]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/service.c
projects / thirdparty / systemd.git / blob
? search:


97f129b8f02b51f58e22ee9fabfa987829df437f
[thirdparty/systemd.git] / src / core / service.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <signal.h>
23 #include <unistd.h>
24
25 #include "sd-messages.h"
26
27 #include "alloc-util.h"
28 #include "async.h"
29 #include "bus-error.h"
30 #include "bus-kernel.h"
31 #include "bus-util.h"
32 #include "dbus-service.h"
33 #include "def.h"
34 #include "env-util.h"
35 #include "escape.h"
36 #include "exit-status.h"
37 #include "fd-util.h"
38 #include "fileio.h"
39 #include "format-util.h"
40 #include "fs-util.h"
41 #include "load-dropin.h"
42 #include "load-fragment.h"
43 #include "log.h"
44 #include "manager.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #include "service.h"
49 #include "signal-util.h"
50 #include "special.h"
51 #include "stdio-util.h"
52 #include "string-table.h"
53 #include "string-util.h"
54 #include "strv.h"
55 #include "unit-name.h"
56 #include "unit.h"
57 #include "utf8.h"
58 #include "util.h"
59
60 static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
61 [SERVICE_DEAD] = UNIT_INACTIVE,
62 [SERVICE_START_PRE] = UNIT_ACTIVATING,
63 [SERVICE_START] = UNIT_ACTIVATING,
64 [SERVICE_START_POST] = UNIT_ACTIVATING,
65 [SERVICE_RUNNING] = UNIT_ACTIVE,
66 [SERVICE_EXITED] = UNIT_ACTIVE,
67 [SERVICE_RELOAD] = UNIT_RELOADING,
68 [SERVICE_STOP] = UNIT_DEACTIVATING,
69 [SERVICE_STOP_SIGABRT] = UNIT_DEACTIVATING,
70 [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
71 [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
72 [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
73 [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
74 [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
75 [SERVICE_FAILED] = UNIT_FAILED,
76 [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
77 };
78
79 /* For Type=idle we never want to delay any other jobs, hence we
80 * consider idle jobs active as soon as we start working on them */
81 static const UnitActiveState state_translation_table_idle[_SERVICE_STATE_MAX] = {
82 [SERVICE_DEAD] = UNIT_INACTIVE,
83 [SERVICE_START_PRE] = UNIT_ACTIVE,
84 [SERVICE_START] = UNIT_ACTIVE,
85 [SERVICE_START_POST] = UNIT_ACTIVE,
86 [SERVICE_RUNNING] = UNIT_ACTIVE,
87 [SERVICE_EXITED] = UNIT_ACTIVE,
88 [SERVICE_RELOAD] = UNIT_RELOADING,
89 [SERVICE_STOP] = UNIT_DEACTIVATING,
90 [SERVICE_STOP_SIGABRT] = UNIT_DEACTIVATING,
91 [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
92 [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
93 [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
94 [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
95 [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
96 [SERVICE_FAILED] = UNIT_FAILED,
97 [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
98 };
99
100 static int service_dispatch_io(sd_event_source *source, int fd, uint32_t events, void *userdata);
101 static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
102 static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata);
103
104 static void service_enter_signal(Service *s, ServiceState state, ServiceResult f);
105 static void service_enter_reload_by_notify(Service *s);
106
107 static void service_init(Unit *u) {
108 Service *s = SERVICE(u);
109
110 assert(u);
111 assert(u->load_state == UNIT_STUB);
112
113 s->timeout_start_usec = u->manager->default_timeout_start_usec;
114 s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
115 s->restart_usec = u->manager->default_restart_usec;
116 s->runtime_max_usec = USEC_INFINITY;
117 s->type = _SERVICE_TYPE_INVALID;
118 s->socket_fd = -1;
119 s->stdin_fd = s->stdout_fd = s->stderr_fd = -1;
120 s->guess_main_pid = true;
121
122 s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
123 }
124
125 static void service_unwatch_control_pid(Service *s) {
126 assert(s);
127
128 if (s->control_pid <= 0)
129 return;
130
131 unit_unwatch_pid(UNIT(s), s->control_pid);
132 s->control_pid = 0;
133 }
134
135 static void service_unwatch_main_pid(Service *s) {
136 assert(s);
137
138 if (s->main_pid <= 0)
139 return;
140
141 unit_unwatch_pid(UNIT(s), s->main_pid);
142 s->main_pid = 0;
143 }
144
145 static void service_unwatch_pid_file(Service *s) {
146 if (!s->pid_file_pathspec)
147 return;
148
149 log_unit_debug(UNIT(s), "Stopping watch for PID file %s", s->pid_file_pathspec->path);
150 path_spec_unwatch(s->pid_file_pathspec);
151 path_spec_done(s->pid_file_pathspec);
152 s->pid_file_pathspec = mfree(s->pid_file_pathspec);
153 }
154
155 static int service_set_main_pid(Service *s, pid_t pid) {
156 pid_t ppid;
157
158 assert(s);
159
160 if (pid <= 1)
161 return -EINVAL;
162
163 if (pid == getpid_cached())
164 return -EINVAL;
165
166 if (s->main_pid == pid && s->main_pid_known)
167 return 0;
168
169 if (s->main_pid != pid) {
170 service_unwatch_main_pid(s);
171 exec_status_start(&s->main_exec_status, pid);
172 }
173
174 s->main_pid = pid;
175 s->main_pid_known = true;
176
177 if (get_process_ppid(pid, &ppid) >= 0 && ppid != getpid_cached()) {
178 log_unit_warning(UNIT(s), "Supervising process "PID_FMT" which is not our child. We'll most likely not notice when it exits.", pid);
179 s->main_pid_alien = true;
180 } else
181 s->main_pid_alien = false;
182
183 return 0;
184 }
185
186 void service_close_socket_fd(Service *s) {
187 assert(s);
188
189 /* Undo the effect of service_set_socket_fd(). */
190
191 s->socket_fd = asynchronous_close(s->socket_fd);
192
193 if (UNIT_ISSET(s->accept_socket)) {
194 socket_connection_unref(SOCKET(UNIT_DEREF(s->accept_socket)));
195 unit_ref_unset(&s->accept_socket);
196 }
197 }
198
199 static void service_stop_watchdog(Service *s) {
200 assert(s);
201
202 s->watchdog_event_source = sd_event_source_unref(s->watchdog_event_source);
203 s->watchdog_timestamp = DUAL_TIMESTAMP_NULL;
204 }
205
206 static usec_t service_get_watchdog_usec(Service *s) {
207 assert(s);
208
209 if (s->watchdog_override_enable)
210 return s->watchdog_override_usec;
211 else
212 return s->watchdog_usec;
213 }
214
215 static void service_start_watchdog(Service *s) {
216 int r;
217 usec_t watchdog_usec;
218
219 assert(s);
220
221 watchdog_usec = service_get_watchdog_usec(s);
222 if (IN_SET(watchdog_usec, 0, USEC_INFINITY))
223 return;
224
225 if (s->watchdog_event_source) {
226 r = sd_event_source_set_time(s->watchdog_event_source, usec_add(s->watchdog_timestamp.monotonic, watchdog_usec));
227 if (r < 0) {
228 log_unit_warning_errno(UNIT(s), r, "Failed to reset watchdog timer: %m");
229 return;
230 }
231
232 r = sd_event_source_set_enabled(s->watchdog_event_source, SD_EVENT_ONESHOT);
233 } else {
234 r = sd_event_add_time(
235 UNIT(s)->manager->event,
236 &s->watchdog_event_source,
237 CLOCK_MONOTONIC,
238 usec_add(s->watchdog_timestamp.monotonic, watchdog_usec), 0,
239 service_dispatch_watchdog, s);
240 if (r < 0) {
241 log_unit_warning_errno(UNIT(s), r, "Failed to add watchdog timer: %m");
242 return;
243 }
244
245 (void) sd_event_source_set_description(s->watchdog_event_source, "service-watchdog");
246
247 /* Let's process everything else which might be a sign
248 * of living before we consider a service died. */
249 r = sd_event_source_set_priority(s->watchdog_event_source, SD_EVENT_PRIORITY_IDLE);
250 }
251
252 if (r < 0)
253 log_unit_warning_errno(UNIT(s), r, "Failed to install watchdog timer: %m");
254 }
255
256 static void service_reset_watchdog(Service *s) {
257 assert(s);
258
259 dual_timestamp_get(&s->watchdog_timestamp);
260 service_start_watchdog(s);
261 }
262
263 static void service_reset_watchdog_timeout(Service *s, usec_t watchdog_override_usec) {
264 assert(s);
265
266 s->watchdog_override_enable = true;
267 s->watchdog_override_usec = watchdog_override_usec;
268 service_reset_watchdog(s);
269
270 log_unit_debug(UNIT(s), "watchdog_usec="USEC_FMT, s->watchdog_usec);
271 log_unit_debug(UNIT(s), "watchdog_override_usec="USEC_FMT, s->watchdog_override_usec);
272 }
273
274 static void service_fd_store_unlink(ServiceFDStore *fs) {
275
276 if (!fs)
277 return;
278
279 if (fs->service) {
280 assert(fs->service->n_fd_store > 0);
281 LIST_REMOVE(fd_store, fs->service->fd_store, fs);
282 fs->service->n_fd_store--;
283 }
284
285 if (fs->event_source) {
286 sd_event_source_set_enabled(fs->event_source, SD_EVENT_OFF);
287 sd_event_source_unref(fs->event_source);
288 }
289
290 free(fs->fdname);
291 safe_close(fs->fd);
292 free(fs);
293 }
294
295 static void service_release_fd_store(Service *s) {
296 assert(s);
297
298 if (s->n_keep_fd_store > 0)
299 return;
300
301 log_unit_debug(UNIT(s), "Releasing all stored fds");
302 while (s->fd_store)
303 service_fd_store_unlink(s->fd_store);
304
305 assert(s->n_fd_store == 0);
306 }
307
308 static void service_release_resources(Unit *u) {
309 Service *s = SERVICE(u);
310
311 assert(s);
312
313 if (!s->fd_store && s->stdin_fd < 0 && s->stdout_fd < 0 && s->stderr_fd < 0)
314 return;
315
316 log_unit_debug(u, "Releasing resources.");
317
318 s->stdin_fd = safe_close(s->stdin_fd);
319 s->stdout_fd = safe_close(s->stdout_fd);
320 s->stderr_fd = safe_close(s->stderr_fd);
321
322 service_release_fd_store(s);
323 }
324
325 static void service_done(Unit *u) {
326 Service *s = SERVICE(u);
327
328 assert(s);
329
330 s->pid_file = mfree(s->pid_file);
331 s->status_text = mfree(s->status_text);
332
333 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
334 exec_command_free_array(s->exec_command, _SERVICE_EXEC_COMMAND_MAX);
335 s->control_command = NULL;
336 s->main_command = NULL;
337
338 dynamic_creds_unref(&s->dynamic_creds);
339
340 exit_status_set_free(&s->restart_prevent_status);
341 exit_status_set_free(&s->restart_force_status);
342 exit_status_set_free(&s->success_status);
343
344 /* This will leak a process, but at least no memory or any of
345 * our resources */
346 service_unwatch_main_pid(s);
347 service_unwatch_control_pid(s);
348 service_unwatch_pid_file(s);
349
350 if (s->bus_name) {
351 unit_unwatch_bus_name(u, s->bus_name);
352 s->bus_name = mfree(s->bus_name);
353 }
354
355 s->bus_name_owner = mfree(s->bus_name_owner);
356
357 service_close_socket_fd(s);
358 s->peer = socket_peer_unref(s->peer);
359
360 unit_ref_unset(&s->accept_socket);
361
362 service_stop_watchdog(s);
363
364 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
365
366 service_release_resources(u);
367 }
368
369 static int on_fd_store_io(sd_event_source *e, int fd, uint32_t revents, void *userdata) {
370 ServiceFDStore *fs = userdata;
371
372 assert(e);
373 assert(fs);
374
375 /* If we get either EPOLLHUP or EPOLLERR, it's time to remove this entry from the fd store */
376 log_unit_debug(UNIT(fs->service),
377 "Received %s on stored fd %d (%s), closing.",
378 revents & EPOLLERR ? "EPOLLERR" : "EPOLLHUP",
379 fs->fd, strna(fs->fdname));
380 service_fd_store_unlink(fs);
381 return 0;
382 }
383
384 static int service_add_fd_store(Service *s, int fd, const char *name) {
385 ServiceFDStore *fs;
386 int r;
387
388 /* fd is always consumed if we return >= 0 */
389
390 assert(s);
391 assert(fd >= 0);
392
393 if (s->n_fd_store >= s->n_fd_store_max)
394 return -EXFULL; /* Our store is full.
