1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
32 #include <attr/xattr.h>
37 #include "netinet/tcp.h"
39 #include "load-dropin.h"
40 #include "load-fragment.h"
43 #include "path-util.h"
44 #include "unit-name.h"
45 #include "unit-printf.h"
46 #include "dbus-socket.h"
49 #include "dbus-common.h"
51 #include "exit-status.h"
54 static const UnitActiveState state_translation_table
[_SOCKET_STATE_MAX
] = {
55 [SOCKET_DEAD
] = UNIT_INACTIVE
,
56 [SOCKET_START_PRE
] = UNIT_ACTIVATING
,
57 [SOCKET_START_POST
] = UNIT_ACTIVATING
,
58 [SOCKET_LISTENING
] = UNIT_ACTIVE
,
59 [SOCKET_RUNNING
] = UNIT_ACTIVE
,
60 [SOCKET_STOP_PRE
] = UNIT_DEACTIVATING
,
61 [SOCKET_STOP_PRE_SIGTERM
] = UNIT_DEACTIVATING
,
62 [SOCKET_STOP_PRE_SIGKILL
] = UNIT_DEACTIVATING
,
63 [SOCKET_STOP_POST
] = UNIT_DEACTIVATING
,
64 [SOCKET_FINAL_SIGTERM
] = UNIT_DEACTIVATING
,
65 [SOCKET_FINAL_SIGKILL
] = UNIT_DEACTIVATING
,
66 [SOCKET_FAILED
] = UNIT_FAILED
69 static void socket_init(Unit
*u
) {
70 Socket
*s
= SOCKET(u
);
73 assert(u
->load_state
== UNIT_STUB
);
75 s
->backlog
= SOMAXCONN
;
76 s
->timeout_usec
= DEFAULT_TIMEOUT_USEC
;
77 s
->directory_mode
= 0755;
78 s
->socket_mode
= 0666;
80 s
->max_connections
= 64;
87 exec_context_init(&s
->exec_context
);
88 s
->exec_context
.std_output
= u
->manager
->default_std_output
;
89 s
->exec_context
.std_error
= u
->manager
->default_std_error
;
90 kill_context_init(&s
->kill_context
);
91 cgroup_context_init(&s
->cgroup_context
);
93 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
96 static void socket_unwatch_control_pid(Socket
*s
) {
99 if (s
->control_pid
<= 0)
102 unit_unwatch_pid(UNIT(s
), s
->control_pid
);
106 void socket_free_ports(Socket
*s
) {
111 while ((p
= s
->ports
)) {
112 LIST_REMOVE(SocketPort
, port
, s
->ports
, p
);
115 unit_unwatch_fd(UNIT(s
), &p
->fd_watch
);
116 close_nointr_nofail(p
->fd
);
124 static void socket_done(Unit
*u
) {
125 Socket
*s
= SOCKET(u
);
129 socket_free_ports(s
);
131 exec_context_done(&s
->exec_context
, manager_is_reloading_or_reexecuting(u
->manager
));
132 cgroup_context_init(&s
->cgroup_context
);
134 exec_command_free_array(s
->exec_command
, _SOCKET_EXEC_COMMAND_MAX
);
135 s
->control_command
= NULL
;
137 socket_unwatch_control_pid(s
);
139 unit_ref_unset(&s
->service
);
141 free(s
->tcp_congestion
);
142 s
->tcp_congestion
= NULL
;
144 free(s
->bind_to_device
);
145 s
->bind_to_device
= NULL
;
148 free(s
->smack_ip_in
);
149 free(s
->smack_ip_out
);
151 unit_unwatch_timer(u
, &s
->timer_watch
);
154 static int socket_instantiate_service(Socket
*s
) {
161 /* This fills in s->service if it isn't filled in yet. For
162 * Accept=yes sockets we create the next connection service
163 * here. For Accept=no this is mostly a NOP since the service
164 * is figured out at load time anyway. */
166 if (UNIT_DEREF(s
->service
))
171 if (!(prefix
= unit_name_to_prefix(UNIT(s
)->id
)))
174 r
= asprintf(&name
, "%s@%u.service", prefix
, s
->n_accepted
);
180 r
= manager_load_unit(UNIT(s
)->manager
, name
, NULL
, NULL
, &u
);
186 #ifdef HAVE_SYSV_COMPAT
187 if (SERVICE(u
)->is_sysv
) {
188 log_error("Using SysV services for socket activation is not supported. Refusing.");
194 unit_ref_set(&s
->service
, u
);
196 return unit_add_two_dependencies(UNIT(s
), UNIT_BEFORE
, UNIT_TRIGGERS
, u
, false);
199 static bool have_non_accept_socket(Socket
*s
) {
207 LIST_FOREACH(port
, p
, s
->ports
) {
209 if (p
->type
!= SOCKET_SOCKET
)
212 if (!socket_address_can_accept(&p
->address
))
219 static int socket_verify(Socket
*s
) {
222 if (UNIT(s
)->load_state
!= UNIT_LOADED
)
226 log_error_unit(UNIT(s
)->id
,
227 "%s lacks Listen setting. Refusing.", UNIT(s
)->id
);
231 if (s
->accept
&& have_non_accept_socket(s
)) {
232 log_error_unit(UNIT(s
)->id
,
233 "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
238 if (s
->accept
&& s
->max_connections
<= 0) {
239 log_error_unit(UNIT(s
)->id
,
240 "%s's MaxConnection setting too small. Refusing.", UNIT(s
)->id
);
244 if (s
->accept
&& UNIT_DEREF(s
->service
)) {
245 log_error_unit(UNIT(s
)->id
,
246 "Explicit service configuration for accepting sockets not supported on %s. Refusing.",
251 if (s
->exec_context
.pam_name
&& s
->kill_context
.kill_mode
!= KILL_CONTROL_GROUP
) {
252 log_error_unit(UNIT(s
)->id
,
253 "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.",
261 static bool socket_needs_mount(Socket
*s
, const char *prefix
) {
266 LIST_FOREACH(port
, p
, s
->ports
) {
268 if (p
->type
== SOCKET_SOCKET
) {
269 if (socket_address_needs_mount(&p
->address
, prefix
))
271 } else if (p
->type
== SOCKET_FIFO
|| p
->type
== SOCKET_SPECIAL
) {
272 if (path_startswith(p
->path
, prefix
))
280 int socket_add_one_mount_link(Socket
*s
, Mount
*m
) {
286 if (UNIT(s
)->load_state
!= UNIT_LOADED
||
287 UNIT(m
)->load_state
!= UNIT_LOADED
)
290 if (!socket_needs_mount(s
, m
->where
))
293 r
= unit_add_two_dependencies(UNIT(s
), UNIT_AFTER
, UNIT_REQUIRES
, UNIT(m
), true);
300 static int socket_add_mount_links(Socket
*s
) {
306 LIST_FOREACH(units_by_type
, other
, UNIT(s
)->manager
->units_by_type
[UNIT_MOUNT
]) {
307 r
= socket_add_one_mount_link(s
, MOUNT(other
));
315 static int socket_add_device_link(Socket
*s
) {
321 if (!s
->bind_to_device
|| streq(s
->bind_to_device
, "lo"))
324 if (asprintf(&t
, "/sys/subsystem/net/devices/%s", s
->bind_to_device
) < 0)
327 r
= unit_add_node_link(UNIT(s
), t
, false);
333 static int socket_add_default_dependencies(Socket
*s
) {
337 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_BEFORE
, SPECIAL_SOCKETS_TARGET
, NULL
, true);
341 if (UNIT(s
)->manager
->running_as
== SYSTEMD_SYSTEM
) {
342 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_SYSINIT_TARGET
, NULL
, true);
347 return unit_add_two_dependencies_by_name(UNIT(s
), UNIT_BEFORE
, UNIT_CONFLICTS
, SPECIAL_SHUTDOWN_TARGET
, NULL
, true);
350 _pure_
static bool socket_has_exec(Socket
*s
) {
354 for (i
= 0; i
< _SOCKET_EXEC_COMMAND_MAX
; i
++)
355 if (s
->exec_command
[i
])
361 static int socket_load(Unit
*u
) {
362 Socket
