]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: add global settings for enabling CPUAccounting=, MemoryAccounting=, BlockIOAcco...
[thirdparty/systemd.git] / src / core / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
31 #include <mqueue.h>
32 #ifdef HAVE_XATTR
33 #include <attr/xattr.h>
34 #endif
35
36 #include "sd-event.h"
37 #include "log.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
40 #include "strv.h"
41 #include "mkdir.h"
42 #include "path-util.h"
43 #include "unit-name.h"
44 #include "unit-printf.h"
45 #include "missing.h"
46 #include "special.h"
47 #include "label.h"
48 #include "exit-status.h"
49 #include "def.h"
50 #include "smack-util.h"
51 #include "bus-util.h"
52 #include "bus-error.h"
53 #include "dbus-socket.h"
54 #include "unit.h"
55 #include "socket.h"
56
57 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
58 [SOCKET_DEAD] = UNIT_INACTIVE,
59 [SOCKET_START_PRE] = UNIT_ACTIVATING,
60 [SOCKET_START_POST] = UNIT_ACTIVATING,
61 [SOCKET_LISTENING] = UNIT_ACTIVE,
62 [SOCKET_RUNNING] = UNIT_ACTIVE,
63 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
66 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
68 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
69 [SOCKET_FAILED] = UNIT_FAILED
70 };
71
72 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
73 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74
75 static void socket_init(Unit *u) {
76 Socket *s = SOCKET(u);
77
78 assert(u);
79 assert(u->load_state == UNIT_STUB);
80
81 s->backlog = SOMAXCONN;
82 s->timeout_usec = u->manager->default_timeout_start_usec;
83 s->directory_mode = 0755;
84 s->socket_mode = 0666;
85
86 s->max_connections = 64;
87
88 s->priority = -1;
89 s->ip_tos = -1;
90 s->ip_ttl = -1;
91 s->mark = -1;
92
93 exec_context_init(&s->exec_context);
94 s->exec_context.std_output = u->manager->default_std_output;
95 s->exec_context.std_error = u->manager->default_std_error;
96 kill_context_init(&s->kill_context);
97 cgroup_context_init(&s->cgroup_context);
98
99 unit_cgroup_context_init_defaults(u, &s->cgroup_context);
100
101 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
102 }
103
104 static void socket_unwatch_control_pid(Socket *s) {
105 assert(s);
106
107 if (s->control_pid <= 0)
108 return;
109
110 unit_unwatch_pid(UNIT(s), s->control_pid);
111 s->control_pid = 0;
112 }
113
114 void socket_free_ports(Socket *s) {
115 SocketPort *p;
116
117 assert(s);
118
119 while ((p = s->ports)) {
120 LIST_REMOVE(port, s->ports, p);
121
122 sd_event_source_unref(p->event_source);
123
124 if (p->fd >= 0)
125 close_nointr_nofail(p->fd);
126
127 free(p->path);
128 free(p);
129 }
130 }
131
132 static void socket_done(Unit *u) {
133 Socket *s = SOCKET(u);
134
135 assert(s);
136
137 socket_free_ports(s);
138
139 cgroup_context_done(&s->cgroup_context);
140 exec_context_done(&s->exec_context);
141 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
142 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
143 s->control_command = NULL;
144
145 socket_unwatch_control_pid(s);
146
147 unit_ref_unset(&s->service);
148
149 free(s->tcp_congestion);
150 s->tcp_congestion = NULL;
151
152 free(s->bind_to_device);
153 s->bind_to_device = NULL;
154
155 free(s->smack);
156 free(s->smack_ip_in);
157 free(s->smack_ip_out);
158
159 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
160 }
161
162 static int socket_arm_timer(Socket *s) {
163 int r;
164
165 assert(s);
166
167 if (s->timeout_usec <= 0) {
168 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
169 return 0;
170 }
171
172 if (s->timer_event_source) {
173 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
174 if (r < 0)
175 return r;
176
177 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
178 }
179
180 return sd_event_add_monotonic(UNIT(s)->manager->event, &s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec, 0, socket_dispatch_timer, s);
181 }
182
183 static int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL;
185 _cleanup_free_ char *name = NULL;
186 int r;
187 Unit *u;
188
189 assert(s);
190
191 /* This fills in s->service if it isn't filled in yet. For
192 * Accept=yes sockets we create the next connection service
193 * here. For Accept=no this is mostly a NOP since the service
194 * is figured out at load time anyway. */
195
196 if (UNIT_DEREF(s->service))
197 return 0;
198
199 assert(s->accept);
200
201 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
202 return -ENOMEM;
203
204 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
205
206 if (r < 0)
207 return -ENOMEM;
208
209 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
210
211 if (r < 0)
212 return r;
213
214 #ifdef HAVE_SYSV_COMPAT
215 if (SERVICE(u)->is_sysv) {
216 log_error("Using SysV services for socket activation is not supported. Refusing.");
217 return -ENOENT;
218 }
219 #endif
220
221 u->no_gc = true;
222 unit_ref_set(&s->service, u);
223
224 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
225 }
226
227 static bool have_non_accept_socket(Socket *s) {
228 SocketPort *p;
229
230 assert(s);
231
232 if (!s->accept)
233 return true;
234
235 LIST_FOREACH(port, p, s->ports) {
236
237 if (p->type != SOCKET_SOCKET)
238 return true;
239
240 if (!socket_address_can_accept(&p->address))
241 return true;
242 }
243
244 return false;
245 }
246
247 static int socket_add_mount_links(Socket *s) {
248 SocketPort *p;
249 int r;
250
251 assert(s);
252
253 LIST_FOREACH(port, p, s->ports) {
254 const char *path = NULL;
255
256 if (p->type == SOCKET_SOCKET)
257 path = socket_address_get_path(&p->address);
258 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
259 path = p->path;
260
261 if (!path)
262 continue;
263
264 r = unit_require_mounts_for(UNIT(s), path);
265 if (r < 0)
266 return r;
267 }
268
269 return 0;
270 }
271
272 static int socket_add_device_link(Socket *s) {
273 char *t;
274
275 assert(s);
276
277 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
278 return 0;
279
280 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
281 return unit_add_node_link(UNIT(s), t, false);
282 }
283
284 static int socket_add_default_dependencies(Socket *s) {
285 int r;
286 assert(s);
287
288 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
289 if (r < 0)
290 return r;
291
292 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
293 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
294 if (r < 0)
295 return r;
296 }
297
298 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
299 }
300
301 _pure_ static bool socket_has_exec(Socket *s) {
302 unsigned i;
303 assert(s);
304
305 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
306 if (s->exec_command[i])
307 return true;
308
309 return false;
310 }
311
312 static int socket_add_extras(Socket *s) {
313 Unit *u = UNIT(s);
314 int r;
315
316 assert(s);
317
318 if (have_non_accept_socket(s)) {
319
320 if (!UNIT_DEREF(s->service)) {
321 Unit *x;
322
323 r = unit_load_related_unit(u, ".service", &x);
324 if (r < 0)
325 return r;
326
327 unit_ref_set(&s->service, x);
328 }
329
330 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
331 if (r < 0)
332 return r;
333 }
334
335 r = socket_add_mount_links(s);
336 if (r < 0)
337 return r;
338
339 r = socket_add_device_link(s);
340 if (r < 0)
341 return r;
342
343 r = unit_exec_context_patch_defaults(u, &s->exec_context);
344 if (r < 0)
345 return r;
346
347 if (socket_has_exec(s)) {
348 r = unit_add_exec_dependencies(u, &s->exec_context);
349 if (r < 0)
350 return r;
351
352 r = unit_add_default_slice(u);
353 if (r < 0)
354 return r;
355 }
356
357 if (u->default_dependencies) {
358 r = socket_add_default_dependencies(s);
359 if (r < 0)
