1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include <stdio_ext.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
43 #include "alloc-util.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
56 #include "dirent-util.h"
59 #include "exec-util.h"
61 #include "exit-status.h"
68 #include "locale-setup.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
80 #include "signal-util.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
87 #include "terminal-util.h"
88 #include "time-util.h"
89 #include "transaction.h"
90 #include "umask-util.h"
91 #include "unit-name.h"
92 #include "user-util.h"
97 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
98 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
100 /* Initial delay and the interval for printing status messages about running jobs */
101 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
102 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
103 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
105 /* If there are more than 1K bus messages queue across our API and direct busses, then let's not add more on top until
106 * the queue gets more empty. */
107 #define MANAGER_BUS_BUSY_THRESHOLD 1024LU
109 /* How many units and jobs to process of the bus queue before returning to the event loop. */
110 #define MANAGER_BUS_MESSAGE_BUDGET 100U
112 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
113 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
114 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
115 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
116 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
117 static int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
118 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
);
119 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
);
120 static int manager_dispatch_sigchld(sd_event_source
*source
, void *userdata
);
121 static int manager_run_environment_generators(Manager
*m
);
122 static int manager_run_generators(Manager
*m
);
124 static void manager_watch_jobs_in_progress(Manager
*m
) {
130 /* We do not want to show the cylon animation if the user
131 * needs to confirm service executions otherwise confirmation
132 * messages will be screwed by the cylon animation. */
133 if (!manager_is_confirm_spawn_disabled(m
))
136 if (m
->jobs_in_progress_event_source
)
139 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
;
140 r
= sd_event_add_time(
142 &m
->jobs_in_progress_event_source
,
145 manager_dispatch_jobs_in_progress
, m
);
149 (void) sd_event_source_set_description(m
->jobs_in_progress_event_source
, "manager-jobs-in-progress");
152 #define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
154 static void draw_cylon(char buffer
[], size_t buflen
, unsigned width
, unsigned pos
) {
157 assert(buflen
>= CYLON_BUFFER_EXTRA
+ width
+ 1);
158 assert(pos
<= width
+1); /* 0 or width+1 mean that the center light is behind the corner */
162 p
= mempset(p
, ' ', pos
-2);
163 if (log_get_show_color())
164 p
= stpcpy(p
, ANSI_RED
);
168 if (pos
> 0 && pos
<= width
) {
169 if (log_get_show_color())
170 p
= stpcpy(p
, ANSI_HIGHLIGHT_RED
);
174 if (log_get_show_color())
175 p
= stpcpy(p
, ANSI_NORMAL
);
178 if (log_get_show_color())
179 p
= stpcpy(p
, ANSI_RED
);
182 p
= mempset(p
, ' ', width
-1-pos
);
183 if (log_get_show_color())
184 strcpy(p
, ANSI_NORMAL
);
188 void manager_flip_auto_status(Manager
*m
, bool enable
) {
192 if (m
->show_status
== SHOW_STATUS_AUTO
)
193 manager_set_show_status(m
, SHOW_STATUS_TEMPORARY
);
195 if (m
->show_status
== SHOW_STATUS_TEMPORARY
)
196 manager_set_show_status(m
, SHOW_STATUS_AUTO
);
200 static void manager_print_jobs_in_progress(Manager
*m
) {
201 _cleanup_free_
char *job_of_n
= NULL
;
204 unsigned counter
= 0, print_nr
;
205 char cylon
[6 + CYLON_BUFFER_EXTRA
+ 1];
207 char time
[FORMAT_TIMESPAN_MAX
], limit
[FORMAT_TIMESPAN_MAX
] = "no limit";
211 assert(m
->n_running_jobs
> 0);
213 manager_flip_auto_status(m
, true);
215 print_nr
= (m
->jobs_in_progress_iteration
/ JOBS_IN_PROGRESS_PERIOD_DIVISOR
) % m
->n_running_jobs
;
217 HASHMAP_FOREACH(j
, m
->jobs
, i
)
218 if (j
->state
== JOB_RUNNING
&& counter
++ == print_nr
)
221 /* m->n_running_jobs must be consistent with the contents of m->jobs,
222 * so the above loop must have succeeded in finding j. */
223 assert(counter
== print_nr
+ 1);
226 cylon_pos
= m
->jobs_in_progress_iteration
% 14;
228 cylon_pos
= 14 - cylon_pos
;
229 draw_cylon(cylon
, sizeof(cylon
), 6, cylon_pos
);
231 m
->jobs_in_progress_iteration
++;
233 if (m
->n_running_jobs
> 1) {
234 if (asprintf(&job_of_n
, "(%u of %u) ", counter
, m
->n_running_jobs
) < 0)
238 format_timespan(time
, sizeof(time
), now(CLOCK_MONOTONIC
) - j
->begin_usec
, 1*USEC_PER_SEC
);
239 if (job_get_timeout(j
, &x
) > 0)
240 format_timespan(limit
, sizeof(limit
), x
- j
->begin_usec
, 1*USEC_PER_SEC
);
242 manager_status_printf(m
, STATUS_TYPE_EPHEMERAL
, cylon
,
243 "%sA %s job is running for %s (%s / %s)",
245 job_type_to_string(j
->type
),
246 unit_description(j
->unit
),
250 static int have_ask_password(void) {
251 _cleanup_closedir_
DIR *dir
;
254 dir
= opendir("/run/systemd/ask-password");
262 FOREACH_DIRENT_ALL(de
, dir
, return -errno
) {
263 if (startswith(de
->d_name
, "ask."))
269 static int manager_dispatch_ask_password_fd(sd_event_source
*source
,
270 int fd
, uint32_t revents
, void *userdata
) {
271 Manager
*m
= userdata
;
277 m
->have_ask_password
= have_ask_password();
278 if (m
->have_ask_password
< 0)
279 /* Log error but continue. Negative have_ask_password
280 * is treated as unknown status. */
281 log_error_errno(m
->have_ask_password
, "Failed to list /run/systemd/ask-password: %m");
286 static void manager_close_ask_password(Manager
*m
) {
289 m
->ask_password_event_source
= sd_event_source_unref(m
->ask_password_event_source
);
290 m
->ask_password_inotify_fd
= safe_close(m
->ask_password_inotify_fd
);
291 m
->have_ask_password
= -EINVAL
;
294 static int manager_check_ask_password(Manager
*m
) {
299 if (!m
->ask_password_event_source
) {
300 assert(m
->ask_password_inotify_fd
< 0);
302 mkdir_p_label("/run/systemd/ask-password", 0755);
304 m
->ask_password_inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
305 if (m
->ask_password_inotify_fd
< 0)
306 return log_error_errno(errno
, "inotify_init1() failed: %m");
308 if (inotify_add_watch(m
->ask_password_inotify_fd
, "/run/systemd/ask-password", IN_CREATE
|IN_DELETE
|IN_MOVE
) < 0) {
309 log_error_errno(errno
, "Failed to add watch on /run/systemd/ask-password: %m");
310 manager_close_ask_password(m
);
314 r
= sd_event_add_io(m
->event
, &m
->ask_password_event_source
,
315 m
->ask_password_inotify_fd
, EPOLLIN
,
316 manager_dispatch_ask_password_fd
, m
);
318 log_error_errno(errno
, "Failed to add event source for /run/systemd/ask-password: %m");
319 manager_close_ask_password(m
);
323 (void) sd_event_source_set_description(m
->ask_password_event_source
, "manager-ask-password");
325 /* Queries might have been added meanwhile... */
326 manager_dispatch_ask_password_fd(m
->ask_password_event_source
,
327 m
->ask_password_inotify_fd
, EPOLLIN
, m
);
330 return m
->have_ask_password
;
333 static int manager_watch_idle_pipe(Manager
*m
) {
338 if (m
->idle_pipe_event_source
)
341 if (m
->idle_pipe
[2] < 0)
344 r
= sd_event_add_io(m
->event
, &m
->idle_pipe_event_source
, m
->idle_pipe
[2], EPOLLIN
, manager_dispatch_idle_pipe_fd
, m
);
346 return log_error_errno(r
, "Failed to watch idle pipe: %m");
348 (void) sd_event_source_set_description(m
->idle_pipe_event_source
, "manager-idle-pipe");
353 static void manager_close_idle_pipe(Manager
*m
) {
356 m
->idle_pipe_event_source
= sd_event_source_unref(m
->idle_pipe_event_source
);
358 safe_close_pair(m
->idle_pipe
);
359 safe_close_pair(m
->idle_pipe
+ 2);
362 static int manager_setup_time_change(Manager
*m
) {
365 /* We only care for the cancellation event, hence we set the
366 * timeout to the latest possible value. */
367 struct itimerspec its
= {
368 .it_value
.tv_sec
= TIME_T_MAX
,
372 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX
));
374 if (m
->test_run_flags
)
377 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
378 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
380 m
->time_change_fd
= timerfd_create(CLOCK_REALTIME
, TFD_NONBLOCK
|TFD_CLOEXEC
);
381 if (m
->time_change_fd
< 0)
382 return log_error_errno(errno
, "Failed to create timerfd: %m");
384 if (timerfd_settime(m
->time_change_fd
, TFD_TIMER_ABSTIME
|TFD_TIMER_CANCEL_ON_SET
, &its
, NULL
) < 0) {
385 log_debug_errno(errno
, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
386 m
->time_change_fd
= safe_close(m
->time_change_fd
);
390 r
= sd_event_add_io(m
->event
, &m
->time_change_event_source
, m
->time_change_fd
, EPOLLIN
, manager_dispatch_time_change_fd
, m
);
392 return log_error_errno(r
, "Failed to create time change event source: %m");
394 (void) sd_event_source_set_description(m
->time_change_event_source
, "manager-time-change");
396 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
401 static int enable_special_signals(Manager
*m
) {
402 _cleanup_close_
int fd
= -1;
406 if (m
->test_run_flags
)
409 /* Enable that we get SIGINT on control-alt-del. In containers
410 * this will fail with EPERM (older) or EINVAL (newer), so
412 if (reboot(RB_DISABLE_CAD
) < 0 && !IN_SET(errno
, EPERM
, EINVAL
))
413 log_warning_errno(errno
, "Failed to enable ctrl-alt-del handling: %m");
415 fd
= open_terminal("/dev/tty0", O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
417 /* Support systems without virtual console */
419 log_warning_errno(errno
, "Failed to open /dev/tty0: %m");
421 /* Enable that we get SIGWINCH on kbrequest */
422 if (ioctl(fd
, KDSIGACCEPT
, SIGWINCH
) < 0)
423 log_warning_errno(errno
, "Failed to enable kbrequest handling: %m");
429 #define RTSIG_IF_AVAILABLE(signum) (signum <= SIGRTMAX ? signum : -1)
431 static int manager_setup_signals(Manager
*m
) {
432 struct sigaction sa
= {
433 .sa_handler
= SIG_DFL
,
434 .sa_flags
= SA_NOCLDSTOP
|SA_RESTART
,
441 assert_se(sigaction(SIGCHLD
, &sa
, NULL
) == 0);
443 /* We make liberal use of realtime signals here. On
444 * Linux/glibc we have 30 of them (with the exception of Linux
445 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
448 assert_se(sigemptyset(&mask
) == 0);
449 sigset_add_many(&mask
,
450 SIGCHLD
, /* Child died */
451 SIGTERM
, /* Reexecute daemon */
452 SIGHUP
, /* Reload configuration */
453 SIGUSR1
, /* systemd/upstart: reconnect to D-Bus */
454 SIGUSR2
, /* systemd: dump status */
455 SIGINT
, /* Kernel sends us this on control-alt-del */
456 SIGWINCH
, /* Kernel sends us this on kbrequest (alt-arrowup) */
457 SIGPWR
, /* Some kernel drivers and upsd send us this on power failure */
459 SIGRTMIN
+0, /* systemd: start default.target */
460 SIGRTMIN
+1, /* systemd: isolate rescue.target */
461 SIGRTMIN
+2, /* systemd: isolate emergency.target */
462 SIGRTMIN
+3, /* systemd: start halt.target */
463 SIGRTMIN
+4, /* systemd: start poweroff.target */
464 SIGRTMIN
+5, /* systemd: start reboot.target */
465 SIGRTMIN
+6, /* systemd: start kexec.target */
467 /* ... space for more special targets ... */
469 SIGRTMIN
+13, /* systemd: Immediate halt */
470 SIGRTMIN
+14, /* systemd: Immediate poweroff */
471 SIGRTMIN
+15, /* systemd: Immediate reboot */
472 SIGRTMIN
+16, /* systemd: Immediate kexec */
474 /* ... space for more immediate system state changes ... */
476 SIGRTMIN
+20, /* systemd: enable status messages */
477 SIGRTMIN
+21, /* systemd: disable status messages */
478 SIGRTMIN
+22, /* systemd: set log level to LOG_DEBUG */
479 SIGRTMIN
+23, /* systemd: set log level to LOG_INFO */
480 SIGRTMIN
+24, /* systemd: Immediate exit (--user only) */
482 /* .. one free signal here ... */
484 /* Apparently Linux on hppa had fewer RT signals until v3.18,
485 * SIGRTMAX was SIGRTMIN+25, and then SIGRTMIN was lowered,
486 * see commit v3.17-7614-g1f25df2eff.
488 * We cannot unconditionally make use of those signals here,
489 * so let's use a runtime check. Since these commands are
490 * accessible by different means and only really a safety
491 * net, the missing functionality on hppa shouldn't matter.