395 * Use this errno rather than E[NM]FILE to distinguish from
396 * the case where systemd itself hits the file limit. */
397
398 LIST_FOREACH(fd_store, fs, s->fd_store) {
399 r = same_fd(fs->fd, fd);
400 if (r < 0)
401 return r;
402 if (r > 0) {
403 safe_close(fd);
404 return 0; /* fd already included */
405 }
406 }
407
408 fs = new0(ServiceFDStore, 1);
409 if (!fs)
410 return -ENOMEM;
411
412 fs->fd = fd;
413 fs->service = s;
414 fs->fdname = strdup(name ?: "stored");
415 if (!fs->fdname) {
416 free(fs);
417 return -ENOMEM;
418 }
419
420 r = sd_event_add_io(UNIT(s)->manager->event, &fs->event_source, fd, 0, on_fd_store_io, fs);
421 if (r < 0 && r != -EPERM) { /* EPERM indicates fds that aren't pollable, which is OK */
422 free(fs->fdname);
423 free(fs);
424 return r;
425 } else if (r >= 0)
426 (void) sd_event_source_set_description(fs->event_source, "service-fd-store");
427
428 LIST_PREPEND(fd_store, s->fd_store, fs);
429 s->n_fd_store++;
430
431 return 1; /* fd newly stored */
432 }
433
434 static int service_add_fd_store_set(Service *s, FDSet *fds, const char *name) {
435 int r;
436
437 assert(s);
438
439 while (fdset_size(fds) > 0) {
440 _cleanup_close_ int fd = -1;
441
442 fd = fdset_steal_first(fds);
443 if (fd < 0)
444 break;
445
446 r = service_add_fd_store(s, fd, name);
447 if (r == -EXFULL)
448 return log_unit_warning_errno(UNIT(s), r,
449 "Cannot store more fds than FileDescriptorStoreMax=%u, closing remaining.",
450 s->n_fd_store_max);
451 if (r < 0)
452 return log_unit_error_errno(UNIT(s), r, "Failed to add fd to store: %m");
453 if (r > 0)
454 log_unit_debug(UNIT(s), "Added fd %u (%s) to fd store.", fd, strna(name));
455 fd = -1;
456 }
457
458 return 0;
459 }
460
461 static void service_remove_fd_store(Service *s, const char *name) {
462 ServiceFDStore *fs, *n;
463
464 assert(s);
465 assert(name);
466
467 LIST_FOREACH_SAFE(fd_store, fs, n, s->fd_store) {
468 if (!streq(fs->fdname, name))
469 continue;
470
471 log_unit_debug(UNIT(s), "Got explicit request to remove fd %i (%s), closing.", fs->fd, name);
472 service_fd_store_unlink(fs);
473 }
474 }
475
476 static int service_arm_timer(Service *s, usec_t usec) {
477 int r;
478
479 assert(s);
480
481 if (s->timer_event_source) {
482 r = sd_event_source_set_time(s->timer_event_source, usec);
483 if (r < 0)
484 return r;
485
486 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
487 }
488
489 if (usec == USEC_INFINITY)
490 return 0;
491
492 r = sd_event_add_time(
493 UNIT(s)->manager->event,
494 &s->timer_event_source,
495 CLOCK_MONOTONIC,
496 usec, 0,
497 service_dispatch_timer, s);
498 if (r < 0)
499 return r;
500
501 (void) sd_event_source_set_description(s->timer_event_source, "service-timer");
502
503 return 0;
504 }
505
506 static int service_verify(Service *s) {
507 assert(s);
508
509 if (UNIT(s)->load_state != UNIT_LOADED)
510 return 0;
511
512 if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]) {
513 log_unit_error(UNIT(s), "Service lacks both ExecStart= and ExecStop= setting. Refusing.");
514 return -EINVAL;
515 }
516
517 if (s->type != SERVICE_ONESHOT && !s->exec_command[SERVICE_EXEC_START]) {
518 log_unit_error(UNIT(s), "Service has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
519 return -EINVAL;
520 }
521
522 if (!s->remain_after_exit && !s->exec_command[SERVICE_EXEC_START]) {
523 log_unit_error(UNIT(s), "Service has no ExecStart= setting, which is only allowed for RemainAfterExit=yes services. Refusing.");
524 return -EINVAL;
525 }
526
527 if (s->type != SERVICE_ONESHOT && s->exec_command[SERVICE_EXEC_START]->command_next) {
528 log_unit_error(UNIT(s), "Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
529 return -EINVAL;
530 }
531
532 if (s->type == SERVICE_ONESHOT && s->restart != SERVICE_RESTART_NO) {
533 log_unit_error(UNIT(s), "Service has Restart= setting other than no, which isn't allowed for Type=oneshot services. Refusing.");
534 return -EINVAL;
535 }
536
537 if (s->type == SERVICE_ONESHOT && !exit_status_set_is_empty(&s->restart_force_status)) {
538 log_unit_error(UNIT(s), "Service has RestartForceStatus= set, which isn't allowed for Type=oneshot services. Refusing.");
539 return -EINVAL;
540 }
541
542 if (s->type == SERVICE_DBUS && !s->bus_name) {
543 log_unit_error(UNIT(s), "Service is of type D-Bus but no D-Bus service name has been specified. Refusing.");
544 return -EINVAL;
545 }
546
547 if (s->bus_name && s->type != SERVICE_DBUS)
548 log_unit_warning(UNIT(s), "Service has a D-Bus service name specified, but is not of type dbus. Ignoring.");
549
550 if (s->exec_context.pam_name && !IN_SET(s->kill_context.kill_mode, KILL_CONTROL_GROUP, KILL_MIXED)) {
551 log_unit_error(UNIT(s), "Service has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing.");
552 return -EINVAL;
553 }
554
555 if (s->usb_function_descriptors && !s->usb_function_strings)
556 log_unit_warning(UNIT(s), "Service has USBFunctionDescriptors= setting, but no USBFunctionStrings=. Ignoring.");
557
558 if (!s->usb_function_descriptors && s->usb_function_strings)
559 log_unit_warning(UNIT(s), "Service has USBFunctionStrings= setting, but no USBFunctionDescriptors=. Ignoring.");
560
561 if (s->runtime_max_usec != USEC_INFINITY && s->type == SERVICE_ONESHOT)
562 log_unit_warning(UNIT(s), "MaxRuntimeSec= has no effect in combination with Type=oneshot. Ignoring.");
563
564 return 0;
565 }
566
567 static int service_add_default_dependencies(Service *s) {
568 int r;
569
570 assert(s);
571
572 if (!UNIT(s)->default_dependencies)
573 return 0;
574
575 /* Add a number of automatic dependencies useful for the
576 * majority of services. */
577
578 if (MANAGER_IS_SYSTEM(UNIT(s)->manager)) {
579 /* First, pull in the really early boot stuff, and
580 * require it, so that we fail if we can't acquire
581 * it. */
582
583 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true, UNIT_DEPENDENCY_DEFAULT);
584 if (r < 0)
585 return r;
586 } else {
587
588 /* In the --user instance there's no sysinit.target,
589 * in that case require basic.target instead. */
590
591 r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_BASIC_TARGET, NULL, true, UNIT_DEPENDENCY_DEFAULT);
592 if (r < 0)
593 return r;
594 }
595
596 /* Second, if the rest of the base system is in the same
597 * transaction, order us after it, but do not pull it in or
598 * even require it. */
599 r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_BASIC_TARGET, NULL, true, UNIT_DEPENDENCY_DEFAULT);
600 if (r < 0)
601 return r;
602
603 /* Third, add us in for normal shutdown. */
604 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true, UNIT_DEPENDENCY_DEFAULT);
605 }
606
607 static void service_fix_output(Service *s) {
608 assert(s);
609
610 /* If nothing has been explicitly configured, patch default output in. If input is socket/tty we avoid this
611 * however, since in that case we want output to default to the same place as we read input from. */
612
613 if (s->exec_context.std_error == EXEC_OUTPUT_INHERIT &&
614 s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
615 s->exec_context.std_input == EXEC_INPUT_NULL)
616 s->exec_context.std_error = UNIT(s)->manager->default_std_error;
617
618 if (s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
619 s->exec_context.std_input == EXEC_INPUT_NULL)
620 s->exec_context.std_output = UNIT(s)->manager->default_std_output;
621
622 if (s->exec_context.std_input == EXEC_INPUT_NULL &&
623 s->exec_context.stdin_data_size > 0)
624 s->exec_context.std_input = EXEC_INPUT_DATA;
625 }
626
627 static int service_setup_bus_name(Service *s) {
628 int r;
629
630 assert(s);
631
632 if (!s->bus_name)
633 return 0;
634
635 r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_DBUS_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
636 if (r < 0)
637 return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
638
639 /* We always want to be ordered against dbus.socket if both are in the transaction. */
640 r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_DBUS_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
641 if (r < 0)
642 return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
643
644 r = unit_watch_bus_name(UNIT(s), s->bus_name);
645 if (r == -EEXIST)
646 return log_unit_error_errno(UNIT(s), r, "Two services allocated for the same bus name %s, refusing operation.", s->bus_name);
647 if (r < 0)
648 return log_unit_error_errno(UNIT(s), r, "Cannot watch bus name %s: %m", s->bus_name);
649
650 return 0;
651 }
652
653 static int service_add_extras(Service *s) {
654 int r;
655
656 assert(s);
657
658 if (s->type == _SERVICE_TYPE_INVALID) {
659 /* Figure out a type automatically */
660 if (s->bus_name)
661 s->type = SERVICE_DBUS;
662 else if (s->exec_command[SERVICE_EXEC_START])
663 s->type = SERVICE_SIMPLE;
664 else
665 s->type = SERVICE_ONESHOT;
666 }
667
668 /* Oneshot services have disabled start timeout by default */
669 if (s->type == SERVICE_ONESHOT && !s->start_timeout_defined)
670 s->timeout_start_usec = USEC_INFINITY;
671
672 service_fix_output(s);
673
674 r = unit_patch_contexts(UNIT(s));
675 if (r < 0)
676 return r;
677
678 r = unit_add_exec_dependencies(UNIT(s), &s->exec_context);
679 if (r < 0)
680 return r;
681
682 r = unit_set_default_slice(UNIT(s));
683 if (r < 0)
684 return r;
685
686 if (s->type == SERVICE_NOTIFY && s->notify_access == NOTIFY_NONE)
687 s->notify_access = NOTIFY_MAIN;
688
689 if (s->watchdog_usec > 0 && s->notify_access == NOTIFY_NONE)
690 s->notify_access = NOTIFY_MAIN;
691
692 r = service_add_default_dependencies(s);
693 if (r < 0)
694 return r;
695
696 r = service_setup_bus_name(s);
697 if (r < 0)
698 return r;
699
700 return 0;
701 }
702
703 static int service_load(Unit *u) {
704 Service *s = SERVICE(u);
705 int r;
706
707 assert(s);
708
709 /* Load a .service file */
710 r = unit_load_fragment(u);
711 if (r < 0)
712 return r;
713
714 /* Still nothing found? Then let's give up */
715 if (u->load_state == UNIT_STUB)
716 return -ENOENT;
717
718 /* This is a new unit? Then let's add in some extras */
719 if (u->load_state == UNIT_LOADED) {
720
721 /* We were able to load something, then let's add in
722 * the dropin directories. */
723 r = unit_load_dropin(u);
724 if (r < 0)
725 return r;
726
727 /* This is a new unit? Then let's add in some
728 * extras */
729 r = service_add_extras(s);
730 if (r < 0)
731 return r;
732 }
733
734 return service_verify(s);
735 }
736
737 static void service_dump(Unit *u, FILE *f, const char *prefix) {
738 ServiceExecCommand c;
739 Service *s = SERVICE(u);
740 const char *prefix2;
741
742 assert(s);
743
744 prefix = strempty(prefix);
745 prefix2 = strjoina(prefix, "\t");
746
747 fprintf(f,
748 "%sService State: %s\n"
749 "%sResult: %s\n"
750 "%sReload Result: %s\n"
751 "%sPermissionsStartOnly: %s\n"
752 "%sRootDirectoryStartOnly: %s\n"
753 "%sRemainAfterExit: %s\n"
754 "%sGuessMainPID: %s\n"
755 "%sType: %s\n"
756 "%sRestart: %s\n"
757 "%sNotifyAccess: %s\n"
758 "%sNotifyState: %s\n",
759 prefix, service_state_to_string(s->state),
760 prefix, service_result_to_string(s->result),
761 prefix, service_result_to_string(s->reload_result),
762 prefix, yes_no(s->permissions_start_only),
763 prefix, yes_no(s->root_directory_start_only),
764 prefix, yes_no(s->remain_after_exit),
765 prefix, yes_no(s->guess_main_pid),
766 prefix, service_type_to_string(s->type),
767 prefix, service_restart_to_string(s->restart),
768 prefix, notify_access_to_string(s->notify_access),
769 prefix, notify_state_to_string(s->notify_state));
770
771 if (s->control_pid > 0)
772 fprintf(f,
773 "%sControl PID: "PID_FMT"\n",
774 prefix, s->control_pid);
775
776 if (s->main_pid > 0)
777 fprintf(f,
778 "%sMain PID: "PID_FMT"\n"
779 "%sMain PID Known: %s\n"
780 "%sMain PID Alien: %s\n",
781 prefix, s->main_pid,
782 prefix, yes_no(s->main_pid_known),
783 prefix, yes_no(s->main_pid_alien));
784
785 if (s->pid_file)
786 fprintf(f,
787 "%sPIDFile: %s\n",
788 prefix, s->pid_file);
789
790 if (s->bus_name)
791 fprintf(f,
792 "%sBusName: %s\n"
793 "%sBus Name Good: %s\n",
794 prefix, s->bus_name,
795 prefix, yes_no(s->bus_name_good));
796
797 if (UNIT_ISSET(s->accept_socket))
798 fprintf(f,
799 "%sAccept Socket: %s\n",
800 prefix, UNIT_DEREF(s->accept_socket)->id);
801
802 kill_context_dump(&s->kill_context, f, prefix);
803 exec_context_dump(&s->exec_context, f, prefix);
804
805 for (c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) {
806
807 if (!s->exec_command[c])
808 continue;
809
810 fprintf(f, "%s-> %s:\n",
811 prefix, service_exec_command_to_string(c));
812
813 exec_command_dump_list(s->exec_command[c], f, prefix2);
814 }
815
816 if (s->status_text)
817 fprintf(f, "%sStatus Text: %s\n",
818 prefix, s->status_text);
819
820 if (s->n_fd_store_max > 0)
821 fprintf(f,
822 "%sFile Descriptor Store Max: %u\n"
823 "%sFile Descriptor Store Current: %u\n",
824 prefix, s->n_fd_store_max,
825 prefix, s->n_fd_store);
826
827 cgroup_context_dump(&s->cgroup_context, f, prefix);
828 }
829
830 static int service_load_pid_file(Service *s, bool may_warn) {
831 _cleanup_free_ char *k = NULL;
832 int r;
833 pid_t pid;
834
835 assert(s);
836
837 if (!s->pid_file)
838 return -ENOENT;
839
840 r = read_one_line_file(s->pid_file, &k);
841 if (r < 0) {
842 if (may_warn)
843 log_unit_info_errno(UNIT(s), r, "PID file %s not readable (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state));
844 return r;
845 }
846
847 r = parse_pid(k, &pid);
848 if (r < 0) {
849 if (may_warn)
850 log_unit_info_errno(UNIT(s), r, "Failed to read PID from file %s: %m", s->pid_file);
851 return r;
852 }
853
854 if (!pid_is_alive(pid)) {
855 if (may_warn)
856 log_unit_info(UNIT(s), "PID "PID_FMT" read from file %s does not exist or is a zombie.", pid, s->pid_file);
857 return -ESRCH;
858 }
859
860 if (s->main_pid_known) {
861 if (pid == s->main_pid)
862 return 0;
863
864 log_unit_debug(UNIT(s), "Main PID changing: "PID_FMT" -> "PID_FMT, s->main_pid, pid);
865
866 service_unwatch_main_pid(s);
867 s->main_pid_known = false;
868 } else
869 log_unit_debug(UNIT(s), "Main PID loaded: "PID_FMT, pid);
870
871 r = service_set_main_pid(s, pid);
872 if (r < 0)
873 return r;
874
875 r = unit_watch_pid(UNIT(s), pid);
876 if (r < 0) /* FIXME: we need to do something here */
877 return log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" for service: %m", pid);
878
879 return 0;
880 }
881
882 static void service_search_main_pid(Service *s) {
883 pid_t pid = 0;
884 int r;
885
886 assert(s);
887
888 /* If we know it anyway, don't ever fallback to unreliable
889 * heuristics */
890 if (s->main_pid_known)
891 return;
892
893 if (!s->guess_main_pid)
894 return;
895
896 assert(s->main_pid <= 0);
897
898 if (unit_search_main_pid(UNIT(s), &pid) < 0)
899 return;
900
901 log_unit_debug(UNIT(s), "Main PID guessed: "PID_FMT, pid);
902 if (service_set_main_pid(s, pid) < 0)
903 return;
904
905 r = unit_watch_pid(UNIT(s), pid);
906 if (r < 0)
907 /* FIXME: we need to do something here */
908 log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" from: %m", pid);
909 }
910
911 static void service_set_state(Service *s, ServiceState state) {
912 ServiceState old_state;