360 return r;
361 }
362
363 return 0;
364 }
365
366 static int socket_verify(Socket *s) {
367 assert(s);
368
369 if (UNIT(s)->load_state != UNIT_LOADED)
370 return 0;
371
372 if (!s->ports) {
373 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
374 return -EINVAL;
375 }
376
377 if (s->accept && have_non_accept_socket(s)) {
378 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
379 UNIT(s)->id);
380 return -EINVAL;
381 }
382
383 if (s->accept && s->max_connections <= 0) {
384 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
385 return -EINVAL;
386 }
387
388 if (s->accept && UNIT_DEREF(s->service)) {
389 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
390 return -EINVAL;
391 }
392
393 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
394 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
395 return -EINVAL;
396 }
397
398 return 0;
399 }
400
401 static int socket_load(Unit *u) {
402 Socket *s = SOCKET(u);
403 int r;
404
405 assert(u);
406 assert(u->load_state == UNIT_STUB);
407
408 r = unit_load_fragment_and_dropin(u);
409 if (r < 0)
410 return r;
411
412 if (u->load_state == UNIT_LOADED) {
413 /* This is a new unit? Then let's add in some extras */
414 r = socket_add_extras(s);
415 if (r < 0)
416 return r;
417 }
418
419 return socket_verify(s);
420 }
421
422 _const_ static const char* listen_lookup(int family, int type) {
423
424 if (family == AF_NETLINK)
425 return "ListenNetlink";
426
427 if (type == SOCK_STREAM)
428 return "ListenStream";
429 else if (type == SOCK_DGRAM)
430 return "ListenDatagram";
431 else if (type == SOCK_SEQPACKET)
432 return "ListenSequentialPacket";
433
434 assert_not_reached("Unknown socket type");
435 return NULL;
436 }
437
438 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
439 SocketExecCommand c;
440 Socket *s = SOCKET(u);
441 SocketPort *p;
442 const char *prefix2;
443
444 assert(s);
445 assert(f);
446
447 prefix2 = strappenda(prefix, "\t");
448
449 fprintf(f,
450 "%sSocket State: %s\n"
451 "%sResult: %s\n"
452 "%sBindIPv6Only: %s\n"
453 "%sBacklog: %u\n"
454 "%sSocketMode: %04o\n"
455 "%sDirectoryMode: %04o\n"
456 "%sKeepAlive: %s\n"
457 "%sFreeBind: %s\n"
458 "%sTransparent: %s\n"
459 "%sBroadcast: %s\n"
460 "%sPassCredentials: %s\n"
461 "%sPassSecurity: %s\n"
462 "%sTCPCongestion: %s\n",
463 prefix, socket_state_to_string(s->state),
464 prefix, socket_result_to_string(s->result),
465 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
466 prefix, s->backlog,
467 prefix, s->socket_mode,
468 prefix, s->directory_mode,
469 prefix, yes_no(s->keep_alive),
470 prefix, yes_no(s->free_bind),
471 prefix, yes_no(s->transparent),
472 prefix, yes_no(s->broadcast),
473 prefix, yes_no(s->pass_cred),
474 prefix, yes_no(s->pass_sec),
475 prefix, strna(s->tcp_congestion));
476
477 if (s->control_pid > 0)
478 fprintf(f,
479 "%sControl PID: %lu\n",
480 prefix, (unsigned long) s->control_pid);
481
482 if (s->bind_to_device)
483 fprintf(f,
484 "%sBindToDevice: %s\n",
485 prefix, s->bind_to_device);
486
487 if (s->accept)
488 fprintf(f,
489 "%sAccepted: %u\n"
490 "%sNConnections: %u\n"
491 "%sMaxConnections: %u\n",
492 prefix, s->n_accepted,
493 prefix, s->n_connections,
494 prefix, s->max_connections);
495
496 if (s->priority >= 0)
497 fprintf(f,
498 "%sPriority: %i\n",
499 prefix, s->priority);
500
501 if (s->receive_buffer > 0)
502 fprintf(f,
503 "%sReceiveBuffer: %zu\n",
504 prefix, s->receive_buffer);
505
506 if (s->send_buffer > 0)
507 fprintf(f,
508 "%sSendBuffer: %zu\n",
509 prefix, s->send_buffer);
510
511 if (s->ip_tos >= 0)
512 fprintf(f,
513 "%sIPTOS: %i\n",
514 prefix, s->ip_tos);
515
516 if (s->ip_ttl >= 0)
517 fprintf(f,
518 "%sIPTTL: %i\n",
519 prefix, s->ip_ttl);
520
521 if (s->pipe_size > 0)
522 fprintf(f,
523 "%sPipeSize: %zu\n",
524 prefix, s->pipe_size);
525
526 if (s->mark >= 0)
527 fprintf(f,
528 "%sMark: %i\n",
529 prefix, s->mark);
530
531 if (s->mq_maxmsg > 0)
532 fprintf(f,
533 "%sMessageQueueMaxMessages: %li\n",
534 prefix, s->mq_maxmsg);
535
536 if (s->mq_msgsize > 0)
537 fprintf(f,
538 "%sMessageQueueMessageSize: %li\n",
539 prefix, s->mq_msgsize);
540
541 if (s->reuse_port)
542 fprintf(f,
543 "%sReusePort: %s\n",
544 prefix, yes_no(s->reuse_port));
545
546 if (s->smack)
547 fprintf(f,
548 "%sSmackLabel: %s\n",
549 prefix, s->smack);
550
551 if (s->smack_ip_in)
552 fprintf(f,
553 "%sSmackLabelIPIn: %s\n",
554 prefix, s->smack_ip_in);
555
556 if (s->smack_ip_out)
557 fprintf(f,
558 "%sSmackLabelIPOut: %s\n",
559 prefix, s->smack_ip_out);
560
561 LIST_FOREACH(port, p, s->ports) {
562
563 if (p->type == SOCKET_SOCKET) {
564 const char *t;
565 int r;
566 char *k = NULL;
567
568 if ((r = socket_address_print(&p->address, &k)) < 0)
569 t = strerror(-r);
570 else
571 t = k;
572
573 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
574 free(k);
575 } else if (p->type == SOCKET_SPECIAL)
576 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
577 else if (p->type == SOCKET_MQUEUE)
578 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
579 else
580 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
581 }
582
583 exec_context_dump(&s->exec_context, f, prefix);
584 kill_context_dump(&s->kill_context, f, prefix);
585
586 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
587 if (!s->exec_command[c])
588 continue;
589
590 fprintf(f, "%s-> %s:\n",
591 prefix, socket_exec_command_to_string(c));
592
593 exec_command_dump_list(s->exec_command[c], f, prefix2);
594 }
595 }
596
597 static int instance_from_socket(int fd, unsigned nr, char **instance) {
598 socklen_t l;
599 char *r;
600 union {
601 struct sockaddr sa;
602 struct sockaddr_un un;
603 struct sockaddr_in in;
604 struct sockaddr_in6 in6;
605 struct sockaddr_storage storage;
606 } local, remote;
607
608 assert(fd >= 0);
609 assert(instance);
610
611 l = sizeof(local);
612 if (getsockname(fd, &local.sa, &l) < 0)
613 return -errno;
614
615 l = sizeof(remote);
616 if (getpeername(fd, &remote.sa, &l) < 0)
617 return -errno;
618
619 switch (local.sa.sa_family) {
620
621 case AF_INET: {
622 uint32_t
623 a = ntohl(local.in.sin_addr.s_addr),
624 b = ntohl(remote.in.sin_addr.s_addr);
625
626 if (asprintf(&r,
627 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
628 nr,
629 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
630 ntohs(local.in.sin_port),
631 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
632 ntohs(remote.in.sin_port)) < 0)
633 return -ENOMEM;
634
635 break;
636 }
637
638 case AF_INET6: {
639 static const unsigned char ipv4_prefix[] = {
640 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
641 };
642
643 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
644 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
645 const uint8_t
646 *a = local.in6.sin6_addr.s6_addr+12,
647 *b = remote.in6.sin6_addr.s6_addr+12;
648
649 if (asprintf(&r,
650 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
651 nr,
652 a[0], a[1], a[2], a[3],
653 ntohs(local.in6.sin6_port),
654 b[0], b[1], b[2], b[3],
655 ntohs(remote.in6.sin6_port)) < 0)
656 return -ENOMEM;
657 } else {
658 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
659
660 if (asprintf(&r,
661 "%u-%s:%u-%s:%u",
662 nr,
663 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
664 ntohs(local.in6.sin6_port),
665 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
666 ntohs(remote.in6.sin6_port)) < 0)
667 return -ENOMEM;
668 }
669
670 break;
671 }
672
673 case AF_UNIX: {
674 struct ucred ucred;
675 int k;
676
677 k = getpeercred(fd, &ucred);
678 if (k < 0)
679 return k;
680
681 if (asprintf(&r,
682 "%u-%lu-%lu",
683 nr,
684 (unsigned long) ucred.pid,
685 (unsigned long) ucred.uid) < 0)
