1 /* SPDX-License-Identifier: LGPL-2.1+ */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bus-common-errors.h"
16 #include "cgroup-setup.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
24 #include "fileio-label.h"
26 #include "format-util.h"
28 #include "id128-util.h"
31 #include "load-dropin.h"
32 #include "load-fragment.h"
35 #include "missing_audit.h"
37 #include "parse-util.h"
38 #include "path-util.h"
39 #include "process-util.h"
41 #include "serialize.h"
43 #include "signal-util.h"
44 #include "sparse-endian.h"
46 #include "specifier.h"
47 #include "stat-util.h"
48 #include "stdio-util.h"
49 #include "string-table.h"
50 #include "string-util.h"
52 #include "terminal-util.h"
53 #include "tmpfile-util.h"
54 #include "umask-util.h"
55 #include "unit-name.h"
57 #include "user-util.h"
60 /* Thresholds for logging at INFO level about resource consumption */
61 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
62 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
63 #define MENTIONWORTHY_IP_BYTES (0ULL)
65 /* Thresholds for logging at INFO level about resource consumption */
66 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
67 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
68 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
70 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
71 [UNIT_SERVICE
] = &service_vtable
,
72 [UNIT_SOCKET
] = &socket_vtable
,
73 [UNIT_TARGET
] = &target_vtable
,
74 [UNIT_DEVICE
] = &device_vtable
,
75 [UNIT_MOUNT
] = &mount_vtable
,
76 [UNIT_AUTOMOUNT
] = &automount_vtable
,
77 [UNIT_SWAP
] = &swap_vtable
,
78 [UNIT_TIMER
] = &timer_vtable
,
79 [UNIT_PATH
] = &path_vtable
,
80 [UNIT_SLICE
] = &slice_vtable
,
81 [UNIT_SCOPE
] = &scope_vtable
,
84 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
);
86 Unit
*unit_new(Manager
*m
, size_t size
) {
90 assert(size
>= sizeof(Unit
));
97 u
->type
= _UNIT_TYPE_INVALID
;
98 u
->default_dependencies
= true;
99 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
100 u
->unit_file_preset
= -1;
101 u
->on_failure_job_mode
= JOB_REPLACE
;
102 u
->cgroup_control_inotify_wd
= -1;
103 u
->cgroup_memory_inotify_wd
= -1;
104 u
->job_timeout
= USEC_INFINITY
;
105 u
->job_running_timeout
= USEC_INFINITY
;
106 u
->ref_uid
= UID_INVALID
;
107 u
->ref_gid
= GID_INVALID
;
108 u
->cpu_usage_last
= NSEC_INFINITY
;
109 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
110 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
112 u
->ip_accounting_ingress_map_fd
= -1;
113 u
->ip_accounting_egress_map_fd
= -1;
114 u
->ipv4_allow_map_fd
= -1;
115 u
->ipv6_allow_map_fd
= -1;
116 u
->ipv4_deny_map_fd
= -1;
117 u
->ipv6_deny_map_fd
= -1;
119 u
->last_section_private
= -1;
121 u
->start_ratelimit
= (RateLimit
) { m
->default_start_limit_interval
, m
->default_start_limit_burst
};
122 u
->auto_stop_ratelimit
= (RateLimit
) { 10 * USEC_PER_SEC
, 16 };
124 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
125 u
->io_accounting_last
[i
] = UINT64_MAX
;
130 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
131 _cleanup_(unit_freep
) Unit
*u
= NULL
;
134 u
= unit_new(m
, size
);
138 r
= unit_add_name(u
, name
);
147 bool unit_has_name(const Unit
*u
, const char *name
) {
151 return streq_ptr(name
, u
->id
) ||
152 set_contains(u
->aliases
, name
);
155 static void unit_init(Unit
*u
) {
162 assert(u
->type
>= 0);
164 cc
= unit_get_cgroup_context(u
);
166 cgroup_context_init(cc
);
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
172 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
173 cc
->io_accounting
= u
->manager
->default_io_accounting
;
174 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
175 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
176 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
177 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
179 if (u
->type
!= UNIT_SLICE
)
180 cc
->tasks_max
= u
->manager
->default_tasks_max
;
183 ec
= unit_get_exec_context(u
);
185 exec_context_init(ec
);
187 if (MANAGER_IS_SYSTEM(u
->manager
))
188 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
190 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
192 /* User manager might have its umask redefined by PAM or UMask=. In this
193 * case let the units it manages inherit this value by default. They can
194 * still tune this value through their own unit file */
195 (void) get_process_umask(getpid_cached(), &ec
->umask
);
199 kc
= unit_get_kill_context(u
);
201 kill_context_init(kc
);
203 if (UNIT_VTABLE(u
)->init
)
204 UNIT_VTABLE(u
)->init(u
);
207 static int unit_add_alias(Unit
*u
, char *donated_name
) {
210 /* Make sure that u->names is allocated. We may leave u->names
211 * empty if we fail later, but this is not a problem. */
212 r
= set_ensure_allocated(&u
->aliases
, &string_hash_ops
);
216 r
= set_put(u
->aliases
, donated_name
);
224 int unit_add_name(Unit
*u
, const char *text
) {
225 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
232 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
234 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
235 "instance is not set when adding name '%s': %m", text
);
237 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
239 return log_unit_debug_errno(u
, r
,
240 "failed to build instance name from '%s': %m", text
);
247 if (unit_has_name(u
, name
))
250 if (hashmap_contains(u
->manager
->units
, name
))
251 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
252 "unit already exist when adding name '%s': %m", name
);
254 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
255 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
256 "name '%s' is invalid: %m", name
);
258 t
= unit_name_to_type(name
);
260 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
261 "failed to derive unit type from name '%s': %m", name
);
263 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
264 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
265 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
268 r
= unit_name_to_instance(name
, &instance
);
270 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
272 if (instance
&& !unit_type_may_template(t
))
273 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
275 /* Ensure that this unit either has no instance, or that the instance matches. */
276 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
277 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
278 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
279 name
, instance
, u
->instance
);
281 if (u
->id
&& !unit_type_may_alias(t
))
282 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
283 "cannot add name %s, aliases are not allowed for %s units.",
284 name
, unit_type_to_string(t
));
286 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
287 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
289 /* Add name to the global hashmap first, because that's easier to undo */
290 r
= hashmap_put(u
->manager
->units
, name
, u
);
292 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
295 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
297 hashmap_remove(u
->manager
->units
, name
);
303 /* A new name, we don't need the set yet. */
304 assert(u
->type
== _UNIT_TYPE_INVALID
);
305 assert(!u
->instance
);
308 u
->id
= TAKE_PTR(name
);
309 u
->instance
= TAKE_PTR(instance
);
311 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
315 unit_add_to_dbus_queue(u
);
319 int unit_choose_id(Unit
*u
, const char *name
) {
320 _cleanup_free_
char *t
= NULL
;
327 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
331 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
338 if (streq_ptr(u
->id
, name
))
339 return 0; /* Nothing to do. */
341 /* Selects one of the aliases of this unit as the id */
342 s
= set_get(u
->aliases
, (char*) name
);
347 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
351 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
353 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
354 unit_add_to_dbus_queue(u
);
359 int unit_set_description(Unit
*u
, const char *description
) {
364 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
368 unit_add_to_dbus_queue(u
);
373 bool unit_may_gc(Unit
*u
) {
374 UnitActiveState state
;
379 /* Checks whether the unit is ready to be unloaded for garbage collection.
380 * Returns true when the unit may be collected, and false if there's some
381 * reason to keep it loaded.
383 * References from other units are *not* checked here. Instead, this is done
384 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
393 state
= unit_active_state(u
);
395 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
396 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
397 UNIT_VTABLE(u
)->release_resources
)
398 UNIT_VTABLE(u
)->release_resources(u
);
403 if (sd_bus_track_count(u
->bus_track
) > 0)
406 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
407 switch (u
->collect_mode
) {
409 case COLLECT_INACTIVE
:
410 if (state
!= UNIT_INACTIVE
)
415 case COLLECT_INACTIVE_OR_FAILED
:
416 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
422 assert_not_reached("Unknown garbage collection mode");
425 if (u
->cgroup_path
) {
426 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
427 * around. Units with active processes should never be collected. */
429 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
431 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", u
->cgroup_path
);
436 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
442 void unit_add_to_load_queue(Unit
*u
) {
444 assert(u
->type
!= _UNIT_TYPE_INVALID
);
446 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
449 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
450 u
->in_load_queue
= true;
453 void unit_add_to_cleanup_queue(Unit
*u
) {
456 if (u
->in_cleanup_queue
)
459 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
460 u
->in_cleanup_queue
= true;
463 void unit_add_to_gc_queue(Unit
*u
) {
466 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
472 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
473 u
->in_gc_queue
= true;
476 void unit_add_to_dbus_queue(Unit
*u
) {
478 assert(u
->type
!= _UNIT_TYPE_INVALID
);
480 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
483 /* Shortcut things if nobody cares */
484 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
485 sd_bus_track_count(u
->bus_track
) <= 0 &&
486 set_isempty(u
->manager
->private_buses
)) {
487 u
->sent_dbus_new_signal
= true;
491 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
492 u
->in_dbus_queue
= true;
495 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
498 if (u
->in_stop_when_unneeded_queue
)
501 if (!u
->stop_when_unneeded
)
504 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
507 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
508 u
->in_stop_when_unneeded_queue
= true;
511 static void bidi_set_free(Unit
*u
, Hashmap
*h
) {
518 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
520 HASHMAP_FOREACH_KEY(v
, other
, h
, i
) {
521 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
522 hashmap_remove(other
->dependencies
[d
], u
);
524 unit_add_to_gc_queue(other
);
530 static void unit_remove_transient(Unit
*u
) {
538 if (u
->fragment_path
)
539 (void) unlink(u
->fragment_path
);
541 STRV_FOREACH(i
, u
->dropin_paths
) {
542 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
544 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
548 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
552 /* Only drop transient drop-ins */
553 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
561 static void unit_free_requires_mounts_for(Unit
*u
) {
565 _cleanup_free_
char *path
;
567 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
571 char s
[strlen(path
) + 1];
573 PATH_FOREACH_PREFIX_MORE(s
, path
) {
577 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
581 (void) set_remove(x
, u
);
583 if (set_isempty(x
)) {
584 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
592 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
595 static void unit_done(Unit
*u
) {
604 if (UNIT_VTABLE(u
)->done
)
605 UNIT_VTABLE(u
)->done(u
);
607 ec
= unit_get_exec_context(u
);
609 exec_context_done(ec
);
611 cc
= unit_get_cgroup_context(u
);
613 cgroup_context_done(cc
);
616 void unit_free(Unit
*u
) {
623 u
->transient_file
= safe_fclose(u
->transient_file
);
625 if (!MANAGER_IS_RELOADING(u
->manager
))
626 unit_remove_transient(u
);
628 bus_unit_send_removed_signal(u
);
632 unit_dequeue_rewatch_pids(u
);
634 sd_bus_slot_unref(u
->match_bus_slot
);
635 sd_bus_track_unref(u
->bus_track
);
636 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
637 u
->pending_freezer_message
= sd_bus_message_unref(u
->pending_freezer_message
);
639 unit_free_requires_mounts_for(u
);
641 SET_FOREACH(t
, u
->aliases
, i
)
642 hashmap_remove_value(u
->manager
->units
, t
, u
);
644 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
646 if (!sd_id128_is_null(u
->invocation_id
))
647 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
661 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
662 bidi_set_free(u
, u
->dependencies
[d
]);
664 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
665 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
666 if (UNIT_ISSET(u
->slice
))
667 unit_add_family_to_cgroup_realize_queue(UNIT_DEREF(u
->slice
));
670 manager_unref_console(u
->manager
);
672 unit_release_cgroup(u
);
674 if (!MANAGER_IS_RELOADING(u
->manager
))
675 unit_unlink_state_files(u
);
677 unit_unref_uid_gid(u
, false);
679 (void) manager_update_failed_units(u
->manager
, u
, false);
680 set_remove(u
->manager
->startup_units
, u
);
682 unit_unwatch_all_pids(u
);
684 unit_ref_unset(&u
->slice
);
685 while (u
->refs_by_target
)
686 unit_ref_unset(u
->refs_by_target
);
688 if (u
->type
!= _UNIT_TYPE_INVALID
)
689 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
691 if (u
->in_load_queue
)
692 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
694 if (u
->in_dbus_queue
)
695 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
698 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
700 if (u
->in_cgroup_realize_queue
)
701 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
703 if (u
->in_cgroup_empty_queue
)
704 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
706 if (u
->in_cleanup_queue
)
707 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
709 if (u
->in_target_deps_queue
)
710 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
712 if (u
->in_stop_when_unneeded_queue
)
713 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
715 safe_close(u
->ip_accounting_ingress_map_fd
);
716 safe_close(u
->ip_accounting_egress_map_fd
);
718 safe_close(u
->ipv4_allow_map_fd
);
719 safe_close(u
->ipv6_allow_map_fd
);
720 safe_close(u
->ipv4_deny_map_fd
);
721 safe_close(u
->ipv6_deny_map_fd
);
723 bpf_program_unref(u
->ip_bpf_ingress
);
724 bpf_program_unref(u
->ip_bpf_ingress_installed
);
725 bpf_program_unref(u
->ip_bpf_egress
);
726 bpf_program_unref(u
->ip_bpf_egress_installed
);
728 set_free(u
->ip_bpf_custom_ingress
);
729 set_free(u
->ip_bpf_custom_egress
);
730 set_free(u
->ip_bpf_custom_ingress_installed
);
731 set_free(u
->ip_bpf_custom_egress_installed
);
733 bpf_program_unref(u
->bpf_device_control_installed
);
735 condition_free_list(u
->conditions
);
736 condition_free_list(u
->asserts
);
738 free(u
->description
);
739 strv_free(u
->documentation
);
740 free(u
->fragment_path
);
741 free(u
->source_path
);
742 strv_free(u
->dropin_paths
);
745 free(u
->job_timeout_reboot_arg
);
748 set_free_free(u
->aliases
);
754 FreezerState
unit_freezer_state(Unit
*u
) {
757 return u
->freezer_state
;
760 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
761 char *values
[1] = {};
766 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
767 STRV_MAKE("frozen"), values
);
771 r
= _FREEZER_STATE_INVALID
;
774 if (streq(values
[0], "0"))
776 else if (streq(values
[0], "1"))
786 UnitActiveState
unit_active_state(Unit
*u
) {
789 if (u
->load_state
== UNIT_MERGED
)
790 return unit_active_state(unit_follow_merge(u
));
792 /* After a reload it might happen that a unit is not correctly
793 * loaded but still has a process around. That's why we won't
794 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
796 return UNIT_VTABLE(u
)->active_state(u
);
799 const char* unit_sub_state_to_string(Unit
*u
) {
802 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
805 static int hashmap_complete_move(Hashmap
**s
, Hashmap
**other
) {
813 return hashmap_move(*s
, *other
);
815 *s
= TAKE_PTR(*other
);
820 static int merge_names(Unit
*u
, Unit
*other
) {
828 r
= unit_add_alias(u
, other
->id
);
832 r
= set_move(u
->aliases
, other
->aliases
);
834 set_remove(u
->aliases
, other
->id
);
839 other
->aliases
= set_free_free(other
->aliases
);
841 SET_FOREACH(name
, u
->aliases
, i
)
842 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
847 static int reserve_dependencies(Unit
*u
, Unit
*other
, UnitDependency d
) {
852 assert(d
< _UNIT_DEPENDENCY_MAX
);
855 * If u does not have this dependency set allocated, there is no need
856 * to reserve anything. In that case other's set will be transferred
857 * as a whole to u by complete_move().
859 if (!u
->dependencies
[d
])
862 /* merge_dependencies() will skip a u-on-u dependency */
863 n_reserve
= hashmap_size(other
->dependencies
[d
]) - !!hashmap_get(other
->dependencies
[d
], u
);
865 return hashmap_reserve(u
->dependencies
[d
], n_reserve
);
868 static void merge_dependencies(Unit
*u
, Unit
*other
, const char *other_id
, UnitDependency d
) {
874 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
878 assert(d
< _UNIT_DEPENDENCY_MAX
);
880 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
881 HASHMAP_FOREACH_KEY(v
, back
, other
->dependencies
[d
], i
)
883 /* Let's now iterate through the dependencies of that dependencies of the other units,
884 * looking for pointers back, and let's fix them up, to instead point to 'u'. */
885 for (UnitDependency k
= 0; k
< _UNIT_DEPENDENCY_MAX
; k
++)
887 /* Do not add dependencies between u and itself. */
888 if (hashmap_remove(back
->dependencies
[k
], other
))
889 maybe_warn_about_dependency(u
, other_id
, k
);
891 UnitDependencyInfo di_u
, di_other
;
893 /* Let's drop this dependency between "back" and "other", and let's create it between
894 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
895 * and any such dependency which might already exist */
897 di_other
.data
= hashmap_get(back
->dependencies
[k
], other
);
899 continue; /* dependency isn't set, let's try the next one */
901 di_u
.data
= hashmap_get(back
->dependencies
[k
], u
);
903 UnitDependencyInfo di_merged
= {
904 .origin_mask
= di_u
.origin_mask
| di_other
.origin_mask
,
905 .destination_mask
= di_u
.destination_mask
| di_other
.destination_mask
,
908 r
= hashmap_remove_and_replace(back
->dependencies
[k
], other
, u
, di_merged
.data
);
910 log_warning_errno(r
, "Failed to remove/replace: back=%s other=%s u=%s: %m", back
->id
, other_id
, u
->id
);
913 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
916 /* Also do not move dependencies on u to itself */
917 back
= hashmap_remove(other
->dependencies
[d
], u
);
919 maybe_warn_about_dependency(u
, other_id
, d
);
921 /* The move cannot fail. The caller must have performed a reservation. */
922 assert_se(hashmap_complete_move(&u
->dependencies
[d
], &other
->dependencies
[d
]) == 0);
924 other
->dependencies
[d
] = hashmap_free(other
->dependencies
[d
]);
927 int unit_merge(Unit
*u
, Unit
*other
) {
928 const char *other_id
= NULL
;
933 assert(u
->manager
== other
->manager
);
934 assert(u
->type
!= _UNIT_TYPE_INVALID
);
936 other
= unit_follow_merge(other
);
941 if (u
->type
!= other
->type
)
944 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
947 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
950 if (!streq_ptr(u
->instance
, other
->instance
))
959 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
963 other_id
= strdupa(other
->id
);
965 /* Make reservations to ensure merge_dependencies() won't fail */
966 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
967 r
= reserve_dependencies(u
, other
, d
);
969 * We don't rollback reservations if we fail. We don't have
970 * a way to undo reservations. A reservation is not a leak.
977 r
= merge_names(u
, other
);
981 /* Redirect all references */
982 while (other
->refs_by_target
)
983 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
985 /* Merge dependencies */
986 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
987 merge_dependencies(u
, other
, other_id
, d
);
989 other
->load_state
= UNIT_MERGED
;
990 other
->merged_into
= u
;
992 /* If there is still some data attached to the other node, we
993 * don't need it anymore, and can free it. */
994 if (other
->load_state
!= UNIT_STUB
)
995 if (UNIT_VTABLE(other
)->done
)
996 UNIT_VTABLE(other
)->done(other
);
998 unit_add_to_dbus_queue(u
);
999 unit_add_to_cleanup_queue(other
);
1004 int unit_merge_by_name(Unit
*u
, const char *name
) {
1005 _cleanup_free_
char *s
= NULL
;
1009 /* Either add name to u, or if a unit with name already exists, merge it with u.
1010 * If name is a template, do the same for name@instance, where instance is u's instance. */
1015 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1019 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1026 other
= manager_get_unit(u
->manager
, name
);
1028 return unit_merge(u
, other
);
1030 return unit_add_name(u
, name
);
1033 Unit
* unit_follow_merge(Unit
*u
) {
1036 while (u
->load_state
== UNIT_MERGED
)
1037 assert_se(u
= u
->merged_into
);
1042 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1043 ExecDirectoryType dt
;
1050 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1051 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1056 if (c
->root_directory
) {
1057 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1062 if (c
->root_image
) {
1063 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1068 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1069 if (!u
->manager
->prefix
[dt
])
1072 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1073 _cleanup_free_
char *p
;
1075 p
= path_join(u
->manager
->prefix
[dt
], *dp
);
1079 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1085 if (!MANAGER_IS_SYSTEM(u
->manager
))
1088 /* For the following three directory types we need write access, and /var/ is possibly on the root
1089 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1090 if (!strv_isempty(c
->directories
[EXEC_DIRECTORY_STATE
].paths
) ||
1091 !strv_isempty(c
->directories
[EXEC_DIRECTORY_CACHE
].paths
) ||
1092 !strv_isempty(c
->directories
[EXEC_DIRECTORY_LOGS
].paths
)) {
1093 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1098 if (c
->private_tmp
) {
1101 FOREACH_STRING(p
, "/tmp", "/var/tmp") {
1102 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1107 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1112 if (c
->root_image
) {
1113 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1114 * implicit dependency on udev */
1116 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1121 if (!IN_SET(c
->std_output
,
1122 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1123 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1124 !IN_SET(c
->std_error
,
1125 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1126 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1130 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1133 if (c
->log_namespace
) {
1134 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1136 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1140 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1144 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1148 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1152 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1159 const char *unit_description(Unit
*u
) {
1163 return u
->description
;
1165 return strna(u
->id
);
1168 const char *unit_status_string(Unit
*u
) {
1171 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
&& u
->id
)
1174 return unit_description(u
);
1177 static void print_unit_dependency_mask(FILE *f
, const char *kind
, UnitDependencyMask mask
, bool *space
) {
1179 UnitDependencyMask mask
;
1182 { UNIT_DEPENDENCY_FILE
, "file" },
1183 { UNIT_DEPENDENCY_IMPLICIT
, "implicit" },
1184 { UNIT_DEPENDENCY_DEFAULT
, "default" },
1185 { UNIT_DEPENDENCY_UDEV
, "udev" },
1186 { UNIT_DEPENDENCY_PATH
, "path" },
1187 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT
, "mountinfo-implicit" },
1188 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
, "mountinfo-default" },
1189 { UNIT_DEPENDENCY_PROC_SWAP
, "proc-swap" },
1197 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
1202 if (FLAGS_SET(mask
, table
[i
].mask
)) {
1210 fputs(table
[i
].name
, f
);
1212 mask
&= ~table
[i
].mask
;
1219 void unit_dump(Unit
*u
, FILE *f
, const char *prefix
) {
1222 const char *prefix2
;
1223 char timestamp
[5][FORMAT_TIMESTAMP_MAX
], timespan
[FORMAT_TIMESPAN_MAX
];
1225 _cleanup_set_free_ Set
*following_set
= NULL
;
1231 assert(u
->type
>= 0);
1233 prefix
= strempty(prefix
);
1234 prefix2
= strjoina(prefix
, "\t");
1240 SET_FOREACH(t
, u
->aliases
, i
)
1241 fprintf(f
, "%s\tAlias: %s\n", prefix
, t
);
1244 "%s\tDescription: %s\n"
1245 "%s\tInstance: %s\n"
1246 "%s\tUnit Load State: %s\n"
1247 "%s\tUnit Active State: %s\n"
1248 "%s\tState Change Timestamp: %s\n"
1249 "%s\tInactive Exit Timestamp: %s\n"
1250 "%s\tActive Enter Timestamp: %s\n"
1251 "%s\tActive Exit Timestamp: %s\n"
1252 "%s\tInactive Enter Timestamp: %s\n"
1254 "%s\tNeed Daemon Reload: %s\n"
1255 "%s\tTransient: %s\n"
1256 "%s\tPerpetual: %s\n"
1257 "%s\tGarbage Collection Mode: %s\n"
1260 "%s\tCGroup realized: %s\n",
1261 prefix
, unit_description(u
),
1262 prefix
, strna(u
->instance
),
1263 prefix
, unit_load_state_to_string(u
->load_state
),
1264 prefix
, unit_active_state_to_string(unit_active_state(u
)),
1265 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->state_change_timestamp
.realtime
)),
1266 prefix
, strna(format_timestamp(timestamp
[1], sizeof(timestamp
[1]), u
->inactive_exit_timestamp
.realtime
)),
1267 prefix
, strna(format_timestamp(timestamp
[2], sizeof(timestamp
[2]), u
->active_enter_timestamp
.realtime
)),
1268 prefix
, strna(format_timestamp(timestamp
[3], sizeof(timestamp
[3]), u
->active_exit_timestamp
.realtime
)),
1269 prefix
, strna(format_timestamp(timestamp
[4], sizeof(timestamp
[4]), u
->inactive_enter_timestamp
.realtime
)),
1270 prefix
, yes_no(unit_may_gc(u
)),
1271 prefix
, yes_no(unit_need_daemon_reload(u
)),
1272 prefix
, yes_no(u
->transient
),
1273 prefix
, yes_no(u
->perpetual
),
1274 prefix
, collect_mode_to_string(u
->collect_mode
),
1275 prefix
, strna(unit_slice_name(u
)),
1276 prefix
, strna(u
->cgroup_path
),
1277 prefix
, yes_no(u
->cgroup_realized
));
1279 if (u
->cgroup_realized_mask
!= 0) {
1280 _cleanup_free_
char *s
= NULL
;
1281 (void) cg_mask_to_string(u
->cgroup_realized_mask
, &s
);
1282 fprintf(f
, "%s\tCGroup realized mask: %s\n", prefix
, strnull(s
));
1285 if (u
->cgroup_enabled_mask
!= 0) {
1286 _cleanup_free_
char *s
= NULL
;
1287 (void) cg_mask_to_string(u
->cgroup_enabled_mask
, &s
);
1288 fprintf(f
, "%s\tCGroup enabled mask: %s\n", prefix
, strnull(s
));
1291 m
= unit_get_own_mask(u
);
1293 _cleanup_free_
char *s
= NULL
;
1294 (void) cg_mask_to_string(m
, &s
);
1295 fprintf(f
, "%s\tCGroup own mask: %s\n", prefix
, strnull(s
));
1298 m
= unit_get_members_mask(u
);
1300 _cleanup_free_
char *s
= NULL
;
1301 (void) cg_mask_to_string(m
, &s
);
1302 fprintf(f
, "%s\tCGroup members mask: %s\n", prefix
, strnull(s
));
1305 m
= unit_get_delegate_mask(u
);
1307 _cleanup_free_
char *s
= NULL
;
1308 (void) cg_mask_to_string(m
, &s
);
1309 fprintf(f
, "%s\tCGroup delegate mask: %s\n", prefix
, strnull(s
));
1312 if (!sd_id128_is_null(u
->invocation_id
))
1313 fprintf(f
, "%s\tInvocation ID: " SD_ID128_FORMAT_STR
"\n",
1314 prefix
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
1316 STRV_FOREACH(j
, u
->documentation
)
1317 fprintf(f
, "%s\tDocumentation: %s\n", prefix
, *j
);
1319 following
= unit_following(u
);
1321 fprintf(f
, "%s\tFollowing: %s\n", prefix
, following
->id
);
1323 r
= unit_following_set(u
, &following_set
);
1327 SET_FOREACH(other
, following_set
, i
)
1328 fprintf(f
, "%s\tFollowing Set Member: %s\n", prefix
, other
->id
);
1331 if (u
->fragment_path
)
1332 fprintf(f
, "%s\tFragment Path: %s\n", prefix
, u
->fragment_path
);
1335 fprintf(f
, "%s\tSource Path: %s\n", prefix
, u
->source_path
);
1337 STRV_FOREACH(j
, u
->dropin_paths
)
1338 fprintf(f
, "%s\tDropIn Path: %s\n", prefix
, *j
);
1340 if (u
->failure_action
!= EMERGENCY_ACTION_NONE
)
1341 fprintf(f
, "%s\tFailure Action: %s\n", prefix
, emergency_action_to_string(u
->failure_action
));
1342 if (u
->failure_action_exit_status
>= 0)
1343 fprintf(f
, "%s\tFailure Action Exit Status: %i\n", prefix
, u
->failure_action_exit_status
);
1344 if (u
->success_action
!= EMERGENCY_ACTION_NONE
)
1345 fprintf(f
, "%s\tSuccess Action: %s\n", prefix
, emergency_action_to_string(u
->success_action
));
1346 if (u
->success_action_exit_status
>= 0)
1347 fprintf(f
, "%s\tSuccess Action Exit Status: %i\n", prefix
, u
->success_action_exit_status
);
1349 if (u
->job_timeout
!= USEC_INFINITY
)
1350 fprintf(f
, "%s\tJob Timeout: %s\n", prefix
, format_timespan(timespan
, sizeof(timespan
), u
->job_timeout
, 0));
1352 if (u
->job_timeout_action
!= EMERGENCY_ACTION_NONE
)
1353 fprintf(f
, "%s\tJob Timeout Action: %s\n", prefix
, emergency_action_to_string(u
->job_timeout_action
));
1355 if (u
->job_timeout_reboot_arg
)
1356 fprintf(f
, "%s\tJob Timeout Reboot Argument: %s\n", prefix
, u
->job_timeout_reboot_arg
);
1358 condition_dump_list(u
->conditions
, f
, prefix
, condition_type_to_string
);
1359 condition_dump_list(u
->asserts
, f
, prefix
, assert_type_to_string
);
1361 if (dual_timestamp_is_set(&u
->condition_timestamp
))
1363 "%s\tCondition Timestamp: %s\n"
1364 "%s\tCondition Result: %s\n",
1365 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->condition_timestamp
.realtime
)),
1366 prefix
, yes_no(u
->condition_result
));
1368 if (dual_timestamp_is_set(&u
->assert_timestamp
))
1370 "%s\tAssert Timestamp: %s\n"
1371 "%s\tAssert Result: %s\n",
1372 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->assert_timestamp
.realtime
)),
1373 prefix
, yes_no(u
->assert_result
));
1375 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
1376 UnitDependencyInfo di
;
1379 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
1382 fprintf(f
, "%s\t%s: %s (", prefix
, unit_dependency_to_string(d
), other
->id
);
1384 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1385 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1391 if (!hashmap_isempty(u
->requires_mounts_for
)) {
1392 UnitDependencyInfo di
;
1395 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1398 fprintf(f
, "%s\tRequiresMountsFor: %s (", prefix
, path
);
1400 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1401 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1407 if (u
->load_state
== UNIT_LOADED
) {
1410 "%s\tStopWhenUnneeded: %s\n"
1411 "%s\tRefuseManualStart: %s\n"
1412 "%s\tRefuseManualStop: %s\n"
1413 "%s\tDefaultDependencies: %s\n"
1414 "%s\tOnFailureJobMode: %s\n"
1415 "%s\tIgnoreOnIsolate: %s\n",
1416 prefix
, yes_no(u
->stop_when_unneeded
),
1417 prefix
, yes_no(u
->refuse_manual_start
),
1418 prefix
, yes_no(u
->refuse_manual_stop
),
1419 prefix
, yes_no(u
->default_dependencies
),
1420 prefix
, job_mode_to_string(u
->on_failure_job_mode
),
1421 prefix
, yes_no(u
->ignore_on_isolate
));
1423 if (UNIT_VTABLE(u
)->dump
)
1424 UNIT_VTABLE(u
)->dump(u
, f
, prefix2
);
1426 } else if (u
->load_state
== UNIT_MERGED
)
1428 "%s\tMerged into: %s\n",
1429 prefix
, u
->merged_into
->id
);
1430 else if (u
->load_state
== UNIT_ERROR
)
1431 fprintf(f
, "%s\tLoad Error Code: %s\n", prefix
, strerror_safe(u
->load_error
));
1433 for (n
= sd_bus_track_first(u
->bus_track
); n
; n
= sd_bus_track_next(u
->bus_track
))
1434 fprintf(f
, "%s\tBus Ref: %s\n", prefix
, n
);
1437 job_dump(u
->job
, f
, prefix2
);
1440 job_dump(u
->nop_job
, f
, prefix2
);
1443 /* Common implementation for multiple backends */
1444 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1449 /* Load a .{service,socket,...} file */
1450 r
= unit_load_fragment(u
);
1454 if (u
->load_state
== UNIT_STUB
) {
1455 if (fragment_required
)
1458 u
->load_state
= UNIT_LOADED
;
1461 /* Load drop-in directory data. If u is an alias, we might be reloading the
1462 * target unit needlessly. But we cannot be sure which drops-ins have already
1463 * been loaded and which not, at least without doing complicated book-keeping,
1464 * so let's always reread all drop-ins. */
1465 r
= unit_load_dropin(unit_follow_merge(u
));
1469 if (u
->source_path
) {
1472 if (stat(u
->source_path
, &st
) >= 0)
1473 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1475 u
->source_mtime
= 0;
1481 void unit_add_to_target_deps_queue(Unit
*u
) {
1482 Manager
*m
= u
->manager
;
1486 if (u
->in_target_deps_queue
)
1489 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1490 u
->in_target_deps_queue
= true;
1493 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1497 if (target
->type
!= UNIT_TARGET
)
1500 /* Only add the dependency if both units are loaded, so that
1501 * that loop check below is reliable */
1502 if (u
->load_state
!= UNIT_LOADED
||
1503 target
->load_state
!= UNIT_LOADED
)
1506 /* If either side wants no automatic dependencies, then let's
1508 if (!u
->default_dependencies
||
1509 !target
->default_dependencies
)
1512 /* Don't create loops */
1513 if (hashmap_get(target
->dependencies
[UNIT_BEFORE
], u
))
1516 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1519 static int unit_add_slice_dependencies(Unit
*u
) {
1522 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1525 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1526 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1528 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1530 if (UNIT_ISSET(u
->slice
))
1531 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, UNIT_DEREF(u
->slice
), true, mask
);
1533 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1536 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1539 static int unit_add_mount_dependencies(Unit
*u
) {
1540 UnitDependencyInfo di
;
1547 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1548 char prefix
[strlen(path
) + 1];
1550 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1551 _cleanup_free_
char *p
= NULL
;
1554 r
= unit_name_from_path(prefix
, ".mount", &p
);
1558 m
= manager_get_unit(u
->manager
, p
);
1560 /* Make sure to load the mount unit if
1561 * it exists. If so the dependencies
1562 * on this unit will be added later
1563 * during the loading of the mount
1565 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1571 if (m
->load_state
!= UNIT_LOADED
)
1574 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1578 if (m
->fragment_path
) {
1579 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1589 static int unit_add_startup_units(Unit
*u
) {
1592 c
= unit_get_cgroup_context(u
);
1596 if (c
->startup_cpu_shares
== CGROUP_CPU_SHARES_INVALID
&&
1597 c
->startup_io_weight
== CGROUP_WEIGHT_INVALID
&&
1598 c
->startup_blockio_weight
== CGROUP_BLKIO_WEIGHT_INVALID
)
1601 return set_ensure_put(&u
->manager
->startup_units
, NULL
, u
);
1604 int unit_load(Unit
*u
) {
1609 if (u
->in_load_queue
) {
1610 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1611 u
->in_load_queue
= false;
1614 if (u
->type
== _UNIT_TYPE_INVALID
)
1617 if (u
->load_state
!= UNIT_STUB
)
1620 if (u
->transient_file
) {
1621 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1622 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1624 r
= fflush_and_check(u
->transient_file
);
1628 u
->transient_file
= safe_fclose(u
->transient_file
);
1629 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1632 r
= UNIT_VTABLE(u
)->load(u
);
1636 assert(u
->load_state
!= UNIT_STUB
);
1638 if (u
->load_state
== UNIT_LOADED
) {
1639 unit_add_to_target_deps_queue(u
);
1641 r
= unit_add_slice_dependencies(u
);
1645 r
= unit_add_mount_dependencies(u
);
1649 r
= unit_add_startup_units(u
);
1653 if (u
->on_failure_job_mode
== JOB_ISOLATE
&& hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) > 1) {
1654 log_unit_error(u
, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1659 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1660 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1662 /* We finished loading, let's ensure our parents recalculate the members mask */
1663 unit_invalidate_cgroup_members_masks(u
);
1666 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1668 unit_add_to_dbus_queue(unit_follow_merge(u
));
1669 unit_add_to_gc_queue(u
);
1674 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1675 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1677 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1678 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1682 /* Record the last time we tried to load the unit, so that if the cache gets updated between now
1683 * and the next time an attempt is made to load this unit, we know we need to check again. */
1684 if (u
->load_state
== UNIT_NOT_FOUND
)
1685 u
->fragment_loadtime
= now(CLOCK_REALTIME
);
1687 unit_add_to_dbus_queue(u
);
1688 unit_add_to_gc_queue(u
);
1690 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1694 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1699 va_start(ap
, format
);
1701 r
= log_object_internalv(level
, error
, file
, line
, func
,
1702 u
->manager
->unit_log_field
,
1704 u
->manager
->invocation_log_field
,
1705 u
->invocation_id_string
,
1708 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1714 static bool unit_test_condition(Unit
*u
) {
1715 _cleanup_strv_free_
char **env
= NULL
;
1720 dual_timestamp_get(&u
->condition_timestamp
);
1722 r
= manager_get_effective_environment(u
->manager
, &env
);
1724 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1725 u
->condition_result
= CONDITION_ERROR
;
1727 u
->condition_result
= condition_test_list(
1730 condition_type_to_string
,
1734 unit_add_to_dbus_queue(u
);
1735 return u
->condition_result
;
1738 static bool unit_test_assert(Unit
*u
) {
1739 _cleanup_strv_free_
char **env
= NULL
;
1744 dual_timestamp_get(&u
->assert_timestamp
);
1746 r
= manager_get_effective_environment(u
->manager
, &env
);
1748 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1749 u
->assert_result
= CONDITION_ERROR
;
1751 u
->assert_result
= condition_test_list(
1754 assert_type_to_string
,
1758 unit_add_to_dbus_queue(u
);
1759 return u
->assert_result
;
1762 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *unit_status_msg_format
) {
1765 d
= unit_status_string(u
);
1766 if (log_get_show_color())
1767 d
= strjoina(ANSI_HIGHLIGHT
, d
, ANSI_NORMAL
);
1769 DISABLE_WARNING_FORMAT_NONLITERAL
;
1770 manager_status_printf(u
->manager
, status_type
, status
, unit_status_msg_format
, d
);
1774 int unit_test_start_limit(Unit
*u
) {
1779 if (ratelimit_below(&u
->start_ratelimit
)) {
1780 u
->start_limit_hit
= false;
1784 log_unit_warning(u
, "Start request repeated too quickly.");
1785 u
->start_limit_hit
= true;
1787 reason
= strjoina("unit ", u
->id
, " failed");
1789 emergency_action(u
->manager
, u
->start_limit_action
,
1790 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1791 u
->reboot_arg
, -1, reason
);
1796 bool unit_shall_confirm_spawn(Unit
*u
) {
1799 if (manager_is_confirm_spawn_disabled(u
->manager
))
1802 /* For some reasons units remaining in the same process group
1803 * as PID 1 fail to acquire the console even if it's not used
1804 * by any process. So skip the confirmation question for them. */
1805 return !unit_get_exec_context(u
)->same_pgrp
;
1808 static bool unit_verify_deps(Unit
*u
) {
1815 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1816 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1817 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1818 * conjunction with After= as for them any such check would make things entirely racy. */
1820 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], j
) {
1822 if (!hashmap_contains(u
->dependencies
[UNIT_AFTER
], other
))
1825 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1826 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1834 /* Errors that aren't really errors:
1835 * -EALREADY: Unit is already started.
1836 * -ECOMM: Condition failed
1837 * -EAGAIN: An operation is already in progress. Retry later.
1839 * Errors that are real errors:
1840 * -EBADR: This unit type does not support starting.
1841 * -ECANCELED: Start limit hit, too many requests for now
1842 * -EPROTO: Assert failed
1843 * -EINVAL: Unit not loaded
1844 * -EOPNOTSUPP: Unit type not supported
1845 * -ENOLINK: The necessary dependencies are not fulfilled.
1846 * -ESTALE: This unit has been started before and can't be started a second time
1847 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1849 int unit_start(Unit
*u
) {
1850 UnitActiveState state
;
1855 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1856 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1857 * waiting is finished. */
1858 state
= unit_active_state(u
);
1859 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1861 if (state
== UNIT_MAINTENANCE
)
1864 /* Units that aren't loaded cannot be started */
1865 if (u
->load_state
!= UNIT_LOADED
)
1868 /* Refuse starting scope units more than once */
1869 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1872 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1873 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1874 * recheck the condition in that case. */
1875 if (state
!= UNIT_ACTIVATING
&&
1876 !unit_test_condition(u
))
1877 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1879 /* If the asserts failed, fail the entire job */
1880 if (state
!= UNIT_ACTIVATING
&&
1881 !unit_test_assert(u
))
1882 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1884 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1885 * condition checks, so that we rather return condition check errors (which are usually not
1886 * considered a true failure) than "not supported" errors (which are considered a failure).
1888 if (!unit_type_supported(u
->type
))
1891 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1892 * should have taken care of this already, but let's check this here again. After all, our
1893 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1894 if (!unit_verify_deps(u
))
1897 /* Forward to the main object, if we aren't it. */
1898 following
= unit_following(u
);
1900 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1901 return unit_start(following
);
1904 /* If it is stopped, but we cannot start it, then fail */
1905 if (!UNIT_VTABLE(u
)->start
)
1908 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1909 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1910 * waits for a holdoff timer to elapse before it will start again. */
1912 unit_add_to_dbus_queue(u
);
1913 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1915 return UNIT_VTABLE(u
)->start(u
);
1918 bool unit_can_start(Unit
*u
) {
1921 if (u
->load_state
!= UNIT_LOADED
)
1924 if (!unit_type_supported(u
->type
))
1927 /* Scope units may be started only once */
1928 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1931 return !!UNIT_VTABLE(u
)->start
;
1934 bool unit_can_isolate(Unit
*u
) {
1937 return unit_can_start(u
) &&
1942 * -EBADR: This unit type does not support stopping.
1943 * -EALREADY: Unit is already stopped.
1944 * -EAGAIN: An operation is already in progress. Retry later.
1946 int unit_stop(Unit
*u
) {
1947 UnitActiveState state
;
1952 state
= unit_active_state(u
);
1953 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1956 following
= unit_following(u
);
1958 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1959 return unit_stop(following
);
1962 if (!UNIT_VTABLE(u
)->stop
)
1965 unit_add_to_dbus_queue(u
);
1966 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1968 return UNIT_VTABLE(u
)->stop(u
);
1971 bool unit_can_stop(Unit
*u
) {
1974 if (!unit_type_supported(u
->type
))
1980 return !!UNIT_VTABLE(u
)->stop
;
1984 * -EBADR: This unit type does not support reloading.
1985 * -ENOEXEC: Unit is not started.
1986 * -EAGAIN: An operation is already in progress. Retry later.
1988 int unit_reload(Unit
*u
) {
1989 UnitActiveState state
;
1994 if (u
->load_state
!= UNIT_LOADED
)
1997 if (!unit_can_reload(u
))
2000 state
= unit_active_state(u
);
2001 if (state
== UNIT_RELOADING
)
2004 if (state
!= UNIT_ACTIVE
) {
2005 log_unit_warning(u
, "Unit cannot be reloaded because it is inactive.");
2009 following
= unit_following(u
);
2011 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2012 return unit_reload(following
);
2015 unit_add_to_dbus_queue(u
);
2017 if (!UNIT_VTABLE(u
)->reload
) {
2018 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2019 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
2023 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2025 return UNIT_VTABLE(u
)->reload(u
);
2028 bool unit_can_reload(Unit
*u
) {
2031 if (UNIT_VTABLE(u
)->can_reload
)
2032 return UNIT_VTABLE(u
)->can_reload(u
);
2034 if (!hashmap_isempty(u
->dependencies
[UNIT_PROPAGATES_RELOAD_TO
]))
2037 return UNIT_VTABLE(u
)->reload
;
2040 bool unit_is_unneeded(Unit
*u
) {
2041 static const UnitDependency deps
[] = {
2051 if (!u
->stop_when_unneeded
)
2054 /* Don't clean up while the unit is transitioning or is even inactive. */
2055 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
2060 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2065 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2066 * restart, then don't clean this one up. */
2068 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
) {
2072 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2075 if (unit_will_restart(other
))
2083 static void check_unneeded_dependencies(Unit
*u
) {
2085 static const UnitDependency deps
[] = {
2095 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2097 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2102 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
)
2103 unit_submit_to_stop_when_unneeded_queue(other
);
2107 static void unit_check_binds_to(Unit
*u
) {
2108 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2120 if (unit_active_state(u
) != UNIT_ACTIVE
)
2123 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
) {
2127 if (!other
->coldplugged
)
2128 /* We might yet create a job for the other unit… */
2131 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2141 /* If stopping a unit fails continuously we might enter a stop
2142 * loop here, hence stop acting on the service being
2143 * unnecessary after a while. */
2144 if (!ratelimit_below(&u
->auto_stop_ratelimit
)) {
2145 log_unit_warning(u
, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other
->id
);
2150 log_unit_info(u
, "Unit is bound to inactive unit %s. Stopping, too.", other
->id
);
2152 /* A unit we need to run is gone. Sniff. Let's stop this. */
2153 r
= manager_add_job(u
->manager
, JOB_STOP
, u
, JOB_FAIL
, NULL
, &error
, NULL
);
2155 log_unit_warning_errno(u
, r
, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error
, r
));
2158 static void retroactively_start_dependencies(Unit
*u
) {
2164 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2166 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REQUIRES
], i
)
2167 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2168 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2169 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2171 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
)
2172 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2173 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2174 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2176 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_WANTS
], i
)
2177 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2178 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2179 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2181 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTS
], i
)
2182 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2183 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2185 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTED_BY
], i
)
2186 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2187 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2190 static void retroactively_stop_dependencies(Unit
*u
) {
2196 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2198 /* Pull down units which are bound to us recursively if enabled */
2199 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BOUND_BY
], i
)
2200 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2201 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2204 void unit_start_on_failure(Unit
*u
) {
2212 if (hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) <= 0)
2215 log_unit_info(u
, "Triggering OnFailure= dependencies.");
2217 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_ON_FAILURE
], i
) {
2218 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2220 r
= manager_add_job(u
->manager
, JOB_START
, other
, u
->on_failure_job_mode
, NULL
, &error
, NULL
);
2222 log_unit_warning_errno(u
, r
, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error
, r
));
2226 void unit_trigger_notify(Unit
*u
) {
2233 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_TRIGGERED_BY
], i
)
2234 if (UNIT_VTABLE(other
)->trigger_notify
)
2235 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2238 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2239 if (condition_notice
&& log_level
> LOG_NOTICE
)
2241 if (condition_info
&& log_level
> LOG_INFO
)
2246 static int unit_log_resources(Unit
*u
) {
2247 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2248 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2249 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2250 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2251 size_t n_message_parts
= 0, n_iovec
= 0;
2252 char* message_parts
[1 + 2 + 2 + 1], *t
;
2253 nsec_t nsec
= NSEC_INFINITY
;
2254 CGroupIPAccountingMetric m
;
2257 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2258 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2259 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2260 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2261 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2263 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2264 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2265 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2266 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2267 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2272 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2273 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2274 * information and the complete data in structured fields. */
2276 (void) unit_get_cpu_usage(u
, &nsec
);
2277 if (nsec
!= NSEC_INFINITY
) {
2278 char buf
[FORMAT_TIMESPAN_MAX
] = "";
2280 /* Format the CPU time for inclusion in the structured log message */
2281 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2285 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2287 /* Format the CPU time for inclusion in the human language message string */
2288 format_timespan(buf
, sizeof(buf
), nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
);
2289 t
= strjoin("consumed ", buf
, " CPU time");
2295 message_parts
[n_message_parts
++] = t
;
2297 log_level
= raise_level(log_level
,
2298 nsec
> NOTICEWORTHY_CPU_NSEC
,
2299 nsec
> MENTIONWORTHY_CPU_NSEC
);
2302 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2303 char buf
[FORMAT_BYTES_MAX
] = "";
2304 uint64_t value
= UINT64_MAX
;
2306 assert(io_fields
[k
]);
2308 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2309 if (value
== UINT64_MAX
)
2312 have_io_accounting
= true;
2316 /* Format IO accounting data for inclusion in the structured log message */
2317 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2321 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2323 /* Format the IO accounting data for inclusion in the human language message string, but only
2324 * for the bytes counters (and not for the operations counters) */
2325 if (k
== CGROUP_IO_READ_BYTES
) {
2327 rr
= strjoin("read ", format_bytes(buf
, sizeof(buf
), value
), " from disk");
2332 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2334 wr
= strjoin("written ", format_bytes(buf
, sizeof(buf
), value
), " to disk");
2341 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2342 log_level
= raise_level(log_level
,
2343 value
> MENTIONWORTHY_IO_BYTES
,
2344 value
> NOTICEWORTHY_IO_BYTES
);
2347 if (have_io_accounting
) {
2350 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2352 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2357 k
= strdup("no IO");
2363 message_parts
[n_message_parts
++] = k
;
2367 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2368 char buf
[FORMAT_BYTES_MAX
] = "";
2369 uint64_t value
= UINT64_MAX
;
2371 assert(ip_fields
[m
]);
2373 (void) unit_get_ip_accounting(u
, m
, &value
);
2374 if (value
== UINT64_MAX
)
2377 have_ip_accounting
= true;
2381 /* Format IP accounting data for inclusion in the structured log message */
2382 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2386 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2388 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2389 * bytes counters (and not for the packets counters) */
2390 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2392 igress
= strjoin("received ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2397 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2399 egress
= strjoin("sent ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2406 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2407 log_level
= raise_level(log_level
,
2408 value
> MENTIONWORTHY_IP_BYTES
,
2409 value
> NOTICEWORTHY_IP_BYTES
);
2412 if (have_ip_accounting
) {
2415 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2417 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2422 k
= strdup("no IP traffic");
2428 message_parts
[n_message_parts
++] = k
;
2432 /* Is there any accounting data available at all? */
2438 if (n_message_parts
== 0)
2439 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2441 _cleanup_free_
char *joined
;
2443 message_parts
[n_message_parts
] = NULL
;
2445 joined
= strv_join(message_parts
, ", ");
2451 joined
[0] = ascii_toupper(joined
[0]);
2452 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2455 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2456 * and hence don't increase n_iovec for them */
2457 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2458 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2460 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2461 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2463 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2464 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2466 log_struct_iovec(log_level
, iovec
, n_iovec
+ 4);
2470 for (i
= 0; i
< n_message_parts
; i
++)
2471 free(message_parts
[i
]);
2473 for (i
= 0; i
< n_iovec
; i
++)
2474 free(iovec
[i
].iov_base
);
2480 static void unit_update_on_console(Unit
*u
) {
2485 b
= unit_needs_console(u
);
2486 if (u
->on_console
== b
)
2491 manager_ref_console(u
->manager
);
2493 manager_unref_console(u
->manager
);
2496 static void unit_emit_audit_start(Unit
*u
) {
2499 if (u
->type
!= UNIT_SERVICE
)
2502 /* Write audit record if we have just finished starting up */
2503 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2507 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2510 if (u
->type
!= UNIT_SERVICE
)
2514 /* Write audit record if we have just finished shutting down */
2515 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2516 u
->in_audit
= false;
2518 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2519 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2521 if (state
== UNIT_INACTIVE
)
2522 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2526 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2527 bool unexpected
= false;
2532 if (j
->state
== JOB_WAITING
)
2534 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2536 job_add_to_run_queue(j
);
2538 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2539 * hence needs to invalidate jobs. */
2544 case JOB_VERIFY_ACTIVE
:
2546 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2547 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2548 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2551 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2552 if (ns
== UNIT_FAILED
)
2553 result
= JOB_FAILED
;
2554 else if (FLAGS_SET(flags
, UNIT_NOTIFY_SKIP_CONDITION
))
2555 result
= JOB_SKIPPED
;
2559 job_finish_and_invalidate(j
, result
, true, false);
2566 case JOB_RELOAD_OR_START
:
2567 case JOB_TRY_RELOAD
:
2569 if (j
->state
== JOB_RUNNING
) {
2570 if (ns
== UNIT_ACTIVE
)
2571 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2572 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2575 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2576 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2584 case JOB_TRY_RESTART
:
2586 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2587 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2588 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2590 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2596 assert_not_reached("Job type unknown");
2602 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2607 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2608 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2610 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2611 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2612 * remounted this function will be called too! */
2616 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2617 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2618 unit_add_to_dbus_queue(u
);
2620 /* Update timestamps for state changes */
2621 if (!MANAGER_IS_RELOADING(m
)) {
2622 dual_timestamp_get(&u
->state_change_timestamp
);
2624 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2625 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2626 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2627 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2629 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2630 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2631 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2632 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2635 /* Keep track of failed units */
2636 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2638 /* Make sure the cgroup and state files are always removed when we become inactive */
2639 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2640 unit_prune_cgroup(u
);
2641 unit_unlink_state_files(u
);
2644 unit_update_on_console(u
);
2646 if (!MANAGER_IS_RELOADING(m
)) {
2649 /* Let's propagate state changes to the job */
2651 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2655 /* If this state change happened without being requested by a job, then let's retroactively start or
2656 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2657 * additional jobs just because something is already activated. */
2660 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2661 retroactively_start_dependencies(u
);
2662 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2663 retroactively_stop_dependencies(u
);
2666 /* stop unneeded units regardless if going down was expected or not */
2667 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2668 check_unneeded_dependencies(u
);
2670 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2671 log_unit_debug(u
, "Unit entered failed state.");
2673 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2674 unit_start_on_failure(u
);
2677 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2678 /* This unit just finished starting up */
2680 unit_emit_audit_start(u
);
2681 manager_send_unit_plymouth(m
, u
);
2684 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2685 /* This unit just stopped/failed. */
2687 unit_emit_audit_stop(u
, ns
);
2688 unit_log_resources(u
);
2692 manager_recheck_journal(m
);
2693 manager_recheck_dbus(m
);
2695 unit_trigger_notify(u
);
2697 if (!MANAGER_IS_RELOADING(m
)) {
2698 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2699 unit_submit_to_stop_when_unneeded_queue(u
);
2701 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2702 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2703 * without ever entering started.) */
2704 unit_check_binds_to(u
);
2706 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2707 reason
= strjoina("unit ", u
->id
, " failed");
2708 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2709 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2710 reason
= strjoina("unit ", u
->id
, " succeeded");
2711 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2715 unit_add_to_gc_queue(u
);
2718 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2722 assert(pid_is_valid(pid
));
2724 /* Watch a specific PID */
2726 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2727 * opportunity to remove any stalled references to this PID as they can be created
2728 * easily (when watching a process which is not our direct child). */
2730 manager_unwatch_pid(u
->manager
, pid
);
2732 r
= set_ensure_allocated(&u
->pids
, NULL
);
2736 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2740 /* First try, let's add the unit keyed by "pid". */
2741 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2747 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2748 * to an array of Units rather than just a Unit), lists us already. */
2750 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2752 for (; array
[n
]; n
++)
2756 if (found
) /* Found it already? if so, do nothing */
2761 /* Allocate a new array */
2762 new_array
= new(Unit
*, n
+ 2);
2766 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2768 new_array
[n
+1] = NULL
;
2770 /* Add or replace the old array */
2771 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2782 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2789 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2793 assert(pid_is_valid(pid
));
2795 /* First let's drop the unit in case it's keyed as "pid". */
2796 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2798 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2799 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2803 /* Let's iterate through the array, dropping our own entry */
2804 for (n
= 0; array
[n
]; n
++)
2806 array
[m
++] = array
[n
];
2810 /* The array is now empty, remove the entire entry */
2811 assert_se(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2816 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2819 void unit_unwatch_all_pids(Unit
*u
) {
2822 while (!set_isempty(u
->pids
))
2823 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2825 u
->pids
= set_free(u
->pids
);
2828 static void unit_tidy_watch_pids(Unit
*u
) {
2829 pid_t except1
, except2
;
2835 /* Cleans dead PIDs from our list */
2837 except1
= unit_main_pid(u
);
2838 except2
= unit_control_pid(u
);
2840 SET_FOREACH(e
, u
->pids
, i
) {
2841 pid_t pid
= PTR_TO_PID(e
);
2843 if (pid
== except1
|| pid
== except2
)
2846 if (!pid_is_unwaited(pid
))
2847 unit_unwatch_pid(u
, pid
);
2851 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2857 unit_tidy_watch_pids(u
);
2858 unit_watch_all_pids(u
);
2860 /* If the PID set is empty now, then let's finish this off. */
2861 unit_synthesize_cgroup_empty_event(u
);
2866 int unit_enqueue_rewatch_pids(Unit
*u
) {
2871 if (!u
->cgroup_path
)
2874 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2877 if (r
> 0) /* On unified we can use proper notifications */
2880 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2881 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2882 * involves issuing kill(pid, 0) on all processes we watch. */
2884 if (!u
->rewatch_pids_event_source
) {
2885 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2887 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2889 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2891 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2893 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2895 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2897 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2900 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2902 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2907 void unit_dequeue_rewatch_pids(Unit
*u
) {
2911 if (!u
->rewatch_pids_event_source
)
2914 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2916 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2918 u
->rewatch_pids_event_source
= sd_event_source_unref(u
->rewatch_pids_event_source
);
2921 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2923 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2927 case JOB_VERIFY_ACTIVE
:
2930 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2931 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2936 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2937 * external events), hence it makes no sense to permit enqueuing such a request either. */
2938 return !u
->perpetual
;
2941 case JOB_TRY_RESTART
:
2942 return unit_can_stop(u
) && unit_can_start(u
);
2945 case JOB_TRY_RELOAD
:
2946 return unit_can_reload(u
);
2948 case JOB_RELOAD_OR_START
:
2949 return unit_can_reload(u
) && unit_can_start(u
);
2952 assert_not_reached("Invalid job type");
2956 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
) {
2959 /* Only warn about some unit types */
2960 if (!IN_SET(dependency
, UNIT_CONFLICTS
, UNIT_CONFLICTED_BY
, UNIT_BEFORE
, UNIT_AFTER
, UNIT_ON_FAILURE
, UNIT_TRIGGERS
, UNIT_TRIGGERED_BY
))
2963 if (streq_ptr(u
->id
, other
))
2964 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
2966 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other
), u
->id
);
2969 static int unit_add_dependency_hashmap(
2972 UnitDependencyMask origin_mask
,
2973 UnitDependencyMask destination_mask
) {
2975 UnitDependencyInfo info
;
2980 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2981 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2982 assert(origin_mask
> 0 || destination_mask
> 0);
2984 r
= hashmap_ensure_allocated(h
, NULL
);
2988 assert_cc(sizeof(void*) == sizeof(info
));
2990 info
.data
= hashmap_get(*h
, other
);
2992 /* Entry already exists. Add in our mask. */
2994 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
2995 FLAGS_SET(destination_mask
, info
.destination_mask
))
2998 info
.origin_mask
|= origin_mask
;
2999 info
.destination_mask
|= destination_mask
;
3001 r
= hashmap_update(*h
, other
, info
.data
);
3003 info
= (UnitDependencyInfo
) {
3004 .origin_mask
= origin_mask
,
3005 .destination_mask
= destination_mask
,
3008 r
= hashmap_put(*h
, other
, info
.data
);
3016 int unit_add_dependency(
3021 UnitDependencyMask mask
) {
3023 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3024 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3025 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3026 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3027 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3028 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3029 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3030 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3031 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3032 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3033 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3034 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3035 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3036 [UNIT_BEFORE
] = UNIT_AFTER
,
3037 [UNIT_AFTER
] = UNIT_BEFORE
,
3038 [UNIT_ON_FAILURE
] = _UNIT_DEPENDENCY_INVALID
,
3039 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3040 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3041 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3042 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3043 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3044 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3045 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
,
3047 Unit
*original_u
= u
, *original_other
= other
;
3051 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3054 u
= unit_follow_merge(u
);
3055 other
= unit_follow_merge(other
);
3057 /* We won't allow dependencies on ourselves. We will not
3058 * consider them an error however. */
3060 maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
3064 /* Note that ordering a device unit after a unit is permitted since it
3065 * allows to start its job running timeout at a specific time. */
3066 if (d
== UNIT_BEFORE
&& other
->type
== UNIT_DEVICE
) {
3067 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3071 if (d
== UNIT_ON_FAILURE
&& !UNIT_VTABLE(u
)->can_fail
) {
3072 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3076 if (d
== UNIT_TRIGGERS
&& !UNIT_VTABLE(u
)->can_trigger
)
3077 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3078 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3079 if (d
== UNIT_TRIGGERED_BY
&& !UNIT_VTABLE(other
)->can_trigger
)
3080 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3081 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3083 r
= unit_add_dependency_hashmap(u
->dependencies
+ d
, other
, mask
, 0);
3087 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
3088 r
= unit_add_dependency_hashmap(other
->dependencies
+ inverse_table
[d
], u
, 0, mask
);
3093 if (add_reference
) {
3094 r
= unit_add_dependency_hashmap(u
->dependencies
+ UNIT_REFERENCES
, other
, mask
, 0);
3098 r
= unit_add_dependency_hashmap(other
->dependencies
+ UNIT_REFERENCED_BY
, u
, 0, mask
);
3103 unit_add_to_dbus_queue(u
);
3107 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3112 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3116 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3119 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3127 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3134 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3136 _cleanup_free_
char *i
= NULL
;
3138 r
= unit_name_to_prefix(u
->id
, &i
);
3142 r
= unit_name_replace_instance(name
, i
, buf
);
3151 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3152 _cleanup_free_
char *buf
= NULL
;
3159 r
= resolve_template(u
, name
, &buf
, &name
);
3163 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3167 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3170 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3171 _cleanup_free_
char *buf
= NULL
;
3178 r
= resolve_template(u
, name
, &buf
, &name
);
3182 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3186 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3189 int set_unit_path(const char *p
) {
3190 /* This is mostly for debug purposes */
3191 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
3197 char *unit_dbus_path(Unit
*u
) {
3203 return unit_dbus_path_from_name(u
->id
);
3206 char *unit_dbus_path_invocation_id(Unit
*u
) {
3209 if (sd_id128_is_null(u
->invocation_id
))
3212 return unit_dbus_path_from_name(u
->invocation_id_string
);
3215 static int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3220 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3222 if (sd_id128_equal(u
->invocation_id
, id
))
3225 if (!sd_id128_is_null(u
->invocation_id
))
3226 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3228 if (sd_id128_is_null(id
)) {
3233 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3237 u
->invocation_id
= id
;
3238 sd_id128_to_string(id
, u
->invocation_id_string
);
3240 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3247 u
->invocation_id
= SD_ID128_NULL
;
3248 u
->invocation_id_string
[0] = 0;
3252 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3256 /* Sets the unit slice if it has not been set before. Is extra
3257 * careful, to only allow this for units that actually have a
3258 * cgroup context. Also, we don't allow to set this for slices
3259 * (since the parent slice is derived from the name). Make
3260 * sure the unit we set is actually a slice. */
3262 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3265 if (u
->type
== UNIT_SLICE
)
3268 if (unit_active_state(u
) != UNIT_INACTIVE
)
3271 if (slice
->type
!= UNIT_SLICE
)
3274 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3275 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3278 if (UNIT_DEREF(u
->slice
) == slice
)
3281 /* Disallow slice changes if @u is already bound to cgroups */
3282 if (UNIT_ISSET(u
->slice
) && u
->cgroup_realized
)
3285 unit_ref_set(&u
->slice
, u
, slice
);
3289 int unit_set_default_slice(Unit
*u
) {
3290 const char *slice_name
;
3296 if (UNIT_ISSET(u
->slice
))
3300 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3302 /* Implicitly place all instantiated units in their
3303 * own per-template slice */
3305 r
= unit_name_to_prefix(u
->id
, &prefix
);
3309 /* The prefix is already escaped, but it might include
3310 * "-" which has a special meaning for slice units,
3311 * hence escape it here extra. */
3312 escaped
= unit_name_escape(prefix
);
3316 if (MANAGER_IS_SYSTEM(u
->manager
))
3317 slice_name
= strjoina("system-", escaped
, ".slice");
3319 slice_name
= strjoina(escaped
, ".slice");
3322 MANAGER_IS_SYSTEM(u
->manager
) && !unit_has_name(u
, SPECIAL_INIT_SCOPE
)
3323 ? SPECIAL_SYSTEM_SLICE
3324 : SPECIAL_ROOT_SLICE
;
3326 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3330 return unit_set_slice(u
, slice
);
3333 const char *unit_slice_name(Unit
*u
) {
3336 if (!UNIT_ISSET(u
->slice
))
3339 return UNIT_DEREF(u
->slice
)->id
;
3342 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3343 _cleanup_free_
char *t
= NULL
;
3350 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3353 if (unit_has_name(u
, t
))
3356 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3357 assert(r
< 0 || *_found
!= u
);
3361 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3362 const char *new_owner
;
3369 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3371 bus_log_parse_error(r
);
3375 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3376 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3381 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3382 const sd_bus_error
*e
;
3383 const char *new_owner
;
3390 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3392 e
= sd_bus_message_get_error(message
);
3394 if (!sd_bus_error_has_name(e
, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3395 log_unit_error(u
, "Unexpected error response from GetNameOwner(): %s", e
->message
);
3399 r
= sd_bus_message_read(message
, "s", &new_owner
);
3401 return bus_log_parse_error(r
);
3403 assert(!isempty(new_owner
));
3406 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3407 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3412 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3420 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3423 match
= strjoina("type='signal',"
3424 "sender='org.freedesktop.DBus',"
3425 "path='/org/freedesktop/DBus',"
3426 "interface='org.freedesktop.DBus',"
3427 "member='NameOwnerChanged',"
3428 "arg0='", name
, "'");
3430 r
= sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3434 r
= sd_bus_call_method_async(
3436 &u
->get_name_owner_slot
,
3437 "org.freedesktop.DBus",
3438 "/org/freedesktop/DBus",
3439 "org.freedesktop.DBus",
3441 get_name_owner_handler
,
3445 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3449 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3453 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3459 /* Watch a specific name on the bus. We only support one unit
3460 * watching each name for now. */
3462 if (u
->manager
->api_bus
) {
3463 /* If the bus is already available, install the match directly.
3464 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3465 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3467 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3470 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3472 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3473 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3474 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3480 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3484 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3485 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3486 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3489 bool unit_can_serialize(Unit
*u
) {
3492 return UNIT_VTABLE(u
)->serialize
&& UNIT_VTABLE(u
)->deserialize_item
;
3495 static int serialize_cgroup_mask(FILE *f
, const char *key
, CGroupMask mask
) {
3496 _cleanup_free_
char *s
= NULL
;
3505 r
= cg_mask_to_string(mask
, &s
);
3507 return log_error_errno(r
, "Failed to format cgroup mask: %m");
3509 return serialize_item(f
, key
, s
);
3512 static const char *const ip_accounting_metric_field
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
3513 [CGROUP_IP_INGRESS_BYTES
] = "ip-accounting-ingress-bytes",
3514 [CGROUP_IP_INGRESS_PACKETS
] = "ip-accounting-ingress-packets",
3515 [CGROUP_IP_EGRESS_BYTES
] = "ip-accounting-egress-bytes",
3516 [CGROUP_IP_EGRESS_PACKETS
] = "ip-accounting-egress-packets",
3519 static const char *const io_accounting_metric_field_base
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3520 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-base",
3521 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-base",
3522 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-base",
3523 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-base",
3526 static const char *const io_accounting_metric_field_last
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3527 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-last",
3528 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-last",
3529 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-last",
3530 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-last",
3533 int unit_serialize(Unit
*u
, FILE *f
, FDSet
*fds
, bool serialize_jobs
) {
3534 CGroupIPAccountingMetric m
;
3541 if (unit_can_serialize(u
)) {
3542 r
= UNIT_VTABLE(u
)->serialize(u
, f
, fds
);
3547 (void) serialize_dual_timestamp(f
, "state-change-timestamp", &u
->state_change_timestamp
);
3549 (void) serialize_dual_timestamp(f
, "inactive-exit-timestamp", &u
->inactive_exit_timestamp
);
3550 (void) serialize_dual_timestamp(f
, "active-enter-timestamp", &u
->active_enter_timestamp
);
3551 (void) serialize_dual_timestamp(f
, "active-exit-timestamp", &u
->active_exit_timestamp
);
3552 (void) serialize_dual_timestamp(f
, "inactive-enter-timestamp", &u
->inactive_enter_timestamp
);
3554 (void) serialize_dual_timestamp(f
, "condition-timestamp", &u
->condition_timestamp
);
3555 (void) serialize_dual_timestamp(f
, "assert-timestamp", &u
->assert_timestamp
);
3557 if (dual_timestamp_is_set(&u
->condition_timestamp
))
3558 (void) serialize_bool(f
, "condition-result", u
->condition_result
);
3560 if (dual_timestamp_is_set(&u
->assert_timestamp
))
3561 (void) serialize_bool(f
, "assert-result", u
->assert_result
);
3563 (void) serialize_bool(f
, "transient", u
->transient
);
3564 (void) serialize_bool(f
, "in-audit", u
->in_audit
);
3566 (void) serialize_bool(f
, "exported-invocation-id", u
->exported_invocation_id
);
3567 (void) serialize_bool(f
, "exported-log-level-max", u
->exported_log_level_max
);
3568 (void) serialize_bool(f
, "exported-log-extra-fields", u
->exported_log_extra_fields
);
3569 (void) serialize_bool(f
, "exported-log-rate-limit-interval", u
->exported_log_ratelimit_interval
);
3570 (void) serialize_bool(f
, "exported-log-rate-limit-burst", u
->exported_log_ratelimit_burst
);
3572 (void) serialize_item_format(f
, "cpu-usage-base", "%" PRIu64
, u
->cpu_usage_base
);
3573 if (u
->cpu_usage_last
!= NSEC_INFINITY
)
3574 (void) serialize_item_format(f
, "cpu-usage-last", "%" PRIu64
, u
->cpu_usage_last
);
3576 if (u
->oom_kill_last
> 0)
3577 (void) serialize_item_format(f
, "oom-kill-last", "%" PRIu64
, u
->oom_kill_last
);
3579 for (CGroupIOAccountingMetric im
= 0; im
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; im
++) {
3580 (void) serialize_item_format(f
, io_accounting_metric_field_base
[im
], "%" PRIu64
, u
->io_accounting_base
[im
]);
3582 if (u
->io_accounting_last
[im
] != UINT64_MAX
)
3583 (void) serialize_item_format(f
, io_accounting_metric_field_last
[im
], "%" PRIu64
, u
->io_accounting_last
[im
]);
3587 (void) serialize_item(f
, "cgroup", u
->cgroup_path
);
3589 (void) serialize_bool(f
, "cgroup-realized", u
->cgroup_realized
);
3590 (void) serialize_cgroup_mask(f
, "cgroup-realized-mask", u
->cgroup_realized_mask
);
3591 (void) serialize_cgroup_mask(f
, "cgroup-enabled-mask", u
->cgroup_enabled_mask
);
3592 (void) serialize_cgroup_mask(f
, "cgroup-invalidated-mask", u
->cgroup_invalidated_mask
);
3594 if (uid_is_valid(u
->ref_uid
))
3595 (void) serialize_item_format(f
, "ref-uid", UID_FMT
, u
->ref_uid
);
3596 if (gid_is_valid(u
->ref_gid
))
3597 (void) serialize_item_format(f
, "ref-gid", GID_FMT
, u
->ref_gid
);
3599 if (!sd_id128_is_null(u
->invocation_id
))
3600 (void) serialize_item_format(f
, "invocation-id", SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
3602 (void) serialize_item_format(f
, "freezer-state", "%s", freezer_state_to_string(unit_freezer_state(u
)));
3604 bus_track_serialize(u
->bus_track
, f
, "ref");
3606 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
3609 r
= unit_get_ip_accounting(u
, m
, &v
);
3611 (void) serialize_item_format(f
, ip_accounting_metric_field
[m
], "%" PRIu64
, v
);
3614 if (serialize_jobs
) {
3617 job_serialize(u
->job
, f
);
3622 job_serialize(u
->nop_job
, f
);
3631 static int unit_deserialize_job(Unit
*u
, FILE *f
) {
3632 _cleanup_(job_freep
) Job
*j
= NULL
;
3642 r
= job_deserialize(j
, f
);
3646 r
= job_install_deserialized(j
);
3654 int unit_deserialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
3662 _cleanup_free_
char *line
= NULL
;
3667 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3669 return log_error_errno(r
, "Failed to read serialization line: %m");
3670 if (r
== 0) /* eof */
3674 if (isempty(l
)) /* End marker */
3677 k
= strcspn(l
, "=");
3685 if (streq(l
, "job")) {
3687 /* New-style serialized job */
3688 r
= unit_deserialize_job(u
, f
);
3691 } else /* Legacy for pre-44 */
3692 log_unit_warning(u
, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v
);
3694 } else if (streq(l
, "state-change-timestamp")) {
3695 (void) deserialize_dual_timestamp(v
, &u
->state_change_timestamp
);
3697 } else if (streq(l
, "inactive-exit-timestamp")) {
3698 (void) deserialize_dual_timestamp(v
, &u
->inactive_exit_timestamp
);
3700 } else if (streq(l
, "active-enter-timestamp")) {
3701 (void) deserialize_dual_timestamp(v
, &u
->active_enter_timestamp
);
3703 } else if (streq(l
, "active-exit-timestamp")) {
3704 (void) deserialize_dual_timestamp(v
, &u
->active_exit_timestamp
);
3706 } else if (streq(l
, "inactive-enter-timestamp")) {
3707 (void) deserialize_dual_timestamp(v
, &u
->inactive_enter_timestamp
);
3709 } else if (streq(l
, "condition-timestamp")) {
3710 (void) deserialize_dual_timestamp(v
, &u
->condition_timestamp
);
3712 } else if (streq(l
, "assert-timestamp")) {
3713 (void) deserialize_dual_timestamp(v
, &u
->assert_timestamp
);
3715 } else if (streq(l
, "condition-result")) {
3717 r
= parse_boolean(v
);
3719 log_unit_debug(u
, "Failed to parse condition result value %s, ignoring.", v
);
3721 u
->condition_result
= r
;
3725 } else if (streq(l
, "assert-result")) {
3727 r
= parse_boolean(v
);
3729 log_unit_debug(u
, "Failed to parse assert result value %s, ignoring.", v
);
3731 u
->assert_result
= r
;
3735 } else if (streq(l
, "transient")) {
3737 r
= parse_boolean(v
);
3739 log_unit_debug(u
, "Failed to parse transient bool %s, ignoring.", v
);
3745 } else if (streq(l
, "in-audit")) {
3747 r
= parse_boolean(v
);
3749 log_unit_debug(u
, "Failed to parse in-audit bool %s, ignoring.", v
);
3755 } else if (streq(l
, "exported-invocation-id")) {
3757 r
= parse_boolean(v
);
3759 log_unit_debug(u
, "Failed to parse exported invocation ID bool %s, ignoring.", v
);
3761 u
->exported_invocation_id
= r
;
3765 } else if (streq(l
, "exported-log-level-max")) {
3767 r
= parse_boolean(v
);
3769 log_unit_debug(u
, "Failed to parse exported log level max bool %s, ignoring.", v
);
3771 u
->exported_log_level_max
= r
;
3775 } else if (streq(l
, "exported-log-extra-fields")) {
3777 r
= parse_boolean(v
);
3779 log_unit_debug(u
, "Failed to parse exported log extra fields bool %s, ignoring.", v
);
3781 u
->exported_log_extra_fields
= r
;
3785 } else if (streq(l
, "exported-log-rate-limit-interval")) {
3787 r
= parse_boolean(v
);
3789 log_unit_debug(u
, "Failed to parse exported log rate limit interval %s, ignoring.", v
);
3791 u
->exported_log_ratelimit_interval
= r
;
3795 } else if (streq(l
, "exported-log-rate-limit-burst")) {
3797 r
= parse_boolean(v
);
3799 log_unit_debug(u
, "Failed to parse exported log rate limit burst %s, ignoring.", v
);
3801 u
->exported_log_ratelimit_burst
= r
;
3805 } else if (STR_IN_SET(l
, "cpu-usage-base", "cpuacct-usage-base")) {
3807 r
= safe_atou64(v
, &u
->cpu_usage_base
);
3809 log_unit_debug(u
, "Failed to parse CPU usage base %s, ignoring.", v
);
3813 } else if (streq(l
, "cpu-usage-last")) {
3815 r
= safe_atou64(v
, &u
->cpu_usage_last
);
3817 log_unit_debug(u
, "Failed to read CPU usage last %s, ignoring.", v
);
3821 } else if (streq(l
, "oom-kill-last")) {
3823 r
= safe_atou64(v
, &u
->oom_kill_last
);
3825 log_unit_debug(u
, "Failed to read OOM kill last %s, ignoring.", v
);
3829 } else if (streq(l
, "cgroup")) {
3831 r
= unit_set_cgroup_path(u
, v
);
3833 log_unit_debug_errno(u
, r
, "Failed to set cgroup path %s, ignoring: %m", v
);
3835 (void) unit_watch_cgroup(u
);
3836 (void) unit_watch_cgroup_memory(u
);
3839 } else if (streq(l
, "cgroup-realized")) {
3842 b
= parse_boolean(v
);
3844 log_unit_debug(u
, "Failed to parse cgroup-realized bool %s, ignoring.", v
);
3846 u
->cgroup_realized
= b
;
3850 } else if (streq(l
, "cgroup-realized-mask")) {
3852 r
= cg_mask_from_string(v
, &u
->cgroup_realized_mask
);
3854 log_unit_debug(u
, "Failed to parse cgroup-realized-mask %s, ignoring.", v
);
3857 } else if (streq(l
, "cgroup-enabled-mask")) {
3859 r
= cg_mask_from_string(v
, &u
->cgroup_enabled_mask
);
3861 log_unit_debug(u
, "Failed to parse cgroup-enabled-mask %s, ignoring.", v
);
3864 } else if (streq(l
, "cgroup-invalidated-mask")) {
3866 r
= cg_mask_from_string(v
, &u
->cgroup_invalidated_mask
);
3868 log_unit_debug(u
, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v
);
3871 } else if (streq(l
, "ref-uid")) {
3874 r
= parse_uid(v
, &uid
);
3876 log_unit_debug(u
, "Failed to parse referenced UID %s, ignoring.", v
);
3878 unit_ref_uid_gid(u
, uid
, GID_INVALID
);
3882 } else if (streq(l
, "ref-gid")) {
3885 r
= parse_gid(v
, &gid
);
3887 log_unit_debug(u
, "Failed to parse referenced GID %s, ignoring.", v
);
3889 unit_ref_uid_gid(u
, UID_INVALID
, gid
);
3893 } else if (streq(l
, "ref")) {
3895 r
= strv_extend(&u
->deserialized_refs
, v
);
3900 } else if (streq(l
, "invocation-id")) {
3903 r
= sd_id128_from_string(v
, &id
);
3905 log_unit_debug(u
, "Failed to parse invocation id %s, ignoring.", v
);
3907 r
= unit_set_invocation_id(u
, id
);
3909 log_unit_warning_errno(u
, r
, "Failed to set invocation ID for unit: %m");
3913 } else if (streq(l
, "freezer-state")) {
3916 s
= freezer_state_from_string(v
);
3918 log_unit_debug(u
, "Failed to deserialize freezer-state '%s', ignoring.", v
);
3920 u
->freezer_state
= s
;
3925 /* Check if this is an IP accounting metric serialization field */
3926 m
= string_table_lookup(ip_accounting_metric_field
, ELEMENTSOF(ip_accounting_metric_field
), l
);
3930 r
= safe_atou64(v
, &c
);
3932 log_unit_debug(u
, "Failed to parse IP accounting value %s, ignoring.", v
);
3934 u
->ip_accounting_extra
[m
] = c
;
3938 m
= string_table_lookup(io_accounting_metric_field_base
, ELEMENTSOF(io_accounting_metric_field_base
), l
);
3942 r
= safe_atou64(v
, &c
);
3944 log_unit_debug(u
, "Failed to parse IO accounting base value %s, ignoring.", v
);
3946 u
->io_accounting_base
[m
] = c
;
3950 m
= string_table_lookup(io_accounting_metric_field_last
, ELEMENTSOF(io_accounting_metric_field_last
), l
);
3954 r
= safe_atou64(v
, &c
);
3956 log_unit_debug(u
, "Failed to parse IO accounting last value %s, ignoring.", v
);
3958 u
->io_accounting_last
[m
] = c
;
3962 if (unit_can_serialize(u
)) {
3963 r
= exec_runtime_deserialize_compat(u
, l
, v
, fds
);
3965 log_unit_warning(u
, "Failed to deserialize runtime parameter '%s', ignoring.", l
);
3969 /* Returns positive if key was handled by the call */
3973 r
= UNIT_VTABLE(u
)->deserialize_item(u
, l
, v
, fds
);
3975 log_unit_warning(u
, "Failed to deserialize unit parameter '%s', ignoring.", l
);
3979 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3980 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3981 * before 228 where the base for timeouts was not persistent across reboots. */
3983 if (!dual_timestamp_is_set(&u
->state_change_timestamp
))
3984 dual_timestamp_get(&u
->state_change_timestamp
);
3986 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3987 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3988 unit_invalidate_cgroup(u
, _CGROUP_MASK_ALL
);
3989 unit_invalidate_cgroup_bpf(u
);
3994 int unit_deserialize_skip(FILE *f
) {
3998 /* Skip serialized data for this unit. We don't know what it is. */
4001 _cleanup_free_
char *line
= NULL
;
4004 r
= read_line(f
, LONG_LINE_MAX
, &line
);
4006 return log_error_errno(r
, "Failed to read serialization line: %m");
4018 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
4019 _cleanup_free_
char *e
= NULL
;
4025 /* Adds in links to the device node that this unit is based on */
4029 if (!is_device_path(what
))
4032 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
4033 if (!unit_type_supported(UNIT_DEVICE
))
4036 r
= unit_name_from_path(what
, ".device", &e
);
4040 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
4044 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
4045 dep
= UNIT_BINDS_TO
;
4047 return unit_add_two_dependencies(u
, UNIT_AFTER
,
4048 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
4049 device
, true, mask
);
4052 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
4053 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
4061 if (!path_startswith(what
, "/dev/"))
4064 /* If we don't support devices, then also don't bother with blockdev@.target */
4065 if (!unit_type_supported(UNIT_DEVICE
))
4068 r
= unit_name_path_escape(what
, &escaped
);
4072 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
4076 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
4079 int unit_coldplug(Unit
*u
) {
4086 /* Make sure we don't enter a loop, when coldplugging recursively. */
4090 u
->coldplugged
= true;
4092 STRV_FOREACH(i
, u
->deserialized_refs
) {
4093 q
= bus_unit_track_add_name(u
, *i
);
4094 if (q
< 0 && r
>= 0)
4097 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
4099 if (UNIT_VTABLE(u
)->coldplug
) {
4100 q
= UNIT_VTABLE(u
)->coldplug(u
);
4101 if (q
< 0 && r
>= 0)
4105 uj
= u
->job
?: u
->nop_job
;
4107 q
= job_coldplug(uj
);
4108 if (q
< 0 && r
>= 0)
4115 void unit_catchup(Unit
*u
) {
4118 if (UNIT_VTABLE(u
)->catchup
)
4119 UNIT_VTABLE(u
)->catchup(u
);
4122 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
4128 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
4129 * are never out-of-date. */
4130 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
4133 if (stat(path
, &st
) < 0)
4134 /* What, cannot access this anymore? */
4138 /* For masked files check if they are still so */
4139 return !null_or_empty(&st
);
4141 /* For non-empty files check the mtime */
4142 return timespec_load(&st
.st_mtim
) > mtime
;
4147 bool unit_need_daemon_reload(Unit
*u
) {
4148 _cleanup_strv_free_
char **t
= NULL
;
4153 /* For unit files, we allow masking… */
4154 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
4155 u
->load_state
== UNIT_MASKED
))
4158 /* Source paths should not be masked… */
4159 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
4162 if (u
->load_state
== UNIT_LOADED
)
4163 (void) unit_find_dropin_paths(u
, &t
);
4164 if (!strv_equal(u
->dropin_paths
, t
))
4167 /* … any drop-ins that are masked are simply omitted from the list. */
4168 STRV_FOREACH(path
, u
->dropin_paths
)
4169 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
4175 void unit_reset_failed(Unit
*u
) {
4178 if (UNIT_VTABLE(u
)->reset_failed
)
4179 UNIT_VTABLE(u
)->reset_failed(u
);
4181 ratelimit_reset(&u
->start_ratelimit
);
4182 u
->start_limit_hit
= false;
4185 Unit
*unit_following(Unit
*u
) {
4188 if (UNIT_VTABLE(u
)->following
)
4189 return UNIT_VTABLE(u
)->following(u
);
4194 bool unit_stop_pending(Unit
*u
) {
4197 /* This call does check the current state of the unit. It's
4198 * hence useful to be called from state change calls of the
4199 * unit itself, where the state isn't updated yet. This is
4200 * different from unit_inactive_or_pending() which checks both
4201 * the current state and for a queued job. */
4203 return unit_has_job_type(u
, JOB_STOP
);
4206 bool unit_inactive_or_pending(Unit
*u
) {
4209 /* Returns true if the unit is inactive or going down */
4211 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
4214 if (unit_stop_pending(u
))
4220 bool unit_active_or_pending(Unit
*u
) {
4223 /* Returns true if the unit is active or going up */
4225 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
4229 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
4235 bool unit_will_restart_default(Unit
*u
) {
4238 return unit_has_job_type(u
, JOB_START
);
4241 bool unit_will_restart(Unit
*u
) {
4244 if (!UNIT_VTABLE(u
)->will_restart
)
4247 return UNIT_VTABLE(u
)->will_restart(u
);
4250 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
4252 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
4253 assert(SIGNAL_VALID(signo
));
4255 if (!UNIT_VTABLE(u
)->kill
)
4258 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
4261 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
4262 _cleanup_set_free_ Set
*pid_set
= NULL
;
4265 pid_set
= set_new(NULL
);
4269 /* Exclude the main/control pids from being killed via the cgroup */
4271 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
4276 if (control_pid
> 0) {
4277 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
4282 return TAKE_PTR(pid_set
);
4285 int unit_kill_common(
4291 sd_bus_error
*error
) {
4294 bool killed
= false;
4296 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
4298 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
4299 else if (main_pid
== 0)
4300 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
4303 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
4304 if (control_pid
< 0)
4305 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
4306 else if (control_pid
== 0)
4307 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
4310 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4311 if (control_pid
> 0) {
4312 if (kill(control_pid
, signo
) < 0)
4318 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4320 if (kill(main_pid
, signo
) < 0)
4326 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
4327 _cleanup_set_free_ Set
*pid_set
= NULL
;
4330 /* Exclude the main/control pids from being killed via the cgroup */
4331 pid_set
= unit_pid_set(main_pid
, control_pid
);
4335 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, NULL
, NULL
);
4336 if (q
< 0 && !IN_SET(q
, -EAGAIN
, -ESRCH
, -ENOENT
))
4342 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
))
4348 int unit_following_set(Unit
*u
, Set
**s
) {
4352 if (UNIT_VTABLE(u
)->following_set
)
4353 return UNIT_VTABLE(u
)->following_set(u
, s
);
4359 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
4364 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
4365 r
= unit_file_get_state(
4366 u
->manager
->unit_file_scope
,
4369 &u
->unit_file_state
);
4371 u
->unit_file_state
= UNIT_FILE_BAD
;
4374 return u
->unit_file_state
;
4377 int unit_get_unit_file_preset(Unit
*u
) {
4380 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
4381 u
->unit_file_preset
= unit_file_query_preset(
4382 u
->manager
->unit_file_scope
,
4384 basename(u
->fragment_path
),
4387 return u
->unit_file_preset
;
4390 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4396 unit_ref_unset(ref
);
4398 ref
->source
= source
;
4399 ref
->target
= target
;
4400 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4404 void unit_ref_unset(UnitRef
*ref
) {
4410 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4411 * be unreferenced now. */
4412 unit_add_to_gc_queue(ref
->target
);
4414 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4415 ref
->source
= ref
->target
= NULL
;
4418 static int user_from_unit_name(Unit
*u
, char **ret
) {
4420 static const uint8_t hash_key
[] = {
4421 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4422 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4425 _cleanup_free_
char *n
= NULL
;
4428 r
= unit_name_to_prefix(u
->id
, &n
);
4432 if (valid_user_group_name(n
, 0)) {
4437 /* If we can't use the unit name as a user name, then let's hash it and use that */
4438 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4444 int unit_patch_contexts(Unit
*u
) {
4452 /* Patch in the manager defaults into the exec and cgroup
4453 * contexts, _after_ the rest of the settings have been
4456 ec
= unit_get_exec_context(u
);
4458 /* This only copies in the ones that need memory */
4459 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
4460 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4461 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4466 if (MANAGER_IS_USER(u
->manager
) &&
4467 !ec
->working_directory
) {
4469 r
= get_home_dir(&ec
->working_directory
);
4473 /* Allow user services to run, even if the
4474 * home directory is missing */
4475 ec
->working_directory_missing_ok
= true;
4478 if (ec
->private_devices
)
4479 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4481 if (ec
->protect_kernel_modules
)
4482 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4484 if (ec
->protect_kernel_logs
)
4485 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4487 if (ec
->protect_clock
)
4488 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4490 if (ec
->dynamic_user
) {
4492 r
= user_from_unit_name(u
, &ec
->user
);
4498 ec
->group
= strdup(ec
->user
);
4503 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4504 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4507 ec
->private_tmp
= true;
4508 ec
->remove_ipc
= true;
4509 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4510 if (ec
->protect_home
== PROTECT_HOME_NO
)
4511 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4513 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4515 ec
->no_new_privileges
= true;
4516 ec
->restrict_suid_sgid
= true;
4520 cc
= unit_get_cgroup_context(u
);
4523 if (ec
->private_devices
&&
4524 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4525 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4527 if ((ec
->root_image
|| !LIST_IS_EMPTY(ec
->mount_images
)) &&
4528 (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
)) {
4531 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4532 FOREACH_STRING(p
, "/dev/loop-control", "/dev/mapper/control") {
4533 r
= cgroup_add_device_allow(cc
, p
, "rw");
4537 FOREACH_STRING(p
, "block-loop", "block-blkext", "block-device-mapper") {
4538 r
= cgroup_add_device_allow(cc
, p
, "rwm");
4543 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4544 * Same for mapper and verity. */
4545 FOREACH_STRING(p
, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4546 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, p
, true, UNIT_DEPENDENCY_FILE
);
4552 if (ec
->protect_clock
) {
4553 r
= cgroup_add_device_allow(cc
, "char-rtc", "r");
4562 ExecContext
*unit_get_exec_context(Unit
*u
) {
4569 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4573 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4576 KillContext
*unit_get_kill_context(Unit
*u
) {
4583 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4587 return (KillContext
*) ((uint8_t*) u
+ offset
);
4590 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4596 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4600 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4603 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4609 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4613 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4616 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4619 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4622 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4623 return u
->manager
->lookup_paths
.transient
;
4625 if (flags
& UNIT_PERSISTENT
)
4626 return u
->manager
->lookup_paths
.persistent_control
;
4628 if (flags
& UNIT_RUNTIME
)
4629 return u
->manager
->lookup_paths
.runtime_control
;
4634 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4640 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4641 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4642 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4643 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4644 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4647 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4648 ret
= specifier_escape(s
);
4655 if (flags
& UNIT_ESCAPE_C
) {
4668 return ret
?: (char*) s
;
4671 return ret
?: strdup(s
);
4674 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4675 _cleanup_free_
char *result
= NULL
;
4676 size_t n
= 0, allocated
= 0;
4679 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4680 * way suitable for ExecStart= stanzas */
4682 STRV_FOREACH(i
, l
) {
4683 _cleanup_free_
char *buf
= NULL
;
4688 p
= unit_escape_setting(*i
, flags
, &buf
);
4692 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4693 if (!GREEDY_REALLOC(result
, allocated
, n
+ a
+ 1))
4707 if (!GREEDY_REALLOC(result
, allocated
, n
+ 1))
4712 return TAKE_PTR(result
);
4715 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4716 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4717 const char *dir
, *wrapped
;
4724 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4727 data
= unit_escape_setting(data
, flags
, &escaped
);
4731 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4732 * previous section header is the same */
4734 if (flags
& UNIT_PRIVATE
) {
4735 if (!UNIT_VTABLE(u
)->private_section
)
4738 if (!u
->transient_file
|| u
->last_section_private
< 0)
4739 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4740 else if (u
->last_section_private
== 0)
4741 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4743 if (!u
->transient_file
|| u
->last_section_private
< 0)
4744 data
= strjoina("[Unit]\n", data
);
4745 else if (u
->last_section_private
> 0)
4746 data
= strjoina("\n[Unit]\n", data
);
4749 if (u
->transient_file
) {
4750 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4751 * write to the transient unit file. */
4752 fputs(data
, u
->transient_file
);
4754 if (!endswith(data
, "\n"))
4755 fputc('\n', u
->transient_file
);
4757 /* Remember which section we wrote this entry to */
4758 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4762 dir
= unit_drop_in_dir(u
, flags
);
4766 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4767 "# or an equivalent operation. Do not edit.\n",
4771 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4775 (void) mkdir_p_label(p
, 0755);
4777 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4778 * recreate the cache after every drop-in we write. */
4779 if (u
->manager
->unit_path_cache
) {
4780 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4785 r
= write_string_file_atomic_label(q
, wrapped
);
4789 r
= strv_push(&u
->dropin_paths
, q
);
4794 strv_uniq(u
->dropin_paths
);
4796 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4801 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4802 _cleanup_free_
char *p
= NULL
;
4810 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4813 va_start(ap
, format
);
4814 r
= vasprintf(&p
, format
, ap
);
4820 return unit_write_setting(u
, flags
, name
, p
);
4823 int unit_make_transient(Unit
*u
) {
4824 _cleanup_free_
char *path
= NULL
;
4829 if (!UNIT_VTABLE(u
)->can_transient
)
4832 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4834 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4838 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4839 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4841 RUN_WITH_UMASK(0022) {
4842 f
= fopen(path
, "we");
4847 safe_fclose(u
->transient_file
);
4848 u
->transient_file
= f
;
4850 free_and_replace(u
->fragment_path
, path
);
4852 u
->source_path
= mfree(u
->source_path
);
4853 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4854 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4856 u
->load_state
= UNIT_STUB
;
4858 u
->transient
= true;
4860 unit_add_to_dbus_queue(u
);
4861 unit_add_to_gc_queue(u
);
4863 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4869 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4870 _cleanup_free_
char *comm
= NULL
;
4872 (void) get_process_comm(pid
, &comm
);
4874 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4875 only, like for example systemd's own PAM stub process. */
4876 if (comm
&& comm
[0] == '(')
4879 log_unit_notice(userdata
,
4880 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4883 signal_to_string(sig
));
4888 static int operation_to_signal(const KillContext
*c
, KillOperation k
, bool *noteworthy
) {
4893 case KILL_TERMINATE
:
4894 case KILL_TERMINATE_AND_LOG
:
4895 *noteworthy
= false;
4896 return c
->kill_signal
;
4899 *noteworthy
= false;
4900 return restart_kill_signal(c
);
4904 return c
->final_kill_signal
;
4908 return c
->watchdog_signal
;
4911 assert_not_reached("KillOperation unknown");
4915 int unit_kill_context(
4921 bool main_pid_alien
) {
4923 bool wait_for_exit
= false, send_sighup
;
4924 cg_kill_log_func_t log_func
= NULL
;
4930 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4931 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4933 if (c
->kill_mode
== KILL_NONE
)
4937 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4939 log_func
= log_kill
;
4943 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4948 log_func(main_pid
, sig
, u
);
4950 r
= kill_and_sigcont(main_pid
, sig
);
4951 if (r
< 0 && r
!= -ESRCH
) {
4952 _cleanup_free_
char *comm
= NULL
;
4953 (void) get_process_comm(main_pid
, &comm
);
4955 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4957 if (!main_pid_alien
)
4958 wait_for_exit
= true;
4960 if (r
!= -ESRCH
&& send_sighup
)
4961 (void) kill(main_pid
, SIGHUP
);
4965 if (control_pid
> 0) {
4967 log_func(control_pid
, sig
, u
);
4969 r
= kill_and_sigcont(control_pid
, sig
);
4970 if (r
< 0 && r
!= -ESRCH
) {
4971 _cleanup_free_
char *comm
= NULL
;
4972 (void) get_process_comm(control_pid
, &comm
);
4974 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4976 wait_for_exit
= true;
4978 if (r
!= -ESRCH
&& send_sighup
)
4979 (void) kill(control_pid
, SIGHUP
);
4983 if (u
->cgroup_path
&&
4984 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4985 _cleanup_set_free_ Set
*pid_set
= NULL
;
4987 /* Exclude the main/control pids from being killed via the cgroup */
4988 pid_set
= unit_pid_set(main_pid
, control_pid
);
4992 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4994 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4998 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4999 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", u
->cgroup_path
);
5003 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
5004 * we are running in a container or if this is a delegation unit, simply because cgroup
5005 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
5006 * of containers it can be confused easily by left-over directories in the cgroup — which
5007 * however should not exist in non-delegated units. On the unified hierarchy that's different,
5008 * there we get proper events. Hence rely on them. */
5010 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
5011 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
5012 wait_for_exit
= true;
5017 pid_set
= unit_pid_set(main_pid
, control_pid
);
5021 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
5030 return wait_for_exit
;
5033 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
5034 _cleanup_free_
char *p
= NULL
;
5035 UnitDependencyInfo di
;
5041 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
5042 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
5043 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
5044 * determine which units to make themselves a dependency of. */
5046 if (!path_is_absolute(path
))
5049 r
= hashmap_ensure_allocated(&u
->requires_mounts_for
, &path_hash_ops
);
5057 path
= path_simplify(p
, true);
5059 if (!path_is_normalized(path
))
5062 if (hashmap_contains(u
->requires_mounts_for
, path
))
5065 di
= (UnitDependencyInfo
) {
5069 r
= hashmap_put(u
->requires_mounts_for
, path
, di
.data
);
5074 char prefix
[strlen(path
) + 1];
5075 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
5078 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
5080 _cleanup_free_
char *q
= NULL
;
5082 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
5094 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
5110 int unit_setup_exec_runtime(Unit
*u
) {
5118 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
5121 /* Check if there already is an ExecRuntime for this unit? */
5122 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
5126 /* Try to get it from somebody else */
5127 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_JOINS_NAMESPACE_OF
], i
) {
5128 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
5133 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
5136 int unit_setup_dynamic_creds(Unit
*u
) {
5138 DynamicCreds
*dcreds
;
5143 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
5145 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
5147 ec
= unit_get_exec_context(u
);
5150 if (!ec
->dynamic_user
)
5153 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
5156 bool unit_type_supported(UnitType t
) {
5157 if (_unlikely_(t
< 0))
5159 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
5162 if (!unit_vtable
[t
]->supported
)
5165 return unit_vtable
[t
]->supported();
5168 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
5174 r
= dir_is_empty(where
);
5175 if (r
> 0 || r
== -ENOTDIR
)
5178 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
5182 log_struct(LOG_NOTICE
,
5183 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5185 LOG_UNIT_INVOCATION_ID(u
),
5186 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
5190 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
5191 _cleanup_free_
char *canonical_where
= NULL
;
5197 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
5199 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
5203 /* We will happily ignore a trailing slash (or any redundant slashes) */
5204 if (path_equal(where
, canonical_where
))
5207 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5209 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5211 LOG_UNIT_INVOCATION_ID(u
),
5212 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
5218 bool unit_is_pristine(Unit
*u
) {
5221 /* Check if the unit already exists or is already around,
5222 * in a number of different ways. Note that to cater for unit
5223 * types such as slice, we are generally fine with units that
5224 * are marked UNIT_LOADED even though nothing was actually
5225 * loaded, as those unit types don't require a file on disk. */
5227 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
5230 !strv_isempty(u
->dropin_paths
) ||
5235 pid_t
unit_control_pid(Unit
*u
) {
5238 if (UNIT_VTABLE(u
)->control_pid
)
5239 return UNIT_VTABLE(u
)->control_pid(u
);
5244 pid_t
unit_main_pid(Unit
*u
) {
5247 if (UNIT_VTABLE(u
)->main_pid
)
5248 return UNIT_VTABLE(u
)->main_pid(u
);
5253 static void unit_unref_uid_internal(
5257 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
5261 assert(_manager_unref_uid
);
5263 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5264 * gid_t are actually the same time, with the same validity rules.
5266 * Drops a reference to UID/GID from a unit. */
5268 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5269 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5271 if (!uid_is_valid(*ref_uid
))
5274 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
5275 *ref_uid
= UID_INVALID
;
5278 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
5279 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
5282 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
5283 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
5286 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
5289 unit_unref_uid(u
, destroy_now
);
5290 unit_unref_gid(u
, destroy_now
);
5293 static int unit_ref_uid_internal(
5298 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
5304 assert(uid_is_valid(uid
));
5305 assert(_manager_ref_uid
);
5307 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5308 * are actually the same type, and have the same validity rules.
5310 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5311 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5314 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5315 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5317 if (*ref_uid
== uid
)
5320 if (uid_is_valid(*ref_uid
)) /* Already set? */
5323 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
5331 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
5332 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
5335 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
5336 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
5339 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
5344 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5346 if (uid_is_valid(uid
)) {
5347 r
= unit_ref_uid(u
, uid
, clean_ipc
);
5352 if (gid_is_valid(gid
)) {
5353 q
= unit_ref_gid(u
, gid
, clean_ipc
);
5356 unit_unref_uid(u
, false);
5362 return r
> 0 || q
> 0;
5365 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
5371 c
= unit_get_exec_context(u
);
5373 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
5375 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5380 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
5385 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5386 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5387 * objects when no service references the UID/GID anymore. */
5389 r
= unit_ref_uid_gid(u
, uid
, gid
);
5391 unit_add_to_dbus_queue(u
);
5394 int unit_acquire_invocation_id(Unit
*u
) {
5400 r
= sd_id128_randomize(&id
);
5402 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5404 r
= unit_set_invocation_id(u
, id
);
5406 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5408 unit_add_to_dbus_queue(u
);
5412 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5418 /* Copy parameters from manager */
5419 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5423 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5424 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5425 p
->prefix
= u
->manager
->prefix
;
5426 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5428 /* Copy parameters from unit */
5429 p
->cgroup_path
= u
->cgroup_path
;
5430 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5432 p
->received_credentials
= u
->manager
->received_credentials
;
5437 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5443 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5444 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5446 (void) unit_realize_cgroup(u
);
5448 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5452 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
5453 (void) ignore_signals(SIGPIPE
, -1);
5455 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5457 if (u
->cgroup_path
) {
5458 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5460 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", u
->cgroup_path
);
5468 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, pid_t
*ret_pid
) {
5475 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5479 int ret
= EXIT_SUCCESS
;
5482 STRV_FOREACH(i
, paths
) {
5483 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5485 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5493 r
= unit_watch_pid(u
, pid
, true);
5501 static void unit_update_dependency_mask(Unit
*u
, UnitDependency d
, Unit
*other
, UnitDependencyInfo di
) {
5504 assert(d
< _UNIT_DEPENDENCY_MAX
);
5507 if (di
.origin_mask
== 0 && di
.destination_mask
== 0) {
5508 /* No bit set anymore, let's drop the whole entry */
5509 assert_se(hashmap_remove(u
->dependencies
[d
], other
));
5510 log_unit_debug(u
, "lost dependency %s=%s", unit_dependency_to_string(d
), other
->id
);
5512 /* Mask was reduced, let's update the entry */
5513 assert_se(hashmap_update(u
->dependencies
[d
], other
, di
.data
) == 0);
5516 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5519 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5524 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
5528 UnitDependencyInfo di
;
5534 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
5535 if ((di
.origin_mask
& ~mask
) == di
.origin_mask
)
5537 di
.origin_mask
&= ~mask
;
5538 unit_update_dependency_mask(u
, d
, other
, di
);
5540 /* We updated the dependency from our unit to the other unit now. But most dependencies
5541 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5542 * all dependency types on the other unit and delete all those which point to us and
5543 * have the right mask set. */
5545 for (UnitDependency q
= 0; q
< _UNIT_DEPENDENCY_MAX
; q
++) {
5546 UnitDependencyInfo dj
;
5548 dj
.data
= hashmap_get(other
->dependencies
[q
], u
);
5549 if ((dj
.destination_mask
& ~mask
) == dj
.destination_mask
)
5551 dj
.destination_mask
&= ~mask
;
5553 unit_update_dependency_mask(other
, q
, u
, dj
);
5556 unit_add_to_gc_queue(other
);
5566 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5573 if (MANAGER_IS_SYSTEM(u
->manager
))
5574 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5576 _cleanup_free_
char *user_path
= NULL
;
5577 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5580 p
= strjoin(user_path
, u
->id
);
5590 static int unit_export_invocation_id(Unit
*u
) {
5591 _cleanup_free_
char *p
= NULL
;
5596 if (u
->exported_invocation_id
)
5599 if (sd_id128_is_null(u
->invocation_id
))
5602 r
= unit_get_invocation_path(u
, &p
);
5604 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5606 r
= symlink_atomic(u
->invocation_id_string
, p
);
5608 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5610 u
->exported_invocation_id
= true;
5614 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5622 if (u
->exported_log_level_max
)
5625 if (c
->log_level_max
< 0)
5628 assert(c
->log_level_max
<= 7);
5630 buf
[0] = '0' + c
->log_level_max
;
5633 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5634 r
= symlink_atomic(buf
, p
);
5636 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5638 u
->exported_log_level_max
= true;
5642 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5643 _cleanup_close_
int fd
= -1;
5644 struct iovec
*iovec
;
5652 if (u
->exported_log_extra_fields
)
5655 if (c
->n_log_extra_fields
<= 0)
5658 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5659 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5661 for (i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5662 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5664 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5665 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5668 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5669 pattern
= strjoina(p
, ".XXXXXX");
5671 fd
= mkostemp_safe(pattern
);
5673 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5675 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5677 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5681 (void) fchmod(fd
, 0644);
5683 if (rename(pattern
, p
) < 0) {
5684 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5688 u
->exported_log_extra_fields
= true;
5692 (void) unlink(pattern
);
5696 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5697 _cleanup_free_
char *buf
= NULL
;
5704 if (u
->exported_log_ratelimit_interval
)
5707 if (c
->log_ratelimit_interval_usec
== 0)
5710 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5712 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5715 r
= symlink_atomic(buf
, p
);
5717 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5719 u
->exported_log_ratelimit_interval
= true;
5723 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5724 _cleanup_free_
char *buf
= NULL
;
5731 if (u
->exported_log_ratelimit_burst
)
5734 if (c
->log_ratelimit_burst
== 0)
5737 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5739 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5742 r
= symlink_atomic(buf
, p
);
5744 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5746 u
->exported_log_ratelimit_burst
= true;
5750 void unit_export_state_files(Unit
*u
) {
5751 const ExecContext
*c
;
5758 if (MANAGER_IS_TEST_RUN(u
->manager
))
5761 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5762 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5763 * the IPC system itself and PID 1 also log to the journal.
5765 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5766 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5767 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5768 * namespace at least.
5770 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5771 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5774 (void) unit_export_invocation_id(u
);
5776 if (!MANAGER_IS_SYSTEM(u
->manager
))
5779 c
= unit_get_exec_context(u
);
5781 (void) unit_export_log_level_max(u
, c
);
5782 (void) unit_export_log_extra_fields(u
, c
);
5783 (void) unit_export_log_ratelimit_interval(u
, c
);
5784 (void) unit_export_log_ratelimit_burst(u
, c
);
5788 void unit_unlink_state_files(Unit
*u
) {
5796 /* Undoes the effect of unit_export_state() */
5798 if (u
->exported_invocation_id
) {
5799 _cleanup_free_
char *invocation_path
= NULL
;
5800 int r
= unit_get_invocation_path(u
, &invocation_path
);
5802 (void) unlink(invocation_path
);
5803 u
->exported_invocation_id
= false;
5807 if (!MANAGER_IS_SYSTEM(u
->manager
))
5810 if (u
->exported_log_level_max
) {
5811 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5814 u
->exported_log_level_max
= false;
5817 if (u
->exported_log_extra_fields
) {
5818 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5821 u
->exported_log_extra_fields
= false;
5824 if (u
->exported_log_ratelimit_interval
) {
5825 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5828 u
->exported_log_ratelimit_interval
= false;
5831 if (u
->exported_log_ratelimit_burst
) {
5832 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5835 u
->exported_log_ratelimit_burst
= false;
5839 int unit_prepare_exec(Unit
*u
) {
5844 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5845 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5846 r
= bpf_firewall_load_custom(u
);
5850 /* Prepares everything so that we can fork of a process for this unit */
5852 (void) unit_realize_cgroup(u
);
5854 if (u
->reset_accounting
) {
5855 (void) unit_reset_accounting(u
);
5856 u
->reset_accounting
= false;
5859 unit_export_state_files(u
);
5861 r
= unit_setup_exec_runtime(u
);
5865 r
= unit_setup_dynamic_creds(u
);
5872 static bool ignore_leftover_process(const char *comm
) {
5873 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5876 int unit_log_leftover_process_start(pid_t pid
, int sig
, void *userdata
) {
5877 _cleanup_free_
char *comm
= NULL
;
5879 (void) get_process_comm(pid
, &comm
);
5881 if (ignore_leftover_process(comm
))
5884 /* During start we print a warning */
5886 log_unit_warning(userdata
,
5887 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5888 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5894 int unit_log_leftover_process_stop(pid_t pid
, int sig
, void *userdata
) {
5895 _cleanup_free_
char *comm
= NULL
;
5897 (void) get_process_comm(pid
, &comm
);
5899 if (ignore_leftover_process(comm
))
5902 /* During stop we only print an informational message */
5904 log_unit_info(userdata
,
5905 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5911 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5914 (void) unit_pick_cgroup_path(u
);
5916 if (!u
->cgroup_path
)
5919 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_func
, u
);
5922 bool unit_needs_console(Unit
*u
) {
5924 UnitActiveState state
;
5928 state
= unit_active_state(u
);
5930 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5933 if (UNIT_VTABLE(u
)->needs_console
)
5934 return UNIT_VTABLE(u
)->needs_console(u
);
5936 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5937 ec
= unit_get_exec_context(u
);
5941 return exec_context_may_touch_console(ec
);
5944 const char *unit_label_path(const Unit
*u
) {
5949 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5950 * when validating access checks. */
5952 p
= u
->source_path
?: u
->fragment_path
;
5956 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5957 if (null_or_empty_path(p
) > 0)
5963 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5968 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5969 * and not a kernel thread either */
5971 /* First, a simple range check */
5972 if (!pid_is_valid(pid
))
5973 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5975 /* Some extra safety check */
5976 if (pid
== 1 || pid
== getpid_cached())
5977 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5979 /* Don't even begin to bother with kernel threads */
5980 r
= is_kernel_thread(pid
);
5982 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5984 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5986 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5991 void unit_log_success(Unit
*u
) {
5994 log_struct(LOG_INFO
,
5995 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5997 LOG_UNIT_INVOCATION_ID(u
),
5998 LOG_UNIT_MESSAGE(u
, "Succeeded."));
6001 void unit_log_failure(Unit
*u
, const char *result
) {
6005 log_struct(LOG_WARNING
,
6006 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
6008 LOG_UNIT_INVOCATION_ID(u
),
6009 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
6010 "UNIT_RESULT=%s", result
);
6013 void unit_log_skip(Unit
*u
, const char *result
) {
6017 log_struct(LOG_INFO
,
6018 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
6020 LOG_UNIT_INVOCATION_ID(u
),
6021 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
6022 "UNIT_RESULT=%s", result
);
6025 void unit_log_process_exit(
6028 const char *command
,
6038 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6039 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6040 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6044 else if (code
== CLD_EXITED
)
6047 level
= LOG_WARNING
;
6050 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
6051 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s",
6053 sigchld_code_to_string(code
), status
,
6054 strna(code
== CLD_EXITED
6055 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
6056 : signal_to_string(status
))),
6057 "EXIT_CODE=%s", sigchld_code_to_string(code
),
6058 "EXIT_STATUS=%i", status
,
6059 "COMMAND=%s", strna(command
),
6061 LOG_UNIT_INVOCATION_ID(u
));
6064 int unit_exit_status(Unit
*u
) {
6067 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6068 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6069 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6070 * service process has exited abnormally (signal/coredump). */
6072 if (!UNIT_VTABLE(u
)->exit_status
)
6075 return UNIT_VTABLE(u
)->exit_status(u
);
6078 int unit_failure_action_exit_status(Unit
*u
) {
6083 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6085 if (u
->failure_action_exit_status
>= 0)
6086 return u
->failure_action_exit_status
;
6088 r
= unit_exit_status(u
);
6089 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6095 int unit_success_action_exit_status(Unit
*u
) {
6100 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6102 if (u
->success_action_exit_status
>= 0)
6103 return u
->success_action_exit_status
;
6105 r
= unit_exit_status(u
);
6106 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6112 int unit_test_trigger_loaded(Unit
*u
) {
6115 /* Tests whether the unit to trigger is loaded */
6117 trigger
= UNIT_TRIGGER(u
);
6119 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6120 "Refusing to start, no unit to trigger.");
6121 if (trigger
->load_state
!= UNIT_LOADED
)
6122 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6123 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
6128 void unit_destroy_runtime_data(Unit
*u
, const ExecContext
*context
) {
6132 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
||
6133 (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
&& !unit_will_restart(u
)))
6134 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
6136 exec_context_destroy_credentials(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
], u
->id
);
6139 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
6140 UnitActiveState state
;
6144 /* Special return values:
6146 * -EOPNOTSUPP → cleaning not supported for this unit type
6147 * -EUNATCH → cleaning not defined for this resource type
6148 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6149 * a job queued or similar
6152 if (!UNIT_VTABLE(u
)->clean
)
6158 if (u
->load_state
!= UNIT_LOADED
)
6164 state
= unit_active_state(u
);
6165 if (!IN_SET(state
, UNIT_INACTIVE
))
6168 return UNIT_VTABLE(u
)->clean(u
, mask
);
6171 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
6174 if (!UNIT_VTABLE(u
)->clean
||
6175 u
->load_state
!= UNIT_LOADED
) {
6180 /* When the clean() method is set, can_clean() really should be set too */
6181 assert(UNIT_VTABLE(u
)->can_clean
);
6183 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
6186 bool unit_can_freeze(Unit
*u
) {
6189 if (UNIT_VTABLE(u
)->can_freeze
)
6190 return UNIT_VTABLE(u
)->can_freeze(u
);
6192 return UNIT_VTABLE(u
)->freeze
;
6195 void unit_frozen(Unit
*u
) {
6198 u
->freezer_state
= FREEZER_FROZEN
;
6200 bus_unit_send_pending_freezer_message(u
);
6203 void unit_thawed(Unit
*u
) {
6206 u
->freezer_state
= FREEZER_RUNNING
;
6208 bus_unit_send_pending_freezer_message(u
);
6211 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
6213 int (*method
)(Unit
*);
6217 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
6219 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
6220 if (!method
|| !cg_freezer_supported())
6226 if (u
->load_state
!= UNIT_LOADED
)
6229 s
= unit_active_state(u
);
6230 if (s
!= UNIT_ACTIVE
)
6233 if (IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
))
6243 int unit_freeze(Unit
*u
) {
6244 return unit_freezer_action(u
, FREEZER_FREEZE
);
6247 int unit_thaw(Unit
*u
) {
6248 return unit_freezer_action(u
, FREEZER_THAW
);
6251 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6252 int unit_freeze_vtable_common(Unit
*u
) {
6253 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
6256 int unit_thaw_vtable_common(Unit
*u
) {
6257 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
6260 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
6261 [COLLECT_INACTIVE
] = "inactive",
6262 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
6265 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);