1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2012 Holger Hans Peter Freyther
14 #include <sys/resource.h>
17 #include "alloc-util.h"
18 #include "all-units.h"
19 #include "bpf-firewall.h"
20 #include "bus-error.h"
21 #include "bus-internal.h"
24 #include "capability-util.h"
25 #include "cgroup-setup.h"
26 #include "conf-parser.h"
27 #include "cpu-set-util.h"
29 #include "errno-list.h"
33 #include "hexdecoct.h"
36 #include "ip-protocol-list.h"
37 #include "journal-util.h"
38 #include "limits-util.h"
39 #include "load-fragment.h"
41 #include "mountpoint-util.h"
42 #include "nulstr-util.h"
43 #include "parse-util.h"
44 #include "path-util.h"
45 #include "process-util.h"
47 #include "seccomp-util.h"
49 #include "securebits-util.h"
50 #include "signal-util.h"
51 #include "socket-netlink.h"
52 #include "stat-util.h"
53 #include "string-util.h"
55 #include "syslog-util.h"
56 #include "time-util.h"
57 #include "unit-name.h"
58 #include "unit-printf.h"
59 #include "user-util.h"
62 static int parse_socket_protocol(const char *s
) {
65 r
= parse_ip_protocol(s
);
68 if (!IN_SET(r
, IPPROTO_UDPLITE
, IPPROTO_SCTP
))
69 return -EPROTONOSUPPORT
;
74 int parse_crash_chvt(const char *value
, int *data
) {
77 if (safe_atoi(value
, data
) >= 0)
80 b
= parse_boolean(value
);
85 *data
= 0; /* switch to where kmsg goes */
87 *data
= -1; /* turn off switching */
92 int parse_confirm_spawn(const char *value
, char **console
) {
96 r
= value
? parse_boolean(value
) : 1;
100 } else if (r
> 0) /* on with default tty */
101 s
= strdup("/dev/console");
102 else if (is_path(value
)) /* on with fully qualified path */
104 else /* on with only a tty file name, not a fully qualified path */
105 s
= path_join("/dev/", value
);
113 DEFINE_CONFIG_PARSE(config_parse_socket_protocol
, parse_socket_protocol
, "Failed to parse socket protocol");
114 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits
, secure_bits_from_string
, "Failed to parse secure bits");
115 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode
, collect_mode
, CollectMode
, "Failed to parse garbage collection mode");
116 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy
, cgroup_device_policy
, CGroupDevicePolicy
, "Failed to parse device policy");
117 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode
, exec_keyring_mode
, ExecKeyringMode
, "Failed to parse keyring mode");
118 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode
, exec_utmp_mode
, ExecUtmpMode
, "Failed to parse utmp mode");
119 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode
, job_mode
, JobMode
, "Failed to parse job mode");
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access
, notify_access
, NotifyAccess
, "Failed to parse notify access specifier");
121 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home
, protect_home
, ProtectHome
, "Failed to parse protect home value");
122 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system
, protect_system
, ProtectSystem
, "Failed to parse protect system value");
123 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode
, exec_preserve_mode
, ExecPreserveMode
, "Failed to parse runtime directory preserve mode");
124 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type
, service_type
, ServiceType
, "Failed to parse service type");
125 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart
, service_restart
, ServiceRestart
, "Failed to parse service restart specifier");
126 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind
, socket_address_bind_ipv6_only_or_bool
, SocketAddressBindIPv6Only
, "Failed to parse bind IPv6 only value");
127 DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy
, oom_policy
, OOMPolicy
, "Failed to parse OOM policy");
128 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos
, ip_tos
, int, -1, "Failed to parse IP TOS value");
129 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight
, cg_blkio_weight_parse
, uint64_t, "Invalid block IO weight");
130 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight
, cg_weight_parse
, uint64_t, "Invalid weight");
131 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares
, cg_cpu_shares_parse
, uint64_t, "Invalid CPU shares");
132 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags
, mount_propagation_flags_from_string
, unsigned long, "Failed to parse mount flag");
133 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy
, mpol
, int, -1, "Invalid NUMA policy type");
134 DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format
, status_unit_format
, StatusUnitFormat
, "Failed to parse status unit format");
136 int config_parse_unit_deps(
138 const char *filename
,
141 unsigned section_line
,
148 UnitDependency d
= ltype
;
158 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
161 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_RETAIN_ESCAPE
);
167 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
171 r
= unit_name_printf(u
, word
, &k
);
173 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
177 r
= unit_add_dependency_by_name(u
, d
, k
, true, UNIT_DEPENDENCY_FILE
);
179 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
185 int config_parse_obsolete_unit_deps(
187 const char *filename
,
190 unsigned section_line
,
197 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
198 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue
, unit_dependency_to_string(ltype
));
200 return config_parse_unit_deps(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, data
, userdata
);
203 int config_parse_unit_string_printf(
205 const char *filename
,
208 unsigned section_line
,
215 _cleanup_free_
char *k
= NULL
;
216 const Unit
*u
= userdata
;
224 r
= unit_full_printf(u
, rvalue
, &k
);
226 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
230 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
233 int config_parse_unit_strv_printf(
235 const char *filename
,
238 unsigned section_line
,
245 const Unit
*u
= userdata
;
246 _cleanup_free_
char *k
= NULL
;
254 r
= unit_full_printf(u
, rvalue
, &k
);
256 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
260 return config_parse_strv(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
263 int config_parse_unit_path_printf(
265 const char *filename
,
268 unsigned section_line
,
275 _cleanup_free_
char *k
= NULL
;
276 const Unit
*u
= userdata
;
285 /* Let's not bother with anything that is too long */
286 if (strlen(rvalue
) >= PATH_MAX
) {
287 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
288 "%s value too long%s.",
289 lvalue
, fatal
? "" : ", ignoring");
290 return fatal
? -ENAMETOOLONG
: 0;
293 r
= unit_full_printf(u
, rvalue
, &k
);
295 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
296 "Failed to resolve unit specifiers in '%s'%s: %m",
297 rvalue
, fatal
? "" : ", ignoring");
298 return fatal
? -ENOEXEC
: 0;
301 return config_parse_path(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
304 int config_parse_unit_path_strv_printf(
306 const char *filename
,
309 unsigned section_line
,
317 const Unit
*u
= userdata
;
326 if (isempty(rvalue
)) {
332 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
334 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
340 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
341 "Invalid syntax, ignoring: %s", rvalue
);
345 r
= unit_full_printf(u
, word
, &k
);
347 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
348 "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
352 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
356 r
= strv_consume(x
, TAKE_PTR(k
));
362 static int patch_var_run(
364 const char *filename
,
372 e
= path_startswith(*path
, "/var/run/");
376 z
= path_join("/run/", e
);
380 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
381 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
382 "please update the unit file accordingly.", lvalue
, *path
, z
);
384 free_and_replace(*path
, z
);
389 int config_parse_socket_listen(
391 const char *filename
,
394 unsigned section_line
,
401 _cleanup_free_ SocketPort
*p
= NULL
;
413 if (isempty(rvalue
)) {
414 /* An empty assignment removes all ports */
415 socket_free_ports(s
);
419 p
= new0(SocketPort
, 1);
423 if (ltype
!= SOCKET_SOCKET
) {
424 _cleanup_free_
char *k
= NULL
;
426 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
428 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
432 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
436 if (ltype
== SOCKET_FIFO
) {
437 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
442 free_and_replace(p
->path
, k
);
445 } else if (streq(lvalue
, "ListenNetlink")) {
446 _cleanup_free_
char *k
= NULL
;
448 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
450 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
454 r
= socket_address_parse_netlink(&p
->address
, k
);
456 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
460 p
->type
= SOCKET_SOCKET
;
463 _cleanup_free_
char *k
= NULL
;
465 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
467 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
471 if (k
[0] == '/') { /* Only for AF_UNIX file system sockets… */
472 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
477 r
= socket_address_parse_and_warn(&p
->address
, k
);
479 if (r
!= -EAFNOSUPPORT
)
480 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
484 if (streq(lvalue
, "ListenStream"))
485 p
->address
.type
= SOCK_STREAM
;
486 else if (streq(lvalue
, "ListenDatagram"))
487 p
->address
.type
= SOCK_DGRAM
;
489 assert(streq(lvalue
, "ListenSequentialPacket"));
490 p
->address
.type
= SOCK_SEQPACKET
;
493 if (socket_address_family(&p
->address
) != AF_LOCAL
&& p
->address
.type
== SOCK_SEQPACKET
) {
494 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Address family not supported, ignoring: %s", rvalue
);
498 p
->type
= SOCKET_SOCKET
;
502 p
->auxiliary_fds
= NULL
;
503 p
->n_auxiliary_fds
= 0;
506 LIST_FIND_TAIL(port
, s
->ports
, tail
);
507 LIST_INSERT_AFTER(port
, s
->ports
, tail
, p
);
514 int config_parse_exec_nice(
516 const char *filename
,
519 unsigned section_line
,
526 ExecContext
*c
= data
;
534 if (isempty(rvalue
)) {
539 r
= parse_nice(rvalue
, &priority
);
542 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Nice priority out of range, ignoring: %s", rvalue
);
544 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse nice priority '%s', ignoring: %m", rvalue
);
554 int config_parse_exec_oom_score_adjust(
556 const char *filename
,
559 unsigned section_line
,
566 ExecContext
*c
= data
;
574 if (isempty(rvalue
)) {
575 c
->oom_score_adjust_set
= false;
579 r
= parse_oom_score_adjust(rvalue
, &oa
);
582 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "OOM score adjust value out of range, ignoring: %s", rvalue
);
584 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue
);
588 c
->oom_score_adjust
= oa
;
589 c
->oom_score_adjust_set
= true;
594 int config_parse_exec_coredump_filter(
596 const char *filename
,
599 unsigned section_line
,
606 ExecContext
*c
= data
;
614 if (isempty(rvalue
)) {
615 c
->coredump_filter
= 0;
616 c
->coredump_filter_set
= false;
621 r
= coredump_filter_mask_from_string(rvalue
, &f
);
623 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
624 "Failed to parse the CoredumpFilter=%s, ignoring: %m", rvalue
);
628 c
->coredump_filter
|= f
;
629 c
->oom_score_adjust_set
= true;
633 int config_parse_kill_mode(
635 const char *filename
,
638 unsigned section_line
,
645 KillMode
*k
= data
, m
;
652 if (isempty(rvalue
)) {
653 *k
= KILL_CONTROL_GROUP
;
657 m
= kill_mode_from_string(rvalue
);
659 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
660 "Failed to parse kill mode specification, ignoring: %s", rvalue
);
665 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
666 "Unit configured to use KillMode=none. "
667 "This is unsafe, as it disables systemd's process life-cycle management for the service. "
668 "Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. "
669 "Support for KillMode=none is deprecated and will eventually be removed.");
675 int config_parse_exec(
677 const char *filename
,
680 unsigned section_line
,
687 ExecCommand
**e
= data
;
688 const Unit
*u
= userdata
;
700 if (isempty(rvalue
)) {
701 /* An empty assignment resets the list */
702 *e
= exec_command_free_list(*e
);
708 _cleanup_free_
char *path
= NULL
, *firstword
= NULL
;
709 ExecCommandFlags flags
= 0;
710 bool ignore
= false, separate_argv0
= false;
711 _cleanup_free_ ExecCommand
*nce
= NULL
;
712 _cleanup_strv_free_
char **n
= NULL
;
713 size_t nlen
= 0, nbufsize
= 0;
718 r
= extract_first_word_and_warn(&p
, &firstword
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
724 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
725 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
726 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
727 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
728 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
729 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
730 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
731 * other sandboxing, with some special exceptions for changing UID.
