty assignment resets the list */
2133 *env = strv_free(*env);
2134 return 0;
2135 }
2136
2137 for (p = rvalue;; ) {
2138 _cleanup_free_ char *word = NULL, *k = NULL;
2139
2140 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2141 if (r == 0)
2142 return 0;
2143 if (r == -ENOMEM)
2144 return log_oom();
2145 if (r < 0) {
2146 log_syntax(unit, LOG_WARNING, filename, line, r,
2147 "Invalid syntax, ignoring: %s", rvalue);
2148 return 0;
2149 }
2150
2151 if (u) {
2152 r = unit_full_printf(u, word, &k);
2153 if (r < 0) {
2154 log_syntax(unit, LOG_ERR, filename, line, r,
2155 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2156 continue;
2157 }
2158 } else
2159 k = TAKE_PTR(word);
2160
2161 if (!env_assignment_is_valid(k)) {
2162 log_syntax(unit, LOG_ERR, filename, line, 0,
2163 "Invalid environment assignment, ignoring: %s", k);
2164 continue;
2165 }
2166
2167 r = strv_env_replace(env, k);
2168 if (r < 0)
2169 return log_oom();
2170
2171 k = NULL;
2172 }
2173 }
2174
2175 int config_parse_pass_environ(
2176 const char *unit,
2177 const char *filename,
2178 unsigned line,
2179 const char *section,
2180 unsigned section_line,
2181 const char *lvalue,
2182 int ltype,
2183 const char *rvalue,
2184 void *data,
2185 void *userdata) {
2186
2187 _cleanup_strv_free_ char **n = NULL;
2188 size_t nlen = 0, nbufsize = 0;
2189 char*** passenv = data;
2190 const char *p = rvalue;
2191 Unit *u = userdata;
2192 int r;
2193
2194 assert(filename);
2195 assert(lvalue);
2196 assert(rvalue);
2197 assert(data);
2198
2199 if (isempty(rvalue)) {
2200 /* Empty assignment resets the list */
2201 *passenv = strv_free(*passenv);
2202 return 0;
2203 }
2204
2205 for (;;) {
2206 _cleanup_free_ char *word = NULL, *k = NULL;
2207
2208 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2209 if (r == 0)
2210 break;
2211 if (r == -ENOMEM)
2212 return log_oom();
2213 if (r < 0) {
2214 log_syntax(unit, LOG_ERR, filename, line, r,
2215 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2216 break;
2217 }
2218
2219 if (u) {
2220 r = unit_full_printf(u, word, &k);
2221 if (r < 0) {
2222 log_syntax(unit, LOG_ERR, filename, line, r,
2223 "Failed to resolve specifiers in %s, ignoring: %m", word);
2224 continue;
2225 }
2226 } else
2227 k = TAKE_PTR(word);
2228
2229 if (!env_name_is_valid(k)) {
2230 log_syntax(unit, LOG_ERR, filename, line, 0,
2231 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2232 continue;
2233 }
2234
2235 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2236 return log_oom();
2237
2238 n[nlen++] = TAKE_PTR(k);
2239 n[nlen] = NULL;
2240 }
2241
2242 if (n) {
2243 r = strv_extend_strv(passenv, n, true);
2244 if (r < 0)
2245 return r;
2246 }
2247
2248 return 0;
2249 }
2250
2251 int config_parse_unset_environ(
2252 const char *unit,
2253 const char *filename,
2254 unsigned line,
2255 const char *section,
2256 unsigned section_line,
2257 const char *lvalue,
2258 int ltype,
2259 const char *rvalue,
2260 void *data,
2261 void *userdata) {
2262
2263 _cleanup_strv_free_ char **n = NULL;
2264 size_t nlen = 0, nbufsize = 0;
2265 char*** unsetenv = data;
2266 const char *p = rvalue;
2267 Unit *u = userdata;
2268 int r;
2269
2270 assert(filename);
2271 assert(lvalue);
2272 assert(rvalue);
2273 assert(data);
2274
2275 if (isempty(rvalue)) {
2276 /* Empty assignment resets the list */
2277 *unsetenv = strv_free(*unsetenv);
2278 return 0;
2279 }
2280
2281 for (;;) {
2282 _cleanup_free_ char *word = NULL, *k = NULL;
2283
2284 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2285 if (r == 0)
2286 break;
2287 if (r == -ENOMEM)
2288 return log_oom();
2289 if (r < 0) {
2290 log_syntax(unit, LOG_ERR, filename, line, r,
2291 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2292 break;
2293 }
2294
2295 if (u) {
2296 r = unit_full_printf(u, word, &k);
2297 if (r < 0) {
2298 log_syntax(unit, LOG_ERR, filename, line, r,
2299 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2300 continue;
2301 }
2302 } else
2303 k = TAKE_PTR(word);
2304
2305 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2306 log_syntax(unit, LOG_ERR, filename, line, 0,
2307 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2308 continue;
2309 }
2310
2311 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2312 return log_oom();
2313
2314 n[nlen++] = TAKE_PTR(k);
2315 n[nlen] = NULL;
2316 }
2317
2318 if (n) {
2319 r = strv_extend_strv(unsetenv, n, true);
2320 if (r < 0)
2321 return r;
2322 }
2323
2324 return 0;
2325 }
2326
2327 int config_parse_log_extra_fields(
2328 const char *unit,
2329 const char *filename,
2330 unsigned line,
2331 const char *section,
2332 unsigned section_line,
2333 const char *lvalue,
2334 int ltype,
2335 const char *rvalue,
2336 void *data,
2337 void *userdata) {
2338
2339 ExecContext *c = data;
2340 Unit *u = userdata;
2341 const char *p = rvalue;
2342 int r;
2343
2344 assert(filename);
2345 assert(lvalue);
2346 assert(rvalue);
2347 assert(c);
2348
2349 if (isempty(rvalue)) {
2350 exec_context_free_log_extra_fields(c);
2351 return 0;
2352 }
2353
2354 for (;;) {
2355 _cleanup_free_ char *word = NULL, *k = NULL;
2356 struct iovec *t;
2357 const char *eq;
2358
2359 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2360 if (r == 0)
2361 return 0;
2362 if (r == -ENOMEM)
2363 return log_oom();
2364 if (r < 0) {
2365 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2366 return 0;
2367 }
2368
2369 r = unit_full_printf(u, word, &k);
2370 if (r < 0) {
2371 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2372 continue;
2373 }
2374
2375 eq = strchr(k, '=');
2376 if (!eq) {
2377 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2378 continue;
2379 }
2380
2381 if (!journal_field_valid(k, eq-k, false)) {
2382 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2383 continue;
2384 }
2385
2386 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2387 if (!t)
2388 return log_oom();
2389
2390 c->log_extra_fields = t;
2391 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2392
2393 k = NULL;
2394 }
2395 }
2396
2397 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value");
2398
2399 int config_parse_unit_condition_path(
2400 const char *unit,
2401 const char *filename,
2402 unsigned line,
2403 const char *section,
2404 unsigned section_line,
2405 const char *lvalue,
2406 int ltype,
2407 const char *rvalue,
2408 void *data,
2409 void *userdata) {
2410
2411 _cleanup_free_ char *p = NULL;
2412 Condition **list = data, *c;
2413 ConditionType t = ltype;
2414 bool trigger, negate;
2415 Unit *u = userdata;
2416 int r;
2417
2418 assert(filename);
2419 assert(lvalue);
2420 assert(rvalue);
2421 assert(data);
2422
2423 if (isempty(rvalue)) {
2424 /* Empty assignment resets the list */
2425 *list = condition_free_list(*list);
2426 return 0;
2427 }
2428
2429 trigger = rvalue[0] == '|';
2430 if (trigger)
2431 rvalue++;
2432
2433 negate = rvalue[0] == '!';
2434 if (negate)
2435 rvalue++;
2436
2437 r = unit_full_printf(u, rvalue, &p);
2438 if (r < 0) {
2439 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2440 return 0;
2441 }
2442
2443 if (!path_is_absolute(p)) {
2444 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2445 return 0;
2446 }
2447
2448 c = condition_new(t, p, trigger, negate);
2449 if (!c)
2450 return log_oom();
2451
2452 LIST_PREPEND(conditions, *list, c);
2453 return 0;
2454 }
2455
2456 int config_parse_unit_condition_string(
2457 const char *unit,
2458 const char *filename,
2459 unsigned line,
2460 const char *section,
2461 unsigned section_line,
2462 const char *lvalue,
2463 int ltype,
2464 const char *rvalue,
