]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
units: for all unit settings that take lists, allow the empty string for resetting...
[thirdparty/systemd.git] / src / core / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <mqueue.h>
31 #ifdef HAVE_ATTR_XATTR_H
32 #include <attr/xattr.h>
33 #endif
34
35 #include "unit.h"
36 #include "socket.h"
37 #include "netinet/tcp.h"
38 #include "log.h"
39 #include "load-dropin.h"
40 #include "load-fragment.h"
41 #include "strv.h"
42 #include "mkdir.h"
43 #include "path-util.h"
44 #include "unit-name.h"
45 #include "unit-printf.h"
46 #include "dbus-socket.h"
47 #include "missing.h"
48 #include "special.h"
49 #include "bus-errors.h"
50 #include "label.h"
51 #include "exit-status.h"
52 #include "def.h"
53
54 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
55 [SOCKET_DEAD] = UNIT_INACTIVE,
56 [SOCKET_START_PRE] = UNIT_ACTIVATING,
57 [SOCKET_START_POST] = UNIT_ACTIVATING,
58 [SOCKET_LISTENING] = UNIT_ACTIVE,
59 [SOCKET_RUNNING] = UNIT_ACTIVE,
60 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
61 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
62 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
64 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
66 [SOCKET_FAILED] = UNIT_FAILED
67 };
68
69 static void socket_init(Unit *u) {
70 Socket *s = SOCKET(u);
71
72 assert(u);
73 assert(u->load_state == UNIT_STUB);
74
75 s->backlog = SOMAXCONN;
76 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
77 s->directory_mode = 0755;
78 s->socket_mode = 0666;
79
80 s->max_connections = 64;
81
82 s->priority = -1;
83 s->ip_tos = -1;
84 s->ip_ttl = -1;
85 s->mark = -1;
86
87 exec_context_init(&s->exec_context);
88 s->exec_context.std_output = u->manager->default_std_output;
89 s->exec_context.std_error = u->manager->default_std_error;
90 kill_context_init(&s->kill_context);
91
92 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
93 }
94
95 static void socket_unwatch_control_pid(Socket *s) {
96 assert(s);
97
98 if (s->control_pid <= 0)
99 return;
100
101 unit_unwatch_pid(UNIT(s), s->control_pid);
102 s->control_pid = 0;
103 }
104
105 void socket_free_ports(Socket *s) {
106 SocketPort *p;
107
108 assert(s);
109
110 while ((p = s->ports)) {
111 LIST_REMOVE(SocketPort, port, s->ports, p);
112
113 if (p->fd >= 0) {
114 unit_unwatch_fd(UNIT(s), &p->fd_watch);
115 close_nointr_nofail(p->fd);
116 }
117
118 free(p->path);
119 free(p);
120 }
121 }
122
123 static void socket_done(Unit *u) {
124 Socket *s = SOCKET(u);
125
126 assert(s);
127
128 socket_free_ports(s);
129
130 exec_context_done(&s->exec_context);
131 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
132 s->control_command = NULL;
133
134 socket_unwatch_control_pid(s);
135
136 unit_ref_unset(&s->service);
137
138 free(s->tcp_congestion);
139 s->tcp_congestion = NULL;
140
141 free(s->bind_to_device);
142 s->bind_to_device = NULL;
143
144 free(s->smack);
145 free(s->smack_ip_in);
146 free(s->smack_ip_out);
147
148 unit_unwatch_timer(u, &s->timer_watch);
149 }
150
151 static int socket_instantiate_service(Socket *s) {
152 char *prefix, *name;
153 int r;
154 Unit *u;
155
156 assert(s);
157
158 /* This fills in s->service if it isn't filled in yet. For
159 * Accept=yes sockets we create the next connection service
160 * here. For Accept=no this is mostly a NOP since the service
161 * is figured out at load time anyway. */
162
163 if (UNIT_DEREF(s->service))
164 return 0;
165
166 assert(s->accept);
167
168 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
169 return -ENOMEM;
170
171 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
172 free(prefix);
173
174 if (r < 0)
175 return -ENOMEM;
176
177 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
178 free(name);
179
180 if (r < 0)
181 return r;
182
183 #ifdef HAVE_SYSV_COMPAT
184 if (SERVICE(u)->is_sysv) {
185 log_error("Using SysV services for socket activation is not supported. Refusing.");
186 return -ENOENT;
187 }
188 #endif
189
190 u->no_gc = true;
191 unit_ref_set(&s->service, u);
192
193 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
194 }
195
196 static bool have_non_accept_socket(Socket *s) {
197 SocketPort *p;
198
199 assert(s);
200
201 if (!s->accept)
202 return true;
203
204 LIST_FOREACH(port, p, s->ports) {
205
206 if (p->type != SOCKET_SOCKET)
207 return true;
208
209 if (!socket_address_can_accept(&p->address))
210 return true;
211 }
212
213 return false;
214 }
215
216 static int socket_verify(Socket *s) {
217 assert(s);
218
219 if (UNIT(s)->load_state != UNIT_LOADED)
220 return 0;
221
222 if (!s->ports) {
223 log_error_unit(UNIT(s)->id,
224 "%s lacks Listen setting. Refusing.", UNIT(s)->id);
225 return -EINVAL;
226 }
227
228 if (s->accept && have_non_accept_socket(s)) {
229 log_error_unit(UNIT(s)->id,
230 "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
231 UNIT(s)->id);
232 return -EINVAL;
233 }
234
235 if (s->accept && s->max_connections <= 0) {
236 log_error_unit(UNIT(s)->id,
237 "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
238 return -EINVAL;
239 }
240
241 if (s->accept && UNIT_DEREF(s->service)) {
242 log_error_unit(UNIT(s)->id,
243 "Explicit service configuration for accepting sockets not supported on %s. Refusing.",
244 UNIT(s)->id);
245 return -EINVAL;
246 }
247
248 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
249 log_error_unit(UNIT(s)->id,
250 "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.",
251 UNIT(s)->id);
252 return -EINVAL;
253 }
254
255 return 0;
256 }
257
258 static bool socket_needs_mount(Socket *s, const char *prefix) {
259 SocketPort *p;
260
261 assert(s);
262
263 LIST_FOREACH(port, p, s->ports) {
264
265 if (p->type == SOCKET_SOCKET) {
266 if (socket_address_needs_mount(&p->address, prefix))
267 return true;
268 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
269 if (path_startswith(p->path, prefix))
270 return true;
271 }
272 }
273
274 return false;
275 }
276
277 int socket_add_one_mount_link(Socket *s, Mount *m) {
278 int r;
279
280 assert(s);
281 assert(m);
282
283 if (UNIT(s)->load_state != UNIT_LOADED ||
284 UNIT(m)->load_state != UNIT_LOADED)
285 return 0;
286
287 if (!socket_needs_mount(s, m->where))
288 return 0;
289
290 r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true);
291 if (r < 0)
292 return r;
293
294 return 0;
295 }
296
297 static int socket_add_mount_links(Socket *s) {
298 Unit *other;
299 int r;
300
301 assert(s);
302
303 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT]) {
304 r = socket_add_one_mount_link(s, MOUNT(other));
305 if (r < 0)
306 return r;
307 }
308
309 return 0;
310 }
311
312 static int socket_add_device_link(Socket *s) {
313 char *t;
314 int r;
315
316 assert(s);
317
318 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
319 return 0;
320
321 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
322 return -ENOMEM;
323
324 r = unit_add_node_link(UNIT(s), t, false);
325 free(t);
326
327 return r;
328 }
329
330 static int socket_add_default_dependencies(Socket *s) {
331 int r;
332 assert(s);
333
334 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
335 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