494 RTSIG_IF_AVAILABLE(SIGRTMIN
+26), /* systemd: set log target to journal-or-kmsg */
495 RTSIG_IF_AVAILABLE(SIGRTMIN
+27), /* systemd: set log target to console */
496 RTSIG_IF_AVAILABLE(SIGRTMIN
+28), /* systemd: set log target to kmsg */
497 RTSIG_IF_AVAILABLE(SIGRTMIN
+29), /* systemd: set log target to syslog-or-kmsg (obsolete) */
499 /* ... one free signal here SIGRTMIN+30 ... */
501 assert_se(sigprocmask(SIG_SETMASK
, &mask
, NULL
) == 0);
503 m
->signal_fd
= signalfd(-1, &mask
, SFD_NONBLOCK
|SFD_CLOEXEC
);
504 if (m
->signal_fd
< 0)
507 r
= sd_event_add_io(m
->event
, &m
->signal_event_source
, m
->signal_fd
, EPOLLIN
, manager_dispatch_signal_fd
, m
);
511 (void) sd_event_source_set_description(m
->signal_event_source
, "manager-signal");
513 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
514 * notify processing can still figure out to which process/service a message belongs, before we reap the
515 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
516 * status information before detecting that there's no process in a cgroup. */
517 r
= sd_event_source_set_priority(m
->signal_event_source
, SD_EVENT_PRIORITY_NORMAL
-6);
521 if (MANAGER_IS_SYSTEM(m
))
522 return enable_special_signals(m
);
527 static void manager_sanitize_environment(Manager
*m
) {
530 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
550 /* Let's order the environment alphabetically, just to make it pretty */
551 strv_sort(m
->environment
);
554 static int manager_default_environment(Manager
*m
) {
557 if (MANAGER_IS_SYSTEM(m
)) {
558 /* The system manager always starts with a clean
559 * environment for its children. It does not import
560 * the kernel's or the parents' exported variables.
562 * The initial passed environment is untouched to keep
563 * /proc/self/environ valid; it is used for tagging
564 * the init process inside containers. */
565 m
->environment
= strv_new("PATH=" DEFAULT_PATH
,
568 /* Import locale variables LC_*= from configuration */
569 locale_setup(&m
->environment
);
571 /* The user manager passes its own environment
572 * along to its children. */
573 m
->environment
= strv_copy(environ
);
578 manager_sanitize_environment(m
);
583 static int manager_setup_prefix(Manager
*m
) {
589 static const struct table_entry paths_system
[_EXEC_DIRECTORY_TYPE_MAX
] = {
590 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_SYSTEM_RUNTIME
, NULL
},
591 [EXEC_DIRECTORY_STATE
] = { SD_PATH_SYSTEM_STATE_PRIVATE
, NULL
},
592 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_SYSTEM_STATE_CACHE
, NULL
},
593 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_SYSTEM_STATE_LOGS
, NULL
},
594 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_SYSTEM_CONFIGURATION
, NULL
},
597 static const struct table_entry paths_user
[_EXEC_DIRECTORY_TYPE_MAX
] = {
598 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_USER_RUNTIME
, NULL
},
599 [EXEC_DIRECTORY_STATE
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
600 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_USER_STATE_CACHE
, NULL
},
601 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_USER_CONFIGURATION
, "log" },
602 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
605 const struct table_entry
*p
;
611 if (MANAGER_IS_SYSTEM(m
))
616 for (i
= 0; i
< _EXEC_DIRECTORY_TYPE_MAX
; i
++) {
617 r
= sd_path_home(p
[i
].type
, p
[i
].suffix
, &m
->prefix
[i
]);
625 static int manager_setup_run_queue(Manager
*m
) {
629 assert(!m
->run_queue_event_source
);
631 r
= sd_event_add_defer(m
->event
, &m
->run_queue_event_source
, manager_dispatch_run_queue
, m
);
635 r
= sd_event_source_set_priority(m
->run_queue_event_source
, SD_EVENT_PRIORITY_IDLE
);
639 r
= sd_event_source_set_enabled(m
->run_queue_event_source
, SD_EVENT_OFF
);
643 (void) sd_event_source_set_description(m
->run_queue_event_source
, "manager-run-queue");
648 static int manager_setup_sigchld_event_source(Manager
*m
) {
652 assert(!m
->sigchld_event_source
);
654 r
= sd_event_add_defer(m
->event
, &m
->sigchld_event_source
, manager_dispatch_sigchld
, m
);
658 r
= sd_event_source_set_priority(m
->sigchld_event_source
, SD_EVENT_PRIORITY_NORMAL
-7);
662 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_OFF
);
666 (void) sd_event_source_set_description(m
->sigchld_event_source
, "manager-sigchld");
671 int manager_new(UnitFileScope scope
, unsigned test_run_flags
, Manager
**_m
) {
672 _cleanup_(manager_freep
) Manager
*m
= NULL
;
676 assert(IN_SET(scope
, UNIT_FILE_SYSTEM
, UNIT_FILE_USER
));
678 m
= new0(Manager
, 1);
682 m
->unit_file_scope
= scope
;
683 m
->exit_code
= _MANAGER_EXIT_CODE_INVALID
;
684 m
->default_timer_accuracy_usec
= USEC_PER_MINUTE
;
685 m
->default_memory_accounting
= MEMORY_ACCOUNTING_DEFAULT
;
686 m
->default_tasks_accounting
= true;
687 m
->default_tasks_max
= UINT64_MAX
;
688 m
->default_timeout_start_usec
= DEFAULT_TIMEOUT_USEC
;
689 m
->default_timeout_stop_usec
= DEFAULT_TIMEOUT_USEC
;
690 m
->default_restart_usec
= DEFAULT_RESTART_USEC
;
693 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0)
694 boot_timestamps(m
->timestamps
+ MANAGER_TIMESTAMP_USERSPACE
,
695 m
->timestamps
+ MANAGER_TIMESTAMP_FIRMWARE
,
696 m
->timestamps
+ MANAGER_TIMESTAMP_LOADER
);
699 /* Prepare log fields we can use for structured logging */
700 if (MANAGER_IS_SYSTEM(m
)) {
701 m
->unit_log_field
= "UNIT=";
702 m
->unit_log_format_string
= "UNIT=%s";
704 m
->invocation_log_field
= "INVOCATION_ID=";
705 m
->invocation_log_format_string
= "INVOCATION_ID=%s";
707 m
->unit_log_field
= "USER_UNIT=";
708 m
->unit_log_format_string
= "USER_UNIT=%s";
710 m
->invocation_log_field
= "USER_INVOCATION_ID=";
711 m
->invocation_log_format_string
= "USER_INVOCATION_ID=%s";
714 m
->idle_pipe
[0] = m
->idle_pipe
[1] = m
->idle_pipe
[2] = m
->idle_pipe
[3] = -1;
716 m
->pin_cgroupfs_fd
= m
->notify_fd
= m
->cgroups_agent_fd
= m
->signal_fd
= m
->time_change_fd
=
717 m
->dev_autofs_fd
= m
->private_listen_fd
= m
->cgroup_inotify_fd
=
718 m
->ask_password_inotify_fd
= -1;
720 m
->user_lookup_fds
[0] = m
->user_lookup_fds
[1] = -1;
722 m
->current_job_id
= 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
724 m
->have_ask_password
= -EINVAL
; /* we don't know */
727 m
->test_run_flags
= test_run_flags
;
729 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
730 RATELIMIT_INIT(m
->ctrl_alt_del_ratelimit
, 2 * USEC_PER_SEC
, 7);
732 r
= manager_default_environment(m
);
736 r
= hashmap_ensure_allocated(&m
->units
, &string_hash_ops
);
740 r
= hashmap_ensure_allocated(&m
->jobs
, NULL
);
744 r
= hashmap_ensure_allocated(&m
->cgroup_unit
, &path_hash_ops
);
748 r
= hashmap_ensure_allocated(&m
->watch_bus
, &string_hash_ops
);
752 r
= manager_setup_prefix(m
);
756 m
->udev
= udev_new();
760 r
= sd_event_default(&m
->event
);
764 r
= manager_setup_run_queue(m
);
768 if (test_run_flags
== MANAGER_TEST_RUN_MINIMAL
) {
769 m
->cgroup_root
= strdup("");
773 r
= manager_setup_signals(m
);
777 r
= manager_setup_cgroup(m
);
781 r
= manager_setup_time_change(m
);
785 r
= manager_setup_sigchld_event_source(m
);
790 if (MANAGER_IS_SYSTEM(m
) && test_run_flags
== 0) {
791 r
= mkdir_label("/run/systemd/units", 0755);
792 if (r
< 0 && r
!= -EEXIST
)
798 dir_is_empty("/usr") > 0;
800 /* Note that we do not set up the notify fd here. We do that after deserialization,
801 * since they might have gotten serialized across the reexec. */
808 static int manager_setup_notify(Manager
*m
) {
811 if (m
->test_run_flags
)
814 if (m
->notify_fd
< 0) {
815 _cleanup_close_
int fd
= -1;
816 union sockaddr_union sa
= {
817 .sa
.sa_family
= AF_UNIX
,
819 static const int one
= 1;
821 /* First free all secondary fields */
822 m
->notify_socket
= mfree(m
->notify_socket
);
823 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
825 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
827 return log_error_errno(errno
, "Failed to allocate notification socket: %m");
829 fd_inc_rcvbuf(fd
, NOTIFY_RCVBUF_SIZE
);
831 m
->notify_socket
= strappend(m
->prefix
[EXEC_DIRECTORY_RUNTIME
], "/systemd/notify");
832 if (!m
->notify_socket
)
835 (void) mkdir_parents_label(m
->notify_socket
, 0755);
836 (void) unlink(m
->notify_socket
);
838 strncpy(sa
.un
.sun_path
, m
->notify_socket
, sizeof(sa
.un
.sun_path
)-1);
839 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
841 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
843 r
= setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
845 return log_error_errno(errno
, "SO_PASSCRED failed: %m");
847 m
->notify_fd
= TAKE_FD(fd
);
849 log_debug("Using notification socket %s", m
->notify_socket
);
852 if (!m
->notify_event_source
) {
853 r
= sd_event_add_io(m
->event
, &m
->notify_event_source
, m
->notify_fd
, EPOLLIN
, manager_dispatch_notify_fd
, m
);
855 return log_error_errno(r
, "Failed to allocate notify event source: %m");
857 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
858 * service an exit message belongs. */
859 r
= sd_event_source_set_priority(m
->notify_event_source
, SD_EVENT_PRIORITY_NORMAL
-8);
861 return log_error_errno(r
, "Failed to set priority of notify event source: %m");
863 (void) sd_event_source_set_description(m
->notify_event_source
, "manager-notify");
869 static int manager_setup_cgroups_agent(Manager
*m
) {
871 static const union sockaddr_union sa
= {
872 .un
.sun_family
= AF_UNIX
,
873 .un
.sun_path
= "/run/systemd/cgroups-agent",
877 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
878 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
879 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
880 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
881 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
882 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
883 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
884 * we thus won't lose messages.