913 const UnitActiveState *table;
914
915 assert(s);
916
917 table = s->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
918
919 old_state = s->state;
920 s->state = state;
921
922 service_unwatch_pid_file(s);
923
924 if (!IN_SET(state,
925 SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
926 SERVICE_RUNNING,
927 SERVICE_RELOAD,
928 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
929 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
930 SERVICE_AUTO_RESTART))
931 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
932
933 if (!IN_SET(state,
934 SERVICE_START, SERVICE_START_POST,
935 SERVICE_RUNNING, SERVICE_RELOAD,
936 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
937 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
938 service_unwatch_main_pid(s);
939 s->main_command = NULL;
940 }
941
942 if (!IN_SET(state,
943 SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
944 SERVICE_RELOAD,
945 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
946 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
947 service_unwatch_control_pid(s);
948 s->control_command = NULL;
949 s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
950 }
951
952 if (IN_SET(state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
953 unit_unwatch_all_pids(UNIT(s));
954
955 if (!IN_SET(state,
956 SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
957 SERVICE_RUNNING, SERVICE_RELOAD,
958 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
959 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL) &&
960 !(state == SERVICE_DEAD && UNIT(s)->job))
961 service_close_socket_fd(s);
962
963 if (!IN_SET(state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
964 service_stop_watchdog(s);
965
966 /* For the inactive states unit_notify() will trim the cgroup,
967 * but for exit we have to do that ourselves... */
968 if (state == SERVICE_EXITED && !MANAGER_IS_RELOADING(UNIT(s)->manager))
969 unit_prune_cgroup(UNIT(s));
970
971 /* For remain_after_exit services, let's see if we can "release" the
972 * hold on the console, since unit_notify() only does that in case of
973 * change of state */
974 if (state == SERVICE_EXITED &&
975 s->remain_after_exit &&
976 UNIT(s)->manager->n_on_console > 0) {
977
978 ExecContext *ec;
979
980 ec = unit_get_exec_context(UNIT(s));
981 if (ec && exec_context_may_touch_console(ec)) {
982 Manager *m = UNIT(s)->manager;
983
984 m->n_on_console--;
985 if (m->n_on_console == 0)
986 /* unset no_console_output flag, since the console is free */
987 m->no_console_output = false;
988 }
989 }
990
991 if (old_state != state)
992 log_unit_debug(UNIT(s), "Changed %s -> %s", service_state_to_string(old_state), service_state_to_string(state));
993
994 unit_notify(UNIT(s), table[old_state], table[state], s->reload_result == SERVICE_SUCCESS);
995 }
996
997 static usec_t service_coldplug_timeout(Service *s) {
998 assert(s);
999
1000 switch (s->deserialized_state) {
1001
1002 case SERVICE_START_PRE:
1003 case SERVICE_START:
1004 case SERVICE_START_POST:
1005 case SERVICE_RELOAD:
1006 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_start_usec);
1007
1008 case SERVICE_RUNNING:
1009 return usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec);
1010
1011 case SERVICE_STOP:
1012 case SERVICE_STOP_SIGABRT:
1013 case SERVICE_STOP_SIGTERM:
1014 case SERVICE_STOP_SIGKILL:
1015 case SERVICE_STOP_POST:
1016 case SERVICE_FINAL_SIGTERM:
1017 case SERVICE_FINAL_SIGKILL:
1018 return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
1019
1020 case SERVICE_AUTO_RESTART:
1021 return usec_add(UNIT(s)->inactive_enter_timestamp.monotonic, s->restart_usec);
1022
1023 default:
1024 return USEC_INFINITY;
1025 }
1026 }
1027
1028 static int service_coldplug(Unit *u) {
1029 Service *s = SERVICE(u);
1030 int r;
1031
1032 assert(s);
1033 assert(s->state == SERVICE_DEAD);
1034
1035 if (s->deserialized_state == s->state)
1036 return 0;
1037
1038 r = service_arm_timer(s, service_coldplug_timeout(s));
1039 if (r < 0)
1040 return r;
1041
1042 if (s->main_pid > 0 &&
1043 pid_is_unwaited(s->main_pid) &&
1044 ((s->deserialized_state == SERVICE_START && IN_SET(s->type, SERVICE_FORKING, SERVICE_DBUS, SERVICE_ONESHOT, SERVICE_NOTIFY)) ||
1045 IN_SET(s->deserialized_state,
1046 SERVICE_START, SERVICE_START_POST,
1047 SERVICE_RUNNING, SERVICE_RELOAD,
1048 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1049 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))) {
1050 r = unit_watch_pid(UNIT(s), s->main_pid);
1051 if (r < 0)
1052 return r;
1053 }
1054
1055 if (s->control_pid > 0 &&
1056 pid_is_unwaited(s->control_pid) &&
1057 IN_SET(s->deserialized_state,
1058 SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
1059 SERVICE_RELOAD,
1060 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1061 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
1062 r = unit_watch_pid(UNIT(s), s->control_pid);
1063 if (r < 0)
1064 return r;
1065 }
1066
1067 if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
1068 unit_watch_all_pids(UNIT(s));
1069
1070 if (IN_SET(s->deserialized_state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
1071 service_start_watchdog(s);
1072
1073 if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
1074 (void) unit_setup_dynamic_creds(u);
1075
1076 if (UNIT_ISSET(s->accept_socket)) {
1077 Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket));
1078
1079 if (socket->max_connections_per_source > 0) {
1080 SocketPeer *peer;
1081
1082 /* Make a best-effort attempt at bumping the connection count */
1083 if (socket_acquire_peer(socket, s->socket_fd, &peer) > 0) {
1084 socket_peer_unref(s->peer);
1085 s->peer = peer;
1086 }
1087 }
1088 }
1089
1090 service_set_state(s, s->deserialized_state);
1091 return 0;
1092 }
1093
1094 static int service_collect_fds(Service *s,
1095 int **fds,
1096 char ***fd_names,
1097 unsigned *n_storage_fds,
1098 unsigned *n_socket_fds) {
1099
1100 _cleanup_strv_free_ char **rfd_names = NULL;
1101 _cleanup_free_ int *rfds = NULL;
1102 unsigned rn_socket_fds = 0, rn_storage_fds = 0;
1103 int r;
1104
1105 assert(s);
1106 assert(fds);
1107 assert(fd_names);
1108 assert(n_socket_fds);
1109
1110 if (s->socket_fd >= 0) {
1111
1112 /* Pass the per-connection socket */
1113
1114 rfds = new(int, 1);
1115 if (!rfds)
1116 return -ENOMEM;
1117 rfds[0] = s->socket_fd;
1118
1119 rfd_names = strv_new("connection", NULL);
1120 if (!rfd_names)
1121 return -ENOMEM;
1122
1123 rn_socket_fds = 1;
1124 } else {
1125 Iterator i;
1126 void *v;
1127 Unit *u;
1128
1129 /* Pass all our configured sockets for singleton services */
1130
1131 HASHMAP_FOREACH_KEY(v, u, UNIT(s)->dependencies[UNIT_TRIGGERED_BY], i) {
1132 _cleanup_free_ int *cfds = NULL;
1133 Socket *sock;
1134 int cn_fds;
1135
1136 if (u->type != UNIT_SOCKET)
1137 continue;
1138
1139 sock = SOCKET(u);
1140
1141 cn_fds = socket_collect_fds(sock, &cfds);
1142 if (cn_fds < 0)
1143 return cn_fds;
1144
1145 if (cn_fds <= 0)
1146 continue;
1147
1148 if (!rfds) {
1149 rfds = cfds;
1150 rn_socket_fds = cn_fds;
1151
1152 cfds = NULL;
1153 } else {
1154 int *t;
1155
1156 t = realloc(rfds, (rn_socket_fds + cn_fds) * sizeof(int));
1157 if (!t)
1158 return -ENOMEM;
1159
1160 memcpy(t + rn_socket_fds, cfds, cn_fds * sizeof(int));
1161
1162 rfds = t;
1163 rn_socket_fds += cn_fds;
1164 }
1165
1166 r = strv_extend_n(&rfd_names, socket_fdname(sock), cn_fds);
1167 if (r < 0)
1168 return r;
1169 }
1170 }
1171
1172 if (s->n_fd_store > 0) {
1173 ServiceFDStore *fs;
1174 unsigned n_fds;
1175 char **nl;
1176 int *t;
1177
1178 t = realloc(rfds, (rn_socket_fds + s->n_fd_store) * sizeof(int));
1179 if (!t)
1180 return -ENOMEM;
1181
1182 rfds = t;
1183
1184 nl = realloc(rfd_names, (rn_socket_fds + s->n_fd_store + 1) * sizeof(char*));
1185 if (!nl)
1186 return -ENOMEM;
1187
1188 rfd_names = nl;
1189 n_fds = rn_socket_fds;
1190
1191 LIST_FOREACH(fd_store, fs, s->fd_store) {
1192 rfds[n_fds] = fs->fd;
1193 rfd_names[n_fds] = strdup(strempty(fs->fdname));
1194 if (!rfd_names[n_fds])
1195 return -ENOMEM;
1196
1197 rn_storage_fds++;
1198 n_fds++;
1199 }
1200
1201 rfd_names[n_fds] = NULL;
1202 }
1203
1204 *fds = rfds;
1205 *fd_names = rfd_names;
1206 *n_socket_fds = rn_socket_fds;
1207 *n_storage_fds = rn_storage_fds;
1208
1209 rfds = NULL;
1210 rfd_names = NULL;
1211
1212 return 0;
1213 }
1214
1215 static bool service_exec_needs_notify_socket(Service *s, ExecFlags flags) {
1216 assert(s);
1217
1218 /* Notifications are accepted depending on the process and
1219 * the access setting of the service:
1220 * process: \ access: NONE MAIN EXEC ALL
1221 * main no yes yes yes
1222 * control no no yes yes
1223 * other (forked) no no no yes */
1224
1225 if (flags & EXEC_IS_CONTROL)
1226 /* A control process */
1227 return IN_SET(s->notify_access, NOTIFY_EXEC, NOTIFY_ALL);
1228
1229 /* We only spawn main processes and control processes, so any
1230 * process that is not a control process is a main process */
1231 return s->notify_access != NOTIFY_NONE;
1232 }
1233
1234 static int service_spawn(
1235 Service *s,
1236 ExecCommand *c,
1237 usec_t timeout,
1238 ExecFlags flags,
1239 pid_t *_pid) {
1240
1241 ExecParameters exec_params = {
1242 .flags = flags,
1243 .stdin_fd = -1,
1244 .stdout_fd = -1,
1245 .stderr_fd = -1,
1246 };
1247 _cleanup_strv_free_ char **final_env = NULL, **our_env = NULL, **fd_names = NULL;
1248 unsigned n_storage_fds = 0, n_socket_fds = 0, n_env = 0;
1249 _cleanup_free_ int *fds = NULL;
1250 pid_t pid;
1251 int r;
1252
1253 assert(s);
1254 assert(c);
1255 assert(_pid);
1256
1257 r = unit_prepare_exec(UNIT(s));
1258 if (r < 0)
1259 return r;
1260
1261 if (flags & EXEC_IS_CONTROL) {
1262 /* If this is a control process, mask the permissions/chroot application if this is requested. */
1263 if (s->permissions_start_only)
1264 exec_params.flags &= ~EXEC_APPLY_SANDBOXING;
1265 if (s->root_directory_start_only)
1266 exec_params.flags &= ~EXEC_APPLY_CHROOT;
1267 }
1268
1269 if ((flags & EXEC_PASS_FDS) ||
1270 s->exec_context.std_input == EXEC_INPUT_SOCKET ||
1271 s->exec_context.std_output == EXEC_OUTPUT_SOCKET ||
1272 s->exec_context.std_error == EXEC_OUTPUT_SOCKET) {
1273
1274 r = service_collect_fds(s, &fds, &fd_names, &n_storage_fds, &n_socket_fds);
1275 if (r < 0)
1276 return r;
1277
1278 log_unit_debug(UNIT(s), "Passing %i fds to service", n_storage_fds + n_socket_fds);
1279 }
1280
1281 r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), timeout));
1282 if (r < 0)
1283 return r;
1284
1285 our_env = new0(char*, 9);
1286 if (!our_env)
1287 return -ENOMEM;
1288
1289 if (service_exec_needs_notify_socket(s, flags))
1290 if (asprintf(our_env + n_env++, "NOTIFY_SOCKET=%s", UNIT(s)->manager->notify_socket) < 0)
1291 return -ENOMEM;
1292
1293 if (s->main_pid > 0)
1294 if (asprintf(our_env + n_env++, "MAINPID="PID_FMT, s->main_pid) < 0)
1295 return -ENOMEM;
1296
1297 if (MANAGER_IS_USER(UNIT(s)->manager))
1298 if (asprintf(our_env + n_env++, "MANAGERPID="PID_FMT, getpid_cached()) < 0)
1299 return -ENOMEM;
1300
1301 if (s->socket_fd >= 0) {
1302 union sockaddr_union sa;
1303 socklen_t salen = sizeof(sa);
1304
1305 /* If this is a per-connection service instance, let's set $REMOTE_ADDR and $REMOTE_PORT to something
1306 * useful. Note that we do this only when we are still connected at this point in time, which we might
1307 * very well not be. Hence we ignore all errors when retrieving peer information (as that might result
1308 * in ENOTCONN), and just use whate we can use. */
1309
1310 if (getpeername(s->socket_fd, &sa.sa, &salen) >= 0 &&
1311 IN_SET(sa.sa.sa_family, AF_INET, AF_INET6, AF_VSOCK)) {
1312
1313 _cleanup_free_ char *addr = NULL;
1314 char *t;
1315 unsigned port;
1316
1317 r = sockaddr_pretty(&sa.sa, salen, true, false, &addr);
1318 if (r < 0)
1319 return r;
1320
1321 t = strappend("REMOTE_ADDR=", addr);
1322 if (!t)
1323 return -ENOMEM;
1324 our_env[n_env++] = t;
1325
1326 r = sockaddr_port(&sa.sa, &port);
1327 if (r < 0)
1328 return r;
1329
1330 if (asprintf(&t, "REMOTE_PORT=%u", port) < 0)
1331 return -ENOMEM;
1332 our_env[n_env++] = t;
1333 }
1334 }
1335
1336 if (flags & EXEC_SETENV_RESULT) {
1337 if (asprintf(our_env + n_env++, "SERVICE_RESULT=%s", service_result_to_string(s->result)) < 0)
1338 return -ENOMEM;
1339
1340 if (s->main_exec_status.pid > 0 &&
1341 dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
1342 if (asprintf(our_env + n_env++, "EXIT_CODE=%s", sigchld_code_to_string(s->main_exec_status.code)) < 0)
1343 return -ENOMEM;
1344
1345 if (s->main_exec_status.code == CLD_EXITED)
1346 r = asprintf(our_env + n_env++, "EXIT_STATUS=%i", s->main_exec_status.status);
1347 else
1348 r = asprintf(our_env + n_env++, "EXIT_STATUS=%s", signal_to_string(s->main_exec_status.status));
1349 if (r < 0)
1350 return -ENOMEM;
1351 }
1352 }
1353
1354 manager_set_exec_params(UNIT(s)->manager, &exec_params);
1355 unit_set_exec_params(UNIT(s), &exec_params);
1356
1357 final_env = strv_env_merge(2, exec_params.environment, our_env, NULL);
1358 if (!final_env)
1359 return -ENOMEM;
1360
1361 /* System services should get a new keyring by default. */
1362 SET_FLAG(exec_params.flags, EXEC_NEW_KEYRING, MANAGER_IS_SYSTEM(UNIT(s)->manager));
1363
1364 /* System D-Bus needs nss-systemd disabled, so that we don't deadlock */
1365 SET_FLAG(exec_params.flags, EXEC_NSS_BYPASS_BUS,
1366 MANAGER_IS_SYSTEM(UNIT(s)->manager) && unit_has_name(UNIT(s), SPECIAL_DBUS_SERVICE));
1367
1368 exec_params.argv = c->argv;
1369 exec_params.environment = final_env;
1370 exec_params.fds = fds;
1371 exec_params.fd_names = fd_names;
1372 exec_params.n_storage_fds = n_storage_fds;
1373 exec_params.n_socket_fds = n_socket_fds;
1374 exec_params.watchdog_usec = s->watchdog_usec;
1375 exec_params.selinux_context_net = s->socket_fd_selinux_context_net;
1376 if (s->type == SERVICE_IDLE)
1377 exec_params.idle_pipe = UNIT(s)->manager->idle_pipe;
1378 exec_params.stdin_fd = s->stdin_fd;
1379 exec_params.stdout_fd = s->stdout_fd;
1380 exec_params.stderr_fd = s->stderr_fd;
1381
1382 r = exec_spawn(UNIT(s),
1383 c,
1384 &s->exec_context,
1385 &exec_params,
1386 s->exec_runtime,
1387 &s->dynamic_creds,
1388 &pid);
1389 if (r < 0)
1390 return r;
1391
1392 r = unit_watch_pid(UNIT(s), pid);
1393 if (r < 0) /* FIXME: we need to do something here */
1394 return r;
1395
1396 *_pid = pid;
1397
1398 return 0;
1399 }
1400
1401 static int main_pid_good(Service *s) {
1402 assert(s);
1403
1404 /* Returns 0 if the pid is dead, > 0 if it is good, < 0 if we don't know */
1405
1406 /* If we know the pid file, then let's just check if it is
1407 * still valid */
1408 if (s->main_pid_known) {
1409
1410 /* If it's an alien child let's check if it is still
1411 * alive ... */
1412 if (s->main_pid_alien && s->main_pid > 0)
1413 return pid_is_alive(s->main_pid);
1414
1415 /* .. otherwise assume we'll get a SIGCHLD for it,
1416 * which we really should wait for to collect exit
1417 * status and code */
1418 return s->main_pid > 0;
1419 }
1420
1421 /* We don't know the pid */
1422 return -EAGAIN;
1423 }
1424
1425 static int control_pid_good(Service *s) {
1426 assert(s);
1427