686 return -ENOMEM;
687
688 break;
689 }
690
691 default:
692 assert_not_reached("Unhandled socket type.");
693 }
694
695 *instance = r;
696 return 0;
697 }
698
699 static void socket_close_fds(Socket *s) {
700 SocketPort *p;
701
702 assert(s);
703
704 LIST_FOREACH(port, p, s->ports) {
705
706 p->event_source = sd_event_source_unref(p->event_source);
707
708 if (p->fd < 0)
709 continue;
710
711 close_nointr_nofail(p->fd);
712
713 /* One little note: we should never delete any sockets
714 * in the file system here! After all some other
715 * process we spawned might still have a reference of
716 * this fd and wants to continue to use it. Therefore
717 * we delete sockets in the file system before we
718 * create a new one, not after we stopped using
719 * one! */
720
721 p->fd = -1;
722 }
723 }
724
725 static void socket_apply_socket_options(Socket *s, int fd) {
726 assert(s);
727 assert(fd >= 0);
728
729 if (s->keep_alive) {
730 int b = s->keep_alive;
731 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
732 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
733 }
734
735 if (s->broadcast) {
736 int one = 1;
737 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
738 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
739 }
740
741 if (s->pass_cred) {
742 int one = 1;
743 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
744 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
745 }
746
747 if (s->pass_sec) {
748 int one = 1;
749 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
750 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
751 }
752
753 if (s->priority >= 0)
754 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
755 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
756
757 if (s->receive_buffer > 0) {
758 int value = (int) s->receive_buffer;
759
760 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
761
762 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
763 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
764 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
765 }
766
767 if (s->send_buffer > 0) {
768 int value = (int) s->send_buffer;
769 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
770 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
771 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
772 }
773
774 if (s->mark >= 0)
775 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
776 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
777
778 if (s->ip_tos >= 0)
779 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
780 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
781
782 if (s->ip_ttl >= 0) {
783 int r, x;
784
785 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
786
787 if (socket_ipv6_is_supported())
788 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
789 else {
790 x = -1;
791 errno = EAFNOSUPPORT;
792 }
793
794 if (r < 0 && x < 0)
795 log_warning_unit(UNIT(s)->id,
796 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
797 }
798
799 if (s->tcp_congestion)
800 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
801 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
802
803 if (s->reuse_port) {
804 int b = s->reuse_port;
805 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
806 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
807 }
808
809 if (s->smack_ip_in)
810 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
811 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
812
813 if (s->smack_ip_out)
814 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
815 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
816 }
817
818 static void socket_apply_fifo_options(Socket *s, int fd) {
819 assert(s);
820 assert(fd >= 0);
821
822 if (s->pipe_size > 0)
823 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
824 log_warning_unit(UNIT(s)->id,
825 "F_SETPIPE_SZ: %m");
826
827 if (s->smack)
828 if (smack_label_fd(fd, s->smack) < 0)
829 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
830 }
831
832 static int fifo_address_create(
833 const char *path,
834 mode_t directory_mode,
835 mode_t socket_mode,
836 int *_fd) {
837
838 int fd = -1, r = 0;
839 struct stat st;
840 mode_t old_mask;
841
842 assert(path);
843 assert(_fd);
844
845 mkdir_parents_label(path, directory_mode);
846
847 r = label_context_set(path, S_IFIFO);
848 if (r < 0)
849 goto fail;
850
851 /* Enforce the right access mode for the fifo */
852 old_mask = umask(~ socket_mode);
853
854 /* Include the original umask in our mask */
855 umask(~socket_mode | old_mask);
856
857 r = mkfifo(path, socket_mode);
858 umask(old_mask);
859
860 if (r < 0 && errno != EEXIST) {
861 r = -errno;
862 goto fail;
863 }
864
865 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
866 r = -errno;
867 goto fail;
868 }
869
870 label_context_clear();
871
872 if (fstat(fd, &st) < 0) {
873 r = -errno;
874 goto fail;
875 }
876
877 if (!S_ISFIFO(st.st_mode) ||
878 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
879 st.st_uid != getuid() ||
880 st.st_gid != getgid()) {
881
882 r = -EEXIST;
883 goto fail;
884 }
885
886 *_fd = fd;
887 return 0;
888
889 fail:
890 label_context_clear();
891
892 if (fd >= 0)
893 close_nointr_nofail(fd);
894
895 return r;
896 }
897
898 static int special_address_create(
899 const char *path,
900 int *_fd) {
901
902 int fd = -1, r = 0;
903 struct stat st;
904
905 assert(path);
906 assert(_fd);
907
908 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
909 r = -errno;
910 goto fail;
911 }
912
913 if (fstat(fd, &st) < 0) {
914 r = -errno;
915 goto fail;
916 }
917
918 /* Check whether this is a /proc, /sys or /dev file or char device */
919 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
920 r = -EEXIST;
921 goto fail;
922 }
923
924 *_fd = fd;
925 return 0;
926
927 fail:
928 if (fd >= 0)
929 close_nointr_nofail(fd);
930
931 return r;
932 }
933
934 static int mq_address_create(
935 const char *path,
936 mode_t mq_mode,
937 long maxmsg,
938 long msgsize,
939 int *_fd) {
940
941 int fd = -1, r = 0;
942 struct stat st;
943 mode_t old_mask;
944 struct mq_attr _attr, *attr = NULL;
945
946 assert(path);
947 assert(_fd);
948
949 if (maxmsg > 0 && msgsize > 0) {
950 zero(_attr);
951 _attr.mq_flags = O_NONBLOCK;
952 _attr.mq_maxmsg = maxmsg;
953 _attr.mq_msgsize = msgsize;
954 attr = &_attr;
955 }
956
957 /* Enforce the right access mode for the mq */
958 old_mask = umask(~ mq_mode);
959
960 /* Include the original umask in our mask */
961 umask(~mq_mode | old_mask);
962
963 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
964 umask(old_mask);
965
966 if (fd < 0) {
967 r = -errno;
968 goto fail;
969 }
970
971 if (fstat(fd, &st) < 0) {
972 r = -errno;
973 goto fail;
974 }
975
976 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
977 st.st_uid != getuid() ||
978 st.st_gid != getgid()) {
979
980 r = -EEXIST;
981 goto fail;
982 }
983
984 *_fd = fd;
985 return 0;
986
987 fail:
988 if (fd >= 0)
989 close_nointr_nofail(fd);
990
991 return r;
992 }
993
994 static int socket_open_fds(Socket *s) {
995 SocketPort *p;
996 int r;
997 char *label = NULL;
998 bool know_label = false;
999
1000 assert(s);
1001
1002 LIST_FOREACH(port, p, s->ports) {
1003
1004 if (p->fd >= 0)
1005 continue;
1006
1007 if (p->type == SOCKET_SOCKET) {
1008
1009 if (!know_label) {
1010
1011 if ((r = socket_instantiate_service(s)) < 0)
1012 return r;
1013
1014 if (UNIT_ISSET(s->service) &&
1015 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1016 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1017
1018 if (r < 0) {
1019 if (r != -EPERM)
1020 return r;
1021 }
1022 }
1023
1024 know_label = true;
1025 }
1026
1027 r = socket_address_listen(