886 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
887 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
888 * bus for these messages. */
890 if (m
->test_run_flags
)
893 if (!MANAGER_IS_SYSTEM(m
))
896 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
898 return log_error_errno(r
, "Failed to determine whether unified cgroups hierarchy is used: %m");
899 if (r
> 0) /* We don't need this anymore on the unified hierarchy */
902 if (m
->cgroups_agent_fd
< 0) {
903 _cleanup_close_
int fd
= -1;
905 /* First free all secondary fields */
906 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
908 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
910 return log_error_errno(errno
, "Failed to allocate cgroups agent socket: %m");
912 fd_inc_rcvbuf(fd
, CGROUPS_AGENT_RCVBUF_SIZE
);
914 (void) unlink(sa
.un
.sun_path
);
916 /* Only allow root to connect to this socket */
918 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
920 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
922 m
->cgroups_agent_fd
= fd
;
926 if (!m
->cgroups_agent_event_source
) {
927 r
= sd_event_add_io(m
->event
, &m
->cgroups_agent_event_source
, m
->cgroups_agent_fd
, EPOLLIN
, manager_dispatch_cgroups_agent_fd
, m
);
929 return log_error_errno(r
, "Failed to allocate cgroups agent event source: %m");
931 /* Process cgroups notifications early, but after having processed service notification messages or
932 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
933 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
934 * cgroup inotify for the unified cgroup stuff. */
935 r
= sd_event_source_set_priority(m
->cgroups_agent_event_source
, SD_EVENT_PRIORITY_NORMAL
-4);
937 return log_error_errno(r
, "Failed to set priority of cgroups agent event source: %m");
939 (void) sd_event_source_set_description(m
->cgroups_agent_event_source
, "manager-cgroups-agent");
945 static int manager_setup_user_lookup_fd(Manager
*m
) {
950 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
951 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
952 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
953 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
954 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
955 * hence we establish this communication channel so that forked off processes can pass their UID/GID
956 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
957 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
960 * You might wonder why we need a communication channel for this that is independent of the usual notification
961 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
962 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
963 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
965 * Note that this function is called under two circumstances: when we first initialize (in which case we
966 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
967 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
969 if (m
->user_lookup_fds
[0] < 0) {
971 /* Free all secondary fields */
972 safe_close_pair(m
->user_lookup_fds
);
973 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
975 if (socketpair(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
, 0, m
->user_lookup_fds
) < 0)
976 return log_error_errno(errno
, "Failed to allocate user lookup socket: %m");
978 (void) fd_inc_rcvbuf(m
->user_lookup_fds
[0], NOTIFY_RCVBUF_SIZE
);
981 if (!m
->user_lookup_event_source
) {
982 r
= sd_event_add_io(m
->event
, &m
->user_lookup_event_source
, m
->user_lookup_fds
[0], EPOLLIN
, manager_dispatch_user_lookup_fd
, m
);
984 return log_error_errno(errno
, "Failed to allocate user lookup event source: %m");
986 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
988 r
= sd_event_source_set_priority(m
->user_lookup_event_source
, SD_EVENT_PRIORITY_NORMAL
-11);
990 return log_error_errno(errno
, "Failed to set priority ot user lookup event source: %m");
992 (void) sd_event_source_set_description(m
->user_lookup_event_source
, "user-lookup");
998 static unsigned manager_dispatch_cleanup_queue(Manager
*m
) {
1004 while ((u
= m
->cleanup_queue
)) {
1005 assert(u
->in_cleanup_queue
);
1015 GC_OFFSET_IN_PATH
, /* This one is on the path we were traveling */
1016 GC_OFFSET_UNSURE
, /* No clue */
1017 GC_OFFSET_GOOD
, /* We still need this unit */
1018 GC_OFFSET_BAD
, /* We don't need this unit anymore */
1022 static void unit_gc_mark_good(Unit
*u
, unsigned gc_marker
) {
1027 u
->gc_marker
= gc_marker
+ GC_OFFSET_GOOD
;
1029 /* Recursively mark referenced units as GOOD as well */
1030 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCES
], i
)
1031 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_UNSURE
)
1032 unit_gc_mark_good(other
, gc_marker
);
1035 static void unit_gc_sweep(Unit
*u
, unsigned gc_marker
) {
1043 if (IN_SET(u
->gc_marker
- gc_marker
,
1044 GC_OFFSET_GOOD
, GC_OFFSET_BAD
, GC_OFFSET_UNSURE
, GC_OFFSET_IN_PATH
))
1047 if (u
->in_cleanup_queue
)
1050 if (!unit_may_gc(u
))
1053 u
->gc_marker
= gc_marker
+ GC_OFFSET_IN_PATH
;
1057 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCED_BY
], i
) {
1058 unit_gc_sweep(other
, gc_marker
);
1060 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_GOOD
)
1063 if (other
->gc_marker
!= gc_marker
+ GC_OFFSET_BAD
)
1067 if (u
->refs_by_target
) {
1070 LIST_FOREACH(refs_by_target
, ref
, u
->refs_by_target
) {
1071 unit_gc_sweep(ref
->source
, gc_marker
);
1073 if (ref
->source
->gc_marker
== gc_marker
+ GC_OFFSET_GOOD
)
1076 if (ref
->source
->gc_marker
!= gc_marker
+ GC_OFFSET_BAD
)
1084 /* We were unable to find anything out about this entry, so
1085 * let's investigate it later */
1086 u
->gc_marker
= gc_marker
+ GC_OFFSET_UNSURE
;
1087 unit_add_to_gc_queue(u
);
1091 /* We definitely know that this one is not useful anymore, so
1092 * let's mark it for deletion */
1093 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1094 unit_add_to_cleanup_queue(u
);
1098 unit_gc_mark_good(u
, gc_marker
);
1101 static unsigned manager_dispatch_gc_unit_queue(Manager
*m
) {
1102 unsigned n
= 0, gc_marker
;
1107 /* log_debug("Running GC..."); */
1109 m
->gc_marker
+= _GC_OFFSET_MAX
;
1110 if (m
->gc_marker
+ _GC_OFFSET_MAX
<= _GC_OFFSET_MAX
)
1113 gc_marker
= m
->gc_marker
;
1115 while ((u
= m
->gc_unit_queue
)) {
1116 assert(u
->in_gc_queue
);
1118 unit_gc_sweep(u
, gc_marker
);
1120 LIST_REMOVE(gc_queue
, m
->gc_unit_queue
, u
);
1121 u
->in_gc_queue
= false;
1125 if (IN_SET(u
->gc_marker
- gc_marker
,
1126 GC_OFFSET_BAD
, GC_OFFSET_UNSURE
)) {
1128 log_unit_debug(u
, "Collecting.");
1129 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1130 unit_add_to_cleanup_queue(u
);
1137 static unsigned manager_dispatch_gc_job_queue(Manager
*m
) {
1143 while ((j
= m
->gc_job_queue
)) {
1144 assert(j
->in_gc_queue
);
1146 LIST_REMOVE(gc_queue
, m
->gc_job_queue
, j
);
1147 j
->in_gc_queue
= false;
1154 log_unit_debug(j
->unit
, "Collecting job.");
1155 (void) job_finish_and_invalidate(j
, JOB_COLLECTED
, false, false);
1161 static void manager_clear_jobs_and_units(Manager
*m
) {
1166 while ((u
= hashmap_first(m
->units
)))
1169 manager_dispatch_cleanup_queue(m
);
1171 assert(!m
->load_queue
);
1172 assert(!m
->run_queue
);
1173 assert(!m
->dbus_unit_queue
);
1174 assert(!m
->dbus_job_queue
);
1175 assert(!m
->cleanup_queue
);
1176 assert(!m
->gc_unit_queue
);
1177 assert(!m
->gc_job_queue
);
1179 assert(hashmap_isempty(m
->jobs
));
1180 assert(hashmap_isempty(m
->units
));
1182 m
->n_on_console
= 0;
1183 m
->n_running_jobs
= 0;
1186 Manager
* manager_free(Manager
*m
) {
1189 ExecDirectoryType dt
;
1194 manager_clear_jobs_and_units(m
);
1196 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++)
1197 if (unit_vtable
[c
]->shutdown
)
1198 unit_vtable
[c
]->shutdown(m
);
1200 /* If we reexecute ourselves, we keep the root cgroup around */
1201 manager_shutdown_cgroup(m
, m
->exit_code
!= MANAGER_REEXECUTE
);
1203 lookup_paths_flush_generator(&m
->lookup_paths
);
1207 exec_runtime_vacuum(m
);
1208 hashmap_free(m
->exec_runtime_by_id
);
1210 dynamic_user_vacuum(m
, false);
1211 hashmap_free(m
->dynamic_users
);
1213 hashmap_free(m
->units
);
1214 hashmap_free(m
->units_by_invocation_id
);
1215 hashmap_free(m
->jobs
);
1216 hashmap_free(m
->watch_pids
);
1217 hashmap_free(m
->watch_bus
);
1219 set_free(m
->startup_units
);
1220 set_free(m
->failed_units
);
1222 sd_event_source_unref(m
->signal_event_source
);
1223 sd_event_source_unref(m
->sigchld_event_source
);
1224 sd_event_source_unref(m
->notify_event_source
);
1225 sd_event_source_unref(m
->cgroups_agent_event_source
);
1226 sd_event_source_unref(m
->time_change_event_source
);
1227 sd_event_source_unref(m
->jobs_in_progress_event_source
);
1228 sd_event_source_unref(m
->run_queue_event_source
);
1229 sd_event_source_unref(m
->user_lookup_event_source
);
1230 sd_event_source_unref(m
->sync_bus_names_event_source
);
1232 safe_close(m
->signal_fd
);
1233 safe_close(m
->notify_fd
);
1234 safe_close(m
->cgroups_agent_fd
);
1235 safe_close(m
->time_change_fd
);
1236 safe_close_pair(m
->user_lookup_fds
);
1238 manager_close_ask_password(m
);
1240 manager_close_idle_pipe(m
);
1242 udev_unref(m
->udev
);
1243 sd_event_unref(m
->event
);
1245 free(m
->notify_socket
);
1247 lookup_paths_free(&m
->lookup_paths
);
1248 strv_free(m
->environment
);
1250 hashmap_free(m
->cgroup_unit
);
1251 set_free_free(m
->unit_path_cache
);
1253 free(m
->switch_root
);
1254 free(m
->switch_root_init
);
1256 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
1257 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
1259 assert(hashmap_isempty(m
->units_requiring_mounts_for
));
1260 hashmap_free(m
->units_requiring_mounts_for
);
1262 hashmap_free(m
->uid_refs
);
1263 hashmap_free(m
->gid_refs
);
1265 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++)
1266 m
->prefix
[dt
] = mfree(m
->prefix
[dt
]);
1271 void manager_enumerate(Manager
*m
) {
1276 /* Let's ask every type to load all units from disk/kernel
1277 * that it might know */
1278 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++) {
1279 if (!unit_type_supported(c
)) {
1280 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c
));
1284 if (!unit_vtable
[c
]->enumerate
)
1287 unit_vtable
[c
]->enumerate(m
);
1290 manager_dispatch_load_queue(m
);
1293 static void manager_coldplug(Manager
*m
) {
1301 /* Then, let's set up their initial state. */
1302 HASHMAP_FOREACH_KEY(u
, k
, m
->units
, i
) {
1304 /* ignore aliases */
1308 r
= unit_coldplug(u
);
1310 log_warning_errno(r
, "We couldn't coldplug %s, proceeding anyway: %m", u
->id
);
1314 static void manager_build_unit_path_cache(Manager
*m
) {
1320 set_free_free(m
->unit_path_cache
);
1322 m
->unit_path_cache
= set_new(&path_hash_ops
);
1323 if (!m
->unit_path_cache
) {
1328 /* This simply builds a list of files we know exist, so that
1329 * we don't always have to go to disk */
1331 STRV_FOREACH(i
, m
->lookup_paths
.search_path
) {
1332 _cleanup_closedir_
DIR *d
= NULL
;
1337 if (errno
!= ENOENT
)
1338 log_warning_errno(errno
, "Failed to open directory %s, ignoring: %m", *i
);
1342 FOREACH_DIRENT(de
, d
, r
= -errno
; goto fail
) {
1345 p
= strjoin(streq(*i
, "/") ? "" : *i
, "/", de
->d_name
);
1351 r
= set_consume(m
->unit_path_cache
, p
);
1360 log_warning_errno(r
, "Failed to build unit path cache, proceeding without: %m");
1361 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
1364 static void manager_distribute_fds(Manager
*m
, FDSet
*fds
) {
1370 HASHMAP_FOREACH(u
, m
->units
, i
) {
1372 if (fdset_size(fds
) <= 0)
1375 if (!UNIT_VTABLE(u
)->distribute_fds
)
1378 UNIT_VTABLE(u
)->distribute_fds(u
, fds
);
1382 static bool manager_dbus_is_running(Manager
*m
, bool deserialized
) {
1387 /* This checks whether the dbus instance we are supposed to expose our APIs on is up. We check both the socket
1388 * and the service unit. If the 'deserialized' parameter is true we'll check the deserialized state of the unit
1389 * rather than the current one. */
1391 if (m
->test_run_flags
!= 0)
1394 /* If we are in the user instance, and the env var is already set for us, then this means D-Bus is ran
1395 * somewhere outside of our own logic. Let's use it */
1396 if (MANAGER_IS_USER(m
) && getenv("DBUS_SESSION_BUS_ADDRESS"))
1399 u
= manager_get_unit(m
, SPECIAL_DBUS_SOCKET
);
1402 if ((deserialized
? SOCKET(u
)->deserialized_state
: SOCKET(u
)->state
) != SOCKET_RUNNING
)
1405 u
= manager_get_unit(m
, SPECIAL_DBUS_SERVICE
);
1408 if (!IN_SET((deserialized
? SERVICE(u
)->deserialized_state
: SERVICE(u
)->state
), SERVICE_RUNNING
, SERVICE_RELOAD
))
1414 int manager_startup(Manager
*m
, FILE *serialization
, FDSet
*fds
) {
1419 /* If we are running in test mode, we still want to run the generators,
1420 * but we should not touch the real generator directories. */
1421 r
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
,
1422 m
->test_run_flags
? LOOKUP_PATHS_TEMPORARY_GENERATED
: 0,
1427 r
= manager_run_environment_generators(m
);
1431 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_GENERATORS_START
);
1432 r
= manager_run_generators(m
);
1433 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_GENERATORS_FINISH
);
1437 /* If this is the first boot, and we are in the host system, then preset everything */
1438 if (m
->first_boot
> 0 &&
1439 MANAGER_IS_SYSTEM(m
) &&
1440 !m
->test_run_flags
) {
1442 r
= unit_file_preset_all(UNIT_FILE_SYSTEM
, 0, NULL
, UNIT_FILE_PRESET_ENABLE_ONLY
, NULL
, 0);
1444 log_full_errno(r
== -EEXIST
? LOG_NOTICE
: LOG_WARNING
, r
,
1445 "Failed to populate /etc with preset unit settings, ignoring: %m");
1447 log_info("Populated /etc with preset unit settings.");
1450 lookup_paths_reduce(&m
->lookup_paths
);
1451 manager_build_unit_path_cache(m
);
1453 /* If we will deserialize make sure that during enumeration
1454 * this is already known, so we increase the counter here
1459 /* First, enumerate what we can from all config files */
1460 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_UNITS_LOAD_START
);
1461 manager_enumerate(m
);
1462 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_UNITS_LOAD_FINISH
);