336 return r;
337
338 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
339 return r;
340 }
341
342 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
343 }
344
345 static bool socket_has_exec(Socket *s) {
346 unsigned i;
347 assert(s);
348
349 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
350 if (s->exec_command[i])
351 return true;
352
353 return false;
354 }
355
356 static int socket_load(Unit *u) {
357 Socket *s = SOCKET(u);
358 int r;
359
360 assert(u);
361 assert(u->load_state == UNIT_STUB);
362
363 if ((r = unit_load_fragment_and_dropin(u)) < 0)
364 return r;
365
366 /* This is a new unit? Then let's add in some extras */
367 if (u->load_state == UNIT_LOADED) {
368
369 if (have_non_accept_socket(s)) {
370
371 if (!UNIT_DEREF(s->service)) {
372 Unit *x;
373
374 r = unit_load_related_unit(u, ".service", &x);
375 if (r < 0)
376 return r;
377
378 unit_ref_set(&s->service, x);
379 }
380
381 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
382 if (r < 0)
383 return r;
384 }
385
386 if ((r = socket_add_mount_links(s)) < 0)
387 return r;
388
389 if ((r = socket_add_device_link(s)) < 0)
390 return r;
391
392 if (socket_has_exec(s))
393 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
394 return r;
395
396 if ((r = unit_add_default_cgroups(u)) < 0)
397 return r;
398
399 if (UNIT(s)->default_dependencies)
400 if ((r = socket_add_default_dependencies(s)) < 0)
401 return r;
402
403 r = unit_exec_context_defaults(u, &s->exec_context);
404 if (r < 0)
405 return r;
406 }
407
408 return socket_verify(s);
409 }
410
411 static const char* listen_lookup(int family, int type) {
412
413 if (family == AF_NETLINK)
414 return "ListenNetlink";
415
416 if (type == SOCK_STREAM)
417 return "ListenStream";
418 else if (type == SOCK_DGRAM)
419 return "ListenDatagram";
420 else if (type == SOCK_SEQPACKET)
421 return "ListenSequentialPacket";
422
423 assert_not_reached("Unknown socket type");
424 return NULL;
425 }
426
427 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
428
429 SocketExecCommand c;
430 Socket *s = SOCKET(u);
431 SocketPort *p;
432 const char *prefix2;
433 char *p2;
434
435 assert(s);
436 assert(f);
437
438 p2 = strappend(prefix, "\t");
439 prefix2 = p2 ? p2 : prefix;
440
441 fprintf(f,
442 "%sSocket State: %s\n"
443 "%sResult: %s\n"
444 "%sBindIPv6Only: %s\n"
445 "%sBacklog: %u\n"
446 "%sSocketMode: %04o\n"
447 "%sDirectoryMode: %04o\n"
448 "%sKeepAlive: %s\n"
449 "%sFreeBind: %s\n"
450 "%sTransparent: %s\n"
451 "%sBroadcast: %s\n"
452 "%sPassCredentials: %s\n"
453 "%sPassSecurity: %s\n"
454 "%sTCPCongestion: %s\n",
455 prefix, socket_state_to_string(s->state),
456 prefix, socket_result_to_string(s->result),
457 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
458 prefix, s->backlog,
459 prefix, s->socket_mode,
460 prefix, s->directory_mode,
461 prefix, yes_no(s->keep_alive),
462 prefix, yes_no(s->free_bind),
463 prefix, yes_no(s->transparent),
464 prefix, yes_no(s->broadcast),
465 prefix, yes_no(s->pass_cred),
466 prefix, yes_no(s->pass_sec),
467 prefix, strna(s->tcp_congestion));
468
469 if (s->control_pid > 0)
470 fprintf(f,
471 "%sControl PID: %lu\n",
472 prefix, (unsigned long) s->control_pid);
473
474 if (s->bind_to_device)
475 fprintf(f,
476 "%sBindToDevice: %s\n",
477 prefix, s->bind_to_device);
478
479 if (s->accept)
480 fprintf(f,
481 "%sAccepted: %u\n"
482 "%sNConnections: %u\n"
483 "%sMaxConnections: %u\n",
484 prefix, s->n_accepted,
485 prefix, s->n_connections,
486 prefix, s->max_connections);
487
488 if (s->priority >= 0)
489 fprintf(f,
490 "%sPriority: %i\n",
491 prefix, s->priority);
492
493 if (s->receive_buffer > 0)
494 fprintf(f,
495 "%sReceiveBuffer: %zu\n",
496 prefix, s->receive_buffer);
497
498 if (s->send_buffer > 0)
499 fprintf(f,
500 "%sSendBuffer: %zu\n",
501 prefix, s->send_buffer);
502
503 if (s->ip_tos >= 0)
504 fprintf(f,
505 "%sIPTOS: %i\n",
506 prefix, s->ip_tos);
507
508 if (s->ip_ttl >= 0)
509 fprintf(f,
510 "%sIPTTL: %i\n",
511 prefix, s->ip_ttl);
512
513 if (s->pipe_size > 0)
514 fprintf(f,
515 "%sPipeSize: %zu\n",
516 prefix, s->pipe_size);
517
518 if (s->mark >= 0)
519 fprintf(f,
520 "%sMark: %i\n",
521 prefix, s->mark);
522
523 if (s->mq_maxmsg > 0)
524 fprintf(f,
525 "%sMessageQueueMaxMessages: %li\n",
526 prefix, s->mq_maxmsg);
527
528 if (s->mq_msgsize > 0)
529 fprintf(f,
530 "%sMessageQueueMessageSize: %li\n",
531 prefix, s->mq_msgsize);
532
533 if (s->smack)
534 fprintf(f,
535 "%sSmackLabel: %s\n",
536 prefix, s->smack);
537
538 if (s->smack_ip_in)
539 fprintf(f,
540 "%sSmackLabelIPIn: %s\n",
541 prefix, s->smack_ip_in);
542
543 if (s->smack_ip_out)
544 fprintf(f,
545 "%sSmackLabelIPOut: %s\n",
546 prefix, s->smack_ip_out);
547
548 LIST_FOREACH(port, p, s->ports) {
549
550 if (p->type == SOCKET_SOCKET) {
551 const char *t;
552 int r;
553 char *k = NULL;
554
555 if ((r = socket_address_print(&p->address, &k)) < 0)
556 t = strerror(-r);
557 else
558 t = k;
559
560 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
561 free(k);
562 } else if (p->type == SOCKET_SPECIAL)
563 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
564 else if (p->type == SOCKET_MQUEUE)
565 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
566 else
567 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
568 }
569
570 exec_context_dump(&s->exec_context, f, prefix);
571 kill_context_dump(&s->kill_context, f, prefix);
572
573 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
574 if (!s->exec_command[c])
575 continue;
576
577 fprintf(f, "%s-> %s:\n",
578 prefix, socket_exec_command_to_string(c));
579
580 exec_command_dump_list(s->exec_command[c], f, prefix2);
581 }
582
583 free(p2);
584 }
585
586 static int instance_from_socket(int fd, unsigned nr, char **instance) {
587 socklen_t l;
588 char *r;
589 union {
590 struct sockaddr sa;
591 struct sockaddr_un un;
592 struct sockaddr_in in;
593 struct sockaddr_in6 in6;
594 struct sockaddr_storage storage;
595 } local, remote;
596
597 assert(fd >= 0);
598 assert(instance);
599
600 l = sizeof(local);
601 if (getsockname(fd, &local.sa, &l) < 0)
602 return -errno;
603
604 l = sizeof(remote);
605 if (getpeername(fd, &remote.sa, &l) < 0)
606 return -errno;
607
608 switch (local.sa.sa_family) {
609
610 case AF_INET: {
611 uint32_t
612 a = ntohl(local.in.sin_addr.s_addr),
613 b = ntohl(remote.in.sin_addr.s_addr);
614
615 if (asprintf(&r,
616 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
617 nr,
618 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
619 ntohs(local.in.sin_port),
620 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
621 ntohs(remote.in.sin_port)) < 0)
622 return -ENOMEM;
623
624 break;
625 }
626
627 case AF_INET6: {
628 static const unsigned char ipv4_prefix[] = {
629 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
630 };
631
632 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
633 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
634 const uint8_t
635 *a = local.in6.sin6_addr.s6_addr+12,
636 *b = remote.in6.sin6_addr.s6_addr+12;
637
638 if (asprintf(&r,
639 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
640 nr,
641 a[0], a[1], a[2], a[3],
