]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bus: when a busname unit refuses to activate a service it should flush the queue
[thirdparty/systemd.git] / src / core / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
31 #include <mqueue.h>
32 #ifdef HAVE_XATTR
33 #include <attr/xattr.h>
34 #endif
35
36 #include "sd-event.h"
37 #include "log.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
40 #include "strv.h"
41 #include "mkdir.h"
42 #include "path-util.h"
43 #include "unit-name.h"
44 #include "unit-printf.h"
45 #include "missing.h"
46 #include "special.h"
47 #include "label.h"
48 #include "exit-status.h"
49 #include "def.h"
50 #include "smack-util.h"
51 #include "bus-util.h"
52 #include "bus-error.h"
53 #include "dbus-socket.h"
54 #include "unit.h"
55 #include "socket.h"
56
57 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
58 [SOCKET_DEAD] = UNIT_INACTIVE,
59 [SOCKET_START_PRE] = UNIT_ACTIVATING,
60 [SOCKET_START_POST] = UNIT_ACTIVATING,
61 [SOCKET_LISTENING] = UNIT_ACTIVE,
62 [SOCKET_RUNNING] = UNIT_ACTIVE,
63 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
66 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
68 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
69 [SOCKET_FAILED] = UNIT_FAILED
70 };
71
72 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
73 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74
75 static void socket_init(Unit *u) {
76 Socket *s = SOCKET(u);
77
78 assert(u);
79 assert(u->load_state == UNIT_STUB);
80
81 s->backlog = SOMAXCONN;
82 s->timeout_usec = u->manager->default_timeout_start_usec;
83 s->directory_mode = 0755;
84 s->socket_mode = 0666;
85
86 s->max_connections = 64;
87
88 s->priority = -1;
89 s->ip_tos = -1;
90 s->ip_ttl = -1;
91 s->mark = -1;
92
93 exec_context_init(&s->exec_context);
94 s->exec_context.std_output = u->manager->default_std_output;
95 s->exec_context.std_error = u->manager->default_std_error;
96 kill_context_init(&s->kill_context);
97 cgroup_context_init(&s->cgroup_context);
98
99 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
100 }
101
102 static void socket_unwatch_control_pid(Socket *s) {
103 assert(s);
104
105 if (s->control_pid <= 0)
106 return;
107
108 unit_unwatch_pid(UNIT(s), s->control_pid);
109 s->control_pid = 0;
110 }
111
112 void socket_free_ports(Socket *s) {
113 SocketPort *p;
114
115 assert(s);
116
117 while ((p = s->ports)) {
118 LIST_REMOVE(port, s->ports, p);
119
120 sd_event_source_unref(p->event_source);
121
122 if (p->fd >= 0)
123 close_nointr_nofail(p->fd);
124
125 free(p->path);
126 free(p);
127 }
128 }
129
130 static void socket_done(Unit *u) {
131 Socket *s = SOCKET(u);
132
133 assert(s);
134
135 socket_free_ports(s);
136
137 cgroup_context_done(&s->cgroup_context);
138 exec_context_done(&s->exec_context);
139 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
140 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
141 s->control_command = NULL;
142
143 socket_unwatch_control_pid(s);
144
145 unit_ref_unset(&s->service);
146
147 free(s->tcp_congestion);
148 s->tcp_congestion = NULL;
149
150 free(s->bind_to_device);
151 s->bind_to_device = NULL;
152
153 free(s->smack);
154 free(s->smack_ip_in);
155 free(s->smack_ip_out);
156
157 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
158 }
159
160 static int socket_arm_timer(Socket *s) {
161 int r;
162
163 assert(s);
164
165 if (s->timeout_usec <= 0) {
166 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 return 0;
168 }
169
170 if (s->timer_event_source) {
171 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 if (r < 0)
173 return r;
174
175 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
176 }
177
178 return sd_event_add_monotonic(UNIT(s)->manager->event, now(CLOCK_MONOTONIC) + s->timeout_usec, 0, socket_dispatch_timer, s, &s->timer_event_source);
179 }
180
181 static int socket_instantiate_service(Socket *s) {
182 char *prefix, *name;
183 int r;
184 Unit *u;
185
186 assert(s);
187
188 /* This fills in s->service if it isn't filled in yet. For
189 * Accept=yes sockets we create the next connection service
190 * here. For Accept=no this is mostly a NOP since the service
191 * is figured out at load time anyway. */
192
193 if (UNIT_DEREF(s->service))
194 return 0;
195
196 assert(s->accept);
197
198 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
199 return -ENOMEM;
200
201 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
202 free(prefix);
203
204 if (r < 0)
205 return -ENOMEM;
206
207 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
208 free(name);
209
210 if (r < 0)
211 return r;
212
213 #ifdef HAVE_SYSV_COMPAT
214 if (SERVICE(u)->is_sysv) {
215 log_error("Using SysV services for socket activation is not supported. Refusing.");
216 return -ENOENT;
217 }
218 #endif
219
220 u->no_gc = true;
221 unit_ref_set(&s->service, u);
222
223 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
224 }
225
226 static bool have_non_accept_socket(Socket *s) {
227 SocketPort *p;
228
229 assert(s);
230
231 if (!s->accept)
232 return true;
233
234 LIST_FOREACH(port, p, s->ports) {
235
236 if (p->type != SOCKET_SOCKET)
237 return true;
238
239 if (!socket_address_can_accept(&p->address))
240 return true;
241 }
242
243 return false;
244 }
245
246 static int socket_add_mount_links(Socket *s) {
247 SocketPort *p;
248 int r;
249
250 assert(s);
251
252 LIST_FOREACH(port, p, s->ports) {
253 const char *path = NULL;
254
255 if (p->type == SOCKET_SOCKET)
256 path = socket_address_get_path(&p->address);
257 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
258 path = p->path;
259
260 if (!path)
261 continue;
262
263 r = unit_require_mounts_for(UNIT(s), path);
264 if (r < 0)
265 return r;
266 }
267
268 return 0;
269 }
270
271 static int socket_add_device_link(Socket *s) {
272 char *t;
273
274 assert(s);
275
276 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
277 return 0;
278
279 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
280 return unit_add_node_link(UNIT(s), t, false);
281 }
282
283 static int socket_add_default_dependencies(Socket *s) {
284 int r;
285 assert(s);
286
287 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
288 if (r < 0)
289 return r;
290
291 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
292 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
293 if (r < 0)
294 return r;
295 }
296
297 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
298 }
299
300 _pure_ static bool socket_has_exec(Socket *s) {
301 unsigned i;
302 assert(s);
303
304 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
305 if (s->exec_command[i])
306 return true;
307
308 return false;
309 }
310
311 static int socket_add_extras(Socket *s) {
312 Unit *u = UNIT(s);
313 int r;
314
315 assert(s);
316
317 if (have_non_accept_socket(s)) {
318
319 if (!UNIT_DEREF(s->service)) {
320 Unit *x;
321
322 r = unit_load_related_unit(u, ".service", &x);
323 if (r < 0)
324 return r;
325
326 unit_ref_set(&s->service, x);
327 }
328
329 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