1464 /* Second, deserialize if there is something to deserialize */
1465 if (serialization
) {
1466 r
= manager_deserialize(m
, serialization
, fds
);
1468 return log_error_errno(r
, "Deserialization failed: %m");
1471 /* Any fds left? Find some unit which wants them. This is
1472 * useful to allow container managers to pass some file
1473 * descriptors to us pre-initialized. This enables
1474 * socket-based activation of entire containers. */
1475 manager_distribute_fds(m
, fds
);
1477 /* We might have deserialized the notify fd, but if we didn't
1478 * then let's create the bus now */
1479 r
= manager_setup_notify(m
);
1481 /* No sense to continue without notifications, our children would fail anyway. */
1484 r
= manager_setup_cgroups_agent(m
);
1486 /* Likewise, no sense to continue without empty cgroup notifications. */
1489 r
= manager_setup_user_lookup_fd(m
);
1491 /* This shouldn't fail, except if things are really broken. */
1494 /* Let's set up our private bus connection now, unconditionally */
1495 (void) bus_init_private(m
);
1497 /* If we are in --user mode also connect to the system bus now */
1498 if (MANAGER_IS_USER(m
))
1499 (void) bus_init_system(m
);
1501 /* Let's connect to the bus now, but only if the unit is supposed to be up */
1502 if (manager_dbus_is_running(m
, !!serialization
)) {
1503 (void) bus_init_api(m
);
1505 if (MANAGER_IS_SYSTEM(m
))
1506 (void) bus_init_system(m
);
1509 /* Now that we are connected to all possible busses, let's deserialize who is tracking us. */
1510 (void) bus_track_coldplug(m
, &m
->subscribed
, false, m
->deserialized_subscribed
);
1511 m
->deserialized_subscribed
= strv_free(m
->deserialized_subscribed
);
1513 /* Third, fire things up! */
1514 manager_coldplug(m
);
1516 /* Release any dynamic users no longer referenced */
1517 dynamic_user_vacuum(m
, true);
1519 exec_runtime_vacuum(m
);
1521 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1522 manager_vacuum_uid_refs(m
);
1523 manager_vacuum_gid_refs(m
);
1525 if (serialization
) {
1526 assert(m
->n_reloading
> 0);
1529 /* Let's wait for the UnitNew/JobNew messages being
1530 * sent, before we notify that the reload is
1532 m
->send_reloading_done
= true;
1538 int manager_add_job(Manager
*m
, JobType type
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
, Job
**_ret
) {
1543 assert(type
< _JOB_TYPE_MAX
);
1545 assert(mode
< _JOB_MODE_MAX
);
1547 if (mode
== JOB_ISOLATE
&& type
!= JOB_START
)
1548 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Isolate is only valid for start.");
1550 if (mode
== JOB_ISOLATE
&& !unit
->allow_isolate
)
1551 return sd_bus_error_setf(e
, BUS_ERROR_NO_ISOLATION
, "Operation refused, unit may not be isolated.");
1553 log_unit_debug(unit
, "Trying to enqueue job %s/%s/%s", unit
->id
, job_type_to_string(type
), job_mode_to_string(mode
));
1555 type
= job_type_collapse(type
, unit
);
1557 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1561 r
= transaction_add_job_and_dependencies(tr
, type
, unit
, NULL
, true, false,
1562 IN_SET(mode
, JOB_IGNORE_DEPENDENCIES
, JOB_IGNORE_REQUIREMENTS
),
1563 mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1567 if (mode
== JOB_ISOLATE
) {
1568 r
= transaction_add_isolate_jobs(tr
, m
);
1573 r
= transaction_activate(tr
, m
, mode
, e
);
1577 log_unit_debug(unit
,
1578 "Enqueued job %s/%s as %u", unit
->id
,
1579 job_type_to_string(type
), (unsigned) tr
->anchor_job
->id
);
1582 *_ret
= tr
->anchor_job
;
1584 transaction_free(tr
);
1588 transaction_abort(tr
);
1589 transaction_free(tr
);
1593 int manager_add_job_by_name(Manager
*m
, JobType type
, const char *name
, JobMode mode
, sd_bus_error
*e
, Job
**ret
) {
1594 Unit
*unit
= NULL
; /* just to appease gcc, initialization is not really necessary */
1598 assert(type
< _JOB_TYPE_MAX
);
1600 assert(mode
< _JOB_MODE_MAX
);
1602 r
= manager_load_unit(m
, name
, NULL
, NULL
, &unit
);
1607 return manager_add_job(m
, type
, unit
, mode
, e
, ret
);
1610 int manager_add_job_by_name_and_warn(Manager
*m
, JobType type
, const char *name
, JobMode mode
, Job
**ret
) {
1611 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1615 assert(type
< _JOB_TYPE_MAX
);
1617 assert(mode
< _JOB_MODE_MAX
);
1619 r
= manager_add_job_by_name(m
, type
, name
, mode
, &error
, ret
);
1621 return log_warning_errno(r
, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode
), name
, bus_error_message(&error
, r
));
1626 int manager_propagate_reload(Manager
*m
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
) {
1632 assert(mode
< _JOB_MODE_MAX
);
1633 assert(mode
!= JOB_ISOLATE
); /* Isolate is only valid for start */
1635 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1639 /* We need an anchor job */
1640 r
= transaction_add_job_and_dependencies(tr
, JOB_NOP
, unit
, NULL
, false, false, true, true, e
);
1644 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1645 transaction_add_propagate_reload_jobs(tr
, unit
, tr
->anchor_job
, mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1647 r
= transaction_activate(tr
, m
, mode
, e
);
1651 transaction_free(tr
);
1655 transaction_abort(tr
);
1656 transaction_free(tr
);
1660 Job
*manager_get_job(Manager
*m
, uint32_t id
) {
1663 return hashmap_get(m
->jobs
, UINT32_TO_PTR(id
));
1666 Unit
*manager_get_unit(Manager
*m
, const char *name
) {
1670 return hashmap_get(m
->units
, name
);
1673 unsigned manager_dispatch_load_queue(Manager
*m
) {
1679 /* Make sure we are not run recursively */
1680 if (m
->dispatching_load_queue
)
1683 m
->dispatching_load_queue
= true;
1685 /* Dispatches the load queue. Takes a unit from the queue and
1686 * tries to load its data until the queue is empty */
1688 while ((u
= m
->load_queue
)) {
1689 assert(u
->in_load_queue
);
1695 m
->dispatching_load_queue
= false;
1699 int manager_load_unit_prepare(
1706 _cleanup_(unit_freep
) Unit
*cleanup_ret
= NULL
;
1712 assert(name
|| path
);
1715 /* This will prepare the unit for loading, but not actually
1716 * load anything from disk. */
1718 if (path
&& !is_path(path
))
1719 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Path %s is not absolute.", path
);
1722 name
= basename(path
);
1724 t
= unit_name_to_type(name
);
1726 if (t
== _UNIT_TYPE_INVALID
|| !unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
)) {
1727 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
))
1728 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is missing the instance name.", name
);
1730 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is not valid.", name
);
1733 ret
= manager_get_unit(m
, name
);
1739 ret
= cleanup_ret
= unit_new(m
, unit_vtable
[t
]->object_size
);
1744 ret
->fragment_path
= strdup(path
);
1745 if (!ret
->fragment_path
)
1749 r
= unit_add_name(ret
, name
);
1753 unit_add_to_load_queue(ret
);
1754 unit_add_to_dbus_queue(ret
);
1755 unit_add_to_gc_queue(ret
);
1763 int manager_load_unit(
1775 /* This will load the service information files, but not actually
1776 * start any services or anything. */
1778 r
= manager_load_unit_prepare(m
, name
, path
, e
, _ret
);
1782 manager_dispatch_load_queue(m
);
1784 *_ret
= unit_follow_merge(*_ret
);
1789 void manager_dump_jobs(Manager
*s
, FILE *f
, const char *prefix
) {
1796 HASHMAP_FOREACH(j
, s
->jobs
, i
)
1797 job_dump(j
, f
, prefix
);
1800 void manager_dump_units(Manager
*s
, FILE *f
, const char *prefix
) {
1808 HASHMAP_FOREACH_KEY(u
, t
, s
->units
, i
)
1810 unit_dump(u
, f
, prefix
);
1813 void manager_dump(Manager
*m
, FILE *f
, const char *prefix
) {
1819 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
1820 char buf
[FORMAT_TIMESTAMP_MAX
];
1822 if (dual_timestamp_is_set(m
->timestamps
+ q
))
1823 fprintf(f
, "%sTimestamp %s: %s\n",
1825 manager_timestamp_to_string(q
),
1826 format_timestamp(buf
, sizeof(buf
), m
->timestamps
[q
].realtime
));
1829 manager_dump_units(m
, f
, prefix
);
1830 manager_dump_jobs(m
, f
, prefix
);
1833 int manager_get_dump_string(Manager
*m
, char **ret
) {
1834 _cleanup_free_
char *dump
= NULL
;
1835 _cleanup_fclose_
FILE *f
= NULL
;
1842 f
= open_memstream(&dump
, &size
);
1846 (void) __fsetlocking(f
, FSETLOCKING_BYCALLER
);
1848 manager_dump(m
, f
, NULL
);
1850 r
= fflush_and_check(f
);
1862 void manager_clear_jobs(Manager
*m
) {
1867 while ((j
= hashmap_first(m
->jobs
)))
1868 /* No need to recurse. We're cancelling all jobs. */
1869 job_finish_and_invalidate(j
, JOB_CANCELED
, false, false);
1872 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
) {
1873 Manager
*m
= userdata
;
1879 while ((j
= m
->run_queue
)) {
1880 assert(j
->installed
);
1881 assert(j
->in_run_queue
);
1883 job_run_and_invalidate(j
);
1886 if (m
->n_running_jobs
> 0)
1887 manager_watch_jobs_in_progress(m
);
1889 if (m
->n_on_console
> 0)
1890 manager_watch_idle_pipe(m
);
1895 static unsigned manager_dispatch_dbus_queue(Manager
*m
) {
1896 unsigned n
= 0, budget
;
1902 if (m
->dispatching_dbus_queue
)
1905 /* Anything to do at all? */
1906 if (!m
->dbus_unit_queue
&& !m
->dbus_job_queue
&& !m
->send_reloading_done
&& !m
->queued_message
)
1909 /* Do we have overly many messages queued at the moment? If so, let's not enqueue more on top, let's sit this
1910 * cycle out, and process things in a later cycle when the queues got a bit emptier. */
1911 if (manager_bus_n_queued_write(m
) > MANAGER_BUS_BUSY_THRESHOLD
)
1914 /* Only process a certain number of units/jobs per event loop iteration. Even if the bus queue wasn't overly
1915 * full before this call we shouldn't increase it in size too wildly in one step, and we shouldn't monopolize
1916 * CPU time with generating these messages. Note the difference in counting of this "budget" and the
1917 * "threshold" above: the "budget" is decreased only once per generated message, regardless how many
1918 * busses/direct connections it is enqueued on, while the "threshold" is applied to each queued instance of bus
1919 * message, i.e. if the same message is enqueued to five busses/direct connections it will be counted five
1920 * times. This difference in counting ("references" vs. "instances") is primarily a result of the fact that
1921 * it's easier to implement it this way, however it also reflects the thinking that the "threshold" should put
1922 * a limit on used queue memory, i.e. space, while the "budget" should put a limit on time. Also note that
1923 * the "threshold" is currently chosen much higher than the "budget". */
1924 budget
= MANAGER_BUS_MESSAGE_BUDGET
;
1926 m
->dispatching_dbus_queue
= true;
1928 while (budget
> 0 && (u
= m
->dbus_unit_queue
)) {
1930 assert(u
->in_dbus_queue
);
1932 bus_unit_send_change_signal(u
);
1936 while (budget
> 0 && (j
= m
->dbus_job_queue
)) {
1937 assert(j
->in_dbus_queue
);
1939 bus_job_send_change_signal(j
);
1943 m
->dispatching_dbus_queue
= false;
1945 if (budget
> 0 && m
->send_reloading_done
) {
1946 m
->send_reloading_done
= false;
1947 bus_manager_send_reloading(m
, false);
1951 if (budget
> 0 && m
->queued_message
) {
1952 bus_send_queued_message(m
);
1959 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
1960 Manager
*m
= userdata
;
1961 char buf
[PATH_MAX
+1];
1964 n
= recv(fd
, buf
, sizeof(buf
), 0);
1966 return log_error_errno(errno
, "Failed to read cgroups agent message: %m");
1968 log_error("Got zero-length cgroups agent message, ignoring.");
1971 if ((size_t) n
>= sizeof(buf
)) {
1972 log_error("Got overly long cgroups agent message, ignoring.");
1976 if (memchr(buf
, 0, n
)) {
1977 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1982 manager_notify_cgroup_empty(m
, buf
);
1983 (void) bus_forward_agent_released(m
, buf
);
1988 static void manager_invoke_notify_message(
1991 const struct ucred
*ucred
,
2000 if (u
->notifygen
== m
->notifygen
) /* Already invoked on this same unit in this same iteration? */
2002 u
->notifygen
= m
->notifygen
;
2004 if (UNIT_VTABLE(u
)->notify_message
) {
2005 _cleanup_strv_free_
char **tags
= NULL
;
2007 tags
= strv_split(buf
, NEWLINE
);
2013 UNIT_VTABLE(u
)->notify_message(u
, ucred
, tags
, fds
);
2015 } else if (DEBUG_LOGGING
) {
2016 _cleanup_free_
char *x
= NULL
, *y
= NULL
;
2018 x
= ellipsize(buf
, 20, 90);
2022 log_unit_debug(u
, "Got notification message \"%s\", ignoring.", strnull(y
));
2026 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2028 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
2029 Manager
*m
= userdata
;
2030 char buf
[NOTIFY_BUFFER_MAX
+1];
2031 struct iovec iovec
= {
2033 .iov_len
= sizeof(buf
)-1,
2036 struct cmsghdr cmsghdr
;
2037 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
2038 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX
)];
2040 struct msghdr msghdr
= {
2043 .msg_control
= &control
,
2044 .msg_controllen
= sizeof(control
),
2047 struct cmsghdr
*cmsg
;
2048 struct ucred
*ucred
= NULL
;
2049 _cleanup_free_ Unit
**array_copy
= NULL
;
2050 Unit
*u1
, *u2
, **array
;
2051 int r
, *fd_array
= NULL
;
2057 assert(m
->notify_fd
== fd
);
2059 if (revents
!= EPOLLIN
) {
2060 log_warning("Got unexpected poll event for notify fd.");
2064 n
= recvmsg(m
->notify_fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
|MSG_TRUNC
);
2066 if (IN_SET(errno
, EAGAIN
, EINTR
))
2067 return 0; /* Spurious wakeup, try again */
2069 /* If this is any other, real error, then let's stop processing this socket. This of course means we
2070 * won't take notification messages anymore, but that's still better than busy looping around this:
2071 * being woken up over and over again but being unable to actually read the message off the socket. */
2072 return log_error_errno(errno
, "Failed to receive notification message: %m");
2075 CMSG_FOREACH(cmsg
, &msghdr
) {
2076 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
2078 fd_array
= (int*) CMSG_DATA(cmsg
);
2079 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
2081 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2082 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
2083 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
))) {
2085 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
2092 r
= fdset_new_array(&fds
, fd_array
, n_fds
);
2094 close_many(fd_array
, n_fds
);
2100 if (!ucred
|| !pid_is_valid(ucred
->pid
)) {