2465 void *data,
2466 void *userdata) {
2467
2468 _cleanup_free_ char *s = NULL;
2469 Condition **list = data, *c;
2470 ConditionType t = ltype;
2471 bool trigger, negate;
2472 Unit *u = userdata;
2473 int r;
2474
2475 assert(filename);
2476 assert(lvalue);
2477 assert(rvalue);
2478 assert(data);
2479
2480 if (isempty(rvalue)) {
2481 /* Empty assignment resets the list */
2482 *list = condition_free_list(*list);
2483 return 0;
2484 }
2485
2486 trigger = rvalue[0] == '|';
2487 if (trigger)
2488 rvalue++;
2489
2490 negate = rvalue[0] == '!';
2491 if (negate)
2492 rvalue++;
2493
2494 r = unit_full_printf(u, rvalue, &s);
2495 if (r < 0) {
2496 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2497 return 0;
2498 }
2499
2500 c = condition_new(t, s, trigger, negate);
2501 if (!c)
2502 return log_oom();
2503
2504 LIST_PREPEND(conditions, *list, c);
2505 return 0;
2506 }
2507
2508 int config_parse_unit_condition_null(
2509 const char *unit,
2510 const char *filename,
2511 unsigned line,
2512 const char *section,
2513 unsigned section_line,
2514 const char *lvalue,
2515 int ltype,
2516 const char *rvalue,
2517 void *data,
2518 void *userdata) {
2519
2520 Condition **list = data, *c;
2521 bool trigger, negate;
2522 int b;
2523
2524 assert(filename);
2525 assert(lvalue);
2526 assert(rvalue);
2527 assert(data);
2528
2529 if (isempty(rvalue)) {
2530 /* Empty assignment resets the list */
2531 *list = condition_free_list(*list);
2532 return 0;
2533 }
2534
2535 trigger = rvalue[0] == '|';
2536 if (trigger)
2537 rvalue++;
2538
2539 negate = rvalue[0] == '!';
2540 if (negate)
2541 rvalue++;
2542
2543 b = parse_boolean(rvalue);
2544 if (b < 0) {
2545 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2546 return 0;
2547 }
2548
2549 if (!b)
2550 negate = !negate;
2551
2552 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2553 if (!c)
2554 return log_oom();
2555
2556 LIST_PREPEND(conditions, *list, c);
2557 return 0;
2558 }
2559
2560 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
2561 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
2562
2563 int config_parse_unit_requires_mounts_for(
2564 const char *unit,
2565 const char *filename,
2566 unsigned line,
2567 const char *section,
2568 unsigned section_line,
2569 const char *lvalue,
2570 int ltype,
2571 const char *rvalue,
2572 void *data,
2573 void *userdata) {
2574
2575 const char *p = rvalue;
2576 Unit *u = userdata;
2577 int r;
2578
2579 assert(filename);
2580 assert(lvalue);
2581 assert(rvalue);
2582 assert(data);
2583
2584 for (;;) {
2585 _cleanup_free_ char *word = NULL, *resolved = NULL;
2586
2587 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2588 if (r == 0)
2589 return 0;
2590 if (r == -ENOMEM)
2591 return log_oom();
2592 if (r < 0) {
2593 log_syntax(unit, LOG_WARNING, filename, line, r,
2594 "Invalid syntax, ignoring: %s", rvalue);
2595 return 0;
2596 }
2597
2598 if (!utf8_is_valid(word)) {
2599 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2600 continue;
2601 }
2602
2603 r = unit_full_printf(u, word, &resolved);
2604 if (r < 0) {
2605 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2606 continue;
2607 }
2608
2609 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2610 if (r < 0) {
2611 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2612 continue;
2613 }
2614 }
2615 }
2616
2617 int config_parse_documentation(const char *unit,
2618 const char *filename,
2619 unsigned line,
2620 const char *section,
2621 unsigned section_line,
2622 const char *lvalue,
2623 int ltype,
2624 const char *rvalue,
2625 void *data,
2626 void *userdata) {
2627
2628 Unit *u = userdata;
2629 int r;
2630 char **a, **b;
2631
2632 assert(filename);
2633 assert(lvalue);
2634 assert(rvalue);
2635 assert(u);
2636
2637 if (isempty(rvalue)) {
2638 /* Empty assignment resets the list */
2639 u->documentation = strv_free(u->documentation);
2640 return 0;
2641 }
2642
2643 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2644 rvalue, data, userdata);
2645 if (r < 0)
2646 return r;
2647
2648 for (a = b = u->documentation; a && *a; a++) {
2649
2650 if (documentation_url_is_valid(*a))
2651 *(b++) = *a;
2652 else {
2653 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2654 free(*a);
2655 }
2656 }
2657 if (b)
2658 *b = NULL;
2659
2660 return r;
2661 }
2662
2663 #if HAVE_SECCOMP
2664 int config_parse_syscall_filter(
2665 const char *unit,
2666 const char *filename,
2667 unsigned line,
2668 const char *section,
2669 unsigned section_line,
2670 const char *lvalue,
2671 int ltype,
2672 const char *rvalue,
2673 void *data,
2674 void *userdata) {
2675
2676 ExecContext *c = data;
2677 Unit *u = userdata;
2678 bool invert = false;
2679 const char *p;
2680 int r;
2681
2682 assert(filename);
2683 assert(lvalue);
2684 assert(rvalue);
2685 assert(u);
2686
2687 if (isempty(rvalue)) {
2688 /* Empty assignment resets the list */
2689 c->syscall_filter = hashmap_free(c->syscall_filter);
2690 c->syscall_whitelist = false;
2691 return 0;
2692 }
2693
2694 if (rvalue[0] == '~') {
2695 invert = true;
2696 rvalue++;
2697 }
2698
2699 if (!c->syscall_filter) {
2700 c->syscall_filter = hashmap_new(NULL);
2701 if (!c->syscall_filter)
2702 return log_oom();
2703
2704 if (invert)
2705 /* Allow everything but the ones listed */
2706 c->syscall_whitelist = false;
2707 else {
2708 /* Allow nothing but the ones listed */
2709 c->syscall_whitelist = true;
2710
2711 /* Accept default syscalls if we are on a whitelist */
2712 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2713 if (r < 0)
2714 return r;
2715 }
2716 }
2717
2718 p = rvalue;
2719 for (;;) {
2720 _cleanup_free_ char *word = NULL, *name = NULL;
2721 int num;
2722
2723 r = extract_first_word(&p, &word, NULL, 0);
2724 if (r == 0)
2725 return 0;
2726 if (r == -ENOMEM)
2727 return log_oom();
2728 if (r < 0) {
2729 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2730 return 0;
2731 }
2732
2733 r = parse_syscall_and_errno(word, &name, &num);
2734 if (r < 0) {
2735 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2736 continue;
2737 }
2738
2739 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2740 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2741 unit, filename, line);
2742 if (r < 0)
2743 return r;
2744 }
2745 }
2746
2747 int config_parse_syscall_archs(
2748 const char *unit,
2749 const char *filename,
2750 unsigned line,
2751 const char *section,
2752 unsigned section_line,
2753 const char *lvalue,
2754 int ltype,
2755 const char *rvalue,
2756 void *data,
2757 void *userdata) {
2758
2759 const char *p = rvalue;
2760 Set **archs = data;
2761 int r;
2762
2763 if (isempty(rvalue)) {
2764 *archs = set_free(*archs);
2765 return 0;
2766 }
2767
2768 r = set_ensure_allocated(archs, NULL);
2769 if (r < 0)
2770 return log_oom();
2771
2772 for (;;) {
2773 _cleanup_free_ char *word = NULL;
2774 uint32_t a;
2775
2776 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2777 if (r == 0)
2778 return 0;
2779 if (r == -ENOMEM)
2780 return log_oom();
2781 if (r < 0) {
2782 log_syntax(unit, LOG_WARNING, filename, line, r,
2783 "Invalid syntax, ignoring: %s", rvalue);
2784 return 0;
2785 }
2786
2787 r = seccomp_arch_from_string(word, &a);
2788 if (r < 0) {
2789 log_syntax(unit, LOG_ERR, filename, line, r,
2790 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2791 continue;
2792 }
2793
2794 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2795 if (r < 0)
2796 return log_oom();
2797 }
2798 }
2799
2800 int config_parse_syscall_errno(
2801 const char *unit,
2802 const char *filename,
2803 unsigned line,
2804 const char *section,