330 if (r < 0)
331 return r;
332 }
333
334 r = socket_add_mount_links(s);
335 if (r < 0)
336 return r;
337
338 r = socket_add_device_link(s);
339 if (r < 0)
340 return r;
341
342 r = unit_exec_context_defaults(u, &s->exec_context);
343 if (r < 0)
344 return r;
345
346 if (socket_has_exec(s)) {
347 r = unit_add_exec_dependencies(u, &s->exec_context);
348 if (r < 0)
349 return r;
350
351 r = unit_add_default_slice(u);
352 if (r < 0)
353 return r;
354 }
355
356 if (u->default_dependencies) {
357 r = socket_add_default_dependencies(s);
358 if (r < 0)
359 return r;
360 }
361
362 return 0;
363 }
364
365 static int socket_verify(Socket *s) {
366 assert(s);
367
368 if (UNIT(s)->load_state != UNIT_LOADED)
369 return 0;
370
371 if (!s->ports) {
372 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
373 return -EINVAL;
374 }
375
376 if (s->accept && have_non_accept_socket(s)) {
377 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
378 UNIT(s)->id);
379 return -EINVAL;
380 }
381
382 if (s->accept && s->max_connections <= 0) {
383 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
384 return -EINVAL;
385 }
386
387 if (s->accept && UNIT_DEREF(s->service)) {
388 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
389 return -EINVAL;
390 }
391
392 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
393 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
394 return -EINVAL;
395 }
396
397 return 0;
398 }
399
400 static int socket_load(Unit *u) {
401 Socket *s = SOCKET(u);
402 int r;
403
404 assert(u);
405 assert(u->load_state == UNIT_STUB);
406
407 r = unit_load_fragment_and_dropin(u);
408 if (r < 0)
409 return r;
410
411 if (u->load_state == UNIT_LOADED) {
412 /* This is a new unit? Then let's add in some extras */
413 r = socket_add_extras(s);
414 if (r < 0)
415 return r;
416 }
417
418 return socket_verify(s);
419 }
420
421 _const_ static const char* listen_lookup(int family, int type) {
422
423 if (family == AF_NETLINK)
424 return "ListenNetlink";
425
426 if (type == SOCK_STREAM)
427 return "ListenStream";
428 else if (type == SOCK_DGRAM)
429 return "ListenDatagram";
430 else if (type == SOCK_SEQPACKET)
431 return "ListenSequentialPacket";
432
433 assert_not_reached("Unknown socket type");
434 return NULL;
435 }
436
437 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
438 SocketExecCommand c;
439 Socket *s = SOCKET(u);
440 SocketPort *p;
441 const char *prefix2;
442
443 assert(s);
444 assert(f);
445
446 prefix2 = strappenda(prefix, "\t");
447
448 fprintf(f,
449 "%sSocket State: %s\n"
450 "%sResult: %s\n"
451 "%sBindIPv6Only: %s\n"
452 "%sBacklog: %u\n"
453 "%sSocketMode: %04o\n"
454 "%sDirectoryMode: %04o\n"
455 "%sKeepAlive: %s\n"
456 "%sFreeBind: %s\n"
457 "%sTransparent: %s\n"
458 "%sBroadcast: %s\n"
459 "%sPassCredentials: %s\n"
460 "%sPassSecurity: %s\n"
461 "%sTCPCongestion: %s\n",
462 prefix, socket_state_to_string(s->state),
463 prefix, socket_result_to_string(s->result),
464 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
465 prefix, s->backlog,
466 prefix, s->socket_mode,
467 prefix, s->directory_mode,
468 prefix, yes_no(s->keep_alive),
469 prefix, yes_no(s->free_bind),
470 prefix, yes_no(s->transparent),
471 prefix, yes_no(s->broadcast),
472 prefix, yes_no(s->pass_cred),
473 prefix, yes_no(s->pass_sec),
474 prefix, strna(s->tcp_congestion));
475
476 if (s->control_pid > 0)
477 fprintf(f,
478 "%sControl PID: %lu\n",
479 prefix, (unsigned long) s->control_pid);
480
481 if (s->bind_to_device)
482 fprintf(f,
483 "%sBindToDevice: %s\n",
484 prefix, s->bind_to_device);
485
486 if (s->accept)
487 fprintf(f,
488 "%sAccepted: %u\n"
489 "%sNConnections: %u\n"
490 "%sMaxConnections: %u\n",
491 prefix, s->n_accepted,
492 prefix, s->n_connections,
493 prefix, s->max_connections);
494
495 if (s->priority >= 0)
496 fprintf(f,
497 "%sPriority: %i\n",
498 prefix, s->priority);
499
500 if (s->receive_buffer > 0)
501 fprintf(f,
502 "%sReceiveBuffer: %zu\n",
503 prefix, s->receive_buffer);
504
505 if (s->send_buffer > 0)
506 fprintf(f,
507 "%sSendBuffer: %zu\n",
508 prefix, s->send_buffer);
509
510 if (s->ip_tos >= 0)
511 fprintf(f,
512 "%sIPTOS: %i\n",
513 prefix, s->ip_tos);
514
515 if (s->ip_ttl >= 0)
516 fprintf(f,
517 "%sIPTTL: %i\n",
518 prefix, s->ip_ttl);
519
520 if (s->pipe_size > 0)
521 fprintf(f,
522 "%sPipeSize: %zu\n",
523 prefix, s->pipe_size);
524
525 if (s->mark >= 0)
526 fprintf(f,
527 "%sMark: %i\n",
528 prefix, s->mark);
529
530 if (s->mq_maxmsg > 0)
531 fprintf(f,
532 "%sMessageQueueMaxMessages: %li\n",
533 prefix, s->mq_maxmsg);
534
535 if (s->mq_msgsize > 0)
536 fprintf(f,
537 "%sMessageQueueMessageSize: %li\n",
538 prefix, s->mq_msgsize);
539
540 if (s->reuse_port)
541 fprintf(f,
542 "%sReusePort: %s\n",
543 prefix, yes_no(s->reuse_port));
544
545 if (s->smack)
546 fprintf(f,
547 "%sSmackLabel: %s\n",
548 prefix, s->smack);
549
550 if (s->smack_ip_in)
551 fprintf(f,
552 "%sSmackLabelIPIn: %s\n",
553 prefix, s->smack_ip_in);
554
555 if (s->smack_ip_out)
556 fprintf(f,
557 "%sSmackLabelIPOut: %s\n",
558 prefix, s->smack_ip_out);
559
560 LIST_FOREACH(port, p, s->ports) {
561
562 if (p->type == SOCKET_SOCKET) {
563 const char *t;
564 int r;
565 char *k = NULL;
566
567 if ((r = socket_address_print(&p->address, &k)) < 0)
568 t = strerror(-r);
569 else
570 t = k;
571
572 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
573 free(k);
574 } else if (p->type == SOCKET_SPECIAL)
575 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
576 else if (p->type == SOCKET_MQUEUE)
577 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
578 else
579 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
580 }
581
582 exec_context_dump(&s->exec_context, f, prefix);
583 kill_context_dump(&s->kill_context, f, prefix);
584
585 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
586 if (!s->exec_command[c])
587 continue;
588
589 fprintf(f, "%s-> %s:\n",
590 prefix, socket_exec_command_to_string(c));
591
592 exec_command_dump_list(s->exec_command[c], f, prefix2);
593 }
594 }
595
596 static int instance_from_socket(int fd, unsigned nr, char **instance) {
597 socklen_t l;
598 char *r;
599 union {
600 struct sockaddr sa;
601 struct sockaddr_un un;
602 struct sockaddr_in in;
603 struct sockaddr_in6 in6;
604 struct sockaddr_storage storage;
605 } local, remote;
606
607 assert(fd >= 0);
608 assert(instance);
609
610 l = sizeof(local);
611 if (getsockname(fd, &local.sa, &l) < 0)
612 return -errno;
613
614 l = sizeof(remote);
615 if (getpeername(fd, &remote.sa, &l) < 0)
616 return -errno;
617
618 switch (local.sa.sa_family) {
619
620 case AF_INET: {
621 uint32_t
622 a = ntohl(local.in.sin_addr.s_addr),
623 b = ntohl(remote.in.sin_addr.s_addr);
624
625 if (asprintf(&r,
626 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
627 nr,
628 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
629 ntohs(local.in.sin_port),
630 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
631 ntohs(remote.in.sin_port)) < 0)
632 return -ENOMEM;
633
634 break;
