]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: make "taint" string logic a bit more generic and output it at boot
[thirdparty/systemd.git] / src / core / manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <linux/kd.h>
24 #include <signal.h>
25 #include <stdio_ext.h>
26 #include <string.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
32 #include <sys/wait.h>
33 #include <unistd.h>
34
35 #if HAVE_AUDIT
36 #include <libaudit.h>
37 #endif
38
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
41 #include "sd-path.h"
42
43 #include "alloc-util.h"
44 #include "audit-fd.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
49 #include "bus-util.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
52 #include "dbus-job.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
55 #include "dbus.h"
56 #include "dirent-util.h"
57 #include "env-util.h"
58 #include "escape.h"
59 #include "exec-util.h"
60 #include "execute.h"
61 #include "exit-status.h"
62 #include "fd-util.h"
63 #include "fileio.h"
64 #include "fs-util.h"
65 #include "hashmap.h"
66 #include "io-util.h"
67 #include "label.h"
68 #include "locale-setup.h"
69 #include "log.h"
70 #include "macro.h"
71 #include "manager.h"
72 #include "missing.h"
73 #include "mkdir.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
79 #include "rm-rf.h"
80 #include "signal-util.h"
81 #include "special.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
85 #include "strv.h"
86 #include "terminal-util.h"
87 #include "time-util.h"
88 #include "transaction.h"
89 #include "umask-util.h"
90 #include "unit-name.h"
91 #include "user-util.h"
92 #include "util.h"
93 #include "virt.h"
94 #include "watchdog.h"
95
96 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
97 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
98
99 /* Initial delay and the interval for printing status messages about running jobs */
100 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
101 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
102 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
103
104 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
105 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
106 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
107 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
109 static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
110 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
111 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
112 static int manager_run_environment_generators(Manager *m);
113 static int manager_run_generators(Manager *m);
114
115 static void manager_watch_jobs_in_progress(Manager *m) {
116 usec_t next;
117 int r;
118
119 assert(m);
120
121 /* We do not want to show the cylon animation if the user
122 * needs to confirm service executions otherwise confirmation
123 * messages will be screwed by the cylon animation. */
124 if (!manager_is_confirm_spawn_disabled(m))
125 return;
126
127 if (m->jobs_in_progress_event_source)
128 return;
129
130 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
131 r = sd_event_add_time(
132 m->event,
133 &m->jobs_in_progress_event_source,
134 CLOCK_MONOTONIC,
135 next, 0,
136 manager_dispatch_jobs_in_progress, m);
137 if (r < 0)
138 return;
139
140 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
141 }
142
143 #define CYLON_BUFFER_EXTRA (2*(sizeof(ANSI_RED)-1) + sizeof(ANSI_HIGHLIGHT_RED)-1 + 2*(sizeof(ANSI_NORMAL)-1))
144
145 static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
146 char *p = buffer;
147
148 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
149 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
150
151 if (pos > 1) {
152 if (pos > 2)
153 p = mempset(p, ' ', pos-2);
154 if (log_get_show_color())
155 p = stpcpy(p, ANSI_RED);
156 *p++ = '*';
157 }
158
159 if (pos > 0 && pos <= width) {
160 if (log_get_show_color())
161 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
162 *p++ = '*';
163 }
164
165 if (log_get_show_color())
166 p = stpcpy(p, ANSI_NORMAL);
167
168 if (pos < width) {
169 if (log_get_show_color())
170 p = stpcpy(p, ANSI_RED);
171 *p++ = '*';
172 if (pos < width-1)
173 p = mempset(p, ' ', width-1-pos);
174 if (log_get_show_color())
175 strcpy(p, ANSI_NORMAL);
176 }
177 }
178
179 void manager_flip_auto_status(Manager *m, bool enable) {
180 assert(m);
181
182 if (enable) {
183 if (m->show_status == SHOW_STATUS_AUTO)
184 manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
185 } else {
186 if (m->show_status == SHOW_STATUS_TEMPORARY)
187 manager_set_show_status(m, SHOW_STATUS_AUTO);
188 }
189 }
190
191 static void manager_print_jobs_in_progress(Manager *m) {
192 _cleanup_free_ char *job_of_n = NULL;
193 Iterator i;
194 Job *j;
195 unsigned counter = 0, print_nr;
196 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
197 unsigned cylon_pos;
198 char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
199 uint64_t x;
200
201 assert(m);
202 assert(m->n_running_jobs > 0);
203
204 manager_flip_auto_status(m, true);
205
206 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
207
208 HASHMAP_FOREACH(j, m->jobs, i)
209 if (j->state == JOB_RUNNING && counter++ == print_nr)
210 break;
211
212 /* m->n_running_jobs must be consistent with the contents of m->jobs,
213 * so the above loop must have succeeded in finding j. */
214 assert(counter == print_nr + 1);
215 assert(j);
216
217 cylon_pos = m->jobs_in_progress_iteration % 14;
218 if (cylon_pos >= 8)
219 cylon_pos = 14 - cylon_pos;
220 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
221
222 m->jobs_in_progress_iteration++;
223
224 if (m->n_running_jobs > 1) {
225 if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
226 job_of_n = NULL;
227 }
228
229 format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
230 if (job_get_timeout(j, &x) > 0)
231 format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
232
233 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
234 "%sA %s job is running for %s (%s / %s)",
235 strempty(job_of_n),
236 job_type_to_string(j->type),
237 unit_description(j->unit),
238 time, limit);
239 }
240
241 static int have_ask_password(void) {
242 _cleanup_closedir_ DIR *dir;
243 struct dirent *de;
244
245 dir = opendir("/run/systemd/ask-password");
246 if (!dir) {
247 if (errno == ENOENT)
248 return false;
249 else
250 return -errno;
251 }
252
253 FOREACH_DIRENT_ALL(de, dir, return -errno) {
254 if (startswith(de->d_name, "ask."))
255 return true;
256 }
257 return false;
258 }
259
260 static int manager_dispatch_ask_password_fd(sd_event_source *source,
261 int fd, uint32_t revents, void *userdata) {
262 Manager *m = userdata;
263
264 assert(m);
265
266 flush_fd(fd);
267
268 m->have_ask_password = have_ask_password();
269 if (m->have_ask_password < 0)
270 /* Log error but continue. Negative have_ask_password
271 * is treated as unknown status. */
272 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
273
274 return 0;
275 }
276
277 static void manager_close_ask_password(Manager *m) {
278 assert(m);
279
280 m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
281 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
282 m->have_ask_password = -EINVAL;
283 }
284
285 static int manager_check_ask_password(Manager *m) {
286 int r;
287
288 assert(m);
289
290 if (!m->ask_password_event_source) {
291 assert(m->ask_password_inotify_fd < 0);
292
293 mkdir_p_label("/run/systemd/ask-password", 0755);
294
295 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
296 if (m->ask_password_inotify_fd < 0)
297 return log_error_errno(errno, "inotify_init1() failed: %m");
298
299 if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
300 log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
301 manager_close_ask_password(m);
302 return -errno;
303 }
304
305 r = sd_event_add_io(m->event, &m->ask_password_event_source,
306 m->ask_password_inotify_fd, EPOLLIN,
307 manager_dispatch_ask_password_fd, m);
308 if (r < 0) {
309 log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
310 manager_close_ask_password(m);
311 return -errno;
312 }
313
314 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
315
316 /* Queries might have been added meanwhile... */
317 manager_dispatch_ask_password_fd(m->ask_password_event_source,
318 m->ask_password_inotify_fd, EPOLLIN, m);
319 }
320
321 return m->have_ask_password;
322 }
323
324 static int manager_watch_idle_pipe(Manager *m) {
325 int r;
326
327 assert(m);
328
329 if (m->idle_pipe_event_source)
330 return 0;
331
332 if (m->idle_pipe[2] < 0)
333 return 0;
334
335 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
336 if (r < 0)
337 return log_error_errno(r, "Failed to watch idle pipe: %m");
338
339 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
340
341 return 0;
342 }
343
344 static void manager_close_idle_pipe(Manager *m) {
345 assert(m);
346
347 m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
348
349 safe_close_pair(m->idle_pipe);
350 safe_close_pair(m->idle_pipe + 2);
351 }
352
353 static int manager_setup_time_change(Manager *m) {
354 int r;
355
356 /* We only care for the cancellation event, hence we set the
357 * timeout to the latest possible value. */
358 struct itimerspec its = {
359 .it_value.tv_sec = TIME_T_MAX,
360 };
361
362 assert(m);
363 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
364
365 if (m->test_run_flags)
366 return 0;
367
368 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
369 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
370
371 m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
372 if (m->time_change_fd < 0)
373 return log_error_errno(errno, "Failed to create timerfd: %m");
374
375 if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
376 log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
377 m->time_change_fd = safe_close(m->time_change_fd);
378 return 0;
379 }
380
381 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
382 if (r < 0)
383 return log_error_errno(r, "Failed to create time change event source: %m");
384
385 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
386
387 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
388
389 return 0;
390 }
391
392 static int enable_special_signals(Manager *m) {
393 _cleanup_close_ int fd = -1;
394
395 assert(m);
396
397 if (m->test_run_flags)
398 return 0;
399
400 /* Enable that we get SIGINT on control-alt-del. In containers
401 * this will fail with EPERM (older) or EINVAL (newer), so
402 * ignore that. */
403 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
404 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
405
406 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
407 if (fd < 0) {
408 /* Support systems without virtual console */
409 if (fd != -ENOENT)
410 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
411 } else {
412 /* Enable that we get SIGWINCH on kbrequest */
413 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
414 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
415 }
416
417 return 0;
418 }
419
420 static int manager_setup_signals(Manager *m) {
421 struct sigaction sa = {
422 .sa_handler = SIG_DFL,
423 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
424 };
425 sigset_t mask;
426 int r;
427
428 assert(m);
429
430 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
431
432 /* We make liberal use of realtime signals here. On
433 * Linux/glibc we have 30 of them (with the exception of Linux
434 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
435 * (aka SIGRTMAX). */
436
437 assert_se(sigemptyset(&mask) == 0);
438 sigset_add_many(&mask,
439 SIGCHLD, /* Child died */
440 SIGTERM, /* Reexecute daemon */
441 SIGHUP, /* Reload configuration */
442 SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
443 SIGUSR2, /* systemd: dump status */
444 SIGINT, /* Kernel sends us this on control-alt-del */
445 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
446 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
447
448 SIGRTMIN+0, /* systemd: start default.target */
449 SIGRTMIN+1, /* systemd: isolate rescue.target */
450 SIGRTMIN+2, /* systemd: isolate emergency.target */
451 SIGRTMIN+3, /* systemd: start halt.target */
452 SIGRTMIN+4, /* systemd: start poweroff.target */
453 SIGRTMIN+5, /* systemd: start reboot.target */
454 SIGRTMIN+6, /* systemd: start kexec.target */
455
456 /* ... space for more special targets ... */
457
458 SIGRTMIN+13, /* systemd: Immediate halt */
459 SIGRTMIN+14, /* systemd: Immediate poweroff */
460 SIGRTMIN+15, /* systemd: Immediate reboot */
461 SIGRTMIN+16, /* systemd: Immediate kexec */
462
463 /* ... space for more immediate system state changes ... */
464
465 SIGRTMIN+20, /* systemd: enable status messages */
466 SIGRTMIN+21, /* systemd: disable status messages */
467 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
468 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
469 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
470
471 /* .. one free signal here ... */
472
473 #if !defined(__hppa64__) && !defined(__hppa__)
474 /* Apparently Linux on hppa has fewer RT
475 * signals (SIGRTMAX is SIGRTMIN+25 there),
476 * hence let's not try to make use of them
477 * here. Since these commands are accessible
478 * by different means and only really a safety
479 * net, the missing functionality on hppa
480 * shouldn't matter. */
481
482 SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
483 SIGRTMIN+27, /* systemd: set log target to console */
484 SIGRTMIN+28, /* systemd: set log target to kmsg */
485 SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
486
487 /* ... one free signal here SIGRTMIN+30 ... */
488 #endif
489 -1);
490 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
491
492 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
493 if (m->signal_fd < 0)
494 return -errno;
495
496 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
497 if (r < 0)
498 return r;
499
500 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
501
502 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
503 * notify processing can still figure out to which process/service a message belongs, before we reap the
504 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
505 * status information before detecting that there's no process in a cgroup. */
506 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
507 if (r < 0)
508 return r;
509
510 if (MANAGER_IS_SYSTEM(m))
511 return enable_special_signals(m);
512
513 return 0;
514 }
515
516 static void manager_clean_environment(Manager *m) {
517 assert(m);
518
519 /* Let's remove some environment variables that we
520 * need ourselves to communicate with our clients */
521 strv_env_unset_many(
522 m->environment,
523 "NOTIFY_SOCKET",
524 "MAINPID",
525 "MANAGERPID",
526 "LISTEN_PID",
527 "LISTEN_FDS",
528 "LISTEN_FDNAMES",
529 "WATCHDOG_PID",
530 "WATCHDOG_USEC",
531 "INVOCATION_ID",
532 NULL);
533 }
534
535 static int manager_default_environment(Manager *m) {
536 assert(m);
537
538 if (MANAGER_IS_SYSTEM(m)) {
539 /* The system manager always starts with a clean
540 * environment for its children. It does not import
541 * the kernel's or the parents' exported variables.
