2 This file is part of systemd.
4 Copyright 2010 Lennart Poettering
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 #include <arpa/inet.h>
24 #include <netinet/tcp.h>
26 #include <sys/epoll.h>
29 #include <linux/sctp.h>
32 #include "alloc-util.h"
33 #include "bus-error.h"
36 #include "dbus-socket.h"
38 #include "exit-status.h"
40 #include "formats-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
48 #include "selinux-util.h"
49 #include "signal-util.h"
50 #include "smack-util.h"
53 #include "string-table.h"
54 #include "string-util.h"
56 #include "unit-name.h"
57 #include "unit-printf.h"
59 #include "user-util.h"
61 static const UnitActiveState state_translation_table
[_SOCKET_STATE_MAX
] = {
62 [SOCKET_DEAD
] = UNIT_INACTIVE
,
63 [SOCKET_START_PRE
] = UNIT_ACTIVATING
,
64 [SOCKET_START_CHOWN
] = UNIT_ACTIVATING
,
65 [SOCKET_START_POST
] = UNIT_ACTIVATING
,
66 [SOCKET_LISTENING
] = UNIT_ACTIVE
,
67 [SOCKET_RUNNING
] = UNIT_ACTIVE
,
68 [SOCKET_STOP_PRE
] = UNIT_DEACTIVATING
,
69 [SOCKET_STOP_PRE_SIGTERM
] = UNIT_DEACTIVATING
,
70 [SOCKET_STOP_PRE_SIGKILL
] = UNIT_DEACTIVATING
,
71 [SOCKET_STOP_POST
] = UNIT_DEACTIVATING
,
72 [SOCKET_FINAL_SIGTERM
] = UNIT_DEACTIVATING
,
73 [SOCKET_FINAL_SIGKILL
] = UNIT_DEACTIVATING
,
74 [SOCKET_FAILED
] = UNIT_FAILED
77 static int socket_dispatch_io(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
78 static int socket_dispatch_timer(sd_event_source
*source
, usec_t usec
, void *userdata
);
80 static void socket_init(Unit
*u
) {
81 Socket
*s
= SOCKET(u
);
84 assert(u
->load_state
== UNIT_STUB
);
86 s
->backlog
= SOMAXCONN
;
87 s
->timeout_usec
= u
->manager
->default_timeout_start_usec
;
88 s
->directory_mode
= 0755;
89 s
->socket_mode
= 0666;
91 s
->max_connections
= 64;
98 s
->exec_context
.std_output
= u
->manager
->default_std_output
;
99 s
->exec_context
.std_error
= u
->manager
->default_std_error
;
101 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
103 s
->trigger_limit
.interval
= USEC_INFINITY
;
104 s
->trigger_limit
.burst
= (unsigned) -1;
107 static void socket_unwatch_control_pid(Socket
*s
) {
110 if (s
->control_pid
<= 0)
113 unit_unwatch_pid(UNIT(s
), s
->control_pid
);
117 static void socket_cleanup_fd_list(SocketPort
*p
) {
120 close_many(p
->auxiliary_fds
, p
->n_auxiliary_fds
);
121 p
->auxiliary_fds
= mfree(p
->auxiliary_fds
);
122 p
->n_auxiliary_fds
= 0;
125 void socket_free_ports(Socket
*s
) {
130 while ((p
= s
->ports
)) {
131 LIST_REMOVE(port
, s
->ports
, p
);
133 sd_event_source_unref(p
->event_source
);
135 socket_cleanup_fd_list(p
);
142 static void socket_done(Unit
*u
) {
143 Socket
*s
= SOCKET(u
);
147 socket_free_ports(s
);
149 s
->exec_runtime
= exec_runtime_unref(s
->exec_runtime
);
150 exec_command_free_array(s
->exec_command
, _SOCKET_EXEC_COMMAND_MAX
);
151 s
->control_command
= NULL
;
153 socket_unwatch_control_pid(s
);
155 unit_ref_unset(&s
->service
);
157 s
->tcp_congestion
= mfree(s
->tcp_congestion
);
158 s
->bind_to_device
= mfree(s
->bind_to_device
);
160 s
->smack
= mfree(s
->smack
);
161 s
->smack_ip_in
= mfree(s
->smack_ip_in
);
162 s
->smack_ip_out
= mfree(s
->smack_ip_out
);
164 strv_free(s
->symlinks
);
166 s
->user
= mfree(s
->user
);
167 s
->group
= mfree(s
->group
);
169 s
->fdname
= mfree(s
->fdname
);
171 s
->timer_event_source
= sd_event_source_unref(s
->timer_event_source
);
174 static int socket_arm_timer(Socket
*s
, usec_t usec
) {
179 if (s
->timer_event_source
) {
180 r
= sd_event_source_set_time(s
->timer_event_source
, usec
);
184 return sd_event_source_set_enabled(s
->timer_event_source
, SD_EVENT_ONESHOT
);
187 if (usec
== USEC_INFINITY
)
190 r
= sd_event_add_time(
191 UNIT(s
)->manager
->event
,
192 &s
->timer_event_source
,
195 socket_dispatch_timer
, s
);
199 (void) sd_event_source_set_description(s
->timer_event_source
, "socket-timer");
204 int socket_instantiate_service(Socket
*s
) {
205 _cleanup_free_
char *prefix
= NULL
, *name
= NULL
;
211 /* This fills in s->service if it isn't filled in yet. For
212 * Accept=yes sockets we create the next connection service
213 * here. For Accept=no this is mostly a NOP since the service
214 * is figured out at load time anyway. */
216 if (UNIT_DEREF(s
->service
))
222 r
= unit_name_to_prefix(UNIT(s
)->id
, &prefix
);
226 if (asprintf(&name
, "%s@%u.service", prefix
, s
->n_accepted
) < 0)
229 r
= manager_load_unit(UNIT(s
)->manager
, name
, NULL
, NULL
, &u
);
233 unit_ref_set(&s
->service
, u
);
235 return unit_add_two_dependencies(UNIT(s
), UNIT_BEFORE
, UNIT_TRIGGERS
, u
, false);
238 static bool have_non_accept_socket(Socket
*s
) {
246 LIST_FOREACH(port
, p
, s
->ports
) {
248 if (p
->type
!= SOCKET_SOCKET
)
251 if (!socket_address_can_accept(&p
->address
))
258 static int socket_add_mount_links(Socket
*s
) {
264 LIST_FOREACH(port
, p
, s
->ports
) {
265 const char *path
= NULL
;
267 if (p
->type
== SOCKET_SOCKET
)
268 path
= socket_address_get_path(&p
->address
);
269 else if (IN_SET(p
->type
, SOCKET_FIFO
, SOCKET_SPECIAL
, SOCKET_USB_FUNCTION
))
275 r
= unit_require_mounts_for(UNIT(s
), path
);
283 static int socket_add_device_link(Socket
*s
) {
288 if (!s
->bind_to_device
|| streq(s
->bind_to_device
, "lo"))
291 t
= strjoina("/sys/subsystem/net/devices/", s
->bind_to_device
);
292 return unit_add_node_link(UNIT(s
), t
, false, UNIT_BINDS_TO
);
295 static int socket_add_default_dependencies(Socket
*s
) {
299 if (!UNIT(s
)->default_dependencies
)
302 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_BEFORE
, SPECIAL_SOCKETS_TARGET
, NULL
, true);
306 if (MANAGER_IS_SYSTEM(UNIT(s
)->manager
)) {
307 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_SYSINIT_TARGET
, NULL
, true);
312 return unit_add_two_dependencies_by_name(UNIT(s
), UNIT_BEFORE
, UNIT_CONFLICTS
, SPECIAL_SHUTDOWN_TARGET
, NULL
, true);
315 _pure_
static bool socket_has_exec(Socket
*s
) {
319 for (i
= 0; i
< _SOCKET_EXEC_COMMAND_MAX
; i
++)
320 if (s
->exec_command
[i
])
326 static int socket_add_extras(Socket
*s
) {
332 /* Pick defaults for the trigger limit, if nothing was explicitly configured. We pick a relatively high limit
333 * in Accept=yes mode, and a lower limit for Accept=no. Reason: in Accept=yes mode we are invoking accept()
334 * ourselves before the trigger limit can hit, thus incoming connections are taken off the socket queue quickly
335 * and reliably. This is different for Accept=no, where the spawned service has to take the incoming traffic
336 * off the queues, which it might not necessarily do. Moreover, while Accept=no services are supposed to
337 * process whatever is queued in one go, and thus should normally never have to be started frequently. This is
338 * different for Accept=yes where each connection is processed by a new service instance, and thus frequent
339 * service starts are typical. */
341 if (s
->trigger_limit
.interval
== USEC_INFINITY
)
342 s
->trigger_limit
.interval
= 2 * USEC_PER_SEC
;
344 if (s
->trigger_limit
.burst
== (unsigned) -1) {
346 s
->trigger_limit
.burst
= 200;
348 s
->trigger_limit
.burst
= 20;
351 if (have_non_accept_socket(s
)) {
353 if (!UNIT_DEREF(s
->service
)) {
356 r
= unit_load_related_unit(u
, ".service", &x
);
360 unit_ref_set(&s
->service
, x
);
363 r
= unit_add_two_dependencies(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, UNIT_DEREF(s
->service
), true);
368 r
= socket_add_mount_links(s
);
372 r
= socket_add_device_link(s
);
376 r
= unit_patch_contexts(u
);
380 if (socket_has_exec(s
)) {
381 r
= unit_add_exec_dependencies(u
, &s