642 ntohs(local.in6.sin6_port),
643 b[0], b[1], b[2], b[3],
644 ntohs(remote.in6.sin6_port)) < 0)
645 return -ENOMEM;
646 } else {
647 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
648
649 if (asprintf(&r,
650 "%u-%s:%u-%s:%u",
651 nr,
652 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
653 ntohs(local.in6.sin6_port),
654 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
655 ntohs(remote.in6.sin6_port)) < 0)
656 return -ENOMEM;
657 }
658
659 break;
660 }
661
662 case AF_UNIX: {
663 struct ucred ucred;
664
665 l = sizeof(ucred);
666 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
667 return -errno;
668
669 if (asprintf(&r,
670 "%u-%lu-%lu",
671 nr,
672 (unsigned long) ucred.pid,
673 (unsigned long) ucred.uid) < 0)
674 return -ENOMEM;
675
676 break;
677 }
678
679 default:
680 assert_not_reached("Unhandled socket type.");
681 }
682
683 *instance = r;
684 return 0;
685 }
686
687 static void socket_close_fds(Socket *s) {
688 SocketPort *p;
689
690 assert(s);
691
692 LIST_FOREACH(port, p, s->ports) {
693 if (p->fd < 0)
694 continue;
695
696 unit_unwatch_fd(UNIT(s), &p->fd_watch);
697 close_nointr_nofail(p->fd);
698
699 /* One little note: we should never delete any sockets
700 * in the file system here! After all some other
701 * process we spawned might still have a reference of
702 * this fd and wants to continue to use it. Therefore
703 * we delete sockets in the file system before we
704 * create a new one, not after we stopped using
705 * one! */
706
707 p->fd = -1;
708 }
709 }
710
711 static void socket_apply_socket_options(Socket *s, int fd) {
712 assert(s);
713 assert(fd >= 0);
714
715 if (s->keep_alive) {
716 int b = s->keep_alive;
717 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
718 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
719 }
720
721 if (s->broadcast) {
722 int one = 1;
723 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
724 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
725 }
726
727 if (s->pass_cred) {
728 int one = 1;
729 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
730 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
731 }
732
733 if (s->pass_sec) {
734 int one = 1;
735 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
736 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
737 }
738
739 if (s->priority >= 0)
740 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
741 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
742
743 if (s->receive_buffer > 0) {
744 int value = (int) s->receive_buffer;
745
746 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
747
748 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
749 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
750 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
751 }
752
753 if (s->send_buffer > 0) {
754 int value = (int) s->send_buffer;
755 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
756 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
757 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
758 }
759
760 if (s->mark >= 0)
761 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
762 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
763
764 if (s->ip_tos >= 0)
765 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
766 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
767
768 if (s->ip_ttl >= 0) {
769 int r, x;
770
771 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
772
773 if (socket_ipv6_is_supported())
774 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
775 else {
776 x = -1;
777 errno = EAFNOSUPPORT;
778 }
779
780 if (r < 0 && x < 0)
781 log_warning_unit(UNIT(s)->id,
782 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
783 }
784
785 if (s->tcp_congestion)
786 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
787 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
788
789 #ifdef HAVE_ATTR_XATTR_H
790 if (s->smack_ip_in)
791 if (fsetxattr(fd, "security.SMACK64IPIN", s->smack_ip_in, strlen(s->smack_ip_in), 0) < 0)
792 log_error_unit(UNIT(s)->id,
793 "fsetxattr(\"security.SMACK64IPIN\"): %m");
794
795 if (s->smack_ip_out)
796 if (fsetxattr(fd, "security.SMACK64IPOUT", s->smack_ip_out, strlen(s->smack_ip_out), 0) < 0)
797 log_error_unit(UNIT(s)->id,
798 "fsetxattr(\"security.SMACK64IPOUT\"): %m");
799 #endif
800 }
801
802 static void socket_apply_fifo_options(Socket *s, int fd) {
803 assert(s);
804 assert(fd >= 0);
805
806 if (s->pipe_size > 0)
807 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
808 log_warning_unit(UNIT(s)->id,
809 "F_SETPIPE_SZ: %m");
810
811 #ifdef HAVE_ATTR_XATTR_H
812 if (s->smack)
813 if (fsetxattr(fd, "security.SMACK64", s->smack, strlen(s->smack), 0) < 0)
814 log_error_unit(UNIT(s)->id,
815 "fsetxattr(\"security.SMACK64\"): %m");
816 #endif
817 }
818
819 static int fifo_address_create(
820 const char *path,
821 mode_t directory_mode,
822 mode_t socket_mode,
823 int *_fd) {
824
825 int fd = -1, r = 0;
826 struct stat st;
827 mode_t old_mask;
828
829 assert(path);
830 assert(_fd);
831
832 mkdir_parents_label(path, directory_mode);
833
834 r = label_context_set(path, S_IFIFO);
835 if (r < 0)
836 goto fail;
837
838 /* Enforce the right access mode for the fifo */
839 old_mask = umask(~ socket_mode);
840
841 /* Include the original umask in our mask */
842 umask(~socket_mode | old_mask);
843
844 r = mkfifo(path, socket_mode);
845 umask(old_mask);
846
847 if (r < 0 && errno != EEXIST) {
848 r = -errno;
849 goto fail;
850 }
851
852 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
853 r = -errno;
854 goto fail;
855 }
856
857 label_context_clear();
858
859 if (fstat(fd, &st) < 0) {
860 r = -errno;
861 goto fail;
862 }
863
864 if (!S_ISFIFO(st.st_mode) ||
865 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
866 st.st_uid != getuid() ||
867 st.st_gid != getgid()) {
868
869 r = -EEXIST;
870 goto fail;
871 }
872
873 *_fd = fd;
874 return 0;
875
876 fail:
877 label_context_clear();
878
879 if (fd >= 0)
880 close_nointr_nofail(fd);
881
882 return r;
883 }
884
885 static int special_address_create(
886 const char *path,
887 int *_fd) {
888
889 int fd = -1, r = 0;
890 struct stat st;
891
892 assert(path);
893 assert(_fd);
894
895 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
896 r = -errno;
897 goto fail;
898 }
899
900 if (fstat(fd, &st) < 0) {
901 r = -errno;
902 goto fail;
903 }
904
905 /* Check whether this is a /proc, /sys or /dev file or char device */
906 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
907 r = -EEXIST;
908 goto fail;
909 }
910
911 *_fd = fd;
912 return 0;
913
914 fail:
915 if (fd >= 0)
916 close_nointr_nofail(fd);
917
918 return r;
919 }
920
921 static int mq_address_create(
922 const char *path,
923 mode_t mq_mode,
924 long maxmsg,
925 long msgsize,
926 int *_fd) {
927
928 int fd = -1, r = 0;
929 struct stat st;
930 mode_t old_mask;
931 struct mq_attr _attr, *attr = NULL;
932
933 assert(path);
934 assert(_fd);
935
936 if (maxmsg > 0 && msgsize > 0) {
937 zero(_attr);
938 _attr.mq_flags = O_NONBLOCK;
939 _attr.mq_maxmsg = maxmsg;
940 _attr.mq_msgsize = msgsize;
941 attr = &_attr;
942 }
943
944 /* Enforce the right access mode for the mq */