1428 /* Returns 0 if the control PID is dead, > 0 if it is good. We never actually return < 0 here, but in order to
1429 * make this function as similar as possible to main_pid_good() and cgroup_good(), we pretend that < 0 also
1430 * means: we can't figure it out. */
1431
1432 return s->control_pid > 0;
1433 }
1434
1435 static int cgroup_good(Service *s) {
1436 int r;
1437
1438 assert(s);
1439
1440 /* Returns 0 if the cgroup is empty or doesn't exist, > 0 if it is exists and is populated, < 0 if we can't
1441 * figure it out */
1442
1443 if (!UNIT(s)->cgroup_path)
1444 return 0;
1445
1446 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, UNIT(s)->cgroup_path);
1447 if (r < 0)
1448 return r;
1449
1450 return r == 0;
1451 }
1452
1453 static bool service_shall_restart(Service *s) {
1454 assert(s);
1455
1456 /* Don't restart after manual stops */
1457 if (s->forbid_restart)
1458 return false;
1459
1460 /* Never restart if this is configured as special exception */
1461 if (exit_status_set_test(&s->restart_prevent_status, s->main_exec_status.code, s->main_exec_status.status))
1462 return false;
1463
1464 /* Restart if the exit code/status are configured as restart triggers */
1465 if (exit_status_set_test(&s->restart_force_status, s->main_exec_status.code, s->main_exec_status.status))
1466 return true;
1467
1468 switch (s->restart) {
1469
1470 case SERVICE_RESTART_NO:
1471 return false;
1472
1473 case SERVICE_RESTART_ALWAYS:
1474 return true;
1475
1476 case SERVICE_RESTART_ON_SUCCESS:
1477 return s->result == SERVICE_SUCCESS;
1478
1479 case SERVICE_RESTART_ON_FAILURE:
1480 return s->result != SERVICE_SUCCESS;
1481
1482 case SERVICE_RESTART_ON_ABNORMAL:
1483 return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_FAILURE_EXIT_CODE);
1484
1485 case SERVICE_RESTART_ON_WATCHDOG:
1486 return s->result == SERVICE_FAILURE_WATCHDOG;
1487
1488 case SERVICE_RESTART_ON_ABORT:
1489 return IN_SET(s->result, SERVICE_FAILURE_SIGNAL, SERVICE_FAILURE_CORE_DUMP);
1490
1491 default:
1492 assert_not_reached("unknown restart setting");
1493 }
1494 }
1495
1496 static bool service_will_restart(Unit *u) {
1497 Service *s = SERVICE(u);
1498
1499 assert(s);
1500
1501 if (s->will_auto_restart)
1502 return true;
1503 if (s->state == SERVICE_AUTO_RESTART)
1504 return true;
1505 if (!UNIT(s)->job)
1506 return false;
1507 if (UNIT(s)->job->type == JOB_START)
1508 return true;
1509 return false;
1510 }
1511
1512 static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) {
1513 int r;
1514
1515 assert(s);
1516
1517 /* If there's a stop job queued before we enter the DEAD state, we shouldn't act on Restart=, in order to not
1518 * undo what has already been enqueued. */
1519 if (unit_stop_pending(UNIT(s)))
1520 allow_restart = false;
1521
1522 if (s->result == SERVICE_SUCCESS)
1523 s->result = f;
1524
1525 if (s->result != SERVICE_SUCCESS)
1526 log_unit_warning(UNIT(s), "Failed with result '%s'.", service_result_to_string(s->result));
1527
1528 if (allow_restart && service_shall_restart(s))
1529 s->will_auto_restart = true;
1530
1531 /* Make sure service_release_resources() doesn't destroy our FD store, while we are changing through
1532 * SERVICE_FAILED/SERVICE_DEAD before entering into SERVICE_AUTO_RESTART. */
1533 s->n_keep_fd_store ++;
1534
1535 service_set_state(s, s->result != SERVICE_SUCCESS ? SERVICE_FAILED : SERVICE_DEAD);
1536
1537 if (s->will_auto_restart) {
1538 s->will_auto_restart = false;
1539
1540 r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
1541 if (r < 0) {
1542 s->n_keep_fd_store--;
1543 goto fail;
1544 }
1545
1546 service_set_state(s, SERVICE_AUTO_RESTART);
1547 } else
1548 /* If we shan't restart, then flush out the restart counter. But don't do that immediately, so that the
1549 * user can still introspect the counter. Do so on the next start. */
1550 s->flush_n_restarts = true;
1551
1552 /* The new state is in effect, let's decrease the fd store ref counter again. Let's also readd us to the GC
1553 * queue, so that the fd store is possibly gc'ed again */
1554 s->n_keep_fd_store--;
1555 unit_add_to_gc_queue(UNIT(s));
1556
1557 /* The next restart might not be a manual stop, hence reset the flag indicating manual stops */
1558 s->forbid_restart = false;
1559
1560 /* We want fresh tmpdirs in case service is started again immediately */
1561 exec_runtime_destroy(s->exec_runtime);
1562 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1563
1564 if (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
1565 (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !service_will_restart(UNIT(s))))
1566 /* Also, remove the runtime directory */
1567 exec_context_destroy_runtime_directory(&s->exec_context, UNIT(s)->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
1568
1569 /* Get rid of the IPC bits of the user */
1570 unit_unref_uid_gid(UNIT(s), true);
1571
1572 /* Release the user, and destroy it if we are the only remaining owner */
1573 dynamic_creds_destroy(&s->dynamic_creds);
1574
1575 /* Try to delete the pid file. At this point it will be
1576 * out-of-date, and some software might be confused by it, so
1577 * let's remove it. */
1578 if (s->pid_file)
1579 (void) unlink(s->pid_file);
1580
1581 return;
1582
1583 fail:
1584 log_unit_warning_errno(UNIT(s), r, "Failed to run install restart timer: %m");
1585 service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
1586 }
1587
1588 static void service_enter_stop_post(Service *s, ServiceResult f) {
1589 int r;
1590 assert(s);
1591
1592 if (s->result == SERVICE_SUCCESS)
1593 s->result = f;
1594
1595 service_unwatch_control_pid(s);
1596 unit_watch_all_pids(UNIT(s));
1597
1598 s->control_command = s->exec_command[SERVICE_EXEC_STOP_POST];
1599 if (s->control_command) {
1600 s->control_command_id = SERVICE_EXEC_STOP_POST;
1601
1602 r = service_spawn(s,
1603 s->control_command,
1604 s->timeout_stop_usec,
1605 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_IS_CONTROL|EXEC_SETENV_RESULT,
1606 &s->control_pid);
1607 if (r < 0)
1608 goto fail;
1609
1610 service_set_state(s, SERVICE_STOP_POST);
1611 } else
1612 service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_SUCCESS);
1613
1614 return;
1615
1616 fail:
1617 log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop-post' task: %m");
1618 service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
1619 }
1620
1621 static int state_to_kill_operation(ServiceState state) {
1622 switch (state) {
1623
1624 case SERVICE_STOP_SIGABRT:
1625 return KILL_ABORT;
1626
1627 case SERVICE_STOP_SIGTERM:
1628 case SERVICE_FINAL_SIGTERM:
1629 return KILL_TERMINATE;
1630
1631 case SERVICE_STOP_SIGKILL:
1632 case SERVICE_FINAL_SIGKILL:
1633 return KILL_KILL;
1634
1635 default:
1636 return _KILL_OPERATION_INVALID;
1637 }
1638 }
1639
1640 static void service_enter_signal(Service *s, ServiceState state, ServiceResult f) {
1641 int r;
1642
1643 assert(s);
1644
1645 if (s->result == SERVICE_SUCCESS)
1646 s->result = f;
1647
1648 unit_watch_all_pids(UNIT(s));
1649
1650 r = unit_kill_context(
1651 UNIT(s),
1652 &s->kill_context,
1653 state_to_kill_operation(state),
1654 s->main_pid,
1655 s->control_pid,
1656 s->main_pid_alien);
1657 if (r < 0)
1658 goto fail;
1659
1660 if (r > 0) {
1661 r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
1662 if (r < 0)
1663 goto fail;
1664
1665 service_set_state(s, state);
1666 } else if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM) && s->kill_context.send_sigkill)
1667 service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_SUCCESS);
1668 else if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
1669 service_enter_stop_post(s, SERVICE_SUCCESS);
1670 else if (state == SERVICE_FINAL_SIGTERM && s->kill_context.send_sigkill)
1671 service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_SUCCESS);
1672 else
1673 service_enter_dead(s, SERVICE_SUCCESS, true);
1674
1675 return;
1676
1677 fail:
1678 log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
1679
1680 if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
1681 service_enter_stop_post(s, SERVICE_FAILURE_RESOURCES);
1682 else
1683 service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
1684 }
1685
1686 static void service_enter_stop_by_notify(Service *s) {
1687 assert(s);
1688
1689 unit_watch_all_pids(UNIT(s));
1690
1691 service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
1692
1693 /* The service told us it's stopping, so it's as if we SIGTERM'd it. */
1694 service_set_state(s, SERVICE_STOP_SIGTERM);
1695 }
1696
1697 static void service_enter_stop(Service *s, ServiceResult f) {
1698 int r;
1699
1700 assert(s);
1701
1702 if (s->result == SERVICE_SUCCESS)
1703 s->result = f;
1704
1705 service_unwatch_control_pid(s);
1706 unit_watch_all_pids(UNIT(s));
1707
1708 s->control_command = s->exec_command[SERVICE_EXEC_STOP];
1709 if (s->control_command) {
1710 s->control_command_id = SERVICE_EXEC_STOP;
1711
1712 r = service_spawn(s,
1713 s->control_command,
1714 s->timeout_stop_usec,
1715 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_SETENV_RESULT,
1716 &s->control_pid);
1717 if (r < 0)
1718 goto fail;
1719
1720 service_set_state(s, SERVICE_STOP);
1721 } else
1722 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
1723
1724 return;
1725
1726 fail:
1727 log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop' task: %m");
1728 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
1729 }
1730
1731 static bool service_good(Service *s) {
1732 int main_pid_ok;
1733 assert(s);
1734
1735 if (s->type == SERVICE_DBUS && !s->bus_name_good)
1736 return false;
1737
1738 main_pid_ok = main_pid_good(s);
1739 if (main_pid_ok > 0) /* It's alive */
1740 return true;
1741 if (main_pid_ok == 0) /* It's dead */
1742 return false;
1743
1744 /* OK, we don't know anything about the main PID, maybe
1745 * because there is none. Let's check the control group
1746 * instead. */
1747
1748 return cgroup_good(s) != 0;
1749 }
1750
1751 static void service_enter_running(Service *s, ServiceResult f) {
1752 assert(s);
1753
1754 if (s->result == SERVICE_SUCCESS)
1755 s->result = f;
1756
1757 service_unwatch_control_pid(s);
1758
1759 if (service_good(s)) {
1760
1761 /* If there are any queued up sd_notify()
1762 * notifications, process them now */
1763 if (s->notify_state == NOTIFY_RELOADING)
1764 service_enter_reload_by_notify(s);
1765 else if (s->notify_state == NOTIFY_STOPPING)
1766 service_enter_stop_by_notify(s);
1767 else {
1768 service_set_state(s, SERVICE_RUNNING);
1769 service_arm_timer(s, usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec));
1770 }
1771
1772 } else if (f != SERVICE_SUCCESS)
1773 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
1774 else if (s->remain_after_exit)
1775 service_set_state(s, SERVICE_EXITED);
1776 else
1777 service_enter_stop(s, SERVICE_SUCCESS);
1778 }
1779
1780 static void service_enter_start_post(Service *s) {
1781 int r;
1782 assert(s);
1783
1784 service_unwatch_control_pid(s);
1785 service_reset_watchdog(s);
1786
1787 s->control_command = s->exec_command[SERVICE_EXEC_START_POST];
1788 if (s->control_command) {
1789 s->control_command_id = SERVICE_EXEC_START_POST;
1790
1791 r = service_spawn(s,
1792 s->control_command,
1793 s->timeout_start_usec,
1794 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL,
1795 &s->control_pid);
1796 if (r < 0)
1797 goto fail;
1798
1799 service_set_state(s, SERVICE_START_POST);
1800 } else
1801 service_enter_running(s, SERVICE_SUCCESS);
1802
1803 return;
1804
1805 fail:
1806 log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-post' task: %m");
1807 service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
1808 }
1809
1810 static void service_kill_control_process(Service *s) {
1811 int r;
1812
1813 assert(s);
1814
1815 if (s->control_pid <= 0)
1816 return;
1817
1818 r = kill_and_sigcont(s->control_pid, SIGKILL);
1819 if (r < 0) {
1820 _cleanup_free_ char *comm = NULL;
1821
1822 (void) get_process_comm(s->control_pid, &comm);
1823
1824 log_unit_debug_errno(UNIT(s), r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m",
1825 s->control_pid, strna(comm));
1826 }
1827 }
1828
1829 static void service_enter_start(Service *s) {
1830 ExecCommand *c;
1831 usec_t timeout;
1832 pid_t pid;
1833 int r;
1834
1835 assert(s);
1836
1837 service_unwatch_control_pid(s);
1838 service_unwatch_main_pid(s);
1839
1840 unit_warn_leftover_processes(UNIT(s));
1841
1842 if (s->type == SERVICE_FORKING) {
1843 s->control_command_id = SERVICE_EXEC_START;
1844 c = s->control_command = s->exec_command[SERVICE_EXEC_START];
1845
1846 s->main_command = NULL;
1847 } else {
1848 s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
1849 s->control_command = NULL;
1850
1851 c = s->main_command = s->exec_command[SERVICE_EXEC_START];
1852 }
1853
1854 if (!c) {
1855 if (s->type != SERVICE_ONESHOT) {
1856 /* There's no command line configured for the main command? Hmm, that is strange. This can only
1857 * happen if the configuration changes at runtime. In this case, let's enter a failure
1858 * state. */
1859 log_unit_error(UNIT(s), "There's no 'start' task anymore we could start: %m");
1860 r = -ENXIO;
1861 goto fail;
1862 }
1863
1864 service_enter_start_post(s);
1865 return;
1866 }
1867
1868 if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE))
1869 /* For simple + idle this is the main process. We don't apply any timeout here, but
1870 * service_enter_running() will later apply the .runtime_max_usec timeout. */
1871 timeout = USEC_INFINITY;
1872 else
1873 timeout = s->timeout_start_usec;
1874
1875 r = service_spawn(s,
1876 c,
1877 timeout,
1878 EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
1879 &pid);
1880 if (r < 0)
1881 goto fail;
1882
1883 if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE)) {
1884 /* For simple services we immediately start
1885 * the START_POST binaries. */
1886
1887 service_set_main_pid(s, pid);
1888 service_enter_start_post(s);
1889
1890 } else if (s->type == SERVICE_FORKING) {
1891
1892 /* For forking services we wait until the start
1893 * process exited. */
1894
1895 s->control_pid = pid;
1896 service_set_state(s, SERVICE_START);
1897
1898 } else if (IN_SET(s->type, SERVICE_ONESHOT, SERVICE_DBUS, SERVICE_NOTIFY)) {
1899
1900 /* For oneshot services we wait until the start
1901 * process exited, too, but it is our main process. */
1902
1903 /* For D-Bus services we know the main pid right away,
1904 * but wait for the bus name to appear on the
1905 * bus. Notify services are similar. */
1906
1907 service_set_main_pid(s, pid);
1908 service_set_state(s, SERVICE_START);
1909 } else
1910 assert_not_reached("Unknown service type");
1911
1912 return;
1913
1914 fail:
1915 log_unit_warning_errno(UNIT(s), r, "Failed to run 'start' task: %m");
1916 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
1917 }
1918
1919 static void service_enter_start_pre(Service *s) {
1920 int r;
1921
1922 assert(s);
1923
1924 service_unwatch_control_pid(s);
1925
1926 s->control_command = s->exec_command[SERVICE_EXEC_START_PRE];
1927 if (s->control_command) {
1928
1929 unit_warn_leftover_processes(UNIT(s));
1930
1931 s->control_command_id = SERVICE_EXEC_START_PRE;
1932
1933 r = service_spawn(s,
1934 s->control_command,