*s
= SOCKET(u
);
366 assert(u
->load_state
== UNIT_STUB
);
368 if ((r
= unit_load_fragment_and_dropin(u
)) < 0)
371 /* This is a new unit? Then let's add in some extras */
372 if (u
->load_state
== UNIT_LOADED
) {
374 if (have_non_accept_socket(s
)) {
376 if (!UNIT_DEREF(s
->service
)) {
379 r
= unit_load_related_unit(u
, ".service", &x
);
383 unit_ref_set(&s
->service
, x
);
386 r
= unit_add_two_dependencies(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, UNIT_DEREF(s
->service
), true);
391 if ((r
= socket_add_mount_links(s
)) < 0)
394 if ((r
= socket_add_device_link(s
)) < 0)
397 if (socket_has_exec(s
))
398 if ((r
= unit_add_exec_dependencies(u
, &s
->exec_context
)) < 0)
401 r
= unit_add_default_slice(u
);
405 if (UNIT(s
)->default_dependencies
)
406 if ((r
= socket_add_default_dependencies(s
)) < 0)
409 r
= unit_exec_context_defaults(u
, &s
->exec_context
);
414 return socket_verify(s
);
417 _const_
static const char* listen_lookup(int family
, int type
) {
419 if (family
== AF_NETLINK
)
420 return "ListenNetlink";
422 if (type
== SOCK_STREAM
)
423 return "ListenStream";
424 else if (type
== SOCK_DGRAM
)
425 return "ListenDatagram";
426 else if (type
== SOCK_SEQPACKET
)
427 return "ListenSequentialPacket";
429 assert_not_reached("Unknown socket type");
433 static void socket_dump(Unit
*u
, FILE *f
, const char *prefix
) {
436 Socket
*s
= SOCKET(u
);
444 p2
= strappend(prefix
, "\t");
445 prefix2
= p2
? p2
: prefix
;
448 "%sSocket State: %s\n"
450 "%sBindIPv6Only: %s\n"
452 "%sSocketMode: %04o\n"
453 "%sDirectoryMode: %04o\n"
456 "%sTransparent: %s\n"
458 "%sPassCredentials: %s\n"
459 "%sPassSecurity: %s\n"
460 "%sTCPCongestion: %s\n",
461 prefix
, socket_state_to_string(s
->state
),
462 prefix
, socket_result_to_string(s
->result
),
463 prefix
, socket_address_bind_ipv6_only_to_string(s
->bind_ipv6_only
),
465 prefix
, s
->socket_mode
,
466 prefix
, s
->directory_mode
,
467 prefix
, yes_no(s
->keep_alive
),
468 prefix
, yes_no(s
->free_bind
),
469 prefix
, yes_no(s
->transparent
),
470 prefix
, yes_no(s
->broadcast
),
471 prefix
, yes_no(s
->pass_cred
),
472 prefix
, yes_no(s
->pass_sec
),
473 prefix
, strna(s
->tcp_congestion
));
475 if (s
->control_pid
> 0)
477 "%sControl PID: %lu\n",
478 prefix
, (unsigned long) s
->control_pid
);
480 if (s
->bind_to_device
)
482 "%sBindToDevice: %s\n",
483 prefix
, s
->bind_to_device
);
488 "%sNConnections: %u\n"
489 "%sMaxConnections: %u\n",
490 prefix
, s
->n_accepted
,
491 prefix
, s
->n_connections
,
492 prefix
, s
->max_connections
);
494 if (s
->priority
>= 0)
497 prefix
, s
->priority
);
499 if (s
->receive_buffer
> 0)
501 "%sReceiveBuffer: %zu\n",
502 prefix
, s
->receive_buffer
);
504 if (s
->send_buffer
> 0)
506 "%sSendBuffer: %zu\n",
507 prefix
, s
->send_buffer
);
519 if (s
->pipe_size
> 0)
522 prefix
, s
->pipe_size
);
529 if (s
->mq_maxmsg
> 0)
531 "%sMessageQueueMaxMessages: %li\n",
532 prefix
, s
->mq_maxmsg
);
534 if (s
->mq_msgsize
> 0)
536 "%sMessageQueueMessageSize: %li\n",
537 prefix
, s
->mq_msgsize
);
542 prefix
, yes_no(s
->reuseport
));
546 "%sSmackLabel: %s\n",
551 "%sSmackLabelIPIn: %s\n",
552 prefix
, s
->smack_ip_in
);
556 "%sSmackLabelIPOut: %s\n",
557 prefix
, s
->smack_ip_out
);
559 LIST_FOREACH(port
, p
, s
->ports
) {
561 if (p
->type
== SOCKET_SOCKET
) {
566 if ((r
= socket_address_print(&p
->address
, &k
)) < 0)
571 fprintf(f
, "%s%s: %s\n", prefix
, listen_lookup(socket_address_family(&p
->address
), p
->address
.type
), t
);
573 } else if (p
->type
== SOCKET_SPECIAL
)
574 fprintf(f
, "%sListenSpecial: %s\n", prefix
, p
->path
);
575 else if (p
->type
== SOCKET_MQUEUE
)
576 fprintf(f
, "%sListenMessageQueue: %s\n", prefix
, p
->path
);
578 fprintf(f
, "%sListenFIFO: %s\n", prefix
, p
->path
);
581 exec_context_dump(&s
->exec_context
, f
, prefix
);
582 kill_context_dump(&s
->kill_context
, f
, prefix
);
584 for (c
= 0; c
< _SOCKET_EXEC_COMMAND_MAX
; c
++) {
585 if (!s
->exec_command
[c
])
588 fprintf(f
, "%s-> %s:\n",
589 prefix
, socket_exec_command_to_string(c
));
591 exec_command_dump_list(s
->exec_command
[c
], f
, prefix2
);
597 static int instance_from_socket(int fd
, unsigned nr
, char **instance
) {
602 struct sockaddr_un un
;
603 struct sockaddr_in in
;
604 struct sockaddr_in6 in6
;
605 struct sockaddr_storage storage
;
612 if (getsockname(fd
, &local
.sa
, &l
) < 0)
616 if (getpeername(fd
, &remote
.sa
, &l
) < 0)
619 switch (local
.sa
.sa_family
) {
623 a
= ntohl(local
.in
.sin_addr
.s_addr
),
624 b
= ntohl(remote
.in
.sin_addr
.s_addr
);
627 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
629 a
>> 24, (a
>> 16) & 0xFF, (a
>> 8) & 0xFF, a
& 0xFF,
630 ntohs(local
.in
.sin_port
),
631 b
>> 24, (b
>> 16) & 0xFF, (b
>> 8) & 0xFF, b
& 0xFF,
632 ntohs(remote
.in
.sin_port
)) < 0)
639 static const unsigned char ipv4_prefix
[] = {
640 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
643 if (memcmp(&local
.in6
.sin6_addr
, ipv4_prefix
, sizeof(ipv4_prefix
)) == 0 &&
644 memcmp(&remote
.in6
.sin6_addr
, ipv4_prefix
, sizeof(ipv4_prefix
)) == 0) {
646 *a
= local
.in6
.sin6_addr
.s6_addr
+12,
647 *b
= remote
.in6
.sin6_addr
.s6_addr
+12;
650 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
652 a
[0], a
[1], a
[2], a
[3],
653 ntohs(local
.in6
.sin6_port
),
654 b
[0], b
[1], b
[2], b
[3],
655 ntohs(remote
.in6
.sin6_port
)) < 0)
658 char a
[INET6_ADDRSTRLEN
], b
[INET6_ADDRSTRLEN
];
663 inet_ntop(AF_INET6
, &local
.in6
.sin6_addr
, a
, sizeof(a
)),
664 ntohs(local
.in6
.sin6_port
),
665 inet_ntop(AF_INET6
, &remote
.in6
.sin6_addr
, b
, sizeof(b
)),
666 ntohs(remote
.in6
.sin6_port
)) < 0)
677 if (getsockopt(fd
, SOL_SOCKET
, SO_PEERCRED
, &ucred
, &l
) < 0)
683 (unsigned long) ucred
.pid
,
684 (unsigned long) ucred
.uid
) < 0)
691 assert_not_reached("Unhandled socket type.");
698 static void socket_close_fds(Socket
*s
) {
703 LIST_FOREACH(port
, p
, s
->ports
) {
707 unit_unwatch_fd(UNIT(s
), &p
->fd_watch
);
708 close_nointr_nofail(p
->fd
);
710 /* One little note: we should never delete any sockets