635 }
636
637 case AF_INET6: {
638 static const unsigned char ipv4_prefix[] = {
639 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
640 };
641
642 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
643 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
644 const uint8_t
645 *a = local.in6.sin6_addr.s6_addr+12,
646 *b = remote.in6.sin6_addr.s6_addr+12;
647
648 if (asprintf(&r,
649 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
650 nr,
651 a[0], a[1], a[2], a[3],
652 ntohs(local.in6.sin6_port),
653 b[0], b[1], b[2], b[3],
654 ntohs(remote.in6.sin6_port)) < 0)
655 return -ENOMEM;
656 } else {
657 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
658
659 if (asprintf(&r,
660 "%u-%s:%u-%s:%u",
661 nr,
662 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
663 ntohs(local.in6.sin6_port),
664 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
665 ntohs(remote.in6.sin6_port)) < 0)
666 return -ENOMEM;
667 }
668
669 break;
670 }
671
672 case AF_UNIX: {
673 struct ucred ucred;
674
675 l = sizeof(ucred);
676 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
677 return -errno;
678
679 if (asprintf(&r,
680 "%u-%lu-%lu",
681 nr,
682 (unsigned long) ucred.pid,
683 (unsigned long) ucred.uid) < 0)
684 return -ENOMEM;
685
686 break;
687 }
688
689 default:
690 assert_not_reached("Unhandled socket type.");
691 }
692
693 *instance = r;
694 return 0;
695 }
696
697 static void socket_close_fds(Socket *s) {
698 SocketPort *p;
699
700 assert(s);
701
702 LIST_FOREACH(port, p, s->ports) {
703
704 p->event_source = sd_event_source_unref(p->event_source);
705
706 if (p->fd < 0)
707 continue;
708
709 close_nointr_nofail(p->fd);
710
711 /* One little note: we should never delete any sockets
712 * in the file system here! After all some other
713 * process we spawned might still have a reference of
714 * this fd and wants to continue to use it. Therefore
715 * we delete sockets in the file system before we
716 * create a new one, not after we stopped using
717 * one! */
718
719 p->fd = -1;
720 }
721 }
722
723 static void socket_apply_socket_options(Socket *s, int fd) {
724 assert(s);
725 assert(fd >= 0);
726
727 if (s->keep_alive) {
728 int b = s->keep_alive;
729 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
730 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
731 }
732
733 if (s->broadcast) {
734 int one = 1;
735 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
736 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
737 }
738
739 if (s->pass_cred) {
740 int one = 1;
741 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
742 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
743 }
744
745 if (s->pass_sec) {
746 int one = 1;
747 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
748 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
749 }
750
751 if (s->priority >= 0)
752 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
753 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
754
755 if (s->receive_buffer > 0) {
756 int value = (int) s->receive_buffer;
757
758 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
759
760 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
761 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
762 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
763 }
764
765 if (s->send_buffer > 0) {
766 int value = (int) s->send_buffer;
767 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
768 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
769 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
770 }
771
772 if (s->mark >= 0)
773 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
774 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
775
776 if (s->ip_tos >= 0)
777 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
778 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
779
780 if (s->ip_ttl >= 0) {
781 int r, x;
782
783 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
784
785 if (socket_ipv6_is_supported())
786 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
787 else {
788 x = -1;
789 errno = EAFNOSUPPORT;
790 }
791
792 if (r < 0 && x < 0)
793 log_warning_unit(UNIT(s)->id,
794 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
795 }
796
797 if (s->tcp_congestion)
798 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
799 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
800
801 if (s->reuse_port) {
802 int b = s->reuse_port;
803 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
804 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
805 }
806
807 if (s->smack_ip_in)
808 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
809 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
810
811 if (s->smack_ip_out)
812 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
813 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
814 }
815
816 static void socket_apply_fifo_options(Socket *s, int fd) {
817 assert(s);
818 assert(fd >= 0);
819
820 if (s->pipe_size > 0)
821 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
822 log_warning_unit(UNIT(s)->id,
823 "F_SETPIPE_SZ: %m");
824
825 if (s->smack)
826 if (smack_label_fd(fd, s->smack) < 0)
827 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
828 }
829
830 static int fifo_address_create(
831 const char *path,
832 mode_t directory_mode,
833 mode_t socket_mode,
834 int *_fd) {
835
836 int fd = -1, r = 0;
837 struct stat st;
838 mode_t old_mask;
839
840 assert(path);
841 assert(_fd);
842
843 mkdir_parents_label(path, directory_mode);
844
845 r = label_context_set(path, S_IFIFO);
846 if (r < 0)
847 goto fail;
848
849 /* Enforce the right access mode for the fifo */
850 old_mask = umask(~ socket_mode);
851
852 /* Include the original umask in our mask */
853 umask(~socket_mode | old_mask);
854
855 r = mkfifo(path, socket_mode);
856 umask(old_mask);
857
858 if (r < 0 && errno != EEXIST) {
859 r = -errno;
860 goto fail;
861 }
862
863 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
864 r = -errno;
865 goto fail;
866 }
867
868 label_context_clear();
869
870 if (fstat(fd, &st) < 0) {
871 r = -errno;
872 goto fail;
873 }
874
875 if (!S_ISFIFO(st.st_mode) ||
876 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
877 st.st_uid != getuid() ||
878 st.st_gid != getgid()) {
879
880 r = -EEXIST;
881 goto fail;
882 }
883
884 *_fd = fd;
885 return 0;
886
887 fail:
888 label_context_clear();
889
890 if (fd >= 0)
891 close_nointr_nofail(fd);
892
893 return r;
894 }
895
896 static int special_address_create(
897 const char *path,
898 int *_fd) {
899
900 int fd = -1, r = 0;
901 struct stat st;
902
903 assert(path);
904 assert(_fd);
905
906 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
907 r = -errno;
908 goto fail;
909 }
910
911 if (fstat(fd, &st) < 0) {
912 r = -errno;
913 goto fail;
914 }
915
916 /* Check whether this is a /proc, /sys or /dev file or char device */
917 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
918 r = -EEXIST;
919 goto fail;
920 }
921
922 *_fd = fd;
923 return 0;
924