542 *
543 * The initial passed environment is untouched to keep
544 * /proc/self/environ valid; it is used for tagging
545 * the init process inside containers. */
546 m->environment = strv_new("PATH=" DEFAULT_PATH,
547 NULL);
548
549 /* Import locale variables LC_*= from configuration */
550 locale_setup(&m->environment);
551 } else
552 /* The user manager passes its own environment
553 * along to its children. */
554 m->environment = strv_copy(environ);
555
556 if (!m->environment)
557 return -ENOMEM;
558
559 manager_clean_environment(m);
560 strv_sort(m->environment);
561
562 return 0;
563 }
564
565 static int manager_setup_prefix(Manager *m) {
566 struct table_entry {
567 uint64_t type;
568 const char *suffix;
569 };
570
571 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
572 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
573 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
574 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
575 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
576 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
577 };
578
579 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
580 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
581 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
582 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
583 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
584 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
585 };
586
587 const struct table_entry *p;
588 ExecDirectoryType i;
589 int r;
590
591 assert(m);
592
593 if (MANAGER_IS_SYSTEM(m))
594 p = paths_system;
595 else
596 p = paths_user;
597
598 for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
599 r = sd_path_home(p[i].type, p[i].suffix, &m->prefix[i]);
600 if (r < 0)
601 return r;
602 }
603
604 return 0;
605 }
606
607 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) {
608 Manager *m;
609 int r;
610
611 assert(_m);
612 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
613
614 m = new0(Manager, 1);
615 if (!m)
616 return -ENOMEM;
617
618 m->unit_file_scope = scope;
619 m->exit_code = _MANAGER_EXIT_CODE_INVALID;
620 m->default_timer_accuracy_usec = USEC_PER_MINUTE;
621 m->default_tasks_accounting = true;
622 m->default_tasks_max = UINT64_MAX;
623 m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
624 m->default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
625 m->default_restart_usec = DEFAULT_RESTART_USEC;
626
627 #if ENABLE_EFI
628 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
629 boot_timestamps(m->timestamps + MANAGER_TIMESTAMP_USERSPACE,
630 m->timestamps + MANAGER_TIMESTAMP_FIRMWARE,
631 m->timestamps + MANAGER_TIMESTAMP_LOADER);
632 #endif
633
634 /* Prepare log fields we can use for structured logging */
635 if (MANAGER_IS_SYSTEM(m)) {
636 m->unit_log_field = "UNIT=";
637 m->unit_log_format_string = "UNIT=%s";
638
639 m->invocation_log_field = "INVOCATION_ID=";
640 m->invocation_log_format_string = "INVOCATION_ID=%s";
641 } else {
642 m->unit_log_field = "USER_UNIT=";
643 m->unit_log_format_string = "USER_UNIT=%s";
644
645 m->invocation_log_field = "USER_INVOCATION_ID=";
646 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
647 }
648
649 m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
650
651 m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
652 m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
653 m->ask_password_inotify_fd = -1;
654
655 m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
656
657 m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
658
659 m->have_ask_password = -EINVAL; /* we don't know */
660 m->first_boot = -1;
661
662 m->test_run_flags = test_run_flags;
663
664 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
665 RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
666
667 r = manager_default_environment(m);
668 if (r < 0)
669 goto fail;
670
671 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
672 if (r < 0)
673 goto fail;
674
675 r = hashmap_ensure_allocated(&m->jobs, NULL);
676 if (r < 0)
677 goto fail;
678
679 r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops);
680 if (r < 0)
681 goto fail;
682
683 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
684 if (r < 0)
685 goto fail;
686
687 r = sd_event_default(&m->event);
688 if (r < 0)
689 goto fail;
690
691 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
692 if (r < 0)
693 goto fail;
694
695 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
696 if (r < 0)
697 goto fail;
698
699 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
700 if (r < 0)
701 goto fail;
702
703 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
704
705 r = manager_setup_signals(m);
706 if (r < 0)
707 goto fail;
708
709 r = manager_setup_cgroup(m);
710 if (r < 0)
711 goto fail;
712
713 r = manager_setup_time_change(m);
714 if (r < 0)
715 goto fail;
716
717 m->udev = udev_new();
718 if (!m->udev) {
719 r = -ENOMEM;
720 goto fail;
721 }
722
723 if (MANAGER_IS_SYSTEM(m)) {
724 r = mkdir_label("/run/systemd/units", 0755);
725 if (r < 0 && r != -EEXIST)
726 goto fail;
727 }
728
729 /* Note that we do not set up the notify fd here. We do that after deserialization,
730 * since they might have gotten serialized across the reexec. */
731
732 m->taint_usr = dir_is_empty("/usr") > 0;
733
734 r = manager_setup_prefix(m);
735 if (r < 0)
736 goto fail;
737
738 *_m = m;
739 return 0;
740
741 fail:
742 manager_free(m);
743 return r;
744 }
745
746 static int manager_setup_notify(Manager *m) {
747 int r;
748
749 if (m->test_run_flags)
750 return 0;
751
752 if (m->notify_fd < 0) {
753 _cleanup_close_ int fd = -1;
754 union sockaddr_union sa = {
755 .sa.sa_family = AF_UNIX,
756 };
757 static const int one = 1;
758
759 /* First free all secondary fields */
760 m->notify_socket = mfree(m->notify_socket);
761 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
762
763 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
764 if (fd < 0)
765 return log_error_errno(errno, "Failed to allocate notification socket: %m");
766
767 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
768
769 m->notify_socket = strappend(m->prefix[EXEC_DIRECTORY_RUNTIME], "/systemd/notify");
770 if (!m->notify_socket)
771 return log_oom();
772
773 (void) mkdir_parents_label(m->notify_socket, 0755);
774 (void) unlink(m->notify_socket);
775
776 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
777 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
778 if (r < 0)
779 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
780
781 r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
782 if (r < 0)
783 return log_error_errno(errno, "SO_PASSCRED failed: %m");
784
785 m->notify_fd = fd;
786 fd = -1;
787
788 log_debug("Using notification socket %s", m->notify_socket);
789 }
790
791 if (!m->notify_event_source) {
792 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
793 if (r < 0)
794 return log_error_errno(r, "Failed to allocate notify event source: %m");
795
796 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
797 * service an exit message belongs. */
798 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-7);
799 if (r < 0)
800 return log_error_errno(r, "Failed to set priority of notify event source: %m");
801
802 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
803 }
804
805 return 0;
806 }
807
808 static int manager_setup_cgroups_agent(Manager *m) {
809
810 static const union sockaddr_union sa = {
811 .un.sun_family = AF_UNIX,
812 .un.sun_path = "/run/systemd/cgroups-agent",
813 };
814 int r;
815
816 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
817 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
818 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
819 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
820 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
821 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
822 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
823 * we thus won't lose messages.
824 *
825 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
826 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
827 * bus for these messages. */
828
829 if (m->test_run_flags)
830 return 0;
831
832 if (!MANAGER_IS_SYSTEM(m))
833 return 0;
834
835 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
836 if (r < 0)
837 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
838 if (r > 0) /* We don't need this anymore on the unified hierarchy */
839 return 0;
840
841 if (m->cgroups_agent_fd < 0) {
842 _cleanup_close_ int fd = -1;
843
844 /* First free all secondary fields */
845 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
846
847 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
848 if (fd < 0)
849 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
850
851 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
852
853 (void) unlink(sa.un.sun_path);
854
855 /* Only allow root to connect to this socket */
856 RUN_WITH_UMASK(0077)
857 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
858 if (r < 0)
859 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
860
861 m->cgroups_agent_fd = fd;
862 fd = -1;
863 }
864
865 if (!m->cgroups_agent_event_source) {
866 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
867 if (r < 0)
868 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
869
870 /* Process cgroups notifications early, but after having processed service notification messages or
871 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
872 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
873 * cgroup inotify for the unified cgroup stuff. */
874 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-4);
875 if (r < 0)
876 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
877
878 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
879 }
880
881 return 0;
882 }
883
884 static int manager_setup_user_lookup_fd(Manager *m) {
885 int r;
886
887 assert(m);
888
889 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
890 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
891 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
892 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
893 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
894 * hence we establish this communication channel so that forked off processes can pass their UID/GID
895 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
896 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
897 * this purpose.
898 *
899 * You might wonder why we need a communication channel for this that is independent of the usual notification
900 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
901 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
902 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
903 *
904 * Note that this function is called under two circumstances: when we first initialize (in which case we
905 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
906 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
907
908 if (m->user_lookup_fds[0] < 0) {
909
910 /* Free all secondary fields */
911 safe_close_pair(m->user_lookup_fds);
912 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
913
914 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
915 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
916
917 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
918 }
919
920 if (!m->user_lookup_event_source) {
921 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
922 if (r < 0)
923 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
924
925 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
926 * resolutions */
927 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-8);
928 if (r < 0)
929 return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
930
931 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
932 }
933
934 return 0;
935 }
936
937 static int manager_connect_bus(Manager *m, bool reexecuting) {
938 bool try_bus_connect;
939 Unit *u = NULL;
940
941 assert(m);
942
943 if (m->test_run_flags)
944 return 0;
945
946 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
947
948 try_bus_connect =
949 (u && SERVICE(u)->deserialized_state == SERVICE_RUNNING) &&
950 (reexecuting ||
951 (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")));
952
953 /* Try to connect to the buses, if possible. */
954 return bus_init(m, try_bus_connect);
955 }
956
957 static unsigned manager_dispatch_cleanup_queue(Manager *m) {
958 Unit *u;
959 unsigned n = 0;
960
961 assert(m);
962
963 while ((u = m->cleanup_queue)) {
964 assert(u->in_cleanup_queue);
965
966 unit_free(u);
967 n++;
968 }
969
970 return n;
971 }
972
973 enum {
974 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
975 GC_OFFSET_UNSURE, /* No clue */
976 GC_OFFSET_GOOD, /* We still need this unit */
977 GC_OFFSET_BAD, /* We don't need this unit anymore */
978 _GC_OFFSET_MAX
979 };
980
981 static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
982 Unit *other;
983 Iterator i;
984 void *v;
985
986 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
987
988 /* Recursively mark referenced units as GOOD as well */
989 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCES], i)