1028 &p->address,
1029 SOCK_CLOEXEC|SOCK_NONBLOCK,
1030 s->backlog,
1031 s->bind_ipv6_only,
1032 s->bind_to_device,
1033 s->free_bind,
1034 s->transparent,
1035 s->directory_mode,
1036 s->socket_mode,
1037 label);
1038 if (r < 0)
1039 goto rollback;
1040
1041 p->fd = r;
1042 socket_apply_socket_options(s, p->fd);
1043
1044 } else if (p->type == SOCKET_SPECIAL) {
1045
1046 r = special_address_create(
1047 p->path,
1048 &p->fd);
1049 if (r < 0)
1050 goto rollback;
1051
1052 } else if (p->type == SOCKET_FIFO) {
1053
1054 r = fifo_address_create(
1055 p->path,
1056 s->directory_mode,
1057 s->socket_mode,
1058 &p->fd);
1059 if (r < 0)
1060 goto rollback;
1061
1062 socket_apply_fifo_options(s, p->fd);
1063 } else if (p->type == SOCKET_MQUEUE) {
1064
1065 r = mq_address_create(
1066 p->path,
1067 s->socket_mode,
1068 s->mq_maxmsg,
1069 s->mq_msgsize,
1070 &p->fd);
1071 if (r < 0)
1072 goto rollback;
1073 } else
1074 assert_not_reached("Unknown port type");
1075 }
1076
1077 label_free(label);
1078 return 0;
1079
1080 rollback:
1081 socket_close_fds(s);
1082 label_free(label);
1083 return r;
1084 }
1085
1086 static void socket_unwatch_fds(Socket *s) {
1087 SocketPort *p;
1088 int r;
1089
1090 assert(s);
1091
1092 LIST_FOREACH(port, p, s->ports) {
1093 if (p->fd < 0)
1094 continue;
1095
1096 if (p->event_source) {
1097 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1098 if (r < 0)
1099 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1100 }
1101 }
1102 }
1103
1104 static int socket_watch_fds(Socket *s) {
1105 SocketPort *p;
1106 int r;
1107
1108 assert(s);
1109
1110 LIST_FOREACH(port, p, s->ports) {
1111 if (p->fd < 0)
1112 continue;
1113
1114 if (p->event_source)
1115 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1116 else
1117 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1118
1119 if (r < 0) {
1120 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1121 goto fail;
1122 }
1123 }
1124
1125 return 0;
1126
1127 fail:
1128 socket_unwatch_fds(s);
1129 return r;
1130 }
1131
1132 static void socket_set_state(Socket *s, SocketState state) {
1133 SocketState old_state;
1134 assert(s);
1135
1136 old_state = s->state;
1137 s->state = state;
1138
1139 if (state != SOCKET_START_PRE &&
1140 state != SOCKET_START_POST &&
1141 state != SOCKET_STOP_PRE &&
1142 state != SOCKET_STOP_PRE_SIGTERM &&
1143 state != SOCKET_STOP_PRE_SIGKILL &&
1144 state != SOCKET_STOP_POST &&
1145 state != SOCKET_FINAL_SIGTERM &&
1146 state != SOCKET_FINAL_SIGKILL) {
1147
1148 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1149 socket_unwatch_control_pid(s);
1150 s->control_command = NULL;
1151 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1152 }
1153
1154 if (state != SOCKET_LISTENING)
1155 socket_unwatch_fds(s);
1156
1157 if (state != SOCKET_START_POST &&
1158 state != SOCKET_LISTENING &&
1159 state != SOCKET_RUNNING &&
1160 state != SOCKET_STOP_PRE &&
1161 state != SOCKET_STOP_PRE_SIGTERM &&
1162 state != SOCKET_STOP_PRE_SIGKILL)
1163 socket_close_fds(s);
1164
1165 if (state != old_state)
1166 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1167 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1168
1169 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1170 }
1171
1172 static int socket_coldplug(Unit *u) {
1173 Socket *s = SOCKET(u);
1174 int r;
1175
1176 assert(s);
1177 assert(s->state == SOCKET_DEAD);
1178
1179 if (s->deserialized_state == s->state)
1180 return 0;
1181
1182 if (s->deserialized_state == SOCKET_START_PRE ||
1183 s->deserialized_state == SOCKET_START_POST ||
1184 s->deserialized_state == SOCKET_STOP_PRE ||
1185 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1186 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1187 s->deserialized_state == SOCKET_STOP_POST ||
1188 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1189 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1190
1191 if (s->control_pid <= 0)
1192 return -EBADMSG;
1193
1194 r = unit_watch_pid(UNIT(s), s->control_pid);
1195 if (r < 0)
1196 return r;
1197
1198 r = socket_arm_timer(s);
1199 if (r < 0)
1200 return r;
1201 }
1202
1203 if (s->deserialized_state == SOCKET_START_POST ||
1204 s->deserialized_state == SOCKET_LISTENING ||
1205 s->deserialized_state == SOCKET_RUNNING ||
1206 s->deserialized_state == SOCKET_STOP_PRE ||
1207 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1208 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL) {
1209 r = socket_open_fds(s);
1210 if (r < 0)
1211 return r;
1212 }
1213
1214 if (s->deserialized_state == SOCKET_LISTENING) {
1215 r = socket_watch_fds(s);
1216 if (r < 0)
1217 return r;
1218 }
1219
1220 socket_set_state(s, s->deserialized_state);
1221 return 0;
1222 }
1223
1224 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1225 pid_t pid;
1226 int r;
1227 char **argv;
1228
1229 assert(s);
1230 assert(c);
1231 assert(_pid);
1232
1233 unit_realize_cgroup(UNIT(s));
1234
1235 r = unit_setup_exec_runtime(UNIT(s));
1236 if (r < 0)
1237 goto fail;
1238
1239 r = socket_arm_timer(s);
1240 if (r < 0)
1241 goto fail;
1242
1243 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1244 if (r < 0)
1245 goto fail;
1246
1247 r = exec_spawn(c,
1248 argv,
1249 &s->exec_context,
1250 NULL, 0,
1251 UNIT(s)->manager->environment,
1252 true,
1253 true,
1254 true,
1255 UNIT(s)->manager->confirm_spawn,
1256 UNIT(s)->manager->cgroup_supported,
1257 UNIT(s)->cgroup_path,
1258 UNIT(s)->id,
1259 0,
1260 NULL,
1261 s->exec_runtime,
1262 &pid);
1263
1264 strv_free(argv);
1265 if (r < 0)
1266 goto fail;
1267
1268 r = unit_watch_pid(UNIT(s), pid);
1269 if (r < 0)
1270 /* FIXME: we need to do something here */
1271 goto fail;
1272
1273 *_pid = pid;
1274
1275 return 0;
1276
1277 fail:
1278 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1279
1280 return r;
1281 }
1282
1283 static void socket_enter_dead(Socket *s, SocketResult f) {
1284 assert(s);
1285
1286 if (f != SOCKET_SUCCESS)
1287 s->result = f;
1288
1289 exec_runtime_destroy(s->exec_runtime);
1290 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1291
1292 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1293 }
1294
1295 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1296
1297 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1298 int r;
1299 assert(s);
1300
1301 if (f != SOCKET_SUCCESS)
1302 s->result = f;
1303
1304 socket_unwatch_control_pid(s);
1305
1306 s->control_command_id = SOCKET_EXEC_STOP_POST;
1307
1308 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1309 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1310 goto fail;
1311
1312 socket_set_state(s, SOCKET_STOP_POST);
1313 } else
1314 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1315
1316 return;
1317
1318 fail:
1319 log_warning_unit(UNIT(s)->id,
1320 "%s failed to run 'stop-post' task: %s",
1321 UNIT(s)->id, strerror(-r));
1322 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1323 }
1324
1325 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1326 int r;
1327
1328 assert(s);
1329
1330 if (f != SOCKET_SUCCESS)
1331 s->result = f;
1332
1333 r = unit_kill_context(
1334 UNIT(s),
1335 &s->kill_context,
1336 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1337 -1,
1338 s->control_pid,
1339 false);
1340 if (r < 0)
1341 goto fail;
1342
1343 if (r > 0) {
1344 r = socket_arm_timer(s);
1345 if (r < 0)
1346 goto fail;
1347
1348 socket_set_state(s, state);
1349 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1350 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1351 else if (state == SOCKET_STOP_PRE_SIGKILL)
1352 socket_enter_stop_post(s, SOCKET_SUCCESS);
1353 else if (state == SOCKET_FINAL_SIGTERM)
