]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
util: replace close_nointr_nofail() by a more useful safe_close()
[thirdparty/systemd.git] / src / core / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
31 #include <mqueue.h>
32 #ifdef HAVE_XATTR
33 #include <attr/xattr.h>
34 #endif
35
36 #include "sd-event.h"
37 #include "log.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
40 #include "strv.h"
41 #include "mkdir.h"
42 #include "path-util.h"
43 #include "unit-name.h"
44 #include "unit-printf.h"
45 #include "missing.h"
46 #include "special.h"
47 #include "label.h"
48 #include "exit-status.h"
49 #include "def.h"
50 #include "smack-util.h"
51 #include "bus-util.h"
52 #include "bus-error.h"
53 #include "dbus-socket.h"
54 #include "unit.h"
55 #include "socket.h"
56
57 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
58 [SOCKET_DEAD] = UNIT_INACTIVE,
59 [SOCKET_START_PRE] = UNIT_ACTIVATING,
60 [SOCKET_START_POST] = UNIT_ACTIVATING,
61 [SOCKET_LISTENING] = UNIT_ACTIVE,
62 [SOCKET_RUNNING] = UNIT_ACTIVE,
63 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
66 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
68 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
69 [SOCKET_FAILED] = UNIT_FAILED
70 };
71
72 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
73 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74
75 static void socket_init(Unit *u) {
76 Socket *s = SOCKET(u);
77
78 assert(u);
79 assert(u->load_state == UNIT_STUB);
80
81 s->backlog = SOMAXCONN;
82 s->timeout_usec = u->manager->default_timeout_start_usec;
83 s->directory_mode = 0755;
84 s->socket_mode = 0666;
85
86 s->max_connections = 64;
87
88 s->priority = -1;
89 s->ip_tos = -1;
90 s->ip_ttl = -1;
91 s->mark = -1;
92
93 exec_context_init(&s->exec_context);
94 s->exec_context.std_output = u->manager->default_std_output;
95 s->exec_context.std_error = u->manager->default_std_error;
96 kill_context_init(&s->kill_context);
97 cgroup_context_init(&s->cgroup_context);
98
99 unit_cgroup_context_init_defaults(u, &s->cgroup_context);
100
101 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
102 }
103
104 static void socket_unwatch_control_pid(Socket *s) {
105 assert(s);
106
107 if (s->control_pid <= 0)
108 return;
109
110 unit_unwatch_pid(UNIT(s), s->control_pid);
111 s->control_pid = 0;
112 }
113
114 void socket_free_ports(Socket *s) {
115 SocketPort *p;
116
117 assert(s);
118
119 while ((p = s->ports)) {
120 LIST_REMOVE(port, s->ports, p);
121
122 sd_event_source_unref(p->event_source);
123
124 safe_close(p->fd);
125 free(p->path);
126 free(p);
127 }
128 }
129
130 static void socket_done(Unit *u) {
131 Socket *s = SOCKET(u);
132
133 assert(s);
134
135 socket_free_ports(s);
136
137 cgroup_context_done(&s->cgroup_context);
138 exec_context_done(&s->exec_context);
139 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
140 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
141 s->control_command = NULL;
142
143 socket_unwatch_control_pid(s);
144
145 unit_ref_unset(&s->service);
146
147 free(s->tcp_congestion);
148 s->tcp_congestion = NULL;
149
150 free(s->bind_to_device);
151 s->bind_to_device = NULL;
152
153 free(s->smack);
154 free(s->smack_ip_in);
155 free(s->smack_ip_out);
156
157 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
158 }
159
160 static int socket_arm_timer(Socket *s) {
161 int r;
162
163 assert(s);
164
165 if (s->timeout_usec <= 0) {
166 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 return 0;
168 }
169
170 if (s->timer_event_source) {
171 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 if (r < 0)
173 return r;
174
175 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
176 }
177
178 return sd_event_add_monotonic(UNIT(s)->manager->event, &s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec, 0, socket_dispatch_timer, s);
179 }
180
181 static int socket_instantiate_service(Socket *s) {
182 _cleanup_free_ char *prefix = NULL;
183 _cleanup_free_ char *name = NULL;
184 int r;
185 Unit *u;
186
187 assert(s);
188
189 /* This fills in s->service if it isn't filled in yet. For
190 * Accept=yes sockets we create the next connection service
191 * here. For Accept=no this is mostly a NOP since the service
192 * is figured out at load time anyway. */
193
194 if (UNIT_DEREF(s->service))
195 return 0;
196
197 assert(s->accept);
198
199 prefix = unit_name_to_prefix(UNIT(s)->id);
200 if (!prefix)
201 return -ENOMEM;
202
203 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
204 return -ENOMEM;
205
206 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
207 if (r < 0)
208 return r;
209
210 #ifdef HAVE_SYSV_COMPAT
211 if (SERVICE(u)->is_sysv) {
212 log_error("Using SysV services for socket activation is not supported. Refusing.");
213 return -ENOENT;
214 }
215 #endif
216
217 u->no_gc = true;
218 unit_ref_set(&s->service, u);
219
220 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
221 }
222
223 static bool have_non_accept_socket(Socket *s) {
224 SocketPort *p;
225
226 assert(s);
227
228 if (!s->accept)
229 return true;
230
231 LIST_FOREACH(port, p, s->ports) {
232
233 if (p->type != SOCKET_SOCKET)
234 return true;
235
236 if (!socket_address_can_accept(&p->address))
237 return true;
238 }
239
240 return false;
241 }
242
243 static int socket_add_mount_links(Socket *s) {
244 SocketPort *p;
245 int r;
246
247 assert(s);
248
249 LIST_FOREACH(port, p, s->ports) {
250 const char *path = NULL;
251
252 if (p->type == SOCKET_SOCKET)
253 path = socket_address_get_path(&p->address);
254 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
255 path = p->path;
256
257 if (!path)
258 continue;
259
260 r = unit_require_mounts_for(UNIT(s), path);
261 if (r < 0)
262 return r;
263 }
264
265 return 0;
266 }
267
268 static int socket_add_device_link(Socket *s) {
269 char *t;
270
271 assert(s);
272
273 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
274 return 0;
275
276 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
277 return unit_add_node_link(UNIT(s), t, false);
278 }
279
280 static int socket_add_default_dependencies(Socket *s) {
281 int r;
282 assert(s);
283
284 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
285 if (r < 0)
286 return r;
287
288 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
289 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
290 if (r < 0)
291 return r;
292 }
293
294 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
295 }
296
297 _pure_ static bool socket_has_exec(Socket *s) {
298 unsigned i;
299 assert(s);
300
301 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
302 if (s->exec_command[i])
303 return true;
304
305 return false;
306 }
307
308 static int socket_add_extras(Socket *s) {
309 Unit *u = UNIT(s);
310 int r;
311
312 assert(s);
313
314 if (have_non_accept_socket(s)) {
315
316 if (!UNIT_DEREF(s->service)) {
317 Unit *x;
318
319 r = unit_load_related_unit(u, ".service", &x);
320 if (r < 0)
321 return r;
322
323 unit_ref_set(&s->service, x);
324 }
325
326 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
327 if (r < 0)
328 return r;
329 }
330
331 r = socket_add_mount_links(s);
332 if (r < 0)
333 return r;
334
335 r = socket_add_device_link(s);
336 if (r < 0)
337 return r;
338
339 r = unit_exec_context_patch_defaults(u, &s->exec_context);
340 if (r < 0)
341 return r;
342
343 if (socket_has_exec(s)) {
344 r = unit_add_exec_dependencies(u, &s->exec_context);
345 if (r < 0)
346 return r;
347
348 r = unit_add_default_slice(u);
349 if (r < 0)
350 return r;
351 }
352
353 if (u->default_dependencies) {
354 r = socket_add_default_dependencies(s);
355 if (r < 0)