925 fail:
926 if (fd >= 0)
927 close_nointr_nofail(fd);
928
929 return r;
930 }
931
932 static int mq_address_create(
933 const char *path,
934 mode_t mq_mode,
935 long maxmsg,
936 long msgsize,
937 int *_fd) {
938
939 int fd = -1, r = 0;
940 struct stat st;
941 mode_t old_mask;
942 struct mq_attr _attr, *attr = NULL;
943
944 assert(path);
945 assert(_fd);
946
947 if (maxmsg > 0 && msgsize > 0) {
948 zero(_attr);
949 _attr.mq_flags = O_NONBLOCK;
950 _attr.mq_maxmsg = maxmsg;
951 _attr.mq_msgsize = msgsize;
952 attr = &_attr;
953 }
954
955 /* Enforce the right access mode for the mq */
956 old_mask = umask(~ mq_mode);
957
958 /* Include the original umask in our mask */
959 umask(~mq_mode | old_mask);
960
961 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
962 umask(old_mask);
963
964 if (fd < 0) {
965 r = -errno;
966 goto fail;
967 }
968
969 if (fstat(fd, &st) < 0) {
970 r = -errno;
971 goto fail;
972 }
973
974 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
975 st.st_uid != getuid() ||
976 st.st_gid != getgid()) {
977
978 r = -EEXIST;
979 goto fail;
980 }
981
982 *_fd = fd;
983 return 0;
984
985 fail:
986 if (fd >= 0)
987 close_nointr_nofail(fd);
988
989 return r;
990 }
991
992 static int socket_open_fds(Socket *s) {
993 SocketPort *p;
994 int r;
995 char *label = NULL;
996 bool know_label = false;
997
998 assert(s);
999
1000 LIST_FOREACH(port, p, s->ports) {
1001
1002 if (p->fd >= 0)
1003 continue;
1004
1005 if (p->type == SOCKET_SOCKET) {
1006
1007 if (!know_label) {
1008
1009 if ((r = socket_instantiate_service(s)) < 0)
1010 return r;
1011
1012 if (UNIT_ISSET(s->service) &&
1013 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1014 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1015
1016 if (r < 0) {
1017 if (r != -EPERM)
1018 return r;
1019 }
1020 }
1021
1022 know_label = true;
1023 }
1024
1025 r = socket_address_listen(
1026 &p->address,
1027 SOCK_CLOEXEC|SOCK_NONBLOCK,
1028 s->backlog,
1029 s->bind_ipv6_only,
1030 s->bind_to_device,
1031 s->free_bind,
1032 s->transparent,
1033 s->directory_mode,
1034 s->socket_mode,
1035 label);
1036 if (r < 0)
1037 goto rollback;
1038
1039 p->fd = r;
1040 socket_apply_socket_options(s, p->fd);
1041
1042 } else if (p->type == SOCKET_SPECIAL) {
1043
1044 r = special_address_create(
1045 p->path,
1046 &p->fd);
1047 if (r < 0)
1048 goto rollback;
1049
1050 } else if (p->type == SOCKET_FIFO) {
1051
1052 r = fifo_address_create(
1053 p->path,
1054 s->directory_mode,
1055 s->socket_mode,
1056 &p->fd);
1057 if (r < 0)
1058 goto rollback;
1059
1060 socket_apply_fifo_options(s, p->fd);
1061 } else if (p->type == SOCKET_MQUEUE) {
1062
1063 r = mq_address_create(
1064 p->path,
1065 s->socket_mode,
1066 s->mq_maxmsg,
1067 s->mq_msgsize,
1068 &p->fd);
1069 if (r < 0)
1070 goto rollback;
1071 } else
1072 assert_not_reached("Unknown port type");
1073 }
1074
1075 label_free(label);
1076 return 0;
1077
1078 rollback:
1079 socket_close_fds(s);
1080 label_free(label);
1081 return r;
1082 }
1083
1084 static void socket_unwatch_fds(Socket *s) {
1085 SocketPort *p;
1086 int r;
1087
1088 assert(s);
1089
1090 LIST_FOREACH(port, p, s->ports) {
1091 if (p->fd < 0)
1092 continue;
1093
1094 if (p->event_source) {
1095 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1096 if (r < 0)
1097 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1098 }
1099 }
1100 }
1101
1102 static int socket_watch_fds(Socket *s) {
1103 SocketPort *p;
1104 int r;
1105
1106 assert(s);
1107
1108 LIST_FOREACH(port, p, s->ports) {
1109 if (p->fd < 0)
1110 continue;
1111
1112 if (p->event_source)
1113 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1114 else
1115 r = sd_event_add_io(UNIT(s)->manager->event, p->fd, EPOLLIN, socket_dispatch_io, p, &p->event_source);
1116
1117 if (r < 0) {
1118 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1119 goto fail;
1120 }
1121 }
1122
1123 return 0;
1124
1125 fail:
1126 socket_unwatch_fds(s);
1127 return r;
1128 }
1129
1130 static void socket_set_state(Socket *s, SocketState state) {
1131 SocketState old_state;
1132 assert(s);
1133
1134 old_state = s->state;
1135 s->state = state;
1136
1137 if (state != SOCKET_START_PRE &&
1138 state != SOCKET_START_POST &&
1139 state != SOCKET_STOP_PRE &&
1140 state != SOCKET_STOP_PRE_SIGTERM &&
1141 state != SOCKET_STOP_PRE_SIGKILL &&
1142 state != SOCKET_STOP_POST &&
1143 state != SOCKET_FINAL_SIGTERM &&
1144 state != SOCKET_FINAL_SIGKILL) {
1145
1146 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1147 socket_unwatch_control_pid(s);
1148 s->control_command = NULL;
1149 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1150 }
1151
1152 if (state != SOCKET_LISTENING)
1153 socket_unwatch_fds(s);
1154
1155 if (state != SOCKET_START_POST &&
1156 state != SOCKET_LISTENING &&
1157 state != SOCKET_RUNNING &&
1158 state != SOCKET_STOP_PRE &&
1159 state != SOCKET_STOP_PRE_SIGTERM &&
1160 state != SOCKET_STOP_PRE_SIGKILL)
1161 socket_close_fds(s);
1162
1163 if (state != old_state)
1164 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1165 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1166
1167 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1168 }
1169
1170 static int socket_coldplug(Unit *u) {
1171 Socket *s = SOCKET(u);
1172 int r;
1173
1174 assert(s);
1175 assert(s->state == SOCKET_DEAD);
1176
1177 if (s->deserialized_state == s->state)
1178 return 0;
1179
1180 if (s->deserialized_state == SOCKET_START_PRE ||
1181 s->deserialized_state == SOCKET_START_POST ||
1182 s->deserialized_state == SOCKET_STOP_PRE ||
1183 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1184 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1185 s->deserialized_state == SOCKET_STOP_POST ||
1186 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1187 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1188
1189 if (s->control_pid <= 0)
1190 return -EBADMSG;
1191
1192 r = unit_watch_pid(UNIT(s), s->control_pid);
1193 if (r < 0)
1194 return r;
1195
1196 r = socket_arm_timer(s);
1197 if (r < 0)
1198 return r;
1199 }
1200
1201 if (s->deserialized_state == SOCKET_START_POST ||
1202 s->deserialized_state == SOCKET_LISTENING ||
1203 s->deserialized_state == SOCKET_RUNNING ||
1204 s->deserialized_state == SOCKET_STOP_PRE ||
1205 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1206 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL) {
1207 r = socket_open_fds(s);
1208 if (r < 0)
1209 return r;
1210 }
1211
1212 if (s->deserialized_state == SOCKET_LISTENING) {
1213 r = socket_watch_fds(s);
1214 if (r < 0)
1215 return r;
1216 }
1217
1218 socket_set_state(s, s->deserialized_state);
1219 return 0;
1220 }
1221
1222 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1223 pid_t pid;
1224 int r;
1225 char **argv;
1226
1227 assert(s);
1228 assert(c);
1229 assert(_pid);
1230
1231 unit_realize_cgroup(UNIT(s));
1232
1233 r = unit_setup_exec_runtime(UNIT(s));
1234 if (r < 0)
1235 goto fail;
1236
1237 r = socket_arm_timer(s);
1238 if (r < 0)
1239 goto fail;
1240
