]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: rename manager_unit_file_maybe_loadable_from_cache()
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <sys/prctl.h>
6 #include <unistd.h>
7
8 #include "sd-id128.h"
9 #include "sd-messages.h"
10
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bus-common-errors.h"
15 #include "bus-util.h"
16 #include "cgroup-setup.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "fileio.h"
26 #include "format-util.h"
27 #include "fs-util.h"
28 #include "id128-util.h"
29 #include "io-util.h"
30 #include "install.h"
31 #include "load-dropin.h"
32 #include "load-fragment.h"
33 #include "log.h"
34 #include "macro.h"
35 #include "missing_audit.h"
36 #include "mkdir.h"
37 #include "parse-util.h"
38 #include "path-util.h"
39 #include "process-util.h"
40 #include "rm-rf.h"
41 #include "serialize.h"
42 #include "set.h"
43 #include "signal-util.h"
44 #include "sparse-endian.h"
45 #include "special.h"
46 #include "specifier.h"
47 #include "stat-util.h"
48 #include "stdio-util.h"
49 #include "string-table.h"
50 #include "string-util.h"
51 #include "strv.h"
52 #include "terminal-util.h"
53 #include "tmpfile-util.h"
54 #include "umask-util.h"
55 #include "unit-name.h"
56 #include "unit.h"
57 #include "user-util.h"
58 #include "virt.h"
59
60 /* Thresholds for logging at INFO level about resource consumption */
61 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
62 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
63 #define MENTIONWORTHY_IP_BYTES (0ULL)
64
65 /* Thresholds for logging at INFO level about resource consumption */
66 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
67 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
68 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
69
70 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
71 [UNIT_SERVICE] = &service_vtable,
72 [UNIT_SOCKET] = &socket_vtable,
73 [UNIT_TARGET] = &target_vtable,
74 [UNIT_DEVICE] = &device_vtable,
75 [UNIT_MOUNT] = &mount_vtable,
76 [UNIT_AUTOMOUNT] = &automount_vtable,
77 [UNIT_SWAP] = &swap_vtable,
78 [UNIT_TIMER] = &timer_vtable,
79 [UNIT_PATH] = &path_vtable,
80 [UNIT_SLICE] = &slice_vtable,
81 [UNIT_SCOPE] = &scope_vtable,
82 };
83
84 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
85
86 Unit *unit_new(Manager *m, size_t size) {
87 Unit *u;
88
89 assert(m);
90 assert(size >= sizeof(Unit));
91
92 u = malloc0(size);
93 if (!u)
94 return NULL;
95
96 u->manager = m;
97 u->type = _UNIT_TYPE_INVALID;
98 u->default_dependencies = true;
99 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
100 u->unit_file_preset = -1;
101 u->on_failure_job_mode = JOB_REPLACE;
102 u->cgroup_control_inotify_wd = -1;
103 u->cgroup_memory_inotify_wd = -1;
104 u->job_timeout = USEC_INFINITY;
105 u->job_running_timeout = USEC_INFINITY;
106 u->ref_uid = UID_INVALID;
107 u->ref_gid = GID_INVALID;
108 u->cpu_usage_last = NSEC_INFINITY;
109 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
110 u->failure_action_exit_status = u->success_action_exit_status = -1;
111
112 u->ip_accounting_ingress_map_fd = -1;
113 u->ip_accounting_egress_map_fd = -1;
114 u->ipv4_allow_map_fd = -1;
115 u->ipv6_allow_map_fd = -1;
116 u->ipv4_deny_map_fd = -1;
117 u->ipv6_deny_map_fd = -1;
118
119 u->last_section_private = -1;
120
121 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
122 u->auto_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
123
124 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
125 u->io_accounting_last[i] = UINT64_MAX;
126
127 return u;
128 }
129
130 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
131 _cleanup_(unit_freep) Unit *u = NULL;
132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
139 if (r < 0)
140 return r;
141
142 *ret = TAKE_PTR(u);
143
144 return r;
145 }
146
147 bool unit_has_name(const Unit *u, const char *name) {
148 assert(u);
149 assert(name);
150
151 return streq_ptr(name, u->id) ||
152 set_contains(u->aliases, name);
153 }
154
155 static void unit_init(Unit *u) {
156 CGroupContext *cc;
157 ExecContext *ec;
158 KillContext *kc;
159
160 assert(u);
161 assert(u->manager);
162 assert(u->type >= 0);
163
164 cc = unit_get_cgroup_context(u);
165 if (cc) {
166 cgroup_context_init(cc);
167
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
171
172 cc->cpu_accounting = u->manager->default_cpu_accounting;
173 cc->io_accounting = u->manager->default_io_accounting;
174 cc->blockio_accounting = u->manager->default_blockio_accounting;
175 cc->memory_accounting = u->manager->default_memory_accounting;
176 cc->tasks_accounting = u->manager->default_tasks_accounting;
177 cc->ip_accounting = u->manager->default_ip_accounting;
178
179 if (u->type != UNIT_SLICE)
180 cc->tasks_max = u->manager->default_tasks_max;
181 }
182
183 ec = unit_get_exec_context(u);
184 if (ec) {
185 exec_context_init(ec);
186
187 if (MANAGER_IS_SYSTEM(u->manager))
188 ec->keyring_mode = EXEC_KEYRING_SHARED;
189 else {
190 ec->keyring_mode = EXEC_KEYRING_INHERIT;
191
192 /* User manager might have its umask redefined by PAM or UMask=. In this
193 * case let the units it manages inherit this value by default. They can
194 * still tune this value through their own unit file */
195 (void) get_process_umask(getpid_cached(), &ec->umask);
196 }
197 }
198
199 kc = unit_get_kill_context(u);
200 if (kc)
201 kill_context_init(kc);
202
203 if (UNIT_VTABLE(u)->init)
204 UNIT_VTABLE(u)->init(u);
205 }
206
207 static int unit_add_alias(Unit *u, char *donated_name) {
208 int r;
209
210 /* Make sure that u->names is allocated. We may leave u->names
211 * empty if we fail later, but this is not a problem. */
212 r = set_ensure_allocated(&u->aliases, &string_hash_ops);
213 if (r < 0)
214 return r;
215
216 r = set_put(u->aliases, donated_name);
217 if (r < 0)
218 return r;
219 assert(r > 0);
220
221 return 0;
222 }
223
224 int unit_add_name(Unit *u, const char *text) {
225 _cleanup_free_ char *name = NULL, *instance = NULL;
226 UnitType t;
227 int r;
228
229 assert(u);
230 assert(text);
231
232 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
233 if (!u->instance)
234 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
235 "instance is not set when adding name '%s': %m", text);
236
237 r = unit_name_replace_instance(text, u->instance, &name);
238 if (r < 0)
239 return log_unit_debug_errno(u, r,
240 "failed to build instance name from '%s': %m", text);
241 } else {
242 name = strdup(text);
243 if (!name)
244 return -ENOMEM;
245 }
246
247 if (unit_has_name(u, name))
248 return 0;
249
250 if (hashmap_contains(u->manager->units, name))
251 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
252 "unit already exist when adding name '%s': %m", name);
253
254 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
255 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
256 "name '%s' is invalid: %m", name);
257
258 t = unit_name_to_type(name);
259 if (t < 0)
260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
261 "failed to derive unit type from name '%s': %m", name);
262
263 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
264 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
265 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
266 u->type, t, name);
267
268 r = unit_name_to_instance(name, &instance);
269 if (r < 0)
270 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
271
272 if (instance && !unit_type_may_template(t))
273 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
274
275 /* Ensure that this unit either has no instance, or that the instance matches. */
276 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
277 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
278 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
279 name, instance, u->instance);
280
281 if (u->id && !unit_type_may_alias(t))
282 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
283 "cannot add name %s, aliases are not allowed for %s units.",
284 name, unit_type_to_string(t));
285
286 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
287 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
288
289 /* Add name to the global hashmap first, because that's easier to undo */
290 r = hashmap_put(u->manager->units, name, u);
291 if (r < 0)
292 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
293
294 if (u->id) {
295 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
296 if (r < 0) {
297 hashmap_remove(u->manager->units, name);
298 return r;
299 }
300 TAKE_PTR(name);
301
302 } else {
303 /* A new name, we don't need the set yet. */
304 assert(u->type == _UNIT_TYPE_INVALID);
305 assert(!u->instance);
306
307 u->type = t;
308 u->id = TAKE_PTR(name);
309 u->instance = TAKE_PTR(instance);
310
311 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
312 unit_init(u);
313 }
314
315 unit_add_to_dbus_queue(u);
316 return 0;
317 }
318
319 int unit_choose_id(Unit *u, const char *name) {
320 _cleanup_free_ char *t = NULL;
321 char *s;
322 int r;
323
324 assert(u);
325 assert(name);
326
327 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
328 if (!u->instance)
329 return -EINVAL;
330
331 r = unit_name_replace_instance(name, u->instance, &t);
332 if (r < 0)
333 return r;
334
335 name = t;
336 }
337
338 if (streq_ptr(u->id, name))
339 return 0; /* Nothing to do. */
340
341 /* Selects one of the aliases of this unit as the id */
342 s = set_get(u->aliases, (char*) name);
343 if (!s)
344 return -ENOENT;
345
346 if (u->id) {
347 r = set_remove_and_put(u->aliases, name, u->id);
348 if (r < 0)
349 return r;
350 } else
351 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
352
353 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
354 unit_add_to_dbus_queue(u);
355
356 return 0;
357 }
358
359 int unit_set_description(Unit *u, const char *description) {
360 int r;
361
362 assert(u);
363
364 r = free_and_strdup(&u->description, empty_to_null(description));
365 if (r < 0)
366 return r;
367 if (r > 0)
368 unit_add_to_dbus_queue(u);
369
370 return 0;
371 }
372
373 bool unit_may_gc(Unit *u) {
374 UnitActiveState state;
375 int r;
376
377 assert(u);
378
379 /* Checks whether the unit is ready to be unloaded for garbage collection.
380 * Returns true when the unit may be collected, and false if there's some
381 * reason to keep it loaded.
382 *
383 * References from other units are *not* checked here. Instead, this is done
384 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
385 */
386
387 if (u->job)
388 return false;
389
390 if (u->nop_job)
391 return false;
392
393 state = unit_active_state(u);
394
395 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
396 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
397 UNIT_VTABLE(u)->release_resources)
398 UNIT_VTABLE(u)->release_resources(u);
399
400 if (u->perpetual)
401 return false;
402
403 if (sd_bus_track_count(u->bus_track) > 0)
404 return false;
405
406 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
407 switch (u->collect_mode) {
408
409 case COLLECT_INACTIVE:
410 if (state != UNIT_INACTIVE)
411 return false;
412
413 break;
414
415 case COLLECT_INACTIVE_OR_FAILED:
416 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
417 return false;
418
419 break;
420
421 default:
422 assert_not_reached("Unknown garbage collection mode");
423 }
424
425 if (u->cgroup_path) {
426 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
427 * around. Units with active processes should never be collected. */
428
429 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
430 if (r < 0)
431 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
432 if (r <= 0)
433 return false;
434 }
435
436 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
437 return false;
438
439 return true;
440 }
441
442 void unit_add_to_load_queue(Unit *u) {
443 assert(u);
444 assert(u->type != _UNIT_TYPE_INVALID);
445
446 if (u->load_state != UNIT_STUB || u->in_load_queue)
447 return;
448
449 LIST_PREPEND(load_queue, u->manager->load_queue, u);
450 u->in_load_queue = true;
451 }
452
453 void unit_add_to_cleanup_queue(Unit *u) {
454 assert(u);
455
456 if (u->in_cleanup_queue)
457 return;
458
459 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
460 u->in_cleanup_queue = true;
461 }
462
463 void unit_add_to_gc_queue(Unit *u) {
464 assert(u);
465
466 if (u->in_gc_queue || u->in_cleanup_queue)
467 return;
468
469 if (!unit_may_gc(u))
470 return;
471
472 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
473 u->in_gc_queue = true;
474 }
475
476 void unit_add_to_dbus_queue(Unit *u) {
477 assert(u);
478 assert(u->type != _UNIT_TYPE_INVALID);
479
480 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
481 return;
482
483 /* Shortcut things if nobody cares */
484 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
485 sd_bus_track_count(u->bus_track) <= 0 &&
486 set_isempty(u->manager->private_buses)) {
487 u->sent_dbus_new_signal = true;
488 return;
489 }
490
491 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
492 u->in_dbus_queue = true;
493 }
494
495 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
496 assert(u);
497
498 if (u->in_stop_when_unneeded_queue)
499 return;
500
501 if (!u->stop_when_unneeded)
502 return;
503
504 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
505 return;
506
507 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
508 u->in_stop_when_unneeded_queue = true;
509 }
510
511 static void bidi_set_free(Unit *u, Hashmap *h) {
512 Unit *other;
513 Iterator i;
514 void *v;
515
516 assert(u);
517
518 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
519
520 HASHMAP_FOREACH_KEY(v, other, h, i) {
521 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
522 hashmap_remove(other->dependencies[d], u);
523
524 unit_add_to_gc_queue(other);
525 }
526
527 hashmap_free(h);
528 }
529
530 static void unit_remove_transient(Unit *u) {
531 char **i;
532
533 assert(u);
534
535 if (!u->transient)
536 return;
537
538 if (u->fragment_path)
539 (void) unlink(u->fragment_path);
540
541 STRV_FOREACH(i, u->dropin_paths) {
542 _cleanup_free_ char *p = NULL, *pp = NULL;
543
544 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
545 if (!p)
546 continue;
547
548 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
549 if (!pp)
550 continue;
551
552 /* Only drop transient drop-ins */
553 if (!path_equal(u->manager->lookup_paths.transient, pp))
554 continue;
555
556 (void) unlink(*i);
557 (void) rmdir(p);
558 }
559 }
560
561 static void unit_free_requires_mounts_for(Unit *u) {
562 assert(u);
563
564 for (;;) {
565 _cleanup_free_ char *path;
566
567 path = hashmap_steal_first_key(u->requires_mounts_for);
568 if (!path)
569 break;
570 else {
571 char s[strlen(path) + 1];
572
573 PATH_FOREACH_PREFIX_MORE(s, path) {
574 char *y;
575 Set *x;
576
577 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
578 if (!x)
579 continue;
580
581 (void) set_remove(x, u);
582
583 if (set_isempty(x)) {
584 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
585 free(y);
586 set_free(x);
587 }
588 }
589 }
590 }
591
592 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
593 }
594
595 static void unit_done(Unit *u) {
596 ExecContext *ec;
597 CGroupContext *cc;
598
599 assert(u);
600
601 if (u->type < 0)
602 return;
603
604 if (UNIT_VTABLE(u)->done)
605 UNIT_VTABLE(u)->done(u);
606
607 ec = unit_get_exec_context(u);
608 if (ec)
609 exec_context_done(ec);
610
611 cc = unit_get_cgroup_context(u);
612 if (cc)
613 cgroup_context_done(cc);
614 }
615
616 void unit_free(Unit *u) {
617 Iterator i;
618 char *t;
619
620 if (!u)
621 return;
622
623 u->transient_file = safe_fclose(u->transient_file);
624
625 if (!MANAGER_IS_RELOADING(u->manager))
626 unit_remove_transient(u);
627
628 bus_unit_send_removed_signal(u);
629
630 unit_done(u);
631
632 unit_dequeue_rewatch_pids(u);
633
634 sd_bus_slot_unref(u->match_bus_slot);
635 sd_bus_track_unref(u->bus_track);
636 u->deserialized_refs = strv_free(u->deserialized_refs);
637 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
638
639 unit_free_requires_mounts_for(u);
640
641 SET_FOREACH(t, u->aliases, i)
642 hashmap_remove_value(u->manager->units, t, u);
643 if (u->id)
644 hashmap_remove_value(u->manager->units, u->id, u);
645
646 if (!sd_id128_is_null(u->invocation_id))
647 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
648
649 if (u->job) {
650 Job *j = u->job;
651 job_uninstall(j);
652 job_free(j);
653 }
654
655 if (u->nop_job) {
656 Job *j = u->nop_job;
657 job_uninstall(j);
658 job_free(j);
659 }
660
661 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
662 bidi_set_free(u, u->dependencies[d]);
663
664 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
665 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
666 if (UNIT_ISSET(u->slice))
667 unit_add_family_to_cgroup_realize_queue(UNIT_DEREF(u->slice));
668
669 if (u->on_console)
670 manager_unref_console(u->manager);
671
672 unit_release_cgroup(u);
673
674 if (!MANAGER_IS_RELOADING(u->manager))
675 unit_unlink_state_files(u);
676
677 unit_unref_uid_gid(u, false);
678
679 (void) manager_update_failed_units(u->manager, u, false);
680 set_remove(u->manager->startup_units, u);
681
682 unit_unwatch_all_pids(u);
683
684 unit_ref_unset(&u->slice);
685 while (u->refs_by_target)
686 unit_ref_unset(u->refs_by_target);
687
688 if (u->type != _UNIT_TYPE_INVALID)
689 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
690
691 if (u->in_load_queue)
692 LIST_REMOVE(load_queue, u->manager->load_queue, u);
693
694 if (u->in_dbus_queue)
695 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
696
697 if (u->in_gc_queue)
698 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
699
700 if (u->in_cgroup_realize_queue)
701 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
702
703 if (u->in_cgroup_empty_queue)
704 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
705
706 if (u->in_cleanup_queue)
707 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
708
709 if (u->in_target_deps_queue)
710 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
711
712 if (u->in_stop_when_unneeded_queue)
713 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
714
715 safe_close(u->ip_accounting_ingress_map_fd);
716 safe_close(u->ip_accounting_egress_map_fd);
717
718 safe_close(u->ipv4_allow_map_fd);
719 safe_close(u->ipv6_allow_map_fd);
720 safe_close(u->ipv4_deny_map_fd);
721 safe_close(u->ipv6_deny_map_fd);
722
723 bpf_program_unref(u->ip_bpf_ingress);
724 bpf_program_unref(u->ip_bpf_ingress_installed);
725 bpf_program_unref(u->ip_bpf_egress);
726 bpf_program_unref(u->ip_bpf_egress_installed);
727
728 set_free(u->ip_bpf_custom_ingress);
729 set_free(u->ip_bpf_custom_egress);
730 set_free(u->ip_bpf_custom_ingress_installed);
731 set_free(u->ip_bpf_custom_egress_installed);
732
733 bpf_program_unref(u->bpf_device_control_installed);
734
735 condition_free_list(u->conditions);
736 condition_free_list(u->asserts);
737
738 free(u->description);
739 strv_free(u->documentation);
740 free(u->fragment_path);
741 free(u->source_path);
742 strv_free(u->dropin_paths);
743 free(u->instance);
744
745 free(u->job_timeout_reboot_arg);
746 free(u->reboot_arg);
747
748 set_free_free(u->aliases);
749 free(u->id);
750
751 free(u);
752 }
753
754 FreezerState unit_freezer_state(Unit *u) {
755 assert(u);
756
757 return u->freezer_state;
758 }
759
760 int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
761 char *values[1] = {};
762 int r;
763
764 assert(u);
765
766 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
767 STRV_MAKE("frozen"), values);
768 if (r < 0)
769 return r;
770
771 r = _FREEZER_STATE_INVALID;
772
773 if (values[0]) {
774 if (streq(values[0], "0"))
775 r = FREEZER_RUNNING;
776 else if (streq(values[0], "1"))
777 r = FREEZER_FROZEN;
778 }
779
780 free(values[0]);
781 *ret = r;
782
783 return 0;
784 }
785
786 UnitActiveState unit_active_state(Unit *u) {
787 assert(u);
788
789 if (u->load_state == UNIT_MERGED)
790 return unit_active_state(unit_follow_merge(u));
791
792 /* After a reload it might happen that a unit is not correctly
793 * loaded but still has a process around. That's why we won't
794 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
795
796 return UNIT_VTABLE(u)->active_state(u);
797 }
798
799 const char* unit_sub_state_to_string(Unit *u) {
800 assert(u);
801
802 return UNIT_VTABLE(u)->sub_state_to_string(u);
803 }
804
805 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
806 assert(s);
807 assert(other);
808
809 if (!*other)
810 return 0;
811
812 if (*s)
813 return hashmap_move(*s, *other);
814 else
815 *s = TAKE_PTR(*other);
816
817 return 0;
818 }
819
820 static int merge_names(Unit *u, Unit *other) {
821 char *name;
822 Iterator i;
823 int r;
824
825 assert(u);
826 assert(other);
827
828 r = unit_add_alias(u, other->id);
829 if (r < 0)
830 return r;
831
832 r = set_move(u->aliases, other->aliases);
833 if (r < 0) {
834 set_remove(u->aliases, other->id);
835 return r;
836 }
837
838 TAKE_PTR(other->id);
839 other->aliases = set_free_free(other->aliases);
840
841 SET_FOREACH(name, u->aliases, i)
842 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
843
844 return 0;
845 }
846
847 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
848 unsigned n_reserve;
849
850 assert(u);
851 assert(other);
852 assert(d < _UNIT_DEPENDENCY_MAX);
853
854 /*
855 * If u does not have this dependency set allocated, there is no need
856 * to reserve anything. In that case other's set will be transferred
857 * as a whole to u by complete_move().