2805 unsigned section_line,
2806 const char *lvalue,
2807 int ltype,
2808 const char *rvalue,
2809 void *data,
2810 void *userdata) {
2811
2812 ExecContext *c = data;
2813 int e;
2814
2815 assert(filename);
2816 assert(lvalue);
2817 assert(rvalue);
2818
2819 if (isempty(rvalue)) {
2820 /* Empty assignment resets to KILL */
2821 c->syscall_errno = 0;
2822 return 0;
2823 }
2824
2825 e = parse_errno(rvalue);
2826 if (e <= 0) {
2827 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2828 return 0;
2829 }
2830
2831 c->syscall_errno = e;
2832 return 0;
2833 }
2834
2835 int config_parse_address_families(
2836 const char *unit,
2837 const char *filename,
2838 unsigned line,
2839 const char *section,
2840 unsigned section_line,
2841 const char *lvalue,
2842 int ltype,
2843 const char *rvalue,
2844 void *data,
2845 void *userdata) {
2846
2847 ExecContext *c = data;
2848 bool invert = false;
2849 const char *p;
2850 int r;
2851
2852 assert(filename);
2853 assert(lvalue);
2854 assert(rvalue);
2855
2856 if (isempty(rvalue)) {
2857 /* Empty assignment resets the list */
2858 c->address_families = set_free(c->address_families);
2859 c->address_families_whitelist = false;
2860 return 0;
2861 }
2862
2863 if (rvalue[0] == '~') {
2864 invert = true;
2865 rvalue++;
2866 }
2867
2868 if (!c->address_families) {
2869 c->address_families = set_new(NULL);
2870 if (!c->address_families)
2871 return log_oom();
2872
2873 c->address_families_whitelist = !invert;
2874 }
2875
2876 for (p = rvalue;;) {
2877 _cleanup_free_ char *word = NULL;
2878 int af;
2879
2880 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2881 if (r == 0)
2882 return 0;
2883 if (r == -ENOMEM)
2884 return log_oom();
2885 if (r < 0) {
2886 log_syntax(unit, LOG_WARNING, filename, line, r,
2887 "Invalid syntax, ignoring: %s", rvalue);
2888 return 0;
2889 }
2890
2891 af = af_from_name(word);
2892 if (af <= 0) {
2893 log_syntax(unit, LOG_ERR, filename, line, 0,
2894 "Failed to parse address family, ignoring: %s", word);
2895 continue;
2896 }
2897
2898 /* If we previously wanted to forbid an address family and now
2899 * we want to allow it, then just remove it from the list.
2900 */
2901 if (!invert == c->address_families_whitelist) {
2902 r = set_put(c->address_families, INT_TO_PTR(af));
2903 if (r < 0)
2904 return log_oom();
2905 } else
2906 set_remove(c->address_families, INT_TO_PTR(af));
2907 }
2908 }
2909
2910 int config_parse_restrict_namespaces(
2911 const char *unit,
2912 const char *filename,
2913 unsigned line,
2914 const char *section,
2915 unsigned section_line,
2916 const char *lvalue,
2917 int ltype,
2918 const char *rvalue,
2919 void *data,
2920 void *userdata) {
2921
2922 ExecContext *c = data;
2923 unsigned long flags;
2924 bool invert = false;
2925 int r;
2926
2927 if (isempty(rvalue)) {
2928 /* Reset to the default. */
2929 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
2930 return 0;
2931 }
2932
2933 /* Boolean parameter ignores the previous settings */
2934 r = parse_boolean(rvalue);
2935 if (r > 0) {
2936 c->restrict_namespaces = 0;
2937 return 0;
2938 } else if (r == 0) {
2939 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
2940 return 0;
2941 }
2942
2943 if (rvalue[0] == '~') {
2944 invert = true;
2945 rvalue++;
2946 }
2947
2948 /* Not a boolean argument, in this case it's a list of namespace types. */
2949 r = namespace_flags_from_string(rvalue, &flags);
2950 if (r < 0) {
2951 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
2952 return 0;
2953 }
2954
2955 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
2956 /* Initial assignment. Just set the value. */
2957 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
2958 else
2959 /* Merge the value with the previous one. */
2960 SET_FLAG(c->restrict_namespaces, flags, !invert);
2961
2962 return 0;
2963 }
2964 #endif
2965
2966 int config_parse_unit_slice(
2967 const char *unit,
2968 const char *filename,
2969 unsigned line,
2970 const char *section,
2971 unsigned section_line,
2972 const char *lvalue,
2973 int ltype,
2974 const char *rvalue,
2975 void *data,
2976 void *userdata) {
2977
2978 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2979 _cleanup_free_ char *k = NULL;
2980 Unit *u = userdata, *slice = NULL;
2981 int r;
2982
2983 assert(filename);
2984 assert(lvalue);
2985 assert(rvalue);
2986 assert(u);
2987
2988 r = unit_name_printf(u, rvalue, &k);
2989 if (r < 0) {
2990 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2991 return 0;
2992 }
2993
2994 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
2995 if (r < 0) {
2996 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
2997 return 0;
2998 }
2999
3000 r = unit_set_slice(u, slice);
3001 if (r < 0) {
3002 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3003 return 0;
3004 }
3005
3006 return 0;
3007 }
3008
3009 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
3010 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight");
3011 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
3012
3013 int config_parse_cpu_quota(
3014 const char *unit,
3015 const char *filename,
3016 unsigned line,
3017 const char *section,
3018 unsigned section_line,
3019 const char *lvalue,
3020 int ltype,
3021 const char *rvalue,
3022 void *data,
3023 void *userdata) {
3024
3025 CGroupContext *c = data;
3026 int r;
3027
3028 assert(filename);
3029 assert(lvalue);
3030 assert(rvalue);
3031
3032 if (isempty(rvalue)) {
3033 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3034 return 0;
3035 }
3036
3037 r = parse_percent_unbounded(rvalue);
3038 if (r <= 0) {
3039 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3040 return 0;
3041 }
3042
3043 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3044 return 0;
3045 }
3046
3047 int config_parse_memory_limit(
3048 const char *unit,
3049 const char *filename,
3050 unsigned line,
3051 const char *section,
3052 unsigned section_line,
3053 const char *lvalue,
3054 int ltype,
3055 const char *rvalue,
3056 void *data,
3057 void *userdata) {
3058
3059 CGroupContext *c = data;
3060 uint64_t bytes = CGROUP_LIMIT_MAX;
3061 int r;
3062
3063 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3064
3065 r = parse_percent(rvalue);
3066 if (r < 0) {
3067 r = parse_size(rvalue, 1024, &bytes);
3068 if (r < 0) {
3069 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3070 return 0;
3071 }
3072 } else
3073 bytes = physical_memory_scale(r, 100U);
3074
3075 if (bytes >= UINT64_MAX ||
3076 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3077 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3078 return 0;
3079 }
3080 }
3081
3082 if (streq(lvalue, "MemoryLow"))
3083 c->memory_low = bytes;
3084 else if (streq(lvalue, "MemoryHigh"))
3085 c->memory_high = bytes;
3086 else if (streq(lvalue, "MemoryMax"))
3087 c->memory_max = bytes;
3088 else if (streq(lvalue, "MemorySwapMax"))
3089 c->memory_swap_max = bytes;
3090 else if (streq(lvalue, "MemoryLimit"))
3091 c->memory_limit = bytes;
3092 else
3093 return -EINVAL;
3094
3095 return 0;
3096 }
3097
3098 int config_parse_tasks_max(
3099 const char *unit,
3100 const char *filename,
3101 unsigned line,
3102 const char *section,
3103 unsigned section_line,
3104 const char *lvalue,
3105 int ltype,
3106 const char *rvalue,
3107 void *data,
3108 void *userdata) {
3109
3110 uint64_t *tasks_max = data, v;
3111 Unit *u = userdata;
3112 int r;
3113
3114 if (isempty(rvalue)) {
3115 *tasks_max = u->manager->default_tasks_max;
3116 return 0;
3117 }
3118
3119 if (streq(rvalue, "infinity")) {
3120 *tasks_max = CGROUP_LIMIT_MAX;
