]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/load-fragment.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
path-util: introduce path_simplify()
[thirdparty/systemd.git] / src / core / load-fragment.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 Copyright 2012 Holger Hans Peter Freyther
7 ***/
8
9 #include <errno.h>
10 #include <fcntl.h>
11 #include <linux/fs.h>
12 #include <linux/oom.h>
13 #if HAVE_SECCOMP
14 #include <seccomp.h>
15 #endif
16 #include <sched.h>
17 #include <string.h>
18 #include <sys/resource.h>
19 #include <sys/stat.h>
20
21 #include "af-list.h"
22 #include "alloc-util.h"
23 #include "all-units.h"
24 #include "bus-error.h"
25 #include "bus-internal.h"
26 #include "bus-util.h"
27 #include "cap-list.h"
28 #include "capability-util.h"
29 #include "cgroup.h"
30 #include "conf-parser.h"
31 #include "cpu-set-util.h"
32 #include "env-util.h"
33 #include "errno-list.h"
34 #include "escape.h"
35 #include "fd-util.h"
36 #include "fs-util.h"
37 #include "hexdecoct.h"
38 #include "io-util.h"
39 #include "ioprio.h"
40 #include "journal-util.h"
41 #include "load-fragment.h"
42 #include "log.h"
43 #include "missing.h"
44 #include "mount-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #if HAVE_SECCOMP
49 #include "seccomp-util.h"
50 #endif
51 #include "securebits.h"
52 #include "securebits-util.h"
53 #include "signal-util.h"
54 #include "socket-protocol-list.h"
55 #include "stat-util.h"
56 #include "string-util.h"
57 #include "strv.h"
58 #include "unit-name.h"
59 #include "unit-printf.h"
60 #include "user-util.h"
61 #include "utf8.h"
62 #include "web-util.h"
63
64 static int supported_socket_protocol_from_string(const char *s) {
65 int r;
66
67 if (isempty(s))
68 return IPPROTO_IP;
69
70 r = socket_protocol_from_name(s);
71 if (r < 0)
72 return -EINVAL;
73 if (!IN_SET(r, IPPROTO_UDPLITE, IPPROTO_SCTP))
74 return -EPROTONOSUPPORT;
75
76 return r;
77 }
78
79 DEFINE_CONFIG_PARSE(config_parse_socket_protocol, supported_socket_protocol_from_string, "Failed to parse socket protocol");
80 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits, secure_bits_from_string, "Failed to parse secure bits");
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode, collect_mode, CollectMode, "Failed to parse garbage collection mode");
82 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
83 DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
84 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode, exec_keyring_mode, ExecKeyringMode, "Failed to parse keyring mode");
85 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
86 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
87 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
88 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
89 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home, protect_home_or_bool, ProtectHome, "Failed to parse protect home value");
90 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system, protect_system_or_bool, ProtectSystem, "Failed to parse protect system value");
91 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode, exec_preserve_mode, ExecPreserveMode, "Failed to parse runtime directory preserve mode");
92 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
93 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
94 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind, socket_address_bind_ipv6_only_or_bool, SocketAddressBindIPv6Only, "Failed to parse bind IPv6 only value");
95 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos, ip_tos, int, -1, "Failed to parse IP TOS value");
96 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight, cg_blkio_weight_parse, uint64_t, "Invalid block IO weight");
97 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight, cg_weight_parse, uint64_t, "Invalid weight");
98 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares, cg_cpu_shares_parse, uint64_t, "Invalid CPU shares");
99 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags, mount_propagation_flags_from_string, unsigned long, "Failed to parse mount flag");
100
101 int config_parse_unit_deps(
102 const char *unit,
103 const char *filename,
104 unsigned line,
105 const char *section,
106 unsigned section_line,
107 const char *lvalue,
108 int ltype,
109 const char *rvalue,
110 void *data,
111 void *userdata) {
112
113 UnitDependency d = ltype;
114 Unit *u = userdata;
115 const char *p;
116
117 assert(filename);
118 assert(lvalue);
119 assert(rvalue);
120
121 p = rvalue;
122 for (;;) {
123 _cleanup_free_ char *word = NULL, *k = NULL;
124 int r;
125
126 r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
127 if (r == 0)
128 break;
129 if (r == -ENOMEM)
130 return log_oom();
131 if (r < 0) {
132 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
133 break;
134 }
135
136 r = unit_name_printf(u, word, &k);
137 if (r < 0) {
138 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
139 continue;
140 }
141
142 r = unit_add_dependency_by_name(u, d, k, NULL, true, UNIT_DEPENDENCY_FILE);
143 if (r < 0)
144 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
145 }
146
147 return 0;
148 }
149
150 int config_parse_obsolete_unit_deps(
151 const char *unit,
152 const char *filename,
153 unsigned line,
154 const char *section,
155 unsigned section_line,
156 const char *lvalue,
157 int ltype,
158 const char *rvalue,
159 void *data,
160 void *userdata) {
161
162 log_syntax(unit, LOG_WARNING, filename, line, 0,
163 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
164
165 return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
166 }
167
168 int config_parse_unit_string_printf(
169 const char *unit,
170 const char *filename,
171 unsigned line,
172 const char *section,
173 unsigned section_line,
174 const char *lvalue,
175 int ltype,
176 const char *rvalue,
177 void *data,
178 void *userdata) {
179
180 _cleanup_free_ char *k = NULL;
181 Unit *u = userdata;
182 int r;
183
184 assert(filename);
185 assert(lvalue);
186 assert(rvalue);
187 assert(u);
188
189 r = unit_full_printf(u, rvalue, &k);
190 if (r < 0) {
191 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
192 return 0;
193 }
194
195 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
196 }
197
198 int config_parse_unit_strv_printf(
199 const char *unit,
200 const char *filename,
201 unsigned line,
202 const char *section,
203 unsigned section_line,
204 const char *lvalue,
205 int ltype,
206 const char *rvalue,
207 void *data,
208 void *userdata) {
209
210 Unit *u = userdata;
211 _cleanup_free_ char *k = NULL;
212 int r;
213
214 assert(filename);
215 assert(lvalue);
216 assert(rvalue);
217 assert(u);
218
219 r = unit_full_printf(u, rvalue, &k);
220 if (r < 0) {
221 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
222 return 0;
223 }
224
225 return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
226 }
227
228 int config_parse_unit_path_printf(
229 const char *unit,
230 const char *filename,
231 unsigned line,
232 const char *section,
233 unsigned section_line,
234 const char *lvalue,
235 int ltype,
236 const char *rvalue,
237 void *data,
238 void *userdata) {
239
240 _cleanup_free_ char *k = NULL;
241 Unit *u = userdata;
242 int r;
243 bool fatal = ltype;
244
245 assert(filename);
246 assert(lvalue);
247 assert(rvalue);
248 assert(u);
249
250 /* Let's not bother with anything that is too long */
251 if (strlen(rvalue) >= PATH_MAX) {
252 log_syntax(unit, LOG_ERR, filename, line, 0,
253 "%s value too long%s.",
254 lvalue, fatal ? "" : ", ignoring");
255 return fatal ? -ENAMETOOLONG : 0;
256 }
257
258 r = unit_full_printf(u, rvalue, &k);
259 if (r < 0) {
260 log_syntax(unit, LOG_ERR, filename, line, r,
261 "Failed to resolve unit specifiers in '%s'%s: %m",
262 rvalue, fatal ? "" : ", ignoring");
263 return fatal ? -ENOEXEC : 0;
264 }
265
266 return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
267 }
268
269 int config_parse_unit_path_strv_printf(
270 const char *unit,
271 const char *filename,
272 unsigned line,
273 const char *section,
274 unsigned section_line,
275 const char *lvalue,
276 int ltype,
277 const char *rvalue,
278 void *data,
279 void *userdata) {
280
281 char ***x = data;
282 Unit *u = userdata;
283 int r;
284 const char *p;
285
286 assert(filename);
287 assert(lvalue);
288 assert(rvalue);
289 assert(u);
290
291 if (isempty(rvalue)) {
292 *x = strv_free(*x);
293 return 0;
294 }
295
296 for (p = rvalue;;) {
297 _cleanup_free_ char *word = NULL, *k = NULL;
298
299 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
300 if (r == 0)
301 return 0;
302 if (r == -ENOMEM)
303 return log_oom();
304 if (r < 0) {
305 log_syntax(unit, LOG_WARNING, filename, line, r,
306 "Invalid syntax, ignoring: %s", rvalue);
307 return 0;
308 }
309
310 r = unit_full_printf(u, word, &k);
311 if (r < 0) {
312 log_syntax(unit, LOG_ERR, filename, line, r,
313 "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
314 return 0;
315 }
316
317 if (!utf8_is_valid(k)) {
318 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
319 return 0;
320 }
321
322 if (!path_is_absolute(k)) {
323 log_syntax(unit, LOG_ERR, filename, line, 0,
324 "Symlink path is not absolute: %s", k);
325 return 0;
326 }
327
328 path_simplify(k, false);
329
330 r = strv_push(x, k);
331 if (r < 0)
332 return log_oom();
333 k = NULL;
334 }
335 }
336
337 int config_parse_socket_listen(const char *unit,
338 const char *filename,
339 unsigned line,
340 const char *section,
341 unsigned section_line,
342 const char *lvalue,
343 int ltype,
344 const char *rvalue,
345 void *data,
346 void *userdata) {
347
348 _cleanup_free_ SocketPort *p = NULL;
349 SocketPort *tail;
350 Socket *s;
351 int r;
352
353 assert(filename);
354 assert(lvalue);
355 assert(rvalue);
356 assert(data);
357
358 s = SOCKET(data);
359
360 if (isempty(rvalue)) {
361 /* An empty assignment removes all ports */
362 socket_free_ports(s);
363 return 0;
364 }
365
366 p = new0(SocketPort, 1);
367 if (!p)
368 return log_oom();
369
370 if (ltype != SOCKET_SOCKET) {
371
372 p->type = ltype;
373 r = unit_full_printf(UNIT(s), rvalue, &p->path);
374 if (r < 0) {
375 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
376 return 0;
377 }
378
379 path_simplify(p->path, false);
380
381 } else if (streq(lvalue, "ListenNetlink")) {
382 _cleanup_free_ char *k = NULL;
383
384 p->type = SOCKET_SOCKET;
385 r = unit_full_printf(UNIT(s), rvalue, &k);
386 if (r < 0) {
387 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
388 return 0;
389 }
390
391 r = socket_address_parse_netlink(&p->address, k);
392 if (r < 0) {
393 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
394 return 0;
395 }
396
397 } else {
398 _cleanup_free_ char *k = NULL;
399
400 p->type = SOCKET_SOCKET;
401 r = unit_full_printf(UNIT(s), rvalue, &k);
402 if (r < 0) {
403 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
404 return 0;
405 }
406
407 r = socket_address_parse_and_warn(&p->address, k);
408 if (r < 0) {
409 if (r != -EAFNOSUPPORT)
410 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value in '%s', ignoring: %m", k);
411 return 0;
412 }
413
414 if (streq(lvalue, "ListenStream"))
415 p->address.type = SOCK_STREAM;
416 else if (streq(lvalue, "ListenDatagram"))
417 p->address.type = SOCK_DGRAM;
418 else {
419 assert(streq(lvalue, "ListenSequentialPacket"));
420 p->address.type = SOCK_SEQPACKET;
421 }
422
423 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
424 log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
425 return 0;
426 }
427 }
428
429 p->fd = -1;
430 p->auxiliary_fds = NULL;
431 p->n_auxiliary_fds = 0;
432 p->socket = s;
433
434 LIST_FIND_TAIL(port, s->ports, tail);
435 LIST_INSERT_AFTER(port, s->ports, tail, p);
436
437 p = NULL;
438
439 return 0;
440 }
441
442 int config_parse_exec_nice(
443 const char *unit,
444 const char *filename,
445 unsigned line,
446 const char *section,
447 unsigned section_line,
448 const char *lvalue,
449 int ltype,
450 const char *rvalue,
451 void *data,
452 void *userdata) {
453
454 ExecContext *c = data;
455 int priority, r;
456
457 assert(filename);
458 assert(lvalue);
459 assert(rvalue);
460 assert(data);
461
462 if (isempty(rvalue)) {
463 c->nice_set = false;
464 return 0;
465 }
466
467 r = parse_nice(rvalue, &priority);
468 if (r < 0) {
469 if (r == -ERANGE)
470 log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
471 else
472 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority '%s', ignoring: %m", rvalue);
473 return 0;
474 }
475
476 c->nice = priority;
477 c->nice_set = true;
478
479 return 0;
480 }
481
482 int config_parse_exec_oom_score_adjust(
483 const char* unit,
484 const char *filename,
485 unsigned line,
486 const char *section,
487 unsigned section_line,
488 const char *lvalue,
489 int ltype,
490 const char *rvalue,
491 void *data,
492 void *userdata) {
493
494 ExecContext *c = data;
495 int oa, r;
496
497 assert(filename);
498 assert(lvalue);
499 assert(rvalue);
500 assert(data);
501
502 if (isempty(rvalue)) {
503 c->oom_score_adjust_set = false;
504 return 0;
505 }
506
507 r = parse_oom_score_adjust(rvalue, &oa);
508 if (r < 0) {
509 if (r == -ERANGE)
510 log_syntax(unit, LOG_ERR, filename, line, r, "OOM score adjust value out of range, ignoring: %s", rvalue);
511 else
512 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue);
513 return 0;
514 }
515
516 c->oom_score_adjust = oa;
517 c->oom_score_adjust_set = true;
518
519 return 0;
520 }
521
522 int config_parse_exec(
523 const char *unit,
524 const char *filename,
525 unsigned line,
526 const char *section,
527 unsigned section_line,
528 const char *lvalue,
529 int ltype,
530 const char *rvalue,
531 void *data,
532 void *userdata) {
533
534 ExecCommand **e = data;
535 Unit *u = userdata;
536 const char *p;
537 bool semicolon;
538 int r;
539
540 assert(filename);
541 assert(lvalue);
542 assert(rvalue);
543 assert(e);
544
545 e += ltype;
546 rvalue += strspn(rvalue, WHITESPACE);
547
548 if (isempty(rvalue)) {
549 /* An empty assignment resets the list */
550 *e = exec_command_free_list(*e);
551 return 0;
552 }
553
554 p = rvalue;
555 do {
556 _cleanup_free_ char *path = NULL, *firstword = NULL;
557 ExecCommandFlags flags = 0;
558 bool ignore = false, separate_argv0 = false;
559 _cleanup_free_ ExecCommand *nce = NULL;
560 _cleanup_strv_free_ char **n = NULL;
561 size_t nlen = 0, nbufsize = 0;
562 const char *f;
563
564 semicolon = false;
565
566 r = extract_first_word_and_warn(&p, &firstword, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
567 if (r <= 0)
568 return 0;
569
570 f = firstword;
571 for (;;) {
572 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
573 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
574 * argv[0]; if it's prefixed with +, it will be run with full privileges and no sandboxing; if
575 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
576 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
577 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
578 * other sandboxing, with some special exceptions for changing UID.