711 * in the file system here! After all some other
712 * process we spawned might still have a reference of
713 * this fd and wants to continue to use it. Therefore
714 * we delete sockets in the file system before we
715 * create a new one, not after we stopped using
722 static void socket_apply_socket_options(Socket
*s
, int fd
) {
727 int b
= s
->keep_alive
;
728 if (setsockopt(fd
, SOL_SOCKET
, SO_KEEPALIVE
, &b
, sizeof(b
)) < 0)
729 log_warning_unit(UNIT(s
)->id
, "SO_KEEPALIVE failed: %m");
734 if (setsockopt(fd
, SOL_SOCKET
, SO_BROADCAST
, &one
, sizeof(one
)) < 0)
735 log_warning_unit(UNIT(s
)->id
, "SO_BROADCAST failed: %m");
740 if (setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
)) < 0)
741 log_warning_unit(UNIT(s
)->id
, "SO_PASSCRED failed: %m");
746 if (setsockopt(fd
, SOL_SOCKET
, SO_PASSSEC
, &one
, sizeof(one
)) < 0)
747 log_warning_unit(UNIT(s
)->id
, "SO_PASSSEC failed: %m");
750 if (s
->priority
>= 0)
751 if (setsockopt(fd
, SOL_SOCKET
, SO_PRIORITY
, &s
->priority
, sizeof(s
->priority
)) < 0)
752 log_warning_unit(UNIT(s
)->id
, "SO_PRIORITY failed: %m");
754 if (s
->receive_buffer
> 0) {
755 int value
= (int) s
->receive_buffer
;
757 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
759 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUFFORCE
, &value
, sizeof(value
)) < 0)
760 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, sizeof(value
)) < 0)
761 log_warning_unit(UNIT(s
)->id
, "SO_RCVBUF failed: %m");
764 if (s
->send_buffer
> 0) {
765 int value
= (int) s
->send_buffer
;
766 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUFFORCE
, &value
, sizeof(value
)) < 0)
767 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, sizeof(value
)) < 0)
768 log_warning_unit(UNIT(s
)->id
, "SO_SNDBUF failed: %m");
772 if (setsockopt(fd
, SOL_SOCKET
, SO_MARK
, &s
->mark
, sizeof(s
->mark
)) < 0)
773 log_warning_unit(UNIT(s
)->id
, "SO_MARK failed: %m");
776 if (setsockopt(fd
, IPPROTO_IP
, IP_TOS
, &s
->ip_tos
, sizeof(s
->ip_tos
)) < 0)
777 log_warning_unit(UNIT(s
)->id
, "IP_TOS failed: %m");
779 if (s
->ip_ttl
>= 0) {
782 r
= setsockopt(fd
, IPPROTO_IP
, IP_TTL
, &s
->ip_ttl
, sizeof(s
->ip_ttl
));
784 if (socket_ipv6_is_supported())
785 x
= setsockopt(fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &s
->ip_ttl
, sizeof(s
->ip_ttl
));
788 errno
= EAFNOSUPPORT
;
792 log_warning_unit(UNIT(s
)->id
,
793 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
796 if (s
->tcp_congestion
)
797 if (setsockopt(fd
, SOL_TCP
, TCP_CONGESTION
, s
->tcp_congestion
, strlen(s
->tcp_congestion
)+1) < 0)
798 log_warning_unit(UNIT(s
)->id
, "TCP_CONGESTION failed: %m");
801 int b
= s
->reuseport
;
802 if (setsockopt(fd
, SOL_SOCKET
, SO_REUSEPORT
, &b
, sizeof(b
)))
803 log_warning_unit(UNIT(s
)->id
, "SO_REUSEPORT failed: %m");
808 if (fsetxattr(fd
, "security.SMACK64IPIN", s
->smack_ip_in
, strlen(s
->smack_ip_in
), 0) < 0)
809 log_error_unit(UNIT(s
)->id
,
810 "fsetxattr(\"security.SMACK64IPIN\"): %m");
813 if (fsetxattr(fd
, "security.SMACK64IPOUT", s
->smack_ip_out
, strlen(s
->smack_ip_out
), 0) < 0)
814 log_error_unit(UNIT(s
)->id
,
815 "fsetxattr(\"security.SMACK64IPOUT\"): %m");
819 static void socket_apply_fifo_options(Socket
*s
, int fd
) {
823 if (s
->pipe_size
> 0)
824 if (fcntl(fd
, F_SETPIPE_SZ
, s
->pipe_size
) < 0)
825 log_warning_unit(UNIT(s
)->id
,
830 if (fsetxattr(fd
, "security.SMACK64", s
->smack
, strlen(s
->smack
), 0) < 0)
831 log_error_unit(UNIT(s
)->id
,
832 "fsetxattr(\"security.SMACK64\"): %m");
836 static int fifo_address_create(
838 mode_t directory_mode
,
849 mkdir_parents_label(path
, directory_mode
);
851 r
= label_context_set(path
, S_IFIFO
);
855 /* Enforce the right access mode for the fifo */
856 old_mask
= umask(~ socket_mode
);
858 /* Include the original umask in our mask */
859 umask(~socket_mode
| old_mask
);
861 r
= mkfifo(path
, socket_mode
);
864 if (r
< 0 && errno
!= EEXIST
) {
869 if ((fd
= open(path
, O_RDWR
|O_CLOEXEC
|O_NOCTTY
|O_NONBLOCK
|O_NOFOLLOW
)) < 0) {
874 label_context_clear();
876 if (fstat(fd
, &st
) < 0) {
881 if (!S_ISFIFO(st
.st_mode
) ||
882 (st
.st_mode
& 0777) != (socket_mode
& ~old_mask
) ||
883 st
.st_uid
!= getuid() ||
884 st
.st_gid
!= getgid()) {
894 label_context_clear();
897 close_nointr_nofail(fd
);
902 static int special_address_create(
912 if ((fd
= open(path
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NONBLOCK
|O_NOFOLLOW
)) < 0) {
917 if (fstat(fd
, &st
) < 0) {
922 /* Check whether this is a /proc, /sys or /dev file or char device */
923 if (!S_ISREG(st
.st_mode
) && !S_ISCHR(st
.st_mode
)) {
933 close_nointr_nofail(fd
);
938 static int mq_address_create(
948 struct mq_attr _attr
, *attr
= NULL
;
953 if (maxmsg
> 0 && msgsize
> 0) {
955 _attr
.mq_flags
= O_NONBLOCK
;
956 _attr
.mq_maxmsg
= maxmsg
;
957 _attr
.mq_msgsize
= msgsize
;
961 /* Enforce the right access mode for the mq */
962 old_mask
= umask(~ mq_mode
);
964 /* Include the original umask in our mask */
965 umask(~mq_mode
| old_mask
);
967 fd
= mq_open(path
, O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_CREAT
, mq_mode
, attr
);
975 if (fstat(fd
, &st
) < 0) {
980 if ((st
.st_mode
& 0777) != (mq_mode
& ~old_mask
) ||
981 st
.st_uid
!= getuid() ||
982 st
.st_gid
!= getgid()) {
993 close_nointr_nofail(fd
);
998 static int socket_open_fds(Socket
*s
) {
1002 bool know_label
= false;
1006 LIST_FOREACH(port
, p
, s
->ports
) {
1011 if (p
->type
== SOCKET_SOCKET
) {
1015 if ((r
= socket_instantiate_service(s
)) < 0)
1018 if (UNIT_ISSET(s
->service
) &&
1019 SERVICE(UNIT_DEREF(s
->service
))->exec_command
[SERVICE_EXEC_START
]) {
1020 r
= label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s
->service
))->exec_command
[SERVICE_EXEC_START
]->path
, &label
);
1031 if ((r
= socket_address_listen(
1044 socket_apply_socket_options(s
, p
->fd
);
1046 } else if (p
->type
== SOCKET_SPECIAL
) {
1048 if ((r
= special_address_create(
1053 } else if (p
->type
== SOCKET_FIFO
) {
1055 if ((r
= fifo_address_create(
1062 socket_apply_fifo_options(s