3121 return 0;
3122 }
3123
3124 r = parse_percent(rvalue);
3125 if (r < 0) {
3126 r = safe_atou64(rvalue, &v);
3127 if (r < 0) {
3128 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3129 return 0;
3130 }
3131 } else
3132 v = system_tasks_max_scale(r, 100U);
3133
3134 if (v <= 0 || v >= UINT64_MAX) {
3135 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3136 return 0;
3137 }
3138
3139 *tasks_max = v;
3140 return 0;
3141 }
3142
3143 int config_parse_delegate(
3144 const char *unit,
3145 const char *filename,
3146 unsigned line,
3147 const char *section,
3148 unsigned section_line,
3149 const char *lvalue,
3150 int ltype,
3151 const char *rvalue,
3152 void *data,
3153 void *userdata) {
3154
3155 CGroupContext *c = data;
3156 UnitType t;
3157 int r;
3158
3159 t = unit_name_to_type(unit);
3160 assert(t != _UNIT_TYPE_INVALID);
3161
3162 if (!unit_vtable[t]->can_delegate) {
3163 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3164 return 0;
3165 }
3166
3167 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3168 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3169 * mask to delegate. */
3170
3171 if (isempty(rvalue)) {
3172 /* An empty string resets controllers and set Delegate=yes. */
3173 c->delegate = true;
3174 c->delegate_controllers = 0;
3175 return 0;
3176 }
3177
3178 r = parse_boolean(rvalue);
3179 if (r < 0) {
3180 const char *p = rvalue;
3181 CGroupMask mask = 0;
3182
3183 for (;;) {
3184 _cleanup_free_ char *word = NULL;
3185 CGroupController cc;
3186
3187 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3188 if (r == 0)
3189 break;
3190 if (r == -ENOMEM)
3191 return log_oom();
3192 if (r < 0) {
3193 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3194 return 0;
3195 }
3196
3197 cc = cgroup_controller_from_string(word);
3198 if (cc < 0) {
3199 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3200 continue;
3201 }
3202
3203 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3204 }
3205
3206 c->delegate = true;
3207 c->delegate_controllers |= mask;
3208
3209 } else if (r > 0) {
3210 c->delegate = true;
3211 c->delegate_controllers = _CGROUP_MASK_ALL;
3212 } else {
3213 c->delegate = false;
3214 c->delegate_controllers = 0;
3215 }
3216
3217 return 0;
3218 }
3219
3220 int config_parse_device_allow(
3221 const char *unit,
3222 const char *filename,
3223 unsigned line,
3224 const char *section,
3225 unsigned section_line,
3226 const char *lvalue,
3227 int ltype,
3228 const char *rvalue,
3229 void *data,
3230 void *userdata) {
3231
3232 _cleanup_free_ char *path = NULL, *resolved = NULL;
3233 CGroupContext *c = data;
3234 CGroupDeviceAllow *a;
3235 const char *p = rvalue;
3236 int r;
3237
3238 if (isempty(rvalue)) {
3239 while (c->device_allow)
3240 cgroup_context_free_device_allow(c, c->device_allow);
3241
3242 return 0;
3243 }
3244
3245 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3246 if (r == -ENOMEM)
3247 return log_oom();
3248 if (r < 0) {
3249 log_syntax(unit, LOG_WARNING, filename, line, r,
3250 "Invalid syntax, ignoring: %s", rvalue);
3251 return 0;
3252 }
3253 if (r == 0) {
3254 log_syntax(unit, LOG_WARNING, filename, line, 0,
3255 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3256 return 0;
3257 }
3258
3259 r = unit_full_printf(userdata, path, &resolved);
3260 if (r < 0) {
3261 log_syntax(unit, LOG_WARNING, filename, line, r,
3262 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3263 return 0;
3264 }
3265
3266 if (!is_deviceallow_pattern(resolved) &&
3267 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3268 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3269 return 0;
3270 }
3271
3272 if (!isempty(p) && !in_charset(p, "rwm")) {
3273 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3274 return 0;
3275 }
3276
3277 a = new0(CGroupDeviceAllow, 1);
3278 if (!a)
3279 return log_oom();
3280
3281 a->path = TAKE_PTR(resolved);
3282 a->r = isempty(p) || !!strchr(p, 'r');
3283 a->w = isempty(p) || !!strchr(p, 'w');
3284 a->m = isempty(p) || !!strchr(p, 'm');
3285
3286 LIST_PREPEND(device_allow, c->device_allow, a);
3287 return 0;
3288 }
3289
3290 int config_parse_io_device_weight(
3291 const char *unit,
3292 const char *filename,
3293 unsigned line,
3294 const char *section,
3295 unsigned section_line,
3296 const char *lvalue,
3297 int ltype,
3298 const char *rvalue,
3299 void *data,
3300 void *userdata) {
3301
3302 _cleanup_free_ char *path = NULL, *resolved = NULL;
3303 CGroupIODeviceWeight *w;
3304 CGroupContext *c = data;
3305 const char *p = rvalue;
3306 uint64_t u;
3307 int r;
3308
3309 assert(filename);
3310 assert(lvalue);
3311 assert(rvalue);
3312
3313 if (isempty(rvalue)) {
3314 while (c->io_device_weights)
3315 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3316
3317 return 0;
3318 }
3319
3320 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3321 if (r == -ENOMEM)
3322 return log_oom();
3323 if (r < 0) {
3324 log_syntax(unit, LOG_WARNING, filename, line, r,
3325 "Invalid syntax, ignoring: %s", rvalue);
3326 return 0;
3327 }
3328 if (r == 0 || isempty(p)) {
3329 log_syntax(unit, LOG_WARNING, filename, line, 0,
3330 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3331 return 0;
3332 }
3333
3334 r = unit_full_printf(userdata, path, &resolved);
3335 if (r < 0) {
3336 log_syntax(unit, LOG_WARNING, filename, line, r,
3337 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3338 return 0;
3339 }
3340
3341 if (!path_startswith(resolved, "/dev") &&
3342 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3343 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3344 return 0;
3345 }
3346
3347 r = cg_weight_parse(p, &u);
3348 if (r < 0) {
3349 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3350 return 0;
3351 }
3352
3353 assert(u != CGROUP_WEIGHT_INVALID);
3354
3355 w = new0(CGroupIODeviceWeight, 1);
3356 if (!w)
3357 return log_oom();
3358
3359 w->path = TAKE_PTR(resolved);
3360 w->weight = u;
3361
3362 LIST_PREPEND(device_weights, c->io_device_weights, w);
3363 return 0;
3364 }
3365
3366 int config_parse_io_limit(
3367 const char *unit,
3368 const char *filename,
3369 unsigned line,
3370 const char *section,
3371 unsigned section_line,
3372 const char *lvalue,
3373 int ltype,
3374 const char *rvalue,
3375 void *data,
3376 void *userdata) {
3377
3378 _cleanup_free_ char *path = NULL, *resolved = NULL;
3379 CGroupIODeviceLimit *l = NULL, *t;
3380 CGroupContext *c = data;
3381 CGroupIOLimitType type;
3382 const char *p = rvalue;
3383 uint64_t num;
3384 int r;
3385
3386 assert(filename);
3387 assert(lvalue);
3388 assert(rvalue);
3389
3390 type = cgroup_io_limit_type_from_string(lvalue);
3391 assert(type >= 0);
3392
3393 if (isempty(rvalue)) {
3394 LIST_FOREACH(device_limits, l, c->io_device_limits)
3395 l->limits[type] = cgroup_io_limit_defaults[type];
3396 return 0;
3397 }
3398
3399 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3400 if (r == -ENOMEM)
3401 return log_oom();
3402 if (r < 0) {
3403 log_syntax(unit, LOG_WARNING, filename, line, r,
3404 "Invalid syntax, ignoring: %s", rvalue);
3405 return 0;
3406 }
3407 if (r == 0 || isempty(p)) {
3408 log_syntax(unit, LOG_WARNING, filename, line, 0,
3409 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3410 return 0;
3411 }
3412
3413 r = unit_full_printf(userdata, path, &resolved);
3414 if (r < 0) {
3415 log_syntax(unit, LOG_WARNING, filename, line, r,
3416 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3417 return 0;
3418 }
3419
3420 if (!path_startswith(resolved, "/dev") &&
3421 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3422 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3423 return 0;