1241 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1242 if (r < 0)
1243 goto fail;
1244
1245 r = exec_spawn(c,
1246 argv,
1247 &s->exec_context,
1248 NULL, 0,
1249 UNIT(s)->manager->environment,
1250 true,
1251 true,
1252 true,
1253 UNIT(s)->manager->confirm_spawn,
1254 UNIT(s)->manager->cgroup_supported,
1255 UNIT(s)->cgroup_path,
1256 UNIT(s)->id,
1257 NULL,
1258 s->exec_runtime,
1259 &pid);
1260
1261 strv_free(argv);
1262 if (r < 0)
1263 goto fail;
1264
1265 r = unit_watch_pid(UNIT(s), pid);
1266 if (r < 0)
1267 /* FIXME: we need to do something here */
1268 goto fail;
1269
1270 *_pid = pid;
1271
1272 return 0;
1273
1274 fail:
1275 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1276
1277 return r;
1278 }
1279
1280 static void socket_enter_dead(Socket *s, SocketResult f) {
1281 assert(s);
1282
1283 if (f != SOCKET_SUCCESS)
1284 s->result = f;
1285
1286 exec_runtime_destroy(s->exec_runtime);
1287 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1288
1289 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1290 }
1291
1292 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1293
1294 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1295 int r;
1296 assert(s);
1297
1298 if (f != SOCKET_SUCCESS)
1299 s->result = f;
1300
1301 socket_unwatch_control_pid(s);
1302
1303 s->control_command_id = SOCKET_EXEC_STOP_POST;
1304
1305 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1306 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1307 goto fail;
1308
1309 socket_set_state(s, SOCKET_STOP_POST);
1310 } else
1311 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1312
1313 return;
1314
1315 fail:
1316 log_warning_unit(UNIT(s)->id,
1317 "%s failed to run 'stop-post' task: %s",
1318 UNIT(s)->id, strerror(-r));
1319 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1320 }
1321
1322 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1323 int r;
1324
1325 assert(s);
1326
1327 if (f != SOCKET_SUCCESS)
1328 s->result = f;
1329
1330 r = unit_kill_context(
1331 UNIT(s),
1332 &s->kill_context,
1333 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1334 -1,
1335 s->control_pid,
1336 false);
1337 if (r < 0)
1338 goto fail;
1339
1340 if (r > 0) {
1341 r = socket_arm_timer(s);
1342 if (r < 0)
1343 goto fail;
1344
1345 socket_set_state(s, state);
1346 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1347 socket_enter_stop_post(s, SOCKET_SUCCESS);
1348 else
1349 socket_enter_dead(s, SOCKET_SUCCESS);
1350
1351 return;
1352
1353 fail:
1354 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1355
1356 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1357 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1358 else
1359 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1360 }
1361
1362 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1363 int r;
1364 assert(s);
1365
1366 if (f != SOCKET_SUCCESS)
1367 s->result = f;
1368
1369 socket_unwatch_control_pid(s);
1370
1371 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1372
1373 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1374 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1375 goto fail;
1376
1377 socket_set_state(s, SOCKET_STOP_PRE);
1378 } else
1379 socket_enter_stop_post(s, SOCKET_SUCCESS);
1380
1381 return;
1382
1383 fail:
1384 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1385 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1386 }
1387
1388 static void socket_enter_listening(Socket *s) {
1389 int r;
1390 assert(s);
1391
1392 r = socket_watch_fds(s);
1393 if (r < 0) {
1394 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1395 goto fail;
1396 }
1397
1398 socket_set_state(s, SOCKET_LISTENING);
1399 return;
1400
1401 fail:
1402 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1403 }
1404
1405 static void socket_enter_start_post(Socket *s) {
1406 int r;
1407 assert(s);
1408
1409 r = socket_open_fds(s);
1410 if (r < 0) {
1411 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1412 goto fail;
1413 }
1414
1415 socket_unwatch_control_pid(s);
1416
1417 s->control_command_id = SOCKET_EXEC_START_POST;
1418
1419 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1420 r = socket_spawn(s, s->control_command, &s->control_pid);
1421 if (r < 0) {
1422 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1423 goto fail;
1424 }
1425
1426 socket_set_state(s, SOCKET_START_POST);
1427 } else
1428 socket_enter_listening(s);
1429
1430 return;
1431
1432 fail:
1433 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1434 }
1435
1436 static void socket_enter_start_pre(Socket *s) {
1437 int r;
1438 assert(s);
1439
1440 socket_unwatch_control_pid(s);
1441
1442 s->control_command_id = SOCKET_EXEC_START_PRE;
1443
1444 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1445 r = socket_spawn(s, s->control_command, &s->control_pid);
1446 if (r < 0)
1447 goto fail;
1448
1449 socket_set_state(s, SOCKET_START_PRE);
1450 } else
1451 socket_enter_start_post(s);
1452
1453 return;
1454
1455 fail:
1456 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1457 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1458 }
1459
1460 static void socket_enter_running(Socket *s, int cfd) {
1461 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1462 int r;
1463
1464 assert(s);
1465
1466 /* We don't take connections anymore if we are supposed to
1467 * shut down anyway */
1468 if (unit_stop_pending(UNIT(s))) {
1469
1470 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1471
1472 if (cfd >= 0)
1473 close_nointr_nofail(cfd);
1474 else {
1475 /* Flush all sockets by closing and reopening them */
1476 socket_close_fds(s);
1477
1478 r = socket_open_fds(s);
1479 if (r < 0) {
1480 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1481 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1482 return;
1483 }
1484
1485 r = socket_watch_fds(s);
1486 if (r < 0) {
1487 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1488 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1489 }
1490 }
1491
1492 return;
1493 }
1494
1495 if (cfd < 0) {
1496 Iterator i;
1497 Unit *other;
1498 bool pending = false;
1499
1500 /* If there's already a start pending don't bother to
1501 * do anything */
1502 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1503 if (unit_active_or_pending(other)) {
1504 pending = true;
1505 break;
1506 }
1507
1508 if (!pending) {
1509 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1510 if (r < 0)
1511 goto fail;
1512 }
1513
1514 socket_set_state(s, SOCKET_RUNNING);
1515 } else {
1516 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1517 Service *service;
1518
1519 if (s->n_connections >= s->max_connections) {
1520 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1521 close_nointr_nofail(cfd);
1522 return;
1523 }
1524
1525 r = socket_instantiate_service(s);
1526 if (r < 0)
1527 goto fail;
1528
1529 r = instance_from_socket(cfd, s->n_accepted, &instance);
1530 if (r < 0) {
1531 if (r != -ENOTCONN)
1532 goto fail;
1533
1534 /* ENOTCONN is legitimate if TCP RST was received.