990 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
991 unit_gc_mark_good(other, gc_marker);
992 }
993
994 static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
995 Unit *other;
996 bool is_bad;
997 Iterator i;
998 void *v;
999
1000 assert(u);
1001
1002 if (IN_SET(u->gc_marker - gc_marker,
1003 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
1004 return;
1005
1006 if (u->in_cleanup_queue)
1007 goto bad;
1008
1009 if (unit_check_gc(u))
1010 goto good;
1011
1012 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
1013
1014 is_bad = true;
1015
1016 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCED_BY], i) {
1017 unit_gc_sweep(other, gc_marker);
1018
1019 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
1020 goto good;
1021
1022 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
1023 is_bad = false;
1024 }
1025
1026 if (is_bad)
1027 goto bad;
1028
1029 /* We were unable to find anything out about this entry, so
1030 * let's investigate it later */
1031 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
1032 unit_add_to_gc_queue(u);
1033 return;
1034
1035 bad:
1036 /* We definitely know that this one is not useful anymore, so
1037 * let's mark it for deletion */
1038 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1039 unit_add_to_cleanup_queue(u);
1040 return;
1041
1042 good:
1043 unit_gc_mark_good(u, gc_marker);
1044 }
1045
1046 static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1047 unsigned n = 0, gc_marker;
1048 Unit *u;
1049
1050 assert(m);
1051
1052 /* log_debug("Running GC..."); */
1053
1054 m->gc_marker += _GC_OFFSET_MAX;
1055 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
1056 m->gc_marker = 1;
1057
1058 gc_marker = m->gc_marker;
1059
1060 while ((u = m->gc_unit_queue)) {
1061 assert(u->in_gc_queue);
1062
1063 unit_gc_sweep(u, gc_marker);
1064
1065 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
1066 u->in_gc_queue = false;
1067
1068 n++;
1069
1070 if (IN_SET(u->gc_marker - gc_marker,
1071 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
1072 if (u->id)
1073 log_unit_debug(u, "Collecting.");
1074 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1075 unit_add_to_cleanup_queue(u);
1076 }
1077 }
1078
1079 return n;
1080 }
1081
1082 static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1083 unsigned n = 0;
1084 Job *j;
1085
1086 assert(m);
1087
1088 while ((j = m->gc_job_queue)) {
1089 assert(j->in_gc_queue);
1090
1091 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1092 j->in_gc_queue = false;
1093
1094 n++;
1095
1096 if (job_check_gc(j))
1097 continue;
1098
1099 log_unit_debug(j->unit, "Collecting job.");
1100 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1101 }
1102
1103 return n;
1104 }
1105
1106 static void manager_clear_jobs_and_units(Manager *m) {
1107 Unit *u;
1108
1109 assert(m);
1110
1111 while ((u = hashmap_first(m->units)))
1112 unit_free(u);
1113
1114 manager_dispatch_cleanup_queue(m);
1115
1116 assert(!m->load_queue);
1117 assert(!m->run_queue);
1118 assert(!m->dbus_unit_queue);
1119 assert(!m->dbus_job_queue);
1120 assert(!m->cleanup_queue);
1121 assert(!m->gc_unit_queue);
1122 assert(!m->gc_job_queue);
1123
1124 assert(hashmap_isempty(m->jobs));
1125 assert(hashmap_isempty(m->units));
1126
1127 m->n_on_console = 0;
1128 m->n_running_jobs = 0;
1129 }
1130
1131 Manager* manager_free(Manager *m) {
1132 UnitType c;
1133 int i;
1134 ExecDirectoryType dt;
1135
1136 if (!m)
1137 return NULL;
1138
1139 manager_clear_jobs_and_units(m);
1140
1141 for (c = 0; c < _UNIT_TYPE_MAX; c++)
1142 if (unit_vtable[c]->shutdown)
1143 unit_vtable[c]->shutdown(m);
1144
1145 /* If we reexecute ourselves, we keep the root cgroup around */
1146 manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
1147
1148 lookup_paths_flush_generator(&m->lookup_paths);
1149
1150 bus_done(m);
1151
1152 dynamic_user_vacuum(m, false);
1153 hashmap_free(m->dynamic_users);
1154
1155 hashmap_free(m->units);
1156 hashmap_free(m->units_by_invocation_id);
1157 hashmap_free(m->jobs);
1158 hashmap_free(m->watch_pids1);
1159 hashmap_free(m->watch_pids2);
1160 hashmap_free(m->watch_bus);
1161
1162 set_free(m->startup_units);
1163 set_free(m->failed_units);
1164
1165 sd_event_source_unref(m->signal_event_source);
1166 sd_event_source_unref(m->notify_event_source);
1167 sd_event_source_unref(m->cgroups_agent_event_source);
1168 sd_event_source_unref(m->time_change_event_source);
1169 sd_event_source_unref(m->jobs_in_progress_event_source);
1170 sd_event_source_unref(m->run_queue_event_source);
1171 sd_event_source_unref(m->user_lookup_event_source);
1172
1173 safe_close(m->signal_fd);
1174 safe_close(m->notify_fd);
1175 safe_close(m->cgroups_agent_fd);
1176 safe_close(m->time_change_fd);
1177 safe_close_pair(m->user_lookup_fds);
1178
1179 manager_close_ask_password(m);
1180
1181 manager_close_idle_pipe(m);
1182
1183 udev_unref(m->udev);
1184 sd_event_unref(m->event);
1185
1186 free(m->notify_socket);
1187
1188 lookup_paths_free(&m->lookup_paths);
1189 strv_free(m->environment);
1190
1191 hashmap_free(m->cgroup_unit);
1192 set_free_free(m->unit_path_cache);
1193
1194 free(m->switch_root);
1195 free(m->switch_root_init);
1196
1197 for (i = 0; i < _RLIMIT_MAX; i++)
1198 m->rlimit[i] = mfree(m->rlimit[i]);
1199
1200 assert(hashmap_isempty(m->units_requiring_mounts_for));
1201 hashmap_free(m->units_requiring_mounts_for);
1202
1203 hashmap_free(m->uid_refs);
1204 hashmap_free(m->gid_refs);
1205
1206 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
1207 m->prefix[dt] = mfree(m->prefix[dt]);
1208
1209 return mfree(m);
1210 }
1211
1212 void manager_enumerate(Manager *m) {
1213 UnitType c;
1214
1215 assert(m);
1216
1217 /* Let's ask every type to load all units from disk/kernel
1218 * that it might know */
1219 for (c = 0; c < _UNIT_TYPE_MAX; c++) {
1220 if (!unit_type_supported(c)) {
1221 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1222 continue;
1223 }
1224
1225 if (!unit_vtable[c]->enumerate)
1226 continue;
1227
1228 unit_vtable[c]->enumerate(m);
1229 }
1230
1231 manager_dispatch_load_queue(m);
1232 }
1233
1234 static void manager_coldplug(Manager *m) {
1235 Iterator i;
1236 Unit *u;
1237 char *k;
1238 int r;
1239
1240 assert(m);
1241
1242 /* Then, let's set up their initial state. */
1243 HASHMAP_FOREACH_KEY(u, k, m->units, i) {
1244
1245 /* ignore aliases */
1246 if (u->id != k)
1247 continue;
1248
1249 r = unit_coldplug(u);
1250 if (r < 0)
1251 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
1252 }
1253 }
1254
1255 static void manager_build_unit_path_cache(Manager *m) {
1256 char **i;
1257 int r;
1258
1259 assert(m);
1260
1261 set_free_free(m->unit_path_cache);
1262
1263 m->unit_path_cache = set_new(&string_hash_ops);
1264 if (!m->unit_path_cache) {
1265 r = -ENOMEM;
1266 goto fail;
1267 }
1268
1269 /* This simply builds a list of files we know exist, so that
1270 * we don't always have to go to disk */
1271
1272 STRV_FOREACH(i, m->lookup_paths.search_path) {
1273 _cleanup_closedir_ DIR *d = NULL;
1274 struct dirent *de;
1275
1276 d = opendir(*i);
1277 if (!d) {
1278 if (errno != ENOENT)
1279 log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
1280 continue;
1281 }
1282
1283 FOREACH_DIRENT(de, d, r = -errno; goto fail) {
1284 char *p;
1285
1286 p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name);
1287 if (!p) {
1288 r = -ENOMEM;
1289 goto fail;
1290 }
1291
1292 r = set_consume(m->unit_path_cache, p);
1293 if (r < 0)
1294 goto fail;
1295 }
1296 }
1297
1298 return;
1299
1300 fail:
1301 log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
1302 m->unit_path_cache = set_free_free(m->unit_path_cache);
1303 }
1304
1305 static void manager_distribute_fds(Manager *m, FDSet *fds) {
1306 Iterator i;
1307 Unit *u;
1308
1309 assert(m);
1310
1311 HASHMAP_FOREACH(u, m->units, i) {
1312
1313 if (fdset_size(fds) <= 0)
1314 break;
1315
1316 if (!UNIT_VTABLE(u)->distribute_fds)
1317 continue;
1318
1319 UNIT_VTABLE(u)->distribute_fds(u, fds);
1320 }
1321 }
1322
1323 int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
1324 int r;
1325
1326 assert(m);
1327
1328 /* If we are running in test mode, we still want to run the generators,
1329 * but we should not touch the real generator directories. */
1330 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
1331 m->test_run_flags ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
1332 NULL);
1333 if (r < 0)
1334 return r;
1335
1336 r = manager_run_environment_generators(m);
1337 if (r < 0)
1338 return r;
1339
1340 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_START);
1341 r = manager_run_generators(m);
1342 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_GENERATORS_FINISH);
1343 if (r < 0)
1344 return r;
1345
1346 /* If this is the first boot, and we are in the host system, then preset everything */
1347 if (m->first_boot > 0 &&
1348 MANAGER_IS_SYSTEM(m) &&
1349 !m->test_run_flags) {
1350
1351 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1352 if (r < 0)
1353 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1354 "Failed to populate /etc with preset unit settings, ignoring: %m");
1355 else
1356 log_info("Populated /etc with preset unit settings.");
1357 }
1358
1359 lookup_paths_reduce(&m->lookup_paths);
1360 manager_build_unit_path_cache(m);
1361
1362 /* If we will deserialize make sure that during enumeration
1363 * this is already known, so we increase the counter here
1364 * already */
1365 if (serialization)
1366 m->n_reloading++;
1367
1368 /* First, enumerate what we can from all config files */
1369 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_START);
1370 manager_enumerate(m);
1371 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_UNITS_LOAD_FINISH);
1372
1373 /* Second, deserialize if there is something to deserialize */
1374 if (serialization) {
1375 r = manager_deserialize(m, serialization, fds);
1376 if (r < 0)
1377 return log_error_errno(r, "Deserialization failed: %m");
1378 }
1379
1380 /* Any fds left? Find some unit which wants them. This is
1381 * useful to allow container managers to pass some file
1382 * descriptors to us pre-initialized. This enables
1383 * socket-based activation of entire containers. */
1384 manager_distribute_fds(m, fds);
1385
1386 /* We might have deserialized the notify fd, but if we didn't
1387 * then let's create the bus now */
1388 r = manager_setup_notify(m);
1389 if (r < 0)
1390 /* No sense to continue without notifications, our children would fail anyway. */
1391 return r;
1392
1393 r = manager_setup_cgroups_agent(m);
1394 if (r < 0)
1395 /* Likewise, no sense to continue without empty cgroup notifications. */
1396 return r;
1397
1398 r = manager_setup_user_lookup_fd(m);
1399 if (r < 0)
1400 /* This shouldn't fail, except if things are really broken. */
1401 return r;
1402
1403 /* Let's connect to the bus now. */
1404 (void) manager_connect_bus(m, !!serialization);
1405
1406 (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1407 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1408
1409 /* Third, fire things up! */
1410 manager_coldplug(m);
1411
1412 /* Release any dynamic users no longer referenced */
1413 dynamic_user_vacuum(m, true);
1414
1415 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1416 manager_vacuum_uid_refs(m);
1417 manager_vacuum_gid_refs(m);
1418
1419 if (serialization) {
1420 assert(m->n_reloading > 0);
1421 m->n_reloading--;
1422
1423 /* Let's wait for the UnitNew/JobNew messages being
1424 * sent, before we notify that the reload is
1425 * finished */
1426 m->send_reloading_done = true;
1427 }
1428
1429 return 0;
1430 }
1431
1432 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
1433 int r;
1434 Transaction *tr;
1435
1436 assert(m);
1437 assert(type < _JOB_TYPE_MAX);
1438 assert(unit);
1439 assert(mode < _JOB_MODE_MAX);
1440
1441 if (mode == JOB_ISOLATE && type != JOB_START)
1442 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
1443
1444 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1445 return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
1446
1447 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
1448
1449 type = job_type_collapse(type, unit);
1450
1451 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1452 if (!tr)
1453 return -ENOMEM;
1454
1455 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
1456 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
1457 mode == JOB_IGNORE_DEPENDENCIES, e);
1458 if (r < 0)
1459 goto tr_abort;
1460
1461 if (mode == JOB_ISOLATE) {
1462 r = transaction_add_isolate_jobs(tr, m);
1463 if (r < 0)
1464 goto tr_abort;
1465 }
1466
1467 r = transaction_activate(tr, m, mode, e);
1468 if (r < 0)
1469 goto tr_abort;
1470
1471 log_unit_debug(unit,
1472 "Enqueued job %s/%s as %u", unit->id,
1473 job_type_to_string(type), (unsigned) tr->anchor_job->id);
1474
1475 if (_ret)
1476 *_ret = tr->anchor_job;
1477
1478 transaction_free(tr);
1479 return 0;
1480
1481 tr_abort:
1482 transaction_abort(tr);
1483 transaction_free(tr);
1484 return r;
1485 }
1486
1487 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
1488 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