356 return r;
357 }
358
359 return 0;
360 }
361
362 static int socket_verify(Socket *s) {
363 assert(s);
364
365 if (UNIT(s)->load_state != UNIT_LOADED)
366 return 0;
367
368 if (!s->ports) {
369 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
370 return -EINVAL;
371 }
372
373 if (s->accept && have_non_accept_socket(s)) {
374 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
375 UNIT(s)->id);
376 return -EINVAL;
377 }
378
379 if (s->accept && s->max_connections <= 0) {
380 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
381 return -EINVAL;
382 }
383
384 if (s->accept && UNIT_DEREF(s->service)) {
385 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
386 return -EINVAL;
387 }
388
389 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
390 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
391 return -EINVAL;
392 }
393
394 return 0;
395 }
396
397 static int socket_load(Unit *u) {
398 Socket *s = SOCKET(u);
399 int r;
400
401 assert(u);
402 assert(u->load_state == UNIT_STUB);
403
404 r = unit_load_fragment_and_dropin(u);
405 if (r < 0)
406 return r;
407
408 if (u->load_state == UNIT_LOADED) {
409 /* This is a new unit? Then let's add in some extras */
410 r = socket_add_extras(s);
411 if (r < 0)
412 return r;
413 }
414
415 return socket_verify(s);
416 }
417
418 _const_ static const char* listen_lookup(int family, int type) {
419
420 if (family == AF_NETLINK)
421 return "ListenNetlink";
422
423 if (type == SOCK_STREAM)
424 return "ListenStream";
425 else if (type == SOCK_DGRAM)
426 return "ListenDatagram";
427 else if (type == SOCK_SEQPACKET)
428 return "ListenSequentialPacket";
429
430 assert_not_reached("Unknown socket type");
431 return NULL;
432 }
433
434 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
435 SocketExecCommand c;
436 Socket *s = SOCKET(u);
437 SocketPort *p;
438 const char *prefix2;
439
440 assert(s);
441 assert(f);
442
443 prefix2 = strappenda(prefix, "\t");
444
445 fprintf(f,
446 "%sSocket State: %s\n"
447 "%sResult: %s\n"
448 "%sBindIPv6Only: %s\n"
449 "%sBacklog: %u\n"
450 "%sSocketMode: %04o\n"
451 "%sDirectoryMode: %04o\n"
452 "%sKeepAlive: %s\n"
453 "%sFreeBind: %s\n"
454 "%sTransparent: %s\n"
455 "%sBroadcast: %s\n"
456 "%sPassCredentials: %s\n"
457 "%sPassSecurity: %s\n"
458 "%sTCPCongestion: %s\n",
459 prefix, socket_state_to_string(s->state),
460 prefix, socket_result_to_string(s->result),
461 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
462 prefix, s->backlog,
463 prefix, s->socket_mode,
464 prefix, s->directory_mode,
465 prefix, yes_no(s->keep_alive),
466 prefix, yes_no(s->free_bind),
467 prefix, yes_no(s->transparent),
468 prefix, yes_no(s->broadcast),
469 prefix, yes_no(s->pass_cred),
470 prefix, yes_no(s->pass_sec),
471 prefix, strna(s->tcp_congestion));
472
473 if (s->control_pid > 0)
474 fprintf(f,
475 "%sControl PID: %lu\n",
476 prefix, (unsigned long) s->control_pid);
477
478 if (s->bind_to_device)
479 fprintf(f,
480 "%sBindToDevice: %s\n",
481 prefix, s->bind_to_device);
482
483 if (s->accept)
484 fprintf(f,
485 "%sAccepted: %u\n"
486 "%sNConnections: %u\n"
487 "%sMaxConnections: %u\n",
488 prefix, s->n_accepted,
489 prefix, s->n_connections,
490 prefix, s->max_connections);
491
492 if (s->priority >= 0)
493 fprintf(f,
494 "%sPriority: %i\n",
495 prefix, s->priority);
496
497 if (s->receive_buffer > 0)
498 fprintf(f,
499 "%sReceiveBuffer: %zu\n",
500 prefix, s->receive_buffer);
501
502 if (s->send_buffer > 0)
503 fprintf(f,
504 "%sSendBuffer: %zu\n",
505 prefix, s->send_buffer);
506
507 if (s->ip_tos >= 0)
508 fprintf(f,
509 "%sIPTOS: %i\n",
510 prefix, s->ip_tos);
511
512 if (s->ip_ttl >= 0)
513 fprintf(f,
514 "%sIPTTL: %i\n",
515 prefix, s->ip_ttl);
516
517 if (s->pipe_size > 0)
518 fprintf(f,
519 "%sPipeSize: %zu\n",
520 prefix, s->pipe_size);
521
522 if (s->mark >= 0)
523 fprintf(f,
524 "%sMark: %i\n",
525 prefix, s->mark);
526
527 if (s->mq_maxmsg > 0)
528 fprintf(f,
529 "%sMessageQueueMaxMessages: %li\n",
530 prefix, s->mq_maxmsg);
531
532 if (s->mq_msgsize > 0)
533 fprintf(f,
534 "%sMessageQueueMessageSize: %li\n",
535 prefix, s->mq_msgsize);
536
537 if (s->reuse_port)
538 fprintf(f,
539 "%sReusePort: %s\n",
540 prefix, yes_no(s->reuse_port));
541
542 if (s->smack)
543 fprintf(f,
544 "%sSmackLabel: %s\n",
545 prefix, s->smack);
546
547 if (s->smack_ip_in)
548 fprintf(f,
549 "%sSmackLabelIPIn: %s\n",
550 prefix, s->smack_ip_in);
551
552 if (s->smack_ip_out)
553 fprintf(f,
554 "%sSmackLabelIPOut: %s\n",
555 prefix, s->smack_ip_out);
556
557 LIST_FOREACH(port, p, s->ports) {
558
559 if (p->type == SOCKET_SOCKET) {
560 const char *t;
561 int r;
562 char *k = NULL;
563
564 if ((r = socket_address_print(&p->address, &k)) < 0)
565 t = strerror(-r);
566 else
567 t = k;
568
569 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
570 free(k);
571 } else if (p->type == SOCKET_SPECIAL)
572 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
573 else if (p->type == SOCKET_MQUEUE)
574 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
575 else
576 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
577 }
578
579 exec_context_dump(&s->exec_context, f, prefix);
580 kill_context_dump(&s->kill_context, f, prefix);
581
582 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
583 if (!s->exec_command[c])
584 continue;
585
586 fprintf(f, "%s-> %s:\n",
587 prefix, socket_exec_command_to_string(c));
588
589 exec_command_dump_list(s->exec_command[c], f, prefix2);
590 }
591 }
592
593 static int instance_from_socket(int fd, unsigned nr, char **instance) {
594 socklen_t l;
595 char *r;
596 union sockaddr_union local, remote;
597
598 assert(fd >= 0);
599 assert(instance);
600
601 l = sizeof(local);
602 if (getsockname(fd, &local.sa, &l) < 0)
603 return -errno;
604
605 l = sizeof(remote);
606 if (getpeername(fd, &remote.sa, &l) < 0)
607 return -errno;
608
609 switch (local.sa.sa_family) {
610
611 case AF_INET: {
612 uint32_t
613 a = ntohl(local.in.sin_addr.s_addr),
614 b = ntohl(remote.in.sin_addr.s_addr);
615
616 if (asprintf(&r,
617 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
618 nr,
619 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
620 ntohs(local.in.sin_port),
621 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
622 ntohs(remote.in.sin_port)) < 0)
623 return -ENOMEM;
624
625 break;
626 }
627
628 case AF_INET6: {
629 static const unsigned char ipv4_prefix[] = {
630 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
631 };
632
633 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
634 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
635 const uint8_t
636 *a = local.in6.sin6_addr.s6_addr+12,
637 *b = remote.in6.sin6_addr.s6_addr+12;
638
639 if (asprintf(&r,
640 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
641 nr,
642 a[0], a[1], a[2], a[3],
643 ntohs(local.in6.sin6_port),
644 b[0], b[1], b[2], b[3],
645 ntohs(remote.in6.sin6_port)) < 0)
646 return -ENOMEM;
647 } else {
648 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
649
650 if (asprintf(&r,
651 "%u-%s:%u-%s:%u",
652 nr,
653 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
654 ntohs(local.in6.sin6_port),
655 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
656 ntohs(remote.in6.sin6_port)) < 0)
657 return -ENOMEM;
658 }
659
660 break;
661 }
662
663 case AF_UNIX: {
664 struct ucred ucred;
665 int k;
666
667 k = getpeercred(fd, &ucred);
668 if (k < 0)
669 return k;
670
671 if (asprintf(&r,
672 "%u-%lu-%lu",
673 nr,
674 (unsigned long) ucred.pid,
675 (unsigned long) ucred.uid) < 0)
676 return -ENOMEM;
677
678 break;
679 }
680
681 default:
682 assert_not_reached("Unhandled socket type.");
683 }
684
685 *instance = r;
686 return 0;
687 }
688
689 static void socket_close_fds(Socket *s) {
690 SocketPort *p;
691
692 assert(s);
693
694 LIST_FOREACH(port, p, s->ports) {
695
696 p->event_source = sd_event_source_unref(p->event_source);
697
698 if (p->fd < 0)
699 continue;
700
701 p->fd = safe_close(p->fd);
702
703 /* One little note: we should never delete any sockets
704 * in the file system here! After all some other
705 * process we spawned might still have a reference of
706 * this fd and wants to continue to use it. Therefore
707 * we delete sockets in the file system before we
708 * create a new one, not after we stopped using
709 * one! */
710 }
711 }
712
713 static void socket_apply_socket_options(Socket *s, int fd) {
714 assert(s);
715 assert(fd >= 0);
716
717 if (s->keep_alive) {
718 int b = s->keep_alive;
719 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
720 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
721 }
722
723 if (s->broadcast) {
724 int one = 1;
725 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
726 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
727 }
728
729 if (s->pass_cred) {
730 int one = 1;
731 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
732 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
733 }
734
735 if (s->pass_sec) {
736 int one = 1;
737 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
738 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
739 }
740
741 if (s->priority >= 0)
742 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
743 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
744
745 if (s->receive_buffer > 0) {
746 int value = (int) s->receive_buffer;
747
748 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
749
750 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
751 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
752 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
753 }
754
755 if (s->send_buffer > 0) {
756 int value = (int) s->send_buffer;
757 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
758 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
759 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
760 }
761
762 if (s->mark >= 0)
763 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
764 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
765
766 if (s->ip_tos >= 0)
767 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
768 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
769
770 if (s->ip_ttl >= 0) {
771 int r, x;
772
773 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
774
775 if (socket_ipv6_is_supported())
776 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
777 else {
778 x = -1;
779 errno = EAFNOSUPPORT;
780 }
781
782 if (r < 0 && x < 0)
783 log_warning_unit(UNIT(s)->id,
784 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
785 }
786
787 if (s->tcp_congestion)
788 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
789 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
790
791 if (s->reuse_port) {
792 int b = s->reuse_port;
793 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
794 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
795 }
796
797 if (s->smack_ip_in)
798 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
799 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
800
801 if (s->smack_ip_out)
802 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
803 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
804 }
805
806 static void socket_apply_fifo_options(Socket *s, int fd) {
807 assert(s);
808 assert(fd >= 0);
809
810 if (s->pipe_size > 0)
811 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
812 log_warning_unit(UNIT(s)->id,
813 "F_SETPIPE_SZ: %m");
814
815 if (s->smack)
816 if (smack_label_fd(fd, s->smack) < 0)
817 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
818 }
819
820 static int fifo_address_create(
821 const char *path,
822 mode_t directory_mode,
823 mode_t socket_mode,
824 int *_fd) {
825
826 int fd = -1, r = 0;
827 struct stat st;
828 mode_t old_mask;
829
830 assert(path);
831 assert(_fd);
832
833 mkdir_parents_label(path, directory_mode);
834
835 r = label_context_set(path, S_IFIFO);
836 if (r < 0)
837 goto fail;
838
839 /* Enforce the right access mode for the fifo */
840 old_mask = umask(~ socket_mode);
841
842 /* Include the original umask in our mask */
843 umask(~socket_mode | old_mask);
844
845 r = mkfifo(path, socket_mode);
846 umask(old_mask);
847
848 if (r < 0 && errno != EEXIST) {
849 r = -errno;
850 goto fail;
851 }
852
853 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
854 r = -errno;
855 goto fail;
856 }
857
858 label_context_clear();
859
860 if (fstat(fd, &st) < 0) {
861 r = -errno;
862 goto fail;
863 }
864
865 if (!S_ISFIFO(st.st_mode) ||
866 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
867 st.st_uid != getuid() ||
868 st.st_gid != getgid()) {
869
870 r = -EEXIST;
871 goto fail;
872 }
873
874 *_fd = fd;
875 return 0;
876
877 fail:
878 label_context_clear();
879 safe_close(fd);
880
881 return r;
882 }
883
884 static int special_address_create(
885 const char *path,
886 int *_fd) {
887
888 int fd = -1, r = 0;
889 struct stat st;
890
891 assert(path);
892 assert(_fd);
893
894 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
895 r = -errno;
896 goto fail;
897 }
898
899 if (fstat(fd, &st) < 0) {
900 r = -errno;
901 goto fail;
902 }
903
904 /* Check whether this is a /proc, /sys or /dev file or char device */
905 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
906 r = -EEXIST;
907 goto fail;
908 }
909
910 *_fd = fd;
911 return 0;
912
913 fail:
914 safe_close(fd);
915
916 return r;
917 }
918
919 static int mq_address_create(
920 const char *path,
921 mode_t mq_mode,
922 long maxmsg,
923 long msgsize,
924 int *_fd) {
925
926 int fd = -1, r = 0;
927 struct stat st;
928 mode_t old_mask;
929 struct mq_attr _attr, *attr = NULL;
930
931 assert(path);
932 assert(_fd);
933
934 if (maxmsg > 0 && msgsize > 0) {
935 zero(_attr);
936 _attr.mq_flags = O_NONBLOCK;
937 _attr.mq_maxmsg = maxmsg;
938 _attr.mq_msgsize = msgsize;
939 attr = &_attr;
940 }
941
942 /* Enforce the right access mode for the mq */
943 old_mask = umask(~ mq_mode);
944
945 /* Include the original umask in our mask */
946 umask(~mq_mode | old_mask);
947
948 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
949 umask(old_mask);
950
951 if (fd < 0) {
952 r = -errno;
953 goto fail;
954 }
955
956 if (fstat(fd, &st) < 0) {
957 r = -errno;
958 goto fail;
959 }
960
961 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
962 st.st_uid != getuid() ||
963 st.st_gid != getgid()) {
964
965 r = -EEXIST;
966 goto fail;
967 }
968
969 *_fd = fd;
970 return 0;
971
972 fail:
973 safe_close(fd);
974 return r;
975 }
976
977 static int socket_open_fds(Socket *s) {
978 SocketPort *p;
979 int r;
980 char *label = NULL;
981 bool know_label = false;
982
983 assert(s);
984
985 LIST_FOREACH(port, p, s->ports) {
986
987 if (p->fd >= 0)
988 continue;
989
990 if (p->type == SOCKET_SOCKET) {
991
992 if (!know_label) {
993
994 if ((r = socket_instantiate_service(s)) < 0)
995 return r;
996
997 if (UNIT_ISSET(s->service) &&
998 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
999 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1000
1001 if (r < 0) {
1002 if (r != -EPERM)
1003 return r;
1004 }
1005 }
1006
1007 know_label = true;
1008 }
1009
1010 r = socket_address_listen(
1011 &p->address,
1012 SOCK_CLOEXEC|SOCK_NONBLOCK,
1013 s->backlog,
1014 s->bind_ipv6_only,
1015 s->bind_to_device,
1016 s->free_bind,