2101 log_warning("Received notify message without valid credentials. Ignoring.");
2105 if ((size_t) n
>= sizeof(buf
) || (msghdr
.msg_flags
& MSG_TRUNC
)) {
2106 log_warning("Received notify message exceeded maximum size. Ignoring.");
2110 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2111 * trailing NUL byte in the message, but don't expect it. */
2112 if (n
> 1 && memchr(buf
, 0, n
-1)) {
2113 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2117 /* Make sure it's NUL-terminated. */
2120 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2123 /* Notify every unit that might be interested, which might be multiple. */
2124 u1
= manager_get_unit_by_pid_cgroup(m
, ucred
->pid
);
2125 u2
= hashmap_get(m
->watch_pids
, PID_TO_PTR(ucred
->pid
));
2126 array
= hashmap_get(m
->watch_pids
, PID_TO_PTR(-ucred
->pid
));
2133 array_copy
= newdup(Unit
*, array
, k
+1);
2137 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2138 * make sure we only invoke each unit's handler once. */
2140 manager_invoke_notify_message(m
, u1
, ucred
, buf
, fds
);
2144 manager_invoke_notify_message(m
, u2
, ucred
, buf
, fds
);
2148 for (size_t i
= 0; array_copy
[i
]; i
++) {
2149 manager_invoke_notify_message(m
, array_copy
[i
], ucred
, buf
, fds
);
2154 log_warning("Cannot find unit for notify message of PID "PID_FMT
", ignoring.", ucred
->pid
);
2156 if (fdset_size(fds
) > 0)
2157 log_warning("Got extra auxiliary fds with notification message, closing them.");
2162 static void manager_invoke_sigchld_event(
2165 const siginfo_t
*si
) {
2171 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2172 if (u
->sigchldgen
== m
->sigchldgen
)
2174 u
->sigchldgen
= m
->sigchldgen
;
2176 log_unit_debug(u
, "Child "PID_FMT
" belongs to %s.", si
->si_pid
, u
->id
);
2177 unit_unwatch_pid(u
, si
->si_pid
);
2179 if (UNIT_VTABLE(u
)->sigchld_event
)
2180 UNIT_VTABLE(u
)->sigchld_event(u
, si
->si_pid
, si
->si_code
, si
->si_status
);
2183 static int manager_dispatch_sigchld(sd_event_source
*source
, void *userdata
) {
2184 Manager
*m
= userdata
;
2191 /* First we call waitd() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
2192 * while it is a zombie. */
2194 if (waitid(P_ALL
, 0, &si
, WEXITED
|WNOHANG
|WNOWAIT
) < 0) {
2196 if (errno
!= ECHILD
)
2197 log_error_errno(errno
, "Failed to peek for child with waitid(), ignoring: %m");
2205 if (IN_SET(si
.si_code
, CLD_EXITED
, CLD_KILLED
, CLD_DUMPED
)) {
2206 _cleanup_free_ Unit
**array_copy
= NULL
;
2207 _cleanup_free_
char *name
= NULL
;
2208 Unit
*u1
, *u2
, **array
;
2210 (void) get_process_comm(si
.si_pid
, &name
);
2212 log_debug("Child "PID_FMT
" (%s) died (code=%s, status=%i/%s)",
2213 si
.si_pid
, strna(name
),
2214 sigchld_code_to_string(si
.si_code
),
2216 strna(si
.si_code
== CLD_EXITED
2217 ? exit_status_to_string(si
.si_status
, EXIT_STATUS_FULL
)
2218 : signal_to_string(si
.si_status
)));
2220 /* Increase the generation counter used for filtering out duplicate unit invocations */
2223 /* And now figure out the unit this belongs to, it might be multiple... */
2224 u1
= manager_get_unit_by_pid_cgroup(m
, si
.si_pid
);
2225 u2
= hashmap_get(m
->watch_pids
, PID_TO_PTR(si
.si_pid
));
2226 array
= hashmap_get(m
->watch_pids
, PID_TO_PTR(-si
.si_pid
));
2230 /* Cound how many entries the array has */
2234 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2235 array_copy
= newdup(Unit
*, array
, n
+1);
2240 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2241 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2242 * each iteration. */
2244 manager_invoke_sigchld_event(m
, u1
, &si
);
2246 manager_invoke_sigchld_event(m
, u2
, &si
);
2248 for (size_t i
= 0; array_copy
[i
]; i
++)
2249 manager_invoke_sigchld_event(m
, array_copy
[i
], &si
);
2252 /* And now, we actually reap the zombie. */
2253 if (waitid(P_PID
, si
.si_pid
, &si
, WEXITED
) < 0) {
2254 log_error_errno(errno
, "Failed to dequeue child, ignoring: %m");
2261 /* All children processed for now, turn off event source */
2263 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_OFF
);
2265 return log_error_errno(r
, "Failed to disable SIGCHLD event source: %m");
2270 static void manager_start_target(Manager
*m
, const char *name
, JobMode mode
) {
2271 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2274 log_debug("Activating special unit %s", name
);
2276 r
= manager_add_job_by_name(m
, JOB_START
, name
, mode
, &error
, NULL
);
2278 log_error("Failed to enqueue %s job: %s", name
, bus_error_message(&error
, r
));
2281 static void manager_handle_ctrl_alt_del(Manager
*m
) {
2282 /* If the user presses C-A-D more than
2283 * 7 times within 2s, we reboot/shutdown immediately,
2284 * unless it was disabled in system.conf */
2286 if (ratelimit_test(&m
->ctrl_alt_del_ratelimit
) || m
->cad_burst_action
== EMERGENCY_ACTION_NONE
)
2287 manager_start_target(m
, SPECIAL_CTRL_ALT_DEL_TARGET
, JOB_REPLACE_IRREVERSIBLY
);
2289 emergency_action(m
, m
->cad_burst_action
, NULL
,
2290 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2293 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2294 Manager
*m
= userdata
;
2296 struct signalfd_siginfo sfsi
;
2300 assert(m
->signal_fd
== fd
);
2302 if (revents
!= EPOLLIN
) {
2303 log_warning("Got unexpected events from signal file descriptor.");
2307 n
= read(m
->signal_fd
, &sfsi
, sizeof(sfsi
));
2308 if (n
!= sizeof(sfsi
)) {
2310 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n
);
2314 if (IN_SET(errno
, EINTR
, EAGAIN
))
2317 /* We return an error here, which will kill this handler,
2318 * to avoid a busy loop on read error. */
2319 return log_error_errno(errno
, "Reading from signal fd failed: %m");
2322 log_received_signal(sfsi
.ssi_signo
== SIGCHLD
||
2323 (sfsi
.ssi_signo
== SIGTERM
&& MANAGER_IS_USER(m
))
2324 ? LOG_DEBUG
: LOG_INFO
,
2327 switch (sfsi
.ssi_signo
) {
2330 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_ON
);
2332 log_warning_errno(r
, "Failed to enable SIGCHLD event source, ignoring: %m");
2337 if (MANAGER_IS_SYSTEM(m
)) {
2338 /* This is for compatibility with the original sysvinit */
2339 r
= verify_run_space_and_log("Refusing to reexecute");
2341 m
->exit_code
= MANAGER_REEXECUTE
;
2347 if (MANAGER_IS_SYSTEM(m
))
2348 manager_handle_ctrl_alt_del(m
);
2350 manager_start_target(m
, SPECIAL_EXIT_TARGET
,
2351 JOB_REPLACE_IRREVERSIBLY
);
2355 /* This is a nop on non-init */
2356 if (MANAGER_IS_SYSTEM(m
))
2357 manager_start_target(m
, SPECIAL_KBREQUEST_TARGET
, JOB_REPLACE
);
2362 /* This is a nop on non-init */
2363 if (MANAGER_IS_SYSTEM(m
))
2364 manager_start_target(m
, SPECIAL_SIGPWR_TARGET
, JOB_REPLACE
);
2369 if (manager_dbus_is_running(m
, false)) {
2370 log_info("Trying to reconnect to bus...");
2372 (void) bus_init_api(m
);
2374 if (MANAGER_IS_SYSTEM(m
))
2375 (void) bus_init_system(m
);
2377 log_info("Starting D-Bus service...");
2378 manager_start_target(m
, SPECIAL_DBUS_SERVICE
, JOB_REPLACE
);
2384 _cleanup_free_
char *dump
= NULL
;
2386 r
= manager_get_dump_string(m
, &dump
);
2388 log_warning_errno(errno
, "Failed to acquire manager dump: %m");
2392 log_dump(LOG_INFO
, dump
);
2397 r
= verify_run_space_and_log("Refusing to reload");
2399 m
->exit_code
= MANAGER_RELOAD
;
2404 /* Starting SIGRTMIN+0 */
2405 static const struct {
2408 } target_table
[] = {
2409 [0] = { SPECIAL_DEFAULT_TARGET
, JOB_ISOLATE
},
2410 [1] = { SPECIAL_RESCUE_TARGET
, JOB_ISOLATE
},
2411 [2] = { SPECIAL_EMERGENCY_TARGET
, JOB_ISOLATE
},
2412 [3] = { SPECIAL_HALT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2413 [4] = { SPECIAL_POWEROFF_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2414 [5] = { SPECIAL_REBOOT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2415 [6] = { SPECIAL_KEXEC_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2418 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2419 static const ManagerExitCode code_table
[] = {
2421 [1] = MANAGER_POWEROFF
,
2422 [2] = MANAGER_REBOOT
,
2423 [3] = MANAGER_KEXEC
,
2426 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+0 &&
2427 (int) sfsi
.ssi_signo
< SIGRTMIN
+(int) ELEMENTSOF(target_table
)) {
2428 int idx
= (int) sfsi
.ssi_signo
- SIGRTMIN
;
2429 manager_start_target(m
, target_table
[idx
].target
,
2430 target_table
[idx
].mode
);
2434 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+13 &&
2435 (int) sfsi
.ssi_signo
< SIGRTMIN
+13+(int) ELEMENTSOF(code_table
)) {
2436 m
->exit_code
= code_table
[sfsi
.ssi_signo
- SIGRTMIN
- 13];
2440 switch (sfsi
.ssi_signo
- SIGRTMIN
) {
2443 manager_set_show_status(m
, SHOW_STATUS_YES
);
2447 manager_set_show_status(m
, SHOW_STATUS_NO
);
2451 log_set_max_level(LOG_DEBUG
);
2452 log_info("Setting log level to debug.");
2456 log_set_max_level(LOG_INFO
);
2457 log_info("Setting log level to info.");
2461 if (MANAGER_IS_USER(m
)) {
2462 m
->exit_code
= MANAGER_EXIT
;
2466 /* This is a nop on init */
2470 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2471 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG
);
2472 log_notice("Setting log target to journal-or-kmsg.");
2476 log_set_target(LOG_TARGET_CONSOLE
);
2477 log_notice("Setting log target to console.");
2481 log_set_target(LOG_TARGET_KMSG
);
2482 log_notice("Setting log target to kmsg.");
2486 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi
.ssi_signo
));
2493 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2494 Manager
*m
= userdata
;
2499 assert(m
->time_change_fd
== fd
);
2501 log_struct(LOG_DEBUG
,
2502 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR
,
2503 LOG_MESSAGE("Time has been changed"),
2506 /* Restart the watch */
2507 m
->time_change_event_source
= sd_event_source_unref(m
->time_change_event_source
);
2508 m
->time_change_fd
= safe_close(m
->time_change_fd
);
2510 manager_setup_time_change(m
);
2512 HASHMAP_FOREACH(u
, m
->units
, i
)
2513 if (UNIT_VTABLE(u
)->time_change
)
2514 UNIT_VTABLE(u
)->time_change(u
);
2519 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2520 Manager
*m
= userdata
;
2523 assert(m
->idle_pipe
[2] == fd
);
2525 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2526 * now turn off any further console output if there's at least one service that needs console access, so that
2527 * from now on our own output should not spill into that service's output anymore. After all, we support
2528 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2529 * exclusively without our interference. */
2530 m
->no_console_output
= m
->n_on_console
> 0;
2532 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2533 * by closing the pipes towards them, which is what they are waiting for. */
2534 manager_close_idle_pipe(m
);
2539 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
) {
2540 Manager
*m
= userdata
;
2547 manager_print_jobs_in_progress(m
);
2549 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_PERIOD_USEC
;
2550 r
= sd_event_source_set_time(source
, next
);
2554 return sd_event_source_set_enabled(source
, SD_EVENT_ONESHOT
);
2557 int manager_loop(Manager
*m
) {
2560 RATELIMIT_DEFINE(rl
, 1*USEC_PER_SEC
, 50000);
2563 m
->exit_code
= MANAGER_OK
;
2565 /* Release the path cache */
2566 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
2568 manager_check_finished(m
);
2570 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2571 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_ON
);
2573 return log_error_errno(r
, "Failed to enable SIGCHLD event source: %m");
2575 while (m
->exit_code
== MANAGER_OK
) {
2578 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
))
2581 if (!ratelimit_test(&rl
)) {
2582 /* Yay, something is going seriously wrong, pause a little */
2583 log_warning("Looping too fast. Throttling execution a little.");
2587 if (manager_dispatch_load_queue(m
) > 0)
2590 if (manager_dispatch_gc_job_queue(m
) > 0)
2593 if (manager_dispatch_gc_unit_queue(m
) > 0)
2596 if (manager_dispatch_cleanup_queue(m
) > 0)
2599 if (manager_dispatch_cgroup_realize_queue(m
) > 0)
2602 if (manager_dispatch_dbus_queue(m
) > 0)
2605 /* Sleep for half the watchdog time */
2606 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
)) {
2607 wait_usec
= m
->runtime_watchdog
/ 2;
2611 wait_usec
= USEC_INFINITY
;
2613 r
= sd_event_run(m
->event
, wait_usec
);
2615 return log_error_errno(r
, "Failed to run event loop: %m");
2618 return m
->exit_code
;
2621 int manager_load_unit_from_dbus_path(Manager
*m
, const char *s
, sd_bus_error
*e
, Unit
**_u
) {
2622 _cleanup_free_
char *n
= NULL
;
2623 sd_id128_t invocation_id
;
2631 r
= unit_name_from_dbus_path(s
, &n
);
2635 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2636 * as invocation ID. */
2637 r
= sd_id128_from_string(n
, &invocation_id
);
2639 u
= hashmap_get(m
->units_by_invocation_id
, &invocation_id
);
2645 return sd_bus_error_setf(e
, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID
, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR
" known.", SD_ID128_FORMAT_VAL(invocation_id
));
2648 /* If this didn't work, we check if this is a unit name */
2649 if (!unit_name_is_valid(n
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
2650 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is neither a valid invocation ID nor unit name.", n
);
2652 r
= manager_load_unit(m
, n
, NULL
, e
, &u
);
2660 int manager_get_job_from_dbus_path(Manager
*m
, const char *s
, Job
**_j
) {
2670 p
= startswith(s
, "/org/freedesktop/systemd1/job/");
2674 r
= safe_atou(p
, &id
);
2678 j
= manager_get_job(m
, id
);
2687 void manager_send_unit_audit(Manager
*m
, Unit
*u
, int type
, bool success
) {
2690 _cleanup_free_
char *p
= NULL
;
2694 if (!MANAGER_IS_SYSTEM(m
))
2697 audit_fd
= get_audit_fd();
2701 /* Don't generate audit events if the service was already
2702 * started and we're just deserializing */
2703 if (MANAGER_IS_RELOADING(m
))
2706 if (u
->type
!= UNIT_SERVICE
)
2709 r
= unit_name_to_prefix_and_instance(u
->id
, &p
);
2711 log_error_errno(r
, "Failed to extract prefix and instance of unit name: %m");
2715 msg
= strjoina("unit=", p
);
2716 if (audit_log_user_comm_message(audit_fd
, type
, msg
, "systemd", NULL
, NULL
, NULL
, success
) < 0) {
2718 /* We aren't allowed to send audit messages?