, p
->fd
);
1063 } else if (p
->type
== SOCKET_MQUEUE
) {
1065 if ((r
= mq_address_create(
1073 assert_not_reached("Unknown port type");
1080 socket_close_fds(s
);
1085 static void socket_unwatch_fds(Socket
*s
) {
1090 LIST_FOREACH(port
, p
, s
->ports
) {
1094 unit_unwatch_fd(UNIT(s
), &p
->fd_watch
);
1098 static int socket_watch_fds(Socket
*s
) {
1104 LIST_FOREACH(port
, p
, s
->ports
) {
1108 p
->fd_watch
.socket_accept
=
1110 p
->type
== SOCKET_SOCKET
&&
1111 socket_address_can_accept(&p
->address
);
1113 if ((r
= unit_watch_fd(UNIT(s
), p
->fd
, EPOLLIN
, &p
->fd_watch
)) < 0)
1120 socket_unwatch_fds(s
);
1124 static void socket_set_state(Socket
*s
, SocketState state
) {
1125 SocketState old_state
;
1128 old_state
= s
->state
;
1131 if (state
!= SOCKET_START_PRE
&&
1132 state
!= SOCKET_START_POST
&&
1133 state
!= SOCKET_STOP_PRE
&&
1134 state
!= SOCKET_STOP_PRE_SIGTERM
&&
1135 state
!= SOCKET_STOP_PRE_SIGKILL
&&
1136 state
!= SOCKET_STOP_POST
&&
1137 state
!= SOCKET_FINAL_SIGTERM
&&
1138 state
!= SOCKET_FINAL_SIGKILL
) {
1139 unit_unwatch_timer(UNIT(s
), &s
->timer_watch
);
1140 socket_unwatch_control_pid(s
);
1141 s
->control_command
= NULL
;
1142 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
1145 if (state
!= SOCKET_LISTENING
)
1146 socket_unwatch_fds(s
);
1148 if (state
!= SOCKET_START_POST
&&
1149 state
!= SOCKET_LISTENING
&&
1150 state
!= SOCKET_RUNNING
&&
1151 state
!= SOCKET_STOP_PRE
&&
1152 state
!= SOCKET_STOP_PRE_SIGTERM
&&
1153 state
!= SOCKET_STOP_PRE_SIGKILL
)
1154 socket_close_fds(s
);
1156 if (state
!= old_state
)
1157 log_debug_unit(UNIT(s
)->id
,
1158 "%s changed %s -> %s", UNIT(s
)->id
,
1159 socket_state_to_string(old_state
),
1160 socket_state_to_string(state
));
1162 unit_notify(UNIT(s
), state_translation_table
[old_state
], state_translation_table
[state
], true);
1165 static int socket_coldplug(Unit
*u
) {
1166 Socket
*s
= SOCKET(u
);
1170 assert(s
->state
== SOCKET_DEAD
);
1172 if (s
->deserialized_state
!= s
->state
) {
1174 if (s
->deserialized_state
== SOCKET_START_PRE
||
1175 s
->deserialized_state
== SOCKET_START_POST
||
1176 s
->deserialized_state
== SOCKET_STOP_PRE
||
1177 s
->deserialized_state
== SOCKET_STOP_PRE_SIGTERM
||
1178 s
->deserialized_state
== SOCKET_STOP_PRE_SIGKILL
||
1179 s
->deserialized_state
== SOCKET_STOP_POST
||
1180 s
->deserialized_state
== SOCKET_FINAL_SIGTERM
||
1181 s
->deserialized_state
== SOCKET_FINAL_SIGKILL
) {
1183 if (s
->control_pid
<= 0)
1186 r
= unit_watch_pid(UNIT(s
), s
->control_pid
);
1190 r
= unit_watch_timer(UNIT(s
), CLOCK_MONOTONIC
, true, s
->timeout_usec
, &s
->timer_watch
);
1195 if (s
->deserialized_state
== SOCKET_START_POST
||
1196 s
->deserialized_state
== SOCKET_LISTENING
||
1197 s
->deserialized_state
== SOCKET_RUNNING
||
1198 s
->deserialized_state
== SOCKET_STOP_PRE
||
1199 s
->deserialized_state
== SOCKET_STOP_PRE_SIGTERM
||
1200 s
->deserialized_state
== SOCKET_STOP_PRE_SIGKILL
)
1201 if ((r
= socket_open_fds(s
)) < 0)
1204 if (s
->deserialized_state
== SOCKET_LISTENING
)
1205 if ((r
= socket_watch_fds(s
)) < 0)
1208 socket_set_state(s
, s
->deserialized_state
);
1214 static int socket_spawn(Socket
*s
, ExecCommand
*c
, pid_t
*_pid
) {
1223 unit_realize_cgroup(UNIT(s
));
1225 r
= unit_watch_timer(UNIT(s
), CLOCK_MONOTONIC
, true, s
->timeout_usec
, &s
->timer_watch
);
1229 r
= unit_full_printf_strv(UNIT(s
), c
->argv
, &argv
);
1237 UNIT(s
)->manager
->environment
,
1241 UNIT(s
)->manager
->confirm_spawn
,
1242 UNIT(s
)->cgroup_mask
,
1243 UNIT(s
)->cgroup_path
,
1252 if ((r
= unit_watch_pid(UNIT(s
), pid
)) < 0)
1253 /* FIXME: we need to do something here */
1261 unit_unwatch_timer(UNIT(s
), &s
->timer_watch
);
1266 static void socket_enter_dead(Socket
*s
, SocketResult f
) {
1269 if (f
!= SOCKET_SUCCESS
)
1272 exec_context_tmp_dirs_done(&s
->exec_context
);
1273 socket_set_state(s
, s
->result
!= SOCKET_SUCCESS
? SOCKET_FAILED
: SOCKET_DEAD
);
1276 static void socket_enter_signal(Socket
*s
, SocketState state
, SocketResult f
);
1278 static void socket_enter_stop_post(Socket
*s
, SocketResult f
) {
1282 if (f
!= SOCKET_SUCCESS
)
1285 socket_unwatch_control_pid(s
);
1287 s
->control_command_id
= SOCKET_EXEC_STOP_POST
;
1289 if ((s
->control_command
= s
->exec_command
[SOCKET_EXEC_STOP_POST
])) {
1290 if ((r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
)) < 0)
1293 socket_set_state(s
, SOCKET_STOP_POST
);
1295 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_SUCCESS
);
1300 log_warning_unit(UNIT(s
)->id
,
1301 "%s failed to run 'stop-post' task: %s",
1302 UNIT(s
)->id
, strerror(-r
));
1303 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_RESOURCES
);
1306 static void socket_enter_signal(Socket
*s
, SocketState state
, SocketResult f
) {
1311 if (f
!= SOCKET_SUCCESS
)
1314 r
= unit_kill_context(
1317 state
!= SOCKET_STOP_PRE_SIGTERM
&& state
!= SOCKET_FINAL_SIGTERM
,
1325 r
= unit_watch_timer(UNIT(s
), CLOCK_MONOTONIC
, true, s
->timeout_usec
, &s
->timer_watch
);
1329 socket_set_state(s
, state
);
1330 } else if (state
== SOCKET_STOP_PRE_SIGTERM
|| state
== SOCKET_STOP_PRE_SIGKILL
)
1331 socket_enter_stop_post(s
, SOCKET_SUCCESS
);
1333 socket_enter_dead(s
, SOCKET_SUCCESS
);
1338 log_warning_unit(UNIT(s
)->id
,
1339 "%s failed to kill processes: %s",
1340 UNIT(s
)->id
, strerror(-r
));
1342 if (state
== SOCKET_STOP_PRE_SIGTERM
|| state
== SOCKET_STOP_PRE_SIGKILL
)
1343 socket_enter_stop_post(s
, SOCKET_FAILURE_RESOURCES
);
1345 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
1348 static void socket_enter_stop_pre(Socket
*s
, SocketResult f
) {
1352 if (f
!= SOCKET_SUCCESS
)
1355 socket_unwatch_control_pid(s
);
1357 s
->control_command_id
= SOCKET_EXEC_STOP_PRE
;
1359 if ((s
->control_command
= s
->exec_command
[SOCKET_EXEC_STOP_PRE
])) {
1360 if ((r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
)) < 0)
1363 socket_set_state(s
, SOCKET_STOP_PRE
);
1365 socket_enter_stop_post(s
, SOCKET_SUCCESS
);
1370 log_warning_unit(UNIT(s
)->id
,
1371 "%s failed to run 'stop-pre' task: %s",