1017 s->transparent,
1018 s->directory_mode,
1019 s->socket_mode,
1020 label);
1021 if (r < 0)
1022 goto rollback;
1023
1024 p->fd = r;
1025 socket_apply_socket_options(s, p->fd);
1026
1027 } else if (p->type == SOCKET_SPECIAL) {
1028
1029 r = special_address_create(
1030 p->path,
1031 &p->fd);
1032 if (r < 0)
1033 goto rollback;
1034
1035 } else if (p->type == SOCKET_FIFO) {
1036
1037 r = fifo_address_create(
1038 p->path,
1039 s->directory_mode,
1040 s->socket_mode,
1041 &p->fd);
1042 if (r < 0)
1043 goto rollback;
1044
1045 socket_apply_fifo_options(s, p->fd);
1046 } else if (p->type == SOCKET_MQUEUE) {
1047
1048 r = mq_address_create(
1049 p->path,
1050 s->socket_mode,
1051 s->mq_maxmsg,
1052 s->mq_msgsize,
1053 &p->fd);
1054 if (r < 0)
1055 goto rollback;
1056 } else
1057 assert_not_reached("Unknown port type");
1058 }
1059
1060 label_free(label);
1061 return 0;
1062
1063 rollback:
1064 socket_close_fds(s);
1065 label_free(label);
1066 return r;
1067 }
1068
1069 static void socket_unwatch_fds(Socket *s) {
1070 SocketPort *p;
1071 int r;
1072
1073 assert(s);
1074
1075 LIST_FOREACH(port, p, s->ports) {
1076 if (p->fd < 0)
1077 continue;
1078
1079 if (p->event_source) {
1080 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1081 if (r < 0)
1082 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1083 }
1084 }
1085 }
1086
1087 static int socket_watch_fds(Socket *s) {
1088 SocketPort *p;
1089 int r;
1090
1091 assert(s);
1092
1093 LIST_FOREACH(port, p, s->ports) {
1094 if (p->fd < 0)
1095 continue;
1096
1097 if (p->event_source)
1098 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1099 else
1100 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1101
1102 if (r < 0) {
1103 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1104 goto fail;
1105 }
1106 }
1107
1108 return 0;
1109
1110 fail:
1111 socket_unwatch_fds(s);
1112 return r;
1113 }
1114
1115 static void socket_set_state(Socket *s, SocketState state) {
1116 SocketState old_state;
1117 assert(s);
1118
1119 old_state = s->state;
1120 s->state = state;
1121
1122 if (state != SOCKET_START_PRE &&
1123 state != SOCKET_START_POST &&
1124 state != SOCKET_STOP_PRE &&
1125 state != SOCKET_STOP_PRE_SIGTERM &&
1126 state != SOCKET_STOP_PRE_SIGKILL &&
1127 state != SOCKET_STOP_POST &&
1128 state != SOCKET_FINAL_SIGTERM &&
1129 state != SOCKET_FINAL_SIGKILL) {
1130
1131 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1132 socket_unwatch_control_pid(s);
1133 s->control_command = NULL;
1134 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1135 }
1136
1137 if (state != SOCKET_LISTENING)
1138 socket_unwatch_fds(s);
1139
1140 if (state != SOCKET_START_POST &&
1141 state != SOCKET_LISTENING &&
1142 state != SOCKET_RUNNING &&
1143 state != SOCKET_STOP_PRE &&
1144 state != SOCKET_STOP_PRE_SIGTERM &&
1145 state != SOCKET_STOP_PRE_SIGKILL)
1146 socket_close_fds(s);
1147
1148 if (state != old_state)
1149 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1150 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1151
1152 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1153 }
1154
1155 static int socket_coldplug(Unit *u) {
1156 Socket *s = SOCKET(u);
1157 int r;
1158
1159 assert(s);
1160 assert(s->state == SOCKET_DEAD);
1161
1162 if (s->deserialized_state == s->state)
1163 return 0;
1164
1165 if (s->deserialized_state == SOCKET_START_PRE ||
1166 s->deserialized_state == SOCKET_START_POST ||
1167 s->deserialized_state == SOCKET_STOP_PRE ||
1168 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1169 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1170 s->deserialized_state == SOCKET_STOP_POST ||
1171 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1172 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1173
1174 if (s->control_pid <= 0)
1175 return -EBADMSG;
1176
1177 r = unit_watch_pid(UNIT(s), s->control_pid);
1178 if (r < 0)
1179 return r;
1180
1181 r = socket_arm_timer(s);
1182 if (r < 0)
1183 return r;
1184 }
1185
1186 if (s->deserialized_state == SOCKET_START_POST ||
1187 s->deserialized_state == SOCKET_LISTENING ||
1188 s->deserialized_state == SOCKET_RUNNING ||
1189 s->deserialized_state == SOCKET_STOP_PRE ||
1190 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1191 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL) {
1192 r = socket_open_fds(s);
1193 if (r < 0)
1194 return r;
1195 }
1196
1197 if (s->deserialized_state == SOCKET_LISTENING) {
1198 r = socket_watch_fds(s);
1199 if (r < 0)
1200 return r;
1201 }
1202
1203 socket_set_state(s, s->deserialized_state);
1204 return 0;
1205 }
1206
1207 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1208 pid_t pid;
1209 int r;
1210 char **argv;
1211
1212 assert(s);
1213 assert(c);
1214 assert(_pid);
1215
1216 unit_realize_cgroup(UNIT(s));
1217
1218 r = unit_setup_exec_runtime(UNIT(s));
1219 if (r < 0)
1220 goto fail;
1221
1222 r = socket_arm_timer(s);
1223 if (r < 0)
1224 goto fail;
1225
1226 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1227 if (r < 0)
1228 goto fail;
1229
1230 r = exec_spawn(c,
1231 argv,
1232 &s->exec_context,
1233 NULL, 0,
1234 UNIT(s)->manager->environment,
1235 true,
1236 true,
1237 true,
1238 UNIT(s)->manager->confirm_spawn,
1239 UNIT(s)->manager->cgroup_supported,
1240 UNIT(s)->cgroup_path,
1241 manager_get_runtime_prefix(UNIT(s)->manager),
1242 UNIT(s)->id,
1243 0,
1244 NULL,
1245 s->exec_runtime,
1246 &pid);
1247
1248 strv_free(argv);
1249 if (r < 0)
1250 goto fail;
1251
1252 r = unit_watch_pid(UNIT(s), pid);
1253 if (r < 0)
1254 /* FIXME: we need to do something here */
1255 goto fail;
1256
1257 *_pid = pid;
1258
1259 return 0;
1260
1261 fail:
1262 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1263
1264 return r;
1265 }
1266
1267 static void socket_enter_dead(Socket *s, SocketResult f) {
1268 assert(s);
1269
1270 if (f != SOCKET_SUCCESS)
1271 s->result = f;
1272
1273 exec_runtime_destroy(s->exec_runtime);
1274 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1275
1276 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1277
1278 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1279 }
1280
1281 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1282
1283 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1284 int r;
1285 assert(s);
1286
1287 if (f != SOCKET_SUCCESS)
1288 s->result = f;
1289
1290 socket_unwatch_control_pid(s);
1291
1292 s->control_command_id = SOCKET_EXEC_STOP_POST;
1293
1294 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1295 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1296 goto fail;
1297
1298 socket_set_state(s, SOCKET_STOP_POST);
1299 } else
1300 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1301
1302 return;
1303
1304 fail:
1305 log_warning_unit(UNIT(s)->id,
1306 "%s failed to run 'stop-post' task: %s",
1307 UNIT(s)->id, strerror(-r));
1308 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1309 }
1310
1311 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1312 int r;
1313
1314 assert(s);
1315
1316 if (f != SOCKET_SUCCESS)
1317 s->result = f;
1318
1319 r = unit_kill_context(
1320 UNIT(s),
1321 &s->kill_context,
1322 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1323 -1,
1324 s->control_pid,
1325 false);
1326 if (r < 0)
1327 goto fail;
1328
1329 if (r > 0) {
1330 r = socket_arm_timer(s);
1331 if (r < 0)
1332 goto fail;
1333
1334 socket_set_state(s, state);
1335 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1336 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1337 else if (state == SOCKET_STOP_PRE_SIGKILL)
1338 socket_enter_stop_post(s, SOCKET_SUCCESS);
1339 else if (state == SOCKET_FINAL_SIGTERM)