1935 s->timeout_start_usec,
1936 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN,
1937 &s->control_pid);
1938 if (r < 0)
1939 goto fail;
1940
1941 service_set_state(s, SERVICE_START_PRE);
1942 } else
1943 service_enter_start(s);
1944
1945 return;
1946
1947 fail:
1948 log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-pre' task: %m");
1949 service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
1950 }
1951
1952 static void service_enter_restart(Service *s) {
1953 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1954 int r;
1955
1956 assert(s);
1957
1958 if (UNIT(s)->job && UNIT(s)->job->type == JOB_STOP) {
1959 /* Don't restart things if we are going down anyway */
1960 log_unit_info(UNIT(s), "Stop job pending for unit, delaying automatic restart.");
1961
1962 r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
1963 if (r < 0)
1964 goto fail;
1965
1966 return;
1967 }
1968
1969 /* Any units that are bound to this service must also be
1970 * restarted. We use JOB_RESTART (instead of the more obvious
1971 * JOB_START) here so that those dependency jobs will be added
1972 * as well. */
1973 r = manager_add_job(UNIT(s)->manager, JOB_RESTART, UNIT(s), JOB_FAIL, &error, NULL);
1974 if (r < 0)
1975 goto fail;
1976
1977 /* Count the jobs we enqueue for restarting. This counter is maintained as long as the unit isn't fully
1978 * stopped, i.e. as long as it remains up or remains in auto-start states. The use can reset the counter
1979 * explicitly however via the usual "systemctl reset-failure" logic. */
1980 s->n_restarts ++;
1981 s->flush_n_restarts = false;
1982
1983 log_struct(LOG_INFO,
1984 "MESSAGE_ID=" SD_MESSAGE_UNIT_RESTART_SCHEDULED_STR,
1985 LOG_UNIT_ID(UNIT(s)),
1986 LOG_UNIT_INVOCATION_ID(UNIT(s)),
1987 LOG_UNIT_MESSAGE(UNIT(s), "Scheduled restart job, restart counter is at %u.", s->n_restarts),
1988 "N_RESTARTS=%u", s->n_restarts,
1989 NULL);
1990
1991 /* Notify clients about changed restart counter */
1992 unit_add_to_dbus_queue(UNIT(s));
1993
1994 /* Note that we stay in the SERVICE_AUTO_RESTART state here,
1995 * it will be canceled as part of the service_stop() call that
1996 * is executed as part of JOB_RESTART. */
1997
1998 return;
1999
2000 fail:
2001 log_unit_warning(UNIT(s), "Failed to schedule restart job: %s", bus_error_message(&error, -r));
2002 service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
2003 }
2004
2005 static void service_enter_reload_by_notify(Service *s) {
2006 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2007 int r;
2008
2009 assert(s);
2010
2011 service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_start_usec));
2012 service_set_state(s, SERVICE_RELOAD);
2013
2014 /* service_enter_reload_by_notify is never called during a reload, thus no loops are possible. */
2015 r = manager_propagate_reload(UNIT(s)->manager, UNIT(s), JOB_FAIL, &error);
2016 if (r < 0)
2017 log_unit_warning(UNIT(s), "Failed to schedule propagation of reload: %s", bus_error_message(&error, -r));
2018 }
2019
2020 static void service_enter_reload(Service *s) {
2021 int r;
2022
2023 assert(s);
2024
2025 service_unwatch_control_pid(s);
2026 s->reload_result = SERVICE_SUCCESS;
2027
2028 s->control_command = s->exec_command[SERVICE_EXEC_RELOAD];
2029 if (s->control_command) {
2030 s->control_command_id = SERVICE_EXEC_RELOAD;
2031
2032 r = service_spawn(s,
2033 s->control_command,
2034 s->timeout_start_usec,
2035 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL,
2036 &s->control_pid);
2037 if (r < 0)
2038 goto fail;
2039
2040 service_set_state(s, SERVICE_RELOAD);
2041 } else
2042 service_enter_running(s, SERVICE_SUCCESS);
2043
2044 return;
2045
2046 fail:
2047 log_unit_warning_errno(UNIT(s), r, "Failed to run 'reload' task: %m");
2048 s->reload_result = SERVICE_FAILURE_RESOURCES;
2049 service_enter_running(s, SERVICE_SUCCESS);
2050 }
2051
2052 static void service_run_next_control(Service *s) {
2053 usec_t timeout;
2054 int r;
2055
2056 assert(s);
2057 assert(s->control_command);
2058 assert(s->control_command->command_next);
2059
2060 assert(s->control_command_id != SERVICE_EXEC_START);
2061
2062 s->control_command = s->control_command->command_next;
2063 service_unwatch_control_pid(s);
2064
2065 if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
2066 timeout = s->timeout_start_usec;
2067 else
2068 timeout = s->timeout_stop_usec;
2069
2070 r = service_spawn(s,
2071 s->control_command,
2072 timeout,
2073 EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|
2074 (IN_SET(s->control_command_id, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)|
2075 (IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0),
2076 &s->control_pid);
2077 if (r < 0)
2078 goto fail;
2079
2080 return;
2081
2082 fail:
2083 log_unit_warning_errno(UNIT(s), r, "Failed to run next control task: %m");
2084
2085 if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START_POST, SERVICE_STOP))
2086 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
2087 else if (s->state == SERVICE_STOP_POST)
2088 service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
2089 else if (s->state == SERVICE_RELOAD) {
2090 s->reload_result = SERVICE_FAILURE_RESOURCES;
2091 service_enter_running(s, SERVICE_SUCCESS);
2092 } else
2093 service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
2094 }
2095
2096 static void service_run_next_main(Service *s) {
2097 pid_t pid;
2098 int r;
2099
2100 assert(s);
2101 assert(s->main_command);
2102 assert(s->main_command->command_next);
2103 assert(s->type == SERVICE_ONESHOT);
2104
2105 s->main_command = s->main_command->command_next;
2106 service_unwatch_main_pid(s);
2107
2108 r = service_spawn(s,
2109 s->main_command,
2110 s->timeout_start_usec,
2111 EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
2112 &pid);
2113 if (r < 0)
2114 goto fail;
2115
2116 service_set_main_pid(s, pid);
2117
2118 return;
2119
2120 fail:
2121 log_unit_warning_errno(UNIT(s), r, "Failed to run next main task: %m");
2122 service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
2123 }
2124
2125 static int service_start(Unit *u) {
2126 Service *s = SERVICE(u);
2127 int r;
2128
2129 assert(s);
2130
2131 /* We cannot fulfill this request right now, try again later
2132 * please! */
2133 if (IN_SET(s->state,
2134 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
2135 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))
2136 return -EAGAIN;
2137
2138 /* Already on it! */
2139 if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST))
2140 return 0;
2141
2142 /* A service that will be restarted must be stopped first to
2143 * trigger BindsTo and/or OnFailure dependencies. If a user
2144 * does not want to wait for the holdoff time to elapse, the
2145 * service should be manually restarted, not started. We
2146 * simply return EAGAIN here, so that any start jobs stay
2147 * queued, and assume that the auto restart timer will
2148 * eventually trigger the restart. */
2149 if (s->state == SERVICE_AUTO_RESTART)
2150 return -EAGAIN;
2151
2152 assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED));
2153
2154 /* Make sure we don't enter a busy loop of some kind. */
2155 r = unit_start_limit_test(u);
2156 if (r < 0) {
2157 service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false);
2158 return r;
2159 }
2160
2161 r = unit_acquire_invocation_id(u);
2162 if (r < 0)
2163 return r;
2164
2165 s->result = SERVICE_SUCCESS;
2166 s->reload_result = SERVICE_SUCCESS;
2167 s->main_pid_known = false;
2168 s->main_pid_alien = false;
2169 s->forbid_restart = false;
2170
2171 u->reset_accounting = true;
2172
2173 s->status_text = mfree(s->status_text);
2174 s->status_errno = 0;
2175
2176 s->notify_state = NOTIFY_UNKNOWN;
2177
2178 s->watchdog_override_enable = false;
2179 s->watchdog_override_usec = 0;
2180
2181 /* This is not an automatic restart? Flush the restart counter then */
2182 if (s->flush_n_restarts) {
2183 s->n_restarts = 0;
2184 s->flush_n_restarts = false;
2185 }
2186
2187 service_enter_start_pre(s);
2188 return 1;
2189 }
2190
2191 static int service_stop(Unit *u) {
2192 Service *s = SERVICE(u);
2193
2194 assert(s);
2195
2196 /* Don't create restart jobs from manual stops. */
2197 s->forbid_restart = true;
2198
2199 /* Already on it */
2200 if (IN_SET(s->state,
2201 SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
2202 SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))
2203 return 0;
2204
2205 /* A restart will be scheduled or is in progress. */
2206 if (s->state == SERVICE_AUTO_RESTART) {
2207 service_set_state(s, SERVICE_DEAD);
2208 return 0;
2209 }
2210
2211 /* If there's already something running we go directly into
2212 * kill mode. */
2213 if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RELOAD)) {
2214 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
2215 return 0;
2216 }
2217
2218 assert(IN_SET(s->state, SERVICE_RUNNING, SERVICE_EXITED));
2219
2220 service_enter_stop(s, SERVICE_SUCCESS);
2221 return 1;
2222 }
2223
2224 static int service_reload(Unit *u) {
2225 Service *s = SERVICE(u);
2226
2227 assert(s);
2228
2229 assert(IN_SET(s->state, SERVICE_RUNNING, SERVICE_EXITED));
2230
2231 service_enter_reload(s);
2232 return 1;
2233 }
2234
2235 _pure_ static bool service_can_reload(Unit *u) {
2236 Service *s = SERVICE(u);
2237
2238 assert(s);
2239
2240 return !!s->exec_command[SERVICE_EXEC_RELOAD];
2241 }
2242
2243 static unsigned service_exec_command_index(Unit *u, ServiceExecCommand id, ExecCommand *current) {
2244 Service *s = SERVICE(u);
2245 unsigned idx = 0;
2246 ExecCommand *first, *c;
2247
2248 assert(s);
2249
2250 first = s->exec_command[id];
2251
2252 /* Figure out where we are in the list by walking back to the beginning */
2253 for (c = current; c != first; c = c->command_prev)
2254 idx++;
2255
2256 return idx;
2257 }
2258
2259 static int service_serialize_exec_command(Unit *u, FILE *f, ExecCommand *command) {
2260 Service *s = SERVICE(u);
2261 ServiceExecCommand id;
2262 unsigned idx;
2263 const char *type;
2264 char **arg;
2265 _cleanup_free_ char *args = NULL, *p = NULL;
2266 size_t allocated = 0, length = 0;
2267
2268 assert(s);
2269 assert(f);
2270
2271 if (!command)
2272 return 0;
2273
2274 if (command == s->control_command) {
2275 type = "control";
2276 id = s->control_command_id;
2277 } else {
2278 type = "main";
2279 id = SERVICE_EXEC_START;
2280 }
2281
2282 idx = service_exec_command_index(u, id, command);
2283
2284 STRV_FOREACH(arg, command->argv) {
2285 size_t n;
2286 _cleanup_free_ char *e = NULL;
2287
2288 e = xescape(*arg, WHITESPACE);
2289 if (!e)
2290 return -ENOMEM;
2291
2292 n = strlen(e);
2293 if (!GREEDY_REALLOC(args, allocated, length + 1 + n + 1))
2294 return -ENOMEM;
2295
2296 if (length > 0)
2297 args[length++] = ' ';
2298
2299 memcpy(args + length, e, n);
2300 length += n;
2301 }
2302
2303 if (!GREEDY_REALLOC(args, allocated, length + 1))
2304 return -ENOMEM;
2305 args[length++] = 0;
2306
2307 p = xescape(command->path, WHITESPACE);
2308 if (!p)
2309 return -ENOMEM;
2310
2311 fprintf(f, "%s-command=%s %u %s %s\n", type, service_exec_command_to_string(id), idx, p, args);
2312
2313 return 0;
2314 }
2315
2316 static int service_serialize(Unit *u, FILE *f, FDSet *fds) {
2317 Service *s = SERVICE(u);
2318 ServiceFDStore *fs;
2319 int r;
2320
2321 assert(u);
2322 assert(f);
2323 assert(fds);
2324
2325 unit_serialize_item(u, f, "state", service_state_to_string(s->state));
2326 unit_serialize_item(u, f, "result", service_result_to_string(s->result));
2327 unit_serialize_item(u, f, "reload-result", service_result_to_string(s->reload_result));
2328
2329 if (s->control_pid > 0)
2330 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
2331
2332 if (s->main_pid_known && s->main_pid > 0)
2333 unit_serialize_item_format(u, f, "main-pid", PID_FMT, s->main_pid);
2334
2335 unit_serialize_item(u, f, "main-pid-known", yes_no(s->main_pid_known));
2336 unit_serialize_item(u, f, "bus-name-good", yes_no(s->bus_name_good));
2337 unit_serialize_item(u, f, "bus-name-owner", s->bus_name_owner);
2338
2339 unit_serialize_item_format(u, f, "n-restarts", "%u", s->n_restarts);
2340 unit_serialize_item(u, f, "flush-n-restarts", yes_no(s->flush_n_restarts));
2341
2342 r = unit_serialize_item_escaped(u, f, "status-text", s->status_text);
2343 if (r < 0)
2344 return r;
2345
2346 service_serialize_exec_command(u, f, s->control_command);
2347 service_serialize_exec_command(u, f, s->main_command);
2348
2349 r = unit_serialize_item_fd(u, f, fds, "stdin-fd", s->stdin_fd);
2350 if (r < 0)
2351 return r;
2352 r = unit_serialize_item_fd(u, f, fds, "stdout-fd", s->stdout_fd);
2353 if (r < 0)
2354 return r;
2355 r = unit_serialize_item_fd(u, f, fds, "stderr-fd", s->stderr_fd);
2356 if (r < 0)
2357 return r;
2358
2359 if (UNIT_ISSET(s->accept_socket)) {
2360 r = unit_serialize_item(u, f, "accept-socket", UNIT_DEREF(s->accept_socket)->id);
2361 if (r < 0)
2362 return r;
2363 }
2364
2365 r = unit_serialize_item_fd(u, f, fds, "socket-fd", s->socket_fd);
2366 if (r < 0)
2367 return r;
2368
2369 LIST_FOREACH(fd_store, fs, s->fd_store) {
2370 _cleanup_free_ char *c = NULL;
2371 int copy;
2372
2373 copy = fdset_put_dup(fds, fs->fd);
2374 if (copy < 0)
2375 return copy;
2376
2377 c = cescape(fs->fdname);
2378
2379 unit_serialize_item_format(u, f, "fd-store-fd", "%i %s", copy, strempty(c));
2380 }
2381
2382 if (s->main_exec_status.pid > 0) {
2383 unit_serialize_item_format(u, f, "main-exec-status-pid", PID_FMT, s->main_exec_status.pid);
2384 dual_timestamp_serialize(f, "main-exec-status-start", &s->main_exec_status.start_timestamp);
2385 dual_timestamp_serialize(f, "main-exec-status-exit", &s->main_exec_status.exit_timestamp);
2386
2387 if (dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
2388 unit_serialize_item_format(u, f, "main-exec-status-code", "%i", s->main_exec_status.code);
2389 unit_serialize_item_format(u, f, "main-exec-status-status", "%i", s->main_exec_status.status);
2390 }
2391 }
2392
2393 dual_timestamp_serialize(f, "watchdog-timestamp", &s->watchdog_timestamp);
2394
2395 unit_serialize_item(u, f, "forbid-restart", yes_no(s->forbid_restart));
2396
2397 if (s->watchdog_override_enable)
2398 unit_serialize_item_format(u, f, "watchdog-override-usec", USEC_FMT, s->watchdog_override_usec);
2399
2400 return 0;
2401 }
2402
2403 static int service_deserialize_exec_command(Unit *u, const char *key, const char *value) {
2404 Service *s = SERVICE(u);
2405 int r;
2406 unsigned idx = 0, i;
2407 bool control, found = false;
2408 ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID;
2409 ExecCommand *command = NULL;
2410 _cleanup_free_ char *path = NULL;
2411 _cleanup_strv_free_ char **argv = NULL;
2412
2413 enum ExecCommandState {
2414 STATE_EXEC_COMMAND_TYPE,
2415 STATE_EXEC_COMMAND_INDEX,
2416 STATE_EXEC_COMMAND_PATH,
2417 STATE_EXEC_COMMAND_ARGS,
2418 _STATE_EXEC_COMMAND_MAX,
2419 _STATE_EXEC_COMMAND_INVALID = -1,
2420 } state;
2421
2422 assert(s);
2423 assert(key);
2424 assert(value);
2425
2426 control = streq(key, "control-command");
2427
2428 state = STATE_EXEC_COMMAND_TYPE;
2429
2430 for (;;) {
2431 _cleanup_free_ char *arg = NULL;
2432