579 *
580 * The idea is that '!!' may be used to write services that can take benefit of systemd's
581 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
582 * privilege dropping within the daemon if the kernel does not offer that. */
583
584 if (*f == '-' && !(flags & EXEC_COMMAND_IGNORE_FAILURE)) {
585 flags |= EXEC_COMMAND_IGNORE_FAILURE;
586 ignore = true;
587 } else if (*f == '@' && !separate_argv0)
588 separate_argv0 = true;
589 else if (*f == '+' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
590 flags |= EXEC_COMMAND_FULLY_PRIVILEGED;
591 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_NO_SETUID|EXEC_COMMAND_AMBIENT_MAGIC)))
592 flags |= EXEC_COMMAND_NO_SETUID;
593 else if (*f == '!' && !(flags & (EXEC_COMMAND_FULLY_PRIVILEGED|EXEC_COMMAND_AMBIENT_MAGIC))) {
594 flags &= ~EXEC_COMMAND_NO_SETUID;
595 flags |= EXEC_COMMAND_AMBIENT_MAGIC;
596 } else
597 break;
598 f++;
599 }
600
601 r = unit_full_printf(u, f, &path);
602 if (r < 0) {
603 log_syntax(unit, LOG_ERR, filename, line, r,
604 "Failed to resolve unit specifiers in '%s'%s: %m",
605 f, ignore ? ", ignoring" : "");
606 return ignore ? 0 : -ENOEXEC;
607 }
608
609 if (isempty(path)) {
610 /* First word is either "-" or "@" with no command. */
611 log_syntax(unit, LOG_ERR, filename, line, 0,
612 "Empty path in command line%s: '%s'",
613 ignore ? ", ignoring" : "", rvalue);
614 return ignore ? 0 : -ENOEXEC;
615 }
616 if (!string_is_safe(path)) {
617 log_syntax(unit, LOG_ERR, filename, line, 0,
618 "Executable name contains special characters%s: %s",
619 ignore ? ", ignoring" : "", path);
620 return ignore ? 0 : -ENOEXEC;
621 }
622 if (endswith(path, "/")) {
623 log_syntax(unit, LOG_ERR, filename, line, 0,
624 "Executable path specifies a directory%s: %s",
625 ignore ? ", ignoring" : "", path);
626 return ignore ? 0 : -ENOEXEC;
627 }
628
629 if (!path_is_absolute(path)) {
630 const char *prefix;
631 bool found = false;
632
633 if (!filename_is_valid(path)) {
634 log_syntax(unit, LOG_ERR, filename, line, 0,
635 "Neither a valid executable name nor an absolute path%s: %s",
636 ignore ? ", ignoring" : "", path);
637 return ignore ? 0 : -ENOEXEC;
638 }
639
640 /* Resolve a single-component name to a full path */
641 NULSTR_FOREACH(prefix, DEFAULT_PATH_NULSTR) {
642 _cleanup_free_ char *fullpath = NULL;
643
644 fullpath = strjoin(prefix, "/", path);
645 if (!fullpath)
646 return log_oom();
647
648 if (access(fullpath, F_OK) >= 0) {
649 free_and_replace(path, fullpath);
650 found = true;
651 break;
652 }
653 }
654
655 if (!found) {
656 log_syntax(unit, LOG_ERR, filename, line, 0,
657 "Executable \"%s\" not found in path \"%s\"%s",
658 path, DEFAULT_PATH, ignore ? ", ignoring" : "");
659 return ignore ? 0 : -ENOEXEC;
660 }
661 }
662
663 if (!separate_argv0) {
664 char *w = NULL;
665
666 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
667 return log_oom();
668
669 w = strdup(path);
670 if (!w)
671 return log_oom();
672 n[nlen++] = w;
673 n[nlen] = NULL;
674 }
675
676 path_simplify(path, false);
677
678 while (!isempty(p)) {
679 _cleanup_free_ char *word = NULL, *resolved = NULL;
680
681 /* Check explicitly for an unquoted semicolon as
682 * command separator token. */
683 if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
684 p++;
685 p += strspn(p, WHITESPACE);
686 semicolon = true;
687 break;
688 }
689
690 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
691 * extract_first_word() would return the same for all of those. */
692 if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
693 char *w;
694
695 p += 2;
696 p += strspn(p, WHITESPACE);
697
698 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
699 return log_oom();
700
701 w = strdup(";");
702 if (!w)
703 return log_oom();
704 n[nlen++] = w;
705 n[nlen] = NULL;
706 continue;
707 }
708
709 r = extract_first_word_and_warn(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
710 if (r == 0)
711 break;
712 if (r < 0)
713 return ignore ? 0 : -ENOEXEC;
714
715 r = unit_full_printf(u, word, &resolved);
716 if (r < 0) {
717 log_syntax(unit, LOG_ERR, filename, line, r,
718 "Failed to resolve unit specifiers in %s%s: %m",
719 word, ignore ? ", ignoring" : "");
720 return ignore ? 0 : -ENOEXEC;
721 }
722
723 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
724 return log_oom();
725
726 n[nlen++] = TAKE_PTR(resolved);
727 n[nlen] = NULL;
728 }
729
730 if (!n || !n[0]) {
731 log_syntax(unit, LOG_ERR, filename, line, 0,
732 "Empty executable name or zeroeth argument%s: %s",
733 ignore ? ", ignoring" : "", rvalue);
734 return ignore ? 0 : -ENOEXEC;
735 }
736
737 nce = new0(ExecCommand, 1);
738 if (!nce)
739 return log_oom();
740
741 nce->argv = TAKE_PTR(n);
742 nce->path = TAKE_PTR(path);
743 nce->flags = flags;
744
745 exec_command_append_list(e, nce);
746
747 /* Do not _cleanup_free_ these. */
748 nce = NULL;
749
750 rvalue = p;
751 } while (semicolon);
752
753 return 0;
754 }
755
756 int config_parse_socket_bindtodevice(
757 const char* unit,
758 const char *filename,
759 unsigned line,
760 const char *section,
761 unsigned section_line,
762 const char *lvalue,
763 int ltype,
764 const char *rvalue,
765 void *data,
766 void *userdata) {
767
768 Socket *s = data;
769
770 assert(filename);
771 assert(lvalue);
772 assert(rvalue);
773 assert(data);
774
775 if (isempty(rvalue) || streq(rvalue, "*")) {
776 s->bind_to_device = mfree(s->bind_to_device);
777 return 0;
778 }
779
780 if (!ifname_valid(rvalue)) {
781 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid interface name, ignoring: %s", rvalue);
782 return 0;
783 }
784
785 if (free_and_strdup(&s->bind_to_device, rvalue) < 0)
786 return log_oom();
787
788 return 0;
789 }
790
791 int config_parse_exec_input(
792 const char *unit,
793 const char *filename,
794 unsigned line,
795 const char *section,
796 unsigned section_line,
797 const char *lvalue,
798 int ltype,
799 const char *rvalue,
800 void *data,
801 void *userdata) {
802
803 ExecContext *c = data;
804 Unit *u = userdata;
805 const char *n;
806 ExecInput ei;
807 int r;
808
809 assert(data);
810 assert(filename);
811 assert(line);
812 assert(rvalue);
813
814 n = startswith(rvalue, "fd:");
815 if (n) {
816 _cleanup_free_ char *resolved = NULL;
817
818 r = unit_full_printf(u, n, &resolved);
819 if (r < 0)
820 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
821
822 if (isempty(resolved))
823 resolved = mfree(resolved);
824 else if (!fdname_is_valid(resolved)) {
825 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
826 return -EINVAL;
827 }
828
829 free_and_replace(c->stdio_fdname[STDIN_FILENO], resolved);
830
831 ei = EXEC_INPUT_NAMED_FD;
832
833 } else if ((n = startswith(rvalue, "file:"))) {
834 _cleanup_free_ char *resolved = NULL;
835
836 r = unit_full_printf(u, n, &resolved);
837 if (r < 0)
838 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", n);
839
840 if (!path_is_absolute(resolved)) {
841 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
842 return -EINVAL;
843 }
844
845 if (!path_is_normalized(resolved)) {
846 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name: %s", resolved);
847 return -EINVAL;
848 }
849
850 free_and_replace(c->stdio_file[STDIN_FILENO], resolved);
851
852 ei = EXEC_INPUT_FILE;
853
854 } else {
855 ei = exec_input_from_string(rvalue);
856 if (ei < 0) {
857 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
858 return 0;
859 }
860 }
861
862 c->std_input = ei;
863 return 0;
864 }
865
866 int config_parse_exec_input_text(
867 const char *unit,
868 const char *filename,
869 unsigned line,
870 const char *section,
871 unsigned section_line,
872 const char *lvalue,
873 int ltype,
874 const char *rvalue,
875 void *data,
876 void *userdata) {
877
878 _cleanup_free_ char *unescaped = NULL, *resolved = NULL;
879 ExecContext *c = data;
880 Unit *u = userdata;
881 size_t sz;
882 void *p;
883 int r;
884
885 assert(data);
886 assert(filename);
887 assert(line);
888 assert(rvalue);
889
890 if (isempty(rvalue)) {
891 /* Reset if the empty string is assigned */
892 c->stdin_data = mfree(c->stdin_data);
893 c->stdin_data_size = 0;
894 return 0;
895 }
896
897 r = cunescape(rvalue, 0, &unescaped);
898 if (r < 0)
899 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode C escaped text '%s': %m", rvalue);
900
901 r = unit_full_printf(u, unescaped, &resolved);
902 if (r < 0)
903 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s': %m", unescaped);
904
905 sz = strlen(resolved);
906 if (c->stdin_data_size + sz + 1 < c->stdin_data_size || /* check for overflow */
907 c->stdin_data_size + sz + 1 > EXEC_STDIN_DATA_MAX) {
908 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
909 return -E2BIG;
910 }
911
912 p = realloc(c->stdin_data, c->stdin_data_size + sz + 1);
913 if (!p)
914 return log_oom();
915
916 *((char*) mempcpy((char*) p + c->stdin_data_size, resolved, sz)) = '\n';
917
918 c->stdin_data = p;
919 c->stdin_data_size += sz + 1;
920
921 return 0;
922 }
923
924 int config_parse_exec_input_data(
925 const char *unit,
926 const char *filename,
927 unsigned line,
928 const char *section,
929 unsigned section_line,
930 const char *lvalue,
931 int ltype,
932 const char *rvalue,
933 void *data,
934 void *userdata) {
935
936 _cleanup_free_ void *p = NULL;
937 ExecContext *c = data;
938 size_t sz;
939 void *q;
940 int r;
941
942 assert(data);
943 assert(filename);
944 assert(line);
945 assert(rvalue);
946
947 if (isempty(rvalue)) {
948 /* Reset if the empty string is assigned */
949 c->stdin_data = mfree(c->stdin_data);
950 c->stdin_data_size = 0;
951 return 0;
952 }
953
954 r = unbase64mem(rvalue, (size_t) -1, &p, &sz);
955 if (r < 0)
956 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to decode base64 data, ignoring: %s", rvalue);
957
958 assert(sz > 0);
959
960 if (c->stdin_data_size + sz < c->stdin_data_size || /* check for overflow */
961 c->stdin_data_size + sz > EXEC_STDIN_DATA_MAX) {
962 log_syntax(unit, LOG_ERR, filename, line, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c->stdin_data_size + sz, (size_t) EXEC_STDIN_DATA_MAX);
963 return -E2BIG;
964 }
965
966 q = realloc(c->stdin_data, c->stdin_data_size + sz);
967 if (!q)
968 return log_oom();
969
970 memcpy((uint8_t*) q + c->stdin_data_size, p, sz);
971
972 c->stdin_data = q;
973 c->stdin_data_size += sz;
974
975 return 0;
976 }
977
978 int config_parse_exec_output(
979 const char *unit,
980 const char *filename,
981 unsigned line,
982 const char *section,
983 unsigned section_line,
984 const char *lvalue,
985 int ltype,
986 const char *rvalue,
987 void *data,
988 void *userdata) {
989
990 _cleanup_free_ char *resolved = NULL;
991 const char *n;
992 ExecContext *c = data;
993 Unit *u = userdata;
994 ExecOutput eo;
995 int r;
996
997 assert(data);
998 assert(filename);
999 assert(line);
1000 assert(lvalue);
1001 assert(rvalue);
1002
1003 n = startswith(rvalue, "fd:");
1004 if (n) {
1005 r = unit_full_printf(u, n, &resolved);
1006 if (r < 0)
1007 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1008
1009 if (isempty(resolved))
1010 resolved = mfree(resolved);
1011 else if (!fdname_is_valid(resolved)) {
1012 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name: %s", resolved);
1013 return -EINVAL;
1014 }
1015
1016 eo = EXEC_OUTPUT_NAMED_FD;
1017
1018 } else if ((n = startswith(rvalue, "file:"))) {
1019
1020 r = unit_full_printf(u, n, &resolved);
1021 if (r < 0)
1022 return log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", n);
1023
1024 if (!path_is_absolute(resolved)) {
1025 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires an absolute path name: %s", resolved);
1026 return -EINVAL;
1027 }
1028
1029 if (!path_is_normalized(resolved)) {
1030 log_syntax(unit, LOG_ERR, filename, line, 0, "file: requires a normalized path name, ignoring: %s", resolved);
1031 return -EINVAL;
1032 }
1033
1034 eo = EXEC_OUTPUT_FILE;
1035
1036 } else {
1037 eo = exec_output_from_string(rvalue);
1038 if (eo < 0) {
1039 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
1040 return 0;
1041 }
1042 }
1043
1044 if (streq(lvalue, "StandardOutput")) {
1045 if (eo == EXEC_OUTPUT_NAMED_FD)
1046 free_and_replace(c->stdio_fdname[STDOUT_FILENO], resolved);
1047 else
1048 free_and_replace(c->stdio_file[STDOUT_FILENO], resolved);
1049
1050 c->std_output = eo;
1051
1052 } else {
1053 assert(streq(lvalue, "StandardError"));
1054
1055 if (eo == EXEC_OUTPUT_NAMED_FD)
1056 free_and_replace(c->stdio_fdname[STDERR_FILENO], resolved);
1057 else
1058 free_and_replace(c->stdio_file[STDERR_FILENO], resolved);
1059
1060 c->std_error = eo;
1061 }
1062
1063 return 0;
1064 }
1065
1066 int config_parse_exec_io_class(const char *unit,
1067 const char *filename,
1068 unsigned line,
1069 const char *section,
1070 unsigned section_line,
1071 const char *lvalue,
1072 int ltype,
1073 const char *rvalue,
1074 void *data,
1075 void *userdata) {
1076
1077 ExecContext *c = data;
1078 int x;
1079
1080 assert(filename);
1081 assert(lvalue);
1082 assert(rvalue);
1083 assert(data);
1084
1085 if (isempty(rvalue)) {
1086 c->ioprio_set = false;
1087 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1088 return 0;
1089 }
1090
1091 x = ioprio_class_from_string(rvalue);
1092 if (x < 0) {
1093 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
1094 return 0;
1095 }
1096
1097 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
1098 c->ioprio_set = true;
1099
1100 return 0;
1101 }
1102
1103 int config_parse_exec_io_priority(const char *unit,
1104 const char *filename,
1105 unsigned line,
1106 const char *section,
1107 unsigned section_line,
1108 const char *lvalue,
1109 int ltype,
1110 const char *rvalue,
1111 void *data,
1112 void *userdata) {
1113