1489 int r;
1490
1491 assert(m);
1492 assert(type < _JOB_TYPE_MAX);
1493 assert(name);
1494 assert(mode < _JOB_MODE_MAX);
1495
1496 r = manager_load_unit(m, name, NULL, NULL, &unit);
1497 if (r < 0)
1498 return r;
1499 assert(unit);
1500
1501 return manager_add_job(m, type, unit, mode, e, ret);
1502 }
1503
1504 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
1505 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1506 int r;
1507
1508 assert(m);
1509 assert(type < _JOB_TYPE_MAX);
1510 assert(name);
1511 assert(mode < _JOB_MODE_MAX);
1512
1513 r = manager_add_job_by_name(m, type, name, mode, &error, ret);
1514 if (r < 0)
1515 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1516
1517 return r;
1518 }
1519
1520 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1521 int r;
1522 Transaction *tr;
1523
1524 assert(m);
1525 assert(unit);
1526 assert(mode < _JOB_MODE_MAX);
1527 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1528
1529 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1530 if (!tr)
1531 return -ENOMEM;
1532
1533 /* We need an anchor job */
1534 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1535 if (r < 0)
1536 goto tr_abort;
1537
1538 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1539 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1540
1541 r = transaction_activate(tr, m, mode, e);
1542 if (r < 0)
1543 goto tr_abort;
1544
1545 transaction_free(tr);
1546 return 0;
1547
1548 tr_abort:
1549 transaction_abort(tr);
1550 transaction_free(tr);
1551 return r;
1552 }
1553
1554 Job *manager_get_job(Manager *m, uint32_t id) {
1555 assert(m);
1556
1557 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1558 }
1559
1560 Unit *manager_get_unit(Manager *m, const char *name) {
1561 assert(m);
1562 assert(name);
1563
1564 return hashmap_get(m->units, name);
1565 }
1566
1567 unsigned manager_dispatch_load_queue(Manager *m) {
1568 Unit *u;
1569 unsigned n = 0;
1570
1571 assert(m);
1572
1573 /* Make sure we are not run recursively */
1574 if (m->dispatching_load_queue)
1575 return 0;
1576
1577 m->dispatching_load_queue = true;
1578
1579 /* Dispatches the load queue. Takes a unit from the queue and
1580 * tries to load its data until the queue is empty */
1581
1582 while ((u = m->load_queue)) {
1583 assert(u->in_load_queue);
1584
1585 unit_load(u);
1586 n++;
1587 }
1588
1589 m->dispatching_load_queue = false;
1590 return n;
1591 }
1592
1593 int manager_load_unit_prepare(
1594 Manager *m,
1595 const char *name,
1596 const char *path,
1597 sd_bus_error *e,
1598 Unit **_ret) {
1599
1600 Unit *ret;
1601 UnitType t;
1602 int r;
1603
1604 assert(m);
1605 assert(name || path);
1606 assert(_ret);
1607
1608 /* This will prepare the unit for loading, but not actually
1609 * load anything from disk. */
1610
1611 if (path && !is_path(path))
1612 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
1613
1614 if (!name)
1615 name = basename(path);
1616
1617 t = unit_name_to_type(name);
1618
1619 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
1620 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
1621 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
1622
1623 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
1624 }
1625
1626 ret = manager_get_unit(m, name);
1627 if (ret) {
1628 *_ret = ret;
1629 return 1;
1630 }
1631
1632 ret = unit_new(m, unit_vtable[t]->object_size);
1633 if (!ret)
1634 return -ENOMEM;
1635
1636 if (path) {
1637 ret->fragment_path = strdup(path);
1638 if (!ret->fragment_path) {
1639 unit_free(ret);
1640 return -ENOMEM;
1641 }
1642 }
1643
1644 r = unit_add_name(ret, name);
1645 if (r < 0) {
1646 unit_free(ret);
1647 return r;
1648 }
1649
1650 unit_add_to_load_queue(ret);
1651 unit_add_to_dbus_queue(ret);
1652 unit_add_to_gc_queue(ret);
1653
1654 *_ret = ret;
1655
1656 return 0;
1657 }
1658
1659 int manager_load_unit(
1660 Manager *m,
1661 const char *name,
1662 const char *path,
1663 sd_bus_error *e,
1664 Unit **_ret) {
1665
1666 int r;
1667
1668 assert(m);
1669 assert(_ret);
1670
1671 /* This will load the service information files, but not actually
1672 * start any services or anything. */
1673
1674 r = manager_load_unit_prepare(m, name, path, e, _ret);
1675 if (r != 0)
1676 return r;
1677
1678 manager_dispatch_load_queue(m);
1679
1680 *_ret = unit_follow_merge(*_ret);
1681
1682 return 0;
1683 }
1684
1685 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
1686 Iterator i;
1687 Job *j;
1688
1689 assert(s);
1690 assert(f);
1691
1692 HASHMAP_FOREACH(j, s->jobs, i)
1693 job_dump(j, f, prefix);
1694 }
1695
1696 void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
1697 Iterator i;
1698 Unit *u;
1699 const char *t;
1700
1701 assert(s);
1702 assert(f);
1703
1704 HASHMAP_FOREACH_KEY(u, t, s->units, i)
1705 if (u->id == t)
1706 unit_dump(u, f, prefix);
1707 }
1708
1709 void manager_dump(Manager *m, FILE *f, const char *prefix) {
1710 ManagerTimestamp q;
1711
1712 assert(m);
1713 assert(f);
1714
1715 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
1716 char buf[FORMAT_TIMESTAMP_MAX];
1717
1718 if (dual_timestamp_is_set(m->timestamps + q))
1719 fprintf(f, "%sTimestamp %s: %s\n",
1720 strempty(prefix),
1721 manager_timestamp_to_string(q),
1722 format_timestamp(buf, sizeof(buf), m->timestamps[q].realtime));
1723 }
1724
1725 manager_dump_units(m, f, prefix);
1726 manager_dump_jobs(m, f, prefix);
1727 }
1728
1729 int manager_get_dump_string(Manager *m, char **ret) {
1730 _cleanup_free_ char *dump = NULL;
1731 _cleanup_fclose_ FILE *f = NULL;
1732 size_t size;
1733 int r;
1734
1735 assert(m);
1736 assert(ret);
1737
1738 f = open_memstream(&dump, &size);
1739 if (!f)
1740 return -errno;
1741
1742 __fsetlocking(f, FSETLOCKING_BYCALLER);
1743
1744 manager_dump(m, f, NULL);
1745
1746 r = fflush_and_check(f);
1747 if (r < 0)
1748 return r;
1749
1750 f = safe_fclose(f);
1751
1752 *ret = dump;
1753 dump = NULL;
1754
1755 return 0;
1756 }
1757
1758 void manager_clear_jobs(Manager *m) {
1759 Job *j;
1760
1761 assert(m);
1762
1763 while ((j = hashmap_first(m->jobs)))
1764 /* No need to recurse. We're cancelling all jobs. */
1765 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
1766 }
1767
1768 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
1769 Manager *m = userdata;
1770 Job *j;
1771
1772 assert(source);
1773 assert(m);
1774
1775 while ((j = m->run_queue)) {
1776 assert(j->installed);
1777 assert(j->in_run_queue);
1778
1779 job_run_and_invalidate(j);
1780 }
1781
1782 if (m->n_running_jobs > 0)
1783 manager_watch_jobs_in_progress(m);
1784
1785 if (m->n_on_console > 0)
1786 manager_watch_idle_pipe(m);
1787
1788 return 1;
1789 }
1790
1791 static unsigned manager_dispatch_dbus_queue(Manager *m) {
1792 Job *j;
1793 Unit *u;
1794 unsigned n = 0;
1795
1796 assert(m);
1797
1798 if (m->dispatching_dbus_queue)
1799 return 0;
1800
1801 m->dispatching_dbus_queue = true;
1802
1803 while ((u = m->dbus_unit_queue)) {
1804 assert(u->in_dbus_queue);
1805
1806 bus_unit_send_change_signal(u);
1807 n++;
1808 }
1809
1810 while ((j = m->dbus_job_queue)) {
1811 assert(j->in_dbus_queue);
1812
1813 bus_job_send_change_signal(j);
1814 n++;
1815 }
1816
1817 m->dispatching_dbus_queue = false;
1818
1819 if (m->send_reloading_done) {
1820 m->send_reloading_done = false;
1821
1822 bus_manager_send_reloading(m, false);
1823 }
1824
1825 if (m->queued_message)
1826 bus_send_queued_message(m);
1827
1828 return n;
1829 }
1830
1831 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1832 Manager *m = userdata;
1833 char buf[PATH_MAX+1];
1834 ssize_t n;
1835
1836 n = recv(fd, buf, sizeof(buf), 0);
1837 if (n < 0)
1838 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
1839 if (n == 0) {
1840 log_error("Got zero-length cgroups agent message, ignoring.");
1841 return 0;
1842 }
1843 if ((size_t) n >= sizeof(buf)) {
1844 log_error("Got overly long cgroups agent message, ignoring.");
1845 return 0;
1846 }
1847
1848 if (memchr(buf, 0, n)) {
1849 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1850 return 0;
1851 }
1852 buf[n] = 0;
1853
1854 manager_notify_cgroup_empty(m, buf);
1855 (void) bus_forward_agent_released(m, buf);
1856
1857 return 0;
1858 }
1859
1860 static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
1861 _cleanup_strv_free_ char **tags = NULL;
1862
1863 assert(m);
1864 assert(u);
1865 assert(buf);
1866
1867 tags = strv_split(buf, "\n\r");
1868 if (!tags) {
1869 log_oom();
1870 return;
1871 }
1872
1873 if (UNIT_VTABLE(u)->notify_message)
1874 UNIT_VTABLE(u)->notify_message(u, pid, tags, fds);
1875 else if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
1876 _cleanup_free_ char *x = NULL, *y = NULL;
1877
1878 x = cescape(buf);
1879 if (x)
1880 y = ellipsize(x, 20, 90);
1881 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
1882 }
1883 }
1884
1885 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1886
1887 _cleanup_fdset_free_ FDSet *fds = NULL;
1888 Manager *m = userdata;
1889 char buf[NOTIFY_BUFFER_MAX+1];
1890 struct iovec iovec = {
1891 .iov_base = buf,
1892 .iov_len = sizeof(buf)-1,
1893 };
1894 union {
1895 struct cmsghdr cmsghdr;
1896 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1897 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
1898 } control = {};
1899 struct msghdr msghdr = {
1900 .msg_iov = &iovec,
1901 .msg_iovlen = 1,
1902 .msg_control = &control,
1903 .msg_controllen = sizeof(control),
1904 };
1905
1906 struct cmsghdr *cmsg;
1907 struct ucred *ucred = NULL;
1908 Unit *u1, *u2, *u3;
1909 int r, *fd_array = NULL;
1910 unsigned n_fds = 0;
1911 ssize_t n;
1912
1913 assert(m);
1914 assert(m->notify_fd == fd);
1915
1916 if (revents != EPOLLIN) {
1917 log_warning("Got unexpected poll event for notify fd.");
1918 return 0;
1919 }
1920
1921 n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
1922 if (n < 0) {
1923 if (IN_SET(errno, EAGAIN, EINTR))
1924 return 0; /* Spurious wakeup, try again */
1925
1926 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1927 * won't take notification messages anymore, but that's still better than busy looping around this:
1928 * being woken up over and over again but being unable to actually read the message off the socket. */
1929 return log_error_errno(errno, "Failed to receive notification message: %m");
1930 }
1931
1932 CMSG_FOREACH(cmsg, &msghdr) {
1933 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
1934
1935 fd_array = (int*) CMSG_DATA(cmsg);
1936 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1937
1938 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1939 cmsg->cmsg_type == SCM_CREDENTIALS &&
1940 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
1941
1942 ucred = (struct ucred*) CMSG_DATA(cmsg);
1943 }
1944 }
1945
1946 if (n_fds > 0) {
1947 assert(fd_array);
1948
1949 r = fdset_new_array(&fds, fd_array, n_fds);
1950 if (r < 0) {
1951 close_many(fd_array, n_fds);
1952 log_oom();
1953 return 0;
1954 }
1955 }
1956
1957 if (!ucred || ucred->pid <= 0) {
1958 log_warning("Received notify message without valid credentials. Ignoring.");
1959 return 0;
1960 }
1961
1962 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
1963 log_warning("Received notify message exceeded maximum size. Ignoring.");
1964 return 0;
1965 }
1966
1967 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
1968 * trailing NUL byte in the message, but don't expect it. */
1969 if (n > 1 && memchr(buf, 0, n-1)) {
1970 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
1971 return 0;
1972 }
1973
1974 /* Make sure it's NUL-terminated. */
1975 buf[n] = 0;
1976
1977 /* Notify every unit that might be interested, but try
1978 * to avoid notifying the same one multiple times. */
1979 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
1980 if (u1)
1981 manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
1982
1983 u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
1984 if (u2 && u2 != u1)
1985 manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
1986
1987 u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
1988 if (u3 && u3 != u2 && u3 != u1)
1989 manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
1990
1991 if (!u1 && !u2 && !u3)
1992 log_warning("Cannot find unit for notify message of PID "PID_FMT".", ucred->pid);
1993
1994 if (fdset_size(fds) > 0)
1995 log_warning("Got extra auxiliary fds with notification message, closing them.");
1996
1997 return 0;
1998 }
1999
2000 static void invoke_sigchld_event(Manager *m, Unit *u, const siginfo_t *si) {
2001 uint64_t iteration;
2002
2003 assert(m);
2004 assert(u);
2005 assert(si);
2006
2007 sd_event_get_iteration(m->event, &iteration);
2008
2009 log_unit_debug(u, "Child "PID_FMT" belongs to %s", si->si_pid, u->id);
2010
2011 unit_unwatch_pid(u, si->si_pid);
2012
2013 if (UNIT_VTABLE(u)->sigchld_event) {
2014 if (set_size(u->pids) <= 1 ||
2015 iteration != u->sigchldgen ||
2016 unit_main_pid(u) == si->si_pid ||
2017 unit_control_pid(u) == si->si_pid) {
2018 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
2019 u->sigchldgen = iteration;
2020 } else
2021 log_debug("%s already issued a sigchld this iteration %" PRIu64 ", skipping. Pids still being watched %d", u->id, iteration, set_size(u->pids));
2022 }