->exec_context
);
385 r
= unit_set_default_slice(u
);
390 r
= socket_add_default_dependencies(s
);
397 static const char *socket_find_symlink_target(Socket
*s
) {
398 const char *found
= NULL
;
401 LIST_FOREACH(port
, p
, s
->ports
) {
402 const char *f
= NULL
;
411 if (p
->address
.sockaddr
.un
.sun_path
[0] != 0)
412 f
= p
->address
.sockaddr
.un
.sun_path
;
430 static int socket_verify(Socket
*s
) {
433 if (UNIT(s
)->load_state
!= UNIT_LOADED
)
437 log_unit_error(UNIT(s
), "Unit lacks Listen setting. Refusing.");
441 if (s
->accept
&& have_non_accept_socket(s
)) {
442 log_unit_error(UNIT(s
), "Unit configured for accepting sockets, but sockets are non-accepting. Refusing.");
446 if (s
->accept
&& s
->max_connections
<= 0) {
447 log_unit_error(UNIT(s
), "MaxConnection= setting too small. Refusing.");
451 if (s
->accept
&& UNIT_DEREF(s
->service
)) {
452 log_unit_error(UNIT(s
), "Explicit service configuration for accepting socket units not supported. Refusing.");
456 if (s
->exec_context
.pam_name
&& s
->kill_context
.kill_mode
!= KILL_CONTROL_GROUP
) {
457 log_unit_error(UNIT(s
), "Unit has PAM enabled. Kill mode must be set to 'control-group'. Refusing.");
461 if (!strv_isempty(s
->symlinks
) && !socket_find_symlink_target(s
)) {
462 log_unit_error(UNIT(s
), "Unit has symlinks set but none or more than one node in the file system. Refusing.");
469 static int socket_load(Unit
*u
) {
470 Socket
*s
= SOCKET(u
);
474 assert(u
->load_state
== UNIT_STUB
);
476 r
= unit_load_fragment_and_dropin(u
);
480 if (u
->load_state
== UNIT_LOADED
) {
481 /* This is a new unit? Then let's add in some extras */
482 r
= socket_add_extras(s
);
487 return socket_verify(s
);
490 _const_
static const char* listen_lookup(int family
, int type
) {
492 if (family
== AF_NETLINK
)
493 return "ListenNetlink";
495 if (type
== SOCK_STREAM
)
496 return "ListenStream";
497 else if (type
== SOCK_DGRAM
)
498 return "ListenDatagram";
499 else if (type
== SOCK_SEQPACKET
)
500 return "ListenSequentialPacket";
502 assert_not_reached("Unknown socket type");
506 static void socket_dump(Unit
*u
, FILE *f
, const char *prefix
) {
507 char time_string
[FORMAT_TIMESPAN_MAX
];
509 Socket
*s
= SOCKET(u
);
516 prefix
= strempty(prefix
);
517 prefix2
= strjoina(prefix
, "\t");
520 "%sSocket State: %s\n"
522 "%sBindIPv6Only: %s\n"
524 "%sSocketMode: %04o\n"
525 "%sDirectoryMode: %04o\n"
529 "%sTransparent: %s\n"
531 "%sPassCredentials: %s\n"
532 "%sPassSecurity: %s\n"
533 "%sTCPCongestion: %s\n"
534 "%sRemoveOnStop: %s\n"
537 "%sSELinuxContextFromNet: %s\n",
538 prefix
, socket_state_to_string(s
->state
),
539 prefix
, socket_result_to_string(s
->result
),
540 prefix
, socket_address_bind_ipv6_only_to_string(s
->bind_ipv6_only
),
542 prefix
, s
->socket_mode
,
543 prefix
, s
->directory_mode
,
544 prefix
, yes_no(s
->keep_alive
),
545 prefix
, yes_no(s
->no_delay
),
546 prefix
, yes_no(s
->free_bind
),
547 prefix
, yes_no(s
->transparent
),
548 prefix
, yes_no(s
->broadcast
),
549 prefix
, yes_no(s
->pass_cred
),
550 prefix
, yes_no(s
->pass_sec
),
551 prefix
, strna(s
->tcp_congestion
),
552 prefix
, yes_no(s
->remove_on_stop
),
553 prefix
, yes_no(s
->writable
),
554 prefix
, socket_fdname(s
),
555 prefix
, yes_no(s
->selinux_context_from_net
));
557 if (s
->control_pid
> 0)
559 "%sControl PID: "PID_FMT
"\n",
560 prefix
, s
->control_pid
);
562 if (s
->bind_to_device
)
564 "%sBindToDevice: %s\n",
565 prefix
, s
->bind_to_device
);
570 "%sNConnections: %u\n"
571 "%sMaxConnections: %u\n",
572 prefix
, s
->n_accepted
,
573 prefix
, s
->n_connections
,
574 prefix
, s
->max_connections
);
576 if (s
->priority
>= 0)
579 prefix
, s
->priority
);
581 if (s
->receive_buffer
> 0)
583 "%sReceiveBuffer: %zu\n",
584 prefix
, s
->receive_buffer
);
586 if (s
->send_buffer
> 0)
588 "%sSendBuffer: %zu\n",
589 prefix
, s
->send_buffer
);
601 if (s
->pipe_size
> 0)
604 prefix
, s
->pipe_size
);
611 if (s
->mq_maxmsg
> 0)
613 "%sMessageQueueMaxMessages: %li\n",
614 prefix
, s
->mq_maxmsg
);
616 if (s
->mq_msgsize
> 0)
618 "%sMessageQueueMessageSize: %li\n",
619 prefix
, s
->mq_msgsize
);
624 prefix
, yes_no(s
->reuse_port
));
628 "%sSmackLabel: %s\n",
633 "%sSmackLabelIPIn: %s\n",
634 prefix
, s
->smack_ip_in
);
638 "%sSmackLabelIPOut: %s\n",
639 prefix
, s
->smack_ip_out
);
641 if (!isempty(s
->user
) || !isempty(s
->group
))
644 "%sSocketGroup: %s\n",
645 prefix
, strna(s
->user
),
646 prefix
, strna(s
->group
));
648 if (s
->keep_alive_time
> 0)
650 "%sKeepAliveTimeSec: %s\n",
651 prefix
, format_timespan(time_string
, FORMAT_TIMESPAN_MAX
, s
->keep_alive_time
, USEC_PER_SEC
));
653 if (s
->keep_alive_interval
)
655 "%sKeepAliveIntervalSec: %s\n",
656 prefix
, format_timespan(time_string
, FORMAT_TIMESPAN_MAX
, s
->keep_alive_interval
, USEC_PER_SEC
));
658 if (s
->keep_alive_cnt
)
660 "%sKeepAliveProbes: %u\n",
661 prefix
, s
->keep_alive_cnt
);
665 "%sDeferAcceptSec: %s\n",
666 prefix
, format_timespan(time_string
, FORMAT_TIMESPAN_MAX
, s
->defer_accept
, USEC_PER_SEC
));
668 LIST_FOREACH(port
, p
, s
->ports
) {
670 if (p
->type
== SOCKET_SOCKET
) {
675 r
= socket_address_print(&p
->address
, &k
);
681 fprintf(f
, "%s%s: %s\n", prefix
, listen_lookup(socket_address_family(&p
->address
), p
->address
.type
), t
);
683 } else if (p
->type
== SOCKET_SPECIAL
)
684 fprintf(f
, "%sListenSpecial: %s\n", prefix
, p
->path
);
685 else if (p
->type
== SOCKET_USB_FUNCTION
)
686 fprintf(f
, "%sListenUSBFunction: %s\n", prefix
, p
->path
);
687 else if (p
->type
== SOCKET_MQUEUE
)
688 fprintf(f
, "%sListenMessageQueue: %s\n", prefix
, p
->path
);
690 fprintf(f
, "%sListenFIFO: %s\n", prefix
, p
->path
);
693 exec_context_dump(&s
->exec_context
, f
, prefix
);
694 kill_context_dump(&s
->kill_context
, f
, prefix
);
696 for (c
= 0; c
< _SOCKET_EXEC_COMMAND_MAX
; c
++) {
697 if (!s
->exec_command
[c
])
700 fprintf(f
, "%s-> %s:\n",
701 prefix
, socket_exec_command_to_string(c
));
703 exec_command_dump_list(s
->exec_command
[c
], f
, prefix2
);
707 static int instance_from_socket(int fd
, unsigned nr
, char **instance
) {
710 union sockaddr_union local
, remote
;
716 if (getsockname(fd
, &local
.sa
, &l
) < 0)
720 if (getpeername(fd
, &remote
.sa
, &l
) < 0)
723 switch (local
.sa
.sa_family
) {
727 a
= ntohl(local
.in
.sin_addr
.s_addr
),
728 b
= ntohl(remote
.in
.sin_addr
.s_addr
);
731 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
733 a
>> 24, (a
>> 16) & 0xFF, (a
>> 8) & 0xFF, a
& 0xFF,
734 ntohs(local
.in
.sin_port
),
735 b
>> 24, (b
>> 16) & 0xFF, (b
>> 8) & 0xFF, b
& 0xFF,
736 ntohs(remote
.in
.sin_port
)) < 0)
743 static const unsigned char ipv4_prefix
[] = {
744 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
747 if (memcmp(&local
.in6
.sin6_addr
, ipv4_prefix
, sizeof(ipv4_prefix
)) == 0 &&
748 memcmp(&remote
.in6
.sin6_addr
, ipv4_prefix
, sizeof(ipv4_prefix
)) == 0) {
750 *a
= local
.in6
.sin6_addr
.s6_addr
+12,
751 *b
= remote
.in6
.sin6_addr
.s6_addr
+12;
754 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
756 a
[0], a
[1], a
[2], a
[3],
757 ntohs(local
.in6
.sin6_port
),
758 b
[0], b
[1], b
[2], b
[3],
759 ntohs(remote
.in6
.sin6_port
)) < 0)
762 char a
[INET6_ADDRSTRLEN
], b
[INET6_ADDRSTRLEN
];
767 inet_ntop(AF_INET6
, &local
.in6
.sin6_addr
, a
, sizeof(a
)),
768 ntohs(local
.in6
.sin6_port
),
769 inet_ntop(AF_INET6
, &remote
.in6
.sin6_addr
, b
, sizeof(b
)),
770 ntohs(remote
.in6
.sin6_port
)) < 0)
781 k
= getpeercred(fd
, &ucred
);
784 "%u-"PID_FMT
"-"UID_FMT
,
785 nr
, ucred
.pid
, ucred