3424 }
3425
3426 if (streq("infinity", p)) {
3427 num = CGROUP_LIMIT_MAX;
3428 } else {
3429 r = parse_size(p, 1000, &num);
3430 if (r < 0 || num <= 0) {
3431 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3432 return 0;
3433 }
3434 }
3435
3436 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3437 if (path_equal(resolved, t->path)) {
3438 l = t;
3439 break;
3440 }
3441 }
3442
3443 if (!l) {
3444 CGroupIOLimitType ttype;
3445
3446 l = new0(CGroupIODeviceLimit, 1);
3447 if (!l)
3448 return log_oom();
3449
3450 l->path = TAKE_PTR(resolved);
3451 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3452 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3453
3454 LIST_PREPEND(device_limits, c->io_device_limits, l);
3455 }
3456
3457 l->limits[type] = num;
3458
3459 return 0;
3460 }
3461
3462 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight");
3463
3464 int config_parse_blockio_device_weight(
3465 const char *unit,
3466 const char *filename,
3467 unsigned line,
3468 const char *section,
3469 unsigned section_line,
3470 const char *lvalue,
3471 int ltype,
3472 const char *rvalue,
3473 void *data,
3474 void *userdata) {
3475
3476 _cleanup_free_ char *path = NULL, *resolved = NULL;
3477 CGroupBlockIODeviceWeight *w;
3478 CGroupContext *c = data;
3479 const char *p = rvalue;
3480 uint64_t u;
3481 int r;
3482
3483 assert(filename);
3484 assert(lvalue);
3485 assert(rvalue);
3486
3487 if (isempty(rvalue)) {
3488 while (c->blockio_device_weights)
3489 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3490
3491 return 0;
3492 }
3493
3494 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3495 if (r == -ENOMEM)
3496 return log_oom();
3497 if (r < 0) {
3498 log_syntax(unit, LOG_WARNING, filename, line, r,
3499 "Invalid syntax, ignoring: %s", rvalue);
3500 return 0;
3501 }
3502 if (r == 0 || isempty(p)) {
3503 log_syntax(unit, LOG_WARNING, filename, line, 0,
3504 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3505 return 0;
3506 }
3507
3508 r = unit_full_printf(userdata, path, &resolved);
3509 if (r < 0) {
3510 log_syntax(unit, LOG_WARNING, filename, line, r,
3511 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3512 return 0;
3513 }
3514
3515 if (!path_startswith(resolved, "/dev") &&
3516 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3517 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", resolved);
3518 return 0;
3519 }
3520
3521 r = cg_blkio_weight_parse(p, &u);
3522 if (r < 0) {
3523 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3524 return 0;
3525 }
3526
3527 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3528
3529 w = new0(CGroupBlockIODeviceWeight, 1);
3530 if (!w)
3531 return log_oom();
3532
3533 w->path = TAKE_PTR(resolved);
3534 w->weight = u;
3535
3536 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3537 return 0;
3538 }
3539
3540 int config_parse_blockio_bandwidth(
3541 const char *unit,
3542 const char *filename,
3543 unsigned line,
3544 const char *section,
3545 unsigned section_line,
3546 const char *lvalue,
3547 int ltype,
3548 const char *rvalue,
3549 void *data,
3550 void *userdata) {
3551
3552 _cleanup_free_ char *path = NULL, *resolved = NULL;
3553 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3554 CGroupContext *c = data;
3555 const char *p = rvalue;
3556 uint64_t bytes;
3557 bool read;
3558 int r;
3559
3560 assert(filename);
3561 assert(lvalue);
3562 assert(rvalue);
3563
3564 read = streq("BlockIOReadBandwidth", lvalue);
3565
3566 if (isempty(rvalue)) {
3567 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3568 b->rbps = CGROUP_LIMIT_MAX;
3569 b->wbps = CGROUP_LIMIT_MAX;
3570 }
3571 return 0;
3572 }
3573
3574 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3575 if (r == -ENOMEM)
3576 return log_oom();
3577 if (r < 0) {
3578 log_syntax(unit, LOG_WARNING, filename, line, r,
3579 "Invalid syntax, ignoring: %s", rvalue);
3580 return 0;
3581 }
3582 if (r == 0 || isempty(p)) {
3583 log_syntax(unit, LOG_WARNING, filename, line, 0,
3584 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3585 return 0;
3586 }
3587
3588 r = unit_full_printf(userdata, path, &resolved);
3589 if (r < 0) {
3590 log_syntax(unit, LOG_WARNING, filename, line, r,
3591 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3592 return 0;
3593 }
3594
3595 if (!path_startswith(resolved, "/dev") &&
3596 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3597 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3598 return 0;
3599 }
3600
3601 r = parse_size(p, 1000, &bytes);
3602 if (r < 0 || bytes <= 0) {
3603 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3604 return 0;
3605 }
3606
3607 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3608 if (path_equal(resolved, t->path)) {
3609 b = t;
3610 break;
3611 }
3612 }
3613
3614 if (!t) {
3615 b = new0(CGroupBlockIODeviceBandwidth, 1);
3616 if (!b)
3617 return log_oom();
3618
3619 b->path = TAKE_PTR(resolved);
3620 b->rbps = CGROUP_LIMIT_MAX;
3621 b->wbps = CGROUP_LIMIT_MAX;
3622
3623 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3624 }
3625
3626 if (read)
3627 b->rbps = bytes;
3628 else
3629 b->wbps = bytes;
3630
3631 return 0;
3632 }
3633
3634 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
3635
3636 int config_parse_job_mode_isolate(
3637 const char *unit,
3638 const char *filename,
3639 unsigned line,
3640 const char *section,
3641 unsigned section_line,
3642 const char *lvalue,
3643 int ltype,
3644 const char *rvalue,
3645 void *data,
3646 void *userdata) {
3647
3648 JobMode *m = data;
3649 int r;
3650
3651 assert(filename);
3652 assert(lvalue);
3653 assert(rvalue);
3654
3655 r = parse_boolean(rvalue);
3656 if (r < 0) {
3657 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3658 return 0;
3659 }
3660
3661 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3662
3663 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3664 return 0;
3665 }
3666
3667 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
3668
3669 int config_parse_exec_directories(
3670 const char *unit,
3671 const char *filename,
3672 unsigned line,
3673 const char *section,
3674 unsigned section_line,
3675 const char *lvalue,
3676 int ltype,
3677 const char *rvalue,
3678 void *data,
3679 void *userdata) {
3680
3681 char***rt = data;
3682 Unit *u = userdata;
3683 const char *p;
3684 int r;
3685
3686 assert(filename);
3687 assert(lvalue);
3688 assert(rvalue);
3689 assert(data);
3690
3691 if (isempty(rvalue)) {
3692 /* Empty assignment resets the list */
3693 *rt = strv_free(*rt);
3694 return 0;
3695 }
3696
3697 for (p = rvalue;;) {
3698 _cleanup_free_ char *word = NULL, *k = NULL;
3699
3700 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3701 if (r == -ENOMEM)
3702 return log_oom();
3703 if (r < 0) {
3704 log_syntax(unit, LOG_WARNING, filename, line, r,
3705 "Invalid syntax, ignoring: %s", rvalue);
3706 return 0;
3707 }
3708 if (r == 0)
3709 return 0;
3710
3711 r = unit_full_printf(u, word, &k);
3712 if (r < 0) {
3713 log_syntax(unit, LOG_ERR, filename, line, r,
3714 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3715 continue;
3716 }
3717
3718 if (!path_is_normalized(k)) {
3719 log_syntax(unit, LOG_ERR, filename, line, 0,
3720 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3721 continue;
3722 }
3723
3724 if (path_is_absolute(k)) {
3725 log_syntax(unit, LOG_ERR, filename, line, 0,
3726 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3727 continue;
3728 }
3729
3730 if (path_startswith(k, "private")) {
3731 log_syntax(unit, LOG_ERR, filename, line, 0,