2433 r = extract_first_word(&value, &arg, NULL, EXTRACT_CUNESCAPE);
2434 if (r == 0)
2435 break;
2436 else if (r < 0)
2437 return r;
2438
2439 switch (state) {
2440 case STATE_EXEC_COMMAND_TYPE:
2441 id = service_exec_command_from_string(arg);
2442 if (id < 0)
2443 return -EINVAL;
2444
2445 state = STATE_EXEC_COMMAND_INDEX;
2446 break;
2447 case STATE_EXEC_COMMAND_INDEX:
2448 r = safe_atou(arg, &idx);
2449 if (r < 0)
2450 return -EINVAL;
2451
2452 state = STATE_EXEC_COMMAND_PATH;
2453 break;
2454 case STATE_EXEC_COMMAND_PATH:
2455 path = arg;
2456 arg = NULL;
2457 state = STATE_EXEC_COMMAND_ARGS;
2458
2459 if (!path_is_absolute(path))
2460 return -EINVAL;
2461 break;
2462 case STATE_EXEC_COMMAND_ARGS:
2463 r = strv_extend(&argv, arg);
2464 if (r < 0)
2465 return -ENOMEM;
2466 break;
2467 default:
2468 assert_not_reached("Unknown error at deserialization of exec command");
2469 break;
2470 }
2471 }
2472
2473 if (state != STATE_EXEC_COMMAND_ARGS)
2474 return -EINVAL;
2475
2476 /* Let's check whether exec command on given offset matches data that we just deserialized */
2477 for (command = s->exec_command[id], i = 0; command; command = command->command_next, i++) {
2478 if (i != idx)
2479 continue;
2480
2481 found = strv_equal(argv, command->argv) && streq(command->path, path);
2482 break;
2483 }
2484
2485 if (!found) {
2486 /* Command at the index we serialized is different, let's look for command that exactly
2487 * matches but is on different index. If there is no such command we will not resume execution. */
2488 for (command = s->exec_command[id]; command; command = command->command_next)
2489 if (strv_equal(command->argv, argv) && streq(command->path, path))
2490 break;
2491 }
2492
2493 if (command && control)
2494 s->control_command = command;
2495 else if (command)
2496 s->main_command = command;
2497 else
2498 log_unit_warning(u, "Current command vanished from the unit file, execution of the command list won't be resumed.");
2499
2500 return 0;
2501 }
2502
2503 static int service_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
2504 Service *s = SERVICE(u);
2505 int r;
2506
2507 assert(u);
2508 assert(key);
2509 assert(value);
2510 assert(fds);
2511
2512 if (streq(key, "state")) {
2513 ServiceState state;
2514
2515 state = service_state_from_string(value);
2516 if (state < 0)
2517 log_unit_debug(u, "Failed to parse state value: %s", value);
2518 else
2519 s->deserialized_state = state;
2520 } else if (streq(key, "result")) {
2521 ServiceResult f;
2522
2523 f = service_result_from_string(value);
2524 if (f < 0)
2525 log_unit_debug(u, "Failed to parse result value: %s", value);
2526 else if (f != SERVICE_SUCCESS)
2527 s->result = f;
2528
2529 } else if (streq(key, "reload-result")) {
2530 ServiceResult f;
2531
2532 f = service_result_from_string(value);
2533 if (f < 0)
2534 log_unit_debug(u, "Failed to parse reload result value: %s", value);
2535 else if (f != SERVICE_SUCCESS)
2536 s->reload_result = f;
2537
2538 } else if (streq(key, "control-pid")) {
2539 pid_t pid;
2540
2541 if (parse_pid(value, &pid) < 0)
2542 log_unit_debug(u, "Failed to parse control-pid value: %s", value);
2543 else
2544 s->control_pid = pid;
2545 } else if (streq(key, "main-pid")) {
2546 pid_t pid;
2547
2548 if (parse_pid(value, &pid) < 0)
2549 log_unit_debug(u, "Failed to parse main-pid value: %s", value);
2550 else {
2551 service_set_main_pid(s, pid);
2552 unit_watch_pid(UNIT(s), pid);
2553 }
2554 } else if (streq(key, "main-pid-known")) {
2555 int b;
2556
2557 b = parse_boolean(value);
2558 if (b < 0)
2559 log_unit_debug(u, "Failed to parse main-pid-known value: %s", value);
2560 else
2561 s->main_pid_known = b;
2562 } else if (streq(key, "bus-name-good")) {
2563 int b;
2564
2565 b = parse_boolean(value);
2566 if (b < 0)
2567 log_unit_debug(u, "Failed to parse bus-name-good value: %s", value);
2568 else
2569 s->bus_name_good = b;
2570 } else if (streq(key, "bus-name-owner")) {
2571 r = free_and_strdup(&s->bus_name_owner, value);
2572 if (r < 0)
2573 log_unit_error_errno(u, r, "Unable to deserialize current bus owner %s: %m", value);
2574 } else if (streq(key, "status-text")) {
2575 char *t;
2576
2577 r = cunescape(value, 0, &t);
2578 if (r < 0)
2579 log_unit_debug_errno(u, r, "Failed to unescape status text: %s", value);
2580 else {
2581 free(s->status_text);
2582 s->status_text = t;
2583 }
2584
2585 } else if (streq(key, "accept-socket")) {
2586 Unit *socket;
2587
2588 r = manager_load_unit(u->manager, value, NULL, NULL, &socket);
2589 if (r < 0)
2590 log_unit_debug_errno(u, r, "Failed to load accept-socket unit: %s", value);
2591 else {
2592 unit_ref_set(&s->accept_socket, socket);
2593 SOCKET(socket)->n_connections++;
2594 }
2595
2596 } else if (streq(key, "socket-fd")) {
2597 int fd;
2598
2599 if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2600 log_unit_debug(u, "Failed to parse socket-fd value: %s", value);
2601 else {
2602 asynchronous_close(s->socket_fd);
2603 s->socket_fd = fdset_remove(fds, fd);
2604 }
2605 } else if (streq(key, "fd-store-fd")) {
2606 const char *fdv;
2607 size_t pf;
2608 int fd;
2609
2610 pf = strcspn(value, WHITESPACE);
2611 fdv = strndupa(value, pf);
2612
2613 if (safe_atoi(fdv, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2614 log_unit_debug(u, "Failed to parse fd-store-fd value: %s", value);
2615 else {
2616 _cleanup_free_ char *t = NULL;
2617 const char *fdn;
2618
2619 fdn = value + pf;
2620 fdn += strspn(fdn, WHITESPACE);
2621 (void) cunescape(fdn, 0, &t);
2622
2623 r = service_add_fd_store(s, fd, t);
2624 if (r < 0)
2625 log_unit_error_errno(u, r, "Failed to add fd to store: %m");
2626 else
2627 fdset_remove(fds, fd);
2628 }
2629
2630 } else if (streq(key, "main-exec-status-pid")) {
2631 pid_t pid;
2632
2633 if (parse_pid(value, &pid) < 0)
2634 log_unit_debug(u, "Failed to parse main-exec-status-pid value: %s", value);
2635 else
2636 s->main_exec_status.pid = pid;
2637 } else if (streq(key, "main-exec-status-code")) {
2638 int i;
2639
2640 if (safe_atoi(value, &i) < 0)
2641 log_unit_debug(u, "Failed to parse main-exec-status-code value: %s", value);
2642 else
2643 s->main_exec_status.code = i;
2644 } else if (streq(key, "main-exec-status-status")) {
2645 int i;
2646
2647 if (safe_atoi(value, &i) < 0)
2648 log_unit_debug(u, "Failed to parse main-exec-status-status value: %s", value);
2649 else
2650 s->main_exec_status.status = i;
2651 } else if (streq(key, "main-exec-status-start"))
2652 dual_timestamp_deserialize(value, &s->main_exec_status.start_timestamp);
2653 else if (streq(key, "main-exec-status-exit"))
2654 dual_timestamp_deserialize(value, &s->main_exec_status.exit_timestamp);
2655 else if (streq(key, "watchdog-timestamp"))
2656 dual_timestamp_deserialize(value, &s->watchdog_timestamp);
2657 else if (streq(key, "forbid-restart")) {
2658 int b;
2659
2660 b = parse_boolean(value);
2661 if (b < 0)
2662 log_unit_debug(u, "Failed to parse forbid-restart value: %s", value);
2663 else
2664 s->forbid_restart = b;
2665 } else if (streq(key, "stdin-fd")) {
2666 int fd;
2667
2668 if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2669 log_unit_debug(u, "Failed to parse stdin-fd value: %s", value);
2670 else {
2671 asynchronous_close(s->stdin_fd);
2672 s->stdin_fd = fdset_remove(fds, fd);
2673 s->exec_context.stdio_as_fds = true;
2674 }
2675 } else if (streq(key, "stdout-fd")) {
2676 int fd;
2677
2678 if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2679 log_unit_debug(u, "Failed to parse stdout-fd value: %s", value);
2680 else {
2681 asynchronous_close(s->stdout_fd);
2682 s->stdout_fd = fdset_remove(fds, fd);
2683 s->exec_context.stdio_as_fds = true;
2684 }
2685 } else if (streq(key, "stderr-fd")) {
2686 int fd;
2687
2688 if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2689 log_unit_debug(u, "Failed to parse stderr-fd value: %s", value);
2690 else {
2691 asynchronous_close(s->stderr_fd);
2692 s->stderr_fd = fdset_remove(fds, fd);
2693 s->exec_context.stdio_as_fds = true;
2694 }
2695 } else if (streq(key, "watchdog-override-usec")) {
2696 usec_t watchdog_override_usec;
2697 if (timestamp_deserialize(value, &watchdog_override_usec) < 0)
2698 log_unit_debug(u, "Failed to parse watchdog_override_usec value: %s", value);
2699 else {
2700 s->watchdog_override_enable = true;
2701 s->watchdog_override_usec = watchdog_override_usec;
2702 }
2703 } else if (STR_IN_SET(key, "main-command", "control-command")) {
2704 r = service_deserialize_exec_command(u, key, value);
2705 if (r < 0)
2706 log_unit_debug_errno(u, r, "Failed to parse serialized command \"%s\": %m", value);
2707
2708 } else if (streq(key, "n-restarts")) {
2709 r = safe_atou(value, &s->n_restarts);
2710 if (r < 0)
2711 log_unit_debug_errno(u, r, "Failed to parse serialized restart counter '%s': %m", value);
2712
2713 } else if (streq(key, "flush-n-restarts")) {
2714 r = parse_boolean(value);
2715 if (r < 0)
2716 log_unit_debug_errno(u, r, "Failed to parse serialized flush restart counter setting '%s': %m", value);
2717 else
2718 s->flush_n_restarts = r;
2719 } else
2720 log_unit_debug(u, "Unknown serialization key: %s", key);
2721
2722 return 0;
2723 }
2724
2725 _pure_ static UnitActiveState service_active_state(Unit *u) {
2726 const UnitActiveState *table;
2727
2728 assert(u);
2729
2730 table = SERVICE(u)->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
2731
2732 return table[SERVICE(u)->state];
2733 }
2734
2735 static const char *service_sub_state_to_string(Unit *u) {
2736 assert(u);
2737
2738 return service_state_to_string(SERVICE(u)->state);
2739 }
2740
2741 static bool service_check_gc(Unit *u) {
2742 Service *s = SERVICE(u);
2743
2744 assert(s);
2745
2746 /* Never clean up services that still have a process around, even if the service is formally dead. Note that
2747 * unit_check_gc() already checked our cgroup for us, we just check our two additional PIDs, too, in case they
2748 * have moved outside of the cgroup. */
2749
2750 if (main_pid_good(s) > 0 ||
2751 control_pid_good(s) > 0)
2752 return true;
2753
2754 return false;
2755 }
2756
2757 static int service_retry_pid_file(Service *s) {
2758 int r;
2759
2760 assert(s->pid_file);
2761 assert(IN_SET(s->state, SERVICE_START, SERVICE_START_POST));
2762
2763 r = service_load_pid_file(s, false);
2764 if (r < 0)
2765 return r;
2766
2767 service_unwatch_pid_file(s);
2768
2769 service_enter_running(s, SERVICE_SUCCESS);
2770 return 0;
2771 }
2772
2773 static int service_watch_pid_file(Service *s) {
2774 int r;
2775
2776 log_unit_debug(UNIT(s), "Setting watch for PID file %s", s->pid_file_pathspec->path);
2777
2778 r = path_spec_watch(s->pid_file_pathspec, service_dispatch_io);
2779 if (r < 0)
2780 goto fail;
2781
2782 /* the pidfile might have appeared just before we set the watch */
2783 log_unit_debug(UNIT(s), "Trying to read PID file %s in case it changed", s->pid_file_pathspec->path);
2784 service_retry_pid_file(s);
2785
2786 return 0;
2787 fail:
2788 log_unit_error_errno(UNIT(s), r, "Failed to set a watch for PID file %s: %m", s->pid_file_pathspec->path);
2789 service_unwatch_pid_file(s);
2790 return r;
2791 }
2792
2793 static int service_demand_pid_file(Service *s) {
2794 PathSpec *ps;
2795
2796 assert(s->pid_file);
2797 assert(!s->pid_file_pathspec);
2798
2799 ps = new0(PathSpec, 1);
2800 if (!ps)
2801 return -ENOMEM;
2802
2803 ps->unit = UNIT(s);
2804 ps->path = strdup(s->pid_file);
2805 if (!ps->path) {
2806 free(ps);
2807 return -ENOMEM;
2808 }
2809
2810 path_kill_slashes(ps->path);
2811
2812 /* PATH_CHANGED would not be enough. There are daemons (sendmail) that
2813 * keep their PID file open all the time. */
2814 ps->type = PATH_MODIFIED;
2815 ps->inotify_fd = -1;
2816
2817 s->pid_file_pathspec = ps;
2818
2819 return service_watch_pid_file(s);
2820 }
2821
2822 static int service_dispatch_io(sd_event_source *source, int fd, uint32_t events, void *userdata) {
2823 PathSpec *p = userdata;
2824 Service *s;
2825
2826 assert(p);
2827
2828 s = SERVICE(p->unit);
2829
2830 assert(s);
2831 assert(fd >= 0);
2832 assert(IN_SET(s->state, SERVICE_START, SERVICE_START_POST));
2833 assert(s->pid_file_pathspec);
2834 assert(path_spec_owns_inotify_fd(s->pid_file_pathspec, fd));
2835
2836 log_unit_debug(UNIT(s), "inotify event");
2837
2838 if (path_spec_fd_event(p, events) < 0)
2839 goto fail;
2840
2841 if (service_retry_pid_file(s) == 0)
2842 return 0;
2843
2844 if (service_watch_pid_file(s) < 0)
2845 goto fail;
2846
2847 return 0;
2848
2849 fail:
2850 service_unwatch_pid_file(s);
2851 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
2852 return 0;
2853 }
2854
2855 static void service_notify_cgroup_empty_event(Unit *u) {
2856 Service *s = SERVICE(u);
2857
2858 assert(u);
2859
2860 log_unit_debug(u, "cgroup is empty");
2861
2862 switch (s->state) {
2863
2864 /* Waiting for SIGCHLD is usually more interesting,
2865 * because it includes return codes/signals. Which is
2866 * why we ignore the cgroup events for most cases,
2867 * except when we don't know pid which to expect the
2868 * SIGCHLD for. */
2869
2870 case SERVICE_START:
2871 if (s->type == SERVICE_NOTIFY &&
2872 main_pid_good(s) == 0 &&
2873 control_pid_good(s) == 0) {
2874 /* No chance of getting a ready notification anymore */
2875 service_enter_stop_post(s, SERVICE_FAILURE_PROTOCOL);
2876 break;
2877 }
2878
2879 _fallthrough_;
2880 case SERVICE_START_POST:
2881 if (s->pid_file_pathspec &&
2882 main_pid_good(s) == 0 &&
2883 control_pid_good(s) == 0) {
2884
2885 /* Give up hoping for the daemon to write its PID file */
2886 log_unit_warning(u, "Daemon never wrote its PID file. Failing.");
2887
2888 service_unwatch_pid_file(s);
2889 if (s->state == SERVICE_START)
2890 service_enter_stop_post(s, SERVICE_FAILURE_PROTOCOL);
2891 else
2892 service_enter_stop(s, SERVICE_FAILURE_PROTOCOL);
2893 }
2894 break;
2895
2896 case SERVICE_RUNNING:
2897 /* service_enter_running() will figure out what to do */
2898 service_enter_running(s, SERVICE_SUCCESS);
2899 break;
2900
2901 case SERVICE_STOP_SIGABRT:
2902 case SERVICE_STOP_SIGTERM:
2903 case SERVICE_STOP_SIGKILL:
2904
2905 if (main_pid_good(s) <= 0 && control_pid_good(s) <= 0)
2906 service_enter_stop_post(s, SERVICE_SUCCESS);
2907
2908 break;
2909
2910 case SERVICE_STOP_POST:
2911 case SERVICE_FINAL_SIGTERM:
2912 case SERVICE_FINAL_SIGKILL:
2913 if (main_pid_good(s) <= 0 && control_pid_good(s) <= 0)
2914 service_enter_dead(s, SERVICE_SUCCESS, true);
2915
2916 break;
2917
2918 default:
2919 ;
2920 }
2921 }
2922
2923 static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2924 Service *s = SERVICE(u);
2925 ServiceResult f;
2926
2927 assert(s);
2928 assert(pid >= 0);
2929
2930 if (is_clean_exit(code, status, s->type == SERVICE_ONESHOT ? EXIT_CLEAN_COMMAND : EXIT_CLEAN_DAEMON, &s->success_status))
2931 f = SERVICE_SUCCESS;
2932 else if (code == CLD_EXITED)
2933 f = SERVICE_FAILURE_EXIT_CODE;
2934 else if (code == CLD_KILLED)
2935 f = SERVICE_FAILURE_SIGNAL;
2936 else if (code == CLD_DUMPED)
2937 f = SERVICE_FAILURE_CORE_DUMP;
2938 else
2939 assert_not_reached("Unknown code");
2940
2941 if (s->main_pid == pid) {
2942 /* Forking services may occasionally move to a new PID.