2023 }
2024
2025 static int manager_dispatch_sigchld(Manager *m) {
2026 assert(m);
2027
2028 for (;;) {
2029 siginfo_t si = {};
2030
2031 /* First we call waitd() for a PID and do not reap the
2032 * zombie. That way we can still access /proc/$PID for
2033 * it while it is a zombie. */
2034 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
2035
2036 if (errno == ECHILD)
2037 break;
2038
2039 if (errno == EINTR)
2040 continue;
2041
2042 return -errno;
2043 }
2044
2045 if (si.si_pid <= 0)
2046 break;
2047
2048 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
2049 _cleanup_free_ char *name = NULL;
2050 Unit *u1, *u2, *u3;
2051
2052 get_process_comm(si.si_pid, &name);
2053
2054 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2055 si.si_pid, strna(name),
2056 sigchld_code_to_string(si.si_code),
2057 si.si_status,
2058 strna(si.si_code == CLD_EXITED
2059 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2060 : signal_to_string(si.si_status)));
2061
2062 /* And now figure out the unit this belongs
2063 * to, it might be multiple... */
2064 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
2065 if (u1)
2066 invoke_sigchld_event(m, u1, &si);
2067 u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(si.si_pid));
2068 if (u2 && u2 != u1)
2069 invoke_sigchld_event(m, u2, &si);
2070 u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(si.si_pid));
2071 if (u3 && u3 != u2 && u3 != u1)
2072 invoke_sigchld_event(m, u3, &si);
2073 }
2074
2075 /* And now, we actually reap the zombie. */
2076 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2077 if (errno == EINTR)
2078 continue;
2079
2080 return -errno;
2081 }
2082 }
2083
2084 return 0;
2085 }
2086
2087 static void manager_start_target(Manager *m, const char *name, JobMode mode) {
2088 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2089 int r;
2090
2091 log_debug("Activating special unit %s", name);
2092
2093 r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
2094 if (r < 0)
2095 log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
2096 }
2097
2098 static void manager_handle_ctrl_alt_del(Manager *m) {
2099 /* If the user presses C-A-D more than
2100 * 7 times within 2s, we reboot/shutdown immediately,
2101 * unless it was disabled in system.conf */
2102
2103 if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
2104 manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
2105 else
2106 emergency_action(m, m->cad_burst_action, NULL,
2107 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2108 }
2109
2110 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2111 Manager *m = userdata;
2112 ssize_t n;
2113 struct signalfd_siginfo sfsi;
2114 bool sigchld = false;
2115 int r;
2116
2117 assert(m);
2118 assert(m->signal_fd == fd);
2119
2120 if (revents != EPOLLIN) {
2121 log_warning("Got unexpected events from signal file descriptor.");
2122 return 0;
2123 }
2124
2125 for (;;) {
2126 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2127 if (n != sizeof(sfsi)) {
2128 if (n >= 0) {
2129 log_warning("Truncated read from signal fd (%zu bytes)!", n);
2130 return 0;
2131 }
2132
2133 if (IN_SET(errno, EINTR, EAGAIN))
2134 break;
2135
2136 /* We return an error here, which will kill this handler,
2137 * to avoid a busy loop on read error. */
2138 return log_error_errno(errno, "Reading from signal fd failed: %m");
2139 }
2140
2141 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2142 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2143 ? LOG_DEBUG : LOG_INFO,
2144 &sfsi);
2145
2146 switch (sfsi.ssi_signo) {
2147
2148 case SIGCHLD:
2149 sigchld = true;
2150 break;
2151
2152 case SIGTERM:
2153 if (MANAGER_IS_SYSTEM(m)) {
2154 /* This is for compatibility with the
2155 * original sysvinit */
2156 r = verify_run_space_and_log("Refusing to reexecute");
2157 if (r >= 0)
2158 m->exit_code = MANAGER_REEXECUTE;
2159 break;
2160 }
2161
2162 _fallthrough_;
2163 case SIGINT:
2164 if (MANAGER_IS_SYSTEM(m))
2165 manager_handle_ctrl_alt_del(m);
2166 else
2167 manager_start_target(m, SPECIAL_EXIT_TARGET,
2168 JOB_REPLACE_IRREVERSIBLY);
2169 break;
2170
2171 case SIGWINCH:
2172 if (MANAGER_IS_SYSTEM(m))
2173 manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
2174
2175 /* This is a nop on non-init */
2176 break;
2177
2178 case SIGPWR:
2179 if (MANAGER_IS_SYSTEM(m))
2180 manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
2181
2182 /* This is a nop on non-init */
2183 break;
2184
2185 case SIGUSR1: {
2186 Unit *u;
2187
2188 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
2189
2190 if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
2191 log_info("Trying to reconnect to bus...");
2192 bus_init(m, true);
2193 }
2194
2195 if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) {
2196 log_info("Loading D-Bus service...");
2197 manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
2198 }
2199
2200 break;
2201 }
2202
2203 case SIGUSR2: {
2204 _cleanup_free_ char *dump = NULL;
2205
2206 r = manager_get_dump_string(m, &dump);
2207 if (r < 0) {
2208 log_warning_errno(errno, "Failed to acquire manager dump: %m");
2209 break;
2210 }
2211
2212 log_dump(LOG_INFO, dump);
2213 break;
2214 }
2215
2216 case SIGHUP:
2217 r = verify_run_space_and_log("Refusing to reload");
2218 if (r >= 0)
2219 m->exit_code = MANAGER_RELOAD;
2220 break;
2221
2222 default: {
2223
2224 /* Starting SIGRTMIN+0 */
2225 static const struct {
2226 const char *target;
2227 JobMode mode;
2228 } target_table[] = {
2229 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2230 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2231 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2232 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2233 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2234 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2235 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY }
2236 };
2237
2238 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2239 static const ManagerExitCode code_table[] = {
2240 [0] = MANAGER_HALT,
2241 [1] = MANAGER_POWEROFF,
2242 [2] = MANAGER_REBOOT,
2243 [3] = MANAGER_KEXEC
2244 };
2245
2246 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2247 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2248 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
2249 manager_start_target(m, target_table[idx].target,
2250 target_table[idx].mode);
2251 break;
2252 }
2253
2254 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
2255 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
2256 m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
2257 break;
2258 }
2259
2260 switch (sfsi.ssi_signo - SIGRTMIN) {
2261
2262 case 20:
2263 manager_set_show_status(m, SHOW_STATUS_YES);
2264 break;
2265
2266 case 21:
2267 manager_set_show_status(m, SHOW_STATUS_NO);
2268 break;
2269
2270 case 22:
2271 log_set_max_level(LOG_DEBUG);
2272 log_info("Setting log level to debug.");
2273 break;
2274
2275 case 23:
2276 log_set_max_level(LOG_INFO);
2277 log_info("Setting log level to info.");
2278 break;
2279
2280 case 24:
2281 if (MANAGER_IS_USER(m)) {
2282 m->exit_code = MANAGER_EXIT;
2283 return 0;
2284 }
2285
2286 /* This is a nop on init */
2287 break;
2288
2289 case 26:
2290 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2291 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2292 log_notice("Setting log target to journal-or-kmsg.");
2293 break;
2294
2295 case 27:
2296 log_set_target(LOG_TARGET_CONSOLE);
2297 log_notice("Setting log target to console.");
2298 break;
2299
2300 case 28:
2301 log_set_target(LOG_TARGET_KMSG);
2302 log_notice("Setting log target to kmsg.");
2303 break;
2304
2305 default:
2306 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2307 }
2308 }
2309 }
2310 }
2311
2312 if (sigchld)
2313 manager_dispatch_sigchld(m);
2314
2315 return 0;
2316 }
2317
2318 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2319 Manager *m = userdata;
2320 Iterator i;
2321 Unit *u;
2322
2323 assert(m);
2324 assert(m->time_change_fd == fd);
2325
2326 log_struct(LOG_DEBUG,
2327 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
2328 LOG_MESSAGE("Time has been changed"),
2329 NULL);
2330
2331 /* Restart the watch */
2332 m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
2333 m->time_change_fd = safe_close(m->time_change_fd);
2334
2335 manager_setup_time_change(m);
2336
2337 HASHMAP_FOREACH(u, m->units, i)
2338 if (UNIT_VTABLE(u)->time_change)
2339 UNIT_VTABLE(u)->time_change(u);
2340
2341 return 0;
2342 }
2343
2344 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2345 Manager *m = userdata;
2346
2347 assert(m);
2348 assert(m->idle_pipe[2] == fd);
2349
2350 m->no_console_output = m->n_on_console > 0;
2351
2352 manager_close_idle_pipe(m);
2353
2354 return 0;
2355 }
2356
2357 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2358 Manager *m = userdata;
2359 int r;
2360 uint64_t next;
2361
2362 assert(m);
2363 assert(source);
2364
2365 manager_print_jobs_in_progress(m);
2366
2367 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
2368 r = sd_event_source_set_time(source, next);
2369 if (r < 0)
2370 return r;
2371
2372 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
2373 }
2374
2375 int manager_loop(Manager *m) {
2376 int r;
2377
2378 RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
2379
2380 assert(m);
2381 m->exit_code = MANAGER_OK;
2382
2383 /* Release the path cache */
2384 m->unit_path_cache = set_free_free(m->unit_path_cache);
2385
2386 manager_check_finished(m);
2387
2388 /* There might still be some zombies hanging around from
2389 * before we were exec()'ed. Let's reap them. */
2390 r = manager_dispatch_sigchld(m);
2391 if (r < 0)
2392 return r;
2393
2394 while (m->exit_code == MANAGER_OK) {
2395 usec_t wait_usec;
2396
2397 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
2398 watchdog_ping();
2399
2400 if (!ratelimit_test(&rl)) {
2401 /* Yay, something is going seriously wrong, pause a little */
2402 log_warning("Looping too fast. Throttling execution a little.");
2403 sleep(1);
2404 }
2405
2406 if (manager_dispatch_load_queue(m) > 0)
2407 continue;
2408
2409 if (manager_dispatch_gc_job_queue(m) > 0)
2410 continue;
2411
2412 if (manager_dispatch_gc_unit_queue(m) > 0)
2413 continue;
2414
2415 if (manager_dispatch_cleanup_queue(m) > 0)
2416 continue;
2417
2418 if (manager_dispatch_cgroup_realize_queue(m) > 0)
2419 continue;
2420
2421 if (manager_dispatch_dbus_queue(m) > 0)
2422 continue;
2423
2424 /* Sleep for half the watchdog time */
2425 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
2426 wait_usec = m->runtime_watchdog / 2;
2427 if (wait_usec <= 0)
2428 wait_usec = 1;
2429 } else
2430 wait_usec = USEC_INFINITY;
2431
2432 r = sd_event_run(m->event, wait_usec);
2433 if (r < 0)
2434 return log_error_errno(r, "Failed to run event loop: %m");
2435 }
2436
2437 return m->exit_code;
2438 }
2439
2440 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
2441 _cleanup_free_ char *n = NULL;
2442 sd_id128_t invocation_id;
2443 Unit *u;
2444 int r;
2445
2446 assert(m);
2447 assert(s);
2448 assert(_u);
2449
2450 r = unit_name_from_dbus_path(s, &n);
2451 if (r < 0)
2452 return r;
2453
2454 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2455 * as invocation ID. */
2456 r = sd_id128_from_string(n, &invocation_id);
2457 if (r >= 0) {
2458 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
2459 if (u) {
2460 *_u = u;
2461 return 0;
2462 }
2463
2464 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
2465 }
2466
2467 /* If this didn't work, we check if this is a unit name */
2468 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2469 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is neither a valid invocation ID nor unit name.", n);
2470
2471 r = manager_load_unit(m, n, NULL, e, &u);
2472 if (r < 0)
2473 return r;
2474
2475 *_u = u;
2476 return 0;
2477 }
2478
2479 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
2480 const char *p;
2481 unsigned id;
2482 Job *j;
2483 int r;
2484
2485 assert(m);
2486 assert(s);
2487 assert(_j);
2488
2489 p = startswith(s, "/org/freedesktop/systemd1/job/");
2490 if (!p)
2491 return -EINVAL;
2492
2493 r = safe_atou(p, &id);
2494 if (r < 0)
2495 return r;
2496
2497 j = manager_get_job(m, id);
2498 if (!j)
2499 return -ENOENT;
2500
2501 *_j = j;
2502
2503 return 0;
2504 }
2505
2506 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
2507
2508 #if HAVE_AUDIT
2509 _cleanup_free_ char *p = NULL;
2510 const char *msg;
2511 int audit_fd, r;
2512
2513 if (!MANAGER_IS_SYSTEM(m))
2514 return;
2515
2516 audit_fd = get_audit_fd();
2517 if (audit_fd < 0)
2518 return;
2519
2520 /* Don't generate audit events if the service was already
2521 * started and we're just deserializing */
2522 if (MANAGER_IS_RELOADING(m))
2523 return;
2524
2525 if (u->type != UNIT_SERVICE)
2526 return;
2527
2528 r = unit_name_to_prefix_and_instance(u->id, &p);
2529 if (r < 0) {
2530 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
2531 return;
2532 }
2533
2534 msg = strjoina("unit=", p);
2535 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
2536 if (errno == EPERM)
2537 /* We aren't allowed to send audit messages?