3732 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3733 continue;
3734 }
3735
3736 r = strv_push(rt, k);
3737 if (r < 0)
3738 return log_oom();
3739 k = NULL;
3740 }
3741 }
3742
3743 int config_parse_set_status(
3744 const char *unit,
3745 const char *filename,
3746 unsigned line,
3747 const char *section,
3748 unsigned section_line,
3749 const char *lvalue,
3750 int ltype,
3751 const char *rvalue,
3752 void *data,
3753 void *userdata) {
3754
3755 size_t l;
3756 const char *word, *state;
3757 int r;
3758 ExitStatusSet *status_set = data;
3759
3760 assert(filename);
3761 assert(lvalue);
3762 assert(rvalue);
3763 assert(data);
3764
3765 /* Empty assignment resets the list */
3766 if (isempty(rvalue)) {
3767 exit_status_set_free(status_set);
3768 return 0;
3769 }
3770
3771 FOREACH_WORD(word, l, rvalue, state) {
3772 _cleanup_free_ char *temp;
3773 int val;
3774 Set **set;
3775
3776 temp = strndup(word, l);
3777 if (!temp)
3778 return log_oom();
3779
3780 r = safe_atoi(temp, &val);
3781 if (r < 0) {
3782 val = signal_from_string(temp);
3783
3784 if (val <= 0) {
3785 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
3786 continue;
3787 }
3788 set = &status_set->signal;
3789 } else {
3790 if (val < 0 || val > 255) {
3791 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
3792 continue;
3793 }
3794 set = &status_set->status;
3795 }
3796
3797 r = set_ensure_allocated(set, NULL);
3798 if (r < 0)
3799 return log_oom();
3800
3801 r = set_put(*set, INT_TO_PTR(val));
3802 if (r < 0)
3803 return log_oom();
3804 }
3805 if (!isempty(state))
3806 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
3807
3808 return 0;
3809 }
3810
3811 int config_parse_namespace_path_strv(
3812 const char *unit,
3813 const char *filename,
3814 unsigned line,
3815 const char *section,
3816 unsigned section_line,
3817 const char *lvalue,
3818 int ltype,
3819 const char *rvalue,
3820 void *data,
3821 void *userdata) {
3822
3823 Unit *u = userdata;
3824 char*** sv = data;
3825 const char *p = rvalue;
3826 int r;
3827
3828 assert(filename);
3829 assert(lvalue);
3830 assert(rvalue);
3831 assert(data);
3832
3833 if (isempty(rvalue)) {
3834 /* Empty assignment resets the list */
3835 *sv = strv_free(*sv);
3836 return 0;
3837 }
3838
3839 for (;;) {
3840 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
3841 const char *w;
3842 bool ignore_enoent = false, shall_prefix = false;
3843
3844 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3845 if (r == 0)
3846 break;
3847 if (r == -ENOMEM)
3848 return log_oom();
3849 if (r < 0) {
3850 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3851 return 0;
3852 }
3853
3854 if (!utf8_is_valid(word)) {
3855 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
3856 continue;
3857 }
3858
3859 w = word;
3860 if (startswith(w, "-")) {
3861 ignore_enoent = true;
3862 w++;
3863 }
3864 if (startswith(w, "+")) {
3865 shall_prefix = true;
3866 w++;
3867 }
3868
3869 r = unit_full_printf(u, w, &resolved);
3870 if (r < 0) {
3871 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
3872 continue;
3873 }
3874
3875 if (!path_is_absolute(resolved)) {
3876 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
3877 continue;
3878 }
3879
3880 path_kill_slashes(resolved);
3881
3882 joined = strjoin(ignore_enoent ? "-" : "",
3883 shall_prefix ? "+" : "",
3884 resolved);
3885
3886 r = strv_push(sv, joined);
3887 if (r < 0)
3888 return log_oom();
3889
3890 joined = NULL;
3891 }
3892
3893 return 0;
3894 }
3895
3896 int config_parse_temporary_filesystems(
3897 const char *unit,
3898 const char *filename,
3899 unsigned line,
3900 const char *section,
3901 unsigned section_line,
3902 const char *lvalue,
3903 int ltype,
3904 const char *rvalue,
3905 void *data,
3906 void *userdata) {
3907
3908 Unit *u = userdata;
3909 ExecContext *c = data;
3910 const char *p = rvalue;
3911 int r;
3912
3913 assert(filename);
3914 assert(lvalue);
3915 assert(rvalue);
3916 assert(data);
3917
3918 if (isempty(rvalue)) {
3919 /* Empty assignment resets the list */
3920 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
3921 c->temporary_filesystems = NULL;
3922 c->n_temporary_filesystems = 0;
3923 return 0;
3924 }
3925
3926 for (;;) {
3927 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
3928 const char *w;
3929
3930 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3931 if (r == 0)
3932 return 0;
3933 if (r == -ENOMEM)
3934 return log_oom();
3935 if (r < 0) {
3936 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3937 return 0;
3938 }
3939
3940 w = word;
3941 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
3942 if (r == -ENOMEM)
3943 return log_oom();
3944 if (r < 0) {
3945 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
3946 continue;
3947 }
3948 if (r == 0) {
3949 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
3950 continue;
3951 }
3952
3953 r = unit_full_printf(u, path, &resolved);
3954 if (r < 0) {
3955 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
3956 continue;
3957 }
3958
3959 if (!path_is_absolute(resolved)) {
3960 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
3961 continue;
3962 }
3963
3964 path_kill_slashes(resolved);
3965
3966 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
3967 if (r == -ENOMEM)
3968 return log_oom();
3969 if (r < 0) {
3970 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
3971 continue;
3972 }
3973 }
3974 }
3975
3976 int config_parse_bind_paths(
3977 const char *unit,
3978 const char *filename,
3979 unsigned line,
3980 const char *section,
3981 unsigned section_line,
3982 const char *lvalue,
3983 int ltype,
3984 const char *rvalue,
3985 void *data,
3986 void *userdata) {
3987
3988 ExecContext *c = data;
3989 Unit *u = userdata;
3990 const char *p;
3991 int r;
3992
3993 assert(filename);
3994 assert(lvalue);
3995 assert(rvalue);
3996 assert(data);
3997
3998 if (isempty(rvalue)) {
3999 /* Empty assignment resets the list */
4000 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
4001 c->bind_mounts = NULL;
4002 c->n_bind_mounts = 0;
4003 return 0;
4004 }
4005
4006 p = rvalue;
4007 for (;;) {
4008 _cleanup_free_ char *source = NULL, *destination = NULL;
4009 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4010 char *s = NULL, *d = NULL;
4011 bool rbind = true, ignore_enoent = false;
4012
4013 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4014 if (r == 0)
4015 break;
4016 if (r == -ENOMEM)
4017 return log_oom();
4018 if (r < 0) {
4019 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4020 return 0;
4021 }
4022
4023 r = unit_full_printf(u, source, &sresolved);
4024 if (r < 0) {
4025 log_syntax(unit, LOG_ERR, filename, line, r,
4026 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4027 return 0;
4028 }
4029
4030 s = sresolved;
4031 if (s[0] == '-') {
4032 ignore_enoent = true;
4033 s++;
4034 }
4035
4036 if (!utf8_is_valid(s)) {
4037 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4038 return 0;
4039 }
4040 if (!path_is_absolute(s)) {
4041 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4042 return 0;
4043 }
4044
4045 path_kill_slashes(s);
4046
4047 /* Optionally, the destination is specified. */
4048 if (p && p[-1] == ':') {
4049 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4050 if (r == -ENOMEM)
4051 return log_oom();
4052 if (r < 0) {
4053 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4054 return 0;
4055 }
4056 if (r == 0) {
4057 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4058 return 0;
4059 }
4060
4061 r = unit_full_printf(u, destination, &dresolved);
4062 if (r < 0) {