2943 * As long as they update the PID file before exiting the old
2944 * PID, they're fine. */
2945 if (service_load_pid_file(s, false) == 0)
2946 return;
2947
2948 s->main_pid = 0;
2949 exec_status_exit(&s->main_exec_status, &s->exec_context, pid, code, status);
2950
2951 if (s->main_command) {
2952 /* If this is not a forking service than the
2953 * main process got started and hence we copy
2954 * the exit status so that it is recorded both
2955 * as main and as control process exit
2956 * status */
2957
2958 s->main_command->exec_status = s->main_exec_status;
2959
2960 if (s->main_command->flags & EXEC_COMMAND_IGNORE_FAILURE)
2961 f = SERVICE_SUCCESS;
2962 } else if (s->exec_command[SERVICE_EXEC_START]) {
2963
2964 /* If this is a forked process, then we should
2965 * ignore the return value if this was
2966 * configured for the starter process */
2967
2968 if (s->exec_command[SERVICE_EXEC_START]->flags & EXEC_COMMAND_IGNORE_FAILURE)
2969 f = SERVICE_SUCCESS;
2970 }
2971
2972 /* When this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
2973 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
2974 * that the service already logged the reason at a higher log level on its own. However, if the service
2975 * died due to a signal, then it most likely didn't say anything about any reason, hence let's raise
2976 * our log level to WARNING then. */
2977
2978 log_struct(f == SERVICE_SUCCESS ? LOG_DEBUG :
2979 (code == CLD_EXITED ? LOG_NOTICE : LOG_WARNING),
2980 LOG_UNIT_MESSAGE(u, "Main process exited, code=%s, status=%i/%s",
2981 sigchld_code_to_string(code), status,
2982 strna(code == CLD_EXITED
2983 ? exit_status_to_string(status, EXIT_STATUS_FULL)
2984 : signal_to_string(status))),
2985 "EXIT_CODE=%s", sigchld_code_to_string(code),
2986 "EXIT_STATUS=%i", status,
2987 LOG_UNIT_ID(u),
2988 LOG_UNIT_INVOCATION_ID(u),
2989 NULL);
2990
2991 if (s->result == SERVICE_SUCCESS)
2992 s->result = f;
2993
2994 if (s->main_command &&
2995 s->main_command->command_next &&
2996 s->type == SERVICE_ONESHOT &&
2997 f == SERVICE_SUCCESS) {
2998
2999 /* There is another command to *
3000 * execute, so let's do that. */
3001
3002 log_unit_debug(u, "Running next main command for state %s.", service_state_to_string(s->state));
3003 service_run_next_main(s);
3004
3005 } else {
3006
3007 /* The service exited, so the service is officially
3008 * gone. */
3009 s->main_command = NULL;
3010
3011 switch (s->state) {
3012
3013 case SERVICE_START_POST:
3014 case SERVICE_RELOAD:
3015 case SERVICE_STOP:
3016 /* Need to wait until the operation is
3017 * done */
3018 break;
3019
3020 case SERVICE_START:
3021 if (s->type == SERVICE_ONESHOT) {
3022 /* This was our main goal, so let's go on */
3023 if (f == SERVICE_SUCCESS)
3024 service_enter_start_post(s);
3025 else
3026 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3027 break;
3028 } else if (s->type == SERVICE_NOTIFY) {
3029 /* Only enter running through a notification, so that the
3030 * SERVICE_START state signifies that no ready notification
3031 * has been received */
3032 if (f != SERVICE_SUCCESS)
3033 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3034 else if (!s->remain_after_exit || s->notify_access == NOTIFY_MAIN)
3035 /* The service has never been and will never be active */
3036 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL);
3037 break;
3038 }
3039
3040 _fallthrough_;
3041 case SERVICE_RUNNING:
3042 service_enter_running(s, f);
3043 break;
3044
3045 case SERVICE_STOP_SIGABRT:
3046 case SERVICE_STOP_SIGTERM:
3047 case SERVICE_STOP_SIGKILL:
3048
3049 if (control_pid_good(s) <= 0)
3050 service_enter_stop_post(s, f);
3051
3052 /* If there is still a control process, wait for that first */
3053 break;
3054
3055 case SERVICE_STOP_POST:
3056 case SERVICE_FINAL_SIGTERM:
3057 case SERVICE_FINAL_SIGKILL:
3058
3059 if (control_pid_good(s) <= 0)
3060 service_enter_dead(s, f, true);
3061 break;
3062
3063 default:
3064 assert_not_reached("Uh, main process died at wrong time.");
3065 }
3066 }
3067
3068 } else if (s->control_pid == pid) {
3069 s->control_pid = 0;
3070
3071 if (s->control_command) {
3072 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
3073
3074 if (s->control_command->flags & EXEC_COMMAND_IGNORE_FAILURE)
3075 f = SERVICE_SUCCESS;
3076 }
3077
3078 log_unit_full(u, f == SERVICE_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
3079 "Control process exited, code=%s status=%i",
3080 sigchld_code_to_string(code), status);
3081
3082 if (s->result == SERVICE_SUCCESS)
3083 s->result = f;
3084
3085 if (s->control_command &&
3086 s->control_command->command_next &&
3087 f == SERVICE_SUCCESS) {
3088
3089 /* There is another command to *
3090 * execute, so let's do that. */
3091
3092 log_unit_debug(u, "Running next control command for state %s.", service_state_to_string(s->state));
3093 service_run_next_control(s);
3094
3095 } else {
3096 /* No further commands for this step, so let's
3097 * figure out what to do next */
3098
3099 s->control_command = NULL;
3100 s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
3101
3102 log_unit_debug(u, "Got final SIGCHLD for state %s.", service_state_to_string(s->state));
3103
3104 switch (s->state) {
3105
3106 case SERVICE_START_PRE:
3107 if (f == SERVICE_SUCCESS)
3108 service_enter_start(s);
3109 else
3110 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3111 break;
3112
3113 case SERVICE_START:
3114 if (s->type != SERVICE_FORKING)
3115 /* Maybe spurious event due to a reload that changed the type? */
3116 break;
3117
3118 if (f != SERVICE_SUCCESS) {
3119 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3120 break;
3121 }
3122
3123 if (s->pid_file) {
3124 bool has_start_post;
3125 int r;
3126
3127 /* Let's try to load the pid file here if we can.
3128 * The PID file might actually be created by a START_POST
3129 * script. In that case don't worry if the loading fails. */
3130
3131 has_start_post = !!s->exec_command[SERVICE_EXEC_START_POST];
3132 r = service_load_pid_file(s, !has_start_post);
3133 if (!has_start_post && r < 0) {
3134 r = service_demand_pid_file(s);
3135 if (r < 0 || cgroup_good(s) == 0)
3136 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL);
3137 break;
3138 }
3139 } else
3140 service_search_main_pid(s);
3141
3142 service_enter_start_post(s);
3143 break;
3144
3145 case SERVICE_START_POST:
3146 if (f != SERVICE_SUCCESS) {
3147 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3148 break;
3149 }
3150
3151 if (s->pid_file) {
3152 int r;
3153
3154 r = service_load_pid_file(s, true);
3155 if (r < 0) {
3156 r = service_demand_pid_file(s);
3157 if (r < 0 || cgroup_good(s) == 0)
3158 service_enter_stop(s, SERVICE_FAILURE_PROTOCOL);
3159 break;
3160 }
3161 } else
3162 service_search_main_pid(s);
3163
3164 service_enter_running(s, SERVICE_SUCCESS);
3165 break;
3166
3167 case SERVICE_RELOAD:
3168 if (f == SERVICE_SUCCESS)
3169 if (service_load_pid_file(s, true) < 0)
3170 service_search_main_pid(s);
3171
3172 s->reload_result = f;
3173 service_enter_running(s, SERVICE_SUCCESS);
3174 break;
3175
3176 case SERVICE_STOP:
3177 service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3178 break;
3179
3180 case SERVICE_STOP_SIGABRT:
3181 case SERVICE_STOP_SIGTERM:
3182 case SERVICE_STOP_SIGKILL:
3183 if (main_pid_good(s) <= 0)
3184 service_enter_stop_post(s, f);
3185
3186 /* If there is still a service
3187 * process around, wait until
3188 * that one quit, too */
3189 break;
3190
3191 case SERVICE_STOP_POST:
3192 case SERVICE_FINAL_SIGTERM:
3193 case SERVICE_FINAL_SIGKILL:
3194 if (main_pid_good(s) <= 0)
3195 service_enter_dead(s, f, true);
3196 break;
3197
3198 default:
3199 assert_not_reached("Uh, control process died at wrong time.");
3200 }
3201 }
3202 }
3203
3204 /* Notify clients about changed exit status */
3205 unit_add_to_dbus_queue(u);
3206
3207 /* We got one SIGCHLD for the service, let's watch all
3208 * processes that are now running of the service, and watch
3209 * that. Among the PIDs we then watch will be children
3210 * reassigned to us, which hopefully allows us to identify
3211 * when all children are gone */
3212 unit_tidy_watch_pids(u, s->main_pid, s->control_pid);
3213 unit_watch_all_pids(u);
3214
3215 /* If the PID set is empty now, then let's finish this off
3216 (On unified we use proper notifications) */
3217 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) == 0 && set_isempty(u->pids))
3218 unit_add_to_cgroup_empty_queue(u);
3219 }
3220
3221 static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
3222 Service *s = SERVICE(userdata);
3223
3224 assert(s);
3225 assert(source == s->timer_event_source);
3226
3227 switch (s->state) {
3228
3229 case SERVICE_START_PRE:
3230 case SERVICE_START:
3231 log_unit_warning(UNIT(s), "%s operation timed out. Terminating.", s->state == SERVICE_START ? "Start" : "Start-pre");
3232 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3233 break;
3234
3235 case SERVICE_START_POST:
3236 log_unit_warning(UNIT(s), "Start-post operation timed out. Stopping.");
3237 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3238 break;
3239
3240 case SERVICE_RUNNING:
3241 log_unit_warning(UNIT(s), "Service reached runtime time limit. Stopping.");
3242 service_enter_stop(s, SERVICE_FAILURE_TIMEOUT);
3243 break;
3244
3245 case SERVICE_RELOAD:
3246 log_unit_warning(UNIT(s), "Reload operation timed out. Killing reload process.");
3247 service_kill_control_process(s);
3248 s->reload_result = SERVICE_FAILURE_TIMEOUT;
3249 service_enter_running(s, SERVICE_SUCCESS);
3250 break;
3251
3252 case SERVICE_STOP:
3253 log_unit_warning(UNIT(s), "Stopping timed out. Terminating.");
3254 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3255 break;
3256
3257 case SERVICE_STOP_SIGABRT:
3258 log_unit_warning(UNIT(s), "State 'stop-sigabrt' timed out. Terminating.");
3259 service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3260 break;
3261
3262 case SERVICE_STOP_SIGTERM:
3263 if (s->kill_context.send_sigkill) {
3264 log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Killing.");
3265 service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_TIMEOUT);
3266 } else {
3267 log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Skipping SIGKILL.");
3268 service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
3269 }
3270
3271 break;
3272
3273 case SERVICE_STOP_SIGKILL:
3274 /* Uh, we sent a SIGKILL and it is still not gone?
3275 * Must be something we cannot kill, so let's just be
3276 * weirded out and continue */
3277
3278 log_unit_warning(UNIT(s), "Processes still around after SIGKILL. Ignoring.");
3279 service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
3280 break;
3281
3282 case SERVICE_STOP_POST:
3283 log_unit_warning(UNIT(s), "State 'stop-post' timed out. Terminating.");
3284 service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3285 break;
3286
3287 case SERVICE_FINAL_SIGTERM:
3288 if (s->kill_context.send_sigkill) {
3289 log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Killing.");
3290 service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_FAILURE_TIMEOUT);
3291 } else {
3292 log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Skipping SIGKILL. Entering failed mode.");
3293 service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, false);
3294 }
3295
3296 break;
3297
3298 case SERVICE_FINAL_SIGKILL:
3299 log_unit_warning(UNIT(s), "Processes still around after final SIGKILL. Entering failed mode.");
3300 service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, true);
3301 break;
3302
3303 case SERVICE_AUTO_RESTART:
3304 log_unit_info(UNIT(s),
3305 s->restart_usec > 0 ?