1535 * This connection is over, but the socket unit lives on. */
1536 close_nointr_nofail(cfd);
1537 return;
1538 }
1539
1540 prefix = unit_name_to_prefix(UNIT(s)->id);
1541 if (!prefix) {
1542 r = -ENOMEM;
1543 goto fail;
1544 }
1545
1546 name = unit_name_build(prefix, instance, ".service");
1547 if (!name) {
1548 r = -ENOMEM;
1549 goto fail;
1550 }
1551
1552 r = unit_add_name(UNIT_DEREF(s->service), name);
1553 if (r < 0)
1554 goto fail;
1555
1556 service = SERVICE(UNIT_DEREF(s->service));
1557 unit_ref_unset(&s->service);
1558 s->n_accepted ++;
1559
1560 UNIT(service)->no_gc = false;
1561
1562 unit_choose_id(UNIT(service), name);
1563
1564 r = service_set_socket_fd(service, cfd, s);
1565 if (r < 0)
1566 goto fail;
1567
1568 cfd = -1;
1569 s->n_connections ++;
1570
1571 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1572 if (r < 0)
1573 goto fail;
1574
1575 /* Notify clients about changed counters */
1576 unit_add_to_dbus_queue(UNIT(s));
1577 }
1578
1579 return;
1580
1581 fail:
1582 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1583 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1584 bus_error_message(&error, r));
1585
1586 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1587
1588 if (cfd >= 0)
1589 close_nointr_nofail(cfd);
1590 }
1591
1592 static void socket_run_next(Socket *s) {
1593 int r;
1594
1595 assert(s);
1596 assert(s->control_command);
1597 assert(s->control_command->command_next);
1598
1599 socket_unwatch_control_pid(s);
1600
1601 s->control_command = s->control_command->command_next;
1602
1603 r = socket_spawn(s, s->control_command, &s->control_pid);
1604 if (r < 0)
1605 goto fail;
1606
1607 return;
1608
1609 fail:
1610 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1611
1612 if (s->state == SOCKET_START_POST)
1613 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1614 else if (s->state == SOCKET_STOP_POST)
1615 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1616 else
1617 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1618 }
1619
1620 static int socket_start(Unit *u) {
1621 Socket *s = SOCKET(u);
1622
1623 assert(s);
1624
1625 /* We cannot fulfill this request right now, try again later
1626 * please! */
1627 if (s->state == SOCKET_STOP_PRE ||
1628 s->state == SOCKET_STOP_PRE_SIGKILL ||
1629 s->state == SOCKET_STOP_PRE_SIGTERM ||
1630 s->state == SOCKET_STOP_POST ||
1631 s->state == SOCKET_FINAL_SIGTERM ||
1632 s->state == SOCKET_FINAL_SIGKILL)
1633 return -EAGAIN;
1634
1635 if (s->state == SOCKET_START_PRE ||
1636 s->state == SOCKET_START_POST)
1637 return 0;
1638
1639 /* Cannot run this without the service being around */
1640 if (UNIT_ISSET(s->service)) {
1641 Service *service;
1642
1643 service = SERVICE(UNIT_DEREF(s->service));
1644
1645 if (UNIT(service)->load_state != UNIT_LOADED) {
1646 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1647 return -ENOENT;
1648 }
1649
1650 /* If the service is already active we cannot start the
1651 * socket */
1652 if (service->state != SERVICE_DEAD &&
1653 service->state != SERVICE_FAILED &&
1654 service->state != SERVICE_AUTO_RESTART) {
1655 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1656 return -EBUSY;
1657 }
1658
1659 #ifdef HAVE_SYSV_COMPAT
1660 if (service->is_sysv) {
1661 log_error_unit(u->id,
1662 "Using SysV services for socket activation is not supported. Refusing.");
1663 return -ENOENT;
1664 }
1665 #endif
1666 }
1667
1668 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1669
1670 s->result = SOCKET_SUCCESS;
1671 socket_enter_start_pre(s);
1672
1673 return 0;
1674 }
1675
1676 static int socket_stop(Unit *u) {
1677 Socket *s = SOCKET(u);
1678
1679 assert(s);
1680
1681 /* Already on it */
1682 if (s->state == SOCKET_STOP_PRE ||
1683 s->state == SOCKET_STOP_PRE_SIGTERM ||
1684 s->state == SOCKET_STOP_PRE_SIGKILL ||
1685 s->state == SOCKET_STOP_POST ||
1686 s->state == SOCKET_FINAL_SIGTERM ||
1687 s->state == SOCKET_FINAL_SIGKILL)
1688 return 0;
1689
1690 /* If there's already something running we go directly into
1691 * kill mode. */
1692 if (s->state == SOCKET_START_PRE ||
1693 s->state == SOCKET_START_POST) {
1694 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1695 return -EAGAIN;
1696 }
1697
1698 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1699
1700 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1701 return 0;
1702 }
1703
1704 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1705 Socket *s = SOCKET(u);
1706 SocketPort *p;
1707 int r;
1708
1709 assert(u);
1710 assert(f);
1711 assert(fds);
1712
1713 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1714 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1715 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1716
1717 if (s->control_pid > 0)
1718 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1719
1720 if (s->control_command_id >= 0)
1721 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1722
1723 LIST_FOREACH(port, p, s->ports) {
1724 int copy;
1725
1726 if (p->fd < 0)
1727 continue;
1728
1729 copy = fdset_put_dup(fds, p->fd);
1730 if (copy < 0)
1731 return copy;
1732
1733 if (p->type == SOCKET_SOCKET) {
1734 _cleanup_free_ char *t = NULL;
1735
1736 r = socket_address_print(&p->address, &t);
1737 if (r < 0)
1738 return r;
1739
1740 if (socket_address_family(&p->address) == AF_NETLINK)
1741 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1742 else
1743 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1744
1745 } else if (p->type == SOCKET_SPECIAL)
1746 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1747 else if (p->type == SOCKET_MQUEUE)
1748 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1749 else {
1750 assert(p->type == SOCKET_FIFO);
1751 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1752 }
1753 }
1754
1755 return 0;
1756 }
1757
1758 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1759 Socket *s = SOCKET(u);
1760
1761 assert(u);
1762 assert(key);
1763 assert(value);
1764
1765 if (streq(key, "state")) {
1766 SocketState state;
1767
1768 state = socket_state_from_string(value);
1769 if (state < 0)
1770 log_debug_unit(u->id, "Failed to parse state value %s", value);
1771 else
1772 s->deserialized_state = state;
1773 } else if (streq(key, "result")) {
1774 SocketResult f;
1775
1776 f = socket_result_from_string(value);
1777 if (f < 0)
1778 log_debug_unit(u->id, "Failed to parse result value %s", value);
1779 else if (f != SOCKET_SUCCESS)
1780 s->result = f;
1781
1782 } else if (streq(key, "n-accepted")) {
1783 unsigned k;
1784
1785 if (safe_atou(value, &k) < 0)
1786 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1787 else
1788 s->n_accepted += k;
1789 } else if (streq(key, "control-pid")) {
1790 pid_t pid;
1791
1792 if (parse_pid(value, &pid) < 0)
1793 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1794 else
1795 s->control_pid = pid;
1796 } else if (streq(key, "control-command")) {
1797 SocketExecCommand id;
1798
1799 id = socket_exec_command_from_string(value);
1800 if (id < 0)
1801 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
1802 else {
1803 s->control_command_id = id;
1804 s->control_command = s->exec_command[id];
1805 }
1806 } else if (streq(key, "fifo")) {
1807 int fd, skip = 0;
1808 SocketPort *p;
1809
1810 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1811 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
1812 else {
1813
1814 LIST_FOREACH(port, p, s->ports)
1815 if (p->type == SOCKET_FIFO &&
1816 streq_ptr(p->path, value+skip))
1817 break;
1818
1819 if (p) {
1820 if (p->fd >= 0)
1821 close_nointr_nofail(p->fd);
1822 p->fd = fdset_remove(fds, fd);
1823 }
1824 }
1825
1826 } else if (streq(key, "special")) {
1827 int fd, skip = 0;
1828 SocketPort *p;
1829
1830 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1831 log_debug_unit(u->id, "Failed to parse special value %s", value);
1832 else {
1833
1834 LIST_FOREACH(port, p, s->ports)