4063 log_syntax(unit, LOG_ERR, filename, line, r,
4064 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4065 return 0;
4066 }
4067
4068 if (!utf8_is_valid(dresolved)) {
4069 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4070 return 0;
4071 }
4072 if (!path_is_absolute(dresolved)) {
4073 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4074 return 0;
4075 }
4076
4077 d = path_kill_slashes(dresolved);
4078
4079 /* Optionally, there's also a short option string specified */
4080 if (p && p[-1] == ':') {
4081 _cleanup_free_ char *options = NULL;
4082
4083 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4084 if (r == -ENOMEM)
4085 return log_oom();
4086 if (r < 0) {
4087 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4088 return 0;
4089 }
4090
4091 if (isempty(options) || streq(options, "rbind"))
4092 rbind = true;
4093 else if (streq(options, "norbind"))
4094 rbind = false;
4095 else {
4096 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4097 return 0;
4098 }
4099 }
4100 } else
4101 d = s;
4102
4103 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4104 &(BindMount) {
4105 .source = s,
4106 .destination = d,
4107 .read_only = !!strstr(lvalue, "ReadOnly"),
4108 .recursive = rbind,
4109 .ignore_enoent = ignore_enoent,
4110 });
4111 if (r < 0)
4112 return log_oom();
4113 }
4114
4115 return 0;
4116 }
4117
4118 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home_or_bool, ProtectHome, "Failed to parse protect home value");
4119 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system_or_bool, ProtectSystem, "Failed to parse protect system value");
4120 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
4121
4122 int config_parse_job_timeout_sec(
4123 const char* unit,
4124 const char *filename,
4125 unsigned line,
4126 const char *section,
4127 unsigned section_line,
4128 const char *lvalue,
4129 int ltype,
4130 const char *rvalue,
4131 void *data,
4132 void *userdata) {
4133
4134 Unit *u = data;
4135 usec_t usec;
4136 int r;
4137
4138 assert(filename);
4139 assert(lvalue);
4140 assert(rvalue);
4141 assert(u);
4142
4143 r = parse_sec_fix_0(rvalue, &usec);
4144 if (r < 0) {
4145 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4146 return 0;
4147 }
4148
4149 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4150 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4151 * count. */
4152
4153 if (!u->job_running_timeout_set)
4154 u->job_running_timeout = usec;
4155
4156 u->job_timeout = usec;
4157
4158 return 0;
4159 }
4160
4161 int config_parse_job_running_timeout_sec(
4162 const char* unit,
4163 const char *filename,
4164 unsigned line,
4165 const char *section,
4166 unsigned section_line,
4167 const char *lvalue,
4168 int ltype,
4169 const char *rvalue,
4170 void *data,
4171 void *userdata) {
4172
4173 Unit *u = data;
4174 usec_t usec;
4175 int r;
4176
4177 assert(filename);
4178 assert(lvalue);
4179 assert(rvalue);
4180 assert(u);
4181
4182 r = parse_sec_fix_0(rvalue, &usec);
4183 if (r < 0) {
4184 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4185 return 0;
4186 }
4187
4188 u->job_running_timeout = usec;
4189 u->job_running_timeout_set = true;
4190
4191 return 0;
4192 }
4193
4194 #define FOLLOW_MAX 8
4195
4196 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4197 char *id = NULL;
4198 unsigned c = 0;
4199 int fd, r;
4200 FILE *f;
4201
4202 assert(filename);
4203 assert(*filename);
4204 assert(_f);
4205 assert(names);
4206
4207 /* This will update the filename pointer if the loaded file is
4208 * reached by a symlink. The old string will be freed. */
4209
4210 for (;;) {
4211 char *target, *name;
4212
4213 if (c++ >= FOLLOW_MAX)
4214 return -ELOOP;
4215
4216 path_kill_slashes(*filename);
4217
4218 /* Add the file name we are currently looking at to
4219 * the names of this unit, but only if it is a valid
4220 * unit name. */
4221 name = basename(*filename);
4222 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4223
4224 id = set_get(names, name);
4225 if (!id) {
4226 id = strdup(name);
4227 if (!id)
4228 return -ENOMEM;
4229
4230 r = set_consume(names, id);
4231 if (r < 0)
4232 return r;
4233 }
4234 }
4235
4236 /* Try to open the file name, but don't if its a symlink */
4237 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4238 if (fd >= 0)
4239 break;
4240
4241 if (errno != ELOOP)
4242 return -errno;
4243
4244 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4245 r = readlink_and_make_absolute(*filename, &target);
4246 if (r < 0)
4247 return r;
4248
4249 free(*filename);
4250 *filename = target;
4251 }
4252
4253 f = fdopen(fd, "re");
4254 if (!f) {
4255 safe_close(fd);
4256 return -errno;
4257 }
4258
4259 *_f = f;
4260 *_final = id;
4261
4262 return 0;
4263 }
4264
4265 static int merge_by_names(Unit **u, Set *names, const char *id) {
4266 char *k;
4267 int r;
4268
4269 assert(u);
4270 assert(*u);
4271 assert(names);
4272
4273 /* Let's try to add in all symlink names we found */
4274 while ((k = set_steal_first(names))) {
4275
4276 /* First try to merge in the other name into our
4277 * unit */
4278 r = unit_merge_by_name(*u, k);
4279 if (r < 0) {
4280 Unit *other;
4281
4282 /* Hmm, we couldn't merge the other unit into
4283 * ours? Then let's try it the other way
4284 * round */
4285
4286 /* If the symlink name we are looking at is unit template, then
4287 we must search for instance of this template */
4288 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4289 _cleanup_free_ char *instance = NULL;
4290
4291 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4292 if (r < 0)
4293 return r;
4294
4295 other = manager_get_unit((*u)->manager, instance);
4296 } else
4297 other = manager_get_unit((*u)->manager, k);
4298
4299 free(k);
4300
4301 if (other) {
4302 r = unit_merge(other, *u);
4303 if (r >= 0) {
4304 *u = other;
4305 return merge_by_names(u, names, NULL);
4306 }
4307 }
4308
4309 return r;
4310 }
4311
4312 if (id == k)
4313 unit_choose_id(*u, id);
4314
4315 free(k);
4316 }
4317
4318 return 0;
4319 }
4320
4321 static int load_from_path(Unit *u, const char *path) {
4322 _cleanup_set_free_free_ Set *symlink_names = NULL;
4323 _cleanup_fclose_ FILE *f = NULL;
4324 _cleanup_free_ char *filename = NULL;
4325 char *id = NULL;
4326 Unit *merged;
4327 struct stat st;
4328 int r;
4329
4330 assert(u);
4331 assert(path);
4332
4333 symlink_names = set_new(&string_hash_ops);
4334 if (!symlink_names)
4335 return -ENOMEM;
4336
4337 if (path_is_absolute(path)) {
4338
4339 filename = strdup(path);
4340 if (!filename)
4341 return -ENOMEM;
4342
4343 r = open_follow(&filename, &f, symlink_names, &id);
4344 if (r < 0) {
4345 filename = mfree(filename);
4346 if (r != -ENOENT)
4347 return r;
4348 }
4349
4350 } else {
4351 char **p;
4352
4353 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4354
4355 /* Instead of opening the path right away, we manually
4356 * follow all symlinks and add their name to our unit
4357 * name set while doing so */
4358 filename = path_make_absolute(path, *p);
4359 if (!filename)
4360 return -ENOMEM;
4361
4362 if (u->manager->unit_path_cache &&
4363 !set_get(u->manager->unit_path_cache, filename))
4364 r = -ENOENT;
4365 else
4366 r = open_follow(&filename, &f, symlink_names, &id);
4367 if (r >= 0)
4368 break;
4369 filename = mfree(filename);
4370
4371 /* ENOENT means that the file is missing or is a dangling symlink.
4372 * ENOTDIR means that one of paths we expect to be is a directory
4373 * is not a directory, we should just ignore that.
4374 * EACCES means that the directory or file permissions are wrong.