945 old_mask = umask(~ mq_mode);
946
947 /* Include the original umask in our mask */
948 umask(~mq_mode | old_mask);
949
950 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
951 umask(old_mask);
952
953 if (fd < 0) {
954 r = -errno;
955 goto fail;
956 }
957
958 if (fstat(fd, &st) < 0) {
959 r = -errno;
960 goto fail;
961 }
962
963 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
964 st.st_uid != getuid() ||
965 st.st_gid != getgid()) {
966
967 r = -EEXIST;
968 goto fail;
969 }
970
971 *_fd = fd;
972 return 0;
973
974 fail:
975 if (fd >= 0)
976 close_nointr_nofail(fd);
977
978 return r;
979 }
980
981 static int socket_open_fds(Socket *s) {
982 SocketPort *p;
983 int r;
984 char *label = NULL;
985 bool know_label = false;
986
987 assert(s);
988
989 LIST_FOREACH(port, p, s->ports) {
990
991 if (p->fd >= 0)
992 continue;
993
994 if (p->type == SOCKET_SOCKET) {
995
996 if (!know_label) {
997
998 if ((r = socket_instantiate_service(s)) < 0)
999 return r;
1000
1001 if (UNIT_DEREF(s->service) &&
1002 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1003 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1004
1005 if (r < 0) {
1006 if (r != -EPERM)
1007 return r;
1008 }
1009 }
1010
1011 know_label = true;
1012 }
1013
1014 if ((r = socket_address_listen(
1015 &p->address,
1016 s->backlog,
1017 s->bind_ipv6_only,
1018 s->bind_to_device,
1019 s->free_bind,
1020 s->transparent,
1021 s->directory_mode,
1022 s->socket_mode,
1023 label,
1024 &p->fd)) < 0)
1025 goto rollback;
1026
1027 socket_apply_socket_options(s, p->fd);
1028
1029 } else if (p->type == SOCKET_SPECIAL) {
1030
1031 if ((r = special_address_create(
1032 p->path,
1033 &p->fd)) < 0)
1034 goto rollback;
1035
1036 } else if (p->type == SOCKET_FIFO) {
1037
1038 if ((r = fifo_address_create(
1039 p->path,
1040 s->directory_mode,
1041 s->socket_mode,
1042 &p->fd)) < 0)
1043 goto rollback;
1044
1045 socket_apply_fifo_options(s, p->fd);
1046 } else if (p->type == SOCKET_MQUEUE) {
1047
1048 if ((r = mq_address_create(
1049 p->path,
1050 s->socket_mode,
1051 s->mq_maxmsg,
1052 s->mq_msgsize,
1053 &p->fd)) < 0)
1054 goto rollback;
1055 } else
1056 assert_not_reached("Unknown port type");
1057 }
1058
1059 label_free(label);
1060 return 0;
1061
1062 rollback:
1063 socket_close_fds(s);
1064 label_free(label);
1065 return r;
1066 }
1067
1068 static void socket_unwatch_fds(Socket *s) {
1069 SocketPort *p;
1070
1071 assert(s);
1072
1073 LIST_FOREACH(port, p, s->ports) {
1074 if (p->fd < 0)
1075 continue;
1076
1077 unit_unwatch_fd(UNIT(s), &p->fd_watch);
1078 }
1079 }
1080
1081 static int socket_watch_fds(Socket *s) {
1082 SocketPort *p;
1083 int r;
1084
1085 assert(s);
1086
1087 LIST_FOREACH(port, p, s->ports) {
1088 if (p->fd < 0)
1089 continue;
1090
1091 p->fd_watch.socket_accept =
1092 s->accept &&
1093 p->type == SOCKET_SOCKET &&
1094 socket_address_can_accept(&p->address);
1095
1096 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
1097 goto fail;
1098 }
1099
1100 return 0;
1101
1102 fail:
1103 socket_unwatch_fds(s);
1104 return r;
1105 }
1106
1107 static void socket_set_state(Socket *s, SocketState state) {
1108 SocketState old_state;
1109 assert(s);
1110
1111 old_state = s->state;
1112 s->state = state;
1113
1114 if (state != SOCKET_START_PRE &&
1115 state != SOCKET_START_POST &&
1116 state != SOCKET_STOP_PRE &&
1117 state != SOCKET_STOP_PRE_SIGTERM &&
1118 state != SOCKET_STOP_PRE_SIGKILL &&
1119 state != SOCKET_STOP_POST &&
1120 state != SOCKET_FINAL_SIGTERM &&
1121 state != SOCKET_FINAL_SIGKILL) {
1122 unit_unwatch_timer(UNIT(s), &s->timer_watch);
1123 socket_unwatch_control_pid(s);
1124 s->control_command = NULL;
1125 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1126 }
1127
1128 if (state != SOCKET_LISTENING)
1129 socket_unwatch_fds(s);
1130
1131 if (state != SOCKET_START_POST &&
1132 state != SOCKET_LISTENING &&
1133 state != SOCKET_RUNNING &&
1134 state != SOCKET_STOP_PRE &&
1135 state != SOCKET_STOP_PRE_SIGTERM &&
1136 state != SOCKET_STOP_PRE_SIGKILL)
1137 socket_close_fds(s);
1138
1139 if (state != old_state)
1140 log_debug_unit(UNIT(s)->id,
1141 "%s changed %s -> %s", UNIT(s)->id,
1142 socket_state_to_string(old_state),
1143 socket_state_to_string(state));
1144
1145 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1146 }
1147
1148 static int socket_coldplug(Unit *u) {
1149 Socket *s = SOCKET(u);
1150 int r;
1151
1152 assert(s);
1153 assert(s->state == SOCKET_DEAD);
1154
1155 if (s->deserialized_state != s->state) {
1156
1157 if (s->deserialized_state == SOCKET_START_PRE ||
1158 s->deserialized_state == SOCKET_START_POST ||
1159 s->deserialized_state == SOCKET_STOP_PRE ||
1160 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1161 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1162 s->deserialized_state == SOCKET_STOP_POST ||
1163 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1164 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1165
1166 if (s->control_pid <= 0)
1167 return -EBADMSG;
1168
1169 r = unit_watch_pid(UNIT(s), s->control_pid);
1170 if (r < 0)
1171 return r;
1172
1173 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1174 if (r < 0)
1175 return r;
1176 }
1177
1178 if (s->deserialized_state == SOCKET_START_POST ||
1179 s->deserialized_state == SOCKET_LISTENING ||
1180 s->deserialized_state == SOCKET_RUNNING ||
1181 s->deserialized_state == SOCKET_STOP_PRE ||
1182 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1183 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1184 if ((r = socket_open_fds(s)) < 0)
1185 return r;
1186
1187 if (s->deserialized_state == SOCKET_LISTENING)
1188 if ((r = socket_watch_fds(s)) < 0)
1189 return r;
1190
1191 socket_set_state(s, s->deserialized_state);
1192 }
1193
1194 return 0;
1195 }
1196
1197 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1198 pid_t pid;
1199 int r;
1200 char **argv;
1201
1202 assert(s);
1203 assert(c);
1204 assert(_pid);
1205
1206 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1207 if (r < 0)
1208 goto fail;
1209
1210 argv = unit_full_printf_strv(UNIT(s), c->argv);
1211 if (!argv) {
1212 r = -ENOMEM;
1213 goto fail;
1214 }
1215
1216 r = exec_spawn(c,
1217 argv,
1218 &s->exec_context,
1219 NULL, 0,
1220 UNIT(s)->manager->environment,
1221 true,
1222 true,
1223 true,
1224 UNIT(s)->manager->confirm_spawn,
1225 UNIT(s)->cgroup_bondings,
1226 UNIT(s)->cgroup_attributes,
1227 NULL,
1228 UNIT(s)->id,
1229 NULL,
1230 &pid);
1231
1232 strv_free(argv);
1233 if (r < 0)
1234 goto fail;
1235
1236 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
1237 /* FIXME: we need to do something here */
1238 goto fail;
1239
1240 *_pid = pid;
1241
1242 return 0;
1243
1244 fail:
1245 unit_unwatch_timer(UNIT(s), &s->timer_watch);
1246
1247 return r;
1248 }
1249
1250 static void socket_enter_dead(Socket *s, SocketResult f) {
1251 assert(s);
1252
1253 if (f != SOCKET_SUCCESS)
1254 s->result = f;
1255
1256 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1257 }
1258
1259 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1260
1261 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1262 int r;
1263 assert(s);
1264
1265 if (f != SOCKET_SUCCESS)