1114 ExecContext *c = data;
1115 int i, r;
1116
1117 assert(filename);
1118 assert(lvalue);
1119 assert(rvalue);
1120 assert(data);
1121
1122 if (isempty(rvalue)) {
1123 c->ioprio_set = false;
1124 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
1125 return 0;
1126 }
1127
1128 r = ioprio_parse_priority(rvalue, &i);
1129 if (r < 0) {
1130 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
1131 return 0;
1132 }
1133
1134 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
1135 c->ioprio_set = true;
1136
1137 return 0;
1138 }
1139
1140 int config_parse_exec_cpu_sched_policy(const char *unit,
1141 const char *filename,
1142 unsigned line,
1143 const char *section,
1144 unsigned section_line,
1145 const char *lvalue,
1146 int ltype,
1147 const char *rvalue,
1148 void *data,
1149 void *userdata) {
1150
1151 ExecContext *c = data;
1152 int x;
1153
1154 assert(filename);
1155 assert(lvalue);
1156 assert(rvalue);
1157 assert(data);
1158
1159 if (isempty(rvalue)) {
1160 c->cpu_sched_set = false;
1161 c->cpu_sched_policy = SCHED_OTHER;
1162 c->cpu_sched_priority = 0;
1163 return 0;
1164 }
1165
1166 x = sched_policy_from_string(rvalue);
1167 if (x < 0) {
1168 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
1169 return 0;
1170 }
1171
1172 c->cpu_sched_policy = x;
1173 /* Moving to or from real-time policy? We need to adjust the priority */
1174 c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
1175 c->cpu_sched_set = true;
1176
1177 return 0;
1178 }
1179
1180 int config_parse_exec_cpu_sched_prio(const char *unit,
1181 const char *filename,
1182 unsigned line,
1183 const char *section,
1184 unsigned section_line,
1185 const char *lvalue,
1186 int ltype,
1187 const char *rvalue,
1188 void *data,
1189 void *userdata) {
1190
1191 ExecContext *c = data;
1192 int i, min, max, r;
1193
1194 assert(filename);
1195 assert(lvalue);
1196 assert(rvalue);
1197 assert(data);
1198
1199 r = safe_atoi(rvalue, &i);
1200 if (r < 0) {
1201 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue);
1202 return 0;
1203 }
1204
1205 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1206 min = sched_get_priority_min(c->cpu_sched_policy);
1207 max = sched_get_priority_max(c->cpu_sched_policy);
1208
1209 if (i < min || i > max) {
1210 log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
1211 return 0;
1212 }
1213
1214 c->cpu_sched_priority = i;
1215 c->cpu_sched_set = true;
1216
1217 return 0;
1218 }
1219
1220 int config_parse_exec_cpu_affinity(const char *unit,
1221 const char *filename,
1222 unsigned line,
1223 const char *section,
1224 unsigned section_line,
1225 const char *lvalue,
1226 int ltype,
1227 const char *rvalue,
1228 void *data,
1229 void *userdata) {
1230
1231 ExecContext *c = data;
1232 _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
1233 int ncpus;
1234
1235 assert(filename);
1236 assert(lvalue);
1237 assert(rvalue);
1238 assert(data);
1239
1240 ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
1241 if (ncpus < 0)
1242 return ncpus;
1243
1244 if (ncpus == 0) {
1245 /* An empty assignment resets the CPU list */
1246 c->cpuset = cpu_set_mfree(c->cpuset);
1247 c->cpuset_ncpus = 0;
1248 return 0;
1249 }
1250
1251 if (!c->cpuset) {
1252 c->cpuset = TAKE_PTR(cpuset);
1253 c->cpuset_ncpus = (unsigned) ncpus;
1254 return 0;
1255 }
1256
1257 if (c->cpuset_ncpus < (unsigned) ncpus) {
1258 CPU_OR_S(CPU_ALLOC_SIZE(c->cpuset_ncpus), cpuset, c->cpuset, cpuset);
1259 CPU_FREE(c->cpuset);
1260 c->cpuset = TAKE_PTR(cpuset);
1261 c->cpuset_ncpus = (unsigned) ncpus;
1262 return 0;
1263 }
1264
1265 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus), c->cpuset, c->cpuset, cpuset);
1266
1267 return 0;
1268 }
1269
1270 int config_parse_capability_set(
1271 const char *unit,
1272 const char *filename,
1273 unsigned line,
1274 const char *section,
1275 unsigned section_line,
1276 const char *lvalue,
1277 int ltype,
1278 const char *rvalue,
1279 void *data,
1280 void *userdata) {
1281
1282 uint64_t *capability_set = data;
1283 uint64_t sum = 0, initial = 0;
1284 bool invert = false;
1285 int r;
1286
1287 assert(filename);
1288 assert(lvalue);
1289 assert(rvalue);
1290 assert(data);
1291
1292 if (rvalue[0] == '~') {
1293 invert = true;
1294 rvalue++;
1295 }
1296
1297 if (streq(lvalue, "CapabilityBoundingSet"))
1298 initial = CAP_ALL; /* initialized to all bits on */
1299 /* else "AmbientCapabilities" initialized to all bits off */
1300
1301 r = capability_set_from_string(rvalue, &sum);
1302 if (r < 0) {
1303 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue, rvalue);
1304 return 0;
1305 }
1306
1307 if (sum == 0 || *capability_set == initial)
1308 /* "", "~" or uninitialized data -> replace */
1309 *capability_set = invert ? ~sum : sum;
1310 else {
1311 /* previous data -> merge */
1312 if (invert)
1313 *capability_set &= ~sum;
1314 else
1315 *capability_set |= sum;
1316 }
1317
1318 return 0;
1319 }
1320
1321 int config_parse_exec_selinux_context(
1322 const char *unit,
1323 const char *filename,
1324 unsigned line,
1325 const char *section,
1326 unsigned section_line,
1327 const char *lvalue,
1328 int ltype,
1329 const char *rvalue,
1330 void *data,
1331 void *userdata) {
1332
1333 ExecContext *c = data;
1334 Unit *u = userdata;
1335 bool ignore;
1336 char *k;
1337 int r;
1338
1339 assert(filename);
1340 assert(lvalue);
1341 assert(rvalue);
1342 assert(data);
1343
1344 if (isempty(rvalue)) {
1345 c->selinux_context = mfree(c->selinux_context);
1346 c->selinux_context_ignore = false;
1347 return 0;
1348 }
1349
1350 if (rvalue[0] == '-') {
1351 ignore = true;
1352 rvalue++;
1353 } else
1354 ignore = false;
1355
1356 r = unit_full_printf(u, rvalue, &k);
1357 if (r < 0) {
1358 log_syntax(unit, LOG_ERR, filename, line, r,
1359 "Failed to resolve unit specifiers in '%s'%s: %m",
1360 rvalue, ignore ? ", ignoring" : "");
1361 return ignore ? 0 : -ENOEXEC;
1362 }
1363
1364 free_and_replace(c->selinux_context, k);
1365 c->selinux_context_ignore = ignore;
1366
1367 return 0;
1368 }
1369
1370 int config_parse_exec_apparmor_profile(
1371 const char *unit,
1372 const char *filename,
1373 unsigned line,
1374 const char *section,
1375 unsigned section_line,
1376 const char *lvalue,
1377 int ltype,
1378 const char *rvalue,
1379 void *data,
1380 void *userdata) {
1381
1382 ExecContext *c = data;
1383 Unit *u = userdata;
1384 bool ignore;
1385 char *k;
1386 int r;
1387
1388 assert(filename);
1389 assert(lvalue);
1390 assert(rvalue);
1391 assert(data);
1392
1393 if (isempty(rvalue)) {
1394 c->apparmor_profile = mfree(c->apparmor_profile);
1395 c->apparmor_profile_ignore = false;
1396 return 0;
1397 }
1398
1399 if (rvalue[0] == '-') {
1400 ignore = true;
1401 rvalue++;
1402 } else
1403 ignore = false;
1404
1405 r = unit_full_printf(u, rvalue, &k);
1406 if (r < 0) {
1407 log_syntax(unit, LOG_ERR, filename, line, r,
1408 "Failed to resolve unit specifiers in '%s'%s: %m",
1409 rvalue, ignore ? ", ignoring" : "");
1410 return ignore ? 0 : -ENOEXEC;
1411 }
1412
1413 free_and_replace(c->apparmor_profile, k);
1414 c->apparmor_profile_ignore = ignore;
1415
1416 return 0;
1417 }
1418
1419 int config_parse_exec_smack_process_label(
1420 const char *unit,
1421 const char *filename,
1422 unsigned line,
1423 const char *section,
1424 unsigned section_line,
1425 const char *lvalue,
1426 int ltype,
1427 const char *rvalue,
1428 void *data,
1429 void *userdata) {
1430
1431 ExecContext *c = data;
1432 Unit *u = userdata;
1433 bool ignore;
1434 char *k;
1435 int r;
1436
1437 assert(filename);
1438 assert(lvalue);
1439 assert(rvalue);
1440 assert(data);
1441
1442 if (isempty(rvalue)) {
1443 c->smack_process_label = mfree(c->smack_process_label);
1444 c->smack_process_label_ignore = false;
1445 return 0;
1446 }
1447
1448 if (rvalue[0] == '-') {
1449 ignore = true;
1450 rvalue++;
1451 } else
1452 ignore = false;
1453
1454 r = unit_full_printf(u, rvalue, &k);
1455 if (r < 0) {
1456 log_syntax(unit, LOG_ERR, filename, line, r,
1457 "Failed to resolve unit specifiers in '%s'%s: %m",
1458 rvalue, ignore ? ", ignoring" : "");
1459 return ignore ? 0 : -ENOEXEC;
1460 }
1461
1462 free_and_replace(c->smack_process_label, k);
1463 c->smack_process_label_ignore = ignore;
1464
1465 return 0;
1466 }
1467
1468 int config_parse_timer(const char *unit,
1469 const char *filename,
1470 unsigned line,
1471 const char *section,
1472 unsigned section_line,
1473 const char *lvalue,
1474 int ltype,
1475 const char *rvalue,
1476 void *data,
1477 void *userdata) {
1478
1479 Timer *t = data;
1480 usec_t usec = 0;
1481 TimerValue *v;
1482 TimerBase b;
1483 _cleanup_(calendar_spec_freep) CalendarSpec *c = NULL;
1484 Unit *u = userdata;
1485 _cleanup_free_ char *k = NULL;
1486 int r;
1487
1488 assert(filename);
1489 assert(lvalue);
1490 assert(rvalue);
1491 assert(data);
1492
1493 if (isempty(rvalue)) {
1494 /* Empty assignment resets list */
1495 timer_free_values(t);
1496 return 0;
1497 }
1498
1499 b = timer_base_from_string(lvalue);
1500 if (b < 0) {
1501 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
1502 return 0;
1503 }
1504
1505 r = unit_full_printf(u, rvalue, &k);
1506 if (r < 0) {
1507 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1508 return 0;
1509 }
1510
1511 if (b == TIMER_CALENDAR) {
1512 if (calendar_spec_from_string(k, &c) < 0) {
1513 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
1514 return 0;
1515 }
1516 } else
1517 if (parse_sec(k, &usec) < 0) {
1518 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
1519 return 0;
1520 }
1521
1522 v = new0(TimerValue, 1);
1523 if (!v)
1524 return log_oom();
1525
1526 v->base = b;
1527 v->value = usec;
1528 v->calendar_spec = TAKE_PTR(c);
1529
1530 LIST_PREPEND(value, t->values, v);
1531
1532 return 0;
1533 }
1534
1535 int config_parse_trigger_unit(
1536 const char *unit,
1537 const char *filename,
1538 unsigned line,
1539 const char *section,
1540 unsigned section_line,
1541 const char *lvalue,
1542 int ltype,
1543 const char *rvalue,
1544 void *data,
1545 void *userdata) {
1546
1547 _cleanup_free_ char *p = NULL;
1548 Unit *u = data;
1549 UnitType type;
1550 int r;
1551
1552 assert(filename);
1553 assert(lvalue);
1554 assert(rvalue);
1555 assert(data);
1556
1557 if (!hashmap_isempty(u->dependencies[UNIT_TRIGGERS])) {
1558 log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
1559 return 0;
1560 }
1561
1562 r = unit_name_printf(u, rvalue, &p);
1563 if (r < 0) {
1564 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1565 return 0;
1566 }
1567
1568 type = unit_name_to_type(p);
1569 if (type < 0) {
1570 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
1571 return 0;
1572 }
1573 if (unit_has_name(u, p)) {
1574 log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue);
1575 return 0;
1576 }
1577
1578 r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true, UNIT_DEPENDENCY_FILE);
1579 if (r < 0) {
1580 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
1581 return 0;
1582 }
1583
1584 return 0;
1585 }
1586
1587 int config_parse_path_spec(const char *unit,
1588 const char *filename,
1589 unsigned line,
1590 const char *section,
1591 unsigned section_line,
1592 const char *lvalue,
1593 int ltype,
1594 const char *rvalue,
1595 void *data,
1596 void *userdata) {
1597
1598 Path *p = data;
1599 PathSpec *s;
1600 PathType b;
1601 _cleanup_free_ char *k = NULL;
1602 int r;
1603
1604 assert(filename);
1605 assert(lvalue);
1606 assert(rvalue);
1607 assert(data);
1608
1609 if (isempty(rvalue)) {
1610 /* Empty assignment clears list */
1611 path_free_specs(p);
1612 return 0;
1613 }
1614
1615 b = path_type_from_string(lvalue);
1616 if (b < 0) {
1617 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
1618 return 0;
1619 }
1620
1621 r = unit_full_printf(UNIT(p), rvalue, &k);
1622 if (r < 0) {
1623 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1624 return 0;
1625 }
1626
1627 path_simplify(k, false);
1628
1629 if (!path_is_absolute(k)) {
1630 log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
1631 return 0;
1632 }
1633
1634 s = new0(PathSpec, 1);
1635 if (!s)
1636 return log_oom();
1637
1638 s->unit = UNIT(p);
1639 s->path = TAKE_PTR(k);
1640 s->type = b;
1641 s->inotify_fd = -1;
1642
1643 LIST_PREPEND(spec, p->specs, s);
1644
1645 return 0;
1646 }
1647
1648 int config_parse_socket_service(
1649 const char *unit,
1650 const char *filename,
1651 unsigned line,
1652 const char *section,
1653 unsigned section_line,
1654 const char *lvalue,
1655 int ltype,
1656 const char *rvalue,
1657 void *data,
1658 void *userdata) {
1659
1660 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1661 _cleanup_free_ char *p = NULL;
1662 Socket *s = data;
1663 Unit *x;
1664 int r;
1665
1666 assert(filename);
1667 assert(lvalue);
1668 assert(rvalue);
1669 assert(data);
1670
1671 r = unit_name_printf(UNIT(s), rvalue, &p);
1672 if (r < 0) {
1673 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1674 return -ENOEXEC;
1675 }
1676
1677 if (!endswith(p, ".service")) {
1678 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service: %s", rvalue);
1679 return -ENOEXEC;
1680 }
1681
1682 r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
1683 if (r < 0) {
1684 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s: %s", rvalue, bus_error_message(&error, r));
1685 return -ENOEXEC;
1686 }
1687
1688 unit_ref_set(&s->service, UNIT(s), x);
1689
1690 return 0;
1691 }
1692
1693 int config_parse_fdname(
1694 const char *unit,
1695 const char *filename,
1696 unsigned line,
1697 const char *section,
1698 unsigned section_line,
1699 const char *lvalue,
1700 int ltype,
1701 const char *rvalue,
1702 void *data,
1703 void *userdata) {
1704
1705 _cleanup_free_ char *p = NULL;