1340 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1341 else
1342 socket_enter_dead(s, SOCKET_SUCCESS);
1343
1344 return;
1345
1346 fail:
1347 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1348
1349 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1350 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1351 else
1352 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1353 }
1354
1355 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1356 int r;
1357 assert(s);
1358
1359 if (f != SOCKET_SUCCESS)
1360 s->result = f;
1361
1362 socket_unwatch_control_pid(s);
1363
1364 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1365
1366 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1367 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1368 goto fail;
1369
1370 socket_set_state(s, SOCKET_STOP_PRE);
1371 } else
1372 socket_enter_stop_post(s, SOCKET_SUCCESS);
1373
1374 return;
1375
1376 fail:
1377 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1378 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1379 }
1380
1381 static void socket_enter_listening(Socket *s) {
1382 int r;
1383 assert(s);
1384
1385 r = socket_watch_fds(s);
1386 if (r < 0) {
1387 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1388 goto fail;
1389 }
1390
1391 socket_set_state(s, SOCKET_LISTENING);
1392 return;
1393
1394 fail:
1395 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1396 }
1397
1398 static void socket_enter_start_post(Socket *s) {
1399 int r;
1400 assert(s);
1401
1402 r = socket_open_fds(s);
1403 if (r < 0) {
1404 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1405 goto fail;
1406 }
1407
1408 socket_unwatch_control_pid(s);
1409
1410 s->control_command_id = SOCKET_EXEC_START_POST;
1411
1412 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1413 r = socket_spawn(s, s->control_command, &s->control_pid);
1414 if (r < 0) {
1415 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1416 goto fail;
1417 }
1418
1419 socket_set_state(s, SOCKET_START_POST);
1420 } else
1421 socket_enter_listening(s);
1422
1423 return;
1424
1425 fail:
1426 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1427 }
1428
1429 static void socket_enter_start_pre(Socket *s) {
1430 int r;
1431 assert(s);
1432
1433 socket_unwatch_control_pid(s);
1434
1435 s->control_command_id = SOCKET_EXEC_START_PRE;
1436
1437 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1438 r = socket_spawn(s, s->control_command, &s->control_pid);
1439 if (r < 0)
1440 goto fail;
1441
1442 socket_set_state(s, SOCKET_START_PRE);
1443 } else
1444 socket_enter_start_post(s);
1445
1446 return;
1447
1448 fail:
1449 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1450 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1451 }
1452
1453 static void socket_enter_running(Socket *s, int cfd) {
1454 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1455 int r;
1456
1457 assert(s);
1458
1459 /* We don't take connections anymore if we are supposed to
1460 * shut down anyway */
1461 if (unit_stop_pending(UNIT(s))) {
1462
1463 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1464
1465 if (cfd >= 0)
1466 safe_close(cfd);
1467 else {
1468 /* Flush all sockets by closing and reopening them */
1469 socket_close_fds(s);
1470
1471 r = socket_open_fds(s);
1472 if (r < 0) {
1473 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1474 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1475 return;
1476 }
1477
1478 r = socket_watch_fds(s);
1479 if (r < 0) {
1480 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1481 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1482 }
1483 }
1484
1485 return;
1486 }
1487
1488 if (cfd < 0) {
1489 Iterator i;
1490 Unit *other;
1491 bool pending = false;
1492
1493 /* If there's already a start pending don't bother to
1494 * do anything */
1495 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1496 if (unit_active_or_pending(other)) {
1497 pending = true;
1498 break;
1499 }
1500
1501 if (!pending) {
1502 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1503 if (r < 0)
1504 goto fail;
1505 }
1506
1507 socket_set_state(s, SOCKET_RUNNING);
1508 } else {
1509 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1510 Service *service;
1511
1512 if (s->n_connections >= s->max_connections) {
1513 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1514 safe_close(cfd);
1515 return;
1516 }
1517
1518 r = socket_instantiate_service(s);
1519 if (r < 0)
1520 goto fail;
1521
1522 r = instance_from_socket(cfd, s->n_accepted, &instance);
1523 if (r < 0) {
1524 if (r != -ENOTCONN)
1525 goto fail;
1526
1527 /* ENOTCONN is legitimate if TCP RST was received.
1528 * This connection is over, but the socket unit lives on. */
1529 safe_close(cfd);
1530 return;
1531 }
1532
1533 prefix = unit_name_to_prefix(UNIT(s)->id);
1534 if (!prefix) {
1535 r = -ENOMEM;
1536 goto fail;
1537 }
1538
1539 name = unit_name_build(prefix, instance, ".service");
1540 if (!name) {
1541 r = -ENOMEM;
1542 goto fail;
1543 }
1544
1545 r = unit_add_name(UNIT_DEREF(s->service), name);
1546 if (r < 0)
1547 goto fail;
1548
1549 service = SERVICE(UNIT_DEREF(s->service));
1550 unit_ref_unset(&s->service);
1551 s->n_accepted ++;
1552
1553 UNIT(service)->no_gc = false;
1554
1555 unit_choose_id(UNIT(service), name);
1556
1557 r = service_set_socket_fd(service, cfd, s);
1558 if (r < 0)
1559 goto fail;
1560
1561 cfd = -1;
1562 s->n_connections ++;
1563
1564 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1565 if (r < 0)
1566 goto fail;
1567
1568 /* Notify clients about changed counters */
1569 unit_add_to_dbus_queue(UNIT(s));
1570 }
1571
1572 return;
1573
1574 fail:
1575 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1576 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1577 bus_error_message(&error, r));
1578
1579 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1580 safe_close(cfd);
1581 }
1582
1583 static void socket_run_next(Socket *s) {
1584 int r;
1585
1586 assert(s);
1587 assert(s->control_command);
1588 assert(s->control_command->command_next);
1589
1590 socket_unwatch_control_pid(s);
1591
1592 s->control_command = s->control_command->command_next;
1593
1594 r = socket_spawn(s, s->control_command, &s->control_pid);
1595 if (r < 0)
1596 goto fail;
1597
1598 return;
1599
1600 fail:
1601 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1602
1603 if (s->state == SOCKET_START_POST)
1604 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1605 else if (s->state == SOCKET_STOP_POST)
1606 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1607 else
1608 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1609 }
1610
1611 static int socket_start(Unit *u) {
1612 Socket *s = SOCKET(u);
1613
1614 assert(s);
1615
1616 /* We cannot fulfill this request right now, try again later
1617 * please! */
1618 if (s->state == SOCKET_STOP_PRE ||
1619 s->state == SOCKET_STOP_PRE_SIGKILL ||
1620 s->state == SOCKET_STOP_PRE_SIGTERM ||
1621 s->state == SOCKET_STOP_POST ||
1622 s->state == SOCKET_FINAL_SIGTERM ||
1623 s->state == SOCKET_FINAL_SIGKILL)
1624 return -EAGAIN;
1625
1626 if (s->state == SOCKET_START_PRE ||
1627 s->state == SOCKET_START_POST)
1628 return 0;
1629
1630 /* Cannot run this without the service being around */
1631 if (UNIT_ISSET(s->service)) {
1632 Service *service;
1633
1634 service = SERVICE(UNIT_DEREF(s->service));
1635
1636 if (UNIT(service)->load_state != UNIT_LOADED) {
1637 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1638 return -ENOENT;
1639 }
1640
1641 /* If the service is already active we cannot start the
1642 * socket */