1266 s->result = f;
1267
1268 socket_unwatch_control_pid(s);
1269
1270 s->control_command_id = SOCKET_EXEC_STOP_POST;
1271
1272 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1273 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1274 goto fail;
1275
1276 socket_set_state(s, SOCKET_STOP_POST);
1277 } else
1278 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1279
1280 return;
1281
1282 fail:
1283 log_warning_unit(UNIT(s)->id,
1284 "%s failed to run 'stop-post' task: %s",
1285 UNIT(s)->id, strerror(-r));
1286 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1287 }
1288
1289 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1290 int r;
1291 Set *pid_set = NULL;
1292 bool wait_for_exit = false;
1293
1294 assert(s);
1295
1296 if (f != SOCKET_SUCCESS)
1297 s->result = f;
1298
1299 if (s->kill_context.kill_mode != KILL_NONE) {
1300 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->kill_context.kill_signal : SIGKILL;
1301
1302 if (s->control_pid > 0) {
1303 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
1304
1305 log_warning_unit(UNIT(s)->id,
1306 "Failed to kill control process %li: %m",
1307 (long) s->control_pid);
1308 else
1309 wait_for_exit = true;
1310 }
1311
1312 if (s->kill_context.kill_mode == KILL_CONTROL_GROUP) {
1313
1314 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1315 r = -ENOMEM;
1316 goto fail;
1317 }
1318
1319 /* Exclude the control pid from being killed via the cgroup */
1320 if (s->control_pid > 0)
1321 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1322 goto fail;
1323
1324 r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, false, pid_set, NULL);
1325 if (r < 0) {
1326 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1327 log_warning_unit(UNIT(s)->id,
1328 "Failed to kill control group: %s",
1329 strerror(-r));
1330 } else if (r > 0)
1331 wait_for_exit = true;
1332
1333 set_free(pid_set);
1334 pid_set = NULL;
1335 }
1336 }
1337
1338 if (wait_for_exit) {
1339 r = unit_watch_timer(UNIT(s), CLOCK_MONOTONIC, true, s->timeout_usec, &s->timer_watch);
1340 if (r < 0)
1341 goto fail;
1342
1343 socket_set_state(s, state);
1344 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1345 socket_enter_stop_post(s, SOCKET_SUCCESS);
1346 else
1347 socket_enter_dead(s, SOCKET_SUCCESS);
1348
1349 return;
1350
1351 fail:
1352 log_warning_unit(UNIT(s)->id,
1353 "%s failed to kill processes: %s",
1354 UNIT(s)->id, strerror(-r));
1355
1356 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1357 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1358 else
1359 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1360
1361 if (pid_set)
1362 set_free(pid_set);
1363 }
1364
1365 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1366 int r;
1367 assert(s);
1368
1369 if (f != SOCKET_SUCCESS)
1370 s->result = f;
1371
1372 socket_unwatch_control_pid(s);
1373
1374 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1375
1376 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1377 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1378 goto fail;
1379
1380 socket_set_state(s, SOCKET_STOP_PRE);
1381 } else
1382 socket_enter_stop_post(s, SOCKET_SUCCESS);
1383
1384 return;
1385
1386 fail:
1387 log_warning_unit(UNIT(s)->id,
1388 "%s failed to run 'stop-pre' task: %s",
1389 UNIT(s)->id, strerror(-r));
1390 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1391 }
1392
1393 static void socket_enter_listening(Socket *s) {
1394 int r;
1395 assert(s);
1396
1397 r = socket_watch_fds(s);
1398 if (r < 0) {
1399 log_warning_unit(UNIT(s)->id,
1400 "%s failed to watch sockets: %s",
1401 UNIT(s)->id, strerror(-r));
1402 goto fail;
1403 }
1404
1405 socket_set_state(s, SOCKET_LISTENING);
1406 return;
1407
1408 fail:
1409 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1410 }
1411
1412 static void socket_enter_start_post(Socket *s) {
1413 int r;
1414 assert(s);
1415
1416 r = socket_open_fds(s);
1417 if (r < 0) {
1418 log_warning_unit(UNIT(s)->id,
1419 "%s failed to listen on sockets: %s",
1420 UNIT(s)->id, strerror(-r));
1421 goto fail;
1422 }
1423
1424 socket_unwatch_control_pid(s);
1425
1426 s->control_command_id = SOCKET_EXEC_START_POST;
1427
1428 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1429 r = socket_spawn(s, s->control_command, &s->control_pid);
1430 if (r < 0) {
1431 log_warning_unit(UNIT(s)->id,
1432 "%s failed to run 'start-post' task: %s",
1433 UNIT(s)->id, strerror(-r));
1434 goto fail;
1435 }
1436
1437 socket_set_state(s, SOCKET_START_POST);
1438 } else
1439 socket_enter_listening(s);
1440
1441 return;
1442
1443 fail:
1444 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1445 }
1446
1447 static void socket_enter_start_pre(Socket *s) {
1448 int r;
1449 assert(s);
1450
1451 socket_unwatch_control_pid(s);
1452
1453 s->control_command_id = SOCKET_EXEC_START_PRE;
1454
1455 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1456 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1457 goto fail;
1458
1459 socket_set_state(s, SOCKET_START_PRE);
1460 } else
1461 socket_enter_start_post(s);
1462
1463 return;
1464
1465 fail:
1466 log_warning_unit(UNIT(s)->id,
1467 "%s failed to run 'start-pre' task: %s",
1468 UNIT(s)->id, strerror(-r));
1469 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1470 }
1471
1472 static void socket_enter_running(Socket *s, int cfd) {
1473 int r;
1474 DBusError error;
1475
1476 assert(s);
1477 dbus_error_init(&error);
1478
1479 /* We don't take connections anymore if we are supposed to
1480 * shut down anyway */
1481 if (unit_pending_inactive(UNIT(s))) {
1482 log_debug_unit(UNIT(s)->id,
1483 "Suppressing connection request on %s since unit stop is scheduled.",
1484 UNIT(s)->id);
1485
1486 if (cfd >= 0)
1487 close_nointr_nofail(cfd);
1488 else {
1489 /* Flush all sockets by closing and reopening them */
1490 socket_close_fds(s);
1491
1492 r = socket_watch_fds(s);
1493 if (r < 0) {
1494 log_warning_unit(UNIT(s)->id,
1495 "%s failed to watch sockets: %s",
1496 UNIT(s)->id, strerror(-r));
1497 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1498 }
1499 }
1500
1501 return;
1502 }
1503
1504 if (cfd < 0) {
1505 Iterator i;
1506 Unit *u;
1507 bool pending = false;
1508
1509 /* If there's already a start pending don't bother to
1510 * do anything */
1511 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1512 if (unit_pending_active(u)) {
1513 pending = true;
1514 break;
1515 }
1516
1517 if (!pending) {
1518 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1519 if (r < 0)
1520 goto fail;
1521 }
1522
1523 socket_set_state(s, SOCKET_RUNNING);
1524 } else {
1525 char *prefix, *instance = NULL, *name;
1526 Service *service;
1527
1528 if (s->n_connections >= s->max_connections) {
1529 log_warning_unit(UNIT(s)->id,
1530 "%s: Too many incoming connections (%u)",
1531 UNIT(s)->id, s->n_connections);
1532 close_nointr_nofail(cfd);
1533 return;
1534 }
1535
1536 r = socket_instantiate_service(s);
1537 if (r < 0)
1538 goto fail;
1539
1540 r = instance_from_socket(cfd, s->n_accepted, &instance);
1541 if (r < 0) {
1542 if (r != -ENOTCONN)
1543 goto fail;
1544
1545 /* ENOTCONN is legitimate if TCP RST was received.