1354 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1355 else
1356 socket_enter_dead(s, SOCKET_SUCCESS);
1357
1358 return;
1359
1360 fail:
1361 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1362
1363 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1364 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1365 else
1366 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1367 }
1368
1369 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1370 int r;
1371 assert(s);
1372
1373 if (f != SOCKET_SUCCESS)
1374 s->result = f;
1375
1376 socket_unwatch_control_pid(s);
1377
1378 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1379
1380 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1381 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1382 goto fail;
1383
1384 socket_set_state(s, SOCKET_STOP_PRE);
1385 } else
1386 socket_enter_stop_post(s, SOCKET_SUCCESS);
1387
1388 return;
1389
1390 fail:
1391 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1392 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1393 }
1394
1395 static void socket_enter_listening(Socket *s) {
1396 int r;
1397 assert(s);
1398
1399 r = socket_watch_fds(s);
1400 if (r < 0) {
1401 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1402 goto fail;
1403 }
1404
1405 socket_set_state(s, SOCKET_LISTENING);
1406 return;
1407
1408 fail:
1409 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1410 }
1411
1412 static void socket_enter_start_post(Socket *s) {
1413 int r;
1414 assert(s);
1415
1416 r = socket_open_fds(s);
1417 if (r < 0) {
1418 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1419 goto fail;
1420 }
1421
1422 socket_unwatch_control_pid(s);
1423
1424 s->control_command_id = SOCKET_EXEC_START_POST;
1425
1426 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1427 r = socket_spawn(s, s->control_command, &s->control_pid);
1428 if (r < 0) {
1429 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1430 goto fail;
1431 }
1432
1433 socket_set_state(s, SOCKET_START_POST);
1434 } else
1435 socket_enter_listening(s);
1436
1437 return;
1438
1439 fail:
1440 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1441 }
1442
1443 static void socket_enter_start_pre(Socket *s) {
1444 int r;
1445 assert(s);
1446
1447 socket_unwatch_control_pid(s);
1448
1449 s->control_command_id = SOCKET_EXEC_START_PRE;
1450
1451 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1452 r = socket_spawn(s, s->control_command, &s->control_pid);
1453 if (r < 0)
1454 goto fail;
1455
1456 socket_set_state(s, SOCKET_START_PRE);
1457 } else
1458 socket_enter_start_post(s);
1459
1460 return;
1461
1462 fail:
1463 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1464 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1465 }
1466
1467 static void socket_enter_running(Socket *s, int cfd) {
1468 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1469 int r;
1470
1471 assert(s);
1472
1473 /* We don't take connections anymore if we are supposed to
1474 * shut down anyway */
1475 if (unit_stop_pending(UNIT(s))) {
1476
1477 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1478
1479 if (cfd >= 0)
1480 close_nointr_nofail(cfd);
1481 else {
1482 /* Flush all sockets by closing and reopening them */
1483 socket_close_fds(s);
1484
1485 r = socket_open_fds(s);
1486 if (r < 0) {
1487 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1488 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1489 return;
1490 }
1491
1492 r = socket_watch_fds(s);
1493 if (r < 0) {
1494 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1495 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1496 }
1497 }
1498
1499 return;
1500 }
1501
1502 if (cfd < 0) {
1503 Iterator i;
1504 Unit *other;
1505 bool pending = false;
1506
1507 /* If there's already a start pending don't bother to
1508 * do anything */
1509 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1510 if (unit_active_or_pending(other)) {
1511 pending = true;
1512 break;
1513 }
1514
1515 if (!pending) {
1516 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1517 if (r < 0)
1518 goto fail;
1519 }
1520
1521 socket_set_state(s, SOCKET_RUNNING);
1522 } else {
1523 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1524 Service *service;
1525
1526 if (s->n_connections >= s->max_connections) {
1527 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1528 close_nointr_nofail(cfd);
1529 return;
1530 }
1531
1532 r = socket_instantiate_service(s);
1533 if (r < 0)
1534 goto fail;
1535
1536 r = instance_from_socket(cfd, s->n_accepted, &instance);
1537 if (r < 0) {
1538 if (r != -ENOTCONN)
1539 goto fail;
1540
1541 /* ENOTCONN is legitimate if TCP RST was received.
1542 * This connection is over, but the socket unit lives on. */
1543 close_nointr_nofail(cfd);
1544 return;
1545 }
1546
1547 prefix = unit_name_to_prefix(UNIT(s)->id);
1548 if (!prefix) {
1549 r = -ENOMEM;
1550 goto fail;
1551 }
1552
1553 name = unit_name_build(prefix, instance, ".service");
1554 if (!name) {
1555 r = -ENOMEM;
1556 goto fail;
1557 }
1558
1559 r = unit_add_name(UNIT_DEREF(s->service), name);
1560 if (r < 0)
1561 goto fail;
1562
1563 service = SERVICE(UNIT_DEREF(s->service));
1564 unit_ref_unset(&s->service);
1565 s->n_accepted ++;
1566
1567 UNIT(service)->no_gc = false;
1568
1569 unit_choose_id(UNIT(service), name);
1570
1571 r = service_set_socket_fd(service, cfd, s);
1572 if (r < 0)
1573 goto fail;
1574
1575 cfd = -1;
1576 s->n_connections ++;
1577
1578 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1579 if (r < 0)
1580 goto fail;
1581
1582 /* Notify clients about changed counters */
1583 unit_add_to_dbus_queue(UNIT(s));
1584 }
1585
1586 return;
1587
1588 fail:
1589 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1590 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1591 bus_error_message(&error, r));
1592
1593 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1594
1595 if (cfd >= 0)
1596 close_nointr_nofail(cfd);
1597 }
1598
1599 static void socket_run_next(Socket *s) {
1600 int r;
1601
1602 assert(s);
1603 assert(s->control_command);
1604 assert(s->control_command->command_next);
1605
1606 socket_unwatch_control_pid(s);
1607
1608 s->control_command = s->control_command->command_next;
1609
1610 r = socket_spawn(s, s->control_command, &s->control_pid);
1611 if (r < 0)
1612 goto fail;
1613
1614 return;
1615
1616 fail:
1617 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1618
1619 if (s->state == SOCKET_START_POST)
1620 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1621 else if (s->state == SOCKET_STOP_POST)
1622 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1623 else
1624 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1625 }
1626
1627 static int socket_start(Unit *u) {
1628 Socket *s = SOCKET(u);
1629
1630 assert(s);
1631
1632 /* We cannot fulfill this request right now, try again later
1633 * please! */
1634 if (s->state == SOCKET_STOP_PRE ||
1635 s->state == SOCKET_STOP_PRE_SIGKILL ||
1636 s->state == SOCKET_STOP_PRE_SIGTERM ||
1637 s->state == SOCKET_STOP_POST ||
1638 s->state == SOCKET_FINAL_SIGTERM ||
1639 s->state == SOCKET_FINAL_SIGKILL)
1640 return -EAGAIN;
1641
1642 if (s->state == SOCKET_START_PRE ||
1643 s->state == SOCKET_START_POST)
1644 return 0;
1645
1646 /* Cannot run this without the service being around */
1647 if (UNIT_ISSET(s->service)) {
1648 Service *service;
1649
1650 service = SERVICE(UNIT_DEREF(s->service));
1651
1652 if (UNIT(service)->load_state != UNIT_LOADED) {
1653 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1654 return -ENOENT;
1655 }
1656
1657 /* If the service is already active we cannot start the
1658 * socket */
1659 if (service->state != SERVICE_DEAD &&