733 * The idea is that '!!' may be used to write services that can take benefit of systemd's
734 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
735 * privilege dropping within the daemon if the kernel does not offer that. */
737 if (*f
== '-' && !(flags
& EXEC_COMMAND_IGNORE_FAILURE
)) {
738 flags
|= EXEC_COMMAND_IGNORE_FAILURE
;
740 } else if (*f
== '@' && !separate_argv0
)
741 separate_argv0
= true;
742 else if (*f
== ':' && !(flags
& EXEC_COMMAND_NO_ENV_EXPAND
))
743 flags
|= EXEC_COMMAND_NO_ENV_EXPAND
;
744 else if (*f
== '+' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
745 flags
|= EXEC_COMMAND_FULLY_PRIVILEGED
;
746 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
747 flags
|= EXEC_COMMAND_NO_SETUID
;
748 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_AMBIENT_MAGIC
))) {
749 flags
&= ~EXEC_COMMAND_NO_SETUID
;
750 flags
|= EXEC_COMMAND_AMBIENT_MAGIC
;
756 r
= unit_full_printf(u
, f
, &path
);
758 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
759 "Failed to resolve unit specifiers in '%s'%s: %m",
760 f
, ignore
? ", ignoring" : "");
761 return ignore
? 0 : -ENOEXEC
;
765 /* First word is either "-" or "@" with no command. */
766 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
767 "Empty path in command line%s: '%s'",
768 ignore
? ", ignoring" : "", rvalue
);
769 return ignore
? 0 : -ENOEXEC
;
771 if (!string_is_safe(path
)) {
772 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
773 "Executable name contains special characters%s: %s",
774 ignore
? ", ignoring" : "", path
);
775 return ignore
? 0 : -ENOEXEC
;
777 if (endswith(path
, "/")) {
778 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
779 "Executable path specifies a directory%s: %s",
780 ignore
? ", ignoring" : "", path
);
781 return ignore
? 0 : -ENOEXEC
;
784 if (!path_is_absolute(path
)) {
788 if (!filename_is_valid(path
)) {
789 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
790 "Neither a valid executable name nor an absolute path%s: %s",
791 ignore
? ", ignoring" : "", path
);
792 return ignore
? 0 : -ENOEXEC
;
795 /* Resolve a single-component name to a full path */
796 NULSTR_FOREACH(prefix
, DEFAULT_PATH_NULSTR
) {
797 _cleanup_free_
char *fullpath
= NULL
;
799 fullpath
= path_join(prefix
, path
);
803 if (access(fullpath
, F_OK
) >= 0) {
804 free_and_replace(path
, fullpath
);
811 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
812 "Executable \"%s\" not found in path \"%s\"%s",
813 path
, DEFAULT_PATH
, ignore
? ", ignoring" : "");
814 return ignore
? 0 : -ENOEXEC
;
818 if (!separate_argv0
) {
821 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
831 path_simplify(path
, false);
833 while (!isempty(p
)) {
834 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
836 /* Check explicitly for an unquoted semicolon as
837 * command separator token. */
838 if (p
[0] == ';' && (!p
[1] || strchr(WHITESPACE
, p
[1]))) {
840 p
+= strspn(p
, WHITESPACE
);
845 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
846 * extract_first_word() would return the same for all of those. */
847 if (p
[0] == '\\' && p
[1] == ';' && (!p
[2] || strchr(WHITESPACE
, p
[2]))) {
851 p
+= strspn(p
, WHITESPACE
);
853 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
864 r
= extract_first_word_and_warn(&p
, &word
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
868 return ignore
? 0 : -ENOEXEC
;
870 r
= unit_full_printf(u
, word
, &resolved
);
872 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
873 "Failed to resolve unit specifiers in %s%s: %m",
874 word
, ignore
? ", ignoring" : "");
875 return ignore
? 0 : -ENOEXEC
;
878 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
881 n
[nlen
++] = TAKE_PTR(resolved
);
886 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
887 "Empty executable name or zeroeth argument%s: %s",
888 ignore
? ", ignoring" : "", rvalue
);
889 return ignore
? 0 : -ENOEXEC
;
892 nce
= new0(ExecCommand
, 1);
896 nce
->argv
= TAKE_PTR(n
);
897 nce
->path
= TAKE_PTR(path
);
900 exec_command_append_list(e
, nce
);
902 /* Do not _cleanup_free_ these. */
911 int config_parse_socket_bindtodevice(
913 const char *filename
,
916 unsigned section_line
,
930 if (isempty(rvalue
) || streq(rvalue
, "*")) {
931 s
->bind_to_device
= mfree(s
->bind_to_device
);
935 if (!ifname_valid(rvalue
)) {
936 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid interface name, ignoring: %s", rvalue
);
940 if (free_and_strdup(&s
->bind_to_device
, rvalue
) < 0)
946 int config_parse_exec_input(
948 const char *filename
,
951 unsigned section_line
,
958 ExecContext
*c
= data
;
959 const Unit
*u
= userdata
;
969 n
= startswith(rvalue
, "fd:");
971 _cleanup_free_
char *resolved
= NULL
;
973 r
= unit_full_printf(u
, n
, &resolved
);
975 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
977 if (isempty(resolved
))
978 resolved
= mfree(resolved
);
979 else if (!fdname_is_valid(resolved
)) {
980 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
984 free_and_replace(c
->stdio_fdname
[STDIN_FILENO
], resolved
);
986 ei
= EXEC_INPUT_NAMED_FD
;
988 } else if ((n
= startswith(rvalue
, "file:"))) {
989 _cleanup_free_
char *resolved
= NULL
;
991 r
= unit_full_printf(u
, n
, &resolved
);
993 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
995 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
999 free_and_replace(c
->stdio_file
[STDIN_FILENO
], resolved
);
1001 ei
= EXEC_INPUT_FILE
;
1004 ei
= exec_input_from_string(rvalue
);
1006 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse input specifier, ignoring: %s", rvalue
);
1015 int config_parse_exec_input_text(
1017 const char *filename
,
1019 const char *section
,
1020 unsigned section_line
,
1027 _cleanup_free_
char *unescaped
= NULL
, *resolved
= NULL
;
1028 ExecContext
*c
= data
;
1029 const Unit
*u
= userdata
;
1039 if (isempty(rvalue
)) {
1040 /* Reset if the empty string is assigned */
1041 c
->stdin_data
= mfree(c
->stdin_data
);
1042 c
->stdin_data_size
= 0;
1046 r
= cunescape(rvalue
, 0, &unescaped
);
1048 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode C escaped text '%s': %m", rvalue
);
1050 r
= unit_full_printf(u
, unescaped
, &resolved
);
1052 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", unescaped
);
1054 sz
= strlen(resolved
);
1055 if (c
->stdin_data_size
+ sz
+ 1 < c
->stdin_data_size
|| /* check for overflow */
1056 c
->stdin_data_size
+ sz
+ 1 > EXEC_STDIN_DATA_MAX
) {
1057 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
1061 p
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
+ 1);
1065 *((char*) mempcpy((char*) p
+ c
->stdin_data_size
, resolved
, sz
)) = '\n';
1068 c
->stdin_data_size
+= sz
+ 1;
1073 int config_parse_exec_input_data(
1075 const char *filename
,
1077 const char *section
,
1078 unsigned section_line
,
1085 _cleanup_free_
void *p
= NULL
;
1086 ExecContext
*c
= data
;
1096 if (isempty(rvalue
)) {
1097 /* Reset if the empty string is assigned */
1098 c
->stdin_data
= mfree(c
->stdin_data
);
1099 c
->stdin_data_size
= 0;
1103 r
= unbase64mem(rvalue
, (size_t) -1, &p
, &sz
);
1105 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode base64 data, ignoring: %s", rvalue
);
1109 if (c
->stdin_data_size
+ sz
< c
->stdin_data_size
|| /* check for overflow */
1110 c
->stdin_data_size
+ sz
> EXEC_STDIN_DATA_MAX
) {
1111 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
1115 q
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
);
1119 memcpy((uint8_t*) q
+ c
->stdin_data_size
, p
, sz
);
1122 c
->stdin_data_size
+= sz
;
1127 int config_parse_exec_output(
1129 const char *filename
,
1131 const char *section
,
1132 unsigned section_line
,
1139 _cleanup_free_
char *resolved
= NULL
;
1141 ExecContext
*c
= data
;
1142 const Unit
*u
= userdata
;
1143 bool obsolete
= false;
1153 n
= startswith(rvalue
, "fd:");
1155 r
= unit_full_printf(u
, n
, &resolved
);
1157 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1159 if (isempty(resolved
))
1160 resolved
= mfree(resolved
);
1161 else if (!fdname_is_valid(resolved
)) {
1162 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
1166 eo
= EXEC_OUTPUT_NAMED_FD
;
1168 } else if (streq(rvalue
, "syslog")) {
1169 eo
= EXEC_OUTPUT_JOURNAL
;
1172 } else if (streq(rvalue
, "syslog+console")) {
1173 eo
= EXEC_OUTPUT_JOURNAL_AND_CONSOLE
;
1176 } else if ((n
= startswith(rvalue
, "file:"))) {
1178 r
= unit_full_printf(u
, n
, &resolved
);
1180 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1182 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1186 eo
= EXEC_OUTPUT_FILE
;
1188 } else if ((n
= startswith(rvalue
, "append:"))) {
1190 r
= unit_full_printf(u
, n
, &resolved
);
1192 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1194 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1198 eo
= EXEC_OUTPUT_FILE_APPEND
;
1200 eo
= exec_output_from_string(rvalue
);
1202 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output specifier, ignoring: %s", rvalue
);
1208 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
1209 "Standard output type %s is obsolete, automatically updating to %s. Please update your unit file, and consider removing the setting altogether.",
1210 rvalue
, exec_output_to_string(eo
));
1212 if (streq(lvalue
, "StandardOutput")) {
1213 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1214 free_and_replace(c
->stdio_fdname
[STDOUT_FILENO
], resolved
);
1216 free_and_replace(c
->stdio_file
[STDOUT_FILENO
], resolved
);
1221 assert(streq(lvalue
, "StandardError"));
1223 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1224 free_and_replace(c
->stdio_fdname
[STDERR_FILENO
], resolved
);
1226 free_and_replace(c
->stdio_file
[STDERR_FILENO
], resolved
);
1234 int config_parse_exec_io_class(const char *unit
,
1235 const char *filename
,
1237 const char *section
,
1238 unsigned section_line
,
1245 ExecContext
*c
= data
;
1253 if (isempty(rvalue
)) {
1254 c
->ioprio_set
= false;
1255 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1259 x
= ioprio_class_from_string(rvalue
);
1261 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue
);
1265 c
->ioprio
= IOPRIO_PRIO_VALUE(x
, IOPRIO_PRIO_DATA(c
->ioprio
));
1266 c
->ioprio_set
= true;
1271 int config_parse_exec_io_priority(const char *unit
,
1272 const char *filename
,
1274 const char *section
,
1275 unsigned section_line
,
1282 ExecContext
*c
= data
;
1290 if (isempty(rvalue
)) {
1291 c
->ioprio_set
= false;
1292 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1296 r
= ioprio_parse_priority(rvalue
, &i
);
1298 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IO priority, ignoring: %s", rvalue
);
1302 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c
->ioprio
), i
);
1303 c
->ioprio_set
= true;
1308 int config_parse_exec_cpu_sched_policy(const char *unit
,
1309 const char *filename
,
1311 const char *section
,
1312 unsigned section_line
,
1319 ExecContext
*c
= data
;
1327 if (isempty(rvalue
)) {
1328 c
->cpu_sched_set
= false;
1329 c
->cpu_sched_policy
= SCHED_OTHER
;
1330 c
->cpu_sched_priority
= 0;
1334 x
= sched_policy_from_string(rvalue
);
1336 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue
);
1340 c
->cpu_sched_policy
= x
;
1341 /* Moving to or from real-time policy? We need to adjust the priority */
1342 c
->cpu_sched_priority
= CLAMP(c
->cpu_sched_priority
, sched_get_priority_min(x
), sched_get_priority_max(x
));
1343 c
->cpu_sched_set
= true;
1348 int config_parse_numa_mask(const char *unit
,
1349 const char *filename
,
1351 const char *section
,
1352 unsigned section_line
,
1359 NUMAPolicy
*p
= data
;
1366 r
= parse_cpu_set_extend(rvalue
, &p
->nodes
, true, unit
, filename
, line
, lvalue
);
1368 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse NUMA node mask, ignoring: %s", rvalue
);
1375 int config_parse_exec_cpu_sched_prio(const char *unit
,
1376 const char *filename
,
1378 const char *section
,
1379 unsigned section_line
,
1386 ExecContext
*c
= data
;
1394 r
= safe_atoi(rvalue
, &i
);
1396 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue
);
1400 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1401 min
= sched_get_priority_min(c
->cpu_sched_policy
);
1402 max
= sched_get_priority_max(c
->cpu_sched_policy
);
1404 if (i
< min
|| i
> max
) {
1405 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue
);
1409 c
->cpu_sched_priority
= i
;
1410 c
->cpu_sched_set
= true;
1415 int config_parse_exec_cpu_affinity(const char *unit
,
1416 const char *filename
,
1418 const char *section
,
1419 unsigned section_line
,
1426 ExecContext
*c
= data
;
1434 if (streq(rvalue
, "numa")) {
1435 c
->cpu_affinity_from_numa
= true;
1436 cpu_set_reset(&c
->cpu_set
);
1441 r
= parse_cpu_set_extend(rvalue
, &c
->cpu_set
, true, unit
, filename
, line
, lvalue
);
1443 c
->cpu_affinity_from_numa
= false;
1448 int config_parse_capability_set(
1450 const char *filename
,
1452 const char *section
,
1453 unsigned section_line
,
1460 uint64_t *capability_set
= data
;
1461 uint64_t sum
= 0, initial
= 0;
1462 bool invert
= false;
1470 if (rvalue
[0] == '~') {
1475 if (streq(lvalue
, "CapabilityBoundingSet"))
1476 initial
= CAP_ALL
; /* initialized to all bits on */
1477 /* else "AmbientCapabilities" initialized to all bits off */
1479 r
= capability_set_from_string(rvalue
, &sum
);
1481 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue
, rvalue
);
1485 if (sum
== 0 || *capability_set
== initial
)
1486 /* "", "~" or uninitialized data -> replace */
1487 *capability_set
= invert
? ~sum
: sum
;
1489 /* previous data -> merge */
1491 *capability_set
&= ~sum
;
1493 *capability_set
|= sum
;
1499 int config_parse_exec_selinux_context(
1501 const char *filename
,
1503 const char *section
,
1504 unsigned section_line
,
1511 ExecContext
*c
= data
;
1512 const Unit
*u
= userdata
;
1522 if (isempty(rvalue
)) {
1523 c
->selinux_context
= mfree(c
->selinux_context
);
1524 c
->selinux_context_ignore
= false;
1528 if (rvalue
[0] == '-') {
1534 r
= unit_full_printf(u
, rvalue
, &k
);
1536 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1537 "Failed to resolve unit specifiers in '%s'%s: %m",
1538 rvalue
, ignore
? ", ignoring" : "");
1539 return ignore
? 0 : -ENOEXEC
;
1542 free_and_replace(c
->selinux_context
, k
);
1543 c
->selinux_context_ignore
= ignore
;
1548 int config_parse_exec_apparmor_profile(
1550 const char *filename
,
1552 const char *section
,
1553 unsigned section_line
,
1560 ExecContext
*c
= data
;
1561 const Unit
*u
= userdata
;
1571 if (isempty(rvalue
)) {
1572 c
->apparmor_profile
= mfree(c
->apparmor_profile
);
1573 c
->apparmor_profile_ignore
= false;
1577 if (rvalue
[0] == '-') {
1583 r
= unit_full_printf(u
, rvalue
, &k
);
1585 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1586 "Failed to resolve unit specifiers in '%s'%s: %m",
1587 rvalue
, ignore
? ", ignoring" : "");
1588 return ignore
? 0 : -ENOEXEC
;
1591 free_and_replace(c
->apparmor_profile
, k
);
1592 c
->apparmor_profile_ignore
= ignore
;
1597 int config_parse_exec_smack_process_label(
1599 const char *filename
,
1601 const char *section
,
1602 unsigned section_line
,
1609 ExecContext
*c
= data
;
1610 const Unit
*u
= userdata
;
1620 if (isempty(rvalue
)) {
1621 c
->smack_process_label
= mfree(c
->smack_process_label
);
1622 c
->smack_process_label_ignore
= false;
1626 if (rvalue
[0] == '-') {
1632 r
= unit_full_printf(u
, rvalue
, &k
);
1634 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1635 "Failed to resolve unit specifiers in '%s'%s: %m",
1636 rvalue
, ignore
? ", ignoring" : "");
1637 return ignore
? 0 : -ENOEXEC
;
1640 free_and_replace(c
->smack_process_label
, k
);
1641 c
->smack_process_label_ignore
= ignore
;
1646 int config_parse_timer(
1648 const char *filename
,
1650 const char *section
,
1651 unsigned section_line
,
1658 _cleanup_(calendar_spec_freep
) CalendarSpec
*c
= NULL
;
1659 _cleanup_free_
char *k
= NULL
;
1660 const Unit
*u
= userdata
;
1671 if (isempty(rvalue
)) {
1672 /* Empty assignment resets list */
1673 timer_free_values(t
);
1677 r
= unit_full_printf(u
, rvalue
, &k
);
1679 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1683 if (ltype
== TIMER_CALENDAR
) {
1684 r
= calendar_spec_from_string(k
, &c
);
1686 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse calendar specification, ignoring: %s", k
);
1690 r
= parse_sec(k
, &usec
);
1692 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse timer value, ignoring: %s", k
);
1697 v
= new(TimerValue
, 1);
1704 .calendar_spec
= TAKE_PTR(c
),
1707 LIST_PREPEND(value
, t
->values
, v
);
1712 int config_parse_trigger_unit(
1714 const char *filename
,
1716 const char *section
,
1717 unsigned section_line
,
1724 _cleanup_free_
char *p
= NULL
;
1734 if (!hashmap_isempty(u
->dependencies
[UNIT_TRIGGERS
])) {
1735 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Multiple units to trigger specified, ignoring: %s", rvalue
);
1739 r
= unit_name_printf(u
, rvalue
, &p
);
1741 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1745 type
= unit_name_to_type(p
);
1747 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit type not valid, ignoring: %s", rvalue
);
1750 if (unit_has_name(u
, p
)) {
1751 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Units cannot trigger themselves, ignoring: %s", rvalue
);
1755 r
= unit_add_two_dependencies_by_name(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, p
, true, UNIT_DEPENDENCY_FILE
);
1757 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add trigger on %s, ignoring: %m", p
);
1764 int config_parse_path_spec(const char *unit
,
1765 const char *filename
,
1767 const char *section
,
1768 unsigned section_line
,
1778 _cleanup_free_
char *k
= NULL
;
1786 if (isempty(rvalue
)) {
1787 /* Empty assignment clears list */
1792 b
= path_type_from_string(lvalue
);
1794 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse path type, ignoring: %s", lvalue
);
1798 r
= unit_full_printf(UNIT(p
), rvalue
, &k
);
1800 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1804 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
1808 s
= new0(PathSpec
, 1);
1813 s
->path
= TAKE_PTR(k
);
1817 LIST_PREPEND(spec
, p
->specs
, s
);
1822 int config_parse_socket_service(
1824 const char *filename
,
1826 const char *section
,
1827 unsigned section_line
,
1834 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1835 _cleanup_free_
char *p
= NULL
;
1845 r
= unit_name_printf(UNIT(s
), rvalue
, &p
);
1847 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
1851 if (!endswith(p
, ".service")) {
1852 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type service: %s", rvalue
);
1856 r
= manager_load_unit(UNIT(s
)->manager
, p
, NULL
, &error
, &x
);
1858 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load unit %s: %s", rvalue
, bus_error_message(&error
, r
));
1862 unit_ref_set(&s
->service
, UNIT(s
), x
);
1867 int config_parse_fdname(
1869 const char *filename
,
1871 const char *section
,
1872 unsigned section_line
,
1879 _cleanup_free_
char *p
= NULL
;
1888 if (isempty(rvalue
)) {
1889 s
->fdname
= mfree(s
->fdname
);
1893 r
= unit_full_printf(UNIT(s
), rvalue
, &p
);
1895 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1899 if (!fdname_is_valid(p
)) {
1900 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", p
);
1904 return free_and_replace(s
->fdname
, p
);
1907 int config_parse_service_sockets(
1909 const char *filename
,
1911 const char *section
,
1912 unsigned section_line
,
1930 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
1932 r
= extract_first_word(&p
, &word
, NULL
, 0);
1938 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Trailing garbage in sockets, ignoring: %s", rvalue
);
1942 r
= unit_name_printf(UNIT(s
), word
, &k
);
1944 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
1948 if (!endswith(k
, ".socket")) {
1949 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type socket, ignoring: %s", k
);
1953 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_WANTS
, UNIT_AFTER
, k
, true, UNIT_DEPENDENCY_FILE
);
1955 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1957 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_TRIGGERED_BY
, k
, true, UNIT_DEPENDENCY_FILE
);
1959 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1965 int config_parse_bus_name(
1967 const char *filename
,
1969 const char *section
,
1970 unsigned section_line
,
1977 _cleanup_free_
char *k
= NULL
;
1978 const Unit
*u
= userdata
;
1986 r
= unit_full_printf(u
, rvalue
, &k
);
1988 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1992 if (!sd_bus_service_name_is_valid(k
)) {
1993 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid bus name, ignoring: %s", k
);
1997 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
2000 int config_parse_service_timeout(
2002 const char *filename
,
2004 const char *section
,
2005 unsigned section_line
,
2012 Service
*s
= userdata
;
2021 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
2023 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
2024 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
2025 * all other timeouts. */
2026 r
= parse_sec_fix_0(rvalue
, &usec
);
2028 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
2032 s
->start_timeout_defined
= true;
2033 s
->timeout_start_usec
= usec
;
2035 if (streq(lvalue
, "TimeoutSec"))
2036 s
->timeout_stop_usec
= usec
;
2041 int config_parse_timeout_abort(
2043 const char *filename
,
2045 const char *section
,
2046 unsigned section_line
,
2061 /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */
2063 if (isempty(rvalue
)) {
2065 return 0; /* "not set" */
2068 r
= parse_sec(rvalue
, ret
);
2070 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= setting, ignoring: %s", lvalue
, rvalue
);
2072 return 1; /* "set" */
2075 int config_parse_service_timeout_abort(
2077 const char *filename
,
2079 const char *section
,
2080 unsigned section_line
,
2087 Service
*s
= userdata
;
2092 r
= config_parse_timeout_abort(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
,
2093 &s
->timeout_abort_usec
, s
);
2095 s
->timeout_abort_set
= r
;
2099 int config_parse_sec_fix_0(
2101 const char *filename
,
2103 const char *section
,
2104 unsigned section_line
,
2111 usec_t
*usec
= data
;