1546 * This connection is over, but the socket unit lives on. */
1547 close_nointr_nofail(cfd);
1548 return;
1549 }
1550
1551 prefix = unit_name_to_prefix(UNIT(s)->id);
1552 if (!prefix) {
1553 free(instance);
1554 r = -ENOMEM;
1555 goto fail;
1556 }
1557
1558 name = unit_name_build(prefix, instance, ".service");
1559 free(prefix);
1560 free(instance);
1561
1562 if (!name) {
1563 r = -ENOMEM;
1564 goto fail;
1565 }
1566
1567 r = unit_add_name(UNIT_DEREF(s->service), name);
1568 if (r < 0) {
1569 free(name);
1570 goto fail;
1571 }
1572
1573 service = SERVICE(UNIT_DEREF(s->service));
1574 unit_ref_unset(&s->service);
1575 s->n_accepted ++;
1576
1577 UNIT(service)->no_gc = false;
1578
1579 unit_choose_id(UNIT(service), name);
1580 free(name);
1581
1582 r = service_set_socket_fd(service, cfd, s);
1583 if (r < 0)
1584 goto fail;
1585
1586 cfd = -1;
1587 s->n_connections ++;
1588
1589 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1590 if (r < 0)
1591 goto fail;
1592
1593 /* Notify clients about changed counters */
1594 unit_add_to_dbus_queue(UNIT(s));
1595 }
1596
1597 return;
1598
1599 fail:
1600 log_warning_unit(UNIT(s)->id,
1601 "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1602 UNIT(s)->id,
1603 cfd >= 0 ? "template" : "non-template",
1604 bus_error(&error, r));
1605 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1606
1607 if (cfd >= 0)
1608 close_nointr_nofail(cfd);
1609
1610 dbus_error_free(&error);
1611 }
1612
1613 static void socket_run_next(Socket *s) {
1614 int r;
1615
1616 assert(s);
1617 assert(s->control_command);
1618 assert(s->control_command->command_next);
1619
1620 socket_unwatch_control_pid(s);
1621
1622 s->control_command = s->control_command->command_next;
1623
1624 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1625 goto fail;
1626
1627 return;
1628
1629 fail:
1630 log_warning_unit(UNIT(s)->id,
1631 "%s failed to run next task: %s",
1632 UNIT(s)->id, strerror(-r));
1633
1634 if (s->state == SOCKET_START_POST)
1635 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1636 else if (s->state == SOCKET_STOP_POST)
1637 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1638 else
1639 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1640 }
1641
1642 static int socket_start(Unit *u) {
1643 Socket *s = SOCKET(u);
1644
1645 assert(s);
1646
1647 /* We cannot fulfill this request right now, try again later
1648 * please! */
1649 if (s->state == SOCKET_STOP_PRE ||
1650 s->state == SOCKET_STOP_PRE_SIGKILL ||
1651 s->state == SOCKET_STOP_PRE_SIGTERM ||
1652 s->state == SOCKET_STOP_POST ||
1653 s->state == SOCKET_FINAL_SIGTERM ||
1654 s->state == SOCKET_FINAL_SIGKILL)
1655 return -EAGAIN;
1656
1657 if (s->state == SOCKET_START_PRE ||
1658 s->state == SOCKET_START_POST)
1659 return 0;
1660
1661 /* Cannot run this without the service being around */
1662 if (UNIT_DEREF(s->service)) {
1663 Service *service;
1664
1665 service = SERVICE(UNIT_DEREF(s->service));
1666
1667 if (UNIT(service)->load_state != UNIT_LOADED) {
1668 log_error_unit(UNIT(service)->id,
1669 "Socket service %s not loaded, refusing.",
1670 UNIT(service)->id);
1671 return -ENOENT;
1672 }
1673
1674 /* If the service is already active we cannot start the
1675 * socket */
1676 if (service->state != SERVICE_DEAD &&
1677 service->state != SERVICE_FAILED &&
1678 service->state != SERVICE_AUTO_RESTART) {
1679 log_error_unit(UNIT(service)->id,
1680 "Socket service %s already active, refusing.",
1681 UNIT(service)->id);
1682 return -EBUSY;
1683 }
1684
1685 #ifdef HAVE_SYSV_COMPAT
1686 if (service->is_sysv) {
1687 log_error_unit(UNIT(s)->id,
1688 "Using SysV services for socket activation is not supported. Refusing.");
1689 return -ENOENT;
1690 }
1691 #endif
1692 }
1693
1694 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1695
1696 s->result = SOCKET_SUCCESS;
1697 socket_enter_start_pre(s);
1698 return 0;
1699 }
1700
1701 static int socket_stop(Unit *u) {
1702 Socket *s = SOCKET(u);
1703
1704 assert(s);
1705
1706 /* Already on it */
1707 if (s->state == SOCKET_STOP_PRE ||
1708 s->state == SOCKET_STOP_PRE_SIGTERM ||
1709 s->state == SOCKET_STOP_PRE_SIGKILL ||
1710 s->state == SOCKET_STOP_POST ||
1711 s->state == SOCKET_FINAL_SIGTERM ||
1712 s->state == SOCKET_FINAL_SIGKILL)
1713 return 0;
1714
1715 /* If there's already something running we go directly into
1716 * kill mode. */
1717 if (s->state == SOCKET_START_PRE ||
1718 s->state == SOCKET_START_POST) {
1719 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1720 return -EAGAIN;
1721 }
1722
1723 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1724
1725 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1726 return 0;
1727 }
1728
1729 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1730 Socket *s = SOCKET(u);
1731 SocketPort *p;
1732 int r;
1733
1734 assert(u);
1735 assert(f);
1736 assert(fds);
1737
1738 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1739 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1740 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1741
1742 if (s->control_pid > 0)
1743 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1744
1745 if (s->control_command_id >= 0)
1746 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1747
1748 LIST_FOREACH(port, p, s->ports) {
1749 int copy;
1750
1751 if (p->fd < 0)
1752 continue;
1753
1754 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1755 return copy;
1756
1757 if (p->type == SOCKET_SOCKET) {
1758 char *t;
1759
1760 r = socket_address_print(&p->address, &t);
1761 if (r < 0)
1762 return r;
1763
1764 if (socket_address_family(&p->address) == AF_NETLINK)
1765 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1766 else
1767 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1768 free(t);
1769 } else if (p->type == SOCKET_SPECIAL)
1770 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1771 else if (p->type == SOCKET_MQUEUE)
1772 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1773 else {
1774 assert(p->type == SOCKET_FIFO);
1775 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1776 }
1777 }
1778
1779 return 0;
1780 }
1781
1782 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1783 Socket *s = SOCKET(u);
1784
1785 assert(u);
1786 assert(key);
1787 assert(value);
1788 assert(fds);
1789
1790 if (streq(key, "state")) {
1791 SocketState state;
1792
1793 state = socket_state_from_string(value);
1794 if (state < 0)
1795 log_debug_unit(u->id,
1796 "Failed to parse state value %s", value);
1797 else
1798 s->deserialized_state = state;
1799 } else if (streq(key, "result")) {
1800 SocketResult f;
1801
1802 f = socket_result_from_string(value);
1803 if (f < 0)
1804 log_debug_unit(u->id,
1805 "Failed to parse result value %s", value);
1806 else if (f != SOCKET_SUCCESS)
1807 s->result = f;
1808
1809 } else if (streq(key, "n-accepted")) {
1810 unsigned k;
1811
1812 if (safe_atou(value, &k) < 0)
1813 log_debug_unit(u->id,
1814 "Failed to parse n-accepted value %s", value);
1815 else
1816 s->n_accepted += k;
1817 } else if (streq(key, "control-pid")) {
1818 pid_t pid;
1819
1820 if (parse_pid(value, &pid) < 0)
1821 log_debug_unit(u->id,
1822 "Failed to parse control-pid value %s", value);
1823 else
1824 s->control_pid = pid;
1825 } else if (streq(key, "control-command")) {
1826 SocketExecCommand id;
1827
1828 id = socket_exec_command_from_string(value);
1829 if (id < 0)
1830 log_debug_unit(u->id,
1831 "Failed to parse exec-command value %s", value);
1832 else {
1833 s->control_command_id = id;
1834 s->control_command = s->exec_command[id];
1835 }
1836 } else if (streq(key, "fifo")) {
1837 int fd, skip = 0;
1838 SocketPort *p;
1839
1840 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1841 log_debug_unit(u->id,
1842 "Failed to parse fifo value %s", value);
1843 else {
1844
1845 LIST_FOREACH(port, p, s->ports)
1846 if (p->type == SOCKET_FIFO &&
1847 streq_ptr(p->path, value+skip))
1848 break;
1849
1850 if (p) {
1851 if (p->fd >= 0)
1852 close_nointr_nofail(p->fd);
1853 p->fd = fdset_remove(fds, fd);
1854 }
1855 }
1856
1857 } else if (streq(key, "special")) {
1858 int fd, skip = 0;
1859 SocketPort *p;
1860
1861 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1862 log_debug_unit(u->id,
1863 "Failed to parse special value %s", value);
1864 else {
1865
1866 LIST_FOREACH(port, p, s->ports)
1867 if (p->type == SOCKET_SPECIAL &&
1868 streq_ptr(p->path, value+skip))
1869 break;
1870
1871 if (p) {
1872 if (p->fd >= 0)
1873 close_nointr_nofail(p->fd);
1874 p->fd = fdset_remove(fds, fd);
1875 }
1876 }
1877
1878 } else if (streq(key, "mqueue")) {
1879 int fd, skip = 0;
1880 SocketPort *p;
1881
1882 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1883 log_debug_unit(u->id,
1884 "Failed to parse mqueue value %s", value);
1885 else {
1886
1887 LIST_FOREACH(port, p, s->ports)