1660 service->state != SERVICE_FAILED &&
1661 service->state != SERVICE_AUTO_RESTART) {
1662 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1663 return -EBUSY;
1664 }
1665
1666 #ifdef HAVE_SYSV_COMPAT
1667 if (service->is_sysv) {
1668 log_error_unit(u->id,
1669 "Using SysV services for socket activation is not supported. Refusing.");
1670 return -ENOENT;
1671 }
1672 #endif
1673 }
1674
1675 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1676
1677 s->result = SOCKET_SUCCESS;
1678 socket_enter_start_pre(s);
1679
1680 return 0;
1681 }
1682
1683 static int socket_stop(Unit *u) {
1684 Socket *s = SOCKET(u);
1685
1686 assert(s);
1687
1688 /* Already on it */
1689 if (s->state == SOCKET_STOP_PRE ||
1690 s->state == SOCKET_STOP_PRE_SIGTERM ||
1691 s->state == SOCKET_STOP_PRE_SIGKILL ||
1692 s->state == SOCKET_STOP_POST ||
1693 s->state == SOCKET_FINAL_SIGTERM ||
1694 s->state == SOCKET_FINAL_SIGKILL)
1695 return 0;
1696
1697 /* If there's already something running we go directly into
1698 * kill mode. */
1699 if (s->state == SOCKET_START_PRE ||
1700 s->state == SOCKET_START_POST) {
1701 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1702 return -EAGAIN;
1703 }
1704
1705 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1706
1707 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1708 return 0;
1709 }
1710
1711 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1712 Socket *s = SOCKET(u);
1713 SocketPort *p;
1714 int r;
1715
1716 assert(u);
1717 assert(f);
1718 assert(fds);
1719
1720 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1721 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1722 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1723
1724 if (s->control_pid > 0)
1725 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1726
1727 if (s->control_command_id >= 0)
1728 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1729
1730 LIST_FOREACH(port, p, s->ports) {
1731 int copy;
1732
1733 if (p->fd < 0)
1734 continue;
1735
1736 copy = fdset_put_dup(fds, p->fd);
1737 if (copy < 0)
1738 return copy;
1739
1740 if (p->type == SOCKET_SOCKET) {
1741 _cleanup_free_ char *t = NULL;
1742
1743 r = socket_address_print(&p->address, &t);
1744 if (r < 0)
1745 return r;
1746
1747 if (socket_address_family(&p->address) == AF_NETLINK)
1748 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1749 else
1750 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1751
1752 } else if (p->type == SOCKET_SPECIAL)
1753 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1754 else if (p->type == SOCKET_MQUEUE)
1755 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1756 else {
1757 assert(p->type == SOCKET_FIFO);
1758 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1759 }
1760 }
1761
1762 return 0;
1763 }
1764
1765 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1766 Socket *s = SOCKET(u);
1767
1768 assert(u);
1769 assert(key);
1770 assert(value);
1771
1772 if (streq(key, "state")) {
1773 SocketState state;
1774
1775 state = socket_state_from_string(value);
1776 if (state < 0)
1777 log_debug_unit(u->id, "Failed to parse state value %s", value);
1778 else
1779 s->deserialized_state = state;
1780 } else if (streq(key, "result")) {
1781 SocketResult f;
1782
1783 f = socket_result_from_string(value);
1784 if (f < 0)
1785 log_debug_unit(u->id, "Failed to parse result value %s", value);
1786 else if (f != SOCKET_SUCCESS)
1787 s->result = f;
1788
1789 } else if (streq(key, "n-accepted")) {
1790 unsigned k;
1791
1792 if (safe_atou(value, &k) < 0)
1793 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1794 else
1795 s->n_accepted += k;
1796 } else if (streq(key, "control-pid")) {
1797 pid_t pid;
1798
1799 if (parse_pid(value, &pid) < 0)
1800 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1801 else
1802 s->control_pid = pid;
1803 } else if (streq(key, "control-command")) {
1804 SocketExecCommand id;
1805
1806 id = socket_exec_command_from_string(value);
1807 if (id < 0)
1808 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
1809 else {
1810 s->control_command_id = id;
1811 s->control_command = s->exec_command[id];
1812 }
1813 } else if (streq(key, "fifo")) {
1814 int fd, skip = 0;
1815 SocketPort *p;
1816
1817 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1818 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
1819 else {
1820
1821 LIST_FOREACH(port, p, s->ports)
1822 if (p->type == SOCKET_FIFO &&
1823 streq_ptr(p->path, value+skip))
1824 break;
1825
1826 if (p) {
1827 if (p->fd >= 0)
1828 close_nointr_nofail(p->fd);
1829 p->fd = fdset_remove(fds, fd);
1830 }
1831 }
1832
1833 } else if (streq(key, "special")) {
1834 int fd, skip = 0;
1835 SocketPort *p;
1836
1837 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1838 log_debug_unit(u->id, "Failed to parse special value %s", value);
1839 else {
1840
1841 LIST_FOREACH(port, p, s->ports)
1842 if (p->type == SOCKET_SPECIAL &&
1843 streq_ptr(p->path, value+skip))
1844 break;
1845
1846 if (p) {
1847 if (p->fd >= 0)
1848 close_nointr_nofail(p->fd);
1849 p->fd = fdset_remove(fds, fd);
1850 }
1851 }
1852
1853 } else if (streq(key, "mqueue")) {
1854 int fd, skip = 0;
1855 SocketPort *p;
1856
1857 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1858 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
1859 else {
1860
1861 LIST_FOREACH(port, p, s->ports)
1862 if (p->type == SOCKET_MQUEUE &&
1863 streq_ptr(p->path, value+skip))
1864 break;
1865
1866 if (p) {
1867 if (p->fd >= 0)
1868 close_nointr_nofail(p->fd);
1869 p->fd = fdset_remove(fds, fd);
1870 }
1871 }
1872
1873 } else if (streq(key, "socket")) {
1874 int fd, type, skip = 0;
1875 SocketPort *p;
1876
1877 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1878 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1879 else {
1880
1881 LIST_FOREACH(port, p, s->ports)
1882 if (socket_address_is(&p->address, value+skip, type))
1883 break;
1884
1885 if (p) {
1886 if (p->fd >= 0)
1887 close_nointr_nofail(p->fd);
1888 p->fd = fdset_remove(fds, fd);
1889 }
1890 }
1891
1892 } else if (streq(key, "netlink")) {
1893 int fd, skip = 0;
1894 SocketPort *p;
1895
1896 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1897 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1898 else {
1899
1900 LIST_FOREACH(port, p, s->ports)
1901 if (socket_address_is_netlink(&p->address, value+skip))
1902 break;
1903
1904 if (p) {
1905 if (p->fd >= 0)
1906 close_nointr_nofail(p->fd);
1907 p->fd = fdset_remove(fds, fd);
1908 }
1909 }
1910 } else
1911 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
1912
1913 return 0;
1914 }
1915
1916 static int socket_distribute_fds(Unit *u, FDSet *fds) {
1917 Socket *s = SOCKET(u);
1918 SocketPort *p;
1919
1920 assert(u);
1921
1922 LIST_FOREACH(port, p, s->ports) {
1923 Iterator i;
1924 int fd;
1925
1926 if (p->type != SOCKET_SOCKET)
1927 continue;
1928
1929 if (p->fd >= 0)
1930 continue;
1931
1932 FDSET_FOREACH(fd, fds, i) {
1933 if (socket_address_matches_fd(&p->address, fd)) {
1934 p->fd = fdset_remove(fds, fd);
1935 s->deserialized_state = SOCKET_LISTENING;
1936 break;
1937 }
1938 }
1939 }
1940
1941 return 0;
1942 }
1943
1944 _pure_ static UnitActiveState socket_active_state(Unit *u) {
1945 assert(u);
1946
1947 return state_translation_table[SOCKET(u)->state];
1948 }
1949
1950 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
1951 assert(u);
1952
1953 return socket_state_to_string(SOCKET(u)->state);
1954 }
1955
1956 const char* socket_port_type_to_string(SocketPort *p) {
1957
1958 assert(p);
1959
1960 switch (p->type) {
1961
1962 case SOCKET_SOCKET:
1963
1964 switch (p->address.type) {
1965
1966 case SOCK_STREAM:
1967 return "Stream";
1968
1969 case SOCK_DGRAM:
1970 return "Datagram";
1971
1972 case SOCK_SEQPACKET:
1973 return "SequentialPacket";
1974
1975 case SOCK_RAW:
1976 if (socket_address_family(&p->address) == AF_NETLINK)
1977 return "Netlink";
1978
1979 default:
1980 return NULL;
1981 }
1982
1983 case SOCKET_SPECIAL:
1984 return "Special";
1985
1986 case SOCKET_MQUEUE:
1987 return "MessageQueue";
1988
1989 case SOCKET_FIFO:
1990 return "FIFO";
1991
1992 default:
1993 return NULL;
1994 }
1995 }
1996
1997 _pure_ static bool socket_check_gc(Unit *u) {
1998 Socket *s = SOCKET(u);
1999
2000 assert(u);
2001
2002 return s->n_connections > 0;
2003 }
2004
2005 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2006 SocketPort *p = userdata;
2007 int cfd = -1;
2008
2009 assert(p);
2010 assert(fd >= 0);
2011
2012 if (p->socket->state != SOCKET_LISTENING)
2013 return 0;
2014
2015 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2016
2017 if (revents != EPOLLIN) {
2018
2019 if (revents & EPOLLHUP)
2020 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2021 UNIT(p->socket)->id);
2022 else
2023 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2024 UNIT(p->socket)->id, revents);
2025
2026 goto fail;
2027 }
2028
2029 if (p->socket->accept &&
2030 p->type == SOCKET_SOCKET &&
2031 socket_address_can_accept(&p->address)) {
2032
2033 for (;;) {
2034
2035 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2036 if (cfd < 0) {
2037
2038 if (errno == EINTR)
2039 continue;
2040
2041 log_error_unit(UNIT(p->socket)->id,
2042 "Failed to accept socket: %m");
2043 goto fail;
2044 }
2045
2046 break;
2047 }
2048
2049 socket_apply_socket_options(p->socket, cfd);
2050 }
2051
2052 socket_enter_running(p->socket, cfd);
2053 return 0;
2054
2055 fail:
2056 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2057 return 0;
2058 }
2059
2060 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2061 Socket *s = SOCKET(u);
2062 SocketResult f;
2063
2064 assert(s);
2065 assert(pid >= 0);
2066
2067 if (pid != s->control_pid)
2068 return;
2069
2070 s->control_pid = 0;
2071
2072 if (is_clean_exit(code, status, NULL))
2073 f = SOCKET_SUCCESS;
2074 else if (code == CLD_EXITED)
2075 f = SOCKET_FAILURE_EXIT_CODE;
2076 else if (code == CLD_KILLED)
2077 f = SOCKET_FAILURE_SIGNAL;
2078 else if (code == CLD_DUMPED)
2079 f = SOCKET_FAILURE_CORE_DUMP;
2080 else
2081 assert_not_reached("Unknown code");
2082
2083 if (s->control_command) {
2084 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2085
2086 if (s->control_command->ignore)
2087 f = SOCKET_SUCCESS;
2088 }
2089
2090 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2091 u->id,
2092 "%s control process exited, code=%s status=%i",
2093 u->id, sigchld_code_to_string(code), status);
2094
2095 if (f != SOCKET_SUCCESS)
2096 s->result = f;
2097
2098 if (s->control_command &&
2099 s->control_command->command_next &&
2100 f == SOCKET_SUCCESS) {
2101
2102 log_debug_unit(u->id,
2103 "%s running next command for state %s",
2104 u->id, socket_state_to_string(s->state));
2105 socket_run_next(s);
2106 } else {
2107 s->control_command = NULL;
2108 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2109
2110 /* No further commands for this step, so let's figure
2111 * out what to do next */
2112
2113 log_debug_unit(u->id,
2114 "%s got final SIGCHLD for state %s",
2115 u->id, socket_state_to_string(s->state));
2116
2117 switch (s->state) {
2118
2119 case SOCKET_START_PRE:
2120 if (f == SOCKET_SUCCESS)
2121 socket_enter_start_post(s);
2122 else
2123 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2124 break;
2125
2126 case SOCKET_START_POST:
2127 if (f == SOCKET_SUCCESS)
2128 socket_enter_listening(s);
2129 else
2130 socket_enter_stop_pre(s, f);
2131 break;
2132
2133 case SOCKET_STOP_PRE:
2134 case SOCKET_STOP_PRE_SIGTERM:
2135 case SOCKET_STOP_PRE_SIGKILL:
2136 socket_enter_stop_post(s, f);
2137 break;
2138
2139 case SOCKET_STOP_POST:
2140 case SOCKET_FINAL_SIGTERM:
2141 case SOCKET_FINAL_SIGKILL:
2142 socket_enter_dead(s, f);
2143 break;
2144
2145 default:
2146 assert_not_reached("Uh, control process died at wrong time.");
2147 }
2148 }
2149
2150 /* Notify clients about changed exit status */
2151 unit_add_to_dbus_queue(u);
2152 }
2153
2154 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2155 Socket *s = SOCKET(userdata);
2156
2157 assert(s);
2158 assert(s->timer_event_source == source);
2159
2160 switch (s->state) {
2161
2162 case SOCKET_START_PRE:
2163 log_warning_unit(UNIT(s)->id,
2164 "%s starting timed out. Terminating.", UNIT(s)->id);
2165 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2166 break;
2167
2168 case SOCKET_START_POST:
2169 log_warning_unit(UNIT(s)->id,
2170 "%s starting timed out. Stopping.", UNIT(s)->id);
2171 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2172 break;
2173
2174 case SOCKET_STOP_PRE:
2175 log_warning_unit(UNIT(s)->id,
2176 "%s stopping timed out. Terminating.", UNIT(s)->id);
2177 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2178 break;
2179
2180 case SOCKET_STOP_PRE_SIGTERM:
2181 if (s->kill_context.send_sigkill) {
2182 log_warning_unit(UNIT(s)->id,
2183 "%s stopping timed out. Killing.", UNIT(s)->id);
2184 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2185 } else {
2186 log_warning_unit(UNIT(s)->id,
2187 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2188 UNIT(s)->id);
2189 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2190 }
2191 break;
2192
2193 case SOCKET_STOP_PRE_SIGKILL:
2194 log_warning_unit(UNIT(s)->id,
2195 "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2196 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2197 break;
2198
2199 case SOCKET_STOP_POST:
2200 log_warning_unit(UNIT(s)->id,
2201 "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2202 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2203 break;
2204
2205 case SOCKET_FINAL_SIGTERM:
2206 if (s->kill_context.send_sigkill) {
2207 log_warning_unit(UNIT(s)->id,
2208 "%s stopping timed out (2). Killing.", UNIT(s)->id);
2209 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2210 } else {
2211 log_warning_unit(UNIT(s)->id,
2212 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2213 UNIT(s)->id);
2214 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2215 }
2216 break;
2217
2218 case SOCKET_FINAL_SIGKILL:
2219 log_warning_unit(UNIT(s)->id,
2220 "%s still around after SIGKILL (2). Entering failed mode.",
2221 UNIT(s)->id);
2222 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2223 break;
2224
2225 default:
2226 assert_not_reached("Timeout at wrong time.");
2227 }
2228
2229 return 0;
2230 }
2231
2232 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2233 int *rfds;
2234 unsigned rn_fds, k;
2235 SocketPort *p;
2236
2237 assert(s);
2238 assert(fds);
2239 assert(n_fds);
2240
2241 /* Called from the service code for requesting our fds */
2242
2243 rn_fds = 0;
2244 LIST_FOREACH(port, p, s->ports)
2245 if (p->fd >= 0)
2246 rn_fds++;
2247
2248 if (rn_fds <= 0) {
2249 *fds = NULL;
2250 *n_fds = 0;
2251 return 0;
2252 }
2253
2254 if (!(rfds = new(int, rn_fds)))
2255 return -ENOMEM;
2256
2257 k = 0;
2258 LIST_FOREACH(port, p, s->ports)
2259 if (p->fd >= 0)
2260 rfds[k++] = p->fd;
2261
2262 assert(k == rn_fds);
2263
2264 *fds = rfds;
2265 *n_fds = rn_fds;
2266
2267 return 0;
2268 }
2269
2270 static void socket_reset_failed(Unit *u) {
2271 Socket *s = SOCKET(u);
2272
2273 assert(s);
2274
2275 if (s->state == SOCKET_FAILED)
2276 socket_set_state(s, SOCKET_DEAD);
2277
2278 s->result = SOCKET_SUCCESS;
2279 }
2280
2281 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2282 assert(s);
2283
2284 /* The service is dead. Dang!