2119 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2120 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2123 r
= parse_sec_fix_0(rvalue
, usec
);
2125 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
2132 int config_parse_user_group_compat(
2134 const char *filename
,
2136 const char *section
,
2137 unsigned section_line
,
2144 _cleanup_free_
char *k
= NULL
;
2146 const Unit
*u
= userdata
;
2154 if (isempty(rvalue
)) {
2155 *user
= mfree(*user
);
2159 r
= unit_full_printf(u
, rvalue
, &k
);
2161 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
2165 if (!valid_user_group_name(k
, VALID_USER_ALLOW_NUMERIC
|VALID_USER_RELAX
|VALID_USER_WARN
)) {
2166 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2170 return free_and_replace(*user
, k
);
2173 int config_parse_user_group_strv_compat(
2175 const char *filename
,
2177 const char *section
,
2178 unsigned section_line
,
2185 char ***users
= data
;
2186 const Unit
*u
= userdata
;
2187 const char *p
= rvalue
;
2195 if (isempty(rvalue
)) {
2196 *users
= strv_free(*users
);
2201 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2203 r
= extract_first_word(&p
, &word
, NULL
, 0);
2209 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax: %s", rvalue
);
2213 r
= unit_full_printf(u
, word
, &k
);
2215 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", word
);
2219 if (!valid_user_group_name(k
, VALID_USER_ALLOW_NUMERIC
|VALID_USER_RELAX
|VALID_USER_WARN
)) {
2220 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2224 r
= strv_push(users
, k
);
2234 int config_parse_working_directory(
2236 const char *filename
,
2238 const char *section
,
2239 unsigned section_line
,
2246 ExecContext
*c
= data
;
2247 const Unit
*u
= userdata
;
2257 if (isempty(rvalue
)) {
2258 c
->working_directory_home
= false;
2259 c
->working_directory
= mfree(c
->working_directory
);
2263 if (rvalue
[0] == '-') {
2269 if (streq(rvalue
, "~")) {
2270 c
->working_directory_home
= true;
2271 c
->working_directory
= mfree(c
->working_directory
);
2273 _cleanup_free_
char *k
= NULL
;
2275 r
= unit_full_printf(u
, rvalue
, &k
);
2277 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2278 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2279 rvalue
, missing_ok
? ", ignoring" : "");
2280 return missing_ok
? 0 : -ENOEXEC
;
2283 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
| (missing_ok
? 0 : PATH_CHECK_FATAL
), unit
, filename
, line
, lvalue
);
2285 return missing_ok
? 0 : -ENOEXEC
;
2287 c
->working_directory_home
= false;
2288 free_and_replace(c
->working_directory
, k
);
2291 c
->working_directory_missing_ok
= missing_ok
;
2295 int config_parse_unit_env_file(const char *unit
,
2296 const char *filename
,
2298 const char *section
,
2299 unsigned section_line
,
2307 const Unit
*u
= userdata
;
2308 _cleanup_free_
char *n
= NULL
;
2316 if (isempty(rvalue
)) {
2317 /* Empty assignment frees the list */
2318 *env
= strv_free(*env
);
2322 r
= unit_full_printf(u
, rvalue
, &n
);
2324 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2328 r
= path_simplify_and_warn(n
[0] == '-' ? n
+ 1 : n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2332 r
= strv_push(env
, n
);
2341 int config_parse_environ(
2343 const char *filename
,
2345 const char *section
,
2346 unsigned section_line
,
2353 const Unit
*u
= userdata
;
2363 if (isempty(rvalue
)) {
2364 /* Empty assignment resets the list */
2365 *env
= strv_free(*env
);
2369 for (p
= rvalue
;; ) {
2370 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2372 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2378 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2379 "Invalid syntax, ignoring: %s", rvalue
);
2384 r
= unit_full_printf(u
, word
, &k
);
2386 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2387 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2393 if (!env_assignment_is_valid(k
)) {
2394 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2395 "Invalid environment assignment, ignoring: %s", k
);
2399 r
= strv_env_replace(env
, k
);
2407 int config_parse_pass_environ(
2409 const char *filename
,
2411 const char *section
,
2412 unsigned section_line
,
2419 _cleanup_strv_free_
char **n
= NULL
;
2420 size_t nlen
= 0, nbufsize
= 0;
2421 char*** passenv
= data
;
2422 const char *p
= rvalue
;
2423 const Unit
*u
= userdata
;
2431 if (isempty(rvalue
)) {
2432 /* Empty assignment resets the list */
2433 *passenv
= strv_free(*passenv
);
2438 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2440 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2446 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2447 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2452 r
= unit_full_printf(u
, word
, &k
);
2454 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2455 "Failed to resolve specifiers in %s, ignoring: %m", word
);
2461 if (!env_name_is_valid(k
)) {
2462 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2463 "Invalid environment name for %s, ignoring: %s", lvalue
, k
);
2467 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2470 n
[nlen
++] = TAKE_PTR(k
);
2475 r
= strv_extend_strv(passenv
, n
, true);
2483 int config_parse_unset_environ(
2485 const char *filename
,
2487 const char *section
,
2488 unsigned section_line
,
2495 _cleanup_strv_free_
char **n
= NULL
;
2496 size_t nlen
= 0, nbufsize
= 0;
2497 char*** unsetenv
= data
;
2498 const char *p
= rvalue
;
2499 const Unit
*u
= userdata
;
2507 if (isempty(rvalue
)) {
2508 /* Empty assignment resets the list */
2509 *unsetenv
= strv_free(*unsetenv
);
2514 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2516 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2522 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2523 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2528 r
= unit_full_printf(u
, word
, &k
);
2530 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2531 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2537 if (!env_assignment_is_valid(k
) && !env_name_is_valid(k
)) {
2538 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2539 "Invalid environment name or assignment %s, ignoring: %s", lvalue
, k
);
2543 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2546 n
[nlen
++] = TAKE_PTR(k
);
2551 r
= strv_extend_strv(unsetenv
, n
, true);
2559 int config_parse_log_extra_fields(
2561 const char *filename
,
2563 const char *section
,
2564 unsigned section_line
,
2571 ExecContext
*c
= data
;
2572 const Unit
*u
= userdata
;
2573 const char *p
= rvalue
;
2581 if (isempty(rvalue
)) {
2582 exec_context_free_log_extra_fields(c
);
2587 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2591 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2597 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2601 r
= unit_full_printf(u
, word
, &k
);
2603 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2607 eq
= strchr(k
, '=');
2609 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field lacks '=' character, ignoring: %s", k
);
2613 if (!journal_field_valid(k
, eq
-k
, false)) {
2614 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field name is invalid, ignoring: %s", k
);
2618 t
= reallocarray(c
->log_extra_fields
, c
->n_log_extra_fields
+1, sizeof(struct iovec
));
2622 c
->log_extra_fields
= t
;
2623 c
->log_extra_fields
[c
->n_log_extra_fields
++] = IOVEC_MAKE_STRING(k
);
2629 int config_parse_log_namespace(
2631 const char *filename
,
2633 const char *section
,
2634 unsigned section_line
,
2641 _cleanup_free_
char *k
= NULL
;
2642 ExecContext
*c
= data
;
2643 const Unit
*u
= userdata
;
2651 if (isempty(rvalue
)) {
2652 c
->log_namespace
= mfree(c
->log_namespace
);
2656 r
= unit_full_printf(u
, rvalue
, &k
);
2658 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2662 if (!log_namespace_name_valid(k
)) {
2663 log_syntax(unit
, LOG_ERR
, filename
, line
, SYNTHETIC_ERRNO(EINVAL
), "Specified log namespace name is not valid: %s", k
);
2667 free_and_replace(c
->log_namespace
, k
);
2671 int config_parse_unit_condition_path(
2673 const char *filename
,
2675 const char *section
,
2676 unsigned section_line
,
2683 _cleanup_free_
char *p
= NULL
;
2684 Condition
**list
= data
, *c
;
2685 ConditionType t
= ltype
;
2686 bool trigger
, negate
;
2687 const Unit
*u
= userdata
;
2695 if (isempty(rvalue
)) {
2696 /* Empty assignment resets the list */
2697 *list
= condition_free_list(*list
);
2701 trigger
= rvalue
[0] == '|';
2705 negate
= rvalue
[0] == '!';
2709 r
= unit_full_printf(u
, rvalue
, &p
);
2711 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2715 r
= path_simplify_and_warn(p
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2719 c
= condition_new(t
, p
, trigger
, negate
);
2723 LIST_PREPEND(conditions
, *list
, c
);
2727 int config_parse_unit_condition_string(
2729 const char *filename
,
2731 const char *section
,
2732 unsigned section_line
,
2739 _cleanup_free_
char *s
= NULL
;
2740 Condition
**list
= data
, *c
;
2741 ConditionType t
= ltype
;
2742 bool trigger
, negate
;
2743 const Unit
*u
= userdata
;
2751 if (isempty(rvalue
)) {
2752 /* Empty assignment resets the list */
2753 *list
= condition_free_list(*list
);
2757 trigger
= *rvalue
== '|';
2759 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
2761 negate
= *rvalue
== '!';
2763 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
2765 r
= unit_full_printf(u
, rvalue
, &s
);
2767 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2768 "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2772 c
= condition_new(t
, s
, trigger
, negate
);
2776 LIST_PREPEND(conditions
, *list
, c
);
2780 int config_parse_unit_condition_null(
2782 const char *filename
,
2784 const char *section
,
2785 unsigned section_line
,
2792 Condition
**list
= data
, *c
;
2793 bool trigger
, negate
;
2801 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "%s= is deprecated, please do not use.", lvalue
);
2803 if (isempty(rvalue
)) {
2804 /* Empty assignment resets the list */
2805 *list
= condition_free_list(*list
);
2809 trigger
= rvalue
[0] == '|';
2813 negate
= rvalue
[0] == '!';
2817 b
= parse_boolean(rvalue
);
2819 log_syntax(unit
, LOG_ERR
, filename
, line
, b
, "Failed to parse boolean value in condition, ignoring: %s", rvalue
);
2826 c
= condition_new(CONDITION_NULL
, NULL
, trigger
, negate
);
2830 LIST_PREPEND(conditions
, *list
, c
);
2834 int config_parse_unit_requires_mounts_for(
2836 const char *filename
,
2838 const char *section
,
2839 unsigned section_line
,
2846 const char *p
= rvalue
;
2856 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
2858 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2864 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2865 "Invalid syntax, ignoring: %s", rvalue
);
2869 r
= unit_full_printf(u
, word
, &resolved
);
2871 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
2875 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2879 r
= unit_require_mounts_for(u
, resolved
, UNIT_DEPENDENCY_FILE
);
2881 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add required mount '%s', ignoring: %m", resolved
);
2887 int config_parse_documentation(const char *unit
,
2888 const char *filename