2538 * Then let's not retry again. */
2539 close_audit_fd();
2540 else
2541 log_warning_errno(errno, "Failed to send audit message: %m");
2542 }
2543 #endif
2544
2545 }
2546
2547 void manager_send_unit_plymouth(Manager *m, Unit *u) {
2548 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2549 _cleanup_free_ char *message = NULL;
2550 _cleanup_close_ int fd = -1;
2551 int n = 0;
2552
2553 /* Don't generate plymouth events if the service was already
2554 * started and we're just deserializing */
2555 if (MANAGER_IS_RELOADING(m))
2556 return;
2557
2558 if (!MANAGER_IS_SYSTEM(m))
2559 return;
2560
2561 if (detect_container() > 0)
2562 return;
2563
2564 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
2565 return;
2566
2567 /* We set SOCK_NONBLOCK here so that we rather drop the
2568 * message then wait for plymouth */
2569 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2570 if (fd < 0) {
2571 log_error_errno(errno, "socket() failed: %m");
2572 return;
2573 }
2574
2575 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
2576
2577 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2578 log_error_errno(errno, "connect() failed: %m");
2579 return;
2580 }
2581
2582 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
2583 log_oom();
2584 return;
2585 }
2586
2587 errno = 0;
2588 if (write(fd, message, n + 1) != n + 1)
2589 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2590 log_error_errno(errno, "Failed to write Plymouth message: %m");
2591 }
2592
2593 int manager_open_serialization(Manager *m, FILE **_f) {
2594 int fd;
2595 FILE *f;
2596
2597 assert(_f);
2598
2599 fd = open_serialization_fd("systemd-state");
2600 if (fd < 0)
2601 return fd;
2602
2603 f = fdopen(fd, "w+");
2604 if (!f) {
2605 safe_close(fd);
2606 return -errno;
2607 }
2608
2609 *_f = f;
2610 return 0;
2611 }
2612
2613 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
2614 ManagerTimestamp q;
2615 const char *t;
2616 Iterator i;
2617 Unit *u;
2618 int r;
2619
2620 assert(m);
2621 assert(f);
2622 assert(fds);
2623
2624 m->n_reloading++;
2625
2626 fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
2627 fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
2628 fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
2629 fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
2630 fprintf(f, "ready-sent=%s\n", yes_no(m->ready_sent));
2631
2632 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2633 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2634 if (in_initrd() && IN_SET(q, MANAGER_TIMESTAMP_USERSPACE, MANAGER_TIMESTAMP_FINISH))
2635 continue;
2636
2637 t = manager_timestamp_to_string(q);
2638 {
2639 char field[strlen(t) + strlen("-timestamp") + 1];
2640 strcpy(stpcpy(field, t), "-timestamp");
2641 dual_timestamp_serialize(f, field, m->timestamps + q);
2642 }
2643 }
2644
2645 if (!switching_root)
2646 (void) serialize_environment(f, m->environment);
2647
2648 if (m->notify_fd >= 0) {
2649 int copy;
2650
2651 copy = fdset_put_dup(fds, m->notify_fd);
2652 if (copy < 0)
2653 return copy;
2654
2655 fprintf(f, "notify-fd=%i\n", copy);
2656 fprintf(f, "notify-socket=%s\n", m->notify_socket);
2657 }
2658
2659 if (m->cgroups_agent_fd >= 0) {
2660 int copy;
2661
2662 copy = fdset_put_dup(fds, m->cgroups_agent_fd);
2663 if (copy < 0)
2664 return copy;
2665
2666 fprintf(f, "cgroups-agent-fd=%i\n", copy);
2667 }
2668
2669 if (m->user_lookup_fds[0] >= 0) {
2670 int copy0, copy1;
2671
2672 copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
2673 if (copy0 < 0)
2674 return copy0;
2675
2676 copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
2677 if (copy1 < 0)
2678 return copy1;
2679
2680 fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
2681 }
2682
2683 bus_track_serialize(m->subscribed, f, "subscribed");
2684
2685 r = dynamic_user_serialize(m, f, fds);
2686 if (r < 0)
2687 return r;
2688
2689 manager_serialize_uid_refs(m, f);
2690 manager_serialize_gid_refs(m, f);
2691
2692 fputc_unlocked('\n', f);
2693
2694 HASHMAP_FOREACH_KEY(u, t, m->units, i) {
2695 if (u->id != t)
2696 continue;
2697
2698 /* Start marker */
2699 fputs_unlocked(u->id, f);
2700 fputc_unlocked('\n', f);
2701
2702 r = unit_serialize(u, f, fds, !switching_root);
2703 if (r < 0) {
2704 m->n_reloading--;
2705 return r;
2706 }
2707 }
2708
2709 assert(m->n_reloading > 0);
2710 m->n_reloading--;
2711
2712 if (ferror(f))
2713 return -EIO;
2714
2715 r = bus_fdset_add_all(m, fds);
2716 if (r < 0)
2717 return r;
2718
2719 return 0;
2720 }
2721
2722 int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
2723 int r = 0;
2724
2725 assert(m);
2726 assert(f);
2727
2728 log_debug("Deserializing state...");
2729
2730 m->n_reloading++;
2731
2732 for (;;) {
2733 char line[LINE_MAX];
2734 const char *val, *l;
2735
2736 if (!fgets(line, sizeof(line), f)) {
2737 if (feof(f))
2738 r = 0;
2739 else
2740 r = -errno;
2741
2742 goto finish;
2743 }
2744
2745 char_array_0(line);
2746 l = strstrip(line);
2747
2748 if (l[0] == 0)
2749 break;
2750
2751 if ((val = startswith(l, "current-job-id="))) {
2752 uint32_t id;
2753
2754 if (safe_atou32(val, &id) < 0)
2755 log_notice("Failed to parse current job id value %s", val);
2756 else
2757 m->current_job_id = MAX(m->current_job_id, id);
2758
2759 } else if ((val = startswith(l, "n-installed-jobs="))) {
2760 uint32_t n;
2761
2762 if (safe_atou32(val, &n) < 0)
2763 log_notice("Failed to parse installed jobs counter %s", val);
2764 else
2765 m->n_installed_jobs += n;
2766
2767 } else if ((val = startswith(l, "n-failed-jobs="))) {
2768 uint32_t n;
2769
2770 if (safe_atou32(val, &n) < 0)
2771 log_notice("Failed to parse failed jobs counter %s", val);
2772 else
2773 m->n_failed_jobs += n;
2774
2775 } else if ((val = startswith(l, "taint-usr="))) {
2776 int b;
2777
2778 b = parse_boolean(val);
2779 if (b < 0)
2780 log_notice("Failed to parse taint /usr flag %s", val);
2781 else
2782 m->taint_usr = m->taint_usr || b;
2783
2784 } else if ((val = startswith(l, "ready-sent="))) {
2785 int b;
2786
2787 b = parse_boolean(val);
2788 if (b < 0)
2789 log_notice("Failed to parse ready-sent flag %s", val);
2790 else
2791 m->ready_sent = m->ready_sent || b;
2792
2793 } else if (startswith(l, "env=")) {
2794 r = deserialize_environment(&m->environment, l);
2795 if (r == -ENOMEM)
2796 goto finish;
2797 if (r < 0)
2798 log_notice_errno(r, "Failed to parse environment entry: \"%s\": %m", l);
2799
2800 } else if ((val = startswith(l, "notify-fd="))) {
2801 int fd;
2802
2803 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2804 log_notice("Failed to parse notify fd: \"%s\"", val);
2805 else {
2806 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
2807 safe_close(m->notify_fd);
2808 m->notify_fd = fdset_remove(fds, fd);
2809 }
2810
2811 } else if ((val = startswith(l, "notify-socket="))) {
2812 char *n;
2813
2814 n = strdup(val);
2815 if (!n) {
2816 r = -ENOMEM;
2817 goto finish;
2818 }
2819
2820 free(m->notify_socket);
2821 m->notify_socket = n;
2822
2823 } else if ((val = startswith(l, "cgroups-agent-fd="))) {
2824 int fd;
2825
2826 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2827 log_notice("Failed to parse cgroups agent fd: %s", val);
2828 else {
2829 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
2830 safe_close(m->cgroups_agent_fd);
2831 m->cgroups_agent_fd = fdset_remove(fds, fd);
2832 }
2833
2834 } else if ((val = startswith(l, "user-lookup="))) {
2835 int fd0, fd1;
2836
2837 if (sscanf(val, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
2838 log_notice("Failed to parse user lookup fd: %s", val);
2839 else {
2840 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
2841 safe_close_pair(m->user_lookup_fds);
2842 m->user_lookup_fds[0] = fdset_remove(fds, fd0);
2843 m->user_lookup_fds[1] = fdset_remove(fds, fd1);
2844 }
2845
2846 } else if ((val = startswith(l, "dynamic-user=")))
2847 dynamic_user_deserialize_one(m, val, fds);
2848 else if ((val = startswith(l, "destroy-ipc-uid=")))
2849 manager_deserialize_uid_refs_one(m, val);
2850 else if ((val = startswith(l, "destroy-ipc-gid=")))
2851 manager_deserialize_gid_refs_one(m, val);
2852 else if ((val = startswith(l, "subscribed="))) {
2853
2854 if (strv_extend(&m->deserialized_subscribed, val) < 0)
2855 log_oom();
2856 } else {
2857 ManagerTimestamp q;
2858
2859 for (q = 0; q < _MANAGER_TIMESTAMP_MAX; q++) {
2860 val = startswith(l, manager_timestamp_to_string(q));
2861 if (!val)
2862 continue;
2863
2864 val = startswith(val, "-timestamp=");
2865 if (val)
2866 break;
2867 }
2868
2869 if (q < _MANAGER_TIMESTAMP_MAX) /* found it */
2870 dual_timestamp_deserialize(val, m->timestamps + q);
2871 else if (!startswith(l, "kdbus-fd=")) /* ignore kdbus */
2872 log_notice("Unknown serialization item '%s'", l);
2873 }
2874 }
2875
2876 for (;;) {
2877 Unit *u;
2878 char name[UNIT_NAME_MAX+2];
2879 const char* unit_name;
2880
2881 /* Start marker */
2882 if (!fgets(name, sizeof(name), f)) {
2883 if (feof(f))
2884 r = 0;
2885 else
2886 r = -errno;
2887
2888 goto finish;
2889 }
2890
2891 char_array_0(name);
2892 unit_name = strstrip(name);
2893
2894 r = manager_load_unit(m, unit_name, NULL, NULL, &u);
2895 if (r < 0) {
2896 log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
2897 if (r == -ENOMEM)
2898 goto finish;
2899 unit_deserialize_skip(f);
2900 continue;
2901 }
2902
2903 r = unit_deserialize(u, f, fds);
2904 if (r < 0) {
2905 log_notice_errno(r, "Failed to deserialize unit \"%s\": %m", unit_name);
2906 if (r == -ENOMEM)
2907 goto finish;
2908 }
2909 }
2910
2911 finish:
2912 if (ferror(f))
2913 r = -EIO;
2914
2915 assert(m->n_reloading > 0);
2916 m->n_reloading--;
2917
2918 return r;
2919 }
2920
2921 int manager_reload(Manager *m) {
2922 int r, q;
2923 _cleanup_fclose_ FILE *f = NULL;
2924 _cleanup_fdset_free_ FDSet *fds = NULL;
2925
2926 assert(m);
2927
2928 r = manager_open_serialization(m, &f);
2929 if (r < 0)
2930 return r;
2931
2932 m->n_reloading++;
2933 bus_manager_send_reloading(m, true);
2934
2935 fds = fdset_new();
2936 if (!fds) {
2937 m->n_reloading--;
2938 return -ENOMEM;
2939 }
2940
2941 r = manager_serialize(m, f, fds, false);
2942 if (r < 0) {
2943 m->n_reloading--;
2944 return r;
2945 }
2946
2947 if (fseeko(f, 0, SEEK_SET) < 0) {
2948 m->n_reloading--;
2949 return -errno;
2950 }
2951
2952 /* From here on there is no way back. */
2953 manager_clear_jobs_and_units(m);
2954 lookup_paths_flush_generator(&m->lookup_paths);
2955 lookup_paths_free(&m->lookup_paths);
2956 dynamic_user_vacuum(m, false);
2957 m->uid_refs = hashmap_free(m->uid_refs);
2958 m->gid_refs = hashmap_free(m->gid_refs);
2959
2960 q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
2961 if (q < 0 && r >= 0)
2962 r = q;
2963
2964 q = manager_run_environment_generators(m);
2965 if (q < 0 && r >= 0)
2966 r = q;
2967
2968 /* Find new unit paths */
2969 q = manager_run_generators(m);
2970 if (q < 0 && r >= 0)
2971 r = q;
2972
2973 lookup_paths_reduce(&m->lookup_paths);
2974 manager_build_unit_path_cache(m);
2975
2976 /* First, enumerate what we can from all config files */
2977 manager_enumerate(m);
2978
2979 /* Second, deserialize our stored data */
2980 q = manager_deserialize(m, f, fds);
2981 if (q < 0) {
2982 log_error_errno(q, "Deserialization failed: %m");
2983
2984 if (r >= 0)
2985 r = q;
2986 }
2987
2988 fclose(f);
2989 f = NULL;
2990
2991 /* Re-register notify_fd as event source */
2992 q = manager_setup_notify(m);
2993 if (q < 0 && r >= 0)
2994 r = q;
2995
2996 q = manager_setup_cgroups_agent(m);
2997 if (q < 0 && r >= 0)
2998 r = q;
2999
3000 q = manager_setup_user_lookup_fd(m);
3001 if (q < 0 && r >= 0)
3002 r = q;
3003
3004 /* Third, fire things up! */
3005 manager_coldplug(m);
3006
3007 /* Release any dynamic users no longer referenced */
3008 dynamic_user_vacuum(m, true);