2719 * Then let's not retry again. */
2722 log_warning_errno(errno
, "Failed to send audit message: %m");
2728 void manager_send_unit_plymouth(Manager
*m
, Unit
*u
) {
2729 static const union sockaddr_union sa
= PLYMOUTH_SOCKET
;
2730 _cleanup_free_
char *message
= NULL
;
2731 _cleanup_close_
int fd
= -1;
2734 /* Don't generate plymouth events if the service was already
2735 * started and we're just deserializing */
2736 if (MANAGER_IS_RELOADING(m
))
2739 if (!MANAGER_IS_SYSTEM(m
))
2742 if (detect_container() > 0)
2745 if (!IN_SET(u
->type
, UNIT_SERVICE
, UNIT_MOUNT
, UNIT_SWAP
))
2748 /* We set SOCK_NONBLOCK here so that we rather drop the
2749 * message then wait for plymouth */
2750 fd
= socket(AF_UNIX
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2752 log_error_errno(errno
, "socket() failed: %m");
2756 if (connect(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
)) < 0) {
2757 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2758 log_error_errno(errno
, "connect() failed: %m");
2762 if (asprintf(&message
, "U\002%c%s%n", (int) (strlen(u
->id
) + 1), u
->id
, &n
) < 0) {
2768 if (write(fd
, message
, n
+ 1) != n
+ 1)
2769 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2770 log_error_errno(errno
, "Failed to write Plymouth message: %m");
2773 int manager_open_serialization(Manager
*m
, FILE **_f
) {
2779 fd
= open_serialization_fd("systemd-state");
2783 f
= fdopen(fd
, "w+");
2793 int manager_serialize(Manager
*m
, FILE *f
, FDSet
*fds
, bool switching_root
) {
2806 fprintf(f
, "current-job-id=%"PRIu32
"\n", m
->current_job_id
);
2807 fprintf(f
, "n-installed-jobs=%u\n", m
->n_installed_jobs
);
2808 fprintf(f
, "n-failed-jobs=%u\n", m
->n_failed_jobs
);
2809 fprintf(f
, "taint-usr=%s\n", yes_no(m
->taint_usr
));
2810 fprintf(f
, "ready-sent=%s\n", yes_no(m
->ready_sent
));
2811 fprintf(f
, "taint-logged=%s\n", yes_no(m
->taint_logged
));
2812 fprintf(f
, "service-watchdogs=%s\n", yes_no(m
->service_watchdogs
));
2814 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
2815 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2816 if (in_initrd() && IN_SET(q
, MANAGER_TIMESTAMP_USERSPACE
, MANAGER_TIMESTAMP_FINISH
))
2819 t
= manager_timestamp_to_string(q
);
2821 char field
[strlen(t
) + STRLEN("-timestamp") + 1];
2822 strcpy(stpcpy(field
, t
), "-timestamp");
2823 dual_timestamp_serialize(f
, field
, m
->timestamps
+ q
);
2827 if (!switching_root
)
2828 (void) serialize_environment(f
, m
->environment
);
2830 if (m
->notify_fd
>= 0) {
2833 copy
= fdset_put_dup(fds
, m
->notify_fd
);
2837 fprintf(f
, "notify-fd=%i\n", copy
);
2838 fprintf(f
, "notify-socket=%s\n", m
->notify_socket
);
2841 if (m
->cgroups_agent_fd
>= 0) {
2844 copy
= fdset_put_dup(fds
, m
->cgroups_agent_fd
);
2848 fprintf(f
, "cgroups-agent-fd=%i\n", copy
);
2851 if (m
->user_lookup_fds
[0] >= 0) {
2854 copy0
= fdset_put_dup(fds
, m
->user_lookup_fds
[0]);
2858 copy1
= fdset_put_dup(fds
, m
->user_lookup_fds
[1]);
2862 fprintf(f
, "user-lookup=%i %i\n", copy0
, copy1
);
2865 bus_track_serialize(m
->subscribed
, f
, "subscribed");
2867 r
= dynamic_user_serialize(m
, f
, fds
);
2871 manager_serialize_uid_refs(m
, f
);
2872 manager_serialize_gid_refs(m
, f
);
2874 r
= exec_runtime_serialize(m
, f
, fds
);
2878 (void) fputc('\n', f
);
2880 HASHMAP_FOREACH_KEY(u
, t
, m
->units
, i
) {
2888 r
= unit_serialize(u
, f
, fds
, !switching_root
);
2895 assert(m
->n_reloading
> 0);
2901 r
= bus_fdset_add_all(m
, fds
);
2908 int manager_deserialize(Manager
*m
, FILE *f
, FDSet
*fds
) {
2914 log_debug("Deserializing state...");
2919 char line
[LINE_MAX
];
2920 const char *val
, *l
;
2922 if (!fgets(line
, sizeof(line
), f
)) {
2937 if ((val
= startswith(l
, "current-job-id="))) {
2940 if (safe_atou32(val
, &id
) < 0)
2941 log_notice("Failed to parse current job id value %s", val
);
2943 m
->current_job_id
= MAX(m
->current_job_id
, id
);
2945 } else if ((val
= startswith(l
, "n-installed-jobs="))) {
2948 if (safe_atou32(val
, &n
) < 0)
2949 log_notice("Failed to parse installed jobs counter %s", val
);
2951 m
->n_installed_jobs
+= n
;
2953 } else if ((val
= startswith(l
, "n-failed-jobs="))) {
2956 if (safe_atou32(val
, &n
) < 0)
2957 log_notice("Failed to parse failed jobs counter %s", val
);
2959 m
->n_failed_jobs
+= n
;
2961 } else if ((val
= startswith(l
, "taint-usr="))) {
2964 b
= parse_boolean(val
);
2966 log_notice("Failed to parse taint /usr flag %s", val
);
2968 m
->taint_usr
= m
->taint_usr
|| b
;
2970 } else if ((val
= startswith(l
, "ready-sent="))) {
2973 b
= parse_boolean(val
);
2975 log_notice("Failed to parse ready-sent flag %s", val
);
2977 m
->ready_sent
= m
->ready_sent
|| b
;
2979 } else if ((val
= startswith(l
, "taint-logged="))) {
2982 b
= parse_boolean(val
);
2984 log_notice("Failed to parse taint-logged flag %s", val
);
2986 m
->taint_logged
= m
->taint_logged
|| b
;
2988 } else if ((val
= startswith(l
, "service-watchdogs="))) {
2991 b
= parse_boolean(val
);
2993 log_notice("Failed to parse service-watchdogs flag %s", val
);
2995 m
->service_watchdogs
= b
;
2997 } else if (startswith(l
, "env=")) {
2998 r
= deserialize_environment(&m
->environment
, l
);
3002 log_notice_errno(r
, "Failed to parse environment entry: \"%s\": %m", l
);
3004 } else if ((val
= startswith(l
, "notify-fd="))) {
3007 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
3008 log_notice("Failed to parse notify fd: \"%s\"", val
);
3010 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
3011 safe_close(m
->notify_fd
);
3012 m
->notify_fd
= fdset_remove(fds
, fd
);
3015 } else if ((val
= startswith(l
, "notify-socket="))) {
3024 free(m
->notify_socket
);
3025 m
->notify_socket
= n
;
3027 } else if ((val
= startswith(l
, "cgroups-agent-fd="))) {
3030 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
3031 log_notice("Failed to parse cgroups agent fd: %s", val
);
3033 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
3034 safe_close(m
->cgroups_agent_fd
);
3035 m
->cgroups_agent_fd
= fdset_remove(fds
, fd
);
3038 } else if ((val
= startswith(l
, "user-lookup="))) {
3041 if (sscanf(val
, "%i %i", &fd0
, &fd1
) != 2 || fd0
< 0 || fd1
< 0 || fd0
== fd1
|| !fdset_contains(fds
, fd0
) || !fdset_contains(fds
, fd1
))
3042 log_notice("Failed to parse user lookup fd: %s", val
);
3044 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
3045 safe_close_pair(m
->user_lookup_fds
);
3046 m
->user_lookup_fds
[0] = fdset_remove(fds
, fd0
);
3047 m
->user_lookup_fds
[1] = fdset_remove(fds
, fd1
);
3050 } else if ((val
= startswith(l
, "dynamic-user=")))
3051 dynamic_user_deserialize_one(m
, val
, fds
);
3052 else if ((val
= startswith(l
, "destroy-ipc-uid=")))
3053 manager_deserialize_uid_refs_one(m
, val
);
3054 else if ((val
= startswith(l
, "destroy-ipc-gid=")))
3055 manager_deserialize_gid_refs_one(m
, val
);
3056 else if ((val
= startswith(l
, "exec-runtime=")))
3057 exec_runtime_deserialize_one(m
, val
, fds
);
3058 else if ((val
= startswith(l
, "subscribed="))) {
3060 if (strv_extend(&m
->deserialized_subscribed
, val
) < 0)
3065 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
3066 val
= startswith(l
, manager_timestamp_to_string(q
));
3070 val
= startswith(val
, "-timestamp=");
3075 if (q
< _MANAGER_TIMESTAMP_MAX
) /* found it */
3076 dual_timestamp_deserialize(val
, m
->timestamps
+ q
);
3077 else if (!startswith(l
, "kdbus-fd=")) /* ignore kdbus */
3078 log_notice("Unknown serialization item '%s'", l
);
3084 char name
[UNIT_NAME_MAX
+2];
3085 const char* unit_name
;
3088 if (!fgets(name
, sizeof(name
), f
)) {
3098 unit_name
= strstrip(name
);
3100 r
= manager_load_unit(m
, unit_name
, NULL
, NULL
, &u
);
3102 log_notice_errno(r
, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name
);
3105 unit_deserialize_skip(f
);
3109 r
= unit_deserialize(u
, f
, fds
);
3111 log_notice_errno(r
, "Failed to deserialize unit \"%s\": %m", unit_name
);
3121 assert(m
->n_reloading
> 0);
3127 int manager_reload(Manager
*m
) {
3129 _cleanup_fclose_
FILE *f
= NULL
;
3130 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
3134 r
= manager_open_serialization(m
, &f
);
3139 bus_manager_send_reloading(m
, true);
3147 r
= manager_serialize(m
, f
, fds
, false);
3153 if (fseeko(f
, 0, SEEK_SET
) < 0) {
3158 /* From here on there is no way back. */
3159 manager_clear_jobs_and_units(m
);
3160 lookup_paths_flush_generator(&m
->lookup_paths
);
3161 lookup_paths_free(&m
->lookup_paths
);
3162 exec_runtime_vacuum(m
);
3163 dynamic_user_vacuum(m
, false);
3164 m
->uid_refs
= hashmap_free(m
->uid_refs
);
3165 m
->gid_refs
= hashmap_free(m
->gid_refs
);
3167 q
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
, 0, NULL
);
3168 if (q
< 0 && r
>= 0)
3171 q
= manager_run_environment_generators(m
);
3172 if (q
< 0 && r
>= 0)
3175 /* Find new unit paths */
3176 q
= manager_run_generators(m
);
3177 if (q
< 0 && r
>= 0)
3180 lookup_paths_reduce(&m
->lookup_paths
);
3181 manager_build_unit_path_cache(m
);
3183 /* First, enumerate what we can from all config files */
3184 manager_enumerate(m
);
3186 /* Second, deserialize our stored data */
3187 q
= manager_deserialize(m
, f
, fds
);
3189 log_error_errno(q
, "Deserialization failed: %m");
3198 /* Re-register notify_fd as event source */
3199 q
= manager_setup_notify(m
);
3200 if (q
< 0 && r
>= 0)
3203 q
= manager_setup_cgroups_agent(m
);
3204 if (q
< 0 && r
>= 0)
3207 q
= manager_setup_user_lookup_fd(m
);
3208 if (q
< 0 && r
>= 0)
3211 /* Third, fire things up! */
3212 manager_coldplug(m
);
3214 /* Release any dynamic users no longer referenced */
3215 dynamic_user_vacuum(m
, true);
3217 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3218 manager_vacuum_uid_refs(m
);
3219 manager_vacuum_gid_refs(m
);
3221 exec_runtime_vacuum(m
);
3223 assert(m
->n_reloading
> 0);
3226 /* It might be safe to log to the journal now and connect to dbus */
3227 manager_recheck_journal(m
);
3228 manager_recheck_dbus(m
);
3230 /* Sync current state of bus names with our set of listening units */
3231 q
= manager_enqueue_sync_bus_names(m
);
3232 if (q
< 0 && r
>= 0)
3235 m
->send_reloading_done
= true;
3240 void manager_reset_failed(Manager
*m
) {
3246 HASHMAP_FOREACH(u
, m
->units
, i
)
3247 unit_reset_failed(u
);
3250 bool manager_unit_inactive_or_pending(Manager
*m
, const char *name
) {
3256 /* Returns true if the unit is inactive or going down */
3257 u
= manager_get_unit(m
, name
);
3261 return unit_inactive_or_pending(u
);
3264 static void log_taint_string(Manager
*m
) {
3265 _cleanup_free_
char *taint
= NULL
;
3269 if (MANAGER_IS_USER(m
) || m
->taint_logged
)
3272 m
->taint_logged
= true; /* only check for taint once */
3274 taint
= manager_taint_string(m
);
3278 log_struct(LOG_NOTICE
,
3279 LOG_MESSAGE("System is tainted: %s", taint
),
3281 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR
,
3285 static void manager_notify_finished(Manager
*m
) {
3286 char userspace
[FORMAT_TIMESPAN_MAX
], initrd
[FORMAT_TIMESPAN_MAX
], kernel
[FORMAT_TIMESPAN_MAX
], sum
[FORMAT_TIMESPAN_MAX
];
3287 usec_t firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
;
3289 if (m
->test_run_flags
)
3292 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0) {
3293 char ts
[FORMAT_TIMESPAN_MAX
];
3294 char buf
[FORMAT_TIMESPAN_MAX