,
2890 const char *section
,
2891 unsigned section_line
,
2907 if (isempty(rvalue
)) {
2908 /* Empty assignment resets the list */
2909 u
->documentation
= strv_free(u
->documentation
);
2913 r
= config_parse_unit_strv_printf(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
,
2914 rvalue
, data
, userdata
);
2918 for (a
= b
= u
->documentation
; a
&& *a
; a
++) {
2920 if (documentation_url_is_valid(*a
))
2923 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid URL, ignoring: %s", *a
);
2934 int config_parse_syscall_filter(
2936 const char *filename
,
2938 const char *section
,
2939 unsigned section_line
,
2946 ExecContext
*c
= data
;
2947 _unused_
const Unit
*u
= userdata
;
2948 bool invert
= false;
2957 if (isempty(rvalue
)) {
2958 /* Empty assignment resets the list */
2959 c
->syscall_filter
= hashmap_free(c
->syscall_filter
);
2960 c
->syscall_whitelist
= false;
2964 if (rvalue
[0] == '~') {
2969 if (!c
->syscall_filter
) {
2970 c
->syscall_filter
= hashmap_new(NULL
);
2971 if (!c
->syscall_filter
)
2975 /* Allow everything but the ones listed */
2976 c
->syscall_whitelist
= false;
2978 /* Allow nothing but the ones listed */
2979 c
->syscall_whitelist
= true;
2981 /* Accept default syscalls if we are on a whitelist */
2982 r
= seccomp_parse_syscall_filter(
2983 "@default", -1, c
->syscall_filter
,
2984 SECCOMP_PARSE_PERMISSIVE
|SECCOMP_PARSE_WHITELIST
,
2994 _cleanup_free_
char *word
= NULL
, *name
= NULL
;
2997 r
= extract_first_word(&p
, &word
, NULL
, 0);
3003 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3007 r
= parse_syscall_and_errno(word
, &name
, &num
);
3009 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse syscall:errno, ignoring: %s", word
);
3013 r
= seccomp_parse_syscall_filter(
3014 name
, num
, c
->syscall_filter
,
3015 SECCOMP_PARSE_LOG
|SECCOMP_PARSE_PERMISSIVE
|
3016 (invert
? SECCOMP_PARSE_INVERT
: 0)|
3017 (c
->syscall_whitelist
? SECCOMP_PARSE_WHITELIST
: 0),
3018 unit
, filename
, line
);
3024 int config_parse_syscall_archs(
3026 const char *filename
,
3028 const char *section
,
3029 unsigned section_line
,
3036 const char *p
= rvalue
;
3040 if (isempty(rvalue
)) {
3041 *archs
= set_free(*archs
);
3045 r
= set_ensure_allocated(archs
, NULL
);
3050 _cleanup_free_
char *word
= NULL
;
3053 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3059 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3060 "Invalid syntax, ignoring: %s", rvalue
);
3064 r
= seccomp_arch_from_string(word
, &a
);
3066 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
3067 "Failed to parse system call architecture \"%s\", ignoring: %m", word
);
3071 r
= set_put(*archs
, UINT32_TO_PTR(a
+ 1));
3077 int config_parse_syscall_errno(
3079 const char *filename
,
3081 const char *section
,
3082 unsigned section_line
,
3089 ExecContext
*c
= data
;
3096 if (isempty(rvalue
)) {
3097 /* Empty assignment resets to KILL */
3098 c
->syscall_errno
= 0;
3102 e
= parse_errno(rvalue
);
3104 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse error number, ignoring: %s", rvalue
);
3108 c
->syscall_errno
= e
;
3112 int config_parse_address_families(
3114 const char *filename
,
3116 const char *section
,
3117 unsigned section_line
,
3124 ExecContext
*c
= data
;
3125 bool invert
= false;
3133 if (isempty(rvalue
)) {
3134 /* Empty assignment resets the list */
3135 c
->address_families
= set_free(c
->address_families
);
3136 c
->address_families_whitelist
= false;
3140 if (rvalue
[0] == '~') {
3145 if (!c
->address_families
) {
3146 c
->address_families
= set_new(NULL
);
3147 if (!c
->address_families
)
3150 c
->address_families_whitelist
= !invert
;
3153 for (p
= rvalue
;;) {
3154 _cleanup_free_
char *word
= NULL
;
3157 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3163 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3164 "Invalid syntax, ignoring: %s", rvalue
);
3168 af
= af_from_name(word
);
3170 log_syntax(unit
, LOG_ERR
, filename
, line
, af
,
3171 "Failed to parse address family, ignoring: %s", word
);
3175 /* If we previously wanted to forbid an address family and now
3176 * we want to allow it, then just remove it from the list.
3178 if (!invert
== c
->address_families_whitelist
) {
3179 r
= set_put(c
->address_families
, INT_TO_PTR(af
));
3183 set_remove(c
->address_families
, INT_TO_PTR(af
));
3187 int config_parse_restrict_namespaces(
3189 const char *filename
,
3191 const char *section
,
3192 unsigned section_line
,
3199 ExecContext
*c
= data
;
3200 unsigned long flags
;
3201 bool invert
= false;
3204 if (isempty(rvalue
)) {
3205 /* Reset to the default. */
3206 c
->restrict_namespaces
= NAMESPACE_FLAGS_INITIAL
;
3210 /* Boolean parameter ignores the previous settings */
3211 r
= parse_boolean(rvalue
);
3213 c
->restrict_namespaces
= 0;
3215 } else if (r
== 0) {
3216 c
->restrict_namespaces
= NAMESPACE_FLAGS_ALL
;
3220 if (rvalue
[0] == '~') {
3225 /* Not a boolean argument, in this case it's a list of namespace types. */
3226 r
= namespace_flags_from_string(rvalue
, &flags
);
3228 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse namespace type string, ignoring: %s", rvalue
);
3232 if (c
->restrict_namespaces
== NAMESPACE_FLAGS_INITIAL
)
3233 /* Initial assignment. Just set the value. */
3234 c
->restrict_namespaces
= invert
? (~flags
) & NAMESPACE_FLAGS_ALL
: flags
;
3236 /* Merge the value with the previous one. */
3237 SET_FLAG(c
->restrict_namespaces
, flags
, !invert
);
3243 int config_parse_unit_slice(
3245 const char *filename
,
3247 const char *section
,
3248 unsigned section_line
,
3255 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
3256 _cleanup_free_
char *k
= NULL
;
3257 Unit
*u
= userdata
, *slice
;
3265 r
= unit_name_printf(u
, rvalue
, &k
);
3267 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
3271 r
= manager_load_unit(u
->manager
, k
, NULL
, &error
, &slice
);
3273 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load slice unit %s, ignoring: %s", k
, bus_error_message(&error
, r
));
3277 r
= unit_set_slice(u
, slice
);
3279 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to assign slice %s to unit %s, ignoring: %m", slice
->id
, u
->id
);
3286 int config_parse_cpu_quota(
3288 const char *filename
,
3290 const char *section
,
3291 unsigned section_line
,
3298 CGroupContext
*c
= data
;
3305 if (isempty(rvalue
)) {
3306 c
->cpu_quota_per_sec_usec
= USEC_INFINITY
;
3310 r
= parse_permille_unbounded(rvalue
);
3312 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid CPU quota '%s', ignoring.", rvalue
);
3316 c
->cpu_quota_per_sec_usec
= ((usec_t
) r
* USEC_PER_SEC
) / 1000U;
3320 int config_parse_allowed_cpus(
3322 const char *filename
,
3324 const char *section
,
3325 unsigned section_line
,
3332 CGroupContext
*c
= data
;
3334 (void) parse_cpu_set_extend(rvalue
, &c
->cpuset_cpus
, true, unit
, filename
, line
, lvalue
);
3339 int config_parse_allowed_mems(
3341 const char *filename
,
3343 const char *section
,
3344 unsigned section_line
,
3351 CGroupContext
*c
= data
;
3353 (void) parse_cpu_set_extend(rvalue
, &c
->cpuset_mems
, true, unit
, filename
, line
, lvalue
);
3358 int config_parse_memory_limit(
3360 const char *filename
,
3362 const char *section
,
3363 unsigned section_line
,
3370 CGroupContext
*c
= data
;
3371 uint64_t bytes
= CGROUP_LIMIT_MAX
;
3374 if (!isempty(rvalue
) && !streq(rvalue
, "infinity")) {
3376 r
= parse_permille(rvalue
);
3378 r
= parse_size(rvalue
, 1024, &bytes
);
3380 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid memory limit '%s', ignoring: %m", rvalue
);
3384 bytes
= physical_memory_scale(r
, 1000U);
3386 if (bytes
>= UINT64_MAX
||
3387 (bytes
<= 0 && !STR_IN_SET(lvalue
, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) {
3388 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Memory limit '%s' out of range, ignoring.", rvalue
);
3393 if (streq(lvalue
, "DefaultMemoryLow")) {
3394 c
->default_memory_low_set
= true;
3395 if (isempty(rvalue
))
3396 c
->default_memory_low
= CGROUP_LIMIT_MIN
;
3398 c
->default_memory_low
= bytes
;
3399 } else if (streq(lvalue
, "DefaultMemoryMin")) {
3400 c
->default_memory_min_set
= true;
3401 if (isempty(rvalue
))
3402 c
->default_memory_min
= CGROUP_LIMIT_MIN
;
3404 c
->default_memory_min
= bytes
;
3405 } else if (streq(lvalue
, "MemoryMin")) {
3406 c
->memory_min
= bytes
;
3407 c
->memory_min_set
= true;
3408 } else if (streq(lvalue
, "MemoryLow")) {
3409 c
->memory_low
= bytes
;
3410 c
->memory_low_set
= true;
3411 } else if (streq(lvalue
, "MemoryHigh"))
3412 c
->memory_high
= bytes
;
3413 else if (streq(lvalue
, "MemoryMax"))
3414 c
->memory_max
= bytes
;
3415 else if (streq(lvalue
, "MemorySwapMax"))
3416 c
->memory_swap_max
= bytes
;
3417 else if (streq(lvalue
, "MemoryLimit"))
3418 c
->memory_limit
= bytes
;
3425 int config_parse_tasks_max(
3427 const char *filename
,
3429 const char *section
,
3430 unsigned section_line
,
3437 const Unit
*u
= userdata
;
3438 TasksMax
*tasks_max
= data
;
3442 if (isempty(rvalue
)) {
3443 *tasks_max
= u
? u
->manager
->default_tasks_max
: TASKS_MAX_UNSET
;
3447 if (streq(rvalue
, "infinity")) {
3448 *tasks_max
= TASKS_MAX_UNSET
;
3452 r
= parse_permille(rvalue
);
3454 *tasks_max
= (TasksMax
) { r
, 1000U }; /* r‰ */
3456 r
= safe_atou64(rvalue
, &v
);
3458 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid maximum tasks value '%s', ignoring: %m", rvalue
);
3462 if (v
<= 0 || v
>= UINT64_MAX
) {
3463 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue
);
3467 *tasks_max
= (TasksMax
) { v
};
3473 int config_parse_delegate(
3475 const char *filename
,
3477 const char *section
,
3478 unsigned section_line
,
3485 CGroupContext
*c
= data
;
3489 t
= unit_name_to_type(unit
);
3490 assert(t
!= _UNIT_TYPE_INVALID
);
3492 if (!unit_vtable
[t
]->can_delegate
) {
3493 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Delegate= setting not supported for this unit type, ignoring.");
3497 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3498 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3499 * mask to delegate. */
3501 if (isempty(rvalue
)) {
3502 /* An empty string resets controllers and set Delegate=yes. */
3504 c
->delegate_controllers
= 0;
3508 r
= parse_boolean(rvalue
);
3510 const char *p
= rvalue
;
3511 CGroupMask mask
= 0;
3514 _cleanup_free_
char *word
= NULL
;
3515 CGroupController cc
;
3517 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3523 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3527 cc
= cgroup_controller_from_string(word
);
3529 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid controller name '%s', ignoring", word
);
3533 mask
|= CGROUP_CONTROLLER_TO_MASK(cc
);
3537 c
->delegate_controllers
|= mask
;
3541 c
->delegate_controllers
= _CGROUP_MASK_ALL
;
3543 c
->delegate
= false;
3544 c
->delegate_controllers
= 0;
3550 int config_parse_device_allow(
3552 const char *filename
,
3554 const char *section
,
3555 unsigned section_line
,
3562 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3563 CGroupContext
*c
= data
;
3564 const char *p
= rvalue
;
3567 if (isempty(rvalue
)) {
3568 while (c
->device_allow
)