1372 UNIT(s
)->id
, strerror(-r
));
1373 socket_enter_stop_post(s
, SOCKET_FAILURE_RESOURCES
);
1376 static void socket_enter_listening(Socket
*s
) {
1380 r
= socket_watch_fds(s
);
1382 log_warning_unit(UNIT(s
)->id
,
1383 "%s failed to watch sockets: %s",
1384 UNIT(s
)->id
, strerror(-r
));
1388 socket_set_state(s
, SOCKET_LISTENING
);
1392 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1395 static void socket_enter_start_post(Socket
*s
) {
1399 r
= socket_open_fds(s
);
1401 log_warning_unit(UNIT(s
)->id
,
1402 "%s failed to listen on sockets: %s",
1403 UNIT(s
)->id
, strerror(-r
));
1407 socket_unwatch_control_pid(s
);
1409 s
->control_command_id
= SOCKET_EXEC_START_POST
;
1411 if ((s
->control_command
= s
->exec_command
[SOCKET_EXEC_START_POST
])) {
1412 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
1414 log_warning_unit(UNIT(s
)->id
,
1415 "%s failed to run 'start-post' task: %s",
1416 UNIT(s
)->id
, strerror(-r
));
1420 socket_set_state(s
, SOCKET_START_POST
);
1422 socket_enter_listening(s
);
1427 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1430 static void socket_enter_start_pre(Socket
*s
) {
1434 socket_unwatch_control_pid(s
);
1436 s
->control_command_id
= SOCKET_EXEC_START_PRE
;
1438 if ((s
->control_command
= s
->exec_command
[SOCKET_EXEC_START_PRE
])) {
1439 if ((r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
)) < 0)
1442 socket_set_state(s
, SOCKET_START_PRE
);
1444 socket_enter_start_post(s
);
1449 log_warning_unit(UNIT(s
)->id
,
1450 "%s failed to run 'start-pre' task: %s",
1451 UNIT(s
)->id
, strerror(-r
));
1452 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
1455 static void socket_enter_running(Socket
*s
, int cfd
) {
1460 dbus_error_init(&error
);
1462 /* We don't take connections anymore if we are supposed to
1463 * shut down anyway */
1464 if (unit_stop_pending(UNIT(s
))) {
1465 log_debug_unit(UNIT(s
)->id
,
1466 "Suppressing connection request on %s since unit stop is scheduled.",
1470 close_nointr_nofail(cfd
);
1472 /* Flush all sockets by closing and reopening them */
1473 socket_close_fds(s
);
1475 r
= socket_watch_fds(s
);
1477 log_warning_unit(UNIT(s
)->id
,
1478 "%s failed to watch sockets: %s",
1479 UNIT(s
)->id
, strerror(-r
));
1480 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1490 bool pending
= false;
1492 /* If there's already a start pending don't bother to
1494 SET_FOREACH(u
, UNIT(s
)->dependencies
[UNIT_TRIGGERS
], i
)
1495 if (unit_active_or_pending(u
)) {
1501 r
= manager_add_job(UNIT(s
)->manager
, JOB_START
, UNIT_DEREF(s
->service
), JOB_REPLACE
, true, &error
, NULL
);
1506 socket_set_state(s
, SOCKET_RUNNING
);
1508 char *prefix
, *instance
= NULL
, *name
;
1511 if (s
->n_connections
>= s
->max_connections
) {
1512 log_warning_unit(UNIT(s
)->id
,
1513 "%s: Too many incoming connections (%u)",
1514 UNIT(s
)->id
, s
->n_connections
);
1515 close_nointr_nofail(cfd
);
1519 r
= socket_instantiate_service(s
);
1523 r
= instance_from_socket(cfd
, s
->n_accepted
, &instance
);
1528 /* ENOTCONN is legitimate if TCP RST was received.
1529 * This connection is over, but the socket unit lives on. */
1530 close_nointr_nofail(cfd
);
1534 prefix
= unit_name_to_prefix(UNIT(s
)->id
);
1541 name
= unit_name_build(prefix
, instance
, ".service");
1550 r
= unit_add_name(UNIT_DEREF(s
->service
), name
);
1556 service
= SERVICE(UNIT_DEREF(s
->service
));
1557 unit_ref_unset(&s
->service
);
1560 UNIT(service
)->no_gc
= false;
1562 unit_choose_id(UNIT(service
), name
);
1565 r
= service_set_socket_fd(service
, cfd
, s
);
1570 s
->n_connections
++;
1572 r
= manager_add_job(UNIT(s
)->manager
, JOB_START
, UNIT(service
), JOB_REPLACE
, true, &error
, NULL
);
1576 /* Notify clients about changed counters */
1577 unit_add_to_dbus_queue(UNIT(s
));
1583 log_warning_unit(UNIT(s
)->id
,
1584 "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1586 cfd
>= 0 ? "template" : "non-template",
1587 bus_error(&error
, r
));
1588 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1591 close_nointr_nofail(cfd
);
1593 dbus_error_free(&error
);
1596 static void socket_run_next(Socket
*s
) {
1600 assert(s
->control_command
);
1601 assert(s
->control_command
->command_next
);
1603 socket_unwatch_control_pid(s
);
1605 s
->control_command
= s
->control_command
->command_next
;
1607 if ((r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
)) < 0)
1613 log_warning_unit(UNIT(s
)->id
,
1614 "%s failed to run next task: %s",
1615 UNIT(s
)->id
, strerror(-r
));
1617 if (s
->state
== SOCKET_START_POST
)
1618 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1619 else if (s
->state
== SOCKET_STOP_POST
)
1620 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
1622 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_RESOURCES
);
1625 static int socket_start(Unit
*u
) {
1626 Socket
*s
= SOCKET(u
);
1630 /* We cannot fulfill this request right now, try again later
1632 if (s
->state
== SOCKET_STOP_PRE
||
1633 s
->state
== SOCKET_STOP_PRE_SIGKILL
||
1634 s
->state
== SOCKET_STOP_PRE_SIGTERM
||
1635 s
->state
== SOCKET_STOP_POST
||
1636 s
->state
== SOCKET_FINAL_SIGTERM
||
1637 s
->state
== SOCKET_FINAL_SIGKILL
)
1640 if (s
->state
== SOCKET_START_PRE
||
1641 s
->state
== SOCKET_START_POST
)
1644 /* Cannot run this without the service being around */
1645 if (UNIT_ISSET(s
->service
)) {
1648 service
= SERVICE(UNIT_DEREF(s
->service
));
1650 if (UNIT(service
)->load_state
!= UNIT_LOADED
) {
1651 log_error_unit(u
->id
,
1652 "Socket service %s not loaded, refusing.",
1657 /* If the service is already active we cannot start the
1659 if (service
->state
!= SERVICE_DEAD
&&
1660 service
->state
!= SERVICE_FAILED
&&
1661 service
->state
!= SERVICE_AUTO_RESTART
) {
1662 log_error_unit(u
->id
,
1663 "Socket service %s already active, refusing.",
1668 #ifdef HAVE_SYSV_COMPAT
1669 if (service
->is_sysv
) {
1670 log_error_unit(u
->id
,
1671 "Using SysV services for socket activation is not supported. Refusing.");
1677 assert(s
->state
== SOCKET_DEAD
|| s
->state
== SOCKET_FAILED