1643 if (service->state != SERVICE_DEAD &&
1644 service->state != SERVICE_FAILED &&
1645 service->state != SERVICE_AUTO_RESTART) {
1646 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1647 return -EBUSY;
1648 }
1649
1650 #ifdef HAVE_SYSV_COMPAT
1651 if (service->is_sysv) {
1652 log_error_unit(u->id,
1653 "Using SysV services for socket activation is not supported. Refusing.");
1654 return -ENOENT;
1655 }
1656 #endif
1657 }
1658
1659 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1660
1661 s->result = SOCKET_SUCCESS;
1662 socket_enter_start_pre(s);
1663
1664 return 0;
1665 }
1666
1667 static int socket_stop(Unit *u) {
1668 Socket *s = SOCKET(u);
1669
1670 assert(s);
1671
1672 /* Already on it */
1673 if (s->state == SOCKET_STOP_PRE ||
1674 s->state == SOCKET_STOP_PRE_SIGTERM ||
1675 s->state == SOCKET_STOP_PRE_SIGKILL ||
1676 s->state == SOCKET_STOP_POST ||
1677 s->state == SOCKET_FINAL_SIGTERM ||
1678 s->state == SOCKET_FINAL_SIGKILL)
1679 return 0;
1680
1681 /* If there's already something running we go directly into
1682 * kill mode. */
1683 if (s->state == SOCKET_START_PRE ||
1684 s->state == SOCKET_START_POST) {
1685 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1686 return -EAGAIN;
1687 }
1688
1689 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1690
1691 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1692 return 0;
1693 }
1694
1695 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1696 Socket *s = SOCKET(u);
1697 SocketPort *p;
1698 int r;
1699
1700 assert(u);
1701 assert(f);
1702 assert(fds);
1703
1704 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1705 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1706 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1707
1708 if (s->control_pid > 0)
1709 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1710
1711 if (s->control_command_id >= 0)
1712 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1713
1714 LIST_FOREACH(port, p, s->ports) {
1715 int copy;
1716
1717 if (p->fd < 0)
1718 continue;
1719
1720 copy = fdset_put_dup(fds, p->fd);
1721 if (copy < 0)
1722 return copy;
1723
1724 if (p->type == SOCKET_SOCKET) {
1725 _cleanup_free_ char *t = NULL;
1726
1727 r = socket_address_print(&p->address, &t);
1728 if (r < 0)
1729 return r;
1730
1731 if (socket_address_family(&p->address) == AF_NETLINK)
1732 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1733 else
1734 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1735
1736 } else if (p->type == SOCKET_SPECIAL)
1737 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1738 else if (p->type == SOCKET_MQUEUE)
1739 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1740 else {
1741 assert(p->type == SOCKET_FIFO);
1742 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1743 }
1744 }
1745
1746 return 0;
1747 }
1748
1749 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1750 Socket *s = SOCKET(u);
1751
1752 assert(u);
1753 assert(key);
1754 assert(value);
1755
1756 if (streq(key, "state")) {
1757 SocketState state;
1758
1759 state = socket_state_from_string(value);
1760 if (state < 0)
1761 log_debug_unit(u->id, "Failed to parse state value %s", value);
1762 else
1763 s->deserialized_state = state;
1764 } else if (streq(key, "result")) {
1765 SocketResult f;
1766
1767 f = socket_result_from_string(value);
1768 if (f < 0)
1769 log_debug_unit(u->id, "Failed to parse result value %s", value);
1770 else if (f != SOCKET_SUCCESS)
1771 s->result = f;
1772
1773 } else if (streq(key, "n-accepted")) {
1774 unsigned k;
1775
1776 if (safe_atou(value, &k) < 0)
1777 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1778 else
1779 s->n_accepted += k;
1780 } else if (streq(key, "control-pid")) {
1781 pid_t pid;
1782
1783 if (parse_pid(value, &pid) < 0)
1784 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1785 else
1786 s->control_pid = pid;
1787 } else if (streq(key, "control-command")) {
1788 SocketExecCommand id;
1789
1790 id = socket_exec_command_from_string(value);
1791 if (id < 0)
1792 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
1793 else {
1794 s->control_command_id = id;
1795 s->control_command = s->exec_command[id];
1796 }
1797 } else if (streq(key, "fifo")) {
1798 int fd, skip = 0;
1799 SocketPort *p;
1800
1801 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1802 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
1803 else {
1804
1805 LIST_FOREACH(port, p, s->ports)
1806 if (p->type == SOCKET_FIFO &&
1807 streq_ptr(p->path, value+skip))
1808 break;
1809
1810 if (p) {
1811 safe_close(p->fd);
1812 p->fd = fdset_remove(fds, fd);
1813 }
1814 }
1815
1816 } else if (streq(key, "special")) {
1817 int fd, skip = 0;
1818 SocketPort *p;
1819
1820 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1821 log_debug_unit(u->id, "Failed to parse special value %s", value);
1822 else {
1823
1824 LIST_FOREACH(port, p, s->ports)
1825 if (p->type == SOCKET_SPECIAL &&
1826 streq_ptr(p->path, value+skip))
1827 break;
1828
1829 if (p) {
1830 safe_close(p->fd);
1831 p->fd = fdset_remove(fds, fd);
1832 }
1833 }
1834
1835 } else if (streq(key, "mqueue")) {
1836 int fd, skip = 0;
1837 SocketPort *p;
1838
1839 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1840 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
1841 else {
1842
1843 LIST_FOREACH(port, p, s->ports)
1844 if (p->type == SOCKET_MQUEUE &&
1845 streq_ptr(p->path, value+skip))
1846 break;
1847
1848 if (p) {
1849 safe_close(p->fd);
1850 p->fd = fdset_remove(fds, fd);
1851 }
1852 }
1853
1854 } else if (streq(key, "socket")) {
1855 int fd, type, skip = 0;
1856 SocketPort *p;
1857
1858 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1859 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1860 else {
1861
1862 LIST_FOREACH(port, p, s->ports)
1863 if (socket_address_is(&p->address, value+skip, type))
1864 break;
1865
1866 if (p) {
1867 safe_close(p->fd);
1868 p->fd = fdset_remove(fds, fd);
1869 }
1870 }
1871
1872 } else if (streq(key, "netlink")) {
1873 int fd, skip = 0;
1874 SocketPort *p;
1875
1876 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1877 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1878 else {
1879
1880 LIST_FOREACH(port, p, s->ports)
1881 if (socket_address_is_netlink(&p->address, value+skip))
1882 break;
1883
1884 if (p) {
1885 safe_close(p->fd);
1886 p->fd = fdset_remove(fds, fd);
1887 }
1888 }
1889 } else
1890 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
1891
1892 return 0;
1893 }
1894
1895 static int socket_distribute_fds(Unit *u, FDSet *fds) {
1896 Socket *s = SOCKET(u);
1897 SocketPort *p;
1898
1899 assert(u);
1900
1901 LIST_FOREACH(port, p, s->ports) {
1902 Iterator i;
1903 int fd;
1904
1905 if (p->type != SOCKET_SOCKET)
1906 continue;
1907
1908 if (p->fd >= 0)
1909 continue;
1910
1911 FDSET_FOREACH(fd, fds, i) {
1912 if (socket_address_matches_fd(&p->address, fd)) {
1913 p->fd = fdset_remove(fds, fd);
1914 s->deserialized_state = SOCKET_LISTENING;
1915 break;
1916 }
1917 }
1918 }
1919
1920 return 0;
1921 }
1922
1923 _pure_ static UnitActiveState socket_active_state(Unit *u) {
1924 assert(u);
1925
1926 return state_translation_table[SOCKET(u)->state];
1927 }
1928
1929 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
1930 assert(u);
1931
1932 return socket_state_to_string(SOCKET(u)->state);
1933 }
1934
1935 const char* socket_port_type_to_string(SocketPort *p) {
1936
1937 assert(p);
1938
1939 switch (p->type) {
1940
1941 case SOCKET_SOCKET:
1942
1943 switch (p->address.type) {
1944
1945 case SOCK_STREAM:
1946 return "Stream";
1947
1948 case SOCK_DGRAM:
1949 return "Datagram";