858 */
859 if (!u->dependencies[d])
860 return 0;
861
862 /* merge_dependencies() will skip a u-on-u dependency */
863 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
864
865 return hashmap_reserve(u->dependencies[d], n_reserve);
866 }
867
868 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
869 Iterator i;
870 Unit *back;
871 void *v;
872 int r;
873
874 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
875
876 assert(u);
877 assert(other);
878 assert(d < _UNIT_DEPENDENCY_MAX);
879
880 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
881 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i)
882
883 /* Let's now iterate through the dependencies of that dependencies of the other units,
884 * looking for pointers back, and let's fix them up, to instead point to 'u'. */
885 for (UnitDependency k = 0; k < _UNIT_DEPENDENCY_MAX; k++)
886 if (back == u) {
887 /* Do not add dependencies between u and itself. */
888 if (hashmap_remove(back->dependencies[k], other))
889 maybe_warn_about_dependency(u, other_id, k);
890 } else {
891 UnitDependencyInfo di_u, di_other;
892
893 /* Let's drop this dependency between "back" and "other", and let's create it between
894 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
895 * and any such dependency which might already exist */
896
897 di_other.data = hashmap_get(back->dependencies[k], other);
898 if (!di_other.data)
899 continue; /* dependency isn't set, let's try the next one */
900
901 di_u.data = hashmap_get(back->dependencies[k], u);
902
903 UnitDependencyInfo di_merged = {
904 .origin_mask = di_u.origin_mask | di_other.origin_mask,
905 .destination_mask = di_u.destination_mask | di_other.destination_mask,
906 };
907
908 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
909 if (r < 0)
910 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
911 assert(r >= 0);
912
913 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
914 }
915
916 /* Also do not move dependencies on u to itself */
917 back = hashmap_remove(other->dependencies[d], u);
918 if (back)
919 maybe_warn_about_dependency(u, other_id, d);
920
921 /* The move cannot fail. The caller must have performed a reservation. */
922 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
923
924 other->dependencies[d] = hashmap_free(other->dependencies[d]);
925 }
926
927 int unit_merge(Unit *u, Unit *other) {
928 const char *other_id = NULL;
929 int r;
930
931 assert(u);
932 assert(other);
933 assert(u->manager == other->manager);
934 assert(u->type != _UNIT_TYPE_INVALID);
935
936 other = unit_follow_merge(other);
937
938 if (other == u)
939 return 0;
940
941 if (u->type != other->type)
942 return -EINVAL;
943
944 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
945 return -EEXIST;
946
947 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
948 return -EEXIST;
949
950 if (!streq_ptr(u->instance, other->instance))
951 return -EINVAL;
952
953 if (other->job)
954 return -EEXIST;
955
956 if (other->nop_job)
957 return -EEXIST;
958
959 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
960 return -EEXIST;
961
962 if (other->id)
963 other_id = strdupa(other->id);
964
965 /* Make reservations to ensure merge_dependencies() won't fail */
966 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
967 r = reserve_dependencies(u, other, d);
968 /*
969 * We don't rollback reservations if we fail. We don't have
970 * a way to undo reservations. A reservation is not a leak.
971 */
972 if (r < 0)
973 return r;
974 }
975
976 /* Merge names */
977 r = merge_names(u, other);
978 if (r < 0)
979 return r;
980
981 /* Redirect all references */
982 while (other->refs_by_target)
983 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
984
985 /* Merge dependencies */
986 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
987 merge_dependencies(u, other, other_id, d);
988
989 other->load_state = UNIT_MERGED;
990 other->merged_into = u;
991
992 /* If there is still some data attached to the other node, we
993 * don't need it anymore, and can free it. */
994 if (other->load_state != UNIT_STUB)
995 if (UNIT_VTABLE(other)->done)
996 UNIT_VTABLE(other)->done(other);
997
998 unit_add_to_dbus_queue(u);
999 unit_add_to_cleanup_queue(other);
1000
1001 return 0;
1002 }
1003
1004 int unit_merge_by_name(Unit *u, const char *name) {
1005 _cleanup_free_ char *s = NULL;
1006 Unit *other;
1007 int r;
1008
1009 /* Either add name to u, or if a unit with name already exists, merge it with u.
1010 * If name is a template, do the same for name@instance, where instance is u's instance. */
1011
1012 assert(u);
1013 assert(name);
1014
1015 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
1016 if (!u->instance)
1017 return -EINVAL;
1018
1019 r = unit_name_replace_instance(name, u->instance, &s);
1020 if (r < 0)
1021 return r;
1022
1023 name = s;
1024 }
1025
1026 other = manager_get_unit(u->manager, name);
1027 if (other)
1028 return unit_merge(u, other);
1029
1030 return unit_add_name(u, name);
1031 }
1032
1033 Unit* unit_follow_merge(Unit *u) {
1034 assert(u);
1035
1036 while (u->load_state == UNIT_MERGED)
1037 assert_se(u = u->merged_into);
1038
1039 return u;
1040 }
1041
1042 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1043 ExecDirectoryType dt;
1044 char **dp;
1045 int r;
1046
1047 assert(u);
1048 assert(c);
1049
1050 if (c->working_directory && !c->working_directory_missing_ok) {
1051 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
1052 if (r < 0)
1053 return r;
1054 }
1055
1056 if (c->root_directory) {
1057 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
1058 if (r < 0)
1059 return r;
1060 }
1061
1062 if (c->root_image) {
1063 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
1064 if (r < 0)
1065 return r;
1066 }
1067
1068 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
1069 if (!u->manager->prefix[dt])
1070 continue;
1071
1072 STRV_FOREACH(dp, c->directories[dt].paths) {
1073 _cleanup_free_ char *p;
1074
1075 p = path_join(u->manager->prefix[dt], *dp);
1076 if (!p)
1077 return -ENOMEM;
1078
1079 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1080 if (r < 0)
1081 return r;
1082 }
1083 }
1084
1085 if (!MANAGER_IS_SYSTEM(u->manager))
1086 return 0;
1087
1088 /* For the following three directory types we need write access, and /var/ is possibly on the root
1089 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1090 if (!strv_isempty(c->directories[EXEC_DIRECTORY_STATE].paths) ||
1091 !strv_isempty(c->directories[EXEC_DIRECTORY_CACHE].paths) ||
1092 !strv_isempty(c->directories[EXEC_DIRECTORY_LOGS].paths)) {
1093 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1094 if (r < 0)
1095 return r;
1096 }
1097
1098 if (c->private_tmp) {
1099 const char *p;
1100
1101 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1102 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1103 if (r < 0)
1104 return r;
1105 }
1106
1107 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1108 if (r < 0)
1109 return r;
1110 }
1111
1112 if (c->root_image) {
1113 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1114 * implicit dependency on udev */
1115
1116 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1117 if (r < 0)
1118 return r;
1119 }
1120
1121 if (!IN_SET(c->std_output,
1122 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1123 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1124 !IN_SET(c->std_error,
1125 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1126 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1127 !c->log_namespace)
1128 return 0;
1129
1130 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1131 * is run first. */
1132
1133 if (c->log_namespace) {
1134 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
1135
1136 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1137 if (r < 0)
1138 return r;
1139
1140 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1141 if (r < 0)
1142 return r;
1143
1144 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1145 if (r < 0)
1146 return r;
1147
1148 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1149 if (r < 0)
1150 return r;
1151 } else
1152 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1153 if (r < 0)
1154 return r;
1155
1156 return 0;
1157 }
1158
1159 const char *unit_description(Unit *u) {
1160 assert(u);
1161
1162 if (u->description)
1163 return u->description;
1164
1165 return strna(u->id);
1166 }
1167
1168 const char *unit_status_string(Unit *u) {
1169 assert(u);
1170
1171 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME && u->id)
1172 return u->id;
1173
1174 return unit_description(u);
1175 }
1176
1177 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1178 const struct {
1179 UnitDependencyMask mask;
1180 const char *name;
1181 } table[] = {
1182 { UNIT_DEPENDENCY_FILE, "file" },
1183 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1184 { UNIT_DEPENDENCY_DEFAULT, "default" },
1185 { UNIT_DEPENDENCY_UDEV, "udev" },
1186 { UNIT_DEPENDENCY_PATH, "path" },
1187 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1188 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1189 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1190 };
1191 size_t i;
1192
1193 assert(f);
1194 assert(kind);
1195 assert(space);
1196
1197 for (i = 0; i < ELEMENTSOF(table); i++) {
1198
1199 if (mask == 0)
1200 break;
1201
1202 if (FLAGS_SET(mask, table[i].mask)) {
1203 if (*space)
1204 fputc(' ', f);
1205 else
1206 *space = true;
1207
1208 fputs(kind, f);
1209 fputs("-", f);
1210 fputs(table[i].name, f);
1211
1212 mask &= ~table[i].mask;
1213 }
1214 }
1215
1216 assert(mask == 0);
1217 }
1218
1219 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1220 char *t, **j;
1221 Iterator i;
1222 const char *prefix2;
1223 char timestamp[5][FORMAT_TIMESTAMP_MAX], timespan[FORMAT_TIMESPAN_MAX];
1224 Unit *following;
1225 _cleanup_set_free_ Set *following_set = NULL;
1226 const char *n;
1227 CGroupMask m;
1228 int r;
1229
1230 assert(u);
1231 assert(u->type >= 0);
1232
1233 prefix = strempty(prefix);
1234 prefix2 = strjoina(prefix, "\t");
1235
1236 fprintf(f,
1237 "%s-> Unit %s:\n",
1238 prefix, u->id);
1239
1240 SET_FOREACH(t, u->aliases, i)
1241 fprintf(f, "%s\tAlias: %s\n", prefix, t);
1242
1243 fprintf(f,
1244 "%s\tDescription: %s\n"
1245 "%s\tInstance: %s\n"
1246 "%s\tUnit Load State: %s\n"
1247 "%s\tUnit Active State: %s\n"
1248 "%s\tState Change Timestamp: %s\n"
1249 "%s\tInactive Exit Timestamp: %s\n"
1250 "%s\tActive Enter Timestamp: %s\n"
1251 "%s\tActive Exit Timestamp: %s\n"
1252 "%s\tInactive Enter Timestamp: %s\n"
1253 "%s\tMay GC: %s\n"
1254 "%s\tNeed Daemon Reload: %s\n"
1255 "%s\tTransient: %s\n"
1256 "%s\tPerpetual: %s\n"
1257 "%s\tGarbage Collection Mode: %s\n"
1258 "%s\tSlice: %s\n"
1259 "%s\tCGroup: %s\n"
1260 "%s\tCGroup realized: %s\n",
1261 prefix, unit_description(u),
1262 prefix, strna(u->instance),
1263 prefix, unit_load_state_to_string(u->load_state),
1264 prefix, unit_active_state_to_string(unit_active_state(u)),
1265 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->state_change_timestamp.realtime)),
1266 prefix, strna(format_timestamp(timestamp[1], sizeof(timestamp[1]), u->inactive_exit_timestamp.realtime)),
1267 prefix, strna(format_timestamp(timestamp[2], sizeof(timestamp[2]), u->active_enter_timestamp.realtime)),
1268 prefix, strna(format_timestamp(timestamp[3], sizeof(timestamp[3]), u->active_exit_timestamp.realtime)),
1269 prefix, strna(format_timestamp(timestamp[4], sizeof(timestamp[4]), u->inactive_enter_timestamp.realtime)),
1270 prefix, yes_no(unit_may_gc(u)),
1271 prefix, yes_no(unit_need_daemon_reload(u)),
1272 prefix, yes_no(u->transient),
1273 prefix, yes_no(u->perpetual),
1274 prefix, collect_mode_to_string(u->collect_mode),
1275 prefix, strna(unit_slice_name(u)),
1276 prefix, strna(u->cgroup_path),
1277 prefix, yes_no(u->cgroup_realized));
1278
1279 if (u->cgroup_realized_mask != 0) {
1280 _cleanup_free_ char *s = NULL;
1281 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1282 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1283 }
1284
1285 if (u->cgroup_enabled_mask != 0) {
1286 _cleanup_free_ char *s = NULL;
1287 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1288 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1289 }
1290
1291 m = unit_get_own_mask(u);
1292 if (m != 0) {
1293 _cleanup_free_ char *s = NULL;
1294 (void) cg_mask_to_string(m, &s);
1295 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1296 }
1297
1298 m = unit_get_members_mask(u);
1299 if (m != 0) {
1300 _cleanup_free_ char *s = NULL;
1301 (void) cg_mask_to_string(m, &s);
1302 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1303 }
1304
1305 m = unit_get_delegate_mask(u);
1306 if (m != 0) {
1307 _cleanup_free_ char *s = NULL;
1308 (void) cg_mask_to_string(m, &s);
1309 fprintf(f, "%s\tCGroup delegate mask: %s\n", prefix, strnull(s));
1310 }
1311
1312 if (!sd_id128_is_null(u->invocation_id))
1313 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1314 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1315
1316 STRV_FOREACH(j, u->documentation)
1317 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1318
1319 following = unit_following(u);
1320 if (following)
1321 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1322
1323 r = unit_following_set(u, &following_set);
1324 if (r >= 0) {
1325 Unit *other;
1326
1327 SET_FOREACH(other, following_set, i)
1328 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1329 }
1330
1331 if (u->fragment_path)
1332 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1333
1334 if (u->source_path)
1335 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1336
1337 STRV_FOREACH(j, u->dropin_paths)
1338 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1339
1340 if (u->failure_action != EMERGENCY_ACTION_NONE)
1341 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1342 if (u->failure_action_exit_status >= 0)
1343 fprintf(f, "%s\tFailure Action Exit Status: %i\n", prefix, u->failure_action_exit_status);
1344 if (u->success_action != EMERGENCY_ACTION_NONE)
1345 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1346 if (u->success_action_exit_status >= 0)
1347 fprintf(f, "%s\tSuccess Action Exit Status: %i\n", prefix, u->success_action_exit_status);
1348
1349 if (u->job_timeout != USEC_INFINITY)
1350 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1351
1352 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1353 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1354
1355 if (u->job_timeout_reboot_arg)
1356 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1357
1358 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1359 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1360
1361 if (dual_timestamp_is_set(&u->condition_timestamp))
1362 fprintf(f,
1363 "%s\tCondition Timestamp: %s\n"
1364 "%s\tCondition Result: %s\n",
1365 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->condition_timestamp.realtime)),
1366 prefix, yes_no(u->condition_result));
1367
1368 if (dual_timestamp_is_set(&u->assert_timestamp))
1369 fprintf(f,
1370 "%s\tAssert Timestamp: %s\n"
1371 "%s\tAssert Result: %s\n",
1372 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->assert_timestamp.realtime)),
1373 prefix, yes_no(u->assert_result));
1374
1375 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1376 UnitDependencyInfo di;
1377 Unit *other;
1378
1379 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1380 bool space = false;
1381
1382 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1383
1384 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1385 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1386
1387 fputs(")\n", f);
1388 }
1389 }
1390
1391 if (!hashmap_isempty(u->requires_mounts_for)) {
1392 UnitDependencyInfo di;
1393 const char *path;
1394
1395 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1396 bool space = false;
1397
1398 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1399
1400 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1401 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1402
1403 fputs(")\n", f);
1404 }
1405 }
1406
1407 if (u->load_state == UNIT_LOADED) {
1408
1409 fprintf(f,
1410 "%s\tStopWhenUnneeded: %s\n"