);
1679 s
->result
= SOCKET_SUCCESS
;
1680 socket_enter_start_pre(s
);
1684 static int socket_stop(Unit
*u
) {
1685 Socket
*s
= SOCKET(u
);
1690 if (s
->state
== SOCKET_STOP_PRE
||
1691 s
->state
== SOCKET_STOP_PRE_SIGTERM
||
1692 s
->state
== SOCKET_STOP_PRE_SIGKILL
||
1693 s
->state
== SOCKET_STOP_POST
||
1694 s
->state
== SOCKET_FINAL_SIGTERM
||
1695 s
->state
== SOCKET_FINAL_SIGKILL
)
1698 /* If there's already something running we go directly into
1700 if (s
->state
== SOCKET_START_PRE
||
1701 s
->state
== SOCKET_START_POST
) {
1702 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGTERM
, SOCKET_SUCCESS
);
1706 assert(s
->state
== SOCKET_LISTENING
|| s
->state
== SOCKET_RUNNING
);
1708 socket_enter_stop_pre(s
, SOCKET_SUCCESS
);
1712 static int socket_serialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
1713 Socket
*s
= SOCKET(u
);
1721 unit_serialize_item(u
, f
, "state", socket_state_to_string(s
->state
));
1722 unit_serialize_item(u
, f
, "result", socket_result_to_string(s
->result
));
1723 unit_serialize_item_format(u
, f
, "n-accepted", "%u", s
->n_accepted
);
1725 if (s
->control_pid
> 0)
1726 unit_serialize_item_format(u
, f
, "control-pid", "%lu", (unsigned long) s
->control_pid
);
1728 if (s
->control_command_id
>= 0)
1729 unit_serialize_item(u
, f
, "control-command", socket_exec_command_to_string(s
->control_command_id
));
1731 LIST_FOREACH(port
, p
, s
->ports
) {
1737 if ((copy
= fdset_put_dup(fds
, p
->fd
)) < 0)
1740 if (p
->type
== SOCKET_SOCKET
) {
1743 r
= socket_address_print(&p
->address
, &t
);
1747 if (socket_address_family(&p
->address
) == AF_NETLINK
)
1748 unit_serialize_item_format(u
, f
, "netlink", "%i %s", copy
, t
);
1750 unit_serialize_item_format(u
, f
, "socket", "%i %i %s", copy
, p
->address
.type
, t
);
1752 } else if (p
->type
== SOCKET_SPECIAL
)
1753 unit_serialize_item_format(u
, f
, "special", "%i %s", copy
, p
->path
);
1754 else if (p
->type
== SOCKET_MQUEUE
)
1755 unit_serialize_item_format(u
, f
, "mqueue", "%i %s", copy
, p
->path
);
1757 assert(p
->type
== SOCKET_FIFO
);
1758 unit_serialize_item_format(u
, f
, "fifo", "%i %s", copy
, p
->path
);
1762 exec_context_serialize(&s
->exec_context
, UNIT(s
), f
);
1767 static int socket_deserialize_item(Unit
*u
, const char *key
, const char *value
, FDSet
*fds
) {
1768 Socket
*s
= SOCKET(u
);
1775 if (streq(key
, "state")) {
1778 state
= socket_state_from_string(value
);
1780 log_debug_unit(u
->id
,
1781 "Failed to parse state value %s", value
);
1783 s
->deserialized_state
= state
;
1784 } else if (streq(key
, "result")) {
1787 f
= socket_result_from_string(value
);
1789 log_debug_unit(u
->id
,
1790 "Failed to parse result value %s", value
);
1791 else if (f
!= SOCKET_SUCCESS
)
1794 } else if (streq(key
, "n-accepted")) {
1797 if (safe_atou(value
, &k
) < 0)
1798 log_debug_unit(u
->id
,
1799 "Failed to parse n-accepted value %s", value
);
1802 } else if (streq(key
, "control-pid")) {
1805 if (parse_pid(value
, &pid
) < 0)
1806 log_debug_unit(u
->id
,
1807 "Failed to parse control-pid value %s", value
);
1809 s
->control_pid
= pid
;
1810 } else if (streq(key
, "control-command")) {
1811 SocketExecCommand id
;
1813 id
= socket_exec_command_from_string(value
);
1815 log_debug_unit(u
->id
,
1816 "Failed to parse exec-command value %s", value
);
1818 s
->control_command_id
= id
;
1819 s
->control_command
= s
->exec_command
[id
];
1821 } else if (streq(key
, "fifo")) {
1825 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
1826 log_debug_unit(u
->id
,
1827 "Failed to parse fifo value %s", value
);
1830 LIST_FOREACH(port
, p
, s
->ports
)
1831 if (p
->type
== SOCKET_FIFO
&&
1832 streq_ptr(p
->path
, value
+skip
))
1837 close_nointr_nofail(p
->fd
);
1838 p
->fd
= fdset_remove(fds
, fd
);
1842 } else if (streq(key
, "special")) {
1846 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
1847 log_debug_unit(u
->id
,
1848 "Failed to parse special value %s", value
);
1851 LIST_FOREACH(port
, p
, s
->ports
)
1852 if (p
->type
== SOCKET_SPECIAL
&&
1853 streq_ptr(p
->path
, value
+skip
))
1858 close_nointr_nofail(p
->fd
);
1859 p
->fd
= fdset_remove(fds
, fd
);
1863 } else if (streq(key
, "mqueue")) {
1867 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
1868 log_debug_unit(u
->id
,
1869 "Failed to parse mqueue value %s", value
);
1872 LIST_FOREACH(port
, p
, s
->ports
)
1873 if (p
->type
== SOCKET_MQUEUE
&&
1874 streq_ptr(p
->path
, value
+skip
))
1879 close_nointr_nofail(p
->fd
);
1880 p
->fd
= fdset_remove(fds
, fd
);
1884 } else if (streq(key
, "socket")) {
1885 int fd
, type
, skip
= 0;
1888 if (sscanf(value
, "%i %i %n", &fd
, &type
, &skip
) < 2 || fd
< 0 || type
< 0 || !fdset_contains(fds
, fd
))
1889 log_debug_unit(u
->id
,
1890 "Failed to parse socket value %s", value
);
1893 LIST_FOREACH(port
, p
, s
->ports
)
1894 if (socket_address_is(&p
->address
, value
+skip
, type
))
1899 close_nointr_nofail(p
->fd
);
1900 p
->fd
= fdset_remove(fds
, fd
);
1904 } else if (streq(key
, "netlink")) {
1908 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
1909 log_debug_unit(u
->id
,
1910 "Failed to parse socket value %s", value
);
1913 LIST_FOREACH(port
, p
, s
->ports
)
1914 if (socket_address_is_netlink(&p
->address
, value
+skip
))
1919 close_nointr_nofail(p
->fd
);
1920 p
->fd
= fdset_remove(fds
, fd
);
1923 } else if (streq(key
, "tmp-dir")) {
1930 s
->exec_context
.tmp_dir
= t
;
1931 } else if (streq(key
, "var-tmp-dir")) {
1938 s
->exec_context
.var_tmp_dir
= t
;
1940 log_debug_unit(UNIT(s
)->id
,
1941 "Unknown serialization key '%s'", key
);
1946 static int socket_distribute_fds(Unit
*u
, FDSet
*fds
) {
1947 Socket
*s
= SOCKET(u
);
1952 LIST_FOREACH(port
, p
, s
->ports
) {
1956 if (p
->type
!= SOCKET_SOCKET
)
1962 FDSET_FOREACH(fd
, fds
, i
) {
1963 if (socket_address_matches_fd(&p
->address
, fd
)) {
1964 p
->fd
= fdset_remove(fds
, fd
);
1965 s
->deserialized_state
= SOCKET_LISTENING
;
1974 _pure_
static UnitActiveState
socket_active_state(Unit
*u
) {
1977 return state_translation_table