3009
3010 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3011 manager_vacuum_uid_refs(m);
3012 manager_vacuum_gid_refs(m);
3013
3014 /* Sync current state of bus names with our set of listening units */
3015 if (m->api_bus)
3016 manager_sync_bus_names(m, m->api_bus);
3017
3018 assert(m->n_reloading > 0);
3019 m->n_reloading--;
3020
3021 m->send_reloading_done = true;
3022
3023 return r;
3024 }
3025
3026 void manager_reset_failed(Manager *m) {
3027 Unit *u;
3028 Iterator i;
3029
3030 assert(m);
3031
3032 HASHMAP_FOREACH(u, m->units, i)
3033 unit_reset_failed(u);
3034 }
3035
3036 bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
3037 Unit *u;
3038
3039 assert(m);
3040 assert(name);
3041
3042 /* Returns true if the unit is inactive or going down */
3043 u = manager_get_unit(m, name);
3044 if (!u)
3045 return true;
3046
3047 return unit_inactive_or_pending(u);
3048 }
3049
3050 static void manager_notify_finished(Manager *m) {
3051 char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
3052 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
3053
3054 if (m->test_run_flags)
3055 return;
3056
3057 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
3058
3059 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3060 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3061 * negative values. */
3062
3063 firmware_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic - m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic;
3064 loader_usec = m->timestamps[MANAGER_TIMESTAMP_LOADER].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3065 userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3066 total_usec = m->timestamps[MANAGER_TIMESTAMP_FIRMWARE].monotonic + m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic;
3067
3068 if (dual_timestamp_is_set(&m->timestamps[MANAGER_TIMESTAMP_INITRD])) {
3069
3070 /* The initrd case on bare-metal*/
3071 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3072 initrd_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_INITRD].monotonic;
3073
3074 log_struct(LOG_INFO,
3075 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3076 "KERNEL_USEC="USEC_FMT, kernel_usec,
3077 "INITRD_USEC="USEC_FMT, initrd_usec,
3078 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3079 LOG_MESSAGE("Startup finished in %s (kernel) + %s (initrd) + %s (userspace) = %s.",
3080 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3081 format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
3082 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3083 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3084 NULL);
3085 } else {
3086 /* The initrd-less case on bare-metal*/
3087
3088 kernel_usec = m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic - m->timestamps[MANAGER_TIMESTAMP_KERNEL].monotonic;
3089 initrd_usec = 0;
3090
3091 log_struct(LOG_INFO,
3092 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3093 "KERNEL_USEC="USEC_FMT, kernel_usec,
3094 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3095 LOG_MESSAGE("Startup finished in %s (kernel) + %s (userspace) = %s.",
3096 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3097 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3098 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3099 NULL);
3100 }
3101 } else {
3102 /* The container case */
3103 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
3104 total_usec = userspace_usec = m->timestamps[MANAGER_TIMESTAMP_FINISH].monotonic - m->timestamps[MANAGER_TIMESTAMP_USERSPACE].monotonic;
3105
3106 log_struct(LOG_INFO,
3107 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
3108 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3109 LOG_MESSAGE("Startup finished in %s.",
3110 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3111 NULL);
3112 }
3113
3114 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
3115
3116 sd_notifyf(false,
3117 m->ready_sent ? "STATUS=Startup finished in %s."
3118 : "READY=1\n"
3119 "STATUS=Startup finished in %s.",
3120 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
3121 m->ready_sent = true;
3122 }
3123
3124 void manager_check_finished(Manager *m) {
3125 assert(m);
3126
3127 if (MANAGER_IS_RELOADING(m))
3128 return;
3129
3130 /* Verify that we are actually running currently. Initially
3131 * the exit code is set to invalid, and during operation it is
3132 * then set to MANAGER_OK */
3133 if (m->exit_code != MANAGER_OK)
3134 return;
3135
3136 /* For user managers, send out READY=1 as soon as we reach basic.target */
3137 if (MANAGER_IS_USER(m) && !m->ready_sent) {
3138 Unit *u;
3139
3140 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3141 if (u && !u->job) {
3142 sd_notifyf(false,
3143 "READY=1\n"
3144 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
3145 m->ready_sent = true;
3146 }
3147 }
3148
3149 if (hashmap_size(m->jobs) > 0) {
3150 if (m->jobs_in_progress_event_source)
3151 /* Ignore any failure, this is only for feedback */
3152 (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
3153
3154 return;
3155 }
3156
3157 manager_flip_auto_status(m, false);
3158
3159 /* Notify Type=idle units that we are done now */
3160 manager_close_idle_pipe(m);
3161
3162 /* Turn off confirm spawn now */
3163 m->confirm_spawn = NULL;
3164
3165 /* No need to update ask password status when we're going non-interactive */
3166 manager_close_ask_password(m);
3167
3168 /* This is no longer the first boot */
3169 manager_set_first_boot(m, false);
3170
3171 if (MANAGER_IS_FINISHED(m))
3172 return;
3173
3174 dual_timestamp_get(m->timestamps + MANAGER_TIMESTAMP_FINISH);
3175
3176 manager_notify_finished(m);
3177
3178 manager_invalidate_startup_units(m);
3179 }
3180
3181 static bool generator_path_any(const char* const* paths) {
3182 char **path;
3183 bool found = false;
3184
3185 /* Optimize by skipping the whole process by not creating output directories
3186 * if no generators are found. */
3187 STRV_FOREACH(path, (char**) paths)
3188 if (access(*path, F_OK) == 0)
3189 found = true;
3190 else if (errno != ENOENT)
3191 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3192
3193 return found;
3194 }
3195
3196 static const char* system_env_generator_binary_paths[] = {
3197 "/run/systemd/system-environment-generators",
3198 "/etc/systemd/system-environment-generators",
3199 "/usr/local/lib/systemd/system-environment-generators",
3200 SYSTEM_ENV_GENERATOR_PATH,
3201 NULL
3202 };
3203
3204 static const char* user_env_generator_binary_paths[] = {
3205 "/run/systemd/user-environment-generators",
3206 "/etc/systemd/user-environment-generators",
3207 "/usr/local/lib/systemd/user-environment-generators",
3208 USER_ENV_GENERATOR_PATH,
3209 NULL
3210 };
3211
3212 static int manager_run_environment_generators(Manager *m) {
3213 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
3214 const char **paths;
3215 void* args[] = {&tmp, &tmp, &m->environment};
3216
3217 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
3218 return 0;
3219
3220 paths = MANAGER_IS_SYSTEM(m) ? system_env_generator_binary_paths : user_env_generator_binary_paths;
3221
3222 if (!generator_path_any(paths))
3223 return 0;
3224
3225 return execute_directories(paths, DEFAULT_TIMEOUT_USEC, gather_environment, args, NULL);
3226 }
3227
3228 static int manager_run_generators(Manager *m) {
3229 _cleanup_strv_free_ char **paths = NULL;
3230 const char *argv[5];
3231 int r;
3232
3233 assert(m);
3234
3235 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
3236 return 0;
3237
3238 paths = generator_binary_paths(m->unit_file_scope);
3239 if (!paths)
3240 return log_oom();
3241
3242 if (!generator_path_any((const char* const*) paths))
3243 return 0;
3244
3245 r = lookup_paths_mkdir_generator(&m->lookup_paths);
3246 if (r < 0)
3247 goto finish;
3248
3249 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
3250 argv[1] = m->lookup_paths.generator;
3251 argv[2] = m->lookup_paths.generator_early;
3252 argv[3] = m->lookup_paths.generator_late;
3253 argv[4] = NULL;
3254
3255 RUN_WITH_UMASK(0022)
3256 execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
3257 NULL, NULL, (char**) argv);
3258
3259 finish:
3260 lookup_paths_trim_generator(&m->lookup_paths);
3261 return r;
3262 }
3263
3264 int manager_environment_add(Manager *m, char **minus, char **plus) {
3265 char **a = NULL, **b = NULL, **l;
3266 assert(m);
3267
3268 l = m->environment;
3269
3270 if (!strv_isempty(minus)) {
3271 a = strv_env_delete(l, 1, minus);
3272 if (!a)
3273 return -ENOMEM;
3274
3275 l = a;
3276 }
3277
3278 if (!strv_isempty(plus)) {
3279 b = strv_env_merge(2, l, plus);
3280 if (!b) {
3281 strv_free(a);
3282 return -ENOMEM;
3283 }
3284
3285 l = b;
3286 }
3287
3288 if (m->environment != l)
3289 strv_free(m->environment);
3290 if (a != l)
3291 strv_free(a);
3292 if (b != l)
3293 strv_free(b);
3294
3295 m->environment = l;
3296 manager_clean_environment(m);
3297 strv_sort(m->environment);
3298
3299 return 0;
3300 }
3301
3302 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
3303 int i;
3304
3305 assert(m);
3306
3307 for (i = 0; i < _RLIMIT_MAX; i++) {
3308 m->rlimit[i] = mfree(m->rlimit[i]);
3309
3310 if (!default_rlimit[i])
3311 continue;
3312
3313 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3314 if (!m->rlimit[i])
3315 return log_oom();
3316 }
3317
3318 return 0;
3319 }
3320
3321 void manager_recheck_journal(Manager *m) {
3322 Unit *u;
3323
3324 assert(m);
3325
3326 if (!MANAGER_IS_SYSTEM(m))
3327 return;
3328
3329 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
3330 if (u && SOCKET(u)->state != SOCKET_RUNNING) {
3331 log_close_journal();
3332 return;
3333 }
3334
3335 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
3336 if (u && SERVICE(u)->state != SERVICE_RUNNING) {
3337 log_close_journal();
3338 return;
3339 }
3340
3341 /* Hmm, OK, so the socket is fully up and the service is up
3342 * too, then let's make use of the thing. */
3343 log_open();
3344 }
3345
3346 void manager_set_show_status(Manager *m, ShowStatus mode) {
3347 assert(m);
3348 assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
3349
3350 if (!MANAGER_IS_SYSTEM(m))
3351 return;
3352
3353 if (m->show_status != mode)
3354 log_debug("%s showing of status.",
3355 mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
3356 m->show_status = mode;
3357
3358 if (mode > 0)
3359 (void) touch("/run/systemd/show-status");
3360 else
3361 (void) unlink("/run/systemd/show-status");
3362 }
3363
3364 static bool manager_get_show_status(Manager *m, StatusType type) {
3365 assert(m);
3366
3367 if (!MANAGER_IS_SYSTEM(m))
3368 return false;
3369
3370 if (m->no_console_output)
3371 return false;
3372
3373 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3374 return false;
3375
3376 /* If we cannot find out the status properly, just proceed. */
3377 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
3378 return false;
3379
3380 if (m->show_status > 0)
3381 return true;
3382
3383 return false;
3384 }
3385
3386 const char *manager_get_confirm_spawn(Manager *m) {
3387 static int last_errno = 0;
3388 const char *vc = m->confirm_spawn;
3389 struct stat st;
3390 int r;
3391
3392 /* Here's the deal: we want to test the validity of the console but don't want
3393 * PID1 to go through the whole console process which might block. But we also
3394 * want to warn the user only once if something is wrong with the console so we
3395 * cannot do the sanity checks after spawning our children. So here we simply do
3396 * really basic tests to hopefully trap common errors.
3397 *
3398 * If the console suddenly disappear at the time our children will really it
3399 * then they will simply fail to acquire it and a positive answer will be
3400 * assumed. New children will fallback to /dev/console though.