2285 *
2286 * This is strictly for one-instance-for-all-connections
2287 * services. */
2288
2289 if (s->state == SOCKET_RUNNING) {
2290 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2291 if (failed_permanent)
2292 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2293 else
2294 socket_enter_listening(s);
2295 }
2296 }
2297
2298 void socket_connection_unref(Socket *s) {
2299 assert(s);
2300
2301 /* The service is dead. Yay!
2302 *
2303 * This is strictly for one-instance-per-connection
2304 * services. */
2305
2306 assert(s->n_connections > 0);
2307 s->n_connections--;
2308
2309 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2310 }
2311
2312 static void socket_trigger_notify(Unit *u, Unit *other) {
2313 Socket *s = SOCKET(u);
2314 Service *se;
2315
2316 assert(u);
2317 assert(other);
2318
2319 /* Don't propagate state changes from the service if we are
2320 already down or accepting connections */
2321 if ((s->state != SOCKET_RUNNING &&
2322 s->state != SOCKET_LISTENING) ||
2323 s->accept)
2324 return;
2325
2326 if (other->load_state != UNIT_LOADED ||
2327 other->type != UNIT_SERVICE)
2328 return;
2329
2330 se = SERVICE(other);
2331
2332 if (se->state == SERVICE_FAILED)
2333 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2334
2335 if (se->state == SERVICE_DEAD ||
2336 se->state == SERVICE_STOP ||
2337 se->state == SERVICE_STOP_SIGTERM ||
2338 se->state == SERVICE_STOP_SIGKILL ||
2339 se->state == SERVICE_STOP_POST ||
2340 se->state == SERVICE_FINAL_SIGTERM ||
2341 se->state == SERVICE_FINAL_SIGKILL ||
2342 se->state == SERVICE_AUTO_RESTART)
2343 socket_notify_service_dead(s, false);
2344
2345 if (se->state == SERVICE_RUNNING)
2346 socket_set_state(s, SOCKET_RUNNING);
2347 }
2348
2349 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2350 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2351 }
2352
2353 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2354 Socket *s = SOCKET(u);
2355 int r;
2356
2357 if (!s->timer_event_source)
2358 return 0;
2359
2360 r = sd_event_source_get_time(s->timer_event_source, timeout);
2361 if (r < 0)
2362 return r;
2363
2364 return 1;
2365 }
2366
2367 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2368 [SOCKET_DEAD] = "dead",
2369 [SOCKET_START_PRE] = "start-pre",
2370 [SOCKET_START_POST] = "start-post",
2371 [SOCKET_LISTENING] = "listening",
2372 [SOCKET_RUNNING] = "running",
2373 [SOCKET_STOP_PRE] = "stop-pre",
2374 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2375 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2376 [SOCKET_STOP_POST] = "stop-post",
2377 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2378 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2379 [SOCKET_FAILED] = "failed"
2380 };
2381
2382 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2383
2384 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2385 [SOCKET_EXEC_START_PRE] = "StartPre",
2386 [SOCKET_EXEC_START_POST] = "StartPost",
2387 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2388 [SOCKET_EXEC_STOP_POST] = "StopPost"
2389 };
2390
2391 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2392
2393 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2394 [SOCKET_SUCCESS] = "success",
2395 [SOCKET_FAILURE_RESOURCES] = "resources",
2396 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2397 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2398 [SOCKET_FAILURE_SIGNAL] = "signal",
2399 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2400 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2401 };
2402
2403 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2404
2405 const UnitVTable socket_vtable = {
2406 .object_size = sizeof(Socket),
2407 .exec_context_offset = offsetof(Socket, exec_context),
2408 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2409 .kill_context_offset = offsetof(Socket, kill_context),
2410 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2411
2412 .sections =
2413 "Unit\0"
2414 "Socket\0"
2415 "Install\0",
2416 .private_section = "Socket",
2417
2418 .init = socket_init,
2419 .done = socket_done,
2420 .load = socket_load,
2421
2422 .coldplug = socket_coldplug,
2423
2424 .dump = socket_dump,
2425
2426 .start = socket_start,
2427 .stop = socket_stop,
2428
2429 .kill = socket_kill,
2430
2431 .get_timeout = socket_get_timeout,
2432
2433 .serialize = socket_serialize,
2434 .deserialize_item = socket_deserialize_item,
2435 .distribute_fds = socket_distribute_fds,
2436
2437 .active_state = socket_active_state,
2438 .sub_state_to_string = socket_sub_state_to_string,
2439
2440 .check_gc = socket_check_gc,
2441
2442 .sigchld_event = socket_sigchld_event,
2443
2444 .trigger_notify = socket_trigger_notify,
2445
2446 .reset_failed = socket_reset_failed,
2447
2448 .bus_interface = "org.freedesktop.systemd1.Socket",
2449 .bus_vtable = bus_socket_vtable,
2450 .bus_set_property = bus_socket_set_property,
2451 .bus_commit_properties = bus_socket_commit_properties,
2452
2453 .status_message_formats = {
2454 /*.starting_stopping = {
2455 [0] = "Starting socket %s...",
2456 [1] = "Stopping socket %s...",
2457 },*/
2458 .finished_start_job = {
2459 [JOB_DONE] = "Listening on %s.",
2460 [JOB_FAILED] = "Failed to listen on %s.",
2461 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2462 [JOB_TIMEOUT] = "Timed out starting %s.",
2463 },
2464 .finished_stop_job = {
2465 [JOB_DONE] = "Closed %s.",
2466 [JOB_FAILED] = "Failed stopping %s.",
2467 [JOB_TIMEOUT] = "Timed out stopping %s.",
2468 },
2469 },
2470 };
Unnamed repository; edit this file 'description' to name the repository.