3569 cgroup_context_free_device_allow(c
, c
->device_allow
);
3574 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3578 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3579 "Invalid syntax, ignoring: %s", rvalue
);
3583 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3584 "Failed to extract device path and rights from '%s', ignoring.", rvalue
);
3588 r
= unit_full_printf(userdata
, path
, &resolved
);
3590 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3591 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3595 if (!STARTSWITH_SET(resolved
, "block-", "char-")) {
3597 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3601 if (!valid_device_node_path(resolved
)) {
3602 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device node path '%s', ignoring.", resolved
);
3607 if (!isempty(p
) && !in_charset(p
, "rwm")) {
3608 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device rights '%s', ignoring.", p
);
3612 return cgroup_add_device_allow(c
, resolved
, p
);
3615 int config_parse_io_device_weight(
3617 const char *filename
,
3619 const char *section
,
3620 unsigned section_line
,
3627 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3628 CGroupIODeviceWeight
*w
;
3629 CGroupContext
*c
= data
;
3630 const char *p
= rvalue
;
3638 if (isempty(rvalue
)) {
3639 while (c
->io_device_weights
)
3640 cgroup_context_free_io_device_weight(c
, c
->io_device_weights
);
3645 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3649 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3650 "Invalid syntax, ignoring: %s", rvalue
);
3653 if (r
== 0 || isempty(p
)) {
3654 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3655 "Failed to extract device path and weight from '%s', ignoring.", rvalue
);
3659 r
= unit_full_printf(userdata
, path
, &resolved
);
3661 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3662 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3666 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3670 r
= cg_weight_parse(p
, &u
);
3672 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IO weight '%s' invalid, ignoring: %m", p
);
3676 assert(u
!= CGROUP_WEIGHT_INVALID
);
3678 w
= new0(CGroupIODeviceWeight
, 1);
3682 w
->path
= TAKE_PTR(resolved
);
3685 LIST_PREPEND(device_weights
, c
->io_device_weights
, w
);
3689 int config_parse_io_device_latency(
3691 const char *filename
,
3693 const char *section
,
3694 unsigned section_line
,
3701 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3702 CGroupIODeviceLatency
*l
;
3703 CGroupContext
*c
= data
;
3704 const char *p
= rvalue
;
3712 if (isempty(rvalue
)) {
3713 while (c
->io_device_latencies
)
3714 cgroup_context_free_io_device_latency(c
, c
->io_device_latencies
);
3719 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3723 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3724 "Invalid syntax, ignoring: %s", rvalue
);
3727 if (r
== 0 || isempty(p
)) {
3728 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3729 "Failed to extract device path and latency from '%s', ignoring.", rvalue
);
3733 r
= unit_full_printf(userdata
, path
, &resolved
);
3735 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3736 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3740 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3744 if (parse_sec(p
, &usec
) < 0) {
3745 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse timer value, ignoring: %s", p
);
3749 l
= new0(CGroupIODeviceLatency
, 1);
3753 l
->path
= TAKE_PTR(resolved
);
3754 l
->target_usec
= usec
;
3756 LIST_PREPEND(device_latencies
, c
->io_device_latencies
, l
);
3760 int config_parse_io_limit(
3762 const char *filename
,
3764 const char *section
,
3765 unsigned section_line
,
3772 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3773 CGroupIODeviceLimit
*l
= NULL
, *t
;
3774 CGroupContext
*c
= data
;
3775 CGroupIOLimitType type
;
3776 const char *p
= rvalue
;
3784 type
= cgroup_io_limit_type_from_string(lvalue
);
3787 if (isempty(rvalue
)) {
3788 LIST_FOREACH(device_limits
, l
, c
->io_device_limits
)
3789 l
->limits
[type
] = cgroup_io_limit_defaults
[type
];
3793 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3797 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3798 "Invalid syntax, ignoring: %s", rvalue
);
3801 if (r
== 0 || isempty(p
)) {
3802 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3803 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3807 r
= unit_full_printf(userdata
, path
, &resolved
);
3809 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3810 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3814 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3818 if (streq("infinity", p
))
3819 num
= CGROUP_LIMIT_MAX
;
3821 r
= parse_size(p
, 1000, &num
);
3822 if (r
< 0 || num
<= 0) {
3823 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid IO limit '%s', ignoring.", p
);
3828 LIST_FOREACH(device_limits
, t
, c
->io_device_limits
) {
3829 if (path_equal(resolved
, t
->path
)) {
3836 CGroupIOLimitType ttype
;
3838 l
= new0(CGroupIODeviceLimit
, 1);
3842 l
->path
= TAKE_PTR(resolved
);
3843 for (ttype
= 0; ttype
< _CGROUP_IO_LIMIT_TYPE_MAX
; ttype
++)
3844 l
->limits
[ttype
] = cgroup_io_limit_defaults
[ttype
];
3846 LIST_PREPEND(device_limits
, c
->io_device_limits
, l
);
3849 l
->limits
[type
] = num
;
3854 int config_parse_blockio_device_weight(
3856 const char *filename
,
3858 const char *section
,
3859 unsigned section_line
,
3866 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3867 CGroupBlockIODeviceWeight
*w
;
3868 CGroupContext
*c
= data
;
3869 const char *p
= rvalue
;
3877 if (isempty(rvalue
)) {
3878 while (c
->blockio_device_weights
)
3879 cgroup_context_free_blockio_device_weight(c
, c
->blockio_device_weights
);
3884 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3888 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3889 "Invalid syntax, ignoring: %s", rvalue
);
3892 if (r
== 0 || isempty(p
)) {
3893 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3894 "Failed to extract device node and weight from '%s', ignoring.", rvalue
);
3898 r
= unit_full_printf(userdata
, path
, &resolved
);
3900 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3901 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3905 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3909 r
= cg_blkio_weight_parse(p
, &u
);
3911 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid block IO weight '%s', ignoring: %m", p
);
3915 assert(u
!= CGROUP_BLKIO_WEIGHT_INVALID
);
3917 w
= new0(CGroupBlockIODeviceWeight
, 1);
3921 w
->path
= TAKE_PTR(resolved
);
3924 LIST_PREPEND(device_weights
, c
->blockio_device_weights
, w
);
3928 int config_parse_blockio_bandwidth(
3930 const char *filename
,
3932 const char *section
,
3933 unsigned section_line
,
3940 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3941 CGroupBlockIODeviceBandwidth
*b
= NULL
, *t
;
3942 CGroupContext
*c
= data
;
3943 const char *p
= rvalue
;
3952 read
= streq("BlockIOReadBandwidth", lvalue
);
3954 if (isempty(rvalue
)) {
3955 LIST_FOREACH(device_bandwidths
, b
, c
->blockio_device_bandwidths
) {
3956 b
->rbps
= CGROUP_LIMIT_MAX
;
3957 b
->wbps
= CGROUP_LIMIT_MAX
;
3962 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3966 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3967 "Invalid syntax, ignoring: %s", rvalue
);
3970 if (r
== 0 || isempty(p
)) {
3971 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3972 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3976 r
= unit_full_printf(userdata
, path
, &resolved
);
3978 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3979 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3983 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3987 r
= parse_size(p
, 1000, &bytes
);
3988 if (r
< 0 || bytes
<= 0) {
3989 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid Block IO Bandwidth '%s', ignoring.", p
);
3993 LIST_FOREACH(device_bandwidths
, t
, c
->blockio_device_bandwidths
) {
3994 if (path_equal(resolved
, t
->path
)) {
4001 b
= new0(CGroupBlockIODeviceBandwidth
, 1);
4005 b
->path
= TAKE_PTR(resolved
);
4006 b
->rbps
= CGROUP_LIMIT_MAX
;
4007 b
->wbps
= CGROUP_LIMIT_MAX
;
4009 LIST_PREPEND(device_bandwidths
, c
->blockio_device_bandwidths
, b
);
4020 int config_parse_job_mode_isolate(
4022 const char *filename
,
4024 const char *section
,
4025 unsigned section_line
,
4039 r
= parse_boolean(rvalue
);
4041 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse boolean, ignoring: %s", rvalue
);
4045 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue
);
4047 *m
= r
? JOB_ISOLATE
: JOB_REPLACE
;
4051 int config_parse_exec_directories(
4053 const char *filename
,
4055 const char *section
,
4056 unsigned section_line
,
4064 const Unit
*u
= userdata
;
4073 if (isempty(rvalue
)) {
4074 /* Empty assignment resets the list */
4075 *rt
= strv_free(*rt
);
4079 for (p
= rvalue
;;) {
4080 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
4082 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4086 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
4087 "Invalid syntax, ignoring: %s", rvalue
);
4093 r
= unit_full_printf(u
, word
, &k
);
4095 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4096 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
4100 r
= path_simplify_and_warn(k
, PATH_CHECK_RELATIVE
, unit
, filename
, line
, lvalue
);
4104 if (path_startswith(k
, "private")) {
4105 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
4106 "%s= path can't be 'private', ignoring assignment: %s", lvalue
, word
);
4110 r
= strv_push(rt
, k
);
4117 int config_parse_set_status(
4119 const char *filename
,
4121 const char *section
,
4122 unsigned section_line
,
4130 const char *word
, *state
;
4132 ExitStatusSet
*status_set
= data
;
4139 /* Empty assignment resets the list */
4140 if (isempty(rvalue
)) {
4141 exit_status_set_free(status_set
);
4145 FOREACH_WORD(word
, l
, rvalue
, state
) {
4146 _cleanup_free_
char *temp
;
4149 temp
= strndup(word
, l
);
4153 /* We need to call exit_status_from_string() first, because we want
4154 * to parse numbers as exit statuses, not signals. */
4156 r
= exit_status_from_string(temp
);
4158 assert(r
>= 0 && r
< 256);
4159 bitmap
= &status_set
->status
;
4161 r
= signal_from_string(temp
);
4164 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
4165 "Failed to parse value, ignoring: %s", word
);
4168 bitmap
= &status_set
->signal
;
4171 r
= bitmap_set(bitmap
, r
);
4173 return log_error_errno(r
, "Failed to set signal or status %s: %m", word
);
4175 if (!isempty(state
))
4176 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Trailing garbage, ignoring.");
4181 int config_parse_namespace_path_strv(
4183 const char *filename
,
4185 const char *section
,
4186 unsigned section_line
,
4193 const Unit
*u
= userdata
;
4195 const char *p
= rvalue
;
4203 if (isempty(rvalue
)) {
4204 /* Empty assignment resets the list */
4205 *sv
= strv_free(*sv
);
4210 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
, *joined
= NULL
;
4212 bool ignore_enoent
= false, shall_prefix
= false;