1888 if (p->type == SOCKET_MQUEUE &&
1889 streq_ptr(p->path, value+skip))
1890 break;
1891
1892 if (p) {
1893 if (p->fd >= 0)
1894 close_nointr_nofail(p->fd);
1895 p->fd = fdset_remove(fds, fd);
1896 }
1897 }
1898
1899 } else if (streq(key, "socket")) {
1900 int fd, type, skip = 0;
1901 SocketPort *p;
1902
1903 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1904 log_debug_unit(u->id,
1905 "Failed to parse socket value %s", value);
1906 else {
1907
1908 LIST_FOREACH(port, p, s->ports)
1909 if (socket_address_is(&p->address, value+skip, type))
1910 break;
1911
1912 if (p) {
1913 if (p->fd >= 0)
1914 close_nointr_nofail(p->fd);
1915 p->fd = fdset_remove(fds, fd);
1916 }
1917 }
1918
1919 } else if (streq(key, "netlink")) {
1920 int fd, skip = 0;
1921 SocketPort *p;
1922
1923 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1924 log_debug_unit(u->id,
1925 "Failed to parse socket value %s", value);
1926 else {
1927
1928 LIST_FOREACH(port, p, s->ports)
1929 if (socket_address_is_netlink(&p->address, value+skip))
1930 break;
1931
1932 if (p) {
1933 if (p->fd >= 0)
1934 close_nointr_nofail(p->fd);
1935 p->fd = fdset_remove(fds, fd);
1936 }
1937 }
1938
1939 } else
1940 log_debug_unit(UNIT(s)->id,
1941 "Unknown serialization key '%s'", key);
1942
1943 return 0;
1944 }
1945
1946 static int socket_distribute_fds(Unit *u, FDSet *fds) {
1947 Socket *s = SOCKET(u);
1948 SocketPort *p;
1949
1950 assert(u);
1951
1952 LIST_FOREACH(port, p, s->ports) {
1953 Iterator i;
1954 int fd;
1955
1956 if (p->type != SOCKET_SOCKET)
1957 continue;
1958
1959 if (p->fd >= 0)
1960 continue;
1961
1962 FDSET_FOREACH(fd, fds, i) {
1963 if (socket_address_matches_fd(&p->address, fd)) {
1964 p->fd = fdset_remove(fds, fd);
1965 s->deserialized_state = SOCKET_LISTENING;
1966 break;
1967 }
1968 }
1969 }
1970
1971 return 0;
1972 }
1973
1974 static UnitActiveState socket_active_state(Unit *u) {
1975 assert(u);
1976
1977 return state_translation_table[SOCKET(u)->state];
1978 }
1979
1980 static const char *socket_sub_state_to_string(Unit *u) {
1981 assert(u);
1982
1983 return socket_state_to_string(SOCKET(u)->state);
1984 }
1985
1986 static bool socket_check_gc(Unit *u) {
1987 Socket *s = SOCKET(u);
1988
1989 assert(u);
1990
1991 return s->n_connections > 0;
1992 }
1993
1994 static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
1995 Socket *s = SOCKET(u);
1996 int cfd = -1;
1997
1998 assert(s);
1999 assert(fd >= 0);
2000
2001 if (s->state != SOCKET_LISTENING)
2002 return;
2003
2004 log_debug_unit(u->id, "Incoming traffic on %s", u->id);
2005
2006 if (events != EPOLLIN) {
2007
2008 if (events & EPOLLHUP)
2009 log_error_unit(u->id,
2010 "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2011 u->id);
2012 else
2013 log_error_unit(u->id,
2014 "%s: Got unexpected poll event (0x%x) on socket.",
2015 u->id, events);
2016
2017 goto fail;
2018 }
2019
2020 if (w->socket_accept) {
2021 for (;;) {
2022
2023 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2024 if (cfd < 0) {
2025
2026 if (errno == EINTR)
2027 continue;
2028
2029 log_error_unit(u->id,
2030 "Failed to accept socket: %m");
2031 goto fail;
2032 }
2033
2034 break;
2035 }
2036
2037 socket_apply_socket_options(s, cfd);
2038 }
2039
2040 socket_enter_running(s, cfd);
2041 return;
2042
2043 fail:
2044 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
2045 }
2046
2047 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2048 Socket *s = SOCKET(u);
2049 SocketResult f;
2050
2051 assert(s);
2052 assert(pid >= 0);
2053
2054 if (pid != s->control_pid)
2055 return;
2056
2057 s->control_pid = 0;
2058
2059 if (is_clean_exit(code, status, NULL))
2060 f = SOCKET_SUCCESS;
2061 else if (code == CLD_EXITED)
2062 f = SOCKET_FAILURE_EXIT_CODE;
2063 else if (code == CLD_KILLED)
2064 f = SOCKET_FAILURE_SIGNAL;
2065 else if (code == CLD_DUMPED)
2066 f = SOCKET_FAILURE_CORE_DUMP;
2067 else
2068 assert_not_reached("Unknown code");
2069
2070 if (s->control_command) {
2071 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2072
2073 if (s->control_command->ignore)
2074 f = SOCKET_SUCCESS;
2075 }
2076
2077 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2078 u->id,
2079 "%s control process exited, code=%s status=%i",
2080 u->id, sigchld_code_to_string(code), status);
2081
2082 if (f != SOCKET_SUCCESS)
2083 s->result = f;
2084
2085 if (s->control_command &&
2086 s->control_command->command_next &&
2087 f == SOCKET_SUCCESS) {
2088
2089 log_debug_unit(u->id,
2090 "%s running next command for state %s",
2091 u->id, socket_state_to_string(s->state));
2092 socket_run_next(s);
2093 } else {
2094 s->control_command = NULL;
2095 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2096
2097 /* No further commands for this step, so let's figure
2098 * out what to do next */
2099
2100 log_debug_unit(u->id,
2101 "%s got final SIGCHLD for state %s",
2102 u->id, socket_state_to_string(s->state));
2103
2104 switch (s->state) {
2105
2106 case SOCKET_START_PRE:
2107 if (f == SOCKET_SUCCESS)
2108 socket_enter_start_post(s);
2109 else
2110 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2111 break;
2112
2113 case SOCKET_START_POST:
2114 if (f == SOCKET_SUCCESS)
2115 socket_enter_listening(s);
2116 else
2117 socket_enter_stop_pre(s, f);
2118 break;
2119
2120 case SOCKET_STOP_PRE:
2121 case SOCKET_STOP_PRE_SIGTERM:
2122 case SOCKET_STOP_PRE_SIGKILL:
2123 socket_enter_stop_post(s, f);
2124 break;
2125
2126 case SOCKET_STOP_POST:
2127 case SOCKET_FINAL_SIGTERM:
2128 case SOCKET_FINAL_SIGKILL:
2129 socket_enter_dead(s, f);
2130 break;
2131
2132 default:
2133 assert_not_reached("Uh, control process died at wrong time.");
2134 }
2135 }
2136
2137 /* Notify clients about changed exit status */
2138 unit_add_to_dbus_queue(u);
2139 }
2140
2141 static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
2142 Socket *s = SOCKET(u);
2143
2144 assert(s);
2145 assert(elapsed == 1);
2146 assert(w == &s->timer_watch);
2147
2148 switch (s->state) {
2149
2150 case SOCKET_START_PRE:
2151 log_warning_unit(u->id,
2152 "%s starting timed out. Terminating.", u->id);
2153 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2154 break;
2155
2156 case SOCKET_START_POST:
2157 log_warning_unit(u->id,
2158 "%s starting timed out. Stopping.", u->id);
2159 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2160 break;
2161
2162 case SOCKET_STOP_PRE:
2163 log_warning_unit(u->id,
2164 "%s stopping timed out. Terminating.", u->id);
2165 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2166 break;
2167
2168 case SOCKET_STOP_PRE_SIGTERM:
2169 if (s->kill_context.send_sigkill) {
2170 log_warning_unit(u->id,
2171 "%s stopping timed out. Killing.", u->id);
2172 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2173 } else {
2174 log_warning_unit(u->id,
2175 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2176 u->id);
2177 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2178 }
2179 break;
2180
2181 case SOCKET_STOP_PRE_SIGKILL:
2182 log_warning_unit(u->id,
2183 "%s still around after SIGKILL. Ignoring.", u->id);
2184 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2185 break;
2186
2187 case SOCKET_STOP_POST:
2188 log_warning_unit(u->id,
2189 "%s stopping timed out (2). Terminating.", u->id);
2190 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2191 break;
2192
2193 case SOCKET_FINAL_SIGTERM:
2194 if (s->kill_context.send_sigkill) {
2195 log_warning_unit(u->id,
2196 "%s stopping timed out (2). Killing.", u->id);
2197 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2198 } else {
2199 log_warning_unit(u->id,
2200 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2201 u->id);
2202 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2203 }
2204 break;
2205
2206 case SOCKET_FINAL_SIGKILL:
2207 log_warning_unit(u->id,
2208 "%s still around after SIGKILL (2). Entering failed mode.",
2209 u->id);
2210 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2211 break;
2212
2213 default:
2214 assert_not_reached("Timeout at wrong time.");
2215 }
2216 }
2217
2218 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2219 int *rfds;
2220 unsigned rn_fds, k;
2221 SocketPort *p;
2222
2223 assert(s);
2224 assert(fds);
2225 assert(n_fds);
2226
2227 /* Called from the service code for requesting our fds */
2228
2229 rn_fds = 0;
2230 LIST_FOREACH(port, p, s->ports)
2231 if (p->fd >= 0)
2232 rn_fds++;
2233
2234 if (rn_fds <= 0) {
2235 *fds = NULL;
2236 *n_fds = 0;
2237 return 0;
2238 }
2239
2240 if (!(rfds = new(int, rn_fds)))
2241 return -ENOMEM;
2242
2243 k = 0;
2244 LIST_FOREACH(port, p, s->ports)
2245 if (p->fd >= 0)
2246 rfds[k++] = p->fd;
2247
2248 assert(k == rn_fds);
2249
2250 *fds = rfds;
2251 *n_fds = rn_fds;
2252
2253 return 0;
2254 }
2255
2256 void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2257 assert(s);
2258
2259 /* The service is dead. Dang!