1411 "%s\tRefuseManualStart: %s\n"
1412 "%s\tRefuseManualStop: %s\n"
1413 "%s\tDefaultDependencies: %s\n"
1414 "%s\tOnFailureJobMode: %s\n"
1415 "%s\tIgnoreOnIsolate: %s\n",
1416 prefix, yes_no(u->stop_when_unneeded),
1417 prefix, yes_no(u->refuse_manual_start),
1418 prefix, yes_no(u->refuse_manual_stop),
1419 prefix, yes_no(u->default_dependencies),
1420 prefix, job_mode_to_string(u->on_failure_job_mode),
1421 prefix, yes_no(u->ignore_on_isolate));
1422
1423 if (UNIT_VTABLE(u)->dump)
1424 UNIT_VTABLE(u)->dump(u, f, prefix2);
1425
1426 } else if (u->load_state == UNIT_MERGED)
1427 fprintf(f,
1428 "%s\tMerged into: %s\n",
1429 prefix, u->merged_into->id);
1430 else if (u->load_state == UNIT_ERROR)
1431 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror_safe(u->load_error));
1432
1433 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1434 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1435
1436 if (u->job)
1437 job_dump(u->job, f, prefix2);
1438
1439 if (u->nop_job)
1440 job_dump(u->nop_job, f, prefix2);
1441 }
1442
1443 /* Common implementation for multiple backends */
1444 int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
1445 int r;
1446
1447 assert(u);
1448
1449 /* Load a .{service,socket,...} file */
1450 r = unit_load_fragment(u);
1451 if (r < 0)
1452 return r;
1453
1454 if (u->load_state == UNIT_STUB) {
1455 if (fragment_required)
1456 return -ENOENT;
1457
1458 u->load_state = UNIT_LOADED;
1459 }
1460
1461 /* Load drop-in directory data. If u is an alias, we might be reloading the
1462 * target unit needlessly. But we cannot be sure which drops-ins have already
1463 * been loaded and which not, at least without doing complicated book-keeping,
1464 * so let's always reread all drop-ins. */
1465 r = unit_load_dropin(unit_follow_merge(u));
1466 if (r < 0)
1467 return r;
1468
1469 if (u->source_path) {
1470 struct stat st;
1471
1472 if (stat(u->source_path, &st) >= 0)
1473 u->source_mtime = timespec_load(&st.st_mtim);
1474 else
1475 u->source_mtime = 0;
1476 }
1477
1478 return 0;
1479 }
1480
1481 void unit_add_to_target_deps_queue(Unit *u) {
1482 Manager *m = u->manager;
1483
1484 assert(u);
1485
1486 if (u->in_target_deps_queue)
1487 return;
1488
1489 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1490 u->in_target_deps_queue = true;
1491 }
1492
1493 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1494 assert(u);
1495 assert(target);
1496
1497 if (target->type != UNIT_TARGET)
1498 return 0;
1499
1500 /* Only add the dependency if both units are loaded, so that
1501 * that loop check below is reliable */
1502 if (u->load_state != UNIT_LOADED ||
1503 target->load_state != UNIT_LOADED)
1504 return 0;
1505
1506 /* If either side wants no automatic dependencies, then let's
1507 * skip this */
1508 if (!u->default_dependencies ||
1509 !target->default_dependencies)
1510 return 0;
1511
1512 /* Don't create loops */
1513 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1514 return 0;
1515
1516 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1517 }
1518
1519 static int unit_add_slice_dependencies(Unit *u) {
1520 assert(u);
1521
1522 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1523 return 0;
1524
1525 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1526 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1527 relationship). */
1528 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1529
1530 if (UNIT_ISSET(u->slice))
1531 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1532
1533 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1534 return 0;
1535
1536 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1537 }
1538
1539 static int unit_add_mount_dependencies(Unit *u) {
1540 UnitDependencyInfo di;
1541 const char *path;
1542 Iterator i;
1543 int r;
1544
1545 assert(u);
1546
1547 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1548 char prefix[strlen(path) + 1];
1549
1550 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1551 _cleanup_free_ char *p = NULL;
1552 Unit *m;
1553
1554 r = unit_name_from_path(prefix, ".mount", &p);
1555 if (r < 0)
1556 return r;
1557
1558 m = manager_get_unit(u->manager, p);
1559 if (!m) {
1560 /* Make sure to load the mount unit if
1561 * it exists. If so the dependencies
1562 * on this unit will be added later
1563 * during the loading of the mount
1564 * unit. */
1565 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1566 continue;
1567 }
1568 if (m == u)
1569 continue;
1570
1571 if (m->load_state != UNIT_LOADED)
1572 continue;
1573
1574 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1575 if (r < 0)
1576 return r;
1577
1578 if (m->fragment_path) {
1579 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1580 if (r < 0)
1581 return r;
1582 }
1583 }
1584 }
1585
1586 return 0;
1587 }
1588
1589 static int unit_add_startup_units(Unit *u) {
1590 CGroupContext *c;
1591
1592 c = unit_get_cgroup_context(u);
1593 if (!c)
1594 return 0;
1595
1596 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1597 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1598 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1599 return 0;
1600
1601 return set_ensure_put(&u->manager->startup_units, NULL, u);
1602 }
1603
1604 int unit_load(Unit *u) {
1605 int r;
1606
1607 assert(u);
1608
1609 if (u->in_load_queue) {
1610 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1611 u->in_load_queue = false;
1612 }
1613
1614 if (u->type == _UNIT_TYPE_INVALID)
1615 return -EINVAL;
1616
1617 if (u->load_state != UNIT_STUB)
1618 return 0;
1619
1620 if (u->transient_file) {
1621 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1622 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1623
1624 r = fflush_and_check(u->transient_file);
1625 if (r < 0)
1626 goto fail;
1627
1628 u->transient_file = safe_fclose(u->transient_file);
1629 u->fragment_mtime = now(CLOCK_REALTIME);
1630 }
1631
1632 r = UNIT_VTABLE(u)->load(u);
1633 if (r < 0)
1634 goto fail;
1635
1636 assert(u->load_state != UNIT_STUB);
1637
1638 if (u->load_state == UNIT_LOADED) {
1639 unit_add_to_target_deps_queue(u);
1640
1641 r = unit_add_slice_dependencies(u);
1642 if (r < 0)
1643 goto fail;
1644
1645 r = unit_add_mount_dependencies(u);
1646 if (r < 0)
1647 goto fail;
1648
1649 r = unit_add_startup_units(u);
1650 if (r < 0)
1651 goto fail;
1652
1653 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1654 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1655 r = -ENOEXEC;
1656 goto fail;
1657 }
1658
1659 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1660 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1661
1662 /* We finished loading, let's ensure our parents recalculate the members mask */
1663 unit_invalidate_cgroup_members_masks(u);
1664 }
1665
1666 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1667
1668 unit_add_to_dbus_queue(unit_follow_merge(u));
1669 unit_add_to_gc_queue(u);
1670
1671 return 0;
1672
1673 fail:
1674 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1675 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1676
1677 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1678 r == -ENOEXEC ? UNIT_BAD_SETTING :
1679 UNIT_ERROR;
1680 u->load_error = r;
1681
1682 /* Record the last time we tried to load the unit, so that if the cache gets updated between now
1683 * and the next time an attempt is made to load this unit, we know we need to check again. */
1684 if (u->load_state == UNIT_NOT_FOUND)
1685 u->fragment_loadtime = now(CLOCK_REALTIME);
1686
1687 unit_add_to_dbus_queue(u);
1688 unit_add_to_gc_queue(u);
1689
1690 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1691 }
1692
1693 _printf_(7, 8)
1694 static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1695 Unit *u = userdata;
1696 va_list ap;
1697 int r;
1698
1699 va_start(ap, format);
1700 if (u)
1701 r = log_object_internalv(level, error, file, line, func,
1702 u->manager->unit_log_field,
1703 u->id,
1704 u->manager->invocation_log_field,
1705 u->invocation_id_string,
1706 format, ap);
1707 else
1708 r = log_internalv(level, error, file, line, func, format, ap);
1709 va_end(ap);
1710
1711 return r;
1712 }
1713
1714 static bool unit_test_condition(Unit *u) {
1715 _cleanup_strv_free_ char **env = NULL;
1716 int r;
1717
1718 assert(u);
1719
1720 dual_timestamp_get(&u->condition_timestamp);
1721
1722 r = manager_get_effective_environment(u->manager, &env);
1723 if (r < 0) {
1724 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1725 u->condition_result = CONDITION_ERROR;
1726 } else
1727 u->condition_result = condition_test_list(
1728 u->conditions,
1729 env,
1730 condition_type_to_string,
1731 log_unit_internal,
1732 u);
1733
1734 unit_add_to_dbus_queue(u);
1735 return u->condition_result;
1736 }
1737
1738 static bool unit_test_assert(Unit *u) {
1739 _cleanup_strv_free_ char **env = NULL;
1740 int r;
1741
1742 assert(u);
1743
1744 dual_timestamp_get(&u->assert_timestamp);
1745
1746 r = manager_get_effective_environment(u->manager, &env);
1747 if (r < 0) {
1748 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1749 u->assert_result = CONDITION_ERROR;
1750 } else
1751 u->assert_result = condition_test_list(
1752 u->asserts,
1753 env,
1754 assert_type_to_string,
1755 log_unit_internal,
1756 u);
1757
1758 unit_add_to_dbus_queue(u);
1759 return u->assert_result;
1760 }
1761
1762 void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *unit_status_msg_format) {
1763 const char *d;
1764
1765 d = unit_status_string(u);
1766 if (log_get_show_color())
1767 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1768
1769 DISABLE_WARNING_FORMAT_NONLITERAL;
1770 manager_status_printf(u->manager, status_type, status, unit_status_msg_format, d);
1771 REENABLE_WARNING;
1772 }
1773
1774 int unit_test_start_limit(Unit *u) {
1775 const char *reason;
1776
1777 assert(u);
1778
1779 if (ratelimit_below(&u->start_ratelimit)) {
1780 u->start_limit_hit = false;
1781 return 0;
1782 }
1783
1784 log_unit_warning(u, "Start request repeated too quickly.");
1785 u->start_limit_hit = true;
1786
1787 reason = strjoina("unit ", u->id, " failed");
1788
1789 emergency_action(u->manager, u->start_limit_action,
1790 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1791 u->reboot_arg, -1, reason);
1792
1793 return -ECANCELED;
1794 }
1795
1796 bool unit_shall_confirm_spawn(Unit *u) {
1797 assert(u);
1798
1799 if (manager_is_confirm_spawn_disabled(u->manager))
1800 return false;
1801
1802 /* For some reasons units remaining in the same process group
1803 * as PID 1 fail to acquire the console even if it's not used
1804 * by any process. So skip the confirmation question for them. */
1805 return !unit_get_exec_context(u)->same_pgrp;
1806 }
1807
1808 static bool unit_verify_deps(Unit *u) {
1809 Unit *other;
1810 Iterator j;
1811 void *v;
1812
1813 assert(u);
1814
1815 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1816 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1817 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1818 * conjunction with After= as for them any such check would make things entirely racy. */
1819
1820 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1821
1822 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1823 continue;
1824
1825 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1826 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1827 return false;
1828 }
1829 }
1830
1831 return true;
1832 }
1833
1834 /* Errors that aren't really errors:
1835 * -EALREADY: Unit is already started.
1836 * -ECOMM: Condition failed
1837 * -EAGAIN: An operation is already in progress. Retry later.
1838 *
1839 * Errors that are real errors:
1840 * -EBADR: This unit type does not support starting.
1841 * -ECANCELED: Start limit hit, too many requests for now
1842 * -EPROTO: Assert failed
1843 * -EINVAL: Unit not loaded
1844 * -EOPNOTSUPP: Unit type not supported
1845 * -ENOLINK: The necessary dependencies are not fulfilled.
1846 * -ESTALE: This unit has been started before and can't be started a second time
1847 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1848 */
1849 int unit_start(Unit *u) {
1850 UnitActiveState state;
1851 Unit *following;
1852
1853 assert(u);
1854
1855 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1856 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1857 * waiting is finished. */
1858 state = unit_active_state(u);
1859 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1860 return -EALREADY;
1861 if (state == UNIT_MAINTENANCE)
1862 return -EAGAIN;
1863
1864 /* Units that aren't loaded cannot be started */
1865 if (u->load_state != UNIT_LOADED)
1866 return -EINVAL;
1867
1868 /* Refuse starting scope units more than once */
1869 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1870 return -ESTALE;
1871
1872 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1873 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1874 * recheck the condition in that case. */
1875 if (state != UNIT_ACTIVATING &&
1876 !unit_test_condition(u))
1877 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
1878
1879 /* If the asserts failed, fail the entire job */
1880 if (state != UNIT_ACTIVATING &&
1881 !unit_test_assert(u))
1882 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1883
1884 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1885 * condition checks, so that we rather return condition check errors (which are usually not
1886 * considered a true failure) than "not supported" errors (which are considered a failure).
1887 */
1888 if (!unit_type_supported(u->type))
1889 return -EOPNOTSUPP;
1890
1891 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1892 * should have taken care of this already, but let's check this here again. After all, our
1893 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1894 if (!unit_verify_deps(u))
1895 return -ENOLINK;
1896
1897 /* Forward to the main object, if we aren't it. */
1898 following = unit_following(u);
1899 if (following) {
1900 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1901 return unit_start(following);
1902 }
1903
1904 /* If it is stopped, but we cannot start it, then fail */
1905 if (!UNIT_VTABLE(u)->start)
1906 return -EBADR;
1907
1908 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1909 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1910 * waits for a holdoff timer to elapse before it will start again. */
1911
1912 unit_add_to_dbus_queue(u);
1913 unit_cgroup_freezer_action(u, FREEZER_THAW);
1914
1915 return UNIT_VTABLE(u)->start(u);
1916 }
1917
1918 bool unit_can_start(Unit *u) {
1919 assert(u);
1920
1921 if (u->load_state != UNIT_LOADED)
1922 return false;
1923
1924 if (!unit_type_supported(u->type))
1925 return false;
1926
1927 /* Scope units may be started only once */
1928 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1929 return false;
1930
1931 return !!UNIT_VTABLE(u)->start;
1932 }
1933
1934 bool unit_can_isolate(Unit *u) {
1935 assert(u);
1936
1937 return unit_can_start(u) &&
1938 u->allow_isolate;
1939 }
1940
1941 /* Errors:
1942 * -EBADR: This unit type does not support stopping.
1943 * -EALREADY: Unit is already stopped.
1944 * -EAGAIN: An operation is already in progress. Retry later.
1945 */
1946 int unit_stop(Unit *u) {
1947 UnitActiveState state;
1948 Unit *following;
1949
1950 assert(u);
1951
1952 state = unit_active_state(u);
1953 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1954 return -EALREADY;
1955
1956 following = unit_following(u);
1957 if (following) {
1958 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1959 return unit_stop(following);
1960 }
1961
1962 if (!UNIT_VTABLE(u)->stop)
1963 return -EBADR;
1964
1965 unit_add_to_dbus_queue(u);
1966 unit_cgroup_freezer_action(u, FREEZER_THAW);
1967
1968 return UNIT_VTABLE(u)->stop(u);
1969 }
1970
1971 bool unit_can_stop(Unit *u) {
1972 assert(u);
1973
1974 if (!unit_type_supported(u->type))
1975 return false;
1976
1977 if (u->perpetual)
1978 return false;
1979
1980 return !!UNIT_VTABLE(u)->stop;
1981 }
1982
1983 /* Errors:
1984 * -EBADR: This unit type does not support reloading.
1985 * -ENOEXEC: Unit is not started.
1986 * -EAGAIN: An operation is already in progress. Retry later.