[SOCKET(u
)->state
];
1980 _pure_
static const char *socket_sub_state_to_string(Unit
*u
) {
1983 return socket_state_to_string(SOCKET(u
)->state
);
1986 const char* socket_port_type_to_string(SocketPort
*p
) {
1992 switch (p
->address
.type
) {
1993 case SOCK_STREAM
: return "Stream";
1994 case SOCK_DGRAM
: return "Datagram";
1995 case SOCK_SEQPACKET
: return "SequentialPacket";
1997 if (socket_address_family(&p
->address
) == AF_NETLINK
)
1999 default: return "Invalid";
2001 case SOCKET_SPECIAL
: return "Special";
2002 case SOCKET_MQUEUE
: return "MessageQueue";
2003 case SOCKET_FIFO
: return "FIFO";
2004 default: return NULL
;
2008 _pure_
static bool socket_check_gc(Unit
*u
) {
2009 Socket
*s
= SOCKET(u
);
2013 return s
->n_connections
> 0;
2016 static void socket_fd_event(Unit
*u
, int fd
, uint32_t events
, Watch
*w
) {
2017 Socket
*s
= SOCKET(u
);
2023 if (s
->state
!= SOCKET_LISTENING
)
2026 log_debug_unit(u
->id
, "Incoming traffic on %s", u
->id
);
2028 if (events
!= EPOLLIN
) {
2030 if (events
& EPOLLHUP
)
2031 log_error_unit(u
->id
,
2032 "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2035 log_error_unit(u
->id
,
2036 "%s: Got unexpected poll event (0x%x) on socket.",
2042 if (w
->socket_accept
) {
2045 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
);
2051 log_error_unit(u
->id
,
2052 "Failed to accept socket: %m");
2059 socket_apply_socket_options(s
, cfd
);
2062 socket_enter_running(s
, cfd
);
2066 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
2069 static void socket_sigchld_event(Unit
*u
, pid_t pid
, int code
, int status
) {
2070 Socket
*s
= SOCKET(u
);
2076 if (pid
!= s
->control_pid
)
2081 if (is_clean_exit(code
, status
, NULL
))
2083 else if (code
== CLD_EXITED
)
2084 f
= SOCKET_FAILURE_EXIT_CODE
;
2085 else if (code
== CLD_KILLED
)
2086 f
= SOCKET_FAILURE_SIGNAL
;
2087 else if (code
== CLD_DUMPED
)
2088 f
= SOCKET_FAILURE_CORE_DUMP
;
2090 assert_not_reached("Unknown code");
2092 if (s
->control_command
) {
2093 exec_status_exit(&s
->control_command
->exec_status
, &s
->exec_context
, pid
, code
, status
);
2095 if (s
->control_command
->ignore
)
2099 log_full_unit(f
== SOCKET_SUCCESS
? LOG_DEBUG
: LOG_NOTICE
,
2101 "%s control process exited, code=%s status=%i",
2102 u
->id
, sigchld_code_to_string(code
), status
);
2104 if (f
!= SOCKET_SUCCESS
)
2107 if (s
->control_command
&&
2108 s
->control_command
->command_next
&&
2109 f
== SOCKET_SUCCESS
) {
2111 log_debug_unit(u
->id
,
2112 "%s running next command for state %s",
2113 u
->id
, socket_state_to_string(s
->state
));
2116 s
->control_command
= NULL
;
2117 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
2119 /* No further commands for this step, so let's figure
2120 * out what to do next */
2122 log_debug_unit(u
->id
,
2123 "%s got final SIGCHLD for state %s",
2124 u
->id
, socket_state_to_string(s
->state
));
2128 case SOCKET_START_PRE
:
2129 if (f
== SOCKET_SUCCESS
)
2130 socket_enter_start_post(s
);
2132 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, f
);
2135 case SOCKET_START_POST
:
2136 if (f
== SOCKET_SUCCESS
)
2137 socket_enter_listening(s
);
2139 socket_enter_stop_pre(s
, f
);
2142 case SOCKET_STOP_PRE
:
2143 case SOCKET_STOP_PRE_SIGTERM
:
2144 case SOCKET_STOP_PRE_SIGKILL
:
2145 socket_enter_stop_post(s
, f
);
2148 case SOCKET_STOP_POST
:
2149 case SOCKET_FINAL_SIGTERM
:
2150 case SOCKET_FINAL_SIGKILL
:
2151 socket_enter_dead(s
, f
);
2155 assert_not_reached("Uh, control process died at wrong time.");
2159 /* Notify clients about changed exit status */
2160 unit_add_to_dbus_queue(u
);
2163 static void socket_timer_event(Unit
*u
, uint64_t elapsed
, Watch
*w
) {
2164 Socket
*s
= SOCKET(u
);
2167 assert(elapsed
== 1);
2168 assert(w
== &s
->timer_watch
);
2172 case SOCKET_START_PRE
:
2173 log_warning_unit(u
->id
,
2174 "%s starting timed out. Terminating.", u
->id
);
2175 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2178 case SOCKET_START_POST
:
2179 log_warning_unit(u
->id
,
2180 "%s starting timed out. Stopping.", u
->id
);
2181 socket_enter_stop_pre(s
, SOCKET_FAILURE_TIMEOUT
);
2184 case SOCKET_STOP_PRE
:
2185 log_warning_unit(u
->id
,
2186 "%s stopping timed out. Terminating.", u
->id
);
2187 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2190 case SOCKET_STOP_PRE_SIGTERM
:
2191 if (s
->kill_context
.send_sigkill
) {
2192 log_warning_unit(u
->id
,
2193 "%s stopping timed out. Killing.", u
->id
);
2194 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGKILL
, SOCKET_FAILURE_TIMEOUT
);
2196 log_warning_unit(u
->id
,
2197 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2199 socket_enter_stop_post(s
, SOCKET_FAILURE_TIMEOUT
);
2203 case SOCKET_STOP_PRE_SIGKILL
:
2204 log_warning_unit(u
->id
,
2205 "%s still around after SIGKILL. Ignoring.", u
->id
);
2206 socket_enter_stop_post(s
, SOCKET_FAILURE_TIMEOUT
);
2209 case SOCKET_STOP_POST
:
2210 log_warning_unit(u
->id
,
2211 "%s stopping timed out (2). Terminating.", u
->id
);
2212 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2215 case SOCKET_FINAL_SIGTERM
:
2216 if (s
->kill_context
.send_sigkill
) {
2217 log_warning_unit(u
->id
,
2218 "%s stopping timed out (2). Killing.", u
->id
);
2219 socket_enter_signal(s
, SOCKET_FINAL_SIGKILL
, SOCKET_FAILURE_TIMEOUT
);
2221 log_warning_unit(u
->id
,
2222 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2224 socket_enter_dead(s
, SOCKET_FAILURE_TIMEOUT
);
2228 case SOCKET_FINAL_SIGKILL
:
2229 log_warning_unit(u
->id
,
2230 "%s still around after SIGKILL (2). Entering failed mode.",
2232 socket_enter_dead(s
, SOCKET_FAILURE_TIMEOUT
);
2236 assert_not_reached("Timeout at wrong time.");
2240 int socket_collect_fds(Socket
*s
, int **fds
, unsigned *n_fds
) {
2249 /* Called from the service code for requesting our fds */
2252 LIST_FOREACH(port
, p
, s
->ports
)
2262 if (!(rfds
= new(int, rn_fds
)))
2266 LIST_FOREACH(port
, p
, s
->ports
)
2270 assert(k
== rn_fds
);
2278 static void socket_notify_service_dead(Socket
*s
, bool failed_permanent
) {
2281 /* The service is dead. Dang!