+ STRLEN(" (firmware) + ") + FORMAT_TIMESPAN_MAX
+ STRLEN(" (loader) + ")]
3297 size_t size
= sizeof buf
;
3299 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3300 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3301 * negative values. */
3303 firmware_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FIRMWARE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_LOADER
].monotonic
;
3304 loader_usec
= m
->timestamps
[MANAGER_TIMESTAMP_LOADER
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3305 userspace_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
;
3306 total_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FIRMWARE
].monotonic
+ m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
;
3308 if (firmware_usec
> 0)
3309 size
= strpcpyf(&p
, size
, "%s (firmware) + ", format_timespan(ts
, sizeof(ts
), firmware_usec
, USEC_PER_MSEC
));
3310 if (loader_usec
> 0)
3311 size
= strpcpyf(&p
, size
, "%s (loader) + ", format_timespan(ts
, sizeof(ts
), loader_usec
, USEC_PER_MSEC
));
3313 if (dual_timestamp_is_set(&m
->timestamps
[MANAGER_TIMESTAMP_INITRD
])) {
3315 /* The initrd case on bare-metal*/
3316 kernel_usec
= m
->timestamps
[MANAGER_TIMESTAMP_INITRD
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3317 initrd_usec
= m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_INITRD
].monotonic
;
3319 log_struct(LOG_INFO
,
3320 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3321 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3322 "INITRD_USEC="USEC_FMT
, initrd_usec
,
3323 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3324 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (initrd) + %s (userspace) = %s.",
3326 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3327 format_timespan(initrd
, sizeof(initrd
), initrd_usec
, USEC_PER_MSEC
),
3328 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3329 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3332 /* The initrd-less case on bare-metal*/
3334 kernel_usec
= m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3337 log_struct(LOG_INFO
,
3338 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3339 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3340 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3341 LOG_MESSAGE("Startup finished in %s%s (kernel) + %s (userspace) = %s.",
3343 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3344 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3345 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3349 /* The container and --user case */
3350 firmware_usec
= loader_usec
= initrd_usec
= kernel_usec
= 0;
3351 total_usec
= userspace_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
;
3353 log_struct(LOG_INFO
,
3354 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR
,
3355 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3356 LOG_MESSAGE("Startup finished in %s.",
3357 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3361 bus_manager_send_finished(m
, firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
);
3364 m
->ready_sent
? "STATUS=Startup finished in %s."
3366 "STATUS=Startup finished in %s.",
3367 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
));
3368 m
->ready_sent
= true;
3370 log_taint_string(m
);
3373 static void manager_send_ready(Manager
*m
) {
3376 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3377 if (!MANAGER_IS_USER(m
) || m
->ready_sent
)
3380 m
->ready_sent
= true;
3384 "STATUS=Reached " SPECIAL_BASIC_TARGET
".");
3387 static void manager_check_basic_target(Manager
*m
) {
3392 /* Small shortcut */
3393 if (m
->ready_sent
&& m
->taint_logged
)
3396 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3397 if (!u
|| !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
3400 /* For user managers, send out READY=1 as soon as we reach basic.target */
3401 manager_send_ready(m
);
3403 /* Log the taint string as soon as we reach basic.target */
3404 log_taint_string(m
);
3407 void manager_check_finished(Manager
*m
) {
3410 if (MANAGER_IS_RELOADING(m
))
3413 /* Verify that we have entered the event loop already, and not left it again. */
3414 if (!MANAGER_IS_RUNNING(m
))
3417 manager_check_basic_target(m
);
3419 if (hashmap_size(m
->jobs
) > 0) {
3420 if (m
->jobs_in_progress_event_source
)
3421 /* Ignore any failure, this is only for feedback */
3422 (void) sd_event_source_set_time(m
->jobs_in_progress_event_source
, now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
);
3427 manager_flip_auto_status(m
, false);
3429 /* Notify Type=idle units that we are done now */
3430 manager_close_idle_pipe(m
);
3432 /* Turn off confirm spawn now */
3433 m
->confirm_spawn
= NULL
;
3435 /* No need to update ask password status when we're going non-interactive */
3436 manager_close_ask_password(m
);
3438 /* This is no longer the first boot */
3439 manager_set_first_boot(m
, false);
3441 if (MANAGER_IS_FINISHED(m
))
3444 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_FINISH
);
3446 manager_notify_finished(m
);
3448 manager_invalidate_startup_units(m
);
3451 static bool generator_path_any(const char* const* paths
) {
3455 /* Optimize by skipping the whole process by not creating output directories
3456 * if no generators are found. */
3457 STRV_FOREACH(path
, (char**) paths
)
3458 if (access(*path
, F_OK
) == 0)
3460 else if (errno
!= ENOENT
)
3461 log_warning_errno(errno
, "Failed to open generator directory %s: %m", *path
);
3466 static const char* system_env_generator_binary_paths
[] = {
3467 "/run/systemd/system-environment-generators",
3468 "/etc/systemd/system-environment-generators",
3469 "/usr/local/lib/systemd/system-environment-generators",
3470 SYSTEM_ENV_GENERATOR_PATH
,
3474 static const char* user_env_generator_binary_paths
[] = {
3475 "/run/systemd/user-environment-generators",
3476 "/etc/systemd/user-environment-generators",
3477 "/usr/local/lib/systemd/user-environment-generators",
3478 USER_ENV_GENERATOR_PATH
,
3482 static int manager_run_environment_generators(Manager
*m
) {
3483 char **tmp
= NULL
; /* this is only used in the forked process, no cleanup here */
3485 void* args
[] = {&tmp
, &tmp
, &m
->environment
};
3487 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_ENV_GENERATORS
))
3490 paths
= MANAGER_IS_SYSTEM(m
) ? system_env_generator_binary_paths
: user_env_generator_binary_paths
;
3492 if (!generator_path_any(paths
))
3495 return execute_directories(paths
, DEFAULT_TIMEOUT_USEC
, gather_environment
, args
, NULL
);
3498 static int manager_run_generators(Manager
*m
) {
3499 _cleanup_strv_free_
char **paths
= NULL
;
3500 const char *argv
[5];
3505 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_GENERATORS
))
3508 paths
= generator_binary_paths(m
->unit_file_scope
);
3512 if (!generator_path_any((const char* const*) paths
))
3515 r
= lookup_paths_mkdir_generator(&m
->lookup_paths
);
3519 argv
[0] = NULL
; /* Leave this empty, execute_directory() will fill something in */
3520 argv
[1] = m
->lookup_paths
.generator
;
3521 argv
[2] = m
->lookup_paths
.generator_early
;
3522 argv
[3] = m
->lookup_paths
.generator_late
;
3525 RUN_WITH_UMASK(0022)
3526 execute_directories((const char* const*) paths
, DEFAULT_TIMEOUT_USEC
,
3527 NULL
, NULL
, (char**) argv
);
3530 lookup_paths_trim_generator(&m
->lookup_paths
);
3534 int manager_environment_add(Manager
*m
, char **minus
, char **plus
) {
3535 char **a
= NULL
, **b
= NULL
, **l
;
3540 if (!strv_isempty(minus
)) {
3541 a
= strv_env_delete(l
, 1, minus
);
3548 if (!strv_isempty(plus
)) {
3549 b
= strv_env_merge(2, l
, plus
);
3558 if (m
->environment
!= l
)
3559 strv_free(m
->environment
);
3566 manager_sanitize_environment(m
);
3571 int manager_set_default_rlimits(Manager
*m
, struct rlimit
**default_rlimit
) {
3576 for (i
= 0; i
< _RLIMIT_MAX
; i
++) {
3577 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
3579 if (!default_rlimit
[i
])
3582 m
->rlimit
[i
] = newdup(struct rlimit
, default_rlimit
[i
], 1);
3590 void manager_recheck_dbus(Manager
*m
) {
3593 /* Connects to the bus if the dbus service and socket are running. If we are running in user mode this is all
3594 * it does. In system mode we'll also connect to the system bus (which will most likely just reuse the
3595 * connection of the API bus). That's because the system bus after all runs as service of the system instance,
3596 * while in the user instance we can assume it's already there. */
3598 if (MANAGER_IS_RELOADING(m
))
3599 return; /* don't check while we are reloading… */
3601 if (manager_dbus_is_running(m
, false)) {
3602 (void) bus_init_api(m
);
3604 if (MANAGER_IS_SYSTEM(m
))
3605 (void) bus_init_system(m
);
3607 (void) bus_done_api(m
);
3609 if (MANAGER_IS_SYSTEM(m
))
3610 (void) bus_done_system(m
);
3614 static bool manager_journal_is_running(Manager
*m
) {
3619 if (m
->test_run_flags
!= 0)
3622 /* If we are the user manager we can safely assume that the journal is up */
3623 if (!MANAGER_IS_SYSTEM(m
))
3626 /* Check that the socket is not only up, but in RUNNING state */
3627 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SOCKET
);
3630 if (SOCKET(u
)->state
!= SOCKET_RUNNING
)
3633 /* Similar, check if the daemon itself is fully up, too */
3634 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SERVICE
);
3637 if (!IN_SET(SERVICE(u
)->state
, SERVICE_RELOAD
, SERVICE_RUNNING
))
3643 void manager_recheck_journal(Manager
*m
) {
3647 /* Don't bother with this unless we are in the special situation of being PID 1 */
3648 if (getpid_cached() != 1)
3651 /* Don't check this while we are reloading, things might still change */
3652 if (MANAGER_IS_RELOADING(m
))
3655 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. If the
3656 * journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we might trigger
3657 * an activation ourselves we can't fulfill. */
3658 log_set_prohibit_ipc(!manager_journal_is_running(m
));
3662 void manager_set_show_status(Manager
*m
, ShowStatus mode
) {
3664 assert(IN_SET(mode
, SHOW_STATUS_AUTO
, SHOW_STATUS_NO
, SHOW_STATUS_YES
, SHOW_STATUS_TEMPORARY
));
3666 if (!MANAGER_IS_SYSTEM(m
))
3669 if (m
->show_status
!= mode
)
3670 log_debug("%s showing of status.",
3671 mode
== SHOW_STATUS_NO
? "Disabling" : "Enabling");
3672 m
->show_status
= mode
;
3675 (void) touch("/run/systemd/show-status");
3677 (void) unlink("/run/systemd/show-status");
3680 static bool manager_get_show_status(Manager
*m
, StatusType type
) {
3683 if (!MANAGER_IS_SYSTEM(m
))
3686 if (m
->no_console_output
)
3689 if (!IN_SET(manager_state(m
), MANAGER_INITIALIZING
, MANAGER_STARTING
, MANAGER_STOPPING
))
3692 /* If we cannot find out the status properly, just proceed. */
3693 if (type
!= STATUS_TYPE_EMERGENCY
&& manager_check_ask_password(m
) > 0)
3696 return m
->show_status
> 0;
3699 const char *manager_get_confirm_spawn(Manager
*m
) {
3700 static int last_errno
= 0;
3701 const char *vc
= m
->confirm_spawn
;
3705 /* Here's the deal: we want to test the validity of the console but don't want
3706 * PID1 to go through the whole console process which might block. But we also
3707 * want to warn the user only once if something is wrong with the console so we
3708 * cannot do the sanity checks after spawning our children. So here we simply do
3709 * really basic tests to hopefully trap common errors.