1950
1951 case SOCK_SEQPACKET:
1952 return "SequentialPacket";
1953
1954 case SOCK_RAW:
1955 if (socket_address_family(&p->address) == AF_NETLINK)
1956 return "Netlink";
1957
1958 default:
1959 return NULL;
1960 }
1961
1962 case SOCKET_SPECIAL:
1963 return "Special";
1964
1965 case SOCKET_MQUEUE:
1966 return "MessageQueue";
1967
1968 case SOCKET_FIFO:
1969 return "FIFO";
1970
1971 default:
1972 return NULL;
1973 }
1974 }
1975
1976 _pure_ static bool socket_check_gc(Unit *u) {
1977 Socket *s = SOCKET(u);
1978
1979 assert(u);
1980
1981 return s->n_connections > 0;
1982 }
1983
1984 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1985 SocketPort *p = userdata;
1986 int cfd = -1;
1987
1988 assert(p);
1989 assert(fd >= 0);
1990
1991 if (p->socket->state != SOCKET_LISTENING)
1992 return 0;
1993
1994 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
1995
1996 if (revents != EPOLLIN) {
1997
1998 if (revents & EPOLLHUP)
1999 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2000 UNIT(p->socket)->id);
2001 else
2002 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2003 UNIT(p->socket)->id, revents);
2004
2005 goto fail;
2006 }
2007
2008 if (p->socket->accept &&
2009 p->type == SOCKET_SOCKET &&
2010 socket_address_can_accept(&p->address)) {
2011
2012 for (;;) {
2013
2014 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2015 if (cfd < 0) {
2016
2017 if (errno == EINTR)
2018 continue;
2019
2020 log_error_unit(UNIT(p->socket)->id,
2021 "Failed to accept socket: %m");
2022 goto fail;
2023 }
2024
2025 break;
2026 }
2027
2028 socket_apply_socket_options(p->socket, cfd);
2029 }
2030
2031 socket_enter_running(p->socket, cfd);
2032 return 0;
2033
2034 fail:
2035 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2036 return 0;
2037 }
2038
2039 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2040 Socket *s = SOCKET(u);
2041 SocketResult f;
2042
2043 assert(s);
2044 assert(pid >= 0);
2045
2046 if (pid != s->control_pid)
2047 return;
2048
2049 s->control_pid = 0;
2050
2051 if (is_clean_exit(code, status, NULL))
2052 f = SOCKET_SUCCESS;
2053 else if (code == CLD_EXITED)
2054 f = SOCKET_FAILURE_EXIT_CODE;
2055 else if (code == CLD_KILLED)
2056 f = SOCKET_FAILURE_SIGNAL;
2057 else if (code == CLD_DUMPED)
2058 f = SOCKET_FAILURE_CORE_DUMP;
2059 else
2060 assert_not_reached("Unknown code");
2061
2062 if (s->control_command) {
2063 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2064
2065 if (s->control_command->ignore)
2066 f = SOCKET_SUCCESS;
2067 }
2068
2069 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2070 u->id,
2071 "%s control process exited, code=%s status=%i",
2072 u->id, sigchld_code_to_string(code), status);
2073
2074 if (f != SOCKET_SUCCESS)
2075 s->result = f;
2076
2077 if (s->control_command &&
2078 s->control_command->command_next &&
2079 f == SOCKET_SUCCESS) {
2080
2081 log_debug_unit(u->id,
2082 "%s running next command for state %s",
2083 u->id, socket_state_to_string(s->state));
2084 socket_run_next(s);
2085 } else {
2086 s->control_command = NULL;
2087 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2088
2089 /* No further commands for this step, so let's figure
2090 * out what to do next */
2091
2092 log_debug_unit(u->id,
2093 "%s got final SIGCHLD for state %s",
2094 u->id, socket_state_to_string(s->state));
2095
2096 switch (s->state) {
2097
2098 case SOCKET_START_PRE:
2099 if (f == SOCKET_SUCCESS)
2100 socket_enter_start_post(s);
2101 else
2102 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2103 break;
2104
2105 case SOCKET_START_POST:
2106 if (f == SOCKET_SUCCESS)
2107 socket_enter_listening(s);
2108 else
2109 socket_enter_stop_pre(s, f);
2110 break;
2111
2112 case SOCKET_STOP_PRE:
2113 case SOCKET_STOP_PRE_SIGTERM:
2114 case SOCKET_STOP_PRE_SIGKILL:
2115 socket_enter_stop_post(s, f);
2116 break;
2117
2118 case SOCKET_STOP_POST:
2119 case SOCKET_FINAL_SIGTERM:
2120 case SOCKET_FINAL_SIGKILL:
2121 socket_enter_dead(s, f);
2122 break;
2123
2124 default:
2125 assert_not_reached("Uh, control process died at wrong time.");
2126 }
2127 }
2128
2129 /* Notify clients about changed exit status */
2130 unit_add_to_dbus_queue(u);
2131 }
2132
2133 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2134 Socket *s = SOCKET(userdata);
2135
2136 assert(s);
2137 assert(s->timer_event_source == source);
2138
2139 switch (s->state) {
2140
2141 case SOCKET_START_PRE:
2142 log_warning_unit(UNIT(s)->id,
2143 "%s starting timed out. Terminating.", UNIT(s)->id);
2144 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2145 break;
2146
2147 case SOCKET_START_POST:
2148 log_warning_unit(UNIT(s)->id,
2149 "%s starting timed out. Stopping.", UNIT(s)->id);
2150 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2151 break;
2152
2153 case SOCKET_STOP_PRE:
2154 log_warning_unit(UNIT(s)->id,
2155 "%s stopping timed out. Terminating.", UNIT(s)->id);
2156 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2157 break;
2158
2159 case SOCKET_STOP_PRE_SIGTERM:
2160 if (s->kill_context.send_sigkill) {
2161 log_warning_unit(UNIT(s)->id,
2162 "%s stopping timed out. Killing.", UNIT(s)->id);
2163 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2164 } else {
2165 log_warning_unit(UNIT(s)->id,
2166 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2167 UNIT(s)->id);
2168 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2169 }
2170 break;
2171
2172 case SOCKET_STOP_PRE_SIGKILL:
2173 log_warning_unit(UNIT(s)->id,
2174 "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2175 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2176 break;
2177
2178 case SOCKET_STOP_POST:
2179 log_warning_unit(UNIT(s)->id,
2180 "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2181 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2182 break;
2183
2184 case SOCKET_FINAL_SIGTERM:
2185 if (s->kill_context.send_sigkill) {
2186 log_warning_unit(UNIT(s)->id,
2187 "%s stopping timed out (2). Killing.", UNIT(s)->id);
2188 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2189 } else {
2190 log_warning_unit(UNIT(s)->id,
2191 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2192 UNIT(s)->id);
2193 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2194 }
2195 break;
2196
2197 case SOCKET_FINAL_SIGKILL:
2198 log_warning_unit(UNIT(s)->id,
2199 "%s still around after SIGKILL (2). Entering failed mode.",
2200 UNIT(s)->id);
2201 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2202 break;
2203
2204 default:
2205 assert_not_reached("Timeout at wrong time.");
2206 }
2207
2208 return 0;
2209 }
2210
2211 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2212 int *rfds;
2213 unsigned rn_fds, k;
2214 SocketPort *p;
2215
2216 assert(s);
2217 assert(fds);
2218 assert(n_fds);
2219
2220 /* Called from the service code for requesting our fds */
2221
2222 rn_fds = 0;
2223 LIST_FOREACH(port, p, s->ports)
2224 if (p->fd >= 0)
2225 rn_fds++;
2226
2227 if (rn_fds <= 0) {
2228 *fds = NULL;
2229 *n_fds = 0;
2230 return 0;
2231 }
2232
2233 if (!(rfds = new(int, rn_fds)))
2234 return -ENOMEM;
2235
2236 k = 0;
2237 LIST_FOREACH(port, p, s->ports)
2238 if (p->fd >= 0)
2239 rfds[k++] = p->fd;
2240
2241 assert(k == rn_fds);
2242
2243 *fds = rfds;
2244 *n_fds = rn_fds;
2245
2246 return 0;
2247 }
2248
2249 static void socket_reset_failed(Unit *u) {
2250 Socket *s = SOCKET(u);
2251
2252 assert(s);
2253
2254 if (s->state == SOCKET_FAILED)
2255 socket_set_state(s, SOCKET_DEAD);
2256
2257 s->result = SOCKET_SUCCESS;
2258 }
2259
2260 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2261 assert(s);
2262
2263 /* The service is dead. Dang!