4214 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4220 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4225 if (startswith(w
, "-")) {
4226 ignore_enoent
= true;
4229 if (startswith(w
, "+")) {
4230 shall_prefix
= true;
4234 r
= unit_full_printf(u
, w
, &resolved
);
4236 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", w
);
4240 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4244 joined
= strjoin(ignore_enoent
? "-" : "",
4245 shall_prefix
? "+" : "",
4248 r
= strv_push(sv
, joined
);
4258 int config_parse_temporary_filesystems(
4260 const char *filename
,
4262 const char *section
,
4263 unsigned section_line
,
4270 const Unit
*u
= userdata
;
4271 ExecContext
*c
= data
;
4272 const char *p
= rvalue
;
4280 if (isempty(rvalue
)) {
4281 /* Empty assignment resets the list */
4282 temporary_filesystem_free_many(c
->temporary_filesystems
, c
->n_temporary_filesystems
);
4283 c
->temporary_filesystems
= NULL
;
4284 c
->n_temporary_filesystems
= 0;
4289 _cleanup_free_
char *word
= NULL
, *path
= NULL
, *resolved
= NULL
;
4292 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4298 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4303 r
= extract_first_word(&w
, &path
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4307 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", word
);
4311 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid syntax, ignoring: %s", word
);
4315 r
= unit_full_printf(u
, path
, &resolved
);
4317 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", path
);
4321 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4325 r
= temporary_filesystem_add(&c
->temporary_filesystems
, &c
->n_temporary_filesystems
, resolved
, w
);
4331 int config_parse_bind_paths(
4333 const char *filename
,
4335 const char *section
,
4336 unsigned section_line
,
4343 ExecContext
*c
= data
;
4344 const Unit
*u
= userdata
;
4353 if (isempty(rvalue
)) {
4354 /* Empty assignment resets the list */
4355 bind_mount_free_many(c
->bind_mounts
, c
->n_bind_mounts
);
4356 c
->bind_mounts
= NULL
;
4357 c
->n_bind_mounts
= 0;
4363 _cleanup_free_
char *source
= NULL
, *destination
= NULL
;
4364 _cleanup_free_
char *sresolved
= NULL
, *dresolved
= NULL
;
4365 char *s
= NULL
, *d
= NULL
;
4366 bool rbind
= true, ignore_enoent
= false;
4368 r
= extract_first_word(&p
, &source
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4374 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4378 r
= unit_full_printf(u
, source
, &sresolved
);
4380 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4381 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source
);
4387 ignore_enoent
= true;
4391 r
= path_simplify_and_warn(s
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4395 /* Optionally, the destination is specified. */
4396 if (p
&& p
[-1] == ':') {
4397 r
= extract_first_word(&p
, &destination
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4401 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4405 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Missing argument after ':', ignoring: %s", s
);
4409 r
= unit_full_printf(u
, destination
, &dresolved
);
4411 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4412 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination
);
4416 r
= path_simplify_and_warn(dresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4422 /* Optionally, there's also a short option string specified */
4423 if (p
&& p
[-1] == ':') {
4424 _cleanup_free_
char *options
= NULL
;
4426 r
= extract_first_word(&p
, &options
, NULL
, EXTRACT_UNQUOTE
);
4430 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s: %s", lvalue
, rvalue
);
4434 if (isempty(options
) || streq(options
, "rbind"))
4436 else if (streq(options
, "norbind"))
4439 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid option string, ignoring setting: %s", options
);
4446 r
= bind_mount_add(&c
->bind_mounts
, &c
->n_bind_mounts
,
4450 .read_only
= !!strstr(lvalue
, "ReadOnly"),
4452 .ignore_enoent
= ignore_enoent
,
4461 int config_parse_job_timeout_sec(
4463 const char *filename
,
4465 const char *section
,
4466 unsigned section_line
,
4482 r
= parse_sec_fix_0(rvalue
, &usec
);
4484 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue
);
4488 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4489 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4492 if (!u
->job_running_timeout_set
)
4493 u
->job_running_timeout
= usec
;
4495 u
->job_timeout
= usec
;
4500 int config_parse_job_running_timeout_sec(
4502 const char *filename
,
4504 const char *section
,
4505 unsigned section_line
,
4521 r
= parse_sec_fix_0(rvalue
, &usec
);
4523 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue
);
4527 u
->job_running_timeout
= usec
;
4528 u
->job_running_timeout_set
= true;
4533 int config_parse_emergency_action(
4535 const char *filename
,
4537 const char *section
,
4538 unsigned section_line
,
4546 EmergencyAction
*x
= data
;
4555 m
= ((Unit
*) userdata
)->manager
;
4559 r
= parse_emergency_action(rvalue
, MANAGER_IS_SYSTEM(m
), x
);
4561 if (r
== -EOPNOTSUPP
&& MANAGER_IS_USER(m
)) {
4562 /* Compat mode: remove for systemd 241. */
4564 log_syntax(unit
, LOG_INFO
, filename
, line
, r
,
4565 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
4567 *x
= EMERGENCY_ACTION_EXIT_FORCE
;
4571 if (r
== -EOPNOTSUPP
)
4572 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4573 "%s= specified as %s mode action, ignoring: %s",
4574 lvalue
, MANAGER_IS_SYSTEM(m
) ? "user" : "system", rvalue
);
4576 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4577 "Failed to parse %s=, ignoring: %s", lvalue
, rvalue
);
4584 int config_parse_pid_file(
4586 const char *filename
,
4588 const char *section
,
4589 unsigned section_line
,
4596 _cleanup_free_
char *k
= NULL
, *n
= NULL
;
4597 const Unit
*u
= userdata
;
4606 if (isempty(rvalue
)) {
4607 /* An empty assignment removes already set value. */
4612 r
= unit_full_printf(u
, rvalue
, &k
);
4614 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
4618 /* If this is a relative path make it absolute by prefixing the /run */
4619 n
= path_make_absolute(k
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
4623 /* Check that the result is a sensible path */
4624 r
= path_simplify_and_warn(n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4628 r
= patch_var_run(unit
, filename
, line
, lvalue
, &n
);
4632 free_and_replace(*s
, n
);
4636 int config_parse_exit_status(
4638 const char *filename
,
4640 const char *section
,
4641 unsigned section_line
,
4648 int *exit_status
= data
, r
;
4654 assert(exit_status
);
4656 if (isempty(rvalue
)) {
4661 r
= safe_atou8(rvalue
, &u
);
4663 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse exit status '%s', ignoring: %m", rvalue
);
4671 int config_parse_disable_controllers(
4673 const char *filename
,
4675 const char *section
,
4676 unsigned section_line
,
4684 CGroupContext
*c
= data
;
4685 CGroupMask disabled_mask
;
4687 /* 1. If empty, make all controllers eligible for use again.
4688 * 2. If non-empty, merge all listed controllers, space separated. */
4690 if (isempty(rvalue
)) {
4691 c
->disable_controllers
= 0;
4695 r
= cg_mask_from_string(rvalue
, &disabled_mask
);
4696 if (r
< 0 || disabled_mask
<= 0) {
4697 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid cgroup string: %s, ignoring", rvalue
);
4701 c
->disable_controllers
|= disabled_mask
;
4706 int config_parse_ip_filter_bpf_progs(
4708 const char *filename
,
4710 const char *section
,
4711 unsigned section_line
,
4718 _cleanup_free_
char *resolved
= NULL
;
4719 const Unit
*u
= userdata
;
4720 char ***paths
= data
;
4728 if (isempty(rvalue
)) {
4729 *paths
= strv_free(*paths
);
4733 r
= unit_full_printf(u
, rvalue
, &resolved
);
4735 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
4739 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4743 if (strv_contains(*paths
, resolved
))
4746 r
= strv_extend(paths
, resolved
);
4750 r
= bpf_firewall_supported();
4753 if (r
!= BPF_FIREWALL_SUPPORTED_WITH_MULTI
) {
4754 static bool warned
= false;
4756 log_full(warned
? LOG_DEBUG
: LOG_WARNING
,
4757 "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n"
4758 "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename
, line
, lvalue
, rvalue
);
4766 static int merge_by_names(Unit
**u
, Set
*names
, const char *id
) {
4773 /* Let's try to add in all names that are aliases of this unit */
4774 while ((k
= set_steal_first(names
))) {
4775 _cleanup_free_ _unused_
char *free_k
= k
;
4777 /* First try to merge in the other name into our unit */
4778 r
= unit_merge_by_name(*u
, k
);
4782 /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way
4785 other
= manager_get_unit((*u
)->manager
, k
);
4787 return r
; /* return previous failure */
4789 r
= unit_merge(other
, *u
);
4794 return merge_by_names(u
, names
, NULL
);
4797 if (streq_ptr(id
, k
))
4798 unit_choose_id(*u
, id
);
4804 int unit_load_fragment(Unit
*u
) {
4805 const char *fragment
;
4806 _cleanup_set_free_free_ Set
*names
= NULL
;
4811 assert(u
->load_state
== UNIT_STUB
);
4815 u
->load_state
= UNIT_LOADED
;
4819 /* Possibly rebuild the fragment map to catch new units */
4820 r
= unit_file_build_name_map(&u
->manager
->lookup_paths
,
4821 &u
->manager
->unit_cache_mtime
,
4822 &u
->manager
->unit_id_map
,
4823 &u
->manager
->unit_name_map
,
4824 &u
->manager
->unit_path_cache
);
4826 return log_error_errno(r
, "Failed to rebuild name map: %m");
4828 r
= unit_file_find_fragment(u
->manager
->unit_id_map
,
4829 u
->manager
->unit_name_map
,
4833 if (r
< 0 && r
!= -ENOENT
)
4837 /* Open the file, check if this is a mask, otherwise read. */
4838 _cleanup_fclose_
FILE *f
= NULL
;
4840 /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
4841 * expect that all symlinks within the lookup paths have been already resolved, but we don't
4842 * verify this here. */
4843 f
= fopen(fragment
, "re");
4845 return log_unit_notice_errno(u
, errno
, "Failed to open %s: %m", fragment
);
4847 if (fstat(fileno(f
), &st
) < 0)
4850 r
= free_and_strdup(&u
->fragment_path
, fragment
);
4854 if (null_or_empty(&st
)) {
4855 /* Unit file is masked */
4857 u
->load_state
= u
->perpetual
? UNIT_LOADED
: UNIT_MASKED
; /* don't allow perpetual units to ever be masked */
4858 u
->fragment_mtime
= 0;
4860 u
->load_state
= UNIT_LOADED
;
4861 u
->fragment_mtime
= timespec_load(&st
.st_mtim
);
4863 /* Now, parse the file contents */
4864 r
= config_parse(u
->id
, fragment
, f
,
4865 UNIT_VTABLE(u
)->sections
,
4866 config_item_perf_lookup
, load_fragment_gperf_lookup
,
4867 CONFIG_PARSE_ALLOW_INCLUDE
, u
);
4869 log_unit_notice_errno(u
, r
, "Unit configuration has fatal error, unit will not be started.");
4875 if (u
->source_path
) {
4876 if (stat(u
->source_path
, &st
) >= 0)
4877 u
->source_mtime
= timespec_load(&st
.st_mtim
);
4879 u
->source_mtime
= 0;
4882 /* We do the merge dance here because for some unit types, the unit might have aliases which are not
4883 * declared in the file system. In particular, this is true (and frequent) for device and swap units.