2260 *
2261 * This is strictly for one-instance-for-all-connections
2262 * services. */
2263
2264 if (s->state == SOCKET_RUNNING) {
2265 log_debug_unit(UNIT(s)->id,
2266 "%s got notified about service death (failed permanently: %s)",
2267 UNIT(s)->id, yes_no(failed_permanent));
2268 if (failed_permanent)
2269 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2270 else
2271 socket_enter_listening(s);
2272 }
2273 }
2274
2275 void socket_connection_unref(Socket *s) {
2276 assert(s);
2277
2278 /* The service is dead. Yay!
2279 *
2280 * This is strictly for one-instance-per-connection
2281 * services. */
2282
2283 assert(s->n_connections > 0);
2284 s->n_connections--;
2285
2286 log_debug_unit(UNIT(s)->id,
2287 "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2288 }
2289
2290 static void socket_reset_failed(Unit *u) {
2291 Socket *s = SOCKET(u);
2292
2293 assert(s);
2294
2295 if (s->state == SOCKET_FAILED)
2296 socket_set_state(s, SOCKET_DEAD);
2297
2298 s->result = SOCKET_SUCCESS;
2299 }
2300
2301 static int socket_kill(Unit *u, KillWho who, int signo, DBusError *error) {
2302 Socket *s = SOCKET(u);
2303 int r = 0;
2304 Set *pid_set = NULL;
2305
2306 assert(s);
2307
2308 if (who == KILL_MAIN) {
2309 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
2310 return -ESRCH;
2311 }
2312
2313 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2314 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
2315 return -ESRCH;
2316 }
2317
2318 if (who == KILL_CONTROL || who == KILL_ALL)
2319 if (s->control_pid > 0)
2320 if (kill(s->control_pid, signo) < 0)
2321 r = -errno;
2322
2323 if (who == KILL_ALL) {
2324 int q;
2325
2326 pid_set = set_new(trivial_hash_func, trivial_compare_func);
2327 if (!pid_set)
2328 return -ENOMEM;
2329
2330 /* Exclude the control pid from being killed via the cgroup */
2331 if (s->control_pid > 0) {
2332 q = set_put(pid_set, LONG_TO_PTR(s->control_pid));
2333 if (q < 0) {
2334 r = q;
2335 goto finish;
2336 }
2337 }
2338
2339 q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, false, pid_set, NULL);
2340 if (q < 0 && q != -EAGAIN && q != -ESRCH && q != -ENOENT)
2341 r = q;
2342 }
2343
2344 finish:
2345 if (pid_set)
2346 set_free(pid_set);
2347
2348 return r;
2349 }
2350
2351 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2352 [SOCKET_DEAD] = "dead",
2353 [SOCKET_START_PRE] = "start-pre",
2354 [SOCKET_START_POST] = "start-post",
2355 [SOCKET_LISTENING] = "listening",
2356 [SOCKET_RUNNING] = "running",
2357 [SOCKET_STOP_PRE] = "stop-pre",
2358 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2359 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2360 [SOCKET_STOP_POST] = "stop-post",
2361 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2362 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2363 [SOCKET_FAILED] = "failed"
2364 };
2365
2366 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2367
2368 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2369 [SOCKET_EXEC_START_PRE] = "StartPre",
2370 [SOCKET_EXEC_START_POST] = "StartPost",
2371 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2372 [SOCKET_EXEC_STOP_POST] = "StopPost"
2373 };
2374
2375 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2376
2377 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2378 [SOCKET_SUCCESS] = "success",
2379 [SOCKET_FAILURE_RESOURCES] = "resources",
2380 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2381 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2382 [SOCKET_FAILURE_SIGNAL] = "signal",
2383 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2384 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2385 };
2386
2387 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2388
2389 const UnitVTable socket_vtable = {
2390 .object_size = sizeof(Socket),
2391 .exec_context_offset = offsetof(Socket, exec_context),
2392
2393 .sections =
2394 "Unit\0"
2395 "Socket\0"
2396 "Install\0",
2397
2398 .init = socket_init,
2399 .done = socket_done,
2400 .load = socket_load,
2401
2402 .kill = socket_kill,
2403
2404 .coldplug = socket_coldplug,
2405
2406 .dump = socket_dump,
2407
2408 .start = socket_start,
2409 .stop = socket_stop,
2410
2411 .serialize = socket_serialize,
2412 .deserialize_item = socket_deserialize_item,
2413 .distribute_fds = socket_distribute_fds,
2414
2415 .active_state = socket_active_state,
2416 .sub_state_to_string = socket_sub_state_to_string,
2417
2418 .check_gc = socket_check_gc,
2419
2420 .fd_event = socket_fd_event,
2421 .sigchld_event = socket_sigchld_event,
2422 .timer_event = socket_timer_event,
2423
2424 .reset_failed = socket_reset_failed,
2425
2426 .bus_interface = "org.freedesktop.systemd1.Socket",
2427 .bus_message_handler = bus_socket_message_handler,
2428 .bus_invalidating_properties = bus_socket_invalidating_properties,
2429
2430 .status_message_formats = {
2431 /*.starting_stopping = {
2432 [0] = "Starting socket %s...",
2433 [1] = "Stopping socket %s...",
2434 },*/
2435 .finished_start_job = {
2436 [JOB_DONE] = "Listening on %s.",
2437 [JOB_FAILED] = "Failed to listen on %s.",
2438 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2439 [JOB_TIMEOUT] = "Timed out starting %s.",
2440 },
2441 .finished_stop_job = {
2442 [JOB_DONE] = "Closed %s.",
2443 [JOB_FAILED] = "Failed stopping %s.",
2444 [JOB_TIMEOUT] = "Timed out stopping %s.",
2445 },
2446 },
2447 };
Unnamed repository; edit this file 'description' to name the repository.