3306 "Service hold-off time over, scheduling restart." :
3307 "Service has no hold-off time, scheduling restart.");
3308 service_enter_restart(s);
3309 break;
3310
3311 default:
3312 assert_not_reached("Timeout at wrong time.");
3313 }
3314
3315 return 0;
3316 }
3317
3318 static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata) {
3319 Service *s = SERVICE(userdata);
3320 char t[FORMAT_TIMESPAN_MAX];
3321 usec_t watchdog_usec;
3322
3323 assert(s);
3324 assert(source == s->watchdog_event_source);
3325
3326 watchdog_usec = service_get_watchdog_usec(s);
3327
3328 log_unit_error(UNIT(s), "Watchdog timeout (limit %s)!",
3329 format_timespan(t, sizeof(t), watchdog_usec, 1));
3330
3331 service_enter_signal(s, SERVICE_STOP_SIGABRT, SERVICE_FAILURE_WATCHDOG);
3332
3333 return 0;
3334 }
3335
3336 static bool service_notify_message_authorized(Service *s, pid_t pid, char **tags, FDSet *fds) {
3337 assert(s);
3338
3339 if (s->notify_access == NOTIFY_NONE) {
3340 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception is disabled.", pid);
3341 return false;
3342 }
3343
3344 if (s->notify_access == NOTIFY_MAIN && pid != s->main_pid) {
3345 if (s->main_pid != 0)
3346 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT, pid, s->main_pid);
3347 else
3348 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID which is currently not known", pid);
3349
3350 return false;
3351 }
3352
3353 if (s->notify_access == NOTIFY_EXEC && pid != s->main_pid && pid != s->control_pid) {
3354 if (s->main_pid != 0 && s->control_pid != 0)
3355 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT" and control PID "PID_FMT,
3356 pid, s->main_pid, s->control_pid);
3357 else if (s->main_pid != 0)
3358 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT, pid, s->main_pid);
3359 else if (s->control_pid != 0)
3360 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for control PID "PID_FMT, pid, s->control_pid);
3361 else
3362 log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID and control PID which are currently not known", pid);
3363
3364 return false;
3365 }
3366
3367 return true;
3368 }
3369
3370 static void service_notify_message(Unit *u, pid_t pid, char **tags, FDSet *fds) {
3371 Service *s = SERVICE(u);
3372 bool notify_dbus = false;
3373 const char *e;
3374 char **i;
3375
3376 assert(u);
3377
3378 if (!service_notify_message_authorized(SERVICE(u), pid, tags, fds))
3379 return;
3380
3381 if (log_get_max_level() >= LOG_DEBUG) {
3382 _cleanup_free_ char *cc = NULL;
3383
3384 cc = strv_join(tags, ", ");
3385 log_unit_debug(u, "Got notification message from PID "PID_FMT" (%s)", pid, isempty(cc) ? "n/a" : cc);
3386 }
3387
3388 /* Interpret MAINPID= */
3389 e = strv_find_startswith(tags, "MAINPID=");
3390 if (e && IN_SET(s->state, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD)) {
3391 if (parse_pid(e, &pid) < 0)
3392 log_unit_warning(u, "Failed to parse MAINPID= field in notification message: %s", e);
3393 else if (pid == s->control_pid)
3394 log_unit_warning(u, "A control process cannot also be the main process");
3395 else if (pid == getpid_cached() || pid == 1)
3396 log_unit_warning(u, "Service manager can't be main process, ignoring sd_notify() MAINPID= field");
3397 else if (pid != s->main_pid) {
3398 service_set_main_pid(s, pid);
3399 unit_watch_pid(UNIT(s), pid);
3400 notify_dbus = true;
3401 }
3402 }
3403
3404 /* Interpret READY=/STOPPING=/RELOADING=. Last one wins. */
3405 STRV_FOREACH_BACKWARDS(i, tags) {
3406
3407 if (streq(*i, "READY=1")) {
3408 s->notify_state = NOTIFY_READY;
3409
3410 /* Type=notify services inform us about completed
3411 * initialization with READY=1 */
3412 if (s->type == SERVICE_NOTIFY && s->state == SERVICE_START)
3413 service_enter_start_post(s);
3414
3415 /* Sending READY=1 while we are reloading informs us
3416 * that the reloading is complete */
3417 if (s->state == SERVICE_RELOAD && s->control_pid == 0)
3418 service_enter_running(s, SERVICE_SUCCESS);
3419
3420 notify_dbus = true;
3421 break;
3422
3423 } else if (streq(*i, "RELOADING=1")) {
3424 s->notify_state = NOTIFY_RELOADING;
3425
3426 if (s->state == SERVICE_RUNNING)
3427 service_enter_reload_by_notify(s);
3428
3429 notify_dbus = true;
3430 break;
3431
3432 } else if (streq(*i, "STOPPING=1")) {
3433 s->notify_state = NOTIFY_STOPPING;
3434
3435 if (s->state == SERVICE_RUNNING)
3436 service_enter_stop_by_notify(s);
3437
3438 notify_dbus = true;
3439 break;
3440 }
3441 }
3442
3443 /* Interpret STATUS= */
3444 e = strv_find_startswith(tags, "STATUS=");
3445 if (e) {
3446 _cleanup_free_ char *t = NULL;
3447
3448 if (!isempty(e)) {
3449 if (!utf8_is_valid(e))
3450 log_unit_warning(u, "Status message in notification message is not UTF-8 clean.");
3451 else {
3452 t = strdup(e);
3453 if (!t)
3454 log_oom();
3455 }
3456 }
3457
3458 if (!streq_ptr(s->status_text, t)) {
3459 free_and_replace(s->status_text, t);
3460 notify_dbus = true;
3461 }
3462 }
3463
3464 /* Interpret ERRNO= */
3465 e = strv_find_startswith(tags, "ERRNO=");
3466 if (e) {
3467 int status_errno;
3468
3469 status_errno = parse_errno(e);
3470 if (status_errno < 0)
3471 log_unit_warning_errno(u, status_errno,
3472 "Failed to parse ERRNO= field in notification message: %s", e);
3473 else if (s->status_errno != status_errno) {
3474 s->status_errno = status_errno;
3475 notify_dbus = true;
3476 }
3477 }
3478
3479 /* Interpret WATCHDOG= */
3480 if (strv_find(tags, "WATCHDOG=1"))
3481 service_reset_watchdog(s);
3482
3483 e = strv_find_startswith(tags, "WATCHDOG_USEC=");
3484 if (e) {
3485 usec_t watchdog_override_usec;
3486 if (safe_atou64(e, &watchdog_override_usec) < 0)
3487 log_unit_warning(u, "Failed to parse WATCHDOG_USEC=%s", e);
3488 else
3489 service_reset_watchdog_timeout(s, watchdog_override_usec);
3490 }
3491
3492 /* Process FD store messages. Either FDSTOREREMOVE=1 for removal, or FDSTORE=1 for addition. In both cases,
3493 * process FDNAME= for picking the file descriptor name to use. Note that FDNAME= is required when removing
3494 * fds, but optional when pushing in new fds, for compatibility reasons. */
3495 if (strv_find(tags, "FDSTOREREMOVE=1")) {
3496 const char *name;
3497
3498 name = strv_find_startswith(tags, "FDNAME=");
3499 if (!name || !fdname_is_valid(name))
3500 log_unit_warning(u, "FDSTOREREMOVE=1 requested, but no valid file descriptor name passed, ignoring.");
3501 else
3502 service_remove_fd_store(s, name);
3503
3504 } else if (strv_find(tags, "FDSTORE=1")) {
3505 const char *name;
3506
3507 name = strv_find_startswith(tags, "FDNAME=");
3508 if (name && !fdname_is_valid(name)) {
3509 log_unit_warning(u, "Passed FDNAME= name is invalid, ignoring.");
3510 name = NULL;
3511 }
3512
3513 (void) service_add_fd_store_set(s, fds, name);
3514 }
3515
3516 /* Notify clients about changed status or main pid */
3517 if (notify_dbus)
3518 unit_add_to_dbus_queue(u);
3519 }
3520
3521 static int service_get_timeout(Unit *u, usec_t *timeout) {
3522 Service *s = SERVICE(u);
3523 uint64_t t;
3524 int r;
3525
3526 if (!s->timer_event_source)
3527 return 0;
3528
3529 r = sd_event_source_get_time(s->timer_event_source, &t);
3530 if (r < 0)
3531 return r;
3532 if (t == USEC_INFINITY)
3533 return 0;
3534
3535 *timeout = t;
3536 return 1;
3537 }
3538
3539 static void service_bus_name_owner_change(
3540 Unit *u,
3541 const char *name,
3542 const char *old_owner,
3543 const char *new_owner) {
3544
3545 Service *s = SERVICE(u);
3546 int r;
3547
3548 assert(s);
3549 assert(name);
3550
3551 assert(streq(s->bus_name, name));
3552 assert(old_owner || new_owner);
3553
3554 if (old_owner && new_owner)
3555 log_unit_debug(u, "D-Bus name %s changed owner from %s to %s", name, old_owner, new_owner);
3556 else if (old_owner)
3557 log_unit_debug(u, "D-Bus name %s no longer registered by %s", name, old_owner);
3558 else
3559 log_unit_debug(u, "D-Bus name %s now registered by %s", name, new_owner);
3560
3561 s->bus_name_good = !!new_owner;
3562
3563 /* Track the current owner, so we can reconstruct changes after a daemon reload */
3564 r = free_and_strdup(&s->bus_name_owner, new_owner);
3565 if (r < 0) {
3566 log_unit_error_errno(u, r, "Unable to set new bus name owner %s: %m", new_owner);
3567 return;
3568 }
3569
3570 if (s->type == SERVICE_DBUS) {
3571
3572 /* service_enter_running() will figure out what to
3573 * do */
3574 if (s->state == SERVICE_RUNNING)
3575 service_enter_running(s, SERVICE_SUCCESS);
3576 else if (s->state == SERVICE_START && new_owner)
3577 service_enter_start_post(s);
3578
3579 } else if (new_owner &&
3580 s->main_pid <= 0 &&
3581 IN_SET(s->state,
3582 SERVICE_START,
3583 SERVICE_START_POST,
3584 SERVICE_RUNNING,
3585 SERVICE_RELOAD)) {
3586
3587 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
3588 pid_t pid;
3589
3590 /* Try to acquire PID from bus service */
3591
3592 r = sd_bus_get_name_creds(u->manager->api_bus, name, SD_BUS_CREDS_PID, &creds);
3593 if (r >= 0)
3594 r = sd_bus_creds_get_pid(creds, &pid);
3595 if (r >= 0) {
3596 log_unit_debug(u, "D-Bus name %s is now owned by process " PID_FMT, name, pid);
3597
3598 service_set_main_pid(s, pid);
3599 unit_watch_pid(UNIT(s), pid);
3600 }
3601 }
3602 }
3603
3604 int service_set_socket_fd(Service *s, int fd, Socket *sock, bool selinux_context_net) {
3605 _cleanup_free_ char *peer = NULL;
3606 int r;
3607
3608 assert(s);
3609 assert(fd >= 0);
3610
3611 /* This is called by the socket code when instantiating a new service for a stream socket and the socket needs
3612 * to be configured. We take ownership of the passed fd on success. */
3613
3614 if (UNIT(s)->load_state != UNIT_LOADED)
3615 return -EINVAL;
3616
3617 if (s->socket_fd >= 0)
3618 return -EBUSY;
3619
3620 if (s->state != SERVICE_DEAD)
3621 return -EAGAIN;
3622
3623 if (getpeername_pretty(fd, true, &peer) >= 0) {
3624
3625 if (UNIT(s)->description) {
3626 _cleanup_free_ char *a;
3627
3628 a = strjoin(UNIT(s)->description, " (", peer, ")");
3629 if (!a)
3630 return -ENOMEM;
3631
3632 r = unit_set_description(UNIT(s), a);
3633 } else
3634 r = unit_set_description(UNIT(s), peer);
3635
3636 if (r < 0)
3637 return r;
3638 }
3639
3640 r = unit_add_two_dependencies(UNIT(sock), UNIT_BEFORE, UNIT_TRIGGERS, UNIT(s), false, UNIT_DEPENDENCY_IMPLICIT);
3641 if (r < 0)
3642 return r;
3643
3644 s->socket_fd = fd;
3645 s->socket_fd_selinux_context_net = selinux_context_net;
3646
3647 unit_ref_set(&s->accept_socket, UNIT(sock));
3648 return 0;
3649 }
3650
3651 static void service_reset_failed(Unit *u) {
3652 Service *s = SERVICE(u);
3653
3654 assert(s);
3655
3656 if (s->state == SERVICE_FAILED)
3657 service_set_state(s, SERVICE_DEAD);
3658
3659 s->result = SERVICE_SUCCESS;
3660 s->reload_result = SERVICE_SUCCESS;
3661 s->n_restarts = 0;
3662 s->flush_n_restarts = false;
3663 }
3664
3665 static int service_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
3666 Service *s = SERVICE(u);
3667
3668 assert(s);
3669
3670 return unit_kill_common(u, who, signo, s->main_pid, s->control_pid, error);
3671 }
3672
3673 static int service_main_pid(Unit *u) {
3674 Service *s = SERVICE(u);
3675
3676 assert(s);
3677
3678 return s->main_pid;
3679 }
3680
3681 static int service_control_pid(Unit *u) {
3682 Service *s = SERVICE(u);
3683
3684 assert(s);
3685
3686 return s->control_pid;
3687 }
3688
3689 static const char* const service_restart_table[_SERVICE_RESTART_MAX] = {
3690 [SERVICE_RESTART_NO] = "no",
3691 [SERVICE_RESTART_ON_SUCCESS] = "on-success",
3692 [SERVICE_RESTART_ON_FAILURE] = "on-failure",
3693 [SERVICE_RESTART_ON_ABNORMAL] = "on-abnormal",
3694 [SERVICE_RESTART_ON_WATCHDOG] = "on-watchdog",
3695 [SERVICE_RESTART_ON_ABORT] = "on-abort",
3696 [SERVICE_RESTART_ALWAYS] = "always",
3697 };
3698
3699 DEFINE_STRING_TABLE_LOOKUP(service_restart, ServiceRestart);
3700
3701 static const char* const service_type_table[_SERVICE_TYPE_MAX] = {
3702 [SERVICE_SIMPLE] = "simple",
3703 [SERVICE_FORKING] = "forking",
3704 [SERVICE_ONESHOT] = "oneshot",
3705 [SERVICE_DBUS] = "dbus",
3706 [SERVICE_NOTIFY] = "notify",
3707 [SERVICE_IDLE] = "idle"
3708 };
3709
3710 DEFINE_STRING_TABLE_LOOKUP(service_type, ServiceType);
3711
3712 static const char* const service_exec_command_table[_SERVICE_EXEC_COMMAND_MAX] = {
3713 [SERVICE_EXEC_START_PRE] = "ExecStartPre",
3714 [SERVICE_EXEC_START] = "ExecStart",
3715 [SERVICE_EXEC_START_POST] = "ExecStartPost",
3716 [SERVICE_EXEC_RELOAD] = "ExecReload",
3717 [SERVICE_EXEC_STOP] = "ExecStop",
3718 [SERVICE_EXEC_STOP_POST] = "ExecStopPost",
3719 };
3720
3721 DEFINE_STRING_TABLE_LOOKUP(service_exec_command, ServiceExecCommand);
3722
3723 static const char* const notify_state_table[_NOTIFY_STATE_MAX] = {
3724 [NOTIFY_UNKNOWN] = "unknown",
3725 [NOTIFY_READY] = "ready",
3726 [NOTIFY_RELOADING] = "reloading",
3727 [NOTIFY_STOPPING] = "stopping",
3728 };
3729
3730 DEFINE_STRING_TABLE_LOOKUP(notify_state, NotifyState);
3731
3732 static const char* const service_result_table[_SERVICE_RESULT_MAX] = {
3733 [SERVICE_SUCCESS] = "success",
3734 [SERVICE_FAILURE_RESOURCES] = "resources",
3735 [SERVICE_FAILURE_PROTOCOL] = "protocol",
3736 [SERVICE_FAILURE_TIMEOUT] = "timeout",
3737 [SERVICE_FAILURE_EXIT_CODE] = "exit-code",
3738 [SERVICE_FAILURE_SIGNAL] = "signal",
3739 [SERVICE_FAILURE_CORE_DUMP] = "core-dump",
3740 [SERVICE_FAILURE_WATCHDOG] = "watchdog",
3741 [SERVICE_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
3742 };
3743
3744 DEFINE_STRING_TABLE_LOOKUP(service_result, ServiceResult);
3745
3746 const UnitVTable service_vtable = {
3747 .object_size = sizeof(Service),
3748 .exec_context_offset = offsetof(Service, exec_context),
3749 .cgroup_context_offset = offsetof(Service, cgroup_context),
3750 .kill_context_offset = offsetof(Service, kill_context),
3751 .exec_runtime_offset = offsetof(Service, exec_runtime),
3752 .dynamic_creds_offset = offsetof(Service, dynamic_creds),
3753
3754 .sections =
3755 "Unit\0"
3756 "Service\0"
3757 "Install\0",
3758 .private_section = "Service",
3759
3760 .init = service_init,
3761 .done = service_done,
3762 .load = service_load,
3763 .release_resources = service_release_resources,
3764
3765 .coldplug = service_coldplug,
3766
3767 .dump = service_dump,
3768
3769 .start = service_start,
3770 .stop = service_stop,
3771 .reload = service_reload,
3772
3773 .can_reload = service_can_reload,
3774
3775 .kill = service_kill,
3776
3777 .serialize = service_serialize,
3778 .deserialize_item = service_deserialize_item,
3779
3780 .active_state = service_active_state,
3781 .sub_state_to_string = service_sub_state_to_string,
3782
3783 .will_restart = service_will_restart,
3784
3785 .check_gc = service_check_gc,
3786
3787 .sigchld_event = service_sigchld_event,
3788
3789 .reset_failed = service_reset_failed,
3790
3791 .notify_cgroup_empty = service_notify_cgroup_empty_event,
3792 .notify_message = service_notify_message,
3793
3794 .main_pid = service_main_pid,
3795 .control_pid = service_control_pid,
3796
3797 .bus_name_owner_change = service_bus_name_owner_change,
3798
3799 .bus_vtable = bus_service_vtable,
3800 .bus_set_property = bus_service_set_property,
3801 .bus_commit_properties = bus_service_commit_properties,
3802
3803 .get_timeout = service_get_timeout,
3804 .can_transient = true,
3805
3806 .status_message_formats = {
3807 .starting_stopping = {
3808 [0] = "Starting %s...",
3809 [1] = "Stopping %s...",
3810 },
3811 .finished_start_job = {
3812 [JOB_DONE] = "Started %s.",
3813 [JOB_FAILED] = "Failed to start %s.",
3814 },
3815 .finished_stop_job = {
3816 [JOB_DONE] = "Stopped %s.",
3817 [JOB_FAILED] = "Stopped (with error) %s.",
3818 },
3819 },
3820 };
Unnamed repository; edit this file 'description' to name the repository.