1706 Socket *s = data;
1707 int r;
1708
1709 assert(filename);
1710 assert(lvalue);
1711 assert(rvalue);
1712 assert(data);
1713
1714 if (isempty(rvalue)) {
1715 s->fdname = mfree(s->fdname);
1716 return 0;
1717 }
1718
1719 r = unit_full_printf(UNIT(s), rvalue, &p);
1720 if (r < 0) {
1721 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
1722 return 0;
1723 }
1724
1725 if (!fdname_is_valid(p)) {
1726 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
1727 return 0;
1728 }
1729
1730 return free_and_replace(s->fdname, p);
1731 }
1732
1733 int config_parse_service_sockets(
1734 const char *unit,
1735 const char *filename,
1736 unsigned line,
1737 const char *section,
1738 unsigned section_line,
1739 const char *lvalue,
1740 int ltype,
1741 const char *rvalue,
1742 void *data,
1743 void *userdata) {
1744
1745 Service *s = data;
1746 const char *p;
1747 int r;
1748
1749 assert(filename);
1750 assert(lvalue);
1751 assert(rvalue);
1752 assert(data);
1753
1754 p = rvalue;
1755 for (;;) {
1756 _cleanup_free_ char *word = NULL, *k = NULL;
1757
1758 r = extract_first_word(&p, &word, NULL, 0);
1759 if (r == 0)
1760 break;
1761 if (r == -ENOMEM)
1762 return log_oom();
1763 if (r < 0) {
1764 log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
1765 break;
1766 }
1767
1768 r = unit_name_printf(UNIT(s), word, &k);
1769 if (r < 0) {
1770 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
1771 continue;
1772 }
1773
1774 if (!endswith(k, ".socket")) {
1775 log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
1776 continue;
1777 }
1778
1779 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true, UNIT_DEPENDENCY_FILE);
1780 if (r < 0)
1781 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1782
1783 r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true, UNIT_DEPENDENCY_FILE);
1784 if (r < 0)
1785 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
1786 }
1787
1788 return 0;
1789 }
1790
1791 int config_parse_bus_name(
1792 const char *unit,
1793 const char *filename,
1794 unsigned line,
1795 const char *section,
1796 unsigned section_line,
1797 const char *lvalue,
1798 int ltype,
1799 const char *rvalue,
1800 void *data,
1801 void *userdata) {
1802
1803 _cleanup_free_ char *k = NULL;
1804 Unit *u = userdata;
1805 int r;
1806
1807 assert(filename);
1808 assert(lvalue);
1809 assert(rvalue);
1810 assert(u);
1811
1812 r = unit_full_printf(u, rvalue, &k);
1813 if (r < 0) {
1814 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
1815 return 0;
1816 }
1817
1818 if (!service_name_is_valid(k)) {
1819 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name, ignoring: %s", k);
1820 return 0;
1821 }
1822
1823 return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
1824 }
1825
1826 int config_parse_service_timeout(
1827 const char *unit,
1828 const char *filename,
1829 unsigned line,
1830 const char *section,
1831 unsigned section_line,
1832 const char *lvalue,
1833 int ltype,
1834 const char *rvalue,
1835 void *data,
1836 void *userdata) {
1837
1838 Service *s = userdata;
1839 usec_t usec;
1840 int r;
1841
1842 assert(filename);
1843 assert(lvalue);
1844 assert(rvalue);
1845 assert(s);
1846
1847 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1848
1849 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1850 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1851 * all other timeouts. */
1852 r = parse_sec_fix_0(rvalue, &usec);
1853 if (r < 0) {
1854 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1855 return 0;
1856 }
1857
1858 s->start_timeout_defined = true;
1859 s->timeout_start_usec = usec;
1860
1861 if (streq(lvalue, "TimeoutSec"))
1862 s->timeout_stop_usec = usec;
1863
1864 return 0;
1865 }
1866
1867 int config_parse_sec_fix_0(
1868 const char *unit,
1869 const char *filename,
1870 unsigned line,
1871 const char *section,
1872 unsigned section_line,
1873 const char *lvalue,
1874 int ltype,
1875 const char *rvalue,
1876 void *data,
1877 void *userdata) {
1878
1879 usec_t *usec = data;
1880 int r;
1881
1882 assert(filename);
1883 assert(lvalue);
1884 assert(rvalue);
1885 assert(usec);
1886
1887 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1888 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1889 * timeout. */
1890
1891 r = parse_sec_fix_0(rvalue, usec);
1892 if (r < 0) {
1893 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
1894 return 0;
1895 }
1896
1897 return 0;
1898 }
1899
1900 int config_parse_user_group(
1901 const char *unit,
1902 const char *filename,
1903 unsigned line,
1904 const char *section,
1905 unsigned section_line,
1906 const char *lvalue,
1907 int ltype,
1908 const char *rvalue,
1909 void *data,
1910 void *userdata) {
1911
1912 _cleanup_free_ char *k = NULL;
1913 char **user = data;
1914 Unit *u = userdata;
1915 int r;
1916
1917 assert(filename);
1918 assert(lvalue);
1919 assert(rvalue);
1920 assert(u);
1921
1922 if (isempty(rvalue)) {
1923 *user = mfree(*user);
1924 return 0;
1925 }
1926
1927 r = unit_full_printf(u, rvalue, &k);
1928 if (r < 0) {
1929 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", rvalue);
1930 return -ENOEXEC;
1931 }
1932
1933 if (!valid_user_group_name_or_id(k)) {
1934 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1935 return -ENOEXEC;
1936 }
1937
1938 return free_and_replace(*user, k);
1939 }
1940
1941 int config_parse_user_group_strv(
1942 const char *unit,
1943 const char *filename,
1944 unsigned line,
1945 const char *section,
1946 unsigned section_line,
1947 const char *lvalue,
1948 int ltype,
1949 const char *rvalue,
1950 void *data,
1951 void *userdata) {
1952
1953 char ***users = data;
1954 Unit *u = userdata;
1955 const char *p = rvalue;
1956 int r;
1957
1958 assert(filename);
1959 assert(lvalue);
1960 assert(rvalue);
1961 assert(u);
1962
1963 if (isempty(rvalue)) {
1964 *users = strv_free(*users);
1965 return 0;
1966 }
1967
1968 for (;;) {
1969 _cleanup_free_ char *word = NULL, *k = NULL;
1970
1971 r = extract_first_word(&p, &word, NULL, 0);
1972 if (r == 0)
1973 break;
1974 if (r == -ENOMEM)
1975 return log_oom();
1976 if (r < 0) {
1977 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax: %s", rvalue);
1978 return -ENOEXEC;
1979 }
1980
1981 r = unit_full_printf(u, word, &k);
1982 if (r < 0) {
1983 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", word);
1984 return -ENOEXEC;
1985 }
1986
1987 if (!valid_user_group_name_or_id(k)) {
1988 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID: %s", k);
1989 return -ENOEXEC;
1990 }
1991
1992 r = strv_push(users, k);
1993 if (r < 0)
1994 return log_oom();
1995
1996 k = NULL;
1997 }
1998
1999 return 0;
2000 }
2001
2002 int config_parse_working_directory(
2003 const char *unit,
2004 const char *filename,
2005 unsigned line,
2006 const char *section,
2007 unsigned section_line,
2008 const char *lvalue,
2009 int ltype,
2010 const char *rvalue,
2011 void *data,
2012 void *userdata) {
2013
2014 ExecContext *c = data;
2015 Unit *u = userdata;
2016 bool missing_ok;
2017 int r;
2018
2019 assert(filename);
2020 assert(lvalue);
2021 assert(rvalue);
2022 assert(c);
2023 assert(u);
2024
2025 if (isempty(rvalue)) {
2026 c->working_directory_home = false;
2027 c->working_directory = mfree(c->working_directory);
2028 return 0;
2029 }
2030
2031 if (rvalue[0] == '-') {
2032 missing_ok = true;
2033 rvalue++;
2034 } else
2035 missing_ok = false;
2036
2037 if (streq(rvalue, "~")) {
2038 c->working_directory_home = true;
2039 c->working_directory = mfree(c->working_directory);
2040 } else {
2041 _cleanup_free_ char *k = NULL;
2042
2043 r = unit_full_printf(u, rvalue, &k);
2044 if (r < 0) {
2045 log_syntax(unit, LOG_ERR, filename, line, r,
2046 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2047 rvalue, missing_ok ? ", ignoring" : "");
2048 return missing_ok ? 0 : -ENOEXEC;
2049 }
2050
2051 path_simplify(k, false);
2052
2053 if (!utf8_is_valid(k)) {
2054 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2055 return missing_ok ? 0 : -ENOEXEC;
2056 }
2057
2058 if (!path_is_absolute(k)) {
2059 log_syntax(unit, LOG_ERR, filename, line, 0,
2060 "Working directory path '%s' is not absolute%s.",
2061 rvalue, missing_ok ? ", ignoring" : "");
2062 return missing_ok ? 0 : -ENOEXEC;
2063 }
2064
2065 c->working_directory_home = false;
2066 free_and_replace(c->working_directory, k);
2067 }
2068
2069 c->working_directory_missing_ok = missing_ok;
2070 return 0;
2071 }
2072
2073 int config_parse_unit_env_file(const char *unit,
2074 const char *filename,
2075 unsigned line,
2076 const char *section,
2077 unsigned section_line,
2078 const char *lvalue,
2079 int ltype,
2080 const char *rvalue,
2081 void *data,
2082 void *userdata) {
2083
2084 char ***env = data;
2085 Unit *u = userdata;
2086 _cleanup_free_ char *n = NULL;
2087 int r;
2088
2089 assert(filename);
2090 assert(lvalue);
2091 assert(rvalue);
2092 assert(data);
2093
2094 if (isempty(rvalue)) {
2095 /* Empty assignment frees the list */
2096 *env = strv_free(*env);
2097 return 0;
2098 }
2099
2100 r = unit_full_printf(u, rvalue, &n);
2101 if (r < 0) {
2102 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2103 return 0;
2104 }
2105
2106 if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
2107 log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
2108 return 0;
2109 }
2110
2111 r = strv_extend(env, n);
2112 if (r < 0)
2113 return log_oom();
2114
2115 return 0;
2116 }
2117
2118 int config_parse_environ(
2119 const char *unit,
2120 const char *filename,
2121 unsigned line,
2122 const char *section,
2123 unsigned section_line,
2124 const char *lvalue,
2125 int ltype,
2126 const char *rvalue,
2127 void *data,
2128 void *userdata) {
2129
2130 Unit *u = userdata;
2131 char ***env = data;
2132 const char *p;
2133 int r;
2134
2135 assert(filename);
2136 assert(lvalue);
2137 assert(rvalue);
2138 assert(data);
2139
2140 if (isempty(rvalue)) {
2141 /* Empty assignment resets the list */
2142 *env = strv_free(*env);
2143 return 0;
2144 }
2145
2146 for (p = rvalue;; ) {
2147 _cleanup_free_ char *word = NULL, *k = NULL;
2148
2149 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2150 if (r == 0)
2151 return 0;
2152 if (r == -ENOMEM)
2153 return log_oom();
2154 if (r < 0) {
2155 log_syntax(unit, LOG_WARNING, filename, line, r,
2156 "Invalid syntax, ignoring: %s", rvalue);
2157 return 0;
2158 }
2159
2160 if (u) {
2161 r = unit_full_printf(u, word, &k);
2162 if (r < 0) {
2163 log_syntax(unit, LOG_ERR, filename, line, r,
2164 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2165 continue;
2166 }
2167 } else
2168 k = TAKE_PTR(word);
2169
2170 if (!env_assignment_is_valid(k)) {
2171 log_syntax(unit, LOG_ERR, filename, line, 0,
2172 "Invalid environment assignment, ignoring: %s", k);
2173 continue;
2174 }
2175
2176 r = strv_env_replace(env, k);
2177 if (r < 0)
2178 return log_oom();
2179
2180 k = NULL;
2181 }
2182 }
2183
2184 int config_parse_pass_environ(
2185 const char *unit,
2186 const char *filename,
2187 unsigned line,
2188 const char *section,
2189 unsigned section_line,
2190 const char *lvalue,
2191 int ltype,
2192 const char *rvalue,
2193 void *data,
2194 void *userdata) {
2195
2196 _cleanup_strv_free_ char **n = NULL;
2197 size_t nlen = 0, nbufsize = 0;
2198 char*** passenv = data;
2199 const char *p = rvalue;
2200 Unit *u = userdata;
2201 int r;
2202
2203 assert(filename);
2204 assert(lvalue);
2205 assert(rvalue);
2206 assert(data);
2207
2208 if (isempty(rvalue)) {
2209 /* Empty assignment resets the list */
2210 *passenv = strv_free(*passenv);
2211 return 0;
2212 }
2213
2214 for (;;) {
2215 _cleanup_free_ char *word = NULL, *k = NULL;
2216
2217 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2218 if (r == 0)
2219 break;
2220 if (r == -ENOMEM)
2221 return log_oom();
2222 if (r < 0) {
2223 log_syntax(unit, LOG_ERR, filename, line, r,
2224 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2225 break;
2226 }
2227
2228 if (u) {
2229 r = unit_full_printf(u, word, &k);
2230 if (r < 0) {
2231 log_syntax(unit, LOG_ERR, filename, line, r,
2232 "Failed to resolve specifiers in %s, ignoring: %m", word);
2233 continue;
2234 }
2235 } else
2236 k = TAKE_PTR(word);
2237
2238 if (!env_name_is_valid(k)) {
2239 log_syntax(unit, LOG_ERR, filename, line, 0,
2240 "Invalid environment name for %s, ignoring: %s", lvalue, k);
2241 continue;
2242 }
2243
2244 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2245 return log_oom();
2246
2247 n[nlen++] = TAKE_PTR(k);
2248 n[nlen] = NULL;
2249 }
2250
2251 if (n) {
2252 r = strv_extend_strv(passenv, n, true);
2253 if (r < 0)
2254 return r;
2255 }
2256
2257 return 0;
2258 }
2259
2260 int config_parse_unset_environ(
2261 const char *unit,
2262 const char *filename,
2263 unsigned line,
2264 const char *section,
2265 unsigned section_line,
2266 const char *lvalue,
2267 int ltype,
2268 const char *rvalue,
2269 void *data,
2270 void *userdata) {
2271
2272 _cleanup_strv_free_ char **n = NULL;
2273 size_t nlen = 0, nbufsize = 0;
2274 char*** unsetenv = data;
2275 const char *p = rvalue;
2276 Unit *u = userdata;
2277 int r;
2278
2279 assert(filename);
2280 assert(lvalue);
2281 assert(rvalue);
2282 assert(data);
2283
2284 if (isempty(rvalue)) {
2285 /* Empty assignment resets the list */
2286 *unsetenv = strv_free(*unsetenv);
2287 return 0;
2288 }
2289
2290 for (;;) {
2291 _cleanup_free_ char *word = NULL, *k = NULL;
2292
2293 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2294 if (r == 0)
2295 break;
2296 if (r == -ENOMEM)
2297 return log_oom();
2298 if (r < 0) {
2299 log_syntax(unit, LOG_ERR, filename, line, r,
2300 "Trailing garbage in %s, ignoring: %s", lvalue, rvalue);
2301 break;
2302 }
2303
2304 if (u) {
2305 r = unit_full_printf(u, word, &k);