4886 const char *id
= u
->id
;
4887 _cleanup_free_
char *free_id
= NULL
;
4890 id
= basename(fragment
);
4891 if (unit_name_is_valid(id
, UNIT_NAME_TEMPLATE
)) {
4892 assert(u
->instance
); /* If we're not trying to use a template for non-instanced unit,
4893 * this must be set. */
4895 r
= unit_name_replace_instance(id
, u
->instance
, &free_id
);
4897 return log_debug_errno(r
, "Failed to build id (%s + %s): %m", id
, u
->instance
);
4903 r
= merge_by_names(&merged
, names
, id
);
4908 u
->load_state
= UNIT_MERGED
;
4913 void unit_dump_config_items(FILE *f
) {
4914 static const struct {
4915 const ConfigParserCallback callback
;
4918 { config_parse_warn_compat
, "NOTSUPPORTED" },
4919 { config_parse_int
, "INTEGER" },
4920 { config_parse_unsigned
, "UNSIGNED" },
4921 { config_parse_iec_size
, "SIZE" },
4922 { config_parse_iec_uint64
, "SIZE" },
4923 { config_parse_si_uint64
, "SIZE" },
4924 { config_parse_bool
, "BOOLEAN" },
4925 { config_parse_string
, "STRING" },
4926 { config_parse_path
, "PATH" },
4927 { config_parse_unit_path_printf
, "PATH" },
4928 { config_parse_strv
, "STRING [...]" },
4929 { config_parse_exec_nice
, "NICE" },
4930 { config_parse_exec_oom_score_adjust
, "OOMSCOREADJUST" },
4931 { config_parse_exec_io_class
, "IOCLASS" },
4932 { config_parse_exec_io_priority
, "IOPRIORITY" },
4933 { config_parse_exec_cpu_sched_policy
, "CPUSCHEDPOLICY" },
4934 { config_parse_exec_cpu_sched_prio
, "CPUSCHEDPRIO" },
4935 { config_parse_exec_cpu_affinity
, "CPUAFFINITY" },
4936 { config_parse_mode
, "MODE" },
4937 { config_parse_unit_env_file
, "FILE" },
4938 { config_parse_exec_output
, "OUTPUT" },
4939 { config_parse_exec_input
, "INPUT" },
4940 { config_parse_log_facility
, "FACILITY" },
4941 { config_parse_log_level
, "LEVEL" },
4942 { config_parse_exec_secure_bits
, "SECUREBITS" },
4943 { config_parse_capability_set
, "BOUNDINGSET" },
4944 { config_parse_rlimit
, "LIMIT" },
4945 { config_parse_unit_deps
, "UNIT [...]" },
4946 { config_parse_exec
, "PATH [ARGUMENT [...]]" },
4947 { config_parse_service_type
, "SERVICETYPE" },
4948 { config_parse_service_restart
, "SERVICERESTART" },
4949 { config_parse_kill_mode
, "KILLMODE" },
4950 { config_parse_signal
, "SIGNAL" },
4951 { config_parse_socket_listen
, "SOCKET [...]" },
4952 { config_parse_socket_bind
, "SOCKETBIND" },
4953 { config_parse_socket_bindtodevice
, "NETWORKINTERFACE" },
4954 { config_parse_sec
, "SECONDS" },
4955 { config_parse_nsec
, "NANOSECONDS" },
4956 { config_parse_namespace_path_strv
, "PATH [...]" },
4957 { config_parse_bind_paths
, "PATH[:PATH[:OPTIONS]] [...]" },
4958 { config_parse_unit_requires_mounts_for
, "PATH [...]" },
4959 { config_parse_exec_mount_flags
, "MOUNTFLAG [...]" },
4960 { config_parse_unit_string_printf
, "STRING" },
4961 { config_parse_trigger_unit
, "UNIT" },
4962 { config_parse_timer
, "TIMER" },
4963 { config_parse_path_spec
, "PATH" },
4964 { config_parse_notify_access
, "ACCESS" },
4965 { config_parse_ip_tos
, "TOS" },
4966 { config_parse_unit_condition_path
, "CONDITION" },
4967 { config_parse_unit_condition_string
, "CONDITION" },
4968 { config_parse_unit_condition_null
, "CONDITION" },
4969 { config_parse_unit_slice
, "SLICE" },
4970 { config_parse_documentation
, "URL" },
4971 { config_parse_service_timeout
, "SECONDS" },
4972 { config_parse_emergency_action
, "ACTION" },
4973 { config_parse_set_status
, "STATUS" },
4974 { config_parse_service_sockets
, "SOCKETS" },
4975 { config_parse_environ
, "ENVIRON" },
4977 { config_parse_syscall_filter
, "SYSCALLS" },
4978 { config_parse_syscall_archs
, "ARCHS" },
4979 { config_parse_syscall_errno
, "ERRNO" },
4980 { config_parse_address_families
, "FAMILIES" },
4981 { config_parse_restrict_namespaces
, "NAMESPACES" },
4983 { config_parse_cpu_shares
, "SHARES" },
4984 { config_parse_cg_weight
, "WEIGHT" },
4985 { config_parse_memory_limit
, "LIMIT" },
4986 { config_parse_device_allow
, "DEVICE" },
4987 { config_parse_device_policy
, "POLICY" },
4988 { config_parse_io_limit
, "LIMIT" },
4989 { config_parse_io_device_weight
, "DEVICEWEIGHT" },
4990 { config_parse_io_device_latency
, "DEVICELATENCY" },
4991 { config_parse_blockio_bandwidth
, "BANDWIDTH" },
4992 { config_parse_blockio_weight
, "WEIGHT" },
4993 { config_parse_blockio_device_weight
, "DEVICEWEIGHT" },
4994 { config_parse_long
, "LONG" },
4995 { config_parse_socket_service
, "SERVICE" },
4997 { config_parse_exec_selinux_context
, "LABEL" },
4999 { config_parse_job_mode
, "MODE" },
5000 { config_parse_job_mode_isolate
, "BOOLEAN" },
5001 { config_parse_personality
, "PERSONALITY" },
5004 const char *prev
= NULL
;
5009 NULSTR_FOREACH(i
, load_fragment_gperf_nulstr
) {
5010 const char *rvalue
= "OTHER", *lvalue
;
5011 const ConfigPerfItem
*p
;
5016 assert_se(p
= load_fragment_gperf_lookup(i
, strlen(i
)));
5018 /* Hide legacy settings */
5019 if (p
->parse
== config_parse_warn_compat
&&
5020 p
->ltype
== DISABLED_LEGACY
)
5023 for (j
= 0; j
< ELEMENTSOF(table
); j
++)
5024 if (p
->parse
== table
[j
].callback
) {
5025 rvalue
= table
[j
].rvalue
;
5029 dot
= strchr(i
, '.');
5030 lvalue
= dot
? dot
+ 1 : i
;
5034 if (!prev
|| !strneq(prev
, i
, prefix_len
+1)) {
5038 fprintf(f
, "[%.*s]\n", (int) prefix_len
, i
);
5041 fprintf(f
, "%s=%s\n", lvalue
, rvalue
);
5046 int config_parse_cpu_affinity2(
5048 const char *filename
,
5050 const char *section
,
5051 unsigned section_line
,
5058 CPUSet
*affinity
= data
;
5062 (void) parse_cpu_set_extend(rvalue
, affinity
, true, unit
, filename
, line
, lvalue
);
5067 int config_parse_show_status(
5069 const char *filename
,
5071 const char *section
,
5072 unsigned section_line
,
5080 ShowStatus
*b
= data
;
5087 k
= parse_show_status(rvalue
, b
);
5089 log_syntax(unit
, LOG_ERR
, filename
, line
, k
, "Failed to parse show status setting, ignoring: %s", rvalue
);
5096 int config_parse_output_restricted(
5098 const char *filename
,
5100 const char *section
,
5101 unsigned section_line
,
5108 ExecOutput t
, *eo
= data
;
5109 bool obsolete
= false;
5116 if (streq(rvalue
, "syslog")) {
5117 t
= EXEC_OUTPUT_JOURNAL
;
5119 } else if (streq(rvalue
, "syslog+console")) {
5120 t
= EXEC_OUTPUT_JOURNAL_AND_CONSOLE
;
5123 t
= exec_output_from_string(rvalue
);
5125 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output type, ignoring: %s", rvalue
);
5129 if (IN_SET(t
, EXEC_OUTPUT_SOCKET
, EXEC_OUTPUT_NAMED_FD
, EXEC_OUTPUT_FILE
, EXEC_OUTPUT_FILE_APPEND
)) {
5130 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard output types socket, fd:, file:, append: are not supported as defaults, ignoring: %s", rvalue
);
5136 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
5137 "Standard output type %s is obsolete, automatically updating to %s. Please update your configuration.",
5138 rvalue
, exec_output_to_string(t
));
5144 int config_parse_crash_chvt(
5146 const char *filename
,
5148 const char *section
,
5149 unsigned section_line
,
5163 r
= parse_crash_chvt(rvalue
, data
);
5165 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue
);
5172 int config_parse_swap_priority(
5174 const char *filename
,
5176 const char *section
,
5177 unsigned section_line
,
5193 if (isempty(rvalue
)) {
5194 s
->parameters_fragment
.priority
= -1;
5195 s
->parameters_fragment
.priority_set
= false;
5199 r
= safe_atoi(rvalue
, &priority
);
5201 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid swap priority '%s', ignoring.", rvalue
);
5205 if (priority
< -1) {
5206 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue
);
5210 if (priority
> 32767) {
5211 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Swap priority out of range, ignoring: %s", rvalue
);
5215 s
->parameters_fragment
.priority
= priority
;
5216 s
->parameters_fragment
.priority_set
= true;