2264 *
2265 * This is strictly for one-instance-for-all-connections
2266 * services. */
2267
2268 if (s->state == SOCKET_RUNNING) {
2269 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2270 if (failed_permanent)
2271 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2272 else
2273 socket_enter_listening(s);
2274 }
2275 }
2276
2277 void socket_connection_unref(Socket *s) {
2278 assert(s);
2279
2280 /* The service is dead. Yay!
2281 *
2282 * This is strictly for one-instance-per-connection
2283 * services. */
2284
2285 assert(s->n_connections > 0);
2286 s->n_connections--;
2287
2288 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2289 }
2290
2291 static void socket_trigger_notify(Unit *u, Unit *other) {
2292 Socket *s = SOCKET(u);
2293 Service *se;
2294
2295 assert(u);
2296 assert(other);
2297
2298 /* Don't propagate state changes from the service if we are
2299 already down or accepting connections */
2300 if ((s->state != SOCKET_RUNNING &&
2301 s->state != SOCKET_LISTENING) ||
2302 s->accept)
2303 return;
2304
2305 if (other->load_state != UNIT_LOADED ||
2306 other->type != UNIT_SERVICE)
2307 return;
2308
2309 se = SERVICE(other);
2310
2311 if (se->state == SERVICE_FAILED)
2312 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2313
2314 if (se->state == SERVICE_DEAD ||
2315 se->state == SERVICE_STOP ||
2316 se->state == SERVICE_STOP_SIGTERM ||
2317 se->state == SERVICE_STOP_SIGKILL ||
2318 se->state == SERVICE_STOP_POST ||
2319 se->state == SERVICE_FINAL_SIGTERM ||
2320 se->state == SERVICE_FINAL_SIGKILL ||
2321 se->state == SERVICE_AUTO_RESTART)
2322 socket_notify_service_dead(s, false);
2323
2324 if (se->state == SERVICE_RUNNING)
2325 socket_set_state(s, SOCKET_RUNNING);
2326 }
2327
2328 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2329 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2330 }
2331
2332 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2333 Socket *s = SOCKET(u);
2334 int r;
2335
2336 if (!s->timer_event_source)
2337 return 0;
2338
2339 r = sd_event_source_get_time(s->timer_event_source, timeout);
2340 if (r < 0)
2341 return r;
2342
2343 return 1;
2344 }
2345
2346 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2347 [SOCKET_DEAD] = "dead",
2348 [SOCKET_START_PRE] = "start-pre",
2349 [SOCKET_START_POST] = "start-post",
2350 [SOCKET_LISTENING] = "listening",
2351 [SOCKET_RUNNING] = "running",
2352 [SOCKET_STOP_PRE] = "stop-pre",
2353 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2354 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2355 [SOCKET_STOP_POST] = "stop-post",
2356 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2357 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2358 [SOCKET_FAILED] = "failed"
2359 };
2360
2361 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2362
2363 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2364 [SOCKET_EXEC_START_PRE] = "StartPre",
2365 [SOCKET_EXEC_START_POST] = "StartPost",
2366 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2367 [SOCKET_EXEC_STOP_POST] = "StopPost"
2368 };
2369
2370 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2371
2372 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2373 [SOCKET_SUCCESS] = "success",
2374 [SOCKET_FAILURE_RESOURCES] = "resources",
2375 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2376 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2377 [SOCKET_FAILURE_SIGNAL] = "signal",
2378 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2379 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2380 };
2381
2382 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2383
2384 const UnitVTable socket_vtable = {
2385 .object_size = sizeof(Socket),
2386 .exec_context_offset = offsetof(Socket, exec_context),
2387 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2388 .kill_context_offset = offsetof(Socket, kill_context),
2389 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2390
2391 .sections =
2392 "Unit\0"
2393 "Socket\0"
2394 "Install\0",
2395 .private_section = "Socket",
2396
2397 .init = socket_init,
2398 .done = socket_done,
2399 .load = socket_load,
2400
2401 .coldplug = socket_coldplug,
2402
2403 .dump = socket_dump,
2404
2405 .start = socket_start,
2406 .stop = socket_stop,
2407
2408 .kill = socket_kill,
2409
2410 .get_timeout = socket_get_timeout,
2411
2412 .serialize = socket_serialize,
2413 .deserialize_item = socket_deserialize_item,
2414 .distribute_fds = socket_distribute_fds,
2415
2416 .active_state = socket_active_state,
2417 .sub_state_to_string = socket_sub_state_to_string,
2418
2419 .check_gc = socket_check_gc,
2420
2421 .sigchld_event = socket_sigchld_event,
2422
2423 .trigger_notify = socket_trigger_notify,
2424
2425 .reset_failed = socket_reset_failed,
2426
2427 .bus_interface = "org.freedesktop.systemd1.Socket",
2428 .bus_vtable = bus_socket_vtable,
2429 .bus_set_property = bus_socket_set_property,
2430 .bus_commit_properties = bus_socket_commit_properties,
2431
2432 .status_message_formats = {
2433 /*.starting_stopping = {
2434 [0] = "Starting socket %s...",
2435 [1] = "Stopping socket %s...",
2436 },*/
2437 .finished_start_job = {
2438 [JOB_DONE] = "Listening on %s.",
2439 [JOB_FAILED] = "Failed to listen on %s.",
2440 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2441 [JOB_TIMEOUT] = "Timed out starting %s.",
2442 },
2443 .finished_stop_job = {
2444 [JOB_DONE] = "Closed %s.",
2445 [JOB_FAILED] = "Failed stopping %s.",
2446 [JOB_TIMEOUT] = "Timed out stopping %s.",
2447 },
2448 },
2449 };
Unnamed repository; edit this file 'description' to name the repository.