2306 if (r < 0) {
2307 log_syntax(unit, LOG_ERR, filename, line, r,
2308 "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2309 continue;
2310 }
2311 } else
2312 k = TAKE_PTR(word);
2313
2314 if (!env_assignment_is_valid(k) && !env_name_is_valid(k)) {
2315 log_syntax(unit, LOG_ERR, filename, line, 0,
2316 "Invalid environment name or assignment %s, ignoring: %s", lvalue, k);
2317 continue;
2318 }
2319
2320 if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
2321 return log_oom();
2322
2323 n[nlen++] = TAKE_PTR(k);
2324 n[nlen] = NULL;
2325 }
2326
2327 if (n) {
2328 r = strv_extend_strv(unsetenv, n, true);
2329 if (r < 0)
2330 return r;
2331 }
2332
2333 return 0;
2334 }
2335
2336 int config_parse_log_extra_fields(
2337 const char *unit,
2338 const char *filename,
2339 unsigned line,
2340 const char *section,
2341 unsigned section_line,
2342 const char *lvalue,
2343 int ltype,
2344 const char *rvalue,
2345 void *data,
2346 void *userdata) {
2347
2348 ExecContext *c = data;
2349 Unit *u = userdata;
2350 const char *p = rvalue;
2351 int r;
2352
2353 assert(filename);
2354 assert(lvalue);
2355 assert(rvalue);
2356 assert(c);
2357
2358 if (isempty(rvalue)) {
2359 exec_context_free_log_extra_fields(c);
2360 return 0;
2361 }
2362
2363 for (;;) {
2364 _cleanup_free_ char *word = NULL, *k = NULL;
2365 struct iovec *t;
2366 const char *eq;
2367
2368 r = extract_first_word(&p, &word, NULL, EXTRACT_CUNESCAPE|EXTRACT_QUOTES);
2369 if (r == 0)
2370 return 0;
2371 if (r == -ENOMEM)
2372 return log_oom();
2373 if (r < 0) {
2374 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2375 return 0;
2376 }
2377
2378 r = unit_full_printf(u, word, &k);
2379 if (r < 0) {
2380 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
2381 continue;
2382 }
2383
2384 eq = strchr(k, '=');
2385 if (!eq) {
2386 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field lacks '=' character, ignoring: %s", k);
2387 continue;
2388 }
2389
2390 if (!journal_field_valid(k, eq-k, false)) {
2391 log_syntax(unit, LOG_ERR, filename, line, 0, "Log field name is invalid, ignoring: %s", k);
2392 continue;
2393 }
2394
2395 t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec));
2396 if (!t)
2397 return log_oom();
2398
2399 c->log_extra_fields = t;
2400 c->log_extra_fields[c->n_log_extra_fields++] = IOVEC_MAKE_STRING(k);
2401
2402 k = NULL;
2403 }
2404 }
2405
2406 int config_parse_unit_condition_path(
2407 const char *unit,
2408 const char *filename,
2409 unsigned line,
2410 const char *section,
2411 unsigned section_line,
2412 const char *lvalue,
2413 int ltype,
2414 const char *rvalue,
2415 void *data,
2416 void *userdata) {
2417
2418 _cleanup_free_ char *p = NULL;
2419 Condition **list = data, *c;
2420 ConditionType t = ltype;
2421 bool trigger, negate;
2422 Unit *u = userdata;
2423 int r;
2424
2425 assert(filename);
2426 assert(lvalue);
2427 assert(rvalue);
2428 assert(data);
2429
2430 if (isempty(rvalue)) {
2431 /* Empty assignment resets the list */
2432 *list = condition_free_list(*list);
2433 return 0;
2434 }
2435
2436 trigger = rvalue[0] == '|';
2437 if (trigger)
2438 rvalue++;
2439
2440 negate = rvalue[0] == '!';
2441 if (negate)
2442 rvalue++;
2443
2444 r = unit_full_printf(u, rvalue, &p);
2445 if (r < 0) {
2446 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2447 return 0;
2448 }
2449
2450 if (!path_is_absolute(p)) {
2451 log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
2452 return 0;
2453 }
2454
2455 c = condition_new(t, p, trigger, negate);
2456 if (!c)
2457 return log_oom();
2458
2459 LIST_PREPEND(conditions, *list, c);
2460 return 0;
2461 }
2462
2463 int config_parse_unit_condition_string(
2464 const char *unit,
2465 const char *filename,
2466 unsigned line,
2467 const char *section,
2468 unsigned section_line,
2469 const char *lvalue,
2470 int ltype,
2471 const char *rvalue,
2472 void *data,
2473 void *userdata) {
2474
2475 _cleanup_free_ char *s = NULL;
2476 Condition **list = data, *c;
2477 ConditionType t = ltype;
2478 bool trigger, negate;
2479 Unit *u = userdata;
2480 int r;
2481
2482 assert(filename);
2483 assert(lvalue);
2484 assert(rvalue);
2485 assert(data);
2486
2487 if (isempty(rvalue)) {
2488 /* Empty assignment resets the list */
2489 *list = condition_free_list(*list);
2490 return 0;
2491 }
2492
2493 trigger = rvalue[0] == '|';
2494 if (trigger)
2495 rvalue++;
2496
2497 negate = rvalue[0] == '!';
2498 if (negate)
2499 rvalue++;
2500
2501 r = unit_full_printf(u, rvalue, &s);
2502 if (r < 0) {
2503 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue);
2504 return 0;
2505 }
2506
2507 c = condition_new(t, s, trigger, negate);
2508 if (!c)
2509 return log_oom();
2510
2511 LIST_PREPEND(conditions, *list, c);
2512 return 0;
2513 }
2514
2515 int config_parse_unit_condition_null(
2516 const char *unit,
2517 const char *filename,
2518 unsigned line,
2519 const char *section,
2520 unsigned section_line,
2521 const char *lvalue,
2522 int ltype,
2523 const char *rvalue,
2524 void *data,
2525 void *userdata) {
2526
2527 Condition **list = data, *c;
2528 bool trigger, negate;
2529 int b;
2530
2531 assert(filename);
2532 assert(lvalue);
2533 assert(rvalue);
2534 assert(data);
2535
2536 if (isempty(rvalue)) {
2537 /* Empty assignment resets the list */
2538 *list = condition_free_list(*list);
2539 return 0;
2540 }
2541
2542 trigger = rvalue[0] == '|';
2543 if (trigger)
2544 rvalue++;
2545
2546 negate = rvalue[0] == '!';
2547 if (negate)
2548 rvalue++;
2549
2550 b = parse_boolean(rvalue);
2551 if (b < 0) {
2552 log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
2553 return 0;
2554 }
2555
2556 if (!b)
2557 negate = !negate;
2558
2559 c = condition_new(CONDITION_NULL, NULL, trigger, negate);
2560 if (!c)
2561 return log_oom();
2562
2563 LIST_PREPEND(conditions, *list, c);
2564 return 0;
2565 }
2566
2567 int config_parse_unit_requires_mounts_for(
2568 const char *unit,
2569 const char *filename,
2570 unsigned line,
2571 const char *section,
2572 unsigned section_line,
2573 const char *lvalue,
2574 int ltype,
2575 const char *rvalue,
2576 void *data,
2577 void *userdata) {
2578
2579 const char *p = rvalue;
2580 Unit *u = userdata;
2581 int r;
2582
2583 assert(filename);
2584 assert(lvalue);
2585 assert(rvalue);
2586 assert(data);
2587
2588 for (;;) {
2589 _cleanup_free_ char *word = NULL, *resolved = NULL;
2590
2591 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2592 if (r == 0)
2593 return 0;
2594 if (r == -ENOMEM)
2595 return log_oom();
2596 if (r < 0) {
2597 log_syntax(unit, LOG_WARNING, filename, line, r,
2598 "Invalid syntax, ignoring: %s", rvalue);
2599 return 0;
2600 }
2601
2602 if (!utf8_is_valid(word)) {
2603 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
2604 continue;
2605 }
2606
2607 r = unit_full_printf(u, word, &resolved);
2608 if (r < 0) {
2609 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in '%s', ignoring: %m", word);
2610 continue;
2611 }
2612
2613 r = unit_require_mounts_for(u, resolved, UNIT_DEPENDENCY_FILE);
2614 if (r < 0) {
2615 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount '%s', ignoring: %m", resolved);
2616 continue;
2617 }
2618 }
2619 }
2620
2621 int config_parse_documentation(const char *unit,
2622 const char *filename,
2623 unsigned line,
2624 const char *section,
2625 unsigned section_line,
2626 const char *lvalue,
2627 int ltype,
2628 const char *rvalue,
2629 void *data,
2630 void *userdata) {
2631
2632 Unit *u = userdata;
2633 int r;
2634 char **a, **b;
2635
2636 assert(filename);
2637 assert(lvalue);
2638 assert(rvalue);
2639 assert(u);
2640
2641 if (isempty(rvalue)) {
2642 /* Empty assignment resets the list */
2643 u->documentation = strv_free(u->documentation);
2644 return 0;
2645 }
2646
2647 r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
2648 rvalue, data, userdata);
2649 if (r < 0)
2650 return r;
2651
2652 for (a = b = u->documentation; a && *a; a++) {
2653
2654 if (documentation_url_is_valid(*a))
2655 *(b++) = *a;
2656 else {
2657 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
2658 free(*a);
2659 }
2660 }
2661 if (b)
2662 *b = NULL;
2663
2664 return r;
2665 }
2666
2667 #if HAVE_SECCOMP
2668 int config_parse_syscall_filter(
2669 const char *unit,
2670 const char *filename,
2671 unsigned line,
2672 const char *section,
2673 unsigned section_line,
2674 const char *lvalue,
2675 int ltype,
2676 const char *rvalue,
2677 void *data,
2678 void *userdata) {
2679
2680 ExecContext *c = data;
2681 Unit *u = userdata;
2682 bool invert = false;
2683 const char *p;
2684 int r;
2685
2686 assert(filename);
2687 assert(lvalue);
2688 assert(rvalue);
2689 assert(u);
2690
2691 if (isempty(rvalue)) {
2692 /* Empty assignment resets the list */
2693 c->syscall_filter = hashmap_free(c->syscall_filter);
2694 c->syscall_whitelist = false;
2695 return 0;
2696 }
2697
2698 if (rvalue[0] == '~') {
2699 invert = true;
2700 rvalue++;
2701 }
2702
2703 if (!c->syscall_filter) {
2704 c->syscall_filter = hashmap_new(NULL);
2705 if (!c->syscall_filter)
2706 return log_oom();
2707
2708 if (invert)
2709 /* Allow everything but the ones listed */
2710 c->syscall_whitelist = false;
2711 else {
2712 /* Allow nothing but the ones listed */
2713 c->syscall_whitelist = true;
2714
2715 /* Accept default syscalls if we are on a whitelist */
2716 r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST);
2717 if (r < 0)
2718 return r;
2719 }
2720 }
2721
2722 p = rvalue;
2723 for (;;) {
2724 _cleanup_free_ char *word = NULL, *name = NULL;
2725 int num;
2726
2727 r = extract_first_word(&p, &word, NULL, 0);
2728 if (r == 0)
2729 return 0;
2730 if (r == -ENOMEM)
2731 return log_oom();
2732 if (r < 0) {
2733 log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
2734 return 0;
2735 }
2736
2737 r = parse_syscall_and_errno(word, &name, &num);
2738 if (r < 0) {
2739 log_syntax(unit, LOG_WARNING, filename, line, r, "Failed to parse syscall:errno, ignoring: %s", word);
2740 continue;
2741 }
2742
2743 r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter,
2744 SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0),
2745 unit, filename, line);
2746 if (r < 0)
2747 return r;
2748 }
2749 }
2750
2751 int config_parse_syscall_archs(
2752 const char *unit,
2753 const char *filename,
2754 unsigned line,
2755 const char *section,
2756 unsigned section_line,
2757 const char *lvalue,
2758 int ltype,
2759 const char *rvalue,
2760 void *data,
2761 void *userdata) {
2762
2763 const char *p = rvalue;
2764 Set **archs = data;
2765 int r;
2766
2767 if (isempty(rvalue)) {
2768 *archs = set_free(*archs);
2769 return 0;
2770 }
2771
2772 r = set_ensure_allocated(archs, NULL);
2773 if (r < 0)
2774 return log_oom();
2775
2776 for (;;) {
2777 _cleanup_free_ char *word = NULL;
2778 uint32_t a;
2779
2780 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2781 if (r == 0)
2782 return 0;
2783 if (r == -ENOMEM)
2784 return log_oom();
2785 if (r < 0) {
2786 log_syntax(unit, LOG_WARNING, filename, line, r,
2787 "Invalid syntax, ignoring: %s", rvalue);
2788 return 0;
2789 }
2790
2791 r = seccomp_arch_from_string(word, &a);
2792 if (r < 0) {
2793 log_syntax(unit, LOG_ERR, filename, line, r,
2794 "Failed to parse system call architecture \"%s\", ignoring: %m", word);
2795 continue;
2796 }
2797
2798 r = set_put(*archs, UINT32_TO_PTR(a + 1));
2799 if (r < 0)
2800 return log_oom();
2801 }
2802 }
2803
2804 int config_parse_syscall_errno(
2805 const char *unit,
2806 const char *filename,
2807 unsigned line,
2808 const char *section,
2809 unsigned section_line,
2810 const char *lvalue,
2811 int ltype,
2812 const char *rvalue,
2813 void *data,
2814 void *userdata) {
2815
2816 ExecContext *c = data;
2817 int e;
2818
2819 assert(filename);
2820 assert(lvalue);
2821 assert(rvalue);
2822
2823 if (isempty(rvalue)) {
2824 /* Empty assignment resets to KILL */
2825 c->syscall_errno = 0;
2826 return 0;
2827 }
2828
2829 e = parse_errno(rvalue);
2830 if (e <= 0) {
2831 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
2832 return 0;
2833 }
2834
2835 c->syscall_errno = e;
2836 return 0;
2837 }
2838
2839 int config_parse_address_families(
2840 const char *unit,
2841 const char *filename,
2842 unsigned line,
2843 const char *section,
2844 unsigned section_line,
2845 const char *lvalue,
2846 int ltype,
2847 const char *rvalue,
2848 void *data,
2849 void *userdata) {
2850
2851 ExecContext *c = data;
2852 bool invert = false;
2853 const char *p;
2854 int r;
2855
2856 assert(filename);
2857 assert(lvalue);
2858 assert(rvalue);
2859
2860 if (isempty(rvalue)) {
2861 /* Empty assignment resets the list */
2862 c->address_families = set_free(c->address_families);
2863 c->address_families_whitelist = false;
2864 return 0;
2865 }
2866
2867 if (rvalue[0] == '~') {
2868 invert = true;
2869 rvalue++;
2870 }
2871
2872 if (!c->address_families) {
2873 c->address_families = set_new(NULL);
2874 if (!c->address_families)
2875 return log_oom();
2876
2877 c->address_families_whitelist = !invert;
2878 }
2879
2880 for (p = rvalue;;) {
2881 _cleanup_free_ char *word = NULL;
2882 int af;
2883
2884 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
2885 if (r == 0)
2886 return 0;
2887 if (r == -ENOMEM)
2888 return log_oom();
2889 if (r < 0) {
2890 log_syntax(unit, LOG_WARNING, filename, line, r,
2891 "Invalid syntax, ignoring: %s", rvalue);
2892 return 0;
2893 }
2894
2895 af = af_from_name(word);
2896 if (af <= 0) {
2897 log_syntax(unit, LOG_ERR, filename, line, 0,
2898 "Failed to parse address family, ignoring: %s", word);
2899 continue;
2900 }
2901
2902 /* If we previously wanted to forbid an address family and now
2903 * we want to allow it, then just remove it from the list.