1835 if (p->type == SOCKET_SPECIAL &&
1836 streq_ptr(p->path, value+skip))
1837 break;
1838
1839 if (p) {
1840 if (p->fd >= 0)
1841 close_nointr_nofail(p->fd);
1842 p->fd = fdset_remove(fds, fd);
1843 }
1844 }
1845
1846 } else if (streq(key, "mqueue")) {
1847 int fd, skip = 0;
1848 SocketPort *p;
1849
1850 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1851 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
1852 else {
1853
1854 LIST_FOREACH(port, p, s->ports)
1855 if (p->type == SOCKET_MQUEUE &&
1856 streq_ptr(p->path, value+skip))
1857 break;
1858
1859 if (p) {
1860 if (p->fd >= 0)
1861 close_nointr_nofail(p->fd);
1862 p->fd = fdset_remove(fds, fd);
1863 }
1864 }
1865
1866 } else if (streq(key, "socket")) {
1867 int fd, type, skip = 0;
1868 SocketPort *p;
1869
1870 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1871 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1872 else {
1873
1874 LIST_FOREACH(port, p, s->ports)
1875 if (socket_address_is(&p->address, value+skip, type))
1876 break;
1877
1878 if (p) {
1879 if (p->fd >= 0)
1880 close_nointr_nofail(p->fd);
1881 p->fd = fdset_remove(fds, fd);
1882 }
1883 }
1884
1885 } else if (streq(key, "netlink")) {
1886 int fd, skip = 0;
1887 SocketPort *p;
1888
1889 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1890 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1891 else {
1892
1893 LIST_FOREACH(port, p, s->ports)
1894 if (socket_address_is_netlink(&p->address, value+skip))
1895 break;
1896
1897 if (p) {
1898 if (p->fd >= 0)
1899 close_nointr_nofail(p->fd);
1900 p->fd = fdset_remove(fds, fd);
1901 }
1902 }
1903 } else
1904 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
1905
1906 return 0;
1907 }
1908
1909 static int socket_distribute_fds(Unit *u, FDSet *fds) {
1910 Socket *s = SOCKET(u);
1911 SocketPort *p;
1912
1913 assert(u);
1914
1915 LIST_FOREACH(port, p, s->ports) {
1916 Iterator i;
1917 int fd;
1918
1919 if (p->type != SOCKET_SOCKET)
1920 continue;
1921
1922 if (p->fd >= 0)
1923 continue;
1924
1925 FDSET_FOREACH(fd, fds, i) {
1926 if (socket_address_matches_fd(&p->address, fd)) {
1927 p->fd = fdset_remove(fds, fd);
1928 s->deserialized_state = SOCKET_LISTENING;
1929 break;
1930 }
1931 }
1932 }
1933
1934 return 0;
1935 }
1936
1937 _pure_ static UnitActiveState socket_active_state(Unit *u) {
1938 assert(u);
1939
1940 return state_translation_table[SOCKET(u)->state];
1941 }
1942
1943 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
1944 assert(u);
1945
1946 return socket_state_to_string(SOCKET(u)->state);
1947 }
1948
1949 const char* socket_port_type_to_string(SocketPort *p) {
1950
1951 assert(p);
1952
1953 switch (p->type) {
1954
1955 case SOCKET_SOCKET:
1956
1957 switch (p->address.type) {
1958
1959 case SOCK_STREAM:
1960 return "Stream";
1961
1962 case SOCK_DGRAM:
1963 return "Datagram";
1964
1965 case SOCK_SEQPACKET:
1966 return "SequentialPacket";
1967
1968 case SOCK_RAW:
1969 if (socket_address_family(&p->address) == AF_NETLINK)
1970 return "Netlink";
1971
1972 default:
1973 return NULL;
1974 }
1975
1976 case SOCKET_SPECIAL:
1977 return "Special";
1978
1979 case SOCKET_MQUEUE:
1980 return "MessageQueue";
1981
1982 case SOCKET_FIFO:
1983 return "FIFO";
1984
1985 default:
1986 return NULL;
1987 }
1988 }
1989
1990 _pure_ static bool socket_check_gc(Unit *u) {
1991 Socket *s = SOCKET(u);
1992
1993 assert(u);
1994
1995 return s->n_connections > 0;
1996 }
1997
1998 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1999 SocketPort *p = userdata;
2000 int cfd = -1;
2001
2002 assert(p);
2003 assert(fd >= 0);
2004
2005 if (p->socket->state != SOCKET_LISTENING)
2006 return 0;
2007
2008 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2009
2010 if (revents != EPOLLIN) {
2011
2012 if (revents & EPOLLHUP)
2013 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2014 UNIT(p->socket)->id);
2015 else
2016 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2017 UNIT(p->socket)->id, revents);
2018
2019 goto fail;
2020 }
2021
2022 if (p->socket->accept &&
2023 p->type == SOCKET_SOCKET &&
2024 socket_address_can_accept(&p->address)) {
2025
2026 for (;;) {
2027
2028 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2029 if (cfd < 0) {
2030
2031 if (errno == EINTR)
2032 continue;
2033
2034 log_error_unit(UNIT(p->socket)->id,
2035 "Failed to accept socket: %m");
2036 goto fail;
2037 }
2038
2039 break;
2040 }
2041
2042 socket_apply_socket_options(p->socket, cfd);
2043 }
2044
2045 socket_enter_running(p->socket, cfd);
2046 return 0;
2047
2048 fail:
2049 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2050 return 0;
2051 }
2052
2053 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2054 Socket *s = SOCKET(u);
2055 SocketResult f;
2056
2057 assert(s);
2058 assert(pid >= 0);
2059
2060 if (pid != s->control_pid)
2061 return;
2062
2063 s->control_pid = 0;
2064
2065 if (is_clean_exit(code, status, NULL))
2066 f = SOCKET_SUCCESS;
2067 else if (code == CLD_EXITED)
2068 f = SOCKET_FAILURE_EXIT_CODE;
2069 else if (code == CLD_KILLED)
2070 f = SOCKET_FAILURE_SIGNAL;
2071 else if (code == CLD_DUMPED)
2072 f = SOCKET_FAILURE_CORE_DUMP;
2073 else
2074 assert_not_reached("Unknown code");
2075
2076 if (s->control_command) {
2077 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2078
2079 if (s->control_command->ignore)
2080 f = SOCKET_SUCCESS;
2081 }
2082
2083 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2084 u->id,
2085 "%s control process exited, code=%s status=%i",
2086 u->id, sigchld_code_to_string(code), status);
2087
2088 if (f != SOCKET_SUCCESS)
2089 s->result = f;
2090
2091 if (s->control_command &&
2092 s->control_command->command_next &&
2093 f == SOCKET_SUCCESS) {
2094
2095 log_debug_unit(u->id,
2096 "%s running next command for state %s",
2097 u->id, socket_state_to_string(s->state));
2098 socket_run_next(s);
2099 } else {
2100 s->control_command = NULL;
2101 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2102
2103 /* No further commands for this step, so let's figure
2104 * out what to do next */
2105
2106 log_debug_unit(u->id,
2107 "%s got final SIGCHLD for state %s",
2108 u->id, socket_state_to_string(s->state));
2109
2110 switch (s->state) {
2111
2112 case SOCKET_START_PRE:
2113 if (f == SOCKET_SUCCESS)
2114 socket_enter_start_post(s);
2115 else
2116 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2117 break;
2118
2119 case SOCKET_START_POST:
2120 if (f == SOCKET_SUCCESS)
2121 socket_enter_listening(s);
2122 else
2123 socket_enter_stop_pre(s, f);
2124 break;
2125
2126 case SOCKET_STOP_PRE:
2127 case SOCKET_STOP_PRE_SIGTERM:
2128 case SOCKET_STOP_PRE_SIGKILL:
2129 socket_enter_stop_post(s, f);
2130 break;
2131
2132 case SOCKET_STOP_POST:
2133 case SOCKET_FINAL_SIGTERM:
2134 case SOCKET_FINAL_SIGKILL:
2135 socket_enter_dead(s, f);
2136 break;
2137
2138 default:
2139 assert_not_reached("Uh, control process died at wrong time.");
2140 }
2141 }
2142
2143 /* Notify clients about changed exit status */
2144 unit_add_to_dbus_queue(u);
2145 }
2146
2147 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2148 Socket *s = SOCKET(userdata);
2149
2150 assert(s);
2151 assert(s->timer_event_source == source);
2152
2153 switch (s->state) {
2154
2155 case SOCKET_START_PRE:
2156 log_warning_unit(UNIT(s)->id,
2157 "%s starting timed out. Terminating.", UNIT(s)->id);
2158 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2159 break;
2160
2161 case SOCKET_START_POST:
2162 log_warning_unit(UNIT(s)->id,
2163 "%s starting timed out. Stopping.", UNIT(s)->id);
2164 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2165 break;
2166
2167 case SOCKET_STOP_PRE:
2168 log_warning_unit(UNIT(s)->id,
2169 "%s stopping timed out. Terminating.", UNIT(s)->id);
2170 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2171 break;
2172
2173 case SOCKET_STOP_PRE_SIGTERM:
2174 if (s->kill_context.send_sigkill) {