1987 */
1988 int unit_reload(Unit *u) {
1989 UnitActiveState state;
1990 Unit *following;
1991
1992 assert(u);
1993
1994 if (u->load_state != UNIT_LOADED)
1995 return -EINVAL;
1996
1997 if (!unit_can_reload(u))
1998 return -EBADR;
1999
2000 state = unit_active_state(u);
2001 if (state == UNIT_RELOADING)
2002 return -EAGAIN;
2003
2004 if (state != UNIT_ACTIVE) {
2005 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
2006 return -ENOEXEC;
2007 }
2008
2009 following = unit_following(u);
2010 if (following) {
2011 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
2012 return unit_reload(following);
2013 }
2014
2015 unit_add_to_dbus_queue(u);
2016
2017 if (!UNIT_VTABLE(u)->reload) {
2018 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2019 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
2020 return 0;
2021 }
2022
2023 unit_cgroup_freezer_action(u, FREEZER_THAW);
2024
2025 return UNIT_VTABLE(u)->reload(u);
2026 }
2027
2028 bool unit_can_reload(Unit *u) {
2029 assert(u);
2030
2031 if (UNIT_VTABLE(u)->can_reload)
2032 return UNIT_VTABLE(u)->can_reload(u);
2033
2034 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
2035 return true;
2036
2037 return UNIT_VTABLE(u)->reload;
2038 }
2039
2040 bool unit_is_unneeded(Unit *u) {
2041 static const UnitDependency deps[] = {
2042 UNIT_REQUIRED_BY,
2043 UNIT_REQUISITE_OF,
2044 UNIT_WANTED_BY,
2045 UNIT_BOUND_BY,
2046 };
2047 size_t j;
2048
2049 assert(u);
2050
2051 if (!u->stop_when_unneeded)
2052 return false;
2053
2054 /* Don't clean up while the unit is transitioning or is even inactive. */
2055 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
2056 return false;
2057 if (u->job)
2058 return false;
2059
2060 for (j = 0; j < ELEMENTSOF(deps); j++) {
2061 Unit *other;
2062 Iterator i;
2063 void *v;
2064
2065 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2066 * restart, then don't clean this one up. */
2067
2068 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) {
2069 if (other->job)
2070 return false;
2071
2072 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2073 return false;
2074
2075 if (unit_will_restart(other))
2076 return false;
2077 }
2078 }
2079
2080 return true;
2081 }
2082
2083 static void check_unneeded_dependencies(Unit *u) {
2084
2085 static const UnitDependency deps[] = {
2086 UNIT_REQUIRES,
2087 UNIT_REQUISITE,
2088 UNIT_WANTS,
2089 UNIT_BINDS_TO,
2090 };
2091 size_t j;
2092
2093 assert(u);
2094
2095 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2096
2097 for (j = 0; j < ELEMENTSOF(deps); j++) {
2098 Unit *other;
2099 Iterator i;
2100 void *v;
2101
2102 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i)
2103 unit_submit_to_stop_when_unneeded_queue(other);
2104 }
2105 }
2106
2107 static void unit_check_binds_to(Unit *u) {
2108 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2109 bool stop = false;
2110 Unit *other;
2111 Iterator i;
2112 void *v;
2113 int r;
2114
2115 assert(u);
2116
2117 if (u->job)
2118 return;
2119
2120 if (unit_active_state(u) != UNIT_ACTIVE)
2121 return;
2122
2123 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2124 if (other->job)
2125 continue;
2126
2127 if (!other->coldplugged)
2128 /* We might yet create a job for the other unit… */
2129 continue;
2130
2131 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2132 continue;
2133
2134 stop = true;
2135 break;
2136 }
2137
2138 if (!stop)
2139 return;
2140
2141 /* If stopping a unit fails continuously we might enter a stop
2142 * loop here, hence stop acting on the service being
2143 * unnecessary after a while. */
2144 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2145 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2146 return;
2147 }
2148
2149 assert(other);
2150 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2151
2152 /* A unit we need to run is gone. Sniff. Let's stop this. */
2153 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL);
2154 if (r < 0)
2155 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2156 }
2157
2158 static void retroactively_start_dependencies(Unit *u) {
2159 Iterator i;
2160 Unit *other;
2161 void *v;
2162
2163 assert(u);
2164 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2165
2166 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2167 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2168 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2169 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2170
2171 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2172 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2173 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2174 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2175
2176 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2177 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2178 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2179 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
2180
2181 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2182 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2183 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2184
2185 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2186 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2187 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2188 }
2189
2190 static void retroactively_stop_dependencies(Unit *u) {
2191 Unit *other;
2192 Iterator i;
2193 void *v;
2194
2195 assert(u);
2196 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2197
2198 /* Pull down units which are bound to us recursively if enabled */
2199 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2200 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2201 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2202 }
2203
2204 void unit_start_on_failure(Unit *u) {
2205 Unit *other;
2206 Iterator i;
2207 void *v;
2208 int r;
2209
2210 assert(u);
2211
2212 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2213 return;
2214
2215 log_unit_info(u, "Triggering OnFailure= dependencies.");
2216
2217 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2218 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2219
2220 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, &error, NULL);
2221 if (r < 0)
2222 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2223 }
2224 }
2225
2226 void unit_trigger_notify(Unit *u) {
2227 Unit *other;
2228 Iterator i;
2229 void *v;
2230
2231 assert(u);
2232
2233 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2234 if (UNIT_VTABLE(other)->trigger_notify)
2235 UNIT_VTABLE(other)->trigger_notify(other, u);
2236 }
2237
2238 static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2239 if (condition_notice && log_level > LOG_NOTICE)
2240 return LOG_NOTICE;
2241 if (condition_info && log_level > LOG_INFO)
2242 return LOG_INFO;
2243 return log_level;
2244 }
2245
2246 static int unit_log_resources(Unit *u) {
2247 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2248 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2249 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
2250 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2251 size_t n_message_parts = 0, n_iovec = 0;
2252 char* message_parts[1 + 2 + 2 + 1], *t;
2253 nsec_t nsec = NSEC_INFINITY;
2254 CGroupIPAccountingMetric m;
2255 size_t i;
2256 int r;
2257 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2258 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2259 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2260 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2261 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2262 };
2263 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2264 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2265 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2266 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2267 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2268 };
2269
2270 assert(u);
2271
2272 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2273 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2274 * information and the complete data in structured fields. */
2275
2276 (void) unit_get_cpu_usage(u, &nsec);
2277 if (nsec != NSEC_INFINITY) {
2278 char buf[FORMAT_TIMESPAN_MAX] = "";
2279
2280 /* Format the CPU time for inclusion in the structured log message */
2281 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2282 r = log_oom();
2283 goto finish;
2284 }
2285 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2286
2287 /* Format the CPU time for inclusion in the human language message string */
2288 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2289 t = strjoin("consumed ", buf, " CPU time");
2290 if (!t) {
2291 r = log_oom();
2292 goto finish;
2293 }
2294
2295 message_parts[n_message_parts++] = t;
2296
2297 log_level = raise_level(log_level,
2298 nsec > NOTICEWORTHY_CPU_NSEC,
2299 nsec > MENTIONWORTHY_CPU_NSEC);
2300 }
2301
2302 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2303 char buf[FORMAT_BYTES_MAX] = "";
2304 uint64_t value = UINT64_MAX;
2305
2306 assert(io_fields[k]);
2307
2308 (void) unit_get_io_accounting(u, k, k > 0, &value);
2309 if (value == UINT64_MAX)
2310 continue;
2311
2312 have_io_accounting = true;
2313 if (value > 0)
2314 any_io = true;
2315
2316 /* Format IO accounting data for inclusion in the structured log message */
2317 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2318 r = log_oom();
2319 goto finish;
2320 }
2321 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2322
2323 /* Format the IO accounting data for inclusion in the human language message string, but only
2324 * for the bytes counters (and not for the operations counters) */
2325 if (k == CGROUP_IO_READ_BYTES) {
2326 assert(!rr);
2327 rr = strjoin("read ", format_bytes(buf, sizeof(buf), value), " from disk");
2328 if (!rr) {
2329 r = log_oom();
2330 goto finish;
2331 }
2332 } else if (k == CGROUP_IO_WRITE_BYTES) {
2333 assert(!wr);
2334 wr = strjoin("written ", format_bytes(buf, sizeof(buf), value), " to disk");
2335 if (!wr) {
2336 r = log_oom();
2337 goto finish;
2338 }
2339 }
2340
2341 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2342 log_level = raise_level(log_level,
2343 value > MENTIONWORTHY_IO_BYTES,
2344 value > NOTICEWORTHY_IO_BYTES);
2345 }
2346
2347 if (have_io_accounting) {
2348 if (any_io) {
2349 if (rr)
2350 message_parts[n_message_parts++] = TAKE_PTR(rr);
2351 if (wr)
2352 message_parts[n_message_parts++] = TAKE_PTR(wr);
2353
2354 } else {
2355 char *k;
2356
2357 k = strdup("no IO");
2358 if (!k) {
2359 r = log_oom();
2360 goto finish;
2361 }
2362
2363 message_parts[n_message_parts++] = k;
2364 }
2365 }
2366
2367 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2368 char buf[FORMAT_BYTES_MAX] = "";
2369 uint64_t value = UINT64_MAX;
2370
2371 assert(ip_fields[m]);
2372
2373 (void) unit_get_ip_accounting(u, m, &value);
2374 if (value == UINT64_MAX)
2375 continue;
2376
2377 have_ip_accounting = true;
2378 if (value > 0)
2379 any_traffic = true;
2380
2381 /* Format IP accounting data for inclusion in the structured log message */
2382 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2383 r = log_oom();
2384 goto finish;
2385 }
2386 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2387
2388 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2389 * bytes counters (and not for the packets counters) */
2390 if (m == CGROUP_IP_INGRESS_BYTES) {
2391 assert(!igress);
2392 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2393 if (!igress) {
2394 r = log_oom();
2395 goto finish;
2396 }
2397 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2398 assert(!egress);
2399 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2400 if (!egress) {
2401 r = log_oom();
2402 goto finish;
2403 }
2404 }
2405
2406 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2407 log_level = raise_level(log_level,
2408 value > MENTIONWORTHY_IP_BYTES,
2409 value > NOTICEWORTHY_IP_BYTES);
2410 }
2411
2412 if (have_ip_accounting) {
2413 if (any_traffic) {
2414 if (igress)
2415 message_parts[n_message_parts++] = TAKE_PTR(igress);
2416 if (egress)
2417 message_parts[n_message_parts++] = TAKE_PTR(egress);
2418
2419 } else {
2420 char *k;
2421
2422 k = strdup("no IP traffic");
2423 if (!k) {
2424 r = log_oom();
2425 goto finish;
2426 }
2427
2428 message_parts[n_message_parts++] = k;
2429 }
2430 }
2431
2432 /* Is there any accounting data available at all? */
2433 if (n_iovec == 0) {
2434 r = 0;
2435 goto finish;
2436 }
2437
2438 if (n_message_parts == 0)
2439 t = strjoina("MESSAGE=", u->id, ": Completed.");
2440 else {
2441 _cleanup_free_ char *joined;
2442
2443 message_parts[n_message_parts] = NULL;
2444
2445 joined = strv_join(message_parts, ", ");
2446 if (!joined) {
2447 r = log_oom();
2448 goto finish;
2449 }
2450
2451 joined[0] = ascii_toupper(joined[0]);
2452 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2453 }
2454
2455 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2456 * and hence don't increase n_iovec for them */
2457 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2458 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2459
2460 t = strjoina(u->manager->unit_log_field, u->id);
2461 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2462
2463 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2464 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2465
2466 log_struct_iovec(log_level, iovec, n_iovec + 4);
2467 r = 0;
2468
2469 finish:
2470 for (i = 0; i < n_message_parts; i++)
2471 free(message_parts[i]);
2472
2473 for (i = 0; i < n_iovec; i++)
2474 free(iovec[i].iov_base);
2475
2476 return r;
2477
2478 }
2479
2480 static void unit_update_on_console(Unit *u) {
2481 bool b;
2482
2483 assert(u);
2484
2485 b = unit_needs_console(u);
2486 if (u->on_console == b)
2487 return;
2488
2489 u->on_console = b;
2490 if (b)
2491 manager_ref_console(u->manager);
2492 else
2493 manager_unref_console(u->manager);
2494 }
2495
2496 static void unit_emit_audit_start(Unit *u) {
2497 assert(u);
2498
2499 if (u->type != UNIT_SERVICE)
2500 return;
2501
2502 /* Write audit record if we have just finished starting up */
2503 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2504 u->in_audit = true;
2505 }
2506
2507 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2508 assert(u);
2509
2510 if (u->type != UNIT_SERVICE)
2511 return;
2512
2513 if (u->in_audit) {
2514 /* Write audit record if we have just finished shutting down */
2515 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2516 u->in_audit = false;
2517 } else {
2518 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2519 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2520
2521 if (state == UNIT_INACTIVE)
2522 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2523 }
2524 }
2525
2526 static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2527 bool unexpected = false;
2528 JobResult result;
2529
2530 assert(j);
2531
2532 if (j->state == JOB_WAITING)
2533
2534 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2535 * due to EAGAIN. */
2536 job_add_to_run_queue(j);
2537
2538 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2539 * hence needs to invalidate jobs. */
2540
2541 switch (j->type) {
2542
2543 case JOB_START:
2544 case JOB_VERIFY_ACTIVE:
2545
2546 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2547 job_finish_and_invalidate(j, JOB_DONE, true, false);
2548 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2549 unexpected = true;
2550
2551 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2552 if (ns == UNIT_FAILED)
2553 result = JOB_FAILED;
2554 else if (FLAGS_SET(flags, UNIT_NOTIFY_SKIP_CONDITION))
2555 result = JOB_SKIPPED;
2556 else
2557 result = JOB_DONE;
2558
2559 job_finish_and_invalidate(j, result, true, false);
2560 }
2561 }
2562
2563 break;
2564
2565 case JOB_RELOAD:
2566 case JOB_RELOAD_OR_START:
2567 case JOB_TRY_RELOAD:
2568
2569 if (j->state == JOB_RUNNING) {
2570 if (ns == UNIT_ACTIVE)
2571 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2572 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2573 unexpected = true;
2574
2575 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2576 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2577 }
2578 }
2579
2580 break;
2581
2582 case JOB_STOP:
2583 case JOB_RESTART:
2584 case JOB_TRY_RESTART:
2585
2586 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2587 job_finish_and_invalidate(j, JOB_DONE, true, false);
2588 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2589 unexpected = true;
2590 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2591 }
2592
2593 break;
2594
2595 default:
2596 assert_not_reached("Job type unknown");
2597 }
2598
2599 return unexpected;
2600 }
2601
2602 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2603 const char *reason;
2604 Manager *m;
2605
2606 assert(u);
2607 assert(os < _UNIT_ACTIVE_STATE_MAX);
2608 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2609
2610 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2611 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2612 * remounted this function will be called too! */
2613
2614 m = u->manager;
2615
2616 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2617 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2618 unit_add_to_dbus_queue(u);
2619
2620 /* Update timestamps for state changes */
2621 if (!MANAGER_IS_RELOADING(m)) {
2622 dual_timestamp_get(&u->state_change_timestamp);
2623
2624 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2625 u->inactive_exit_timestamp = u->state_change_timestamp;
2626 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2627 u->inactive_enter_timestamp = u->state_change_timestamp;
2628
2629 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2630 u->active_enter_timestamp = u->state_change_timestamp;
2631 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2632 u->active_exit_timestamp = u->state_change_timestamp;
2633 }
2634
2635 /* Keep track of failed units */
2636 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2637
2638 /* Make sure the cgroup and state files are always removed when we become inactive */
2639 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2640 unit_prune_cgroup(u);
2641 unit_unlink_state_files(u);
2642 }
2643
2644 unit_update_on_console(u);
2645
2646 if (!MANAGER_IS_RELOADING(m)) {
2647 bool unexpected;
2648
2649 /* Let's propagate state changes to the job */
2650 if (u->job)
2651 unexpected = unit_process_job(u->job, ns, flags);
2652 else
2653 unexpected = true;
2654
2655 /* If this state change happened without being requested by a job, then let's retroactively start or
2656 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2657 * additional jobs just because something is already activated. */
2658
2659 if (unexpected) {
2660 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2661 retroactively_start_dependencies(u);
2662 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2663 retroactively_stop_dependencies(u);
2664 }
2665
2666 /* stop unneeded units regardless if going down was expected or not */
2667 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2668 check_unneeded_dependencies(u);
2669
2670 if (ns != os && ns == UNIT_FAILED) {
2671 log_unit_debug(u, "Unit entered failed state.");
2672
2673 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2674 unit_start_on_failure(u);
2675 }
2676
2677 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2678 /* This unit just finished starting up */
2679
2680 unit_emit_audit_start(u);
2681 manager_send_unit_plymouth(m, u);
2682 }
2683
2684 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2685 /* This unit just stopped/failed. */
2686
2687 unit_emit_audit_stop(u, ns);
2688 unit_log_resources(u);
2689 }
2690 }
2691
2692 manager_recheck_journal(m);
2693 manager_recheck_dbus(m);
2694
2695 unit_trigger_notify(u);
2696
2697 if (!MANAGER_IS_RELOADING(m)) {
2698 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2699 unit_submit_to_stop_when_unneeded_queue(u);
2700
2701 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2702 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2703 * without ever entering started.) */
2704 unit_check_binds_to(u);
2705
2706 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2707 reason = strjoina("unit ", u->id, " failed");
2708 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2709 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2710 reason = strjoina("unit ", u->id, " succeeded");
2711 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2712 }
2713 }
2714
2715 unit_add_to_gc_queue(u);
2716 }
2717
2718 int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2719 int r;
2720
2721 assert(u);
2722 assert(pid_is_valid(pid));
2723
2724 /* Watch a specific PID */
2725
2726 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2727 * opportunity to remove any stalled references to this PID as they can be created
2728 * easily (when watching a process which is not our direct child). */
2729 if (exclusive)
2730 manager_unwatch_pid(u->manager, pid);
2731
2732 r = set_ensure_allocated(&u->pids, NULL);
2733 if (r < 0)
2734 return r;
2735
2736 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2737 if (r < 0)
2738 return r;
2739
2740 /* First try, let's add the unit keyed by "pid". */
2741 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2742 if (r == -EEXIST) {
2743 Unit **array;
2744 bool found = false;
2745 size_t n = 0;
2746
2747 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2748 * to an array of Units rather than just a Unit), lists us already. */
2749
2750 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2751 if (array)
2752 for (; array[n]; n++)
2753 if (array[n] == u)
2754 found = true;
2755
2756 if (found) /* Found it already? if so, do nothing */
2757 r = 0;
2758 else {
2759 Unit **new_array;
2760
2761 /* Allocate a new array */