2904 */
2905 if (!invert == c->address_families_whitelist) {
2906 r = set_put(c->address_families, INT_TO_PTR(af));
2907 if (r < 0)
2908 return log_oom();
2909 } else
2910 set_remove(c->address_families, INT_TO_PTR(af));
2911 }
2912 }
2913
2914 int config_parse_restrict_namespaces(
2915 const char *unit,
2916 const char *filename,
2917 unsigned line,
2918 const char *section,
2919 unsigned section_line,
2920 const char *lvalue,
2921 int ltype,
2922 const char *rvalue,
2923 void *data,
2924 void *userdata) {
2925
2926 ExecContext *c = data;
2927 unsigned long flags;
2928 bool invert = false;
2929 int r;
2930
2931 if (isempty(rvalue)) {
2932 /* Reset to the default. */
2933 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL;
2934 return 0;
2935 }
2936
2937 /* Boolean parameter ignores the previous settings */
2938 r = parse_boolean(rvalue);
2939 if (r > 0) {
2940 c->restrict_namespaces = 0;
2941 return 0;
2942 } else if (r == 0) {
2943 c->restrict_namespaces = NAMESPACE_FLAGS_ALL;
2944 return 0;
2945 }
2946
2947 if (rvalue[0] == '~') {
2948 invert = true;
2949 rvalue++;
2950 }
2951
2952 /* Not a boolean argument, in this case it's a list of namespace types. */
2953 r = namespace_flags_from_string(rvalue, &flags);
2954 if (r < 0) {
2955 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse namespace type string, ignoring: %s", rvalue);
2956 return 0;
2957 }
2958
2959 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL)
2960 /* Initial assignment. Just set the value. */
2961 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags;
2962 else
2963 /* Merge the value with the previous one. */
2964 SET_FLAG(c->restrict_namespaces, flags, !invert);
2965
2966 return 0;
2967 }
2968 #endif
2969
2970 int config_parse_unit_slice(
2971 const char *unit,
2972 const char *filename,
2973 unsigned line,
2974 const char *section,
2975 unsigned section_line,
2976 const char *lvalue,
2977 int ltype,
2978 const char *rvalue,
2979 void *data,
2980 void *userdata) {
2981
2982 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2983 _cleanup_free_ char *k = NULL;
2984 Unit *u = userdata, *slice = NULL;
2985 int r;
2986
2987 assert(filename);
2988 assert(lvalue);
2989 assert(rvalue);
2990 assert(u);
2991
2992 r = unit_name_printf(u, rvalue, &k);
2993 if (r < 0) {
2994 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
2995 return 0;
2996 }
2997
2998 r = manager_load_unit(u->manager, k, NULL, &error, &slice);
2999 if (r < 0) {
3000 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s, ignoring: %s", k, bus_error_message(&error, r));
3001 return 0;
3002 }
3003
3004 r = unit_set_slice(u, slice);
3005 if (r < 0) {
3006 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s, ignoring: %m", slice->id, u->id);
3007 return 0;
3008 }
3009
3010 return 0;
3011 }
3012
3013 int config_parse_cpu_quota(
3014 const char *unit,
3015 const char *filename,
3016 unsigned line,
3017 const char *section,
3018 unsigned section_line,
3019 const char *lvalue,
3020 int ltype,
3021 const char *rvalue,
3022 void *data,
3023 void *userdata) {
3024
3025 CGroupContext *c = data;
3026 int r;
3027
3028 assert(filename);
3029 assert(lvalue);
3030 assert(rvalue);
3031
3032 if (isempty(rvalue)) {
3033 c->cpu_quota_per_sec_usec = USEC_INFINITY;
3034 return 0;
3035 }
3036
3037 r = parse_percent_unbounded(rvalue);
3038 if (r <= 0) {
3039 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid CPU quota '%s', ignoring.", rvalue);
3040 return 0;
3041 }
3042
3043 c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
3044 return 0;
3045 }
3046
3047 int config_parse_memory_limit(
3048 const char *unit,
3049 const char *filename,
3050 unsigned line,
3051 const char *section,
3052 unsigned section_line,
3053 const char *lvalue,
3054 int ltype,
3055 const char *rvalue,
3056 void *data,
3057 void *userdata) {
3058
3059 CGroupContext *c = data;
3060 uint64_t bytes = CGROUP_LIMIT_MAX;
3061 int r;
3062
3063 if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
3064
3065 r = parse_percent(rvalue);
3066 if (r < 0) {
3067 r = parse_size(rvalue, 1024, &bytes);
3068 if (r < 0) {
3069 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid memory limit '%s', ignoring: %m", rvalue);
3070 return 0;
3071 }
3072 } else
3073 bytes = physical_memory_scale(r, 100U);
3074
3075 if (bytes >= UINT64_MAX ||
3076 (bytes <= 0 && !streq(lvalue, "MemorySwapMax"))) {
3077 log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range, ignoring.", rvalue);
3078 return 0;
3079 }
3080 }
3081
3082 if (streq(lvalue, "MemoryLow"))
3083 c->memory_low = bytes;
3084 else if (streq(lvalue, "MemoryHigh"))
3085 c->memory_high = bytes;
3086 else if (streq(lvalue, "MemoryMax"))
3087 c->memory_max = bytes;
3088 else if (streq(lvalue, "MemorySwapMax"))
3089 c->memory_swap_max = bytes;
3090 else if (streq(lvalue, "MemoryLimit"))
3091 c->memory_limit = bytes;
3092 else
3093 return -EINVAL;
3094
3095 return 0;
3096 }
3097
3098 int config_parse_tasks_max(
3099 const char *unit,
3100 const char *filename,
3101 unsigned line,
3102 const char *section,
3103 unsigned section_line,
3104 const char *lvalue,
3105 int ltype,
3106 const char *rvalue,
3107 void *data,
3108 void *userdata) {
3109
3110 uint64_t *tasks_max = data, v;
3111 Unit *u = userdata;
3112 int r;
3113
3114 if (isempty(rvalue)) {
3115 *tasks_max = u->manager->default_tasks_max;
3116 return 0;
3117 }
3118
3119 if (streq(rvalue, "infinity")) {
3120 *tasks_max = CGROUP_LIMIT_MAX;
3121 return 0;
3122 }
3123
3124 r = parse_percent(rvalue);
3125 if (r < 0) {
3126 r = safe_atou64(rvalue, &v);
3127 if (r < 0) {
3128 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid maximum tasks value '%s', ignoring: %m", rvalue);
3129 return 0;
3130 }
3131 } else
3132 v = system_tasks_max_scale(r, 100U);
3133
3134 if (v <= 0 || v >= UINT64_MAX) {
3135 log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue);
3136 return 0;
3137 }
3138
3139 *tasks_max = v;
3140 return 0;
3141 }
3142
3143 int config_parse_delegate(
3144 const char *unit,
3145 const char *filename,
3146 unsigned line,
3147 const char *section,
3148 unsigned section_line,
3149 const char *lvalue,
3150 int ltype,
3151 const char *rvalue,
3152 void *data,
3153 void *userdata) {
3154
3155 CGroupContext *c = data;
3156 UnitType t;
3157 int r;
3158
3159 t = unit_name_to_type(unit);
3160 assert(t != _UNIT_TYPE_INVALID);
3161
3162 if (!unit_vtable[t]->can_delegate) {
3163 log_syntax(unit, LOG_ERR, filename, line, 0, "Delegate= setting not supported for this unit type, ignoring.");
3164 return 0;
3165 }
3166
3167 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3168 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3169 * mask to delegate. */
3170
3171 if (isempty(rvalue)) {
3172 /* An empty string resets controllers and set Delegate=yes. */
3173 c->delegate = true;
3174 c->delegate_controllers = 0;
3175 return 0;
3176 }
3177
3178 r = parse_boolean(rvalue);
3179 if (r < 0) {
3180 const char *p = rvalue;
3181 CGroupMask mask = 0;
3182
3183 for (;;) {
3184 _cleanup_free_ char *word = NULL;
3185 CGroupController cc;
3186
3187 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3188 if (r == 0)
3189 break;
3190 if (r == -ENOMEM)
3191 return log_oom();
3192 if (r < 0) {
3193 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
3194 return 0;
3195 }
3196
3197 cc = cgroup_controller_from_string(word);
3198 if (cc < 0) {
3199 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid controller name '%s', ignoring", word);
3200 continue;
3201 }
3202
3203 mask |= CGROUP_CONTROLLER_TO_MASK(cc);
3204 }
3205
3206 c->delegate = true;
3207 c->delegate_controllers |= mask;
3208
3209 } else if (r > 0) {
3210 c->delegate = true;
3211 c->delegate_controllers = _CGROUP_MASK_ALL;
3212 } else {
3213 c->delegate = false;
3214 c->delegate_controllers = 0;
3215 }
3216
3217 return 0;
3218 }
3219
3220 int config_parse_device_allow(
3221 const char *unit,
3222 const char *filename,
3223 unsigned line,
3224 const char *section,
3225 unsigned section_line,
3226 const char *lvalue,
3227 int ltype,
3228 const char *rvalue,
3229 void *data,
3230 void *userdata) {
3231
3232 _cleanup_free_ char *path = NULL, *resolved = NULL;
3233 CGroupContext *c = data;
3234 CGroupDeviceAllow *a;
3235 const char *p = rvalue;
3236 int r;
3237
3238 if (isempty(rvalue)) {
3239 while (c->device_allow)
3240 cgroup_context_free_device_allow(c, c->device_allow);
3241
3242 return 0;
3243 }
3244
3245 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3246 if (r == -ENOMEM)
3247 return log_oom();
3248 if (r < 0) {
3249 log_syntax(unit, LOG_WARNING, filename, line, r,
3250 "Invalid syntax, ignoring: %s", rvalue);
3251 return 0;
3252 }
3253 if (r == 0) {
3254 log_syntax(unit, LOG_WARNING, filename, line, 0,
3255 "Failed to extract device path and rights from '%s', ignoring.", rvalue);
3256 return 0;
3257 }
3258
3259 r = unit_full_printf(userdata, path, &resolved);
3260 if (r < 0) {
3261 log_syntax(unit, LOG_WARNING, filename, line, r,
3262 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3263 return 0;
3264 }
3265
3266 if (!is_deviceallow_pattern(resolved) &&
3267 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3268 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3269 return 0;
3270 }
3271
3272 if (!isempty(p) && !in_charset(p, "rwm")) {
3273 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s', ignoring.", p);
3274 return 0;
3275 }
3276
3277 a = new0(CGroupDeviceAllow, 1);
3278 if (!a)
3279 return log_oom();
3280
3281 a->path = TAKE_PTR(resolved);
3282 a->r = isempty(p) || !!strchr(p, 'r');
3283 a->w = isempty(p) || !!strchr(p, 'w');
3284 a->m = isempty(p) || !!strchr(p, 'm');
3285
3286 LIST_PREPEND(device_allow, c->device_allow, a);
3287 return 0;
3288 }
3289
3290 int config_parse_io_device_weight(
3291 const char *unit,
3292 const char *filename,
3293 unsigned line,
3294 const char *section,
3295 unsigned section_line,
3296 const char *lvalue,
3297 int ltype,
3298 const char *rvalue,
3299 void *data,
3300 void *userdata) {
3301
3302 _cleanup_free_ char *path = NULL, *resolved = NULL;
3303 CGroupIODeviceWeight *w;
3304 CGroupContext *c = data;
3305 const char *p = rvalue;
3306 uint64_t u;
3307 int r;
3308
3309 assert(filename);
3310 assert(lvalue);
3311 assert(rvalue);
3312
3313 if (isempty(rvalue)) {
3314 while (c->io_device_weights)
3315 cgroup_context_free_io_device_weight(c, c->io_device_weights);
3316
3317 return 0;
3318 }
3319
3320 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3321 if (r == -ENOMEM)
3322 return log_oom();
3323 if (r < 0) {
3324 log_syntax(unit, LOG_WARNING, filename, line, r,
3325 "Invalid syntax, ignoring: %s", rvalue);
3326 return 0;
3327 }
3328 if (r == 0 || isempty(p)) {
3329 log_syntax(unit, LOG_WARNING, filename, line, 0,
3330 "Failed to extract device path and weight from '%s', ignoring.", rvalue);
3331 return 0;
3332 }
3333
3334 r = unit_full_printf(userdata, path, &resolved);
3335 if (r < 0) {
3336 log_syntax(unit, LOG_WARNING, filename, line, r,
3337 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3338 return 0;
3339 }
3340
3341 if (!path_startswith(resolved, "/dev") &&
3342 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3343 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3344 return 0;
3345 }
3346
3347 r = cg_weight_parse(p, &u);
3348 if (r < 0) {
3349 log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid, ignoring: %m", p);
3350 return 0;
3351 }
3352
3353 assert(u != CGROUP_WEIGHT_INVALID);
3354
3355 w = new0(CGroupIODeviceWeight, 1);
3356 if (!w)
3357 return log_oom();
3358
3359 w->path = TAKE_PTR(resolved);
3360 w->weight = u;
3361
3362 LIST_PREPEND(device_weights, c->io_device_weights, w);
3363 return 0;
3364 }
3365
3366 int config_parse_io_limit(
3367 const char *unit,
3368 const char *filename,
3369 unsigned line,
3370 const char *section,
3371 unsigned section_line,
3372 const char *lvalue,
3373 int ltype,
3374 const char *rvalue,
3375 void *data,
3376 void *userdata) {
3377
3378 _cleanup_free_ char *path = NULL, *resolved = NULL;
3379 CGroupIODeviceLimit *l = NULL, *t;
3380 CGroupContext *c = data;
3381 CGroupIOLimitType type;
3382 const char *p = rvalue;
3383 uint64_t num;
3384 int r;
3385
3386 assert(filename);
3387 assert(lvalue);
3388 assert(rvalue);
3389
3390 type = cgroup_io_limit_type_from_string(lvalue);
3391 assert(type >= 0);
3392
3393 if (isempty(rvalue)) {
3394 LIST_FOREACH(device_limits, l, c->io_device_limits)
3395 l->limits[type] = cgroup_io_limit_defaults[type];
3396 return 0;
3397 }
3398
3399 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3400 if (r == -ENOMEM)
3401 return log_oom();
3402 if (r < 0) {
3403 log_syntax(unit, LOG_WARNING, filename, line, r,
3404 "Invalid syntax, ignoring: %s", rvalue);
3405 return 0;
3406 }
3407 if (r == 0 || isempty(p)) {
3408 log_syntax(unit, LOG_WARNING, filename, line, 0,
3409 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3410 return 0;
3411 }
3412
3413 r = unit_full_printf(userdata, path, &resolved);
3414 if (r < 0) {
3415 log_syntax(unit, LOG_WARNING, filename, line, r,
3416 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3417 return 0;
3418 }
3419
3420 if (!path_startswith(resolved, "/dev") &&
3421 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3422 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3423 return 0;
3424 }
3425
3426 if (streq("infinity", p)) {
3427 num = CGROUP_LIMIT_MAX;
3428 } else {
3429 r = parse_size(p, 1000, &num);
3430 if (r < 0 || num <= 0) {
3431 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid IO limit '%s', ignoring.", p);
3432 return 0;
3433 }
3434 }
3435
3436 LIST_FOREACH(device_limits, t, c->io_device_limits) {
3437 if (path_equal(resolved, t->path)) {
3438 l = t;
3439 break;
3440 }
3441 }
3442
3443 if (!l) {
3444 CGroupIOLimitType ttype;
3445
3446 l = new0(CGroupIODeviceLimit, 1);
3447 if (!l)
3448 return log_oom();
3449
3450 l->path = TAKE_PTR(resolved);
3451 for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
3452 l->limits[ttype] = cgroup_io_limit_defaults[ttype];
3453
3454 LIST_PREPEND(device_limits, c->io_device_limits, l);
3455 }
3456
3457 l->limits[type] = num;
3458
3459 return 0;
3460 }
3461
3462 int config_parse_blockio_device_weight(
3463 const char *unit,
3464 const char *filename,
3465 unsigned line,
3466 const char *section,
3467 unsigned section_line,
3468 const char *lvalue,
3469 int ltype,
3470 const char *rvalue,
3471 void *data,
3472 void *userdata) {
3473
3474 _cleanup_free_ char *path = NULL, *resolved = NULL;
3475 CGroupBlockIODeviceWeight *w;
3476 CGroupContext *c = data;
3477 const char *p = rvalue;
3478 uint64_t u;
3479 int r;
3480
3481 assert(filename);
3482 assert(lvalue);
3483 assert(rvalue);
3484
3485 if (isempty(rvalue)) {
3486 while (c->blockio_device_weights)
3487 cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
3488
3489 return 0;
3490 }
3491
3492 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3493 if (r == -ENOMEM)
3494 return log_oom();
3495 if (r < 0) {
3496 log_syntax(unit, LOG_WARNING, filename, line, r,
3497 "Invalid syntax, ignoring: %s", rvalue);
3498 return 0;
3499 }
3500 if (r == 0 || isempty(p)) {
3501 log_syntax(unit, LOG_WARNING, filename, line, 0,
3502 "Failed to extract device node and weight from '%s', ignoring.", rvalue);
3503 return 0;
3504 }
3505
3506 r = unit_full_printf(userdata, path, &resolved);
3507 if (r < 0) {
3508 log_syntax(unit, LOG_WARNING, filename, line, r,
3509 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3510 return 0;
3511 }
3512
3513 if (!path_startswith(resolved, "/dev") &&
3514 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3515 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", resolved);
3516 return 0;
3517 }
3518
3519 r = cg_blkio_weight_parse(p, &u);
3520 if (r < 0) {
3521 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid block IO weight '%s', ignoring: %m", p);
3522 return 0;
3523 }
3524
3525 assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
3526
3527 w = new0(CGroupBlockIODeviceWeight, 1);
3528 if (!w)
3529 return log_oom();
3530
3531 w->path = TAKE_PTR(resolved);
3532 w->weight = u;
3533
3534 LIST_PREPEND(device_weights, c->blockio_device_weights, w);
3535 return 0;
3536 }
3537
3538 int config_parse_blockio_bandwidth(
3539 const char *unit,
3540 const char *filename,
3541 unsigned line,
3542 const char *section,
3543 unsigned section_line,
3544 const char *lvalue,
3545 int ltype,
3546 const char *rvalue,
3547 void *data,
3548 void *userdata) {
3549
3550 _cleanup_free_ char *path = NULL, *resolved = NULL;
3551 CGroupBlockIODeviceBandwidth *b = NULL, *t;
3552 CGroupContext *c = data;
3553 const char *p = rvalue;
3554 uint64_t bytes;
3555 bool read;
3556 int r;
3557
3558 assert(filename);
3559 assert(lvalue);
3560 assert(rvalue);
3561
3562 read = streq("BlockIOReadBandwidth", lvalue);
3563
3564 if (isempty(rvalue)) {
3565 LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
3566 b->rbps = CGROUP_LIMIT_MAX;
3567 b->wbps = CGROUP_LIMIT_MAX;
3568 }
3569 return 0;
3570 }
3571
3572 r = extract_first_word(&p, &path, NULL, EXTRACT_QUOTES);
3573 if (r == -ENOMEM)
3574 return log_oom();
3575 if (r < 0) {
3576 log_syntax(unit, LOG_WARNING, filename, line, r,
3577 "Invalid syntax, ignoring: %s", rvalue);
3578 return 0;
3579 }
3580 if (r == 0 || isempty(p)) {
3581 log_syntax(unit, LOG_WARNING, filename, line, 0,
3582 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue);
3583 return 0;
3584 }
3585
3586 r = unit_full_printf(userdata, path, &resolved);
3587 if (r < 0) {
3588 log_syntax(unit, LOG_WARNING, filename, line, r,
3589 "Failed to resolve unit specifiers in '%s', ignoring: %m", path);
3590 return 0;
3591 }
3592
3593 if (!path_startswith(resolved, "/dev") &&
3594 !path_startswith(resolved, "/run/systemd/inaccessible/")) {
3595 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s', ignoring.", resolved);
3596 return 0;
3597 }
3598
3599 r = parse_size(p, 1000, &bytes);
3600 if (r < 0 || bytes <= 0) {
3601 log_syntax(unit, LOG_ERR, filename, line, r, "Invalid Block IO Bandwidth '%s', ignoring.", p);
3602 return 0;
3603 }
3604
3605 LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
3606 if (path_equal(resolved, t->path)) {
3607 b = t;
3608 break;
3609 }
3610 }
3611
3612 if (!t) {
3613 b = new0(CGroupBlockIODeviceBandwidth, 1);
3614 if (!b)
3615 return log_oom();
3616
3617 b->path = TAKE_PTR(resolved);
3618 b->rbps = CGROUP_LIMIT_MAX;
3619 b->wbps = CGROUP_LIMIT_MAX;
3620
3621 LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
3622 }
3623
3624 if (read)
3625 b->rbps = bytes;
3626 else
3627 b->wbps = bytes;
3628
3629 return 0;
3630 }
3631
3632 int config_parse_job_mode_isolate(
3633 const char *unit,
3634 const char *filename,
3635 unsigned line,
3636 const char *section,
3637 unsigned section_line,
3638 const char *lvalue,
3639 int ltype,
3640 const char *rvalue,
3641 void *data,
3642 void *userdata) {
3643
3644 JobMode *m = data;
3645 int r;
3646
3647 assert(filename);
3648 assert(lvalue);
3649 assert(rvalue);
3650
3651 r = parse_boolean(rvalue);
3652 if (r < 0) {
3653 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
3654 return 0;
3655 }
3656
3657 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue);
3658
3659 *m = r ? JOB_ISOLATE : JOB_REPLACE;
3660 return 0;
3661 }
3662
3663 int config_parse_exec_directories(
3664 const char *unit,
3665 const char *filename,
3666 unsigned line,
3667 const char *section,
3668 unsigned section_line,
3669 const char *lvalue,
3670 int ltype,
3671 const char *rvalue,
3672 void *data,
3673 void *userdata) {
3674
3675 char***rt = data;
3676 Unit *u = userdata;
3677 const char *p;
3678 int r;
3679
3680 assert(filename);
3681 assert(lvalue);
3682 assert(rvalue);
3683 assert(data);
3684
3685 if (isempty(rvalue)) {
3686 /* Empty assignment resets the list */
3687 *rt = strv_free(*rt);
3688 return 0;
3689 }
3690
3691 for (p = rvalue;;) {
3692 _cleanup_free_ char *word = NULL, *k = NULL;
3693
3694 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3695 if (r == -ENOMEM)
3696 return log_oom();
3697 if (r < 0) {
3698 log_syntax(unit, LOG_WARNING, filename, line, r,
3699 "Invalid syntax, ignoring: %s", rvalue);
3700 return 0;
3701 }
3702 if (r == 0)
3703 return 0;
3704
3705 r = unit_full_printf(u, word, &k);
3706 if (r < 0) {
3707 log_syntax(unit, LOG_ERR, filename, line, r,
3708 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word);
3709 continue;
3710 }
3711
3712 if (!path_is_normalized(k)) {
3713 log_syntax(unit, LOG_ERR, filename, line, 0,
3714 "%s= path is not normalized, ignoring assignment: %s", lvalue, rvalue);
3715 continue;
3716 }
3717
3718 if (path_is_absolute(k)) {
3719 log_syntax(unit, LOG_ERR, filename, line, 0,
3720 "%s= path is absolute, ignoring assignment: %s", lvalue, rvalue);
3721 continue;
3722 }
3723
3724 if (path_startswith(k, "private")) {
3725 log_syntax(unit, LOG_ERR, filename, line, 0,
3726 "%s= path can't be 'private', ingoring assignment: %s", lvalue, rvalue);
3727 continue;
3728 }
3729
3730 r = strv_push(rt, k);
3731 if (r < 0)
3732 return log_oom();
3733 k = NULL;
3734 }
3735 }
3736
3737 int config_parse_set_status(
3738 const char *unit,
3739 const char *filename,
3740 unsigned line,
3741 const char *section,
3742 unsigned section_line,
3743 const char *lvalue,
3744 int ltype,
3745 const char *rvalue,
3746 void *data,
3747 void *userdata) {
3748
3749 size_t l;
3750 const char *word, *state;
3751 int r;
3752 ExitStatusSet *status_set = data;
3753
3754 assert(filename);
3755 assert(lvalue);
3756 assert(rvalue);
3757 assert(data);
3758
3759 /* Empty assignment resets the list */
3760 if (isempty(rvalue)) {
3761 exit_status_set_free(status_set);
3762 return 0;
3763 }
3764
3765 FOREACH_WORD(word, l, rvalue, state) {
3766 _cleanup_free_ char *temp;
3767 int val;
3768 Set **set;
3769
3770 temp = strndup(word, l);
3771 if (!temp)
3772 return log_oom();
3773
3774 r = safe_atoi(temp, &val);
3775 if (r < 0) {
3776 val = signal_from_string(temp);
3777
3778 if (val <= 0) {
3779 log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
3780 continue;
3781 }
3782 set = &status_set->signal;
3783 } else {
3784 if (val < 0 || val > 255) {
3785 log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
3786 continue;
3787 }
3788 set = &status_set->status;
3789 }
3790
3791 r = set_ensure_allocated(set, NULL);
3792 if (r < 0)
3793 return log_oom();
3794
3795 r = set_put(*set, INT_TO_PTR(val));
3796 if (r < 0)
3797 return log_oom();
3798 }
3799 if (!isempty(state))
3800 log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
3801
3802 return 0;
3803 }
3804
3805 int config_parse_namespace_path_strv(
3806 const char *unit,
3807 const char *filename,
3808 unsigned line,
3809 const char *section,
3810 unsigned section_line,
3811 const char *lvalue,
3812 int ltype,
3813 const char *rvalue,
3814 void *data,
3815 void *userdata) {
3816
3817 Unit *u = userdata;
3818 char*** sv = data;
3819 const char *p = rvalue;
3820 int r;
3821
3822 assert(filename);
3823 assert(lvalue);
3824 assert(rvalue);
3825 assert(data);
3826
3827 if (isempty(rvalue)) {
3828 /* Empty assignment resets the list */
3829 *sv = strv_free(*sv);
3830 return 0;
3831 }
3832
3833 for (;;) {
3834 _cleanup_free_ char *word = NULL, *resolved = NULL, *joined = NULL;
3835 const char *w;
3836 bool ignore_enoent = false, shall_prefix = false;
3837
3838 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3839 if (r == 0)
3840 break;
3841 if (r == -ENOMEM)
3842 return log_oom();
3843 if (r < 0) {
3844 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3845 return 0;
3846 }
3847
3848 if (!utf8_is_valid(word)) {
3849 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
3850 continue;
3851 }
3852
3853 w = word;
3854 if (startswith(w, "-")) {
3855 ignore_enoent = true;
3856 w++;
3857 }
3858 if (startswith(w, "+")) {
3859 shall_prefix = true;
3860 w++;
3861 }
3862
3863 r = unit_full_printf(u, w, &resolved);
3864 if (r < 0) {
3865 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s: %m", w);
3866 continue;
3867 }
3868
3869 if (!path_is_absolute(resolved)) {
3870 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
3871 continue;
3872 }
3873
3874 path_simplify(resolved, false);
3875
3876 joined = strjoin(ignore_enoent ? "-" : "",
3877 shall_prefix ? "+" : "",
3878 resolved);
3879
3880 r = strv_push(sv, joined);
3881 if (r < 0)
3882 return log_oom();
3883
3884 joined = NULL;
3885 }
3886
3887 return 0;
3888 }
3889
3890 int config_parse_temporary_filesystems(
3891 const char *unit,
3892 const char *filename,
3893 unsigned line,
3894 const char *section,
3895 unsigned section_line,
3896 const char *lvalue,
3897 int ltype,
3898 const char *rvalue,
3899 void *data,
3900 void *userdata) {
3901
3902 Unit *u = userdata;
3903 ExecContext *c = data;
3904 const char *p = rvalue;
3905 int r;
3906
3907 assert(filename);
3908 assert(lvalue);
3909 assert(rvalue);
3910 assert(data);
3911
3912 if (isempty(rvalue)) {
3913 /* Empty assignment resets the list */
3914 temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems);
3915 c->temporary_filesystems = NULL;
3916 c->n_temporary_filesystems = 0;
3917 return 0;
3918 }
3919
3920 for (;;) {
3921 _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL;
3922 const char *w;
3923
3924 r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
3925 if (r == 0)
3926 return 0;
3927 if (r == -ENOMEM)
3928 return log_oom();
3929 if (r < 0) {
3930 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue);
3931 return 0;
3932 }
3933
3934 w = word;
3935 r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
3936 if (r == -ENOMEM)
3937 return log_oom();
3938 if (r < 0) {
3939 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", word);
3940 continue;
3941 }
3942 if (r == 0) {
3943 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring: %s", word);
3944 continue;
3945 }
3946
3947 r = unit_full_printf(u, path, &resolved);
3948 if (r < 0) {
3949 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", path);
3950 continue;
3951 }
3952
3953 if (!path_is_absolute(resolved)) {
3954 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved);
3955 continue;
3956 }
3957
3958 path_simplify(resolved, false);
3959
3960 r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w);
3961 if (r == -ENOMEM)
3962 return log_oom();
3963 if (r < 0) {
3964 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word);
3965 continue;
3966 }
3967 }
3968 }
3969
3970 int config_parse_bind_paths(
3971 const char *unit,
3972 const char *filename,
3973 unsigned line,
3974 const char *section,
3975 unsigned section_line,
3976 const char *lvalue,
3977 int ltype,
3978 const char *rvalue,
3979 void *data,
3980 void *userdata) {
3981
3982 ExecContext *c = data;
3983 Unit *u = userdata;
3984 const char *p;
3985 int r;
3986
3987 assert(filename);
3988 assert(lvalue);
3989 assert(rvalue);
3990 assert(data);
3991
3992 if (isempty(rvalue)) {
3993 /* Empty assignment resets the list */
3994 bind_mount_free_many(c->bind_mounts, c->n_bind_mounts);
3995 c->bind_mounts = NULL;
3996 c->n_bind_mounts = 0;
3997 return 0;
3998 }
3999
4000 p = rvalue;
4001 for (;;) {
4002 _cleanup_free_ char *source = NULL, *destination = NULL;
4003 _cleanup_free_ char *sresolved = NULL, *dresolved = NULL;
4004 char *s = NULL, *d = NULL;
4005 bool rbind = true, ignore_enoent = false;
4006
4007 r = extract_first_word(&p, &source, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4008 if (r == 0)
4009 break;
4010 if (r == -ENOMEM)
4011 return log_oom();
4012 if (r < 0) {
4013 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4014 return 0;
4015 }
4016
4017 r = unit_full_printf(u, source, &sresolved);
4018 if (r < 0) {
4019 log_syntax(unit, LOG_ERR, filename, line, r,
4020 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source);
4021 return 0;
4022 }
4023
4024 s = sresolved;
4025 if (s[0] == '-') {
4026 ignore_enoent = true;
4027 s++;
4028 }
4029
4030 if (!utf8_is_valid(s)) {
4031 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, s);
4032 return 0;
4033 }
4034 if (!path_is_absolute(s)) {
4035 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute source path, ignoring: %s", s);
4036 return 0;
4037 }
4038
4039 path_simplify(s, false);
4040
4041 /* Optionally, the destination is specified. */
4042 if (p && p[-1] == ':') {
4043 r = extract_first_word(&p, &destination, ":" WHITESPACE, EXTRACT_QUOTES|EXTRACT_DONT_COALESCE_SEPARATORS);
4044 if (r == -ENOMEM)
4045 return log_oom();
4046 if (r < 0) {
4047 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4048 return 0;
4049 }
4050 if (r == 0) {
4051 log_syntax(unit, LOG_ERR, filename, line, 0, "Missing argument after ':': %s", rvalue);
4052 return 0;
4053 }
4054
4055 r = unit_full_printf(u, destination, &dresolved);
4056 if (r < 0) {
4057 log_syntax(unit, LOG_ERR, filename, line, r,
4058 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination);
4059 return 0;
4060 }
4061
4062 if (!utf8_is_valid(dresolved)) {
4063 log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, dresolved);
4064 return 0;
4065 }
4066 if (!path_is_absolute(dresolved)) {
4067 log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute destination path, ignoring: %s", dresolved);
4068 return 0;
4069 }
4070
4071 d = path_simplify(dresolved, false);
4072
4073 /* Optionally, there's also a short option string specified */
4074 if (p && p[-1] == ':') {
4075 _cleanup_free_ char *options = NULL;
4076
4077 r = extract_first_word(&p, &options, NULL, EXTRACT_QUOTES);
4078 if (r == -ENOMEM)
4079 return log_oom();
4080 if (r < 0) {
4081 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s: %s", lvalue, rvalue);
4082 return 0;
4083 }
4084
4085 if (isempty(options) || streq(options, "rbind"))
4086 rbind = true;
4087 else if (streq(options, "norbind"))
4088 rbind = false;
4089 else {
4090 log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid option string, ignoring setting: %s", options);