.uid
) < 0)
787 } else if (k
== -ENODATA
) {
788 /* This handles the case where somebody is
789 * connecting from another pid/uid namespace
790 * (e.g. from outside of our container). */
802 assert_not_reached("Unhandled socket type.");
809 static void socket_close_fds(Socket
*s
) {
815 LIST_FOREACH(port
, p
, s
->ports
) {
818 was_open
= p
->fd
>= 0;
820 p
->event_source
= sd_event_source_unref(p
->event_source
);
821 p
->fd
= safe_close(p
->fd
);
822 socket_cleanup_fd_list(p
);
824 /* One little note: we should normally not delete any sockets in the file system here! After all some
825 * other process we spawned might still have a reference of this fd and wants to continue to use
826 * it. Therefore we normally delete sockets in the file system before we create a new one, not after we
827 * stopped using one! That all said, if the user explicitly requested this, we'll delete them here
828 * anyway, but only then. */
830 if (!was_open
|| !s
->remove_on_stop
)
836 (void) unlink(p
->path
);
840 (void) mq_unlink(p
->path
);
844 (void) socket_address_unlink(&p
->address
);
852 if (s
->remove_on_stop
)
853 STRV_FOREACH(i
, s
->symlinks
)
857 static void socket_apply_socket_options(Socket
*s
, int fd
) {
864 int b
= s
->keep_alive
;
865 if (setsockopt(fd
, SOL_SOCKET
, SO_KEEPALIVE
, &b
, sizeof(b
)) < 0)
866 log_unit_warning_errno(UNIT(s
), errno
, "SO_KEEPALIVE failed: %m");
869 if (s
->keep_alive_time
) {
870 int value
= s
->keep_alive_time
/ USEC_PER_SEC
;
871 if (setsockopt(fd
, SOL_TCP
, TCP_KEEPIDLE
, &value
, sizeof(value
)) < 0)
872 log_unit_warning_errno(UNIT(s
), errno
, "TCP_KEEPIDLE failed: %m");
875 if (s
->keep_alive_interval
) {
876 int value
= s
->keep_alive_interval
/ USEC_PER_SEC
;
877 if (setsockopt(fd
, SOL_TCP
, TCP_KEEPINTVL
, &value
, sizeof(value
)) < 0)
878 log_unit_warning_errno(UNIT(s
), errno
, "TCP_KEEPINTVL failed: %m");
881 if (s
->keep_alive_cnt
) {
882 int value
= s
->keep_alive_cnt
;
883 if (setsockopt(fd
, SOL_TCP
, TCP_KEEPCNT
, &value
, sizeof(value
)) < 0)
884 log_unit_warning_errno(UNIT(s
), errno
, "TCP_KEEPCNT failed: %m");
887 if (s
->defer_accept
) {
888 int value
= s
->defer_accept
/ USEC_PER_SEC
;
889 if (setsockopt(fd
, SOL_TCP
, TCP_DEFER_ACCEPT
, &value
, sizeof(value
)) < 0)
890 log_unit_warning_errno(UNIT(s
), errno
, "TCP_DEFER_ACCEPT failed: %m");
896 if (s
->socket_protocol
== IPPROTO_SCTP
) {
897 if (setsockopt(fd
, SOL_SCTP
, SCTP_NODELAY
, &b
, sizeof(b
)) < 0)
898 log_unit_warning_errno(UNIT(s
), errno
, "SCTP_NODELAY failed: %m");
900 if (setsockopt(fd
, SOL_TCP
, TCP_NODELAY
, &b
, sizeof(b
)) < 0)
901 log_unit_warning_errno(UNIT(s
), errno
, "TCP_NODELAY failed: %m");
907 if (setsockopt(fd
, SOL_SOCKET
, SO_BROADCAST
, &one
, sizeof(one
)) < 0)
908 log_unit_warning_errno(UNIT(s
), errno
, "SO_BROADCAST failed: %m");
913 if (setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
)) < 0)
914 log_unit_warning_errno(UNIT(s
), errno
, "SO_PASSCRED failed: %m");
919 if (setsockopt(fd
, SOL_SOCKET
, SO_PASSSEC
, &one
, sizeof(one
)) < 0)
920 log_unit_warning_errno(UNIT(s
), errno
, "SO_PASSSEC failed: %m");
923 if (s
->priority
>= 0)
924 if (setsockopt(fd
, SOL_SOCKET
, SO_PRIORITY
, &s
->priority
, sizeof(s
->priority
)) < 0)
925 log_unit_warning_errno(UNIT(s
), errno
, "SO_PRIORITY failed: %m");
927 if (s
->receive_buffer
> 0) {
928 int value
= (int) s
->receive_buffer
;
930 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
932 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUFFORCE
, &value
, sizeof(value
)) < 0)
933 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, sizeof(value
)) < 0)
934 log_unit_warning_errno(UNIT(s
), errno
, "SO_RCVBUF failed: %m");
937 if (s
->send_buffer
> 0) {
938 int value
= (int) s
->send_buffer
;
939 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUFFORCE
, &value
, sizeof(value
)) < 0)
940 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, sizeof(value
)) < 0)
941 log_unit_warning_errno(UNIT(s
), errno
, "SO_SNDBUF failed: %m");
945 if (setsockopt(fd
, SOL_SOCKET
, SO_MARK
, &s
->mark
, sizeof(s
->mark
)) < 0)
946 log_unit_warning_errno(UNIT(s
), errno
, "SO_MARK failed: %m");
949 if (setsockopt(fd
, IPPROTO_IP
, IP_TOS
, &s
->ip_tos
, sizeof(s
->ip_tos
)) < 0)
950 log_unit_warning_errno(UNIT(s
), errno
, "IP_TOS failed: %m");
952 if (s
->ip_ttl
>= 0) {
955 r
= setsockopt(fd
, IPPROTO_IP
, IP_TTL
, &s
->ip_ttl
, sizeof(s
->ip_ttl
));
957 if (socket_ipv6_is_supported())
958 x
= setsockopt(fd
, IPPROTO_IPV6
, IPV6_UNICAST_HOPS
, &s
->ip_ttl
, sizeof(s
->ip_ttl
));
961 errno
= EAFNOSUPPORT
;
965 log_unit_warning_errno(UNIT(s
), errno
, "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
968 if (s
->tcp_congestion
)
969 if (setsockopt(fd
, SOL_TCP
, TCP_CONGESTION
, s
->tcp_congestion
, strlen(s
->tcp_congestion
)+1) < 0)
970 log_unit_warning_errno(UNIT(s
), errno
, "TCP_CONGESTION failed: %m");
972 if (s
->smack_ip_in
) {
973 r
= mac_smack_apply_fd(fd
, SMACK_ATTR_IPIN
, s
->smack_ip_in
);
975 log_unit_error_errno(UNIT(s
), r
, "mac_smack_apply_ip_in_fd: %m");
978 if (s
->smack_ip_out
) {
979 r
= mac_smack_apply_fd(fd
, SMACK_ATTR_IPOUT
, s
->smack_ip_out
);
981 log_unit_error_errno(UNIT(s
), r
, "mac_smack_apply_ip_out_fd: %m");
985 static void socket_apply_fifo_options(Socket
*s
, int fd
) {
991 if (s
->pipe_size
> 0)
992 if (fcntl(fd
, F_SETPIPE_SZ
, s
->pipe_size
) < 0)
993 log_unit_warning_errno(UNIT(s
), errno
, "Setting pipe size failed, ignoring: %m");
996 r
= mac_smack_apply_fd(fd
, SMACK_ATTR_ACCESS
, s
->smack
);
998 log_unit_error_errno(UNIT(s
), r
, "SMACK relabelling failed, ignoring: %m");
1002 static int fifo_address_create(
1004 mode_t directory_mode
,
1005 mode_t socket_mode
) {
1007 _cleanup_close_
int fd
= -1;
1014 mkdir_parents_label(path
, directory_mode
);
1016 r
= mac_selinux_create_file_prepare(path
, S_IFIFO
);
1020 /* Enforce the right access mode for the fifo */
1021 old_mask
= umask(~ socket_mode
);
1023 /* Include the original umask in our mask */
1024 (void) umask(~socket_mode
| old_mask
);
1026 r
= mkfifo(path
, socket_mode
);
1027 (void) umask(old_mask
);
1029 if (r
< 0 && errno
!= EEXIST
) {
1034 fd
= open(path
, O_RDWR
| O_CLOEXEC
| O_NOCTTY
| O_NONBLOCK
| O_NOFOLLOW
);
1040 mac_selinux_create_file_clear();
1042 if (fstat(fd
, &st
) < 0) {
1047 if (!S_ISFIFO(st
.st_mode
) ||
1048 (st
.st_mode
& 0777) != (socket_mode
& ~old_mask
) ||
1049 st
.st_uid
!= getuid() ||
1050 st
.st_gid
!= getgid()) {
1061 mac_selinux_create_file_clear();
1065 static int special_address_create(const char *path
, bool writable
) {
1066 _cleanup_close_
int fd
= -1;
1072 fd
= open(path
, (writable
? O_RDWR
: O_RDONLY
)|O_CLOEXEC
|O_NOCTTY
|O_NONBLOCK
|O_NOFOLLOW
);
1076 if (fstat(fd
, &st
) < 0)
1079 /* Check whether this is a /proc, /sys or /dev file or char device */
1080 if (!S_ISREG(st
.st_mode
) && !S_ISCHR(st
.st_mode
))
1089 static int usbffs_address_create(const char *path
) {
1090 _cleanup_close_
int fd
= -1;
1096 fd
= open(path
, O_RDWR
|O_CLOEXEC
|O_NOCTTY
|O_NONBLOCK
|O_NOFOLLOW
);
1100 if (fstat(fd
, &st
) < 0)
1103 /* Check whether this is a regular file (ffs endpoint)*/
1104 if (!S_ISREG(st
.st_mode
))
1113 static int mq_address_create(
1119 _cleanup_close_
int fd
= -1;
1122 struct mq_attr _attr
, *attr
= NULL
;
1127 if (maxmsg
> 0 && msgsize
> 0) {
1128 _attr
= (struct mq_attr
) {
1129 .mq_flags
= O_NONBLOCK
,
1130 .mq_maxmsg
= maxmsg
,
1131 .mq_msgsize
= msgsize
,
1136 /* Enforce the right access mode for the mq */
1137 old_mask
= umask(~ mq_mode
);
1139 /* Include the original umask in our mask */
1140 (void) umask(~mq_mode
| old_mask
);
1141 fd
= mq_open(path
, O_RDONLY
|O_CLOEXEC
|O_NONBLOCK
|O_CREAT
, mq_mode
, attr
);
1142 (void) umask(old_mask
);
1147 if (fstat(fd
, &st
) < 0)
1150 if ((st
.st_mode
& 0777) != (mq_mode
& ~old_mask
) ||
1151 st
.st_uid
!= getuid() ||
1152 st
.st_gid
!= getgid())
1161 static int socket_symlink(Socket
*s
) {
1167 p
= socket_find_symlink_target(s
);
1171 STRV_FOREACH(i
, s
->symlinks
)
1172 symlink_label(p
, *i
);
1177 static int usbffs_write_descs(int fd
, Service
*s
) {
1180 if (!s
->usb_function_descriptors
|| !s
->usb_function_strings
)
1183 r
= copy_file_fd(s
->usb_function_descriptors
, fd
, false);
1187 return copy_file_fd(s
->usb_function_strings
, fd
, false);
1190 static int usbffs_select_ep(const struct dirent
*d
) {
1191 return d
->d_name
[0] != '.' && !streq(d
->d_name
, "ep0");
1194 static int usbffs_dispatch_eps(SocketPort
*p
) {
1195 _cleanup_free_
struct dirent
**ent
= NULL
;
1196 _cleanup_free_
char *path
= NULL
;
1199 path
= dirname_malloc(p
->path
);
1203 r
= scandir(path
, &ent
, usbffs_select_ep
, alphasort
);
1208 p
->auxiliary_fds
= new(int, n
);
1209 if (!p
->auxiliary_fds
)
1212 p
->n_auxiliary_fds
= n
;
1215 for (i
= 0; i
< n
; ++i
) {
1216 _cleanup_free_
char *ep
= NULL
;
1218 ep
= path_make_absolute(ent
[i
]->d_name
, path
);
1222 path_kill_slashes(ep
);
1224 r
= usbffs_address_create(ep
);
1228 p
->auxiliary_fds
[k
] = r
;
1237 close_many(p
->auxiliary_fds
, k
);
1238 p
->auxiliary_fds
= mfree(p
->auxiliary_fds
);
1239 p
->n_auxiliary_fds
= 0;
1244 static int socket_determine_selinux_label(Socket
*s
, char **ret
) {
1251 if (s
->selinux_context_from_net
) {
1252 /* If this is requested, get label from the network label */
1254 r
= mac_selinux_get_our_label(ret
);
1255 if (r
== -EOPNOTSUPP
)
1259 /* Otherwise, get it from the executable we are about to start */
1260 r
= socket_instantiate_service(s
);
1264 if (!UNIT_ISSET(s
->service
))
1267 c
= SERVICE(UNIT_DEREF(s
->service
))->exec_command
[SERVICE_EXEC_START
];
1271 r
= mac_selinux_get_create_label_from_exe(c
->path
, ret
);
1272 if (r
== -EPERM
|| r
== -EOPNOTSUPP
)
1283 static int socket_open_fds(Socket
*s
) {
1284 _cleanup_(mac_selinux_freep
) char *label
= NULL
;
1285 bool know_label
= false;
1291 LIST_FOREACH(port
, p
, s
->ports
) {
1301 /* Figure out label, if we don't it know yet. We do it once, for the first socket where
1302 * we need this and remember it for the rest. */
1304 r
= socket_determine_selinux_label(s
, &label
);
1311 /* Apply the socket protocol */
1312 switch (p
->address
.type
) {
1315 case SOCK_SEQPACKET
:
1316 if (s
->socket_protocol
== IPPROTO_SCTP
)
1317 p
->address
.protocol
= s
->socket_protocol
;
1321 if (s
->socket_protocol
== IPPROTO_UDPLITE
)
1322 p
->address
.protocol
= s
->socket_protocol
;
1326 r
= socket_address_listen(
1328 SOCK_CLOEXEC
|SOCK_NONBLOCK
,
1342 socket_apply_socket_options(s
, p
->fd
);
1346 case SOCKET_SPECIAL
:
1348 p
->fd
= special_address_create(p
->path
, s
->writable
);
1357 p
->fd
= fifo_address_create(
1366 socket_apply_fifo_options(s
, p
->fd
);
1372 p
->fd
= mq_address_create(
1383 case SOCKET_USB_FUNCTION
: {
1384 _cleanup_free_
char *ep
= NULL
;
1386 ep
= path_make_absolute("ep0", p
->path
);
1388 p
->fd
= usbffs_address_create(ep
);
1394 r
= usbffs_write_descs(p
->fd
, SERVICE(UNIT_DEREF(s
->service
)));
1398 r
= usbffs_dispatch_eps(p
);
1405 assert_not_reached("Unknown port type");
1412 socket_close_fds(s
);
1416 static void socket_unwatch_fds(Socket
*s
) {
1422 LIST_FOREACH(port
, p
, s
->ports
) {
1426 if (!p
->event_source
)
1429 r
= sd_event_source_set_enabled(p
->event_source
, SD_EVENT_OFF
);
1431 log_unit_debug_errno(UNIT(s
), r
, "Failed to disable event source: %m");
1435 static int socket_watch_fds(Socket
*s
) {
1441 LIST_FOREACH(port
, p
, s
->ports
) {
1445 if (p
->event_source
) {
1446 r
= sd_event_source_set_enabled(p
->event_source
, SD_EVENT_ON
);
1450 r
= sd_event_add_io(UNIT(s
)->manager
->event
, &p
->event_source
, p
->fd
, EPOLLIN
, socket_dispatch_io
, p
);
1454 (void) sd_event_source_set_description(p
->event_source
, "socket-port-io");
1461 log_unit_warning_errno(UNIT(s
), r
, "Failed to watch listening fds: %m");
1462 socket_unwatch_fds(s
);
1466 static void socket_set_state(Socket
*s
, SocketState state
) {
1467 SocketState old_state
;
1470 old_state
= s
->state
;
1478 SOCKET_STOP_PRE_SIGTERM
,
1479 SOCKET_STOP_PRE_SIGKILL
,
1481 SOCKET_FINAL_SIGTERM
,
1482 SOCKET_FINAL_SIGKILL
)) {
1484 s
->timer_event_source
= sd_event_source_unref(s
->timer_event_source
);
1485 socket_unwatch_control_pid(s
);
1486 s
->control_command
= NULL
;
1487 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
1490 if (state
!= SOCKET_LISTENING
)
1491 socket_unwatch_fds(s
);
1499 SOCKET_STOP_PRE_SIGTERM
,
1500 SOCKET_STOP_PRE_SIGKILL
))
1501 socket_close_fds(s
);
1503 if (state
!= old_state
)
1504 log_unit_debug(UNIT(s
), "Changed %s -> %s", socket_state_to_string(old_state
), socket_state_to_string(state
));
1506 unit_notify(UNIT(s
), state_translation_table
[old_state
], state_translation_table
[state
], true);
1509 static int socket_coldplug(Unit
*u
) {
1510 Socket
*s
= SOCKET(u
);
1514 assert(s
->state
== SOCKET_DEAD
);
1516 if (s
->deserialized_state
== s
->state
)
1519 if (s
->control_pid
> 0 &&
1520 pid_is_unwaited(s
->control_pid
) &&
1521 IN_SET(s
->deserialized_state
,
1526 SOCKET_STOP_PRE_SIGTERM
,
1527 SOCKET_STOP_PRE_SIGKILL
,
1529 SOCKET_FINAL_SIGTERM
,
1530 SOCKET_FINAL_SIGKILL
)) {
1532 r
= unit_watch_pid(UNIT(s
), s
->control_pid
);
1536 r
= socket_arm_timer(s
, usec_add(u
->state_change_timestamp
.monotonic
, s
->timeout_usec
));
1541 if (IN_SET(s
->deserialized_state
,
1547 SOCKET_STOP_PRE_SIGTERM
,
1548 SOCKET_STOP_PRE_SIGKILL
)) {
1550 r
= socket_open_fds(s
);
1555 if (s
->deserialized_state
== SOCKET_LISTENING
) {
1556 r
= socket_watch_fds(s
);
1561 socket_set_state(s
, s
->deserialized_state
);
1565 static int socket_spawn(Socket
*s
, ExecCommand
*c
, pid_t
*_pid
) {
1566 _cleanup_free_
char **argv
= NULL
;
1569 ExecParameters exec_params
= {
1570 .apply_permissions
= true,
1571 .apply_chroot
= true,
1572 .apply_tty_stdin
= true,
1582 (void) unit_realize_cgroup(UNIT(s
));
1583 if (s
->reset_cpu_usage
) {
1584 (void) unit_reset_cpu_usage(UNIT(s
));
1585 s
->reset_cpu_usage
= false;
1588 r
= unit_setup_exec_runtime(UNIT(s
));
1592 r
= socket_arm_timer(s
, usec_add(now(CLOCK_MONOTONIC
), s
->timeout_usec
));
1596 r
= unit_full_printf_strv(UNIT(s
), c
->argv
, &argv
);
1600 exec_params
.argv
= argv
;
1601 exec_params
.environment
= UNIT(s
)->manager
->environment
;
1602 exec_params
.confirm_spawn
= UNIT(s
)->manager
->confirm_spawn
;
1603 exec_params
.cgroup_supported
= UNIT(s
)->manager
->cgroup_supported
;
1604 exec_params
.cgroup_path
= UNIT(s
)->cgroup_path
;
1605 exec_params
.cgroup_delegate
= s
->cgroup_context
.delegate
;
1606 exec_params
.runtime_prefix
= manager_get_runtime_prefix(UNIT(s
)->manager
);
1608 r
= exec_spawn(UNIT(s
),
1617 r
= unit_watch_pid(UNIT(s
), pid
);
1619 /* FIXME: we need to do something here */
1626 static int socket_chown(Socket
*s
, pid_t
*_pid
) {
1630 r
= socket_arm_timer(s
, usec_add(now(CLOCK_MONOTONIC
), s
->timeout_usec
));
1634 /* We have to resolve the user names out-of-process, hence
1635 * let's fork here. It's messy, but well, what can we do? */
1643 uid_t uid
= UID_INVALID
;
1644 gid_t gid
= GID_INVALID
;
1647 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
1648 (void) ignore_signals(SIGPIPE
, -1);
1651 if (!isempty(s
->user
)) {
1652 const char *user
= s
->user
;
1654 r
= get_user_creds(&user
, &uid
, &gid
, NULL
, NULL
);
1661 if (!isempty(s
->group
)) {
1662 const char *group
= s
->group
;
1664 r
= get_group_creds(&group
, &gid
);
1671 LIST_FOREACH(port
, p
, s
->ports
) {
1672 const char *path
= NULL
;
1674 if (p
->type
== SOCKET_SOCKET
)
1675 path
= socket_address_get_path(&p
->address
);
1676 else if (p
->type
== SOCKET_FIFO
)
1682 if (chown(path
, uid
, gid
) < 0) {
1693 log_error_errno(r
, "Failed to chown socket at step %s: %m", exit_status_to_string(ret
, EXIT_STATUS_SYSTEMD
));
1698 r
= unit_watch_pid(UNIT(s
), pid
);
1706 s
->timer_event_source
= sd_event_source_unref(s
->timer_event_source
);
1710 static void socket_enter_dead(Socket
*s
, SocketResult f
) {
1713 if (f
!= SOCKET_SUCCESS
)
1716 exec_runtime_destroy(s
->exec_runtime
);
1717 s
->exec_runtime
= exec_runtime_unref(s
->exec_runtime
);
1719 exec_context_destroy_runtime_directory(&s
->exec_context
, manager_get_runtime_prefix(UNIT(s
)->manager
));
1721 socket_set_state(s
, s
->result
!= SOCKET_SUCCESS
? SOCKET_FAILED
: SOCKET_DEAD
);
1724 static void socket_enter_signal(Socket
*s
, SocketState state
, SocketResult f
);
1726 static void socket_enter_stop_post(Socket
*s
, SocketResult f
) {
1730 if (f
!= SOCKET_SUCCESS
)
1733 socket_unwatch_control_pid(s
);
1734 s
->control_command_id
= SOCKET_EXEC_STOP_POST
;
1735 s
->control_command
= s
->exec_command
[SOCKET_EXEC_STOP_POST
];
1737 if (s
->control_command
) {
1738 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
1742 socket_set_state(s
, SOCKET_STOP_POST
);
1744 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_SUCCESS
);
1749 log_unit_warning_errno(UNIT(s
), r
, "Failed to run 'stop-post' task: %m");
1750 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_RESOURCES
);
1753 static void socket_enter_signal(Socket
*s
, SocketState state
, SocketResult f
) {
1758 if (f
!= SOCKET_SUCCESS
)
1761 r
= unit_kill_context(
1764 (state
!= SOCKET_STOP_PRE_SIGTERM
&& state
!= SOCKET_FINAL_SIGTERM
) ?
1765 KILL_KILL
: KILL_TERMINATE
,
1773 r
= socket_arm_timer(s
, usec_add(now(CLOCK_MONOTONIC
), s
->timeout_usec
));
1777 socket_set_state(s
, state
);
1778 } else if (state
== SOCKET_STOP_PRE_SIGTERM
)
1779 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGKILL
, SOCKET_SUCCESS
);
1780 else if (state
== SOCKET_STOP_PRE_SIGKILL
)
1781 socket_enter_stop_post(s
, SOCKET_SUCCESS
);
1782 else if (state
== SOCKET_FINAL_SIGTERM
)
1783 socket_enter_signal(s
, SOCKET_FINAL_SIGKILL
, SOCKET_SUCCESS
);
1785 socket_enter_dead(s
, SOCKET_SUCCESS
);
1790 log_unit_warning_errno(UNIT(s
), r
, "Failed to kill processes: %m");
1792 if (state
== SOCKET_STOP_PRE_SIGTERM
|| state
== SOCKET_STOP_PRE_SIGKILL
)
1793 socket_enter_stop_post(s
, SOCKET_FAILURE_RESOURCES
);
1795 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
1798 static void socket_enter_stop_pre(Socket
*s
, SocketResult f
) {
1802 if (f
!= SOCKET_SUCCESS
)
1805 socket_unwatch_control_pid(s
);
1806 s
->control_command_id
= SOCKET_EXEC_STOP_PRE
;
1807 s
->control_command
= s
->exec_command
[SOCKET_EXEC_STOP_PRE
];
1809 if (s
->control_command
) {
1810 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
1814 socket_set_state(s
, SOCKET_STOP_PRE
);
1816 socket_enter_stop_post(s
, SOCKET_SUCCESS
);
1821 log_unit_warning_errno(UNIT(s
), r
, "Failed to run 'stop-pre' task: %m");
1822 socket_enter_stop_post(s
, SOCKET_FAILURE_RESOURCES
);
1825 static void socket_enter_listening(Socket
*s
) {
1829 r
= socket_watch_fds(s
);
1831 log_unit_warning_errno(UNIT(s
), r
, "Failed to watch sockets: %m");
1835 socket_set_state(s
, SOCKET_LISTENING
);
1839 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1842 static void socket_enter_start_post(Socket
*s
) {
1846 socket_unwatch_control_pid(s
);
1847 s
->control_command_id
= SOCKET_EXEC_START_POST
;
1848 s
->control_command
= s
->exec_command
[SOCKET_EXEC_START_POST
];
1850 if (s
->control_command
) {
1851 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
1853 log_unit_warning_errno(UNIT(s
), r
, "Failed to run 'start-post' task: %m");
1857 socket_set_state(s
, SOCKET_START_POST
);
1859 socket_enter_listening(s
);
1864 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1867 static void socket_enter_start_chown(Socket
*s
) {
1872 r
= socket_open_fds(s
);
1874 log_unit_warning_errno(UNIT(s
), r
, "Failed to listen on sockets: %m");
1878 if (!isempty(s
->user
) || !isempty(s
->group
)) {
1880 socket_unwatch_control_pid(s
);
1881 s
->control_command_id
= SOCKET_EXEC_START_CHOWN
;
1882 s
->control_command
= NULL
;
1884 r
= socket_chown(s
, &s
->control_pid
);
1886 log_unit_warning_errno(UNIT(s
), r
, "Failed to fork 'start-chown' task: %m");
1890 socket_set_state(s
, SOCKET_START_CHOWN
);
1892 socket_enter_start_post(s
);
1897 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1900 static void socket_enter_start_pre(Socket
*s
) {
1904 socket_unwatch_control_pid(s
);
1905 s
->control_command_id
= SOCKET_EXEC_START_PRE
;
1906 s
->control_command
= s
->exec_command
[SOCKET_EXEC_START_PRE
];
1908 if (s
->control_command
) {
1909 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
1911 log_unit_warning_errno(UNIT(s
), r
, "Failed to run 'start-pre' task: %m");
1915 socket_set_state(s
, SOCKET_START_PRE
);
1917 socket_enter_start_chown(s
);
1922 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
1925 static void socket_enter_running(Socket
*s
, int cfd
) {
1926 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1929 /* Note that this call takes possession of the connection fd passed. It either has to assign it somewhere or
1934 /* We don't take connections anymore if we are supposed to
1935 * shut down anyway */
1936 if (unit_stop_pending(UNIT(s
))) {
1938 log_unit_debug(UNIT(s
), "Suppressing connection request since unit stop is scheduled.");
1941 cfd
= safe_close(cfd
);
1943 /* Flush all sockets by closing and reopening them */
1944 socket_close_fds(s
);
1946 r
= socket_open_fds(s
);
1948 log_unit_warning_errno(UNIT(s
), r
, "Failed to listen on sockets: %m");
1949 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1953 r
= socket_watch_fds(s
);
1955 log_unit_warning_errno(UNIT(s
), r
, "Failed to watch sockets: %m");
1956 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
1963 if (!ratelimit_test(&s
->trigger_limit
)) {
1965 log_unit_warning(UNIT(s
), "Trigger limit hit, refusing further activation.");
1966 socket_enter_stop_pre(s
, SOCKET_FAILURE_TRIGGER_LIMIT_HIT
);
1973 bool pending
= false;
1975 /* If there's already a start pending don't bother to
1977 SET_FOREACH(other
, UNIT(s
)->dependencies
[UNIT_TRIGGERS
], i
)
1978 if (unit_active_or_pending(other
)) {
1984 if (!UNIT_ISSET(s
->service
)) {
1985 log_unit_error(UNIT(s
), "Service to activate vanished, refusing activation.");
1990 r
= manager_add_job(UNIT(s
)->manager
, JOB_START
, UNIT_DEREF(s
->service
), JOB_REPLACE
, &error
, NULL
);
1995 socket_set_state(s
, SOCKET_RUNNING
);
1997 _cleanup_free_
char *prefix
= NULL
, *instance
= NULL
, *name
= NULL
;
2000 if (s
->n_connections
>= s
->max_connections
) {
2001 log_unit_warning(UNIT(s
), "Too many incoming connections (%u), refusing connection attempt.", s
->n_connections
);
2006 r
= socket_instantiate_service(s
);
2010 r
= instance_from_socket(cfd
, s
->n_accepted
, &instance
);
2015 /* ENOTCONN is legitimate if TCP RST was received.
2016 * This connection is over, but the socket unit lives on. */
2017 log_unit_debug(UNIT(s
), "Got ENOTCONN on incoming socket, assuming aborted connection attempt, ignoring.");
2022 r
= unit_name_to_prefix(UNIT(s
)->id
, &prefix
);
2026 r
= unit_name_build(prefix
, instance
, ".service", &name
);
2030 r
= unit_add_name(UNIT_DEREF(s
->service
), name
);
2034 service
= SERVICE(UNIT_DEREF(s
->service
));
2035 unit_ref_unset(&s
->service
);
2038 unit_choose_id(UNIT(service
), name
);
2040 r
= service_set_socket_fd(service
, cfd
, s
, s
->selinux_context_from_net
);
2044 cfd
= -1; /* We passed ownership of the fd to the service now. Forget it here. */
2047 r
= manager_add_job(UNIT(s
)->manager
, JOB_START
, UNIT(service
), JOB_REPLACE
, &error
, NULL
);
2049 /* We failed to activate the new service, but it still exists. Let's make sure the service
2050 * closes and forgets the connection fd again, immediately. */
2051 service_close_socket_fd(service
);
2055 /* Notify clients about changed counters */
2056 unit_add_to_dbus_queue(UNIT(s
));
2062 log_unit_warning(UNIT(s
), "Failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
2063 cfd
>= 0 ? "template" : "non-template",
2064 bus_error_message(&error
, r
));
2066 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
2070 static void socket_run_next(Socket
*s
) {
2074 assert(s
->control_command
);
2075 assert(s
->control_command
->command_next
);
2077 socket_unwatch_control_pid(s
);
2079 s
->control_command
= s
->control_command
->command_next
;
2081 r
= socket_spawn(s
, s
->control_command
, &s
->control_pid
);
2088 log_unit_warning_errno(UNIT(s
), r
, "Failed to run next task: %m");
2090 if (s
->state
== SOCKET_START_POST
)
2091 socket_enter_stop_pre(s
, SOCKET_FAILURE_RESOURCES
);
2092 else if (s
->state
== SOCKET_STOP_POST
)
2093 socket_enter_dead(s
, SOCKET_FAILURE_RESOURCES
);
2095 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_RESOURCES
);
2098 static int socket_start(Unit
*u
) {
2099 Socket
*s
= SOCKET(u
);
2104 /* We cannot fulfill this request right now, try again later
2106 if (IN_SET(s
->state
,
2108 SOCKET_STOP_PRE_SIGKILL
,
2109 SOCKET_STOP_PRE_SIGTERM
,
2111 SOCKET_FINAL_SIGTERM
,
2112 SOCKET_FINAL_SIGKILL
))
2115 /* Already on it! */
2116 if (IN_SET(s
->state
,
2122 /* Cannot run this without the service being around */
2123 if (UNIT_ISSET(s
->service
)) {
2126 service
= SERVICE(UNIT_DEREF(s
->service
));
2128 if (UNIT(service
)->load_state
!= UNIT_LOADED
) {
2129 log_unit_error(u
, "Socket service %s not loaded, refusing.", UNIT(service
)->id
);
2133 /* If the service is already active we cannot start the
2135 if (service
->state
!= SERVICE_DEAD
&&
2136 service
->state
!= SERVICE_FAILED
&&
2137 service
->state
!= SERVICE_AUTO_RESTART
) {
2138 log_unit_error(u
, "Socket service %s already active, refusing.", UNIT(service
)->id
);
2143 assert(s
->state
== SOCKET_DEAD
|| s
->state
== SOCKET_FAILED
);
2145 r
= unit_start_limit_test(u
);
2147 socket_enter_dead(s
, SOCKET_FAILURE_START_LIMIT_HIT
);
2151 s
->result
= SOCKET_SUCCESS
;
2152 s
->reset_cpu_usage
= true;
2154 socket_enter_start_pre(s
);
2159 static int socket_stop(Unit
*u
) {
2160 Socket
*s
= SOCKET(u
);
2165 if (IN_SET(s
->state
,
2167 SOCKET_STOP_PRE_SIGTERM
,
2168 SOCKET_STOP_PRE_SIGKILL
,
2170 SOCKET_FINAL_SIGTERM
,
2171 SOCKET_FINAL_SIGKILL
))
2174 /* If there's already something running we go directly into
2176 if (IN_SET(s
->state
,
2179 SOCKET_START_POST
)) {
2180 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGTERM
, SOCKET_SUCCESS
);
2184 assert(s
->state
== SOCKET_LISTENING
|| s
->state
== SOCKET_RUNNING
);
2186 socket_enter_stop_pre(s
, SOCKET_SUCCESS
);
2190 static int socket_serialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
2191 Socket
*s
= SOCKET(u
);
2199 unit_serialize_item(u
, f
, "state", socket_state_to_string(s
->state
));
2200 unit_serialize_item(u
, f
, "result", socket_result_to_string(s
->result
));
2201 unit_serialize_item_format(u
, f
, "n-accepted", "%u", s
->n_accepted
);
2203 if (s
->control_pid
> 0)
2204 unit_serialize_item_format(u
, f
, "control-pid", PID_FMT
, s
->control_pid
);
2206 if (s
->control_command_id
>= 0)
2207 unit_serialize_item(u
, f
, "control-command", socket_exec_command_to_string(s
->control_command_id
));
2209 LIST_FOREACH(port
, p
, s
->ports
) {
2215 copy
= fdset_put_dup(fds
, p
->fd
);
2219 if (p
->type
== SOCKET_SOCKET
) {
2220 _cleanup_free_
char *t
= NULL
;
2222 r
= socket_address_print(&p
->address
, &t
);
2226 if (socket_address_family(&p
->address
) == AF_NETLINK
)
2227 unit_serialize_item_format(u
, f
, "netlink", "%i %s", copy
, t
);
2229 unit_serialize_item_format(u
, f
, "socket", "%i %i %s", copy
, p
->address
.type
, t
);
2231 } else if (p
->type
== SOCKET_SPECIAL
)
2232 unit_serialize_item_format(u
, f
, "special", "%i %s", copy
, p
->path
);
2233 else if (p
->type
== SOCKET_MQUEUE
)
2234 unit_serialize_item_format(u
, f
, "mqueue", "%i %s", copy
, p
->path
);
2235 else if (p
->type
== SOCKET_USB_FUNCTION
)
2236 unit_serialize_item_format(u
, f
, "ffs", "%i %s", copy
, p
->path
);
2238 assert(p
->type
== SOCKET_FIFO
);
2239 unit_serialize_item_format(u
, f
, "fifo", "%i %s", copy
, p
->path
);
2246 static int socket_deserialize_item(Unit
*u
, const char *key
, const char *value
, FDSet
*fds
) {
2247 Socket
*s
= SOCKET(u
);
2253 if (streq(key
, "state")) {
2256 state
= socket_state_from_string(value
);
2258 log_unit_debug(u
, "Failed to parse state value: %s", value
);
2260 s
->deserialized_state
= state
;
2261 } else if (streq(key
, "result")) {
2264 f
= socket_result_from_string(value
);
2266 log_unit_debug(u
, "Failed to parse result value: %s", value
);
2267 else if (f
!= SOCKET_SUCCESS
)
2270 } else if (streq(key
, "n-accepted")) {
2273 if (safe_atou(value
, &k
) < 0)
2274 log_unit_debug(u
, "Failed to parse n-accepted value: %s", value
);
2277 } else if (streq(key
, "control-pid")) {
2280 if (parse_pid(value
, &pid
) < 0)
2281 log_unit_debug(u
, "Failed to parse control-pid value: %s", value
);
2283 s
->control_pid
= pid
;
2284 } else if (streq(key
, "control-command")) {
2285 SocketExecCommand id
;
2287 id
= socket_exec_command_from_string(value
);
2289 log_unit_debug(u
, "Failed to parse exec-command value: %s", value
);
2291 s
->control_command_id
= id
;
2292 s
->control_command
= s
->exec_command
[id
];
2294 } else if (streq(key
, "fifo")) {
2298 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
2299 log_unit_debug(u
, "Failed to parse fifo value: %s", value
);
2302 LIST_FOREACH(port
, p
, s
->ports
)
2303 if (p
->type
== SOCKET_FIFO
&&