3401 *
3402 * Note: TTYs are devices that can come and go any time, and frequently aren't
3403 * available yet during early boot (consider a USB rs232 dongle...). If for any
3404 * reason the configured console is not ready, we fallback to the default
3405 * console. */
3406
3407 if (!vc || path_equal(vc, "/dev/console"))
3408 return vc;
3409
3410 r = stat(vc, &st);
3411 if (r < 0)
3412 goto fail;
3413
3414 if (!S_ISCHR(st.st_mode)) {
3415 errno = ENOTTY;
3416 goto fail;
3417 }
3418
3419 last_errno = 0;
3420 return vc;
3421 fail:
3422 if (last_errno != errno) {
3423 last_errno = errno;
3424 log_warning_errno(errno, "Failed to open %s: %m, using default console", vc);
3425 }
3426 return "/dev/console";
3427 }
3428
3429 void manager_set_first_boot(Manager *m, bool b) {
3430 assert(m);
3431
3432 if (!MANAGER_IS_SYSTEM(m))
3433 return;
3434
3435 if (m->first_boot != (int) b) {
3436 if (b)
3437 (void) touch("/run/systemd/first-boot");
3438 else
3439 (void) unlink("/run/systemd/first-boot");
3440 }
3441
3442 m->first_boot = b;
3443 }
3444
3445 void manager_disable_confirm_spawn(void) {
3446 (void) touch("/run/systemd/confirm_spawn_disabled");
3447 }
3448
3449 bool manager_is_confirm_spawn_disabled(Manager *m) {
3450 if (!m->confirm_spawn)
3451 return true;
3452
3453 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3454 }
3455
3456 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
3457 va_list ap;
3458
3459 /* If m is NULL, assume we're after shutdown and let the messages through. */
3460
3461 if (m && !manager_get_show_status(m, type))
3462 return;
3463
3464 /* XXX We should totally drop the check for ephemeral here
3465 * and thus effectively make 'Type=idle' pointless. */
3466 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
3467 return;
3468
3469 va_start(ap, format);
3470 status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
3471 va_end(ap);
3472 }
3473
3474 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
3475 char p[strlen(path)+1];
3476
3477 assert(m);
3478 assert(path);
3479
3480 strcpy(p, path);
3481 path_kill_slashes(p);
3482
3483 return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
3484 }
3485
3486 void manager_set_exec_params(Manager *m, ExecParameters *p) {
3487 assert(m);
3488 assert(p);
3489
3490 p->environment = m->environment;
3491 p->confirm_spawn = manager_get_confirm_spawn(m);
3492 p->cgroup_supported = m->cgroup_supported;
3493 p->prefix = m->prefix;
3494
3495 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m));
3496 }
3497
3498 int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
3499 unsigned size;
3500 int r;
3501
3502 assert(m);
3503 assert(u->manager == m);
3504
3505 size = set_size(m->failed_units);
3506
3507 if (failed) {
3508 r = set_ensure_allocated(&m->failed_units, NULL);
3509 if (r < 0)
3510 return log_oom();
3511
3512 if (set_put(m->failed_units, u) < 0)
3513 return log_oom();
3514 } else
3515 (void) set_remove(m->failed_units, u);
3516
3517 if (set_size(m->failed_units) != size)
3518 bus_manager_send_change_signal(m);
3519
3520 return 0;
3521 }
3522
3523 ManagerState manager_state(Manager *m) {
3524 Unit *u;
3525
3526 assert(m);
3527
3528 /* Did we ever finish booting? If not then we are still starting up */
3529 if (!MANAGER_IS_FINISHED(m)) {
3530
3531 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3532 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3533 return MANAGER_INITIALIZING;
3534
3535 return MANAGER_STARTING;
3536 }
3537
3538 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3539 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
3540 if (u && unit_active_or_pending(u))
3541 return MANAGER_STOPPING;
3542
3543 if (MANAGER_IS_SYSTEM(m)) {
3544 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3545 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
3546 if (u && unit_active_or_pending(u))
3547 return MANAGER_MAINTENANCE;
3548
3549 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
3550 if (u && unit_active_or_pending(u))
3551 return MANAGER_MAINTENANCE;
3552 }
3553
3554 /* Are there any failed units? If so, we are in degraded mode */
3555 if (set_size(m->failed_units) > 0)
3556 return MANAGER_DEGRADED;
3557
3558 return MANAGER_RUNNING;
3559 }
3560
3561 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3562
3563 static void manager_unref_uid_internal(
3564 Manager *m,
3565 Hashmap **uid_refs,
3566 uid_t uid,
3567 bool destroy_now,
3568 int (*_clean_ipc)(uid_t uid)) {
3569
3570 uint32_t c, n;
3571
3572 assert(m);
3573 assert(uid_refs);
3574 assert(uid_is_valid(uid));
3575 assert(_clean_ipc);
3576
3577 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3578 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3579 *
3580 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3581 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3582 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3583 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3584
3585 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3586 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3587
3588 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3589 return;
3590
3591 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3592
3593 n = c & ~DESTROY_IPC_FLAG;
3594 assert(n > 0);
3595 n--;
3596
3597 if (destroy_now && n == 0) {
3598 hashmap_remove(*uid_refs, UID_TO_PTR(uid));
3599
3600 if (c & DESTROY_IPC_FLAG) {
3601 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
3602 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3603 uid);
3604 (void) _clean_ipc(uid);
3605 }
3606 } else {
3607 c = n | (c & DESTROY_IPC_FLAG);
3608 assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
3609 }
3610 }
3611
3612 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
3613 manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
3614 }
3615
3616 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
3617 manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
3618 }
3619
3620 static int manager_ref_uid_internal(
3621 Manager *m,
3622 Hashmap **uid_refs,
3623 uid_t uid,
3624 bool clean_ipc) {
3625
3626 uint32_t c, n;
3627 int r;
3628
3629 assert(m);
3630 assert(uid_refs);
3631 assert(uid_is_valid(uid));
3632
3633 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3634 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3635
3636 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3637 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3638
3639 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3640 return 0;
3641
3642 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3643 if (r < 0)
3644 return r;
3645
3646 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3647
3648 n = c & ~DESTROY_IPC_FLAG;
3649 n++;
3650
3651 if (n & DESTROY_IPC_FLAG) /* check for overflow */
3652 return -EOVERFLOW;
3653
3654 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
3655
3656 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3657 }
3658
3659 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
3660 return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
3661 }
3662
3663 int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
3664 return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
3665 }
3666
3667 static void manager_vacuum_uid_refs_internal(
3668 Manager *m,
3669 Hashmap **uid_refs,
3670 int (*_clean_ipc)(uid_t uid)) {
3671
3672 Iterator i;
3673 void *p, *k;
3674
3675 assert(m);
3676 assert(uid_refs);
3677 assert(_clean_ipc);
3678
3679 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3680 uint32_t c, n;
3681 uid_t uid;
3682
3683 uid = PTR_TO_UID(k);
3684 c = PTR_TO_UINT32(p);
3685
3686 n = c & ~DESTROY_IPC_FLAG;
3687 if (n > 0)
3688 continue;
3689
3690 if (c & DESTROY_IPC_FLAG) {
3691 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
3692 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3693 uid);
3694 (void) _clean_ipc(uid);
3695 }
3696
3697 assert_se(hashmap_remove(*uid_refs, k) == p);
3698 }
3699 }
3700
3701 void manager_vacuum_uid_refs(Manager *m) {
3702 manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
3703 }
3704
3705 void manager_vacuum_gid_refs(Manager *m) {
3706 manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
3707 }
3708
3709 static void manager_serialize_uid_refs_internal(
3710 Manager *m,
3711 FILE *f,
3712 Hashmap **uid_refs,
3713 const char *field_name) {
3714
3715 Iterator i;
3716 void *p, *k;
3717
3718 assert(m);
3719 assert(f);
3720 assert(uid_refs);
3721 assert(field_name);
3722
3723 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3724 * of it is better rebuild after a reload/reexec. */
3725
3726 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3727 uint32_t c;
3728 uid_t uid;
3729
3730 uid = PTR_TO_UID(k);
3731 c = PTR_TO_UINT32(p);
3732
3733 if (!(c & DESTROY_IPC_FLAG))
3734 continue;
3735
3736 fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
3737 }
3738 }
3739
3740 void manager_serialize_uid_refs(Manager *m, FILE *f) {
3741 manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
3742 }
3743
3744 void manager_serialize_gid_refs(Manager *m, FILE *f) {
3745 manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
3746 }
3747
3748 static void manager_deserialize_uid_refs_one_internal(
3749 Manager *m,
3750 Hashmap** uid_refs,
3751 const char *value) {
3752
3753 uid_t uid;
3754 uint32_t c;
3755 int r;
3756
3757 assert(m);
3758 assert(uid_refs);
3759 assert(value);
3760
3761 r = parse_uid(value, &uid);
3762 if (r < 0 || uid == 0) {
3763 log_debug("Unable to parse UID reference serialization");
3764 return;
3765 }
3766
3767 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3768 if (r < 0) {
3769 log_oom();
3770 return;
3771 }
3772
3773 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3774 if (c & DESTROY_IPC_FLAG)
3775 return;
3776
3777 c |= DESTROY_IPC_FLAG;
3778
3779 r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3780 if (r < 0) {
3781 log_debug("Failed to add UID reference entry");
3782 return;
3783 }
3784 }
3785
3786 void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
3787 manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
3788 }
3789
3790 void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
3791 manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
3792 }
3793
3794 int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
3795 struct buffer {
3796 uid_t uid;
3797 gid_t gid;
3798 char unit_name[UNIT_NAME_MAX+1];
3799 } _packed_ buffer;
3800
3801 Manager *m = userdata;
3802 ssize_t l;
3803 size_t n;
3804 Unit *u;
3805
3806 assert_se(source);
3807 assert_se(m);
3808
3809 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
3810 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
3811 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
3812
3813 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
3814 if (l < 0) {
3815 if (IN_SET(errno, EINTR, EAGAIN))
3816 return 0;
3817
3818 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
3819 }
3820
3821 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
3822 log_warning("Received too short user lookup message, ignoring.");
3823 return 0;
3824 }
3825
3826 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
3827 log_warning("Received too long user lookup message, ignoring.");
3828 return 0;
3829 }
3830
3831 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
3832 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
3833 return 0;
3834 }
3835
3836 n = (size_t) l - offsetof(struct buffer, unit_name);
3837 if (memchr(buffer.unit_name, 0, n)) {
3838 log_warning("Received lookup message with embedded NUL character, ignoring.");
3839 return 0;
3840 }
3841
3842 buffer.unit_name[n] = 0;
3843 u = manager_get_unit(m, buffer.unit_name);
3844 if (!u) {
3845 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
3846 return 0;
3847 }
3848
3849 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
3850
3851 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
3852 return 0;
3853 }
3854
3855 char *manager_taint_string(Manager *m) {
3856 _cleanup_free_ char *destination = NULL;
3857 char *buf, *e;
3858 int r;
3859
3860 assert(m);
3861
3862 buf = new(char, sizeof("split-usr:"
3863 "cgroups-missing:"
3864 "local-hwclock:"
3865 "var-run-bad:"
3866 "weird-nobody-user:"
3867 "weird-nobody-group:"));
3868 if (!buf)
3869 return NULL;
3870
3871 e = buf;
3872
3873 if (m->taint_usr)
3874 e = stpcpy(e, "split-usr:");
3875
3876 if (access("/proc/cgroups", F_OK) < 0)
3877 e = stpcpy(e, "cgroups-missing:");
3878
3879 if (clock_is_localtime(NULL) > 0)
3880 e = stpcpy(e, "local-hwclock:");
3881
3882 r = readlink_malloc("/var/run", &destination);
3883 if (r < 0 || !PATH_IN_SET(destination, "../run", "/run"))
3884 e = stpcpy(e, "var-run-bad:");
3885
3886 if (!streq(NOBODY_USER_NAME, "nobody"))
3887 e = stpcpy(e, "weird-nobody-user:");
3888
3889 if (!streq(NOBODY_GROUP_NAME, "nobody"))
3890 e = stpcpy(e, "weird-nobody-group:");
3891
3892 /* remove the last ':' */
3893 if (e != buf)
3894 e[-1] = 0;
3895
3896 return buf;
3897 }
3898
3899 static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
3900 [MANAGER_INITIALIZING] = "initializing",
3901 [MANAGER_STARTING] = "starting",
3902 [MANAGER_RUNNING] = "running",
3903 [MANAGER_DEGRADED] = "degraded",
3904 [MANAGER_MAINTENANCE] = "maintenance",
3905 [MANAGER_STOPPING] = "stopping",
3906 };
3907
3908 DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
3909
3910 static const char *const manager_timestamp_table[_MANAGER_TIMESTAMP_MAX] = {
3911 [MANAGER_TIMESTAMP_FIRMWARE] = "firmware",
3912 [MANAGER_TIMESTAMP_LOADER] = "loader",
3913 [MANAGER_TIMESTAMP_KERNEL] = "kernel",
3914 [MANAGER_TIMESTAMP_INITRD] = "initrd",
3915 [MANAGER_TIMESTAMP_USERSPACE] = "userspace",
3916 [MANAGER_TIMESTAMP_FINISH] = "finish",
3917 [MANAGER_TIMESTAMP_SECURITY_START] = "security-start",
3918 [MANAGER_TIMESTAMP_SECURITY_FINISH] = "security-finish",
3919 [MANAGER_TIMESTAMP_GENERATORS_START] = "generators-start",
3920 [MANAGER_TIMESTAMP_GENERATORS_FINISH] = "generators-finish",
3921 [MANAGER_TIMESTAMP_UNITS_LOAD_START] = "units-load-start",
3922 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH] = "units-load-finish",
3923 };
3924
3925 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp, ManagerTimestamp);
Unnamed repository; edit this file 'description' to name the repository.