3711 * If the console suddenly disappear at the time our children will really it
3712 * then they will simply fail to acquire it and a positive answer will be
3713 * assumed. New children will fallback to /dev/console though.
3715 * Note: TTYs are devices that can come and go any time, and frequently aren't
3716 * available yet during early boot (consider a USB rs232 dongle...). If for any
3717 * reason the configured console is not ready, we fallback to the default
3720 if (!vc
|| path_equal(vc
, "/dev/console"))
3727 if (!S_ISCHR(st
.st_mode
)) {
3735 if (last_errno
!= errno
) {
3737 log_warning_errno(errno
, "Failed to open %s: %m, using default console", vc
);
3739 return "/dev/console";
3742 void manager_set_first_boot(Manager
*m
, bool b
) {
3745 if (!MANAGER_IS_SYSTEM(m
))
3748 if (m
->first_boot
!= (int) b
) {
3750 (void) touch("/run/systemd/first-boot");
3752 (void) unlink("/run/systemd/first-boot");
3758 void manager_disable_confirm_spawn(void) {
3759 (void) touch("/run/systemd/confirm_spawn_disabled");
3762 bool manager_is_confirm_spawn_disabled(Manager
*m
) {
3763 if (!m
->confirm_spawn
)
3766 return access("/run/systemd/confirm_spawn_disabled", F_OK
) >= 0;
3769 void manager_status_printf(Manager
*m
, StatusType type
, const char *status
, const char *format
, ...) {
3772 /* If m is NULL, assume we're after shutdown and let the messages through. */
3774 if (m
&& !manager_get_show_status(m
, type
))
3777 /* XXX We should totally drop the check for ephemeral here
3778 * and thus effectively make 'Type=idle' pointless. */
3779 if (type
== STATUS_TYPE_EPHEMERAL
&& m
&& m
->n_on_console
> 0)
3782 va_start(ap
, format
);
3783 status_vprintf(status
, true, type
== STATUS_TYPE_EPHEMERAL
, format
, ap
);
3787 Set
*manager_get_units_requiring_mounts_for(Manager
*m
, const char *path
) {
3788 char p
[strlen(path
)+1];
3794 path_kill_slashes(p
);
3796 return hashmap_get(m
->units_requiring_mounts_for
, streq(p
, "/") ? "" : p
);
3799 int manager_update_failed_units(Manager
*m
, Unit
*u
, bool failed
) {
3804 assert(u
->manager
== m
);
3806 size
= set_size(m
->failed_units
);
3809 r
= set_ensure_allocated(&m
->failed_units
, NULL
);
3813 if (set_put(m
->failed_units
, u
) < 0)
3816 (void) set_remove(m
->failed_units
, u
);
3818 if (set_size(m
->failed_units
) != size
)
3819 bus_manager_send_change_signal(m
);
3824 ManagerState
manager_state(Manager
*m
) {
3829 /* Did we ever finish booting? If not then we are still starting up */
3830 if (!MANAGER_IS_FINISHED(m
)) {
3832 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3833 if (!u
|| !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
3834 return MANAGER_INITIALIZING
;
3836 return MANAGER_STARTING
;
3839 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3840 u
= manager_get_unit(m
, SPECIAL_SHUTDOWN_TARGET
);
3841 if (u
&& unit_active_or_pending(u
))
3842 return MANAGER_STOPPING
;
3844 if (MANAGER_IS_SYSTEM(m
)) {
3845 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3846 u
= manager_get_unit(m
, SPECIAL_RESCUE_TARGET
);
3847 if (u
&& unit_active_or_pending(u
))
3848 return MANAGER_MAINTENANCE
;
3850 u
= manager_get_unit(m
, SPECIAL_EMERGENCY_TARGET
);
3851 if (u
&& unit_active_or_pending(u
))
3852 return MANAGER_MAINTENANCE
;
3855 /* Are there any failed units? If so, we are in degraded mode */
3856 if (set_size(m
->failed_units
) > 0)
3857 return MANAGER_DEGRADED
;
3859 return MANAGER_RUNNING
;
3862 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3864 static void manager_unref_uid_internal(
3869 int (*_clean_ipc
)(uid_t uid
)) {
3875 assert(uid_is_valid(uid
));
3878 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3879 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3881 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3882 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3883 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3884 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3886 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3887 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3889 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3892 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3894 n
= c
& ~DESTROY_IPC_FLAG
;
3898 if (destroy_now
&& n
== 0) {
3899 hashmap_remove(*uid_refs
, UID_TO_PTR(uid
));
3901 if (c
& DESTROY_IPC_FLAG
) {
3902 log_debug("%s " UID_FMT
" is no longer referenced, cleaning up its IPC.",
3903 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3905 (void) _clean_ipc(uid
);
3908 c
= n
| (c
& DESTROY_IPC_FLAG
);
3909 assert_se(hashmap_update(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
)) >= 0);
3913 void manager_unref_uid(Manager
*m
, uid_t uid
, bool destroy_now
) {
3914 manager_unref_uid_internal(m
, &m
->uid_refs
, uid
, destroy_now
, clean_ipc_by_uid
);
3917 void manager_unref_gid(Manager
*m
, gid_t gid
, bool destroy_now
) {
3918 manager_unref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, destroy_now
, clean_ipc_by_gid
);
3921 static int manager_ref_uid_internal(
3932 assert(uid_is_valid(uid
));
3934 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3935 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3937 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3938 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3940 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3943 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
3947 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3949 n
= c
& ~DESTROY_IPC_FLAG
;
3952 if (n
& DESTROY_IPC_FLAG
) /* check for overflow */
3955 c
= n
| (c
& DESTROY_IPC_FLAG
) | (clean_ipc
? DESTROY_IPC_FLAG
: 0);
3957 return hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
3960 int manager_ref_uid(Manager
*m
, uid_t uid
, bool clean_ipc
) {
3961 return manager_ref_uid_internal(m
, &m
->uid_refs
, uid
, clean_ipc
);
3964 int manager_ref_gid(Manager
*m
, gid_t gid
, bool clean_ipc
) {
3965 return manager_ref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, clean_ipc
);
3968 static void manager_vacuum_uid_refs_internal(
3971 int (*_clean_ipc
)(uid_t uid
)) {
3980 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
3984 uid
= PTR_TO_UID(k
);
3985 c
= PTR_TO_UINT32(p
);
3987 n
= c
& ~DESTROY_IPC_FLAG
;
3991 if (c
& DESTROY_IPC_FLAG
) {
3992 log_debug("Found unreferenced %s " UID_FMT
" after reload/reexec. Cleaning up.",
3993 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3995 (void) _clean_ipc(uid
);
3998 assert_se(hashmap_remove(*uid_refs
, k
) == p
);
4002 void manager_vacuum_uid_refs(Manager
*m
) {
4003 manager_vacuum_uid_refs_internal(m
, &m
->uid_refs
, clean_ipc_by_uid
);
4006 void manager_vacuum_gid_refs(Manager
*m
) {
4007 manager_vacuum_uid_refs_internal(m
, &m
->gid_refs
, clean_ipc_by_gid
);
4010 static void manager_serialize_uid_refs_internal(
4014 const char *field_name
) {
4024 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
4025 * of it is better rebuild after a reload/reexec. */
4027 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
4031 uid
= PTR_TO_UID(k
);
4032 c
= PTR_TO_UINT32(p
);
4034 if (!(c
& DESTROY_IPC_FLAG
))
4037 fprintf(f
, "%s=" UID_FMT
"\n", field_name
, uid
);
4041 void manager_serialize_uid_refs(Manager
*m
, FILE *f
) {
4042 manager_serialize_uid_refs_internal(m
, f
, &m
->uid_refs
, "destroy-ipc-uid");
4045 void manager_serialize_gid_refs(Manager
*m
, FILE *f
) {
4046 manager_serialize_uid_refs_internal(m
, f
, &m
->gid_refs
, "destroy-ipc-gid");
4049 static void manager_deserialize_uid_refs_one_internal(
4052 const char *value
) {
4062 r
= parse_uid(value
, &uid
);
4063 if (r
< 0 || uid
== 0) {
4064 log_debug("Unable to parse UID reference serialization");
4068 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
4074 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
4075 if (c
& DESTROY_IPC_FLAG
)
4078 c
|= DESTROY_IPC_FLAG
;
4080 r
= hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
4082 log_debug("Failed to add UID reference entry");
4087 void manager_deserialize_uid_refs_one(Manager
*m
, const char *value
) {
4088 manager_deserialize_uid_refs_one_internal(m
, &m
->uid_refs
, value
);
4091 void manager_deserialize_gid_refs_one(Manager
*m
, const char *value
) {
4092 manager_deserialize_uid_refs_one_internal(m
, &m
->gid_refs
, value
);
4095 int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
4099 char unit_name
[UNIT_NAME_MAX
+1];
4102 Manager
*m
= userdata
;
4110 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4111 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4112 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4114 l
= recv(fd
, &buffer
, sizeof(buffer
), MSG_DONTWAIT
);
4116 if (IN_SET(errno
, EINTR
, EAGAIN
))
4119 return log_error_errno(errno
, "Failed to read from user lookup fd: %m");
4122 if ((size_t) l
<= offsetof(struct buffer
, unit_name
)) {
4123 log_warning("Received too short user lookup message, ignoring.");
4127 if ((size_t) l
> offsetof(struct buffer
, unit_name
) + UNIT_NAME_MAX
) {
4128 log_warning("Received too long user lookup message, ignoring.");
4132 if (!uid_is_valid(buffer
.uid
) && !gid_is_valid(buffer
.gid
)) {
4133 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4137 n
= (size_t) l
- offsetof(struct buffer
, unit_name
);
4138 if (memchr(buffer
.unit_name
, 0, n
)) {
4139 log_warning("Received lookup message with embedded NUL character, ignoring.");
4143 buffer
.unit_name
[n
] = 0;
4144 u
= manager_get_unit(m
, buffer
.unit_name
);
4146 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4150 log_unit_debug(u
, "User lookup succeeded: uid=" UID_FMT
" gid=" GID_FMT
, buffer
.uid
, buffer
.gid
);
4152 unit_notify_user_lookup(u
, buffer
.uid
, buffer
.gid
);
4156 char *manager_taint_string(Manager
*m
) {
4157 _cleanup_free_
char *destination
= NULL
, *overflowuid
= NULL
, *overflowgid
= NULL
;
4161 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4162 * Only things that are detected at runtime should be tagged
4163 * here. For stuff that is set during compilation, emit a warning
4164 * in the configuration phase. */
4168 buf
= new(char, sizeof("split-usr:"
4172 "overflowuid-not-65534:"
4173 "overflowgid-not-65534:"));
4181 e
= stpcpy(e
, "split-usr:");
4183 if (access("/proc/cgroups", F_OK
) < 0)
4184 e
= stpcpy(e
, "cgroups-missing:");
4186 if (clock_is_localtime(NULL
) > 0)
4187 e
= stpcpy(e
, "local-hwclock:");
4189 r
= readlink_malloc("/var/run", &destination
);
4190 if (r
< 0 || !PATH_IN_SET(destination
, "../run", "/run"))
4191 e
= stpcpy(e
, "var-run-bad:");
4193 r
= read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid
);
4194 if (r
>= 0 && !streq(overflowuid
, "65534"))
4195 e
= stpcpy(e
, "overflowuid-not-65534:");
4197 r
= read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid
);
4198 if (r
>= 0 && !streq(overflowgid
, "65534"))
4199 e
= stpcpy(e
, "overflowgid-not-65534:");
4201 /* remove the last ':' */
4208 void manager_ref_console(Manager
*m
) {
4214 void manager_unref_console(Manager
*m
) {
4216 assert(m
->n_on_console
> 0);
4219 if (m
->n_on_console
== 0)
4220 m
->no_console_output
= false; /* unset no_console_output flag, since the console is definitely free now */
4223 static const char *const manager_state_table
[_MANAGER_STATE_MAX
] = {
4224 [MANAGER_INITIALIZING
] = "initializing",
4225 [MANAGER_STARTING
] = "starting",
4226 [MANAGER_RUNNING
] = "running",
4227 [MANAGER_DEGRADED
] = "degraded",
4228 [MANAGER_MAINTENANCE
] = "maintenance",
4229 [MANAGER_STOPPING
] = "stopping",
4232 DEFINE_STRING_TABLE_LOOKUP(manager_state
, ManagerState
);
4234 static const char *const manager_timestamp_table
[_MANAGER_TIMESTAMP_MAX
] = {
4235 [MANAGER_TIMESTAMP_FIRMWARE
] = "firmware",
4236 [MANAGER_TIMESTAMP_LOADER
] = "loader",
4237 [MANAGER_TIMESTAMP_KERNEL
] = "kernel",
4238 [MANAGER_TIMESTAMP_INITRD
] = "initrd",
4239 [MANAGER_TIMESTAMP_USERSPACE
] = "userspace",
4240 [MANAGER_TIMESTAMP_FINISH
] = "finish",
4241 [MANAGER_TIMESTAMP_SECURITY_START
] = "security-start",
4242 [MANAGER_TIMESTAMP_SECURITY_FINISH
] = "security-finish",
4243 [MANAGER_TIMESTAMP_GENERATORS_START
] = "generators-start",
4244 [MANAGER_TIMESTAMP_GENERATORS_FINISH
] = "generators-finish",
4245 [MANAGER_TIMESTAMP_UNITS_LOAD_START
] = "units-load-start",
4246 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH
] = "units-load-finish",
4249 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp
, ManagerTimestamp
);