2304 path_equal_or_files_same(p
->path
, value
+skip
))
2309 p
->fd
= fdset_remove(fds
, fd
);
2313 } else if (streq(key
, "special")) {
2317 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
2318 log_unit_debug(u
, "Failed to parse special value: %s", value
);
2321 LIST_FOREACH(port
, p
, s
->ports
)
2322 if (p
->type
== SOCKET_SPECIAL
&&
2323 path_equal_or_files_same(p
->path
, value
+skip
))
2328 p
->fd
= fdset_remove(fds
, fd
);
2332 } else if (streq(key
, "mqueue")) {
2336 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
2337 log_unit_debug(u
, "Failed to parse mqueue value: %s", value
);
2340 LIST_FOREACH(port
, p
, s
->ports
)
2341 if (p
->type
== SOCKET_MQUEUE
&&
2342 streq(p
->path
, value
+skip
))
2347 p
->fd
= fdset_remove(fds
, fd
);
2351 } else if (streq(key
, "socket")) {
2352 int fd
, type
, skip
= 0;
2355 if (sscanf(value
, "%i %i %n", &fd
, &type
, &skip
) < 2 || fd
< 0 || type
< 0 || !fdset_contains(fds
, fd
))
2356 log_unit_debug(u
, "Failed to parse socket value: %s", value
);
2359 LIST_FOREACH(port
, p
, s
->ports
)
2360 if (socket_address_is(&p
->address
, value
+skip
, type
))
2365 p
->fd
= fdset_remove(fds
, fd
);
2369 } else if (streq(key
, "netlink")) {
2373 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
2374 log_unit_debug(u
, "Failed to parse socket value: %s", value
);
2377 LIST_FOREACH(port
, p
, s
->ports
)
2378 if (socket_address_is_netlink(&p
->address
, value
+skip
))
2383 p
->fd
= fdset_remove(fds
, fd
);
2387 } else if (streq(key
, "ffs")) {
2391 if (sscanf(value
, "%i %n", &fd
, &skip
) < 1 || fd
< 0 || !fdset_contains(fds
, fd
))
2392 log_unit_debug(u
, "Failed to parse ffs value: %s", value
);
2395 LIST_FOREACH(port
, p
, s
->ports
)
2396 if (p
->type
== SOCKET_USB_FUNCTION
&&
2397 path_equal_or_files_same(p
->path
, value
+skip
))
2402 p
->fd
= fdset_remove(fds
, fd
);
2407 log_unit_debug(UNIT(s
), "Unknown serialization key: %s", key
);
2412 static void socket_distribute_fds(Unit
*u
, FDSet
*fds
) {
2413 Socket
*s
= SOCKET(u
);
2418 LIST_FOREACH(port
, p
, s
->ports
) {
2422 if (p
->type
!= SOCKET_SOCKET
)
2428 FDSET_FOREACH(fd
, fds
, i
) {
2429 if (socket_address_matches_fd(&p
->address
, fd
)) {
2430 p
->fd
= fdset_remove(fds
, fd
);
2431 s
->deserialized_state
= SOCKET_LISTENING
;
2438 _pure_
static UnitActiveState
socket_active_state(Unit
*u
) {
2441 return state_translation_table
[SOCKET(u
)->state
];
2444 _pure_
static const char *socket_sub_state_to_string(Unit
*u
) {
2447 return socket_state_to_string(SOCKET(u
)->state
);
2450 const char* socket_port_type_to_string(SocketPort
*p
) {
2458 switch (p
->address
.type
) {
2466 case SOCK_SEQPACKET
:
2467 return "SequentialPacket";
2470 if (socket_address_family(&p
->address
) == AF_NETLINK
)
2477 case SOCKET_SPECIAL
:
2481 return "MessageQueue";
2486 case SOCKET_USB_FUNCTION
:
2487 return "USBFunction";
2494 _pure_
static bool socket_check_gc(Unit
*u
) {
2495 Socket
*s
= SOCKET(u
);
2499 return s
->n_connections
> 0;
2502 static int socket_dispatch_io(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2503 SocketPort
*p
= userdata
;
2509 if (p
->socket
->state
!= SOCKET_LISTENING
)
2512 log_unit_debug(UNIT(p
->socket
), "Incoming traffic");
2514 if (revents
!= EPOLLIN
) {
2516 if (revents
& EPOLLHUP
)
2517 log_unit_error(UNIT(p
->socket
), "Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.");
2519 log_unit_error(UNIT(p
->socket
), "Got unexpected poll event (0x%x) on socket.", revents
);
2523 if (p
->socket
->accept
&&
2524 p
->type
== SOCKET_SOCKET
&&
2525 socket_address_can_accept(&p
->address
)) {
2529 cfd
= accept4(fd
, NULL
, NULL
, SOCK_NONBLOCK
);
2535 log_unit_error_errno(UNIT(p
->socket
), errno
, "Failed to accept socket: %m");
2542 socket_apply_socket_options(p
->socket
, cfd
);
2545 socket_enter_running(p
->socket
, cfd
);
2549 socket_enter_stop_pre(p
->socket
, SOCKET_FAILURE_RESOURCES
);
2553 static void socket_sigchld_event(Unit
*u
, pid_t pid
, int code
, int status
) {
2554 Socket
*s
= SOCKET(u
);
2560 if (pid
!= s
->control_pid
)
2565 if (is_clean_exit(code
, status
, NULL
))
2567 else if (code
== CLD_EXITED
)
2568 f
= SOCKET_FAILURE_EXIT_CODE
;
2569 else if (code
== CLD_KILLED
)
2570 f
= SOCKET_FAILURE_SIGNAL
;
2571 else if (code
== CLD_DUMPED
)
2572 f
= SOCKET_FAILURE_CORE_DUMP
;
2574 assert_not_reached("Unknown sigchld code");
2576 if (s
->control_command
) {
2577 exec_status_exit(&s
->control_command
->exec_status
, &s
->exec_context
, pid
, code
, status
);
2579 if (s
->control_command
->ignore
)
2583 log_unit_full(u
, f
== SOCKET_SUCCESS
? LOG_DEBUG
: LOG_NOTICE
, 0,
2584 "Control process exited, code=%s status=%i",
2585 sigchld_code_to_string(code
), status
);
2587 if (f
!= SOCKET_SUCCESS
)
2590 if (s
->control_command
&&
2591 s
->control_command
->command_next
&&
2592 f
== SOCKET_SUCCESS
) {
2594 log_unit_debug(u
, "Running next command for state %s", socket_state_to_string(s
->state
));
2597 s
->control_command
= NULL
;
2598 s
->control_command_id
= _SOCKET_EXEC_COMMAND_INVALID
;
2600 /* No further commands for this step, so let's figure
2601 * out what to do next */
2603 log_unit_debug(u
, "Got final SIGCHLD for state %s", socket_state_to_string(s
->state
));
2607 case SOCKET_START_PRE
:
2608 if (f
== SOCKET_SUCCESS
)
2609 socket_enter_start_chown(s
);
2611 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, f
);
2614 case SOCKET_START_CHOWN
:
2615 if (f
== SOCKET_SUCCESS
)
2616 socket_enter_start_post(s
);
2618 socket_enter_stop_pre(s
, f
);
2621 case SOCKET_START_POST
:
2622 if (f
== SOCKET_SUCCESS
)
2623 socket_enter_listening(s
);
2625 socket_enter_stop_pre(s
, f
);
2628 case SOCKET_STOP_PRE
:
2629 case SOCKET_STOP_PRE_SIGTERM
:
2630 case SOCKET_STOP_PRE_SIGKILL
:
2631 socket_enter_stop_post(s
, f
);
2634 case SOCKET_STOP_POST
:
2635 case SOCKET_FINAL_SIGTERM
:
2636 case SOCKET_FINAL_SIGKILL
:
2637 socket_enter_dead(s
, f
);
2641 assert_not_reached("Uh, control process died at wrong time.");
2645 /* Notify clients about changed exit status */
2646 unit_add_to_dbus_queue(u
);
2649 static int socket_dispatch_timer(sd_event_source
*source
, usec_t usec
, void *userdata
) {
2650 Socket
*s
= SOCKET(userdata
);
2653 assert(s
->timer_event_source
== source
);
2657 case SOCKET_START_PRE
:
2658 log_unit_warning(UNIT(s
), "Starting timed out. Terminating.");
2659 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2662 case SOCKET_START_CHOWN
:
2663 case SOCKET_START_POST
:
2664 log_unit_warning(UNIT(s
), "Starting timed out. Stopping.");
2665 socket_enter_stop_pre(s
, SOCKET_FAILURE_TIMEOUT
);
2668 case SOCKET_STOP_PRE
:
2669 log_unit_warning(UNIT(s
), "Stopping timed out. Terminating.");
2670 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2673 case SOCKET_STOP_PRE_SIGTERM
:
2674 if (s
->kill_context
.send_sigkill
) {
2675 log_unit_warning(UNIT(s
), "Stopping timed out. Killing.");
2676 socket_enter_signal(s
, SOCKET_STOP_PRE_SIGKILL
, SOCKET_FAILURE_TIMEOUT
);
2678 log_unit_warning(UNIT(s
), "Stopping timed out. Skipping SIGKILL. Ignoring.");
2679 socket_enter_stop_post(s
, SOCKET_FAILURE_TIMEOUT
);
2683 case SOCKET_STOP_PRE_SIGKILL
:
2684 log_unit_warning(UNIT(s
), "Processes still around after SIGKILL. Ignoring.");
2685 socket_enter_stop_post(s
, SOCKET_FAILURE_TIMEOUT
);
2688 case SOCKET_STOP_POST
:
2689 log_unit_warning(UNIT(s
), "Stopping timed out (2). Terminating.");
2690 socket_enter_signal(s
, SOCKET_FINAL_SIGTERM
, SOCKET_FAILURE_TIMEOUT
);
2693 case SOCKET_FINAL_SIGTERM
:
2694 if (s
->kill_context
.send_sigkill
) {
2695 log_unit_warning(UNIT(s
), "Stopping timed out (2). Killing.");
2696 socket_enter_signal(s
, SOCKET_FINAL_SIGKILL
, SOCKET_FAILURE_TIMEOUT
);
2698 log_unit_warning(UNIT(s
), "Stopping timed out (2). Skipping SIGKILL. Ignoring.");
2699 socket_enter_dead(s
, SOCKET_FAILURE_TIMEOUT
);
2703 case SOCKET_FINAL_SIGKILL
:
2704 log_unit_warning(UNIT(s
), "Still around after SIGKILL (2). Entering failed mode.");
2705 socket_enter_dead(s
, SOCKET_FAILURE_TIMEOUT
);
2709 assert_not_reached("Timeout at wrong time.");
2715 int socket_collect_fds(Socket
*s
, int **fds
) {
2716 int *rfds
, k
= 0, n
= 0;
2722 /* Called from the service code for requesting our fds */
2724 LIST_FOREACH(port
, p
, s
->ports
) {
2727 n
+= p
->n_auxiliary_fds
;
2739 LIST_FOREACH(port
, p
, s
->ports
) {
2744 for (i
= 0; i
< p
->n_auxiliary_fds
; ++i
)
2745 rfds
[k
++] = p
->auxiliary_fds
[i
];
2754 static void socket_reset_failed(Unit
*u
) {
2755 Socket
*s
= SOCKET(u
);
2759 if (s
->state
== SOCKET_FAILED
)
2760 socket_set_state(s
, SOCKET_DEAD
);
2762 s
->result
= SOCKET_SUCCESS
;
2765 void socket_connection_unref(Socket
*s
) {
2768 /* The service is dead. Yay!
2770 * This is strictly for one-instance-per-connection
2773 assert(s
->n_connections
> 0);
2776 log_unit_debug(UNIT(s
), "One connection closed, %u left.", s
->n_connections
);
2779 static void socket_trigger_notify(Unit
*u
, Unit
*other
) {
2780 Socket
*s
= SOCKET(u
);
2785 /* Filter out invocations with bogus state */
2786 if (other
->load_state
!= UNIT_LOADED
|| other
->type
!= UNIT_SERVICE
)
2789 /* Don't propagate state changes from the service if we are already down */
2790 if (!IN_SET(s
->state
, SOCKET_RUNNING
, SOCKET_LISTENING
))
2793 /* We don't care for the service state if we are in Accept=yes mode */
2797 /* Propagate start limit hit state */
2798 if (other
->start_limit_hit
) {
2799 socket_enter_stop_pre(s
, SOCKET_FAILURE_SERVICE_START_LIMIT_HIT
);
2803 /* Don't propagate anything if there's still a job queued */
2807 if (IN_SET(SERVICE(other
)->state
,
2808 SERVICE_DEAD
, SERVICE_FAILED
,
2809 SERVICE_FINAL_SIGTERM
, SERVICE_FINAL_SIGKILL
,
2810 SERVICE_AUTO_RESTART
))
2811 socket_enter_listening(s
);
2813 if (SERVICE(other
)->state
== SERVICE_RUNNING
)
2814 socket_set_state(s
, SOCKET_RUNNING
);
2817 static int socket_kill(Unit
*u
, KillWho who
, int signo
, sd_bus_error
*error
) {
2818 return unit_kill_common(u
, who
, signo
, -1, SOCKET(u
)->control_pid
, error
);
2821 static int socket_get_timeout(Unit
*u
, usec_t
*timeout
) {
2822 Socket
*s
= SOCKET(u
);
2826 if (!s
->timer_event_source
)
2829 r
= sd_event_source_get_time(s
->timer_event_source
, &t
);
2832 if (t
== USEC_INFINITY
)
2839 char *socket_fdname(Socket
*s
) {
2842 /* Returns the name to use for $LISTEN_NAMES. If the user
2843 * didn't specify anything specifically, use the socket unit's
2844 * name as fallback. */
2852 static int socket_control_pid(Unit
*u
) {
2853 Socket
*s
= SOCKET(u
);
2857 return s
->control_pid
;
2860 static const char* const socket_exec_command_table
[_SOCKET_EXEC_COMMAND_MAX
] = {
2861 [SOCKET_EXEC_START_PRE
] = "StartPre",
2862 [SOCKET_EXEC_START_CHOWN
] = "StartChown",
2863 [SOCKET_EXEC_START_POST
] = "StartPost",
2864 [SOCKET_EXEC_STOP_PRE
] = "StopPre",
2865 [SOCKET_EXEC_STOP_POST
] = "StopPost"
2868 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command
, SocketExecCommand
);
2870 static const char* const socket_result_table
[_SOCKET_RESULT_MAX
] = {
2871 [SOCKET_SUCCESS
] = "success",
2872 [SOCKET_FAILURE_RESOURCES
] = "resources",
2873 [SOCKET_FAILURE_TIMEOUT
] = "timeout",
2874 [SOCKET_FAILURE_EXIT_CODE
] = "exit-code",
2875 [SOCKET_FAILURE_SIGNAL
] = "signal",
2876 [SOCKET_FAILURE_CORE_DUMP
] = "core-dump",
2877 [SOCKET_FAILURE_START_LIMIT_HIT
] = "start-limit-hit",
2878 [SOCKET_FAILURE_TRIGGER_LIMIT_HIT
] = "trigger-limit-hit",
2879 [SOCKET_FAILURE_SERVICE_START_LIMIT_HIT
] = "service-start-limit-hit"
2882 DEFINE_STRING_TABLE_LOOKUP(socket_result
, SocketResult
);
2884 const UnitVTable socket_vtable
= {
2885 .object_size
= sizeof(Socket
),
2886 .exec_context_offset
= offsetof(Socket
, exec_context
),
2887 .cgroup_context_offset
= offsetof(Socket
, cgroup_context
),
2888 .kill_context_offset
= offsetof(Socket
, kill_context
),
2889 .exec_runtime_offset
= offsetof(Socket
, exec_runtime
),
2895 .private_section
= "Socket",
2897 .init
= socket_init
,
2898 .done
= socket_done
,
2899 .load
= socket_load
,
2901 .coldplug
= socket_coldplug
,
2903 .dump
= socket_dump
,
2905 .start
= socket_start
,
2906 .stop
= socket_stop
,
2908 .kill
= socket_kill
,
2910 .get_timeout
= socket_get_timeout
,
2912 .serialize
= socket_serialize
,
2913 .deserialize_item
= socket_deserialize_item
,
2914 .distribute_fds
= socket_distribute_fds
,
2916 .active_state
= socket_active_state
,
2917 .sub_state_to_string
= socket_sub_state_to_string
,
2919 .check_gc
= socket_check_gc
,
2921 .sigchld_event
= socket_sigchld_event
,
2923 .trigger_notify
= socket_trigger_notify
,
2925 .reset_failed
= socket_reset_failed
,
2927 .control_pid
= socket_control_pid
,
2929 .bus_vtable
= bus_socket_vtable
,
2930 .bus_set_property
= bus_socket_set_property
,
2931 .bus_commit_properties
= bus_socket_commit_properties
,
2933 .status_message_formats
= {
2934 /*.starting_stopping = {
2935 [0] = "Starting socket %s...",
2936 [1] = "Stopping socket %s...",
2938 .finished_start_job
= {
2939 [JOB_DONE
] = "Listening on %s.",
2940 [JOB_FAILED
] = "Failed to listen on %s.",
2941 [JOB_TIMEOUT
] = "Timed out starting %s.",
2943 .finished_stop_job
= {
2944 [JOB_DONE
] = "Closed %s.",
2945 [JOB_FAILED
] = "Failed stopping %s.",
2946 [JOB_TIMEOUT
] = "Timed out stopping %s.",