2175 log_warning_unit(UNIT(s)->id,
2176 "%s stopping timed out. Killing.", UNIT(s)->id);
2177 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2178 } else {
2179 log_warning_unit(UNIT(s)->id,
2180 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2181 UNIT(s)->id);
2182 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2183 }
2184 break;
2185
2186 case SOCKET_STOP_PRE_SIGKILL:
2187 log_warning_unit(UNIT(s)->id,
2188 "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2189 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2190 break;
2191
2192 case SOCKET_STOP_POST:
2193 log_warning_unit(UNIT(s)->id,
2194 "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2195 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2196 break;
2197
2198 case SOCKET_FINAL_SIGTERM:
2199 if (s->kill_context.send_sigkill) {
2200 log_warning_unit(UNIT(s)->id,
2201 "%s stopping timed out (2). Killing.", UNIT(s)->id);
2202 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2203 } else {
2204 log_warning_unit(UNIT(s)->id,
2205 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2206 UNIT(s)->id);
2207 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2208 }
2209 break;
2210
2211 case SOCKET_FINAL_SIGKILL:
2212 log_warning_unit(UNIT(s)->id,
2213 "%s still around after SIGKILL (2). Entering failed mode.",
2214 UNIT(s)->id);
2215 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2216 break;
2217
2218 default:
2219 assert_not_reached("Timeout at wrong time.");
2220 }
2221
2222 return 0;
2223 }
2224
2225 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2226 int *rfds;
2227 unsigned rn_fds, k;
2228 SocketPort *p;
2229
2230 assert(s);
2231 assert(fds);
2232 assert(n_fds);
2233
2234 /* Called from the service code for requesting our fds */
2235
2236 rn_fds = 0;
2237 LIST_FOREACH(port, p, s->ports)
2238 if (p->fd >= 0)
2239 rn_fds++;
2240
2241 if (rn_fds <= 0) {
2242 *fds = NULL;
2243 *n_fds = 0;
2244 return 0;
2245 }
2246
2247 if (!(rfds = new(int, rn_fds)))
2248 return -ENOMEM;
2249
2250 k = 0;
2251 LIST_FOREACH(port, p, s->ports)
2252 if (p->fd >= 0)
2253 rfds[k++] = p->fd;
2254
2255 assert(k == rn_fds);
2256
2257 *fds = rfds;
2258 *n_fds = rn_fds;
2259
2260 return 0;
2261 }
2262
2263 static void socket_reset_failed(Unit *u) {
2264 Socket *s = SOCKET(u);
2265
2266 assert(s);
2267
2268 if (s->state == SOCKET_FAILED)
2269 socket_set_state(s, SOCKET_DEAD);
2270
2271 s->result = SOCKET_SUCCESS;
2272 }
2273
2274 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2275 assert(s);
2276
2277 /* The service is dead. Dang!
2278 *
2279 * This is strictly for one-instance-for-all-connections
2280 * services. */
2281
2282 if (s->state == SOCKET_RUNNING) {
2283 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2284 if (failed_permanent)
2285 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2286 else
2287 socket_enter_listening(s);
2288 }
2289 }
2290
2291 void socket_connection_unref(Socket *s) {
2292 assert(s);
2293
2294 /* The service is dead. Yay!
2295 *
2296 * This is strictly for one-instance-per-connection
2297 * services. */
2298
2299 assert(s->n_connections > 0);
2300 s->n_connections--;
2301
2302 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2303 }
2304
2305 static void socket_trigger_notify(Unit *u, Unit *other) {
2306 Socket *s = SOCKET(u);
2307 Service *se;
2308
2309 assert(u);
2310 assert(other);
2311
2312 /* Don't propagate state changes from the service if we are
2313 already down or accepting connections */
2314 if ((s->state != SOCKET_RUNNING &&
2315 s->state != SOCKET_LISTENING) ||
2316 s->accept)
2317 return;
2318
2319 if (other->load_state != UNIT_LOADED ||
2320 other->type != UNIT_SERVICE)
2321 return;
2322
2323 se = SERVICE(other);
2324
2325 if (se->state == SERVICE_FAILED)
2326 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2327
2328 if (se->state == SERVICE_DEAD ||
2329 se->state == SERVICE_STOP ||
2330 se->state == SERVICE_STOP_SIGTERM ||
2331 se->state == SERVICE_STOP_SIGKILL ||
2332 se->state == SERVICE_STOP_POST ||
2333 se->state == SERVICE_FINAL_SIGTERM ||
2334 se->state == SERVICE_FINAL_SIGKILL ||
2335 se->state == SERVICE_AUTO_RESTART)
2336 socket_notify_service_dead(s, false);
2337
2338 if (se->state == SERVICE_RUNNING)
2339 socket_set_state(s, SOCKET_RUNNING);
2340 }
2341
2342 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2343 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2344 }
2345
2346 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2347 [SOCKET_DEAD] = "dead",
2348 [SOCKET_START_PRE] = "start-pre",
2349 [SOCKET_START_POST] = "start-post",
2350 [SOCKET_LISTENING] = "listening",
2351 [SOCKET_RUNNING] = "running",
2352 [SOCKET_STOP_PRE] = "stop-pre",
2353 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2354 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2355 [SOCKET_STOP_POST] = "stop-post",
2356 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2357 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2358 [SOCKET_FAILED] = "failed"
2359 };
2360
2361 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2362
2363 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2364 [SOCKET_EXEC_START_PRE] = "StartPre",
2365 [SOCKET_EXEC_START_POST] = "StartPost",
2366 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2367 [SOCKET_EXEC_STOP_POST] = "StopPost"
2368 };
2369
2370 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2371
2372 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2373 [SOCKET_SUCCESS] = "success",
2374 [SOCKET_FAILURE_RESOURCES] = "resources",
2375 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2376 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2377 [SOCKET_FAILURE_SIGNAL] = "signal",
2378 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2379 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2380 };
2381
2382 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2383
2384 const UnitVTable socket_vtable = {
2385 .object_size = sizeof(Socket),
2386 .exec_context_offset = offsetof(Socket, exec_context),
2387 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2388 .kill_context_offset = offsetof(Socket, kill_context),
2389 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2390
2391 .sections =
2392 "Unit\0"
2393 "Socket\0"
2394 "Install\0",
2395 .private_section = "Socket",
2396
2397 .init = socket_init,
2398 .done = socket_done,
2399 .load = socket_load,
2400
2401 .coldplug = socket_coldplug,
2402
2403 .dump = socket_dump,
2404
2405 .start = socket_start,
2406 .stop = socket_stop,
2407
2408 .kill = socket_kill,
2409
2410 .serialize = socket_serialize,
2411 .deserialize_item = socket_deserialize_item,
2412 .distribute_fds = socket_distribute_fds,
2413
2414 .active_state = socket_active_state,
2415 .sub_state_to_string = socket_sub_state_to_string,
2416
2417 .check_gc = socket_check_gc,
2418
2419 .sigchld_event = socket_sigchld_event,
2420
2421 .trigger_notify = socket_trigger_notify,
2422
2423 .reset_failed = socket_reset_failed,
2424
2425 .bus_interface = "org.freedesktop.systemd1.Socket",
2426 .bus_vtable = bus_socket_vtable,
2427 .bus_changing_properties = bus_socket_changing_properties,
2428 .bus_set_property = bus_socket_set_property,
2429 .bus_commit_properties = bus_socket_commit_properties,
2430
2431 .status_message_formats = {
2432 /*.starting_stopping = {
2433 [0] = "Starting socket %s...",
2434 [1] = "Stopping socket %s...",
2435 },*/
2436 .finished_start_job = {
2437 [JOB_DONE] = "Listening on %s.",
2438 [JOB_FAILED] = "Failed to listen on %s.",
2439 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2440 [JOB_TIMEOUT] = "Timed out starting %s.",
2441 },
2442 .finished_stop_job = {
2443 [JOB_DONE] = "Closed %s.",
2444 [JOB_FAILED] = "Failed stopping %s.",
2445 [JOB_TIMEOUT] = "Timed out stopping %s.",
2446 },
2447 },
2448 };
Unnamed repository; edit this file 'description' to name the repository.