4375 */
4376 if (r == -EACCES)
4377 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4378 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4379 return r;
4380
4381 /* Empty the symlink names for the next run */
4382 set_clear_free(symlink_names);
4383 }
4384 }
4385
4386 if (!filename)
4387 /* Hmm, no suitable file found? */
4388 return 0;
4389
4390 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4391 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4392 return -ELOOP;
4393 }
4394
4395 merged = u;
4396 r = merge_by_names(&merged, symlink_names, id);
4397 if (r < 0)
4398 return r;
4399
4400 if (merged != u) {
4401 u->load_state = UNIT_MERGED;
4402 return 0;
4403 }
4404
4405 if (fstat(fileno(f), &st) < 0)
4406 return -errno;
4407
4408 if (null_or_empty(&st)) {
4409 u->load_state = UNIT_MASKED;
4410 u->fragment_mtime = 0;
4411 } else {
4412 u->load_state = UNIT_LOADED;
4413 u->fragment_mtime = timespec_load(&st.st_mtim);
4414
4415 /* Now, parse the file contents */
4416 r = config_parse(u->id, filename, f,
4417 UNIT_VTABLE(u)->sections,
4418 config_item_perf_lookup, load_fragment_gperf_lookup,
4419 CONFIG_PARSE_ALLOW_INCLUDE, u);
4420 if (r < 0)
4421 return r;
4422 }
4423
4424 free_and_replace(u->fragment_path, filename);
4425
4426 if (u->source_path) {
4427 if (stat(u->source_path, &st) >= 0)
4428 u->source_mtime = timespec_load(&st.st_mtim);
4429 else
4430 u->source_mtime = 0;
4431 }
4432
4433 return 0;
4434 }
4435
4436 int unit_load_fragment(Unit *u) {
4437 int r;
4438 Iterator i;
4439 const char *t;
4440
4441 assert(u);
4442 assert(u->load_state == UNIT_STUB);
4443 assert(u->id);
4444
4445 if (u->transient) {
4446 u->load_state = UNIT_LOADED;
4447 return 0;
4448 }
4449
4450 /* First, try to find the unit under its id. We always look
4451 * for unit files in the default directories, to make it easy
4452 * to override things by placing things in /etc/systemd/system */
4453 r = load_from_path(u, u->id);
4454 if (r < 0)
4455 return r;
4456
4457 /* Try to find an alias we can load this with */
4458 if (u->load_state == UNIT_STUB) {
4459 SET_FOREACH(t, u->names, i) {
4460
4461 if (t == u->id)
4462 continue;
4463
4464 r = load_from_path(u, t);
4465 if (r < 0)
4466 return r;
4467
4468 if (u->load_state != UNIT_STUB)
4469 break;
4470 }
4471 }
4472
4473 /* And now, try looking for it under the suggested (originally linked) path */
4474 if (u->load_state == UNIT_STUB && u->fragment_path) {
4475
4476 r = load_from_path(u, u->fragment_path);
4477 if (r < 0)
4478 return r;
4479
4480 if (u->load_state == UNIT_STUB)
4481 /* Hmm, this didn't work? Then let's get rid
4482 * of the fragment path stored for us, so that
4483 * we don't point to an invalid location. */
4484 u->fragment_path = mfree(u->fragment_path);
4485 }
4486
4487 /* Look for a template */
4488 if (u->load_state == UNIT_STUB && u->instance) {
4489 _cleanup_free_ char *k = NULL;
4490
4491 r = unit_name_template(u->id, &k);
4492 if (r < 0)
4493 return r;
4494
4495 r = load_from_path(u, k);
4496 if (r < 0) {
4497 if (r == -ENOEXEC)
4498 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4499 return r;
4500 }
4501
4502 if (u->load_state == UNIT_STUB) {
4503 SET_FOREACH(t, u->names, i) {
4504 _cleanup_free_ char *z = NULL;
4505
4506 if (t == u->id)
4507 continue;
4508
4509 r = unit_name_template(t, &z);
4510 if (r < 0)
4511 return r;
4512
4513 r = load_from_path(u, z);
4514 if (r < 0)
4515 return r;
4516
4517 if (u->load_state != UNIT_STUB)
4518 break;
4519 }
4520 }
4521 }
4522
4523 return 0;
4524 }
4525
4526 void unit_dump_config_items(FILE *f) {
4527 static const struct {
4528 const ConfigParserCallback callback;
4529 const char *rvalue;
4530 } table[] = {
4531 { config_parse_warn_compat, "NOTSUPPORTED" },
4532 { config_parse_int, "INTEGER" },
4533 { config_parse_unsigned, "UNSIGNED" },
4534 { config_parse_iec_size, "SIZE" },
4535 { config_parse_iec_uint64, "SIZE" },
4536 { config_parse_si_size, "SIZE" },
4537 { config_parse_bool, "BOOLEAN" },
4538 { config_parse_string, "STRING" },
4539 { config_parse_path, "PATH" },
4540 { config_parse_unit_path_printf, "PATH" },
4541 { config_parse_strv, "STRING [...]" },
4542 { config_parse_exec_nice, "NICE" },
4543 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4544 { config_parse_exec_io_class, "IOCLASS" },
4545 { config_parse_exec_io_priority, "IOPRIORITY" },
4546 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4547 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4548 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4549 { config_parse_mode, "MODE" },
4550 { config_parse_unit_env_file, "FILE" },
4551 { config_parse_exec_output, "OUTPUT" },
4552 { config_parse_exec_input, "INPUT" },
4553 { config_parse_log_facility, "FACILITY" },
4554 { config_parse_log_level, "LEVEL" },
4555 { config_parse_exec_secure_bits, "SECUREBITS" },
4556 { config_parse_capability_set, "BOUNDINGSET" },
4557 { config_parse_rlimit, "LIMIT" },
4558 { config_parse_unit_deps, "UNIT [...]" },
4559 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4560 { config_parse_service_type, "SERVICETYPE" },
4561 { config_parse_service_restart, "SERVICERESTART" },
4562 { config_parse_kill_mode, "KILLMODE" },
4563 { config_parse_signal, "SIGNAL" },
4564 { config_parse_socket_listen, "SOCKET [...]" },
4565 { config_parse_socket_bind, "SOCKETBIND" },
4566 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4567 { config_parse_sec, "SECONDS" },
4568 { config_parse_nsec, "NANOSECONDS" },
4569 { config_parse_namespace_path_strv, "PATH [...]" },
4570 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4571 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4572 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4573 { config_parse_unit_string_printf, "STRING" },
4574 { config_parse_trigger_unit, "UNIT" },
4575 { config_parse_timer, "TIMER" },
4576 { config_parse_path_spec, "PATH" },
4577 { config_parse_notify_access, "ACCESS" },
4578 { config_parse_ip_tos, "TOS" },
4579 { config_parse_unit_condition_path, "CONDITION" },
4580 { config_parse_unit_condition_string, "CONDITION" },
4581 { config_parse_unit_condition_null, "CONDITION" },
4582 { config_parse_unit_slice, "SLICE" },
4583 { config_parse_documentation, "URL" },
4584 { config_parse_service_timeout, "SECONDS" },
4585 { config_parse_emergency_action, "ACTION" },
4586 { config_parse_set_status, "STATUS" },
4587 { config_parse_service_sockets, "SOCKETS" },
4588 { config_parse_environ, "ENVIRON" },
4589 #if HAVE_SECCOMP
4590 { config_parse_syscall_filter, "SYSCALLS" },
4591 { config_parse_syscall_archs, "ARCHS" },
4592 { config_parse_syscall_errno, "ERRNO" },
4593 { config_parse_address_families, "FAMILIES" },
4594 { config_parse_restrict_namespaces, "NAMESPACES" },
4595 #endif
4596 { config_parse_cpu_shares, "SHARES" },
4597 { config_parse_cg_weight, "WEIGHT" },
4598 { config_parse_memory_limit, "LIMIT" },
4599 { config_parse_device_allow, "DEVICE" },
4600 { config_parse_device_policy, "POLICY" },
4601 { config_parse_io_limit, "LIMIT" },
4602 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4603 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4604 { config_parse_blockio_weight, "WEIGHT" },
4605 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4606 { config_parse_long, "LONG" },
4607 { config_parse_socket_service, "SERVICE" },
4608 #if HAVE_SELINUX
4609 { config_parse_exec_selinux_context, "LABEL" },
4610 #endif
4611 { config_parse_job_mode, "MODE" },
4612 { config_parse_job_mode_isolate, "BOOLEAN" },
4613 { config_parse_personality, "PERSONALITY" },
4614 };
4615
4616 const char *prev = NULL;
4617 const char *i;
4618
4619 assert(f);
4620
4621 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4622 const char *rvalue = "OTHER", *lvalue;
4623 const ConfigPerfItem *p;
4624 size_t prefix_len;
4625 const char *dot;
4626 unsigned j;
4627
4628 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4629
4630 /* Hide legacy settings */
4631 if (p->parse == config_parse_warn_compat &&
4632 p->ltype == DISABLED_LEGACY)
4633 continue;
4634
4635 for (j = 0; j < ELEMENTSOF(table); j++)
4636 if (p->parse == table[j].callback) {
4637 rvalue = table[j].rvalue;
4638 break;
4639 }
4640
4641 dot = strchr(i, '.');
4642 lvalue = dot ? dot + 1 : i;
4643 prefix_len = dot-i;
4644
4645 if (dot)
4646 if (!prev || !strneq(prev, i, prefix_len+1)) {
4647 if (prev)
4648 fputc('\n', f);
4649
4650 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4651 }
4652
4653 fprintf(f, "%s=%s\n", lvalue, rvalue);
4654 prev = i;
4655 }
4656 }
Unnamed repository; edit this file 'description' to name the repository.