2283 * This is strictly for one-instance-for-all-connections
2286 if (s
->state
== SOCKET_RUNNING
) {
2287 log_debug_unit(UNIT(s
)->id
,
2288 "%s got notified about service death (failed permanently: %s)",
2289 UNIT(s
)->id
, yes_no(failed_permanent
));
2290 if (failed_permanent
)
2291 socket_enter_stop_pre(s
, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT
);
2293 socket_enter_listening(s
);
2297 void socket_connection_unref(Socket
*s
) {
2300 /* The service is dead. Yay!
2302 * This is strictly for one-instance-per-connection
2305 assert(s
->n_connections
> 0);
2308 log_debug_unit(UNIT(s
)->id
,
2309 "%s: One connection closed, %u left.", UNIT(s
)->id
, s
->n_connections
);
2312 static void socket_reset_failed(Unit
*u
) {
2313 Socket
*s
= SOCKET(u
);
2317 if (s
->state
== SOCKET_FAILED
)
2318 socket_set_state(s
, SOCKET_DEAD
);
2320 s
->result
= SOCKET_SUCCESS
;
2323 static void socket_trigger_notify(Unit
*u
, Unit
*other
) {
2324 Socket
*s
= SOCKET(u
);
2325 Service
*se
= SERVICE(other
);
2330 /* Don't propagate state changes from the service if we are
2331 already down or accepting connections */
2332 if ((s
->state
!= SOCKET_RUNNING
&&
2333 s
->state
!= SOCKET_LISTENING
) ||
2337 if (other
->load_state
!= UNIT_LOADED
||
2338 other
->type
!= UNIT_SERVICE
)
2341 if (se
->state
== SERVICE_FAILED
)
2342 socket_notify_service_dead(s
, se
->result
== SERVICE_FAILURE_START_LIMIT
);
2344 if (se
->state
== SERVICE_DEAD
||
2345 se
->state
== SERVICE_STOP
||
2346 se
->state
== SERVICE_STOP_SIGTERM
||
2347 se
->state
== SERVICE_STOP_SIGKILL
||
2348 se
->state
== SERVICE_STOP_POST
||
2349 se
->state
== SERVICE_FINAL_SIGTERM
||
2350 se
->state
== SERVICE_FINAL_SIGKILL
||
2351 se
->state
== SERVICE_AUTO_RESTART
)
2352 socket_notify_service_dead(s
, false);
2354 if (se
->state
== SERVICE_RUNNING
)
2355 socket_set_state(s
, SOCKET_RUNNING
);
2358 static int socket_kill(Unit
*u
, KillWho who
, int signo
, DBusError
*error
) {
2359 return unit_kill_common(u
, who
, signo
, -1, SOCKET(u
)->control_pid
, error
);
2362 static const char* const socket_state_table
[_SOCKET_STATE_MAX
] = {
2363 [SOCKET_DEAD
] = "dead",
2364 [SOCKET_START_PRE
] = "start-pre",
2365 [SOCKET_START_POST
] = "start-post",
2366 [SOCKET_LISTENING
] = "listening",
2367 [SOCKET_RUNNING
] = "running",
2368 [SOCKET_STOP_PRE
] = "stop-pre",
2369 [SOCKET_STOP_PRE_SIGTERM
] = "stop-pre-sigterm",
2370 [SOCKET_STOP_PRE_SIGKILL
] = "stop-pre-sigkill",
2371 [SOCKET_STOP_POST
] = "stop-post",
2372 [SOCKET_FINAL_SIGTERM
] = "final-sigterm",
2373 [SOCKET_FINAL_SIGKILL
] = "final-sigkill",
2374 [SOCKET_FAILED
] = "failed"
2377 DEFINE_STRING_TABLE_LOOKUP(socket_state
, SocketState
);
2379 static const char* const socket_exec_command_table
[_SOCKET_EXEC_COMMAND_MAX
] = {
2380 [SOCKET_EXEC_START_PRE
] = "StartPre",
2381 [SOCKET_EXEC_START_POST
] = "StartPost",
2382 [SOCKET_EXEC_STOP_PRE
] = "StopPre",
2383 [SOCKET_EXEC_STOP_POST
] = "StopPost"
2386 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command
, SocketExecCommand
);
2388 static const char* const socket_result_table
[_SOCKET_RESULT_MAX
] = {
2389 [SOCKET_SUCCESS
] = "success",
2390 [SOCKET_FAILURE_RESOURCES
] = "resources",
2391 [SOCKET_FAILURE_TIMEOUT
] = "timeout",
2392 [SOCKET_FAILURE_EXIT_CODE
] = "exit-code",
2393 [SOCKET_FAILURE_SIGNAL
] = "signal",
2394 [SOCKET_FAILURE_CORE_DUMP
] = "core-dump",
2395 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT
] = "service-failed-permanent"
2398 DEFINE_STRING_TABLE_LOOKUP(socket_result
, SocketResult
);
2400 const UnitVTable socket_vtable
= {
2401 .object_size
= sizeof(Socket
),
2408 .private_section
= "Socket",
2409 .exec_context_offset
= offsetof(Socket
, exec_context
),
2410 .cgroup_context_offset
= offsetof(Socket
, cgroup_context
),
2412 .init
= socket_init
,
2413 .done
= socket_done
,
2414 .load
= socket_load
,
2416 .kill
= socket_kill
,
2418 .coldplug
= socket_coldplug
,
2420 .dump
= socket_dump
,
2422 .start
= socket_start
,
2423 .stop
= socket_stop
,
2425 .serialize
= socket_serialize
,
2426 .deserialize_item
= socket_deserialize_item
,
2427 .distribute_fds
= socket_distribute_fds
,
2429 .active_state
= socket_active_state
,
2430 .sub_state_to_string
= socket_sub_state_to_string
,
2432 .check_gc
= socket_check_gc
,
2434 .fd_event
= socket_fd_event
,
2435 .sigchld_event
= socket_sigchld_event
,
2436 .timer_event
= socket_timer_event
,
2438 .trigger_notify
= socket_trigger_notify
,
2440 .reset_failed
= socket_reset_failed
,
2442 .bus_interface
= "org.freedesktop.systemd1.Socket",
2443 .bus_message_handler
= bus_socket_message_handler
,
2444 .bus_invalidating_properties
= bus_socket_invalidating_properties
,
2445 .bus_set_property
= bus_socket_set_property
,
2446 .bus_commit_properties
= bus_socket_commit_properties
,
2448 .status_message_formats
= {
2449 /*.starting_stopping = {
2450 [0] = "Starting socket %s...",
2451 [1] = "Stopping socket %s...",
2453 .finished_start_job
= {
2454 [JOB_DONE
] = "Listening on %s.",
2455 [JOB_FAILED
] = "Failed to listen on %s.",
2456 [JOB_DEPENDENCY
] = "Dependency failed for %s.",
2457 [JOB_TIMEOUT
] = "Timed out starting %s.",
2459 .finished_stop_job
= {
2460 [JOB_DONE
] = "Closed %s.",
2461 [JOB_FAILED
] = "Failed stopping %s.",
2462 [JOB_TIMEOUT
] = "Timed out stopping %s.",