4091 return 0;
4092 }
4093 }
4094 } else
4095 d = s;
4096
4097 r = bind_mount_add(&c->bind_mounts, &c->n_bind_mounts,
4098 &(BindMount) {
4099 .source = s,
4100 .destination = d,
4101 .read_only = !!strstr(lvalue, "ReadOnly"),
4102 .recursive = rbind,
4103 .ignore_enoent = ignore_enoent,
4104 });
4105 if (r < 0)
4106 return log_oom();
4107 }
4108
4109 return 0;
4110 }
4111
4112 int config_parse_job_timeout_sec(
4113 const char* unit,
4114 const char *filename,
4115 unsigned line,
4116 const char *section,
4117 unsigned section_line,
4118 const char *lvalue,
4119 int ltype,
4120 const char *rvalue,
4121 void *data,
4122 void *userdata) {
4123
4124 Unit *u = data;
4125 usec_t usec;
4126 int r;
4127
4128 assert(filename);
4129 assert(lvalue);
4130 assert(rvalue);
4131 assert(u);
4132
4133 r = parse_sec_fix_0(rvalue, &usec);
4134 if (r < 0) {
4135 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
4136 return 0;
4137 }
4138
4139 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4140 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4141 * count. */
4142
4143 if (!u->job_running_timeout_set)
4144 u->job_running_timeout = usec;
4145
4146 u->job_timeout = usec;
4147
4148 return 0;
4149 }
4150
4151 int config_parse_job_running_timeout_sec(
4152 const char* unit,
4153 const char *filename,
4154 unsigned line,
4155 const char *section,
4156 unsigned section_line,
4157 const char *lvalue,
4158 int ltype,
4159 const char *rvalue,
4160 void *data,
4161 void *userdata) {
4162
4163 Unit *u = data;
4164 usec_t usec;
4165 int r;
4166
4167 assert(filename);
4168 assert(lvalue);
4169 assert(rvalue);
4170 assert(u);
4171
4172 r = parse_sec_fix_0(rvalue, &usec);
4173 if (r < 0) {
4174 log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
4175 return 0;
4176 }
4177
4178 u->job_running_timeout = usec;
4179 u->job_running_timeout_set = true;
4180
4181 return 0;
4182 }
4183
4184 #define FOLLOW_MAX 8
4185
4186 static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
4187 char *id = NULL;
4188 unsigned c = 0;
4189 int fd, r;
4190 FILE *f;
4191
4192 assert(filename);
4193 assert(*filename);
4194 assert(_f);
4195 assert(names);
4196
4197 /* This will update the filename pointer if the loaded file is
4198 * reached by a symlink. The old string will be freed. */
4199
4200 for (;;) {
4201 char *target, *name;
4202
4203 if (c++ >= FOLLOW_MAX)
4204 return -ELOOP;
4205
4206 path_simplify(*filename, false);
4207
4208 /* Add the file name we are currently looking at to
4209 * the names of this unit, but only if it is a valid
4210 * unit name. */
4211 name = basename(*filename);
4212 if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
4213
4214 id = set_get(names, name);
4215 if (!id) {
4216 id = strdup(name);
4217 if (!id)
4218 return -ENOMEM;
4219
4220 r = set_consume(names, id);
4221 if (r < 0)
4222 return r;
4223 }
4224 }
4225
4226 /* Try to open the file name, but don't if its a symlink */
4227 fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
4228 if (fd >= 0)
4229 break;
4230
4231 if (errno != ELOOP)
4232 return -errno;
4233
4234 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4235 r = readlink_and_make_absolute(*filename, &target);
4236 if (r < 0)
4237 return r;
4238
4239 free_and_replace(*filename, target);
4240 }
4241
4242 f = fdopen(fd, "re");
4243 if (!f) {
4244 safe_close(fd);
4245 return -errno;
4246 }
4247
4248 *_f = f;
4249 *_final = id;
4250
4251 return 0;
4252 }
4253
4254 static int merge_by_names(Unit **u, Set *names, const char *id) {
4255 char *k;
4256 int r;
4257
4258 assert(u);
4259 assert(*u);
4260 assert(names);
4261
4262 /* Let's try to add in all symlink names we found */
4263 while ((k = set_steal_first(names))) {
4264
4265 /* First try to merge in the other name into our
4266 * unit */
4267 r = unit_merge_by_name(*u, k);
4268 if (r < 0) {
4269 Unit *other;
4270
4271 /* Hmm, we couldn't merge the other unit into
4272 * ours? Then let's try it the other way
4273 * round */
4274
4275 /* If the symlink name we are looking at is unit template, then
4276 we must search for instance of this template */
4277 if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
4278 _cleanup_free_ char *instance = NULL;
4279
4280 r = unit_name_replace_instance(k, (*u)->instance, &instance);
4281 if (r < 0)
4282 return r;
4283
4284 other = manager_get_unit((*u)->manager, instance);
4285 } else
4286 other = manager_get_unit((*u)->manager, k);
4287
4288 free(k);
4289
4290 if (other) {
4291 r = unit_merge(other, *u);
4292 if (r >= 0) {
4293 *u = other;
4294 return merge_by_names(u, names, NULL);
4295 }
4296 }
4297
4298 return r;
4299 }
4300
4301 if (id == k)
4302 unit_choose_id(*u, id);
4303
4304 free(k);
4305 }
4306
4307 return 0;
4308 }
4309
4310 static int load_from_path(Unit *u, const char *path) {
4311 _cleanup_set_free_free_ Set *symlink_names = NULL;
4312 _cleanup_fclose_ FILE *f = NULL;
4313 _cleanup_free_ char *filename = NULL;
4314 char *id = NULL;
4315 Unit *merged;
4316 struct stat st;
4317 int r;
4318
4319 assert(u);
4320 assert(path);
4321
4322 symlink_names = set_new(&string_hash_ops);
4323 if (!symlink_names)
4324 return -ENOMEM;
4325
4326 if (path_is_absolute(path)) {
4327
4328 filename = strdup(path);
4329 if (!filename)
4330 return -ENOMEM;
4331
4332 r = open_follow(&filename, &f, symlink_names, &id);
4333 if (r < 0) {
4334 filename = mfree(filename);
4335 if (r != -ENOENT)
4336 return r;
4337 }
4338
4339 } else {
4340 char **p;
4341
4342 STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
4343
4344 /* Instead of opening the path right away, we manually
4345 * follow all symlinks and add their name to our unit
4346 * name set while doing so */
4347 filename = path_make_absolute(path, *p);
4348 if (!filename)
4349 return -ENOMEM;
4350
4351 if (u->manager->unit_path_cache &&
4352 !set_get(u->manager->unit_path_cache, filename))
4353 r = -ENOENT;
4354 else
4355 r = open_follow(&filename, &f, symlink_names, &id);
4356 if (r >= 0)
4357 break;
4358 filename = mfree(filename);
4359
4360 /* ENOENT means that the file is missing or is a dangling symlink.
4361 * ENOTDIR means that one of paths we expect to be is a directory
4362 * is not a directory, we should just ignore that.
4363 * EACCES means that the directory or file permissions are wrong.
4364 */
4365 if (r == -EACCES)
4366 log_debug_errno(r, "Cannot access \"%s\": %m", filename);
4367 else if (!IN_SET(r, -ENOENT, -ENOTDIR))
4368 return r;
4369
4370 /* Empty the symlink names for the next run */
4371 set_clear_free(symlink_names);
4372 }
4373 }
4374
4375 if (!filename)
4376 /* Hmm, no suitable file found? */
4377 return 0;
4378
4379 if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
4380 log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
4381 return -ELOOP;
4382 }
4383
4384 merged = u;
4385 r = merge_by_names(&merged, symlink_names, id);
4386 if (r < 0)
4387 return r;
4388
4389 if (merged != u) {
4390 u->load_state = UNIT_MERGED;
4391 return 0;
4392 }
4393
4394 if (fstat(fileno(f), &st) < 0)
4395 return -errno;
4396
4397 if (null_or_empty(&st)) {
4398 u->load_state = UNIT_MASKED;
4399 u->fragment_mtime = 0;
4400 } else {
4401 u->load_state = UNIT_LOADED;
4402 u->fragment_mtime = timespec_load(&st.st_mtim);
4403
4404 /* Now, parse the file contents */
4405 r = config_parse(u->id, filename, f,
4406 UNIT_VTABLE(u)->sections,
4407 config_item_perf_lookup, load_fragment_gperf_lookup,
4408 CONFIG_PARSE_ALLOW_INCLUDE, u);
4409 if (r < 0)
4410 return r;
4411 }
4412
4413 free_and_replace(u->fragment_path, filename);
4414
4415 if (u->source_path) {
4416 if (stat(u->source_path, &st) >= 0)
4417 u->source_mtime = timespec_load(&st.st_mtim);
4418 else
4419 u->source_mtime = 0;
4420 }
4421
4422 return 0;
4423 }
4424
4425 int unit_load_fragment(Unit *u) {
4426 int r;
4427 Iterator i;
4428 const char *t;
4429
4430 assert(u);
4431 assert(u->load_state == UNIT_STUB);
4432 assert(u->id);
4433
4434 if (u->transient) {
4435 u->load_state = UNIT_LOADED;
4436 return 0;
4437 }
4438
4439 /* First, try to find the unit under its id. We always look
4440 * for unit files in the default directories, to make it easy
4441 * to override things by placing things in /etc/systemd/system */
4442 r = load_from_path(u, u->id);
4443 if (r < 0)
4444 return r;
4445
4446 /* Try to find an alias we can load this with */
4447 if (u->load_state == UNIT_STUB) {
4448 SET_FOREACH(t, u->names, i) {
4449
4450 if (t == u->id)
4451 continue;
4452
4453 r = load_from_path(u, t);
4454 if (r < 0)
4455 return r;
4456
4457 if (u->load_state != UNIT_STUB)
4458 break;
4459 }
4460 }
4461
4462 /* And now, try looking for it under the suggested (originally linked) path */
4463 if (u->load_state == UNIT_STUB && u->fragment_path) {
4464
4465 r = load_from_path(u, u->fragment_path);
4466 if (r < 0)
4467 return r;
4468
4469 if (u->load_state == UNIT_STUB)
4470 /* Hmm, this didn't work? Then let's get rid
4471 * of the fragment path stored for us, so that
4472 * we don't point to an invalid location. */
4473 u->fragment_path = mfree(u->fragment_path);
4474 }
4475
4476 /* Look for a template */
4477 if (u->load_state == UNIT_STUB && u->instance) {
4478 _cleanup_free_ char *k = NULL;
4479
4480 r = unit_name_template(u->id, &k);
4481 if (r < 0)
4482 return r;
4483
4484 r = load_from_path(u, k);
4485 if (r < 0) {
4486 if (r == -ENOEXEC)
4487 log_unit_notice(u, "Unit configuration has fatal error, unit will not be started.");
4488 return r;
4489 }
4490
4491 if (u->load_state == UNIT_STUB) {
4492 SET_FOREACH(t, u->names, i) {
4493 _cleanup_free_ char *z = NULL;
4494
4495 if (t == u->id)
4496 continue;
4497
4498 r = unit_name_template(t, &z);
4499 if (r < 0)
4500 return r;
4501
4502 r = load_from_path(u, z);
4503 if (r < 0)
4504 return r;
4505
4506 if (u->load_state != UNIT_STUB)
4507 break;
4508 }
4509 }
4510 }
4511
4512 return 0;
4513 }
4514
4515 void unit_dump_config_items(FILE *f) {
4516 static const struct {
4517 const ConfigParserCallback callback;
4518 const char *rvalue;
4519 } table[] = {
4520 { config_parse_warn_compat, "NOTSUPPORTED" },
4521 { config_parse_int, "INTEGER" },
4522 { config_parse_unsigned, "UNSIGNED" },
4523 { config_parse_iec_size, "SIZE" },
4524 { config_parse_iec_uint64, "SIZE" },
4525 { config_parse_si_size, "SIZE" },
4526 { config_parse_bool, "BOOLEAN" },
4527 { config_parse_string, "STRING" },
4528 { config_parse_path, "PATH" },
4529 { config_parse_unit_path_printf, "PATH" },
4530 { config_parse_strv, "STRING [...]" },
4531 { config_parse_exec_nice, "NICE" },
4532 { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
4533 { config_parse_exec_io_class, "IOCLASS" },
4534 { config_parse_exec_io_priority, "IOPRIORITY" },
4535 { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
4536 { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
4537 { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
4538 { config_parse_mode, "MODE" },
4539 { config_parse_unit_env_file, "FILE" },
4540 { config_parse_exec_output, "OUTPUT" },
4541 { config_parse_exec_input, "INPUT" },
4542 { config_parse_log_facility, "FACILITY" },
4543 { config_parse_log_level, "LEVEL" },
4544 { config_parse_exec_secure_bits, "SECUREBITS" },
4545 { config_parse_capability_set, "BOUNDINGSET" },
4546 { config_parse_rlimit, "LIMIT" },
4547 { config_parse_unit_deps, "UNIT [...]" },
4548 { config_parse_exec, "PATH [ARGUMENT [...]]" },
4549 { config_parse_service_type, "SERVICETYPE" },
4550 { config_parse_service_restart, "SERVICERESTART" },
4551 { config_parse_kill_mode, "KILLMODE" },
4552 { config_parse_signal, "SIGNAL" },
4553 { config_parse_socket_listen, "SOCKET [...]" },
4554 { config_parse_socket_bind, "SOCKETBIND" },
4555 { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
4556 { config_parse_sec, "SECONDS" },
4557 { config_parse_nsec, "NANOSECONDS" },
4558 { config_parse_namespace_path_strv, "PATH [...]" },
4559 { config_parse_bind_paths, "PATH[:PATH[:OPTIONS]] [...]" },
4560 { config_parse_unit_requires_mounts_for, "PATH [...]" },
4561 { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
4562 { config_parse_unit_string_printf, "STRING" },
4563 { config_parse_trigger_unit, "UNIT" },
4564 { config_parse_timer, "TIMER" },
4565 { config_parse_path_spec, "PATH" },
4566 { config_parse_notify_access, "ACCESS" },
4567 { config_parse_ip_tos, "TOS" },
4568 { config_parse_unit_condition_path, "CONDITION" },
4569 { config_parse_unit_condition_string, "CONDITION" },
4570 { config_parse_unit_condition_null, "CONDITION" },
4571 { config_parse_unit_slice, "SLICE" },
4572 { config_parse_documentation, "URL" },
4573 { config_parse_service_timeout, "SECONDS" },
4574 { config_parse_emergency_action, "ACTION" },
4575 { config_parse_set_status, "STATUS" },
4576 { config_parse_service_sockets, "SOCKETS" },
4577 { config_parse_environ, "ENVIRON" },
4578 #if HAVE_SECCOMP
4579 { config_parse_syscall_filter, "SYSCALLS" },
4580 { config_parse_syscall_archs, "ARCHS" },
4581 { config_parse_syscall_errno, "ERRNO" },
4582 { config_parse_address_families, "FAMILIES" },
4583 { config_parse_restrict_namespaces, "NAMESPACES" },
4584 #endif
4585 { config_parse_cpu_shares, "SHARES" },
4586 { config_parse_cg_weight, "WEIGHT" },
4587 { config_parse_memory_limit, "LIMIT" },
4588 { config_parse_device_allow, "DEVICE" },
4589 { config_parse_device_policy, "POLICY" },
4590 { config_parse_io_limit, "LIMIT" },
4591 { config_parse_io_device_weight, "DEVICEWEIGHT" },
4592 { config_parse_blockio_bandwidth, "BANDWIDTH" },
4593 { config_parse_blockio_weight, "WEIGHT" },
4594 { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
4595 { config_parse_long, "LONG" },
4596 { config_parse_socket_service, "SERVICE" },
4597 #if HAVE_SELINUX
4598 { config_parse_exec_selinux_context, "LABEL" },
4599 #endif
4600 { config_parse_job_mode, "MODE" },
4601 { config_parse_job_mode_isolate, "BOOLEAN" },
4602 { config_parse_personality, "PERSONALITY" },
4603 };
4604
4605 const char *prev = NULL;
4606 const char *i;
4607
4608 assert(f);
4609
4610 NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
4611 const char *rvalue = "OTHER", *lvalue;
4612 const ConfigPerfItem *p;
4613 size_t prefix_len;
4614 const char *dot;
4615 unsigned j;
4616
4617 assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
4618
4619 /* Hide legacy settings */
4620 if (p->parse == config_parse_warn_compat &&
4621 p->ltype == DISABLED_LEGACY)
4622 continue;
4623
4624 for (j = 0; j < ELEMENTSOF(table); j++)
4625 if (p->parse == table[j].callback) {
4626 rvalue = table[j].rvalue;
4627 break;
4628 }
4629
4630 dot = strchr(i, '.');
4631 lvalue = dot ? dot + 1 : i;
4632 prefix_len = dot-i;
4633
4634 if (dot)
4635 if (!prev || !strneq(prev, i, prefix_len+1)) {
4636 if (prev)
4637 fputc('\n', f);
4638
4639 fprintf(f, "[%.*s]\n", (int) prefix_len, i);
4640 }
4641
4642 fprintf(f, "%s=%s\n", lvalue, rvalue);
4643 prev = i;
4644 }
4645 }
Unnamed repository; edit this file 'description' to name the repository.