2762 new_array = new(Unit*, n + 2);
2763 if (!new_array)
2764 return -ENOMEM;
2765
2766 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2767 new_array[n] = u;
2768 new_array[n+1] = NULL;
2769
2770 /* Add or replace the old array */
2771 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2772 if (r < 0) {
2773 free(new_array);
2774 return r;
2775 }
2776
2777 free(array);
2778 }
2779 } else if (r < 0)
2780 return r;
2781
2782 r = set_put(u->pids, PID_TO_PTR(pid));
2783 if (r < 0)
2784 return r;
2785
2786 return 0;
2787 }
2788
2789 void unit_unwatch_pid(Unit *u, pid_t pid) {
2790 Unit **array;
2791
2792 assert(u);
2793 assert(pid_is_valid(pid));
2794
2795 /* First let's drop the unit in case it's keyed as "pid". */
2796 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2797
2798 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2799 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2800 if (array) {
2801 size_t n, m = 0;
2802
2803 /* Let's iterate through the array, dropping our own entry */
2804 for (n = 0; array[n]; n++)
2805 if (array[n] != u)
2806 array[m++] = array[n];
2807 array[m] = NULL;
2808
2809 if (m == 0) {
2810 /* The array is now empty, remove the entire entry */
2811 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2812 free(array);
2813 }
2814 }
2815
2816 (void) set_remove(u->pids, PID_TO_PTR(pid));
2817 }
2818
2819 void unit_unwatch_all_pids(Unit *u) {
2820 assert(u);
2821
2822 while (!set_isempty(u->pids))
2823 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2824
2825 u->pids = set_free(u->pids);
2826 }
2827
2828 static void unit_tidy_watch_pids(Unit *u) {
2829 pid_t except1, except2;
2830 Iterator i;
2831 void *e;
2832
2833 assert(u);
2834
2835 /* Cleans dead PIDs from our list */
2836
2837 except1 = unit_main_pid(u);
2838 except2 = unit_control_pid(u);
2839
2840 SET_FOREACH(e, u->pids, i) {
2841 pid_t pid = PTR_TO_PID(e);
2842
2843 if (pid == except1 || pid == except2)
2844 continue;
2845
2846 if (!pid_is_unwaited(pid))
2847 unit_unwatch_pid(u, pid);
2848 }
2849 }
2850
2851 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2852 Unit *u = userdata;
2853
2854 assert(s);
2855 assert(u);
2856
2857 unit_tidy_watch_pids(u);
2858 unit_watch_all_pids(u);
2859
2860 /* If the PID set is empty now, then let's finish this off. */
2861 unit_synthesize_cgroup_empty_event(u);
2862
2863 return 0;
2864 }
2865
2866 int unit_enqueue_rewatch_pids(Unit *u) {
2867 int r;
2868
2869 assert(u);
2870
2871 if (!u->cgroup_path)
2872 return -ENOENT;
2873
2874 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2875 if (r < 0)
2876 return r;
2877 if (r > 0) /* On unified we can use proper notifications */
2878 return 0;
2879
2880 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2881 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2882 * involves issuing kill(pid, 0) on all processes we watch. */
2883
2884 if (!u->rewatch_pids_event_source) {
2885 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2886
2887 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2888 if (r < 0)
2889 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2890
2891 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2892 if (r < 0)
2893 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2894
2895 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2896
2897 u->rewatch_pids_event_source = TAKE_PTR(s);
2898 }
2899
2900 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2901 if (r < 0)
2902 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2903
2904 return 0;
2905 }
2906
2907 void unit_dequeue_rewatch_pids(Unit *u) {
2908 int r;
2909 assert(u);
2910
2911 if (!u->rewatch_pids_event_source)
2912 return;
2913
2914 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2915 if (r < 0)
2916 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2917
2918 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2919 }
2920
2921 bool unit_job_is_applicable(Unit *u, JobType j) {
2922 assert(u);
2923 assert(j >= 0 && j < _JOB_TYPE_MAX);
2924
2925 switch (j) {
2926
2927 case JOB_VERIFY_ACTIVE:
2928 case JOB_START:
2929 case JOB_NOP:
2930 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2931 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2932 * jobs for it. */
2933 return true;
2934
2935 case JOB_STOP:
2936 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2937 * external events), hence it makes no sense to permit enqueuing such a request either. */
2938 return !u->perpetual;
2939
2940 case JOB_RESTART:
2941 case JOB_TRY_RESTART:
2942 return unit_can_stop(u) && unit_can_start(u);
2943
2944 case JOB_RELOAD:
2945 case JOB_TRY_RELOAD:
2946 return unit_can_reload(u);
2947
2948 case JOB_RELOAD_OR_START:
2949 return unit_can_reload(u) && unit_can_start(u);
2950
2951 default:
2952 assert_not_reached("Invalid job type");
2953 }
2954 }
2955
2956 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2957 assert(u);
2958
2959 /* Only warn about some unit types */
2960 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2961 return;
2962
2963 if (streq_ptr(u->id, other))
2964 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2965 else
2966 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2967 }
2968
2969 static int unit_add_dependency_hashmap(
2970 Hashmap **h,
2971 Unit *other,
2972 UnitDependencyMask origin_mask,
2973 UnitDependencyMask destination_mask) {
2974
2975 UnitDependencyInfo info;
2976 int r;
2977
2978 assert(h);
2979 assert(other);
2980 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2981 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2982 assert(origin_mask > 0 || destination_mask > 0);
2983
2984 r = hashmap_ensure_allocated(h, NULL);
2985 if (r < 0)
2986 return r;
2987
2988 assert_cc(sizeof(void*) == sizeof(info));
2989
2990 info.data = hashmap_get(*h, other);
2991 if (info.data) {
2992 /* Entry already exists. Add in our mask. */
2993
2994 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2995 FLAGS_SET(destination_mask, info.destination_mask))
2996 return 0; /* NOP */
2997
2998 info.origin_mask |= origin_mask;
2999 info.destination_mask |= destination_mask;
3000
3001 r = hashmap_update(*h, other, info.data);
3002 } else {
3003 info = (UnitDependencyInfo) {
3004 .origin_mask = origin_mask,
3005 .destination_mask = destination_mask,
3006 };
3007
3008 r = hashmap_put(*h, other, info.data);
3009 }
3010 if (r < 0)
3011 return r;
3012
3013 return 1;
3014 }
3015
3016 int unit_add_dependency(
3017 Unit *u,
3018 UnitDependency d,
3019 Unit *other,
3020 bool add_reference,
3021 UnitDependencyMask mask) {
3022
3023 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3024 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3025 [UNIT_WANTS] = UNIT_WANTED_BY,
3026 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3027 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3028 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3029 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3030 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3031 [UNIT_WANTED_BY] = UNIT_WANTS,
3032 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3033 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3034 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3035 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3036 [UNIT_BEFORE] = UNIT_AFTER,
3037 [UNIT_AFTER] = UNIT_BEFORE,
3038 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
3039 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3040 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3041 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3042 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3043 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
3044 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
3045 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
3046 };
3047 Unit *original_u = u, *original_other = other;
3048 int r;
3049
3050 assert(u);
3051 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3052 assert(other);
3053
3054 u = unit_follow_merge(u);
3055 other = unit_follow_merge(other);
3056
3057 /* We won't allow dependencies on ourselves. We will not
3058 * consider them an error however. */
3059 if (u == other) {
3060 maybe_warn_about_dependency(original_u, original_other->id, d);
3061 return 0;
3062 }
3063
3064 /* Note that ordering a device unit after a unit is permitted since it
3065 * allows to start its job running timeout at a specific time. */
3066 if (d == UNIT_BEFORE && other->type == UNIT_DEVICE) {
3067 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
3068 return 0;
3069 }
3070
3071 if (d == UNIT_ON_FAILURE && !UNIT_VTABLE(u)->can_fail) {
3072 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3073 return 0;
3074 }
3075
3076 if (d == UNIT_TRIGGERS && !UNIT_VTABLE(u)->can_trigger)
3077 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3078 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
3079 if (d == UNIT_TRIGGERED_BY && !UNIT_VTABLE(other)->can_trigger)
3080 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3081 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3082
3083 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
3084 if (r < 0)
3085 return r;
3086
3087 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
3088 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
3089 if (r < 0)
3090 return r;
3091 }
3092
3093 if (add_reference) {
3094 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
3095 if (r < 0)
3096 return r;
3097
3098 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
3099 if (r < 0)
3100 return r;
3101 }
3102
3103 unit_add_to_dbus_queue(u);
3104 return 0;
3105 }
3106
3107 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
3108 int r;
3109
3110 assert(u);
3111
3112 r = unit_add_dependency(u, d, other, add_reference, mask);
3113 if (r < 0)
3114 return r;
3115
3116 return unit_add_dependency(u, e, other, add_reference, mask);
3117 }
3118
3119 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
3120 int r;
3121
3122 assert(u);
3123 assert(name);
3124 assert(buf);
3125 assert(ret);
3126
3127 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3128 *buf = NULL;
3129 *ret = name;
3130 return 0;
3131 }
3132
3133 if (u->instance)
3134 r = unit_name_replace_instance(name, u->instance, buf);
3135 else {
3136 _cleanup_free_ char *i = NULL;
3137
3138 r = unit_name_to_prefix(u->id, &i);
3139 if (r < 0)
3140 return r;
3141
3142 r = unit_name_replace_instance(name, i, buf);
3143 }
3144 if (r < 0)
3145 return r;
3146
3147 *ret = *buf;
3148 return 0;
3149 }
3150
3151 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
3152 _cleanup_free_ char *buf = NULL;
3153 Unit *other;
3154 int r;
3155
3156 assert(u);
3157 assert(name);
3158
3159 r = resolve_template(u, name, &buf, &name);
3160 if (r < 0)
3161 return r;
3162
3163 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3164 if (r < 0)
3165 return r;
3166
3167 return unit_add_dependency(u, d, other, add_reference, mask);
3168 }
3169
3170 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
3171 _cleanup_free_ char *buf = NULL;
3172 Unit *other;
3173 int r;
3174
3175 assert(u);
3176 assert(name);
3177
3178 r = resolve_template(u, name, &buf, &name);
3179 if (r < 0)
3180 return r;
3181
3182 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3183 if (r < 0)
3184 return r;
3185
3186 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
3187 }
3188
3189 int set_unit_path(const char *p) {
3190 /* This is mostly for debug purposes */
3191 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
3192 return -errno;
3193
3194 return 0;
3195 }
3196
3197 char *unit_dbus_path(Unit *u) {
3198 assert(u);
3199
3200 if (!u->id)
3201 return NULL;
3202
3203 return unit_dbus_path_from_name(u->id);
3204 }
3205
3206 char *unit_dbus_path_invocation_id(Unit *u) {
3207 assert(u);
3208
3209 if (sd_id128_is_null(u->invocation_id))
3210 return NULL;
3211
3212 return unit_dbus_path_from_name(u->invocation_id_string);
3213 }
3214
3215 static int unit_set_invocation_id(Unit *u, sd_id128_t id) {
3216 int r;
3217
3218 assert(u);
3219
3220 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3221
3222 if (sd_id128_equal(u->invocation_id, id))
3223 return 0;
3224
3225 if (!sd_id128_is_null(u->invocation_id))
3226 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3227
3228 if (sd_id128_is_null(id)) {
3229 r = 0;
3230 goto reset;
3231 }
3232
3233 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3234 if (r < 0)
3235 goto reset;
3236
3237 u->invocation_id = id;
3238 sd_id128_to_string(id, u->invocation_id_string);
3239
3240 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3241 if (r < 0)
3242 goto reset;
3243
3244 return 0;
3245
3246 reset:
3247 u->invocation_id = SD_ID128_NULL;
3248 u->invocation_id_string[0] = 0;
3249 return r;
3250 }
3251
3252 int unit_set_slice(Unit *u, Unit *slice) {
3253 assert(u);
3254 assert(slice);
3255
3256 /* Sets the unit slice if it has not been set before. Is extra
3257 * careful, to only allow this for units that actually have a
3258 * cgroup context. Also, we don't allow to set this for slices
3259 * (since the parent slice is derived from the name). Make
3260 * sure the unit we set is actually a slice. */
3261
3262 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3263 return -EOPNOTSUPP;
3264
3265 if (u->type == UNIT_SLICE)
3266 return -EINVAL;
3267
3268 if (unit_active_state(u) != UNIT_INACTIVE)
3269 return -EBUSY;
3270
3271 if (slice->type != UNIT_SLICE)
3272 return -EINVAL;
3273
3274 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3275 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3276 return -EPERM;
3277
3278 if (UNIT_DEREF(u->slice) == slice)
3279 return 0;
3280
3281 /* Disallow slice changes if @u is already bound to cgroups */
3282 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3283 return -EBUSY;
3284
3285 unit_ref_set(&u->slice, u, slice);
3286 return 1;
3287 }
3288
3289 int unit_set_default_slice(Unit *u) {
3290 const char *slice_name;
3291 Unit *slice;
3292 int r;
3293
3294 assert(u);
3295
3296 if (UNIT_ISSET(u->slice))
3297 return 0;
3298
3299 if (u->instance) {
3300 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3301
3302 /* Implicitly place all instantiated units in their
3303 * own per-template slice */
3304
3305 r = unit_name_to_prefix(u->id, &prefix);
3306 if (r < 0)
3307 return r;
3308
3309 /* The prefix is already escaped, but it might include
3310 * "-" which has a special meaning for slice units,
3311 * hence escape it here extra. */
3312 escaped = unit_name_escape(prefix);
3313 if (!escaped)
3314 return -ENOMEM;
3315
3316 if (MANAGER_IS_SYSTEM(u->manager))
3317 slice_name = strjoina("system-", escaped, ".slice");
3318 else
3319 slice_name = strjoina(escaped, ".slice");
3320 } else
3321 slice_name =
3322 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3323 ? SPECIAL_SYSTEM_SLICE
3324 : SPECIAL_ROOT_SLICE;
3325
3326 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3327 if (r < 0)
3328 return r;
3329
3330 return unit_set_slice(u, slice);
3331 }
3332
3333 const char *unit_slice_name(Unit *u) {
3334 assert(u);
3335
3336 if (!UNIT_ISSET(u->slice))
3337 return NULL;
3338
3339 return UNIT_DEREF(u->slice)->id;
3340 }
3341
3342 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3343 _cleanup_free_ char *t = NULL;
3344 int r;
3345
3346 assert(u);
3347 assert(type);
3348 assert(_found);
3349
3350 r = unit_name_change_suffix(u->id, type, &t);
3351 if (r < 0)
3352 return r;
3353 if (unit_has_name(u, t))
3354 return -EINVAL;
3355
3356 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3357 assert(r < 0 || *_found != u);
3358 return r;
3359 }
3360
3361 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3362 const char *new_owner;
3363 Unit *u = userdata;
3364 int r;
3365
3366 assert(message);
3367 assert(u);
3368
3369 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
3370 if (r < 0) {
3371 bus_log_parse_error(r);
3372 return 0;
3373 }
3374
3375 if (UNIT_VTABLE(u)->bus_name_owner_change)
3376 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
3377
3378 return 0;
3379 }
3380
3381 static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3382 const sd_bus_error *e;
3383 const char *new_owner;
3384 Unit *u = userdata;
3385 int r;
3386
3387 assert(message);
3388 assert(u);
3389
3390 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3391
3392 e = sd_bus_message_get_error(message);
3393 if (e) {
3394 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3395 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
3396
3397 new_owner = NULL;
3398 } else {
3399 r = sd_bus_message_read(message, "s", &new_owner);
3400 if (r < 0)
3401 return bus_log_parse_error(r);
3402
3403 assert(!isempty(new_owner));
3404 }
3405
3406 if (UNIT_VTABLE(u)->bus_name_owner_change)
3407 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
3408
3409 return 0;
3410 }
3411
3412 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3413 const char *match;
3414 int r;
3415
3416 assert(u);
3417 assert(bus);
3418 assert(name);
3419
3420 if (u->match_bus_slot || u->get_name_owner_slot)
3421 return -EBUSY;
3422
3423 match = strjoina("type='signal',"
3424 "sender='org.freedesktop.DBus',"
3425 "path='/org/freedesktop/DBus',"
3426 "interface='org.freedesktop.DBus',"
3427 "member='NameOwnerChanged',"
3428 "arg0='", name, "'");
3429
3430 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3431 if (r < 0)
3432 return r;
3433
3434 r = sd_bus_call_method_async(
3435 bus,
3436 &u->get_name_owner_slot,
3437 "org.freedesktop.DBus",
3438 "/org/freedesktop/DBus",
3439 "org.freedesktop.DBus",
3440 "GetNameOwner",
3441 get_name_owner_handler,
3442 u,
3443 "s", name);
3444 if (r < 0) {
3445 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3446 return r;
3447 }
3448
3449 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3450 return 0;
3451 }
3452
3453 int unit_watch_bus_name(Unit *u, const char *name) {
3454 int r;
3455
3456 assert(u);
3457 assert(name);
3458
3459 /* Watch a specific name on the bus. We only support one unit
3460 * watching each name for now. */
3461
3462 if (u->manager->api_bus) {
3463 /* If the bus is already available, install the match directly.
3464 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3465 r = unit_install_bus_match(u, u->manager->api_bus, name);
3466 if (r < 0)
3467 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3468 }
3469
3470 r = hashmap_put(u->manager->watch_bus, name, u);
3471 if (r < 0) {
3472 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3473 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3474 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3475 }
3476
3477 return 0;
3478 }
3479
3480 void unit_unwatch_bus_name(Unit *u, const char *name) {
3481 assert(u);
3482 assert(name);
3483
3484 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3485 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3486 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3487 }
3488
3489 bool unit_can_serialize(Unit *u) {
3490 assert(u);
3491
3492 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3493 }
3494
3495 static int serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3496 _cleanup_free_ char *s = NULL;
3497 int r;
3498
3499 assert(f);
3500 assert(key);
3501
3502 if (mask == 0)
3503 return 0;
3504
3505 r = cg_mask_to_string(mask, &s);
3506 if (r < 0)
3507 return log_error_errno(r, "Failed to format cgroup mask: %m");
3508
3509 return serialize_item(f, key, s);
3510 }
3511
3512 static const char *const ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3513 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3514 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3515 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3516 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3517 };
3518
3519 static const char *const io_accounting_metric_field_base[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3520 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-base",
3521 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-base",
3522 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-base",
3523 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-base",
3524 };
3525
3526 static const char *const io_accounting_metric_field_last[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3527 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-last",
3528 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-last",
3529 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-last",
3530 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-last",
3531 };
3532
3533 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3534 CGroupIPAccountingMetric m;
3535 int r;
3536
3537 assert(u);
3538 assert(f);
3539 assert(fds);
3540
3541 if (unit_can_serialize(u)) {
3542 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3543 if (r < 0)
3544 return r;
3545 }
3546
3547 (void) serialize_dual_timestamp(f, "state-change-timestamp", &u->state_change_timestamp);
3548
3549 (void) serialize_dual_timestamp(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3550 (void) serialize_dual_timestamp(f, "active-enter-timestamp", &u->active_enter_timestamp);
3551 (void) serialize_dual_timestamp(f, "active-exit-timestamp", &u->active_exit_timestamp);
3552 (void) serialize_dual_timestamp(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3553
3554 (void) serialize_dual_timestamp(f, "condition-timestamp", &u->condition_timestamp);
3555 (void) serialize_dual_timestamp(f, "assert-timestamp", &u->assert_timestamp);
3556
3557 if (dual_timestamp_is_set(&u->condition_timestamp))
3558 (void) serialize_bool(f, "condition-result", u->condition_result);
3559
3560 if (dual_timestamp_is_set(&u->assert_timestamp))
3561 (void) serialize_bool(f, "assert-result", u->assert_result);
3562
3563 (void) serialize_bool(f, "transient", u->transient);
3564 (void) serialize_bool(f, "in-audit", u->in_audit);
3565
3566 (void) serialize_bool(f, "exported-invocation-id", u->exported_invocation_id);
3567 (void) serialize_bool(f, "exported-log-level-max", u->exported_log_level_max);
3568 (void) serialize_bool(f, "exported-log-extra-fields", u->exported_log_extra_fields);
3569 (void) serialize_bool(f, "exported-log-rate-limit-interval", u->exported_log_ratelimit_interval);
3570 (void) serialize_bool(f, "exported-log-rate-limit-burst", u->exported_log_ratelimit_burst);
3571
3572 (void) serialize_item_format(f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3573 if (u->cpu_usage_last != NSEC_INFINITY)
3574 (void) serialize_item_format(f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3575
3576 if (u->oom_kill_last > 0)
3577 (void) serialize_item_format(f, "oom-kill-last", "%" PRIu64, u->oom_kill_last);
3578
3579 for (CGroupIOAccountingMetric im = 0; im < _CGROUP_IO_ACCOUNTING_METRIC_MAX; im++) {
3580 (void) serialize_item_format(f, io_accounting_metric_field_base[im], "%" PRIu64, u->io_accounting_base[im]);
3581
3582 if (u->io_accounting_last[im] != UINT64_MAX)
3583 (void) serialize_item_format(f, io_accounting_metric_field_last[im], "%" PRIu64, u->io_accounting_last[im]);
3584 }
3585
3586 if (u->cgroup_path)
3587 (void) serialize_item(f, "cgroup", u->cgroup_path);
3588
3589 (void) serialize_bool(f, "cgroup-realized", u->cgroup_realized);
3590 (void) serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3591 (void) serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3592 (void) serialize_cgroup_mask(f, "cgroup-invalidated-mask", u->cgroup_invalidated_mask);
3593
3594 if (uid_is_valid(u->ref_uid))
3595 (void) serialize_item_format(f, "ref-uid", UID_FMT, u->ref_uid);
3596 if (gid_is_valid(u->ref_gid))
3597 (void) serialize_item_format(f, "ref-gid", GID_FMT, u->ref_gid);
3598
3599 if (!sd_id128_is_null(u->invocation_id))
3600 (void) serialize_item_format(f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3601
3602 (void) serialize_item_format(f, "freezer-state", "%s", freezer_state_to_string(unit_freezer_state(u)));
3603
3604 bus_track_serialize(u->bus_track, f, "ref");
3605
3606 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3607 uint64_t v;
3608
3609 r = unit_get_ip_accounting(u, m, &v);
3610 if (r >= 0)
3611 (void) serialize_item_format(f, ip_accounting_metric_field[m], "%" PRIu64, v);
3612 }
3613
3614 if (serialize_jobs) {
3615 if (u->job) {
3616 fputs("job\n", f);
3617 job_serialize(u->job, f);
3618 }
3619
3620 if (u->nop_job) {
3621 fputs("job\n", f);
3622 job_serialize(u->nop_job, f);
3623 }
3624 }
3625
3626 /* End marker */
3627 fputc('\n', f);
3628 return 0;
3629 }
3630
3631 static int unit_deserialize_job(Unit *u, FILE *f) {
3632 _cleanup_(job_freep) Job *j = NULL;
3633 int r;
3634
3635 assert(u);
3636 assert(f);
3637
3638 j = job_new_raw(u);
3639 if (!j)
3640 return log_oom();
3641
3642 r = job_deserialize(j, f);
3643 if (r < 0)
3644 return r;
3645
3646 r = job_install_deserialized(j);
3647 if (r < 0)
3648 return r;
3649
3650 TAKE_PTR(j);
3651 return 0;
3652 }
3653
3654 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3655 int r;
3656
3657 assert(u);
3658 assert(f);
3659 assert(fds);
3660
3661 for (;;) {
3662 _cleanup_free_ char *line = NULL;
3663 char *l, *v;
3664 ssize_t m;
3665 size_t k;
3666
3667 r = read_line(f, LONG_LINE_MAX, &line);
3668 if (r < 0)
3669 return log_error_errno(r, "Failed to read serialization line: %m");
3670 if (r == 0) /* eof */
3671 break;
3672
3673 l = strstrip(line);
3674 if (isempty(l)) /* End marker */
3675 break;
3676
3677 k = strcspn(l, "=");
3678
3679 if (l[k] == '=') {
3680 l[k] = 0;
3681 v = l+k+1;
3682 } else
3683 v = l+k;
3684
3685 if (streq(l, "job")) {
3686 if (v[0] == '\0') {
3687 /* New-style serialized job */
3688 r = unit_deserialize_job(u, f);
3689 if (r < 0)
3690 return r;
3691 } else /* Legacy for pre-44 */
3692 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3693 continue;
3694 } else if (streq(l, "state-change-timestamp")) {
3695 (void) deserialize_dual_timestamp(v, &u->state_change_timestamp);
3696 continue;
3697 } else if (streq(l, "inactive-exit-timestamp")) {
3698 (void) deserialize_dual_timestamp(v, &u->inactive_exit_timestamp);
3699 continue;
3700 } else if (streq(l, "active-enter-timestamp")) {
3701 (void) deserialize_dual_timestamp(v, &u->active_enter_timestamp);
3702 continue;
3703 } else if (streq(l, "active-exit-timestamp")) {
3704 (void) deserialize_dual_timestamp(v, &u->active_exit_timestamp);
3705 continue;
3706 } else if (streq(l, "inactive-enter-timestamp")) {
3707 (void) deserialize_dual_timestamp(v, &u->inactive_enter_timestamp);
3708 continue;
3709 } else if (streq(l, "condition-timestamp")) {
3710 (void) deserialize_dual_timestamp(v, &u->condition_timestamp);
3711 continue;
3712 } else if (streq(l, "assert-timestamp")) {
3713 (void) deserialize_dual_timestamp(v, &u->assert_timestamp);
3714 continue;
3715 } else if (streq(l, "condition-result")) {
3716
3717 r = parse_boolean(v);
3718 if (r < 0)
3719 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3720 else
3721 u->condition_result = r;
3722
3723 continue;
3724
3725 } else if (streq(l, "assert-result")) {
3726
3727 r = parse_boolean(v);
3728 if (r < 0)
3729 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3730 else
3731 u->assert_result = r;
3732
3733 continue;
3734
3735 } else if (streq(l, "transient")) {
3736
3737 r = parse_boolean(v);
3738 if (r < 0)
3739 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3740 else
3741 u->transient = r;
3742
3743 continue;
3744
3745 } else if (streq(l, "in-audit")) {
3746
3747 r = parse_boolean(v);
3748 if (r < 0)
3749 log_unit_debug(u, "Failed to parse in-audit bool %s, ignoring.", v);
3750 else
3751 u->in_audit = r;
3752
3753 continue;
3754
3755 } else if (streq(l, "exported-invocation-id")) {
3756
3757 r = parse_boolean(v);
3758 if (r < 0)
3759 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3760 else
3761 u->exported_invocation_id = r;
3762
3763 continue;
3764
3765 } else if (streq(l, "exported-log-level-max")) {
3766
3767 r = parse_boolean(v);
3768 if (r < 0)
3769 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3770 else
3771 u->exported_log_level_max = r;
3772
3773 continue;
3774
3775 } else if (streq(l, "exported-log-extra-fields")) {
3776
3777 r = parse_boolean(v);
3778 if (r < 0)
3779 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3780 else
3781 u->exported_log_extra_fields = r;
3782
3783 continue;
3784
3785 } else if (streq(l, "exported-log-rate-limit-interval")) {
3786
3787 r = parse_boolean(v);
3788 if (r < 0)
3789 log_unit_debug(u, "Failed to parse exported log rate limit interval %s, ignoring.", v);
3790 else
3791 u->exported_log_ratelimit_interval = r;
3792
3793 continue;
3794
3795 } else if (streq(l, "exported-log-rate-limit-burst")) {
3796
3797 r = parse_boolean(v);
3798 if (r < 0)
3799 log_unit_debug(u, "Failed to parse exported log rate limit burst %s, ignoring.", v);
3800 else
3801 u->exported_log_ratelimit_burst = r;
3802
3803 continue;
3804
3805 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3806
3807 r = safe_atou64(v, &u->cpu_usage_base);
3808 if (r < 0)
3809 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3810
3811 continue;
3812
3813 } else if (streq(l, "cpu-usage-last")) {
3814
3815 r = safe_atou64(v, &u->cpu_usage_last);
3816 if (r < 0)
3817 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3818
3819 continue;
3820
3821 } else if (streq(l, "oom-kill-last")) {
3822
3823 r = safe_atou64(v, &u->oom_kill_last);
3824 if (r < 0)
3825 log_unit_debug(u, "Failed to read OOM kill last %s, ignoring.", v);
3826
3827 continue;
3828
3829 } else if (streq(l, "cgroup")) {
3830
3831 r = unit_set_cgroup_path(u, v);
3832 if (r < 0)
3833 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3834
3835 (void) unit_watch_cgroup(u);
3836 (void) unit_watch_cgroup_memory(u);
3837
3838 continue;
3839 } else if (streq(l, "cgroup-realized")) {
3840 int b;
3841
3842 b = parse_boolean(v);
3843 if (b < 0)
3844 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3845 else
3846 u->cgroup_realized = b;
3847
3848 continue;
3849
3850 } else if (streq(l, "cgroup-realized-mask")) {
3851
3852 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3853 if (r < 0)
3854 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3855 continue;
3856
3857 } else if (streq(l, "cgroup-enabled-mask")) {
3858
3859 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3860 if (r < 0)
3861 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3862 continue;
3863
3864 } else if (streq(l, "cgroup-invalidated-mask")) {
3865
3866 r = cg_mask_from_string(v, &u->cgroup_invalidated_mask);
3867 if (r < 0)
3868 log_unit_debug(u, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v);
3869 continue;
3870
3871 } else if (streq(l, "ref-uid")) {
3872 uid_t uid;
3873
3874 r = parse_uid(v, &uid);
3875 if (r < 0)
3876 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3877 else
3878 unit_ref_uid_gid(u, uid, GID_INVALID);
3879
3880 continue;
3881
3882 } else if (streq(l, "ref-gid")) {
3883 gid_t gid;
3884
3885 r = parse_gid(v, &gid);
3886 if (r < 0)
3887 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3888 else
3889 unit_ref_uid_gid(u, UID_INVALID, gid);
3890
3891 continue;
3892
3893 } else if (streq(l, "ref")) {
3894
3895 r = strv_extend(&u->deserialized_refs, v);
3896 if (r < 0)
3897 return log_oom();
3898
3899 continue;
3900 } else if (streq(l, "invocation-id")) {
3901 sd_id128_t id;
3902
3903 r = sd_id128_from_string(v, &id);
3904 if (r < 0)
3905 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3906 else {
3907 r = unit_set_invocation_id(u, id);
3908 if (r < 0)
3909 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3910 }
3911
3912 continue;
3913 } else if (streq(l, "freezer-state")) {
3914 FreezerState s;
3915
3916 s = freezer_state_from_string(v);
3917 if (s < 0)
3918 log_unit_debug(u, "Failed to deserialize freezer-state '%s', ignoring.", v);
3919 else
3920 u->freezer_state = s;
3921
3922 continue;
3923 }
3924
3925 /* Check if this is an IP accounting metric serialization field */
3926 m = string_table_lookup(ip_accounting_metric_field, ELEMENTSOF(ip_accounting_metric_field), l);
3927 if (m >= 0) {
3928 uint64_t c;
3929
3930 r = safe_atou64(v, &c);
3931 if (r < 0)
3932 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3933 else
3934 u->ip_accounting_extra[m] = c;
3935 continue;
3936 }
3937
3938 m = string_table_lookup(io_accounting_metric_field_base, ELEMENTSOF(io_accounting_metric_field_base), l);
3939 if (m >= 0) {
3940 uint64_t c;
3941
3942 r = safe_atou64(v, &c);
3943 if (r < 0)
3944 log_unit_debug(u, "Failed to parse IO accounting base value %s, ignoring.", v);
3945 else
3946 u->io_accounting_base[m] = c;
3947 continue;
3948 }
3949
3950 m = string_table_lookup(io_accounting_metric_field_last, ELEMENTSOF(io_accounting_metric_field_last), l);
3951 if (m >= 0) {
3952 uint64_t c;
3953
3954 r = safe_atou64(v, &c);
3955 if (r < 0)
3956 log_unit_debug(u, "Failed to parse IO accounting last value %s, ignoring.", v);
3957 else
3958 u->io_accounting_last[m] = c;
3959 continue;
3960 }
3961
3962 if (unit_can_serialize(u)) {
3963 r = exec_runtime_deserialize_compat(u, l, v, fds);
3964 if (r < 0) {
3965 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3966 continue;
3967 }
3968
3969 /* Returns positive if key was handled by the call */
3970 if (r > 0)
3971 continue;
3972
3973 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3974 if (r < 0)
3975 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3976 }
3977 }
3978
3979 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3980 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3981 * before 228 where the base for timeouts was not persistent across reboots. */
3982
3983 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3984 dual_timestamp_get(&u->state_change_timestamp);
3985
3986 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3987 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3988 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3989 unit_invalidate_cgroup_bpf(u);
3990
3991 return 0;
3992 }
3993
3994 int unit_deserialize_skip(FILE *f) {
3995 int r;
3996 assert(f);
3997
3998 /* Skip serialized data for this unit. We don't know what it is. */
3999
4000 for (;;) {
4001 _cleanup_free_ char *line = NULL;
4002 char *l;
4003
4004 r = read_line(f, LONG_LINE_MAX, &line);
4005 if (r < 0)
4006 return log_error_errno(r, "Failed to read serialization line: %m");
4007 if (r == 0)
4008 return 0;
4009
4010 l = strstrip(line);
4011
4012 /* End marker */
4013 if (isempty(l))
4014 return 1;
4015 }
4016 }
4017
4018 int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
4019 _cleanup_free_ char *e = NULL;
4020 Unit *device;
4021 int r;
4022
4023 assert(u);
4024
4025 /* Adds in links to the device node that this unit is based on */
4026 if (isempty(what))
4027 return 0;
4028
4029 if (!is_device_path(what))
4030 return 0;
4031
4032 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
4033 if (!unit_type_supported(UNIT_DEVICE))
4034 return 0;
4035
4036 r = unit_name_from_path(what, ".device", &e);
4037 if (r < 0)
4038 return r;
4039
4040 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
4041 if (r < 0)
4042 return r;
4043
4044 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
4045 dep = UNIT_BINDS_TO;
4046
4047 return unit_add_two_dependencies(u, UNIT_AFTER,
4048 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
4049 device, true, mask);
4050 }
4051
4052 int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
4053 _cleanup_free_ char *escaped = NULL, *target = NULL;
4054 int r;
4055
4056 assert(u);
4057
4058 if (isempty(what))
4059 return 0;
4060
4061 if (!path_startswith(what, "/dev/"))
4062 return 0;
4063
4064 /* If we don't support devices, then also don't bother with blockdev@.target */
4065 if (!unit_type_supported(UNIT_DEVICE))
4066 return 0;
4067
4068 r = unit_name_path_escape(what, &escaped);
4069 if (r < 0)
4070 return r;
4071
4072 r = unit_name_build("blockdev", escaped, ".target", &target);
4073 if (r < 0)
4074 return r;
4075
4076 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
4077 }
4078
4079 int unit_coldplug(Unit *u) {
4080 int r = 0, q;
4081 char **i;
4082 Job *uj;
4083
4084 assert(u);
4085
4086 /* Make sure we don't enter a loop, when coldplugging recursively. */
4087 if (u->coldplugged)
4088 return 0;
4089
4090 u->coldplugged = true;
4091
4092 STRV_FOREACH(i, u->deserialized_refs) {
4093 q = bus_unit_track_add_name(u, *i);
4094 if (q < 0 && r >= 0)
4095 r = q;
4096 }
4097 u->deserialized_refs = strv_free(u->deserialized_refs);
4098
4099 if (UNIT_VTABLE(u)->coldplug) {
4100 q = UNIT_VTABLE(u)->coldplug(u);
4101 if (q < 0 && r >= 0)
4102 r = q;
4103 }
4104
4105 uj = u->job ?: u->nop_job;
4106 if (uj) {
4107 q = job_coldplug(uj);
4108 if (q < 0 && r >= 0)
4109 r = q;
4110 }
4111
4112 return r;
4113 }
4114
4115 void unit_catchup(Unit *u) {
4116 assert(u);
4117
4118 if (UNIT_VTABLE(u)->catchup)
4119 UNIT_VTABLE(u)->catchup(u);
4120 }
4121
4122 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
4123 struct stat st;
4124
4125 if (!path)
4126 return false;
4127
4128 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
4129 * are never out-of-date. */
4130 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
4131 return false;
4132
4133 if (stat(path, &st) < 0)
4134 /* What, cannot access this anymore? */
4135 return true;
4136
4137 if (path_masked)
4138 /* For masked files check if they are still so */
4139 return !null_or_empty(&st);
4140 else
4141 /* For non-empty files check the mtime */
4142 return timespec_load(&st.st_mtim) > mtime;
4143
4144 return false;
4145 }
4146
4147 bool unit_need_daemon_reload(Unit *u) {
4148 _cleanup_strv_free_ char **t = NULL;
4149 char **path;
4150
4151 assert(u);
4152
4153 /* For unit files, we allow masking… */
4154 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
4155 u->load_state == UNIT_MASKED))
4156 return true;
4157
4158 /* Source paths should not be masked… */
4159 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
4160 return true;
4161
4162 if (u->load_state == UNIT_LOADED)
4163 (void) unit_find_dropin_paths(u, &t);
4164 if (!strv_equal(u->dropin_paths, t))
4165 return true;
4166
4167 /* … any drop-ins that are masked are simply omitted from the list. */
4168 STRV_FOREACH(path, u->dropin_paths)
4169 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
4170 return true;
4171
4172 return false;
4173 }
4174
4175 void unit_reset_failed(Unit *u) {
4176 assert(u);
4177
4178 if (UNIT_VTABLE(u)->reset_failed)
4179 UNIT_VTABLE(u)->reset_failed(u);
4180
4181 ratelimit_reset(&u->start_ratelimit);
4182 u->start_limit_hit = false;
4183 }
4184
4185 Unit *unit_following(Unit *u) {
4186 assert(u);
4187
4188 if (UNIT_VTABLE(u)->following)
4189 return UNIT_VTABLE(u)->following(u);
4190
4191 return NULL;
4192 }
4193
4194 bool unit_stop_pending(Unit *u) {
4195 assert(u);
4196
4197 /* This call does check the current state of the unit. It's
4198 * hence useful to be called from state change calls of the
4199 * unit itself, where the state isn't updated yet. This is
4200 * different from unit_inactive_or_pending() which checks both
4201 * the current state and for a queued job. */
4202
4203 return unit_has_job_type(u, JOB_STOP);
4204 }
4205
4206 bool unit_inactive_or_pending(Unit *u) {
4207 assert(u);
4208
4209 /* Returns true if the unit is inactive or going down */
4210
4211 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
4212 return true;
4213
4214 if (unit_stop_pending(u))
4215 return true;
4216
4217 return false;
4218 }
4219
4220 bool unit_active_or_pending(Unit *u) {
4221 assert(u);
4222
4223 /* Returns true if the unit is active or going up */
4224
4225 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
4226 return true;
4227
4228 if (u->job &&
4229 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
4230 return true;
4231
4232 return false;
4233 }
4234
4235 bool unit_will_restart_default(Unit *u) {
4236 assert(u);
4237
4238 return unit_has_job_type(u, JOB_START);
4239 }
4240
4241 bool unit_will_restart(Unit *u) {
4242 assert(u);
4243
4244 if (!UNIT_VTABLE(u)->will_restart)
4245 return false;
4246
4247 return UNIT_VTABLE(u)->will_restart(u);
4248 }
4249
4250 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
4251 assert(u);
4252 assert(w >= 0 && w < _KILL_WHO_MAX);
4253 assert(SIGNAL_VALID(signo));
4254
4255 if (!UNIT_VTABLE(u)->kill)
4256 return -EOPNOTSUPP;
4257
4258 return UNIT_VTABLE(u)->kill(u, w, signo, error);
4259 }
4260
4261 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
4262 _cleanup_set_free_ Set *pid_set = NULL;
4263 int r;
4264
4265 pid_set = set_new(NULL);
4266 if (!pid_set)
4267 return NULL;
4268
4269 /* Exclude the main/control pids from being killed via the cgroup */
4270 if (main_pid > 0) {
4271 r = set_put(pid_set, PID_TO_PTR(main_pid));
4272 if (r < 0)
4273 return NULL;
4274 }
4275
4276 if (control_pid > 0) {
4277 r = set_put(pid_set, PID_TO_PTR(control_pid));
4278 if (r < 0)
4279 return NULL;
4280 }
4281
4282 return TAKE_PTR(pid_set);
4283 }
4284
4285 int unit_kill_common(
4286 Unit *u,
4287 KillWho who,
4288 int signo,
4289 pid_t main_pid,
4290 pid_t control_pid,
4291 sd_bus_error *error) {
4292
4293 int r = 0;
4294 bool killed = false;
4295
4296 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
4297 if (main_pid < 0)
4298 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
4299 else if (main_pid == 0)
4300 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
4301 }
4302
4303 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
4304 if (control_pid < 0)
4305 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
4306 else if (control_pid == 0)
4307 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
4308 }
4309
4310 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
4311 if (control_pid > 0) {
4312 if (kill(control_pid, signo) < 0)
4313 r = -errno;
4314 else
4315 killed = true;
4316 }
4317
4318 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
4319 if (main_pid > 0) {
4320 if (kill(main_pid, signo) < 0)
4321 r = -errno;
4322 else
4323 killed = true;
4324 }
4325
4326 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
4327 _cleanup_set_free_ Set *pid_set = NULL;
4328 int q;
4329
4330 /* Exclude the main/control pids from being killed via the cgroup */
4331 pid_set = unit_pid_set(main_pid, control_pid);
4332 if (!pid_set)
4333 return -ENOMEM;
4334
4335 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
4336 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
4337 r = q;
4338 else
4339 killed = true;
4340 }
4341
4342 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
4343 return -ESRCH;
4344
4345 return r;
4346 }
4347
4348 int unit_following_set(Unit *u, Set **s) {
4349 assert(u);
4350 assert(s);
4351
4352 if (UNIT_VTABLE(u)->following_set)
4353 return UNIT_VTABLE(u)->following_set(u, s);
4354
4355 *s = NULL;
4356 return 0;
4357 }
4358
4359 UnitFileState unit_get_unit_file_state(Unit *u) {
4360 int r;
4361
4362 assert(u);
4363
4364 if (u->unit_file_state < 0 && u->fragment_path) {
4365 r = unit_file_get_state(
4366 u->manager->unit_file_scope,
4367 NULL,
4368 u->id,
4369 &u->unit_file_state);
4370 if (r < 0)
4371 u->unit_file_state = UNIT_FILE_BAD;
4372 }
4373
4374 return u->unit_file_state;
4375 }
4376
4377 int unit_get_unit_file_preset(Unit *u) {
4378 assert(u);
4379
4380 if (u->unit_file_preset < 0 && u->fragment_path)
4381 u->unit_file_preset = unit_file_query_preset(
4382 u->manager->unit_file_scope,
4383 NULL,
4384 basename(u->fragment_path),
4385 NULL);
4386
4387 return u->unit_file_preset;
4388 }
4389
4390 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4391 assert(ref);
4392 assert(source);
4393 assert(target);
4394
4395 if (ref->target)
4396 unit_ref_unset(ref);
4397
4398 ref->source = source;
4399 ref->target = target;
4400 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4401 return target;
4402 }
4403
4404 void unit_ref_unset(UnitRef *ref) {
4405 assert(ref);
4406
4407 if (!ref->target)
4408 return;
4409
4410 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4411 * be unreferenced now. */
4412 unit_add_to_gc_queue(ref->target);
4413
4414 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4415 ref->source = ref->target = NULL;
4416 }
4417
4418 static int user_from_unit_name(Unit *u, char **ret) {
4419
4420 static const uint8_t hash_key[] = {
4421 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4422 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4423 };
4424
4425 _cleanup_free_ char *n = NULL;
4426 int r;
4427
4428 r = unit_name_to_prefix(u->id, &n);
4429 if (r < 0)
4430 return r;
4431
4432 if (valid_user_group_name(n, 0)) {
4433 *ret = TAKE_PTR(n);
4434 return 0;
4435 }
4436
4437 /* If we can't use the unit name as a user name, then let's hash it and use that */
4438 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4439 return -ENOMEM;
4440
4441 return 0;
4442 }
4443
4444 int unit_patch_contexts(Unit *u) {
4445 CGroupContext *cc;
4446 ExecContext *ec;
4447 unsigned i;
4448 int r;
4449
4450 assert(u);
4451
4452 /* Patch in the manager defaults into the exec and cgroup
4453 * contexts, _after_ the rest of the settings have been
4454 * initialized */
4455
4456 ec = unit_get_exec_context(u);
4457 if (ec) {
4458 /* This only copies in the ones that need memory */
4459 for (i = 0; i < _RLIMIT_MAX; i++)
4460 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4461 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4462 if (!ec->rlimit[i])
4463 return -ENOMEM;
4464 }
4465
4466 if (MANAGER_IS_USER(u->manager) &&
4467 !ec->working_directory) {
4468
4469 r = get_home_dir(&ec->working_directory);
4470 if (r < 0)
4471 return r;
4472
4473 /* Allow user services to run, even if the
4474 * home directory is missing */
4475 ec->working_directory_missing_ok = true;
4476 }
4477
4478 if (ec->private_devices)
4479 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4480
4481 if (ec->protect_kernel_modules)
4482 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4483
4484 if (ec->protect_kernel_logs)
4485 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4486
4487 if (ec->protect_clock)
4488 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4489
4490 if (ec->dynamic_user) {
4491 if (!ec->user) {
4492 r = user_from_unit_name(u, &ec->user);
4493 if (r < 0)
4494 return r;
4495 }
4496
4497 if (!ec->group) {
4498 ec->group = strdup(ec->user);
4499 if (!ec->group)
4500 return -ENOMEM;
4501 }
4502
4503 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4504 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4505 * sandbox. */
4506
4507 ec->private_tmp = true;
4508 ec->remove_ipc = true;
4509 ec->protect_system = PROTECT_SYSTEM_STRICT;
4510 if (ec->protect_home == PROTECT_HOME_NO)
4511 ec->protect_home = PROTECT_HOME_READ_ONLY;
4512
4513 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4514 * them. */
4515 ec->no_new_privileges = true;
4516 ec->restrict_suid_sgid = true;
4517 }
4518 }
4519
4520 cc = unit_get_cgroup_context(u);
4521 if (cc && ec) {
4522
4523 if (ec->private_devices &&
4524 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4525 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
4526
4527 if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
4528 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
4529 const char *p;
4530
4531 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4532 FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
4533 r = cgroup_add_device_allow(cc, p, "rw");
4534 if (r < 0)
4535 return r;
4536 }
4537 FOREACH_STRING(p, "block-loop", "block-blkext", "block-device-mapper") {
4538 r = cgroup_add_device_allow(cc, p, "rwm");
4539 if (r < 0)
4540 return r;
4541 }
4542
4543 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4544 * Same for mapper and verity. */
4545 FOREACH_STRING(p, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4546 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, p, true, UNIT_DEPENDENCY_FILE);
4547 if (r < 0)
4548 return r;
4549 }
4550 }
4551
4552 if (ec->protect_clock) {
4553 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4554 if (r < 0)
4555 return r;
4556 }
4557 }
4558
4559 return 0;
4560 }
4561
4562 ExecContext *unit_get_exec_context(Unit *u) {
4563 size_t offset;
4564 assert(u);
4565
4566 if (u->type < 0)
4567 return NULL;
4568
4569 offset = UNIT_VTABLE(u)->exec_context_offset;
4570 if (offset <= 0)
4571 return NULL;
4572
4573 return (ExecContext*) ((uint8_t*) u + offset);
4574 }
4575
4576 KillContext *unit_get_kill_context(Unit *u) {
4577 size_t offset;
4578 assert(u);
4579
4580 if (u->type < 0)
4581 return NULL;
4582
4583 offset = UNIT_VTABLE(u)->kill_context_offset;
4584 if (offset <= 0)
4585 return NULL;
4586
4587 return (KillContext*) ((uint8_t*) u + offset);
4588 }
4589
4590 CGroupContext *unit_get_cgroup_context(Unit *u) {
4591 size_t offset;
4592
4593 if (u->type < 0)
4594 return NULL;
4595
4596 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4597 if (offset <= 0)
4598 return NULL;
4599
4600 return (CGroupContext*) ((uint8_t*) u + offset);
4601 }
4602
4603 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4604 size_t offset;
4605
4606 if (u->type < 0)
4607 return NULL;
4608
4609 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4610 if (offset <= 0)
4611 return NULL;
4612
4613 return *(ExecRuntime**) ((uint8_t*) u + offset);
4614 }
4615
4616 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4617 assert(u);
4618
4619 if (UNIT_WRITE_FLAGS_NOOP(flags))
4620 return NULL;
4621
4622 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4623 return u->manager->lookup_paths.transient;
4624
4625 if (flags & UNIT_PERSISTENT)
4626 return u->manager->lookup_paths.persistent_control;
4627
4628 if (flags & UNIT_RUNTIME)
4629 return u->manager->lookup_paths.runtime_control;
4630
4631 return NULL;
4632 }
4633
4634 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4635 char *ret = NULL;
4636
4637 if (!s)
4638 return NULL;
4639
4640 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4641 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4642 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4643 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4644 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4645 * allocations. */
4646
4647 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4648 ret = specifier_escape(s);
4649 if (!ret)
4650 return NULL;
4651
4652 s = ret;
4653 }
4654
4655 if (flags & UNIT_ESCAPE_C) {
4656 char *a;
4657
4658 a = cescape(s);
4659 free(ret);
4660 if (!a)
4661 return NULL;
4662
4663 ret = a;
4664 }
4665
4666 if (buf) {
4667 *buf = ret;
4668 return ret ?: (char*) s;
4669 }
4670
4671 return ret ?: strdup(s);
4672 }
4673
4674 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4675 _cleanup_free_ char *result = NULL;
4676 size_t n = 0, allocated = 0;
4677 char **i;
4678
4679 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4680 * way suitable for ExecStart= stanzas */
4681
4682 STRV_FOREACH(i, l) {
4683 _cleanup_free_ char *buf = NULL;
4684 const char *p;
4685 size_t a;
4686 char *q;
4687
4688 p = unit_escape_setting(*i, flags, &buf);
4689 if (!p)
4690 return NULL;
4691
4692 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4693 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4694 return NULL;
4695
4696 q = result + n;
4697 if (n > 0)
4698 *(q++) = ' ';
4699
4700 *(q++) = '"';
4701 q = stpcpy(q, p);
4702 *(q++) = '"';
4703
4704 n += a;
4705 }
4706
4707 if (!GREEDY_REALLOC(result, allocated, n + 1))
4708 return NULL;
4709
4710 result[n] = 0;
4711
4712 return TAKE_PTR(result);
4713 }
4714
4715 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4716 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4717 const char *dir, *wrapped;
4718 int r;
4719
4720 assert(u);
4721 assert(name);
4722 assert(data);
4723
4724 if (UNIT_WRITE_FLAGS_NOOP(flags))
4725 return 0;
4726
4727 data = unit_escape_setting(data, flags, &escaped);
4728 if (!data)
4729 return -ENOMEM;
4730
4731 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4732 * previous section header is the same */
4733
4734 if (flags & UNIT_PRIVATE) {
4735 if (!UNIT_VTABLE(u)->private_section)
4736 return -EINVAL;
4737
4738 if (!u->transient_file || u->last_section_private < 0)
4739 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4740 else if (u->last_section_private == 0)
4741 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4742 } else {
4743 if (!u->transient_file || u->last_section_private < 0)
4744 data = strjoina("[Unit]\n", data);
4745 else if (u->last_section_private > 0)
4746 data = strjoina("\n[Unit]\n", data);
4747 }
4748
4749 if (u->transient_file) {
4750 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4751 * write to the transient unit file. */
4752 fputs(data, u->transient_file);
4753
4754 if (!endswith(data, "\n"))
4755 fputc('\n', u->transient_file);
4756
4757 /* Remember which section we wrote this entry to */
4758 u->last_section_private = !!(flags & UNIT_PRIVATE);
4759 return 0;
4760 }
4761
4762 dir = unit_drop_in_dir(u, flags);
4763 if (!dir)
4764 return -EINVAL;
4765
4766 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4767 "# or an equivalent operation. Do not edit.\n",
4768 data,
4769 "\n");
4770
4771 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4772 if (r < 0)
4773 return r;
4774
4775 (void) mkdir_p_label(p, 0755);
4776
4777 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4778 * recreate the cache after every drop-in we write. */
4779 if (u->manager->unit_path_cache) {
4780 r = set_put_strdup(&u->manager->unit_path_cache, p);
4781 if (r < 0)
4782 return r;
4783 }
4784
4785 r = write_string_file_atomic_label(q, wrapped);
4786 if (r < 0)
4787 return r;
4788
4789 r = strv_push(&u->dropin_paths, q);
4790 if (r < 0)
4791 return r;
4792 q = NULL;
4793
4794 strv_uniq(u->dropin_paths);
4795
4796 u->dropin_mtime = now(CLOCK_REALTIME);
4797
4798 return 0;
4799 }
4800
4801 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4802 _cleanup_free_ char *p = NULL;
4803 va_list ap;
4804 int r;
4805
4806 assert(u);
4807 assert(name);
4808 assert(format);
4809
4810 if (UNIT_WRITE_FLAGS_NOOP(flags))
4811 return 0;
4812
4813 va_start(ap, format);
4814 r = vasprintf(&p, format, ap);
4815 va_end(ap);
4816
4817 if (r < 0)
4818 return -ENOMEM;
4819
4820 return unit_write_setting(u, flags, name, p);
4821 }
4822
4823 int unit_make_transient(Unit *u) {
4824 _cleanup_free_ char *path = NULL;
4825 FILE *f;
4826
4827 assert(u);
4828
4829 if (!UNIT_VTABLE(u)->can_transient)
4830 return -EOPNOTSUPP;
4831
4832 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4833
4834 path = path_join(u->manager->lookup_paths.transient, u->id);
4835 if (!path)
4836 return -ENOMEM;
4837
4838 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4839 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4840
4841 RUN_WITH_UMASK(0022) {
4842 f = fopen(path, "we");
4843 if (!f)
4844 return -errno;
4845 }
4846
4847 safe_fclose(u->transient_file);
4848 u->transient_file = f;
4849
4850 free_and_replace(u->fragment_path, path);
4851
4852 u->source_path = mfree(u->source_path);
4853 u->dropin_paths = strv_free(u->dropin_paths);
4854 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4855
4856 u->load_state = UNIT_STUB;
4857 u->load_error = 0;
4858 u->transient = true;
4859
4860 unit_add_to_dbus_queue(u);
4861 unit_add_to_gc_queue(u);
4862
4863 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4864 u->transient_file);
4865
4866 return 0;
4867 }
4868
4869 static int log_kill(pid_t pid, int sig, void *userdata) {
4870 _cleanup_free_ char *comm = NULL;
4871
4872 (void) get_process_comm(pid, &comm);
4873
4874 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4875 only, like for example systemd's own PAM stub process. */
4876 if (comm && comm[0] == '(')
4877 return 0;
4878
4879 log_unit_notice(userdata,
4880 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4881 pid,
4882 strna(comm),
4883 signal_to_string(sig));
4884
4885 return 1;
4886 }
4887
4888 static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
4889 assert(c);
4890
4891 switch (k) {
4892
4893 case KILL_TERMINATE:
4894 case KILL_TERMINATE_AND_LOG:
4895 *noteworthy = false;
4896 return c->kill_signal;
4897
4898 case KILL_RESTART:
4899 *noteworthy = false;
4900 return restart_kill_signal(c);
4901
4902 case KILL_KILL:
4903 *noteworthy = true;
4904 return c->final_kill_signal;
4905
4906 case KILL_WATCHDOG:
4907 *noteworthy = true;
4908 return c->watchdog_signal;
4909
4910 default:
4911 assert_not_reached("KillOperation unknown");
4912 }
4913 }
4914
4915 int unit_kill_context(
4916 Unit *u,
4917 KillContext *c,
4918 KillOperation k,
4919 pid_t main_pid,
4920 pid_t control_pid,
4921 bool main_pid_alien) {
4922
4923 bool wait_for_exit = false, send_sighup;
4924 cg_kill_log_func_t log_func = NULL;
4925 int sig, r;
4926
4927 assert(u);
4928 assert(c);
4929
4930 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4931 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4932
4933 if (c->kill_mode == KILL_NONE)
4934 return 0;
4935
4936 bool noteworthy;
4937 sig = operation_to_signal(c, k, &noteworthy);
4938 if (noteworthy)
4939 log_func = log_kill;
4940
4941 send_sighup =
4942 c->send_sighup &&
4943 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4944 sig != SIGHUP;
4945
4946 if (main_pid > 0) {
4947 if (log_func)
4948 log_func(main_pid, sig, u);
4949
4950 r = kill_and_sigcont(main_pid, sig);
4951 if (r < 0 && r != -ESRCH) {
4952 _cleanup_free_ char *comm = NULL;
4953 (void) get_process_comm(main_pid, &comm);
4954
4955 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4956 } else {
4957 if (!main_pid_alien)
4958 wait_for_exit = true;
4959
4960 if (r != -ESRCH && send_sighup)
4961 (void) kill(main_pid, SIGHUP);
4962 }
4963 }
4964
4965 if (control_pid > 0) {
4966 if (log_func)
4967 log_func(control_pid, sig, u);
4968
4969 r = kill_and_sigcont(control_pid, sig);
4970 if (r < 0 && r != -ESRCH) {
4971 _cleanup_free_ char *comm = NULL;
4972 (void) get_process_comm(control_pid, &comm);
4973
4974 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4975 } else {
4976 wait_for_exit = true;
4977
4978 if (r != -ESRCH && send_sighup)
4979 (void) kill(control_pid, SIGHUP);
4980 }
4981 }
4982
4983 if (u->cgroup_path &&
4984 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4985 _cleanup_set_free_ Set *pid_set = NULL;
4986
4987 /* Exclude the main/control pids from being killed via the cgroup */
4988 pid_set = unit_pid_set(main_pid, control_pid);
4989 if (!pid_set)
4990 return -ENOMEM;
4991
4992 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4993 sig,
4994 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4995 pid_set,
4996 log_func, u);
4997 if (r < 0) {
4998 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4999 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
5000
5001 } else if (r > 0) {
5002
5003 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
5004 * we are running in a container or if this is a delegation unit, simply because cgroup
5005 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
5006 * of containers it can be confused easily by left-over directories in the cgroup — which
5007 * however should not exist in non-delegated units. On the unified hierarchy that's different,
5008 * there we get proper events. Hence rely on them. */
5009
5010 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
5011 (detect_container() == 0 && !unit_cgroup_delegate(u)))
5012 wait_for_exit = true;
5013
5014 if (send_sighup) {
5015 set_free(pid_set);
5016
5017 pid_set = unit_pid_set(main_pid, control_pid);
5018 if (!pid_set)
5019 return -ENOMEM;
5020
5021 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
5022 SIGHUP,
5023 CGROUP_IGNORE_SELF,
5024 pid_set,
5025 NULL, NULL);
5026 }
5027 }
5028 }
5029
5030 return wait_for_exit;
5031 }
5032
5033 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
5034 _cleanup_free_ char *p = NULL;
5035 UnitDependencyInfo di;
5036 int r;
5037
5038 assert(u);
5039 assert(path);
5040
5041 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
5042 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
5043 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
5044 * determine which units to make themselves a dependency of. */
5045
5046 if (!path_is_absolute(path))
5047 return -EINVAL;
5048
5049 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
5050 if (r < 0)
5051 return r;
5052
5053 p = strdup(path);
5054 if (!p)
5055 return -ENOMEM;
5056
5057 path = path_simplify(p, true);
5058
5059 if (!path_is_normalized(path))
5060 return -EPERM;
5061
5062 if (hashmap_contains(u->requires_mounts_for, path))
5063 return 0;
5064
5065 di = (UnitDependencyInfo) {
5066 .origin_mask = mask
5067 };
5068
5069 r = hashmap_put(u->requires_mounts_for, path, di.data);
5070 if (r < 0)
5071 return r;
5072 p = NULL;
5073
5074 char prefix[strlen(path) + 1];
5075 PATH_FOREACH_PREFIX_MORE(prefix, path) {
5076 Set *x;
5077
5078 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
5079 if (!x) {
5080 _cleanup_free_ char *q = NULL;
5081
5082 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
5083 if (r < 0)
5084 return r;
5085
5086 q = strdup(prefix);
5087 if (!q)
5088 return -ENOMEM;
5089
5090 x = set_new(NULL);
5091 if (!x)
5092 return -ENOMEM;
5093
5094 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
5095 if (r < 0) {
5096 set_free(x);
5097 return r;
5098 }
5099 q = NULL;
5100 }
5101
5102 r = set_put(x, u);
5103 if (r < 0)
5104 return r;
5105 }
5106
5107 return 0;
5108 }
5109
5110 int unit_setup_exec_runtime(Unit *u) {
5111 ExecRuntime **rt;
5112 size_t offset;
5113 Unit *other;
5114 Iterator i;
5115 void *v;
5116 int r;
5117
5118 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5119 assert(offset > 0);
5120
5121 /* Check if there already is an ExecRuntime for this unit? */
5122 rt = (ExecRuntime**) ((uint8_t*) u + offset);
5123 if (*rt)
5124 return 0;
5125
5126 /* Try to get it from somebody else */
5127 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
5128 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
5129 if (r == 1)
5130 return 1;
5131 }
5132
5133 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
5134 }
5135
5136 int unit_setup_dynamic_creds(Unit *u) {
5137 ExecContext *ec;
5138 DynamicCreds *dcreds;
5139 size_t offset;
5140
5141 assert(u);
5142
5143 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
5144 assert(offset > 0);
5145 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
5146
5147 ec = unit_get_exec_context(u);
5148 assert(ec);
5149
5150 if (!ec->dynamic_user)
5151 return 0;
5152
5153 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
5154 }
5155
5156 bool unit_type_supported(UnitType t) {
5157 if (_unlikely_(t < 0))
5158 return false;
5159 if (_unlikely_(t >= _UNIT_TYPE_MAX))
5160 return false;
5161
5162 if (!unit_vtable[t]->supported)
5163 return true;
5164
5165 return unit_vtable[t]->supported();
5166 }
5167
5168 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5169 int r;
5170
5171 assert(u);
5172 assert(where);
5173
5174 r = dir_is_empty(where);
5175 if (r > 0 || r == -ENOTDIR)
5176 return;
5177 if (r < 0) {
5178 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5179 return;
5180 }
5181
5182 log_struct(LOG_NOTICE,
5183 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5184 LOG_UNIT_ID(u),
5185 LOG_UNIT_INVOCATION_ID(u),
5186 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
5187 "WHERE=%s", where);
5188 }
5189
5190 int unit_fail_if_noncanonical(Unit *u, const char* where) {
5191 _cleanup_free_ char *canonical_where = NULL;
5192 int r;
5193
5194 assert(u);
5195 assert(where);
5196
5197 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
5198 if (r < 0) {
5199 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
5200 return 0;
5201 }
5202
5203 /* We will happily ignore a trailing slash (or any redundant slashes) */
5204 if (path_equal(where, canonical_where))
5205 return 0;
5206
5207 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5208 log_struct(LOG_ERR,
5209 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5210 LOG_UNIT_ID(u),
5211 LOG_UNIT_INVOCATION_ID(u),
5212 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
5213 "WHERE=%s", where);
5214
5215 return -ELOOP;
5216 }
5217
5218 bool unit_is_pristine(Unit *u) {
5219 assert(u);
5220
5221 /* Check if the unit already exists or is already around,
5222 * in a number of different ways. Note that to cater for unit
5223 * types such as slice, we are generally fine with units that
5224 * are marked UNIT_LOADED even though nothing was actually
5225 * loaded, as those unit types don't require a file on disk. */
5226
5227 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
5228 u->fragment_path ||
5229 u->source_path ||
5230 !strv_isempty(u->dropin_paths) ||
5231 u->job ||
5232 u->merged_into);
5233 }
5234
5235 pid_t unit_control_pid(Unit *u) {
5236 assert(u);
5237
5238 if (UNIT_VTABLE(u)->control_pid)
5239 return UNIT_VTABLE(u)->control_pid(u);
5240
5241 return 0;
5242 }
5243
5244 pid_t unit_main_pid(Unit *u) {
5245 assert(u);
5246
5247 if (UNIT_VTABLE(u)->main_pid)
5248 return UNIT_VTABLE(u)->main_pid(u);
5249
5250 return 0;
5251 }
5252
5253 static void unit_unref_uid_internal(
5254 Unit *u,
5255 uid_t *ref_uid,
5256 bool destroy_now,
5257 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5258
5259 assert(u);
5260 assert(ref_uid);
5261 assert(_manager_unref_uid);
5262
5263 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5264 * gid_t are actually the same time, with the same validity rules.
5265 *
5266 * Drops a reference to UID/GID from a unit. */
5267
5268 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5269 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5270
5271 if (!uid_is_valid(*ref_uid))
5272 return;
5273
5274 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5275 *ref_uid = UID_INVALID;
5276 }
5277
5278 static void unit_unref_uid(Unit *u, bool destroy_now) {
5279 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5280 }
5281
5282 static void unit_unref_gid(Unit *u, bool destroy_now) {
5283 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5284 }
5285
5286 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5287 assert(u);
5288
5289 unit_unref_uid(u, destroy_now);
5290 unit_unref_gid(u, destroy_now);
5291 }
5292
5293 static int unit_ref_uid_internal(
5294 Unit *u,
5295 uid_t *ref_uid,
5296 uid_t uid,
5297 bool clean_ipc,
5298 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5299
5300 int r;
5301
5302 assert(u);
5303 assert(ref_uid);
5304 assert(uid_is_valid(uid));
5305 assert(_manager_ref_uid);
5306
5307 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5308 * are actually the same type, and have the same validity rules.
5309 *
5310 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5311 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5312 * drops to zero. */
5313
5314 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5315 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5316
5317 if (*ref_uid == uid)
5318 return 0;
5319
5320 if (uid_is_valid(*ref_uid)) /* Already set? */
5321 return -EBUSY;
5322
5323 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5324 if (r < 0)
5325 return r;
5326
5327 *ref_uid = uid;
5328 return 1;
5329 }
5330
5331 static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
5332 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5333 }
5334
5335 static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
5336 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5337 }
5338
5339 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5340 int r = 0, q = 0;
5341
5342 assert(u);
5343
5344 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5345
5346 if (uid_is_valid(uid)) {
5347 r = unit_ref_uid(u, uid, clean_ipc);
5348 if (r < 0)
5349 return r;
5350 }
5351
5352 if (gid_is_valid(gid)) {
5353 q = unit_ref_gid(u, gid, clean_ipc);
5354 if (q < 0) {
5355 if (r > 0)
5356 unit_unref_uid(u, false);
5357
5358 return q;
5359 }
5360 }
5361
5362 return r > 0 || q > 0;
5363 }
5364
5365 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5366 ExecContext *c;
5367 int r;
5368
5369 assert(u);
5370
5371 c = unit_get_exec_context(u);
5372
5373 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5374 if (r < 0)
5375 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5376
5377 return r;
5378 }
5379
5380 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5381 int r;
5382
5383 assert(u);
5384
5385 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5386 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5387 * objects when no service references the UID/GID anymore. */
5388
5389 r = unit_ref_uid_gid(u, uid, gid);
5390 if (r > 0)
5391 unit_add_to_dbus_queue(u);
5392 }
5393
5394 int unit_acquire_invocation_id(Unit *u) {
5395 sd_id128_t id;
5396 int r;
5397
5398 assert(u);
5399
5400 r = sd_id128_randomize(&id);
5401 if (r < 0)
5402 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5403
5404 r = unit_set_invocation_id(u, id);
5405 if (r < 0)
5406 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5407
5408 unit_add_to_dbus_queue(u);
5409 return 0;
5410 }
5411
5412 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5413 int r;
5414
5415 assert(u);
5416 assert(p);
5417
5418 /* Copy parameters from manager */
5419 r = manager_get_effective_environment(u->manager, &p->environment);
5420 if (r < 0)
5421 return r;
5422
5423 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5424 p->cgroup_supported = u->manager->cgroup_supported;
5425 p->prefix = u->manager->prefix;
5426 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5427
5428 /* Copy parameters from unit */
5429 p->cgroup_path = u->cgroup_path;
5430 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5431
5432 p->received_credentials = u->manager->received_credentials;
5433
5434 return 0;
5435 }
5436
5437 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5438 int r;
5439
5440 assert(u);
5441 assert(ret);
5442
5443 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5444 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5445
5446 (void) unit_realize_cgroup(u);
5447
5448 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5449 if (r != 0)
5450 return r;
5451
5452 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5453 (void) ignore_signals(SIGPIPE, -1);
5454
5455 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5456
5457 if (u->cgroup_path) {
5458 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5459 if (r < 0) {
5460 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5461 _exit(EXIT_CGROUP);
5462 }
5463 }
5464
5465 return 0;
5466 }
5467
5468 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5469 pid_t pid;
5470 int r;
5471
5472 assert(u);
5473 assert(ret_pid);
5474
5475 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5476 if (r < 0)
5477 return r;
5478 if (r == 0) {
5479 int ret = EXIT_SUCCESS;
5480 char **i;
5481
5482 STRV_FOREACH(i, paths) {
5483 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5484 if (r < 0) {
5485 log_error_errno(r, "Failed to remove '%s': %m", *i);
5486 ret = EXIT_FAILURE;
5487 }
5488 }
5489
5490 _exit(ret);
5491 }
5492
5493 r = unit_watch_pid(u, pid, true);
5494 if (r < 0)
5495 return r;
5496
5497 *ret_pid = pid;
5498 return 0;
5499 }
5500
5501 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5502 assert(u);
5503 assert(d >= 0);
5504 assert(d < _UNIT_DEPENDENCY_MAX);
5505 assert(other);
5506
5507 if (di.origin_mask == 0 && di.destination_mask == 0) {
5508 /* No bit set anymore, let's drop the whole entry */
5509 assert_se(hashmap_remove(u->dependencies[d], other));
5510 log_unit_debug(u, "lost dependency %s=%s", unit_dependency_to_string(d), other->id);
5511 } else
5512 /* Mask was reduced, let's update the entry */
5513 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5514 }
5515
5516 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5517 assert(u);
5518
5519 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5520
5521 if (mask == 0)
5522 return;
5523
5524 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5525 bool done;
5526
5527 do {
5528 UnitDependencyInfo di;
5529 Unit *other;
5530 Iterator i;
5531
5532 done = true;
5533
5534 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5535 if ((di.origin_mask & ~mask) == di.origin_mask)
5536 continue;
5537 di.origin_mask &= ~mask;
5538 unit_update_dependency_mask(u, d, other, di);
5539
5540 /* We updated the dependency from our unit to the other unit now. But most dependencies
5541 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5542 * all dependency types on the other unit and delete all those which point to us and
5543 * have the right mask set. */
5544
5545 for (UnitDependency q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5546 UnitDependencyInfo dj;
5547
5548 dj.data = hashmap_get(other->dependencies[q], u);
5549 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5550 continue;
5551 dj.destination_mask &= ~mask;
5552
5553 unit_update_dependency_mask(other, q, u, dj);
5554 }
5555
5556 unit_add_to_gc_queue(other);
5557
5558 done = false;
5559 break;
5560 }
5561
5562 } while (!done);
5563 }
5564 }
5565
5566 static int unit_get_invocation_path(Unit *u, char **ret) {
5567 char *p;
5568 int r;
5569
5570 assert(u);
5571 assert(ret);
5572
5573 if (MANAGER_IS_SYSTEM(u->manager))
5574 p = strjoin("/run/systemd/units/invocation:", u->id);
5575 else {
5576 _cleanup_free_ char *user_path = NULL;
5577 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5578 if (r < 0)
5579 return r;
5580 p = strjoin(user_path, u->id);
5581 }
5582
5583 if (!p)
5584 return -ENOMEM;
5585
5586 *ret = p;
5587 return 0;
5588 }
5589
5590 static int unit_export_invocation_id(Unit *u) {
5591 _cleanup_free_ char *p = NULL;
5592 int r;
5593
5594 assert(u);
5595
5596 if (u->exported_invocation_id)
5597 return 0;
5598
5599 if (sd_id128_is_null(u->invocation_id))
5600 return 0;
5601
5602 r = unit_get_invocation_path(u, &p);
5603 if (r < 0)
5604 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5605
5606 r = symlink_atomic(u->invocation_id_string, p);
5607 if (r < 0)
5608 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5609
5610 u->exported_invocation_id = true;
5611 return 0;
5612 }
5613
5614 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5615 const char *p;
5616 char buf[2];
5617 int r;
5618
5619 assert(u);
5620 assert(c);
5621
5622 if (u->exported_log_level_max)
5623 return 0;
5624
5625 if (c->log_level_max < 0)
5626 return 0;
5627
5628 assert(c->log_level_max <= 7);
5629
5630 buf[0] = '0' + c->log_level_max;
5631 buf[1] = 0;
5632
5633 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5634 r = symlink_atomic(buf, p);
5635 if (r < 0)
5636 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5637
5638 u->exported_log_level_max = true;
5639 return 0;
5640 }
5641
5642 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5643 _cleanup_close_ int fd = -1;
5644 struct iovec *iovec;
5645 const char *p;
5646 char *pattern;
5647 le64_t *sizes;
5648 ssize_t n;
5649 size_t i;
5650 int r;
5651
5652 if (u->exported_log_extra_fields)
5653 return 0;
5654
5655 if (c->n_log_extra_fields <= 0)
5656 return 0;
5657
5658 sizes = newa(le64_t, c->n_log_extra_fields);
5659 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5660
5661 for (i = 0; i < c->n_log_extra_fields; i++) {
5662 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5663
5664 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5665 iovec[i*2+1] = c->log_extra_fields[i];
5666 }
5667
5668 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5669 pattern = strjoina(p, ".XXXXXX");
5670
5671 fd = mkostemp_safe(pattern);
5672 if (fd < 0)
5673 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5674
5675 n = writev(fd, iovec, c->n_log_extra_fields*2);
5676 if (n < 0) {
5677 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5678 goto fail;
5679 }
5680
5681 (void) fchmod(fd, 0644);
5682
5683 if (rename(pattern, p) < 0) {
5684 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5685 goto fail;
5686 }
5687
5688 u->exported_log_extra_fields = true;
5689 return 0;
5690
5691 fail:
5692 (void) unlink(pattern);
5693 return r;
5694 }
5695
5696 static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
5697 _cleanup_free_ char *buf = NULL;
5698 const char *p;
5699 int r;
5700
5701 assert(u);
5702 assert(c);
5703
5704 if (u->exported_log_ratelimit_interval)
5705 return 0;
5706
5707 if (c->log_ratelimit_interval_usec == 0)
5708 return 0;
5709
5710 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5711
5712 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
5713 return log_oom();
5714
5715 r = symlink_atomic(buf, p);
5716 if (r < 0)
5717 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5718
5719 u->exported_log_ratelimit_interval = true;
5720 return 0;
5721 }
5722
5723 static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
5724 _cleanup_free_ char *buf = NULL;
5725 const char *p;
5726 int r;
5727
5728 assert(u);
5729 assert(c);
5730
5731 if (u->exported_log_ratelimit_burst)
5732 return 0;
5733
5734 if (c->log_ratelimit_burst == 0)
5735 return 0;
5736
5737 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5738
5739 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
5740 return log_oom();
5741
5742 r = symlink_atomic(buf, p);
5743 if (r < 0)
5744 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5745
5746 u->exported_log_ratelimit_burst = true;
5747 return 0;
5748 }
5749
5750 void unit_export_state_files(Unit *u) {
5751 const ExecContext *c;
5752
5753 assert(u);
5754
5755 if (!u->id)
5756 return;
5757
5758 if (MANAGER_IS_TEST_RUN(u->manager))
5759 return;
5760
5761 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5762 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5763 * the IPC system itself and PID 1 also log to the journal.
5764 *
5765 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5766 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5767 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5768 * namespace at least.
5769 *
5770 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5771 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5772 * them with one. */
5773
5774 (void) unit_export_invocation_id(u);
5775
5776 if (!MANAGER_IS_SYSTEM(u->manager))
5777 return;
5778
5779 c = unit_get_exec_context(u);
5780 if (c) {
5781 (void) unit_export_log_level_max(u, c);
5782 (void) unit_export_log_extra_fields(u, c);
5783 (void) unit_export_log_ratelimit_interval(u, c);
5784 (void) unit_export_log_ratelimit_burst(u, c);
5785 }
5786 }
5787
5788 void unit_unlink_state_files(Unit *u) {
5789 const char *p;
5790
5791 assert(u);
5792
5793 if (!u->id)
5794 return;
5795
5796 /* Undoes the effect of unit_export_state() */
5797
5798 if (u->exported_invocation_id) {
5799 _cleanup_free_ char *invocation_path = NULL;
5800 int r = unit_get_invocation_path(u, &invocation_path);
5801 if (r >= 0) {
5802 (void) unlink(invocation_path);
5803 u->exported_invocation_id = false;
5804 }
5805 }
5806
5807 if (!MANAGER_IS_SYSTEM(u->manager))
5808 return;
5809
5810 if (u->exported_log_level_max) {
5811 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5812 (void) unlink(p);
5813
5814 u->exported_log_level_max = false;
5815 }
5816
5817 if (u->exported_log_extra_fields) {
5818 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5819 (void) unlink(p);
5820
5821 u->exported_log_extra_fields = false;
5822 }
5823
5824 if (u->exported_log_ratelimit_interval) {
5825 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5826 (void) unlink(p);
5827
5828 u->exported_log_ratelimit_interval = false;
5829 }
5830
5831 if (u->exported_log_ratelimit_burst) {
5832 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5833 (void) unlink(p);
5834
5835 u->exported_log_ratelimit_burst = false;
5836 }
5837 }
5838
5839 int unit_prepare_exec(Unit *u) {
5840 int r;
5841
5842 assert(u);
5843
5844 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5845 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5846 r = bpf_firewall_load_custom(u);
5847 if (r < 0)
5848 return r;
5849
5850 /* Prepares everything so that we can fork of a process for this unit */
5851
5852 (void) unit_realize_cgroup(u);
5853
5854 if (u->reset_accounting) {
5855 (void) unit_reset_accounting(u);
5856 u->reset_accounting = false;
5857 }
5858
5859 unit_export_state_files(u);
5860
5861 r = unit_setup_exec_runtime(u);
5862 if (r < 0)
5863 return r;
5864
5865 r = unit_setup_dynamic_creds(u);
5866 if (r < 0)
5867 return r;
5868
5869 return 0;
5870 }
5871
5872 static bool ignore_leftover_process(const char *comm) {
5873 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5874 }
5875
5876 int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
5877 _cleanup_free_ char *comm = NULL;
5878
5879 (void) get_process_comm(pid, &comm);
5880
5881 if (ignore_leftover_process(comm))
5882 return 0;
5883
5884 /* During start we print a warning */
5885
5886 log_unit_warning(userdata,
5887 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5888 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5889 pid, strna(comm));
5890
5891 return 1;
5892 }
5893
5894 int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5895 _cleanup_free_ char *comm = NULL;
5896
5897 (void) get_process_comm(pid, &comm);
5898
5899 if (ignore_leftover_process(comm))
5900 return 0;
5901
5902 /* During stop we only print an informational message */
5903
5904 log_unit_info(userdata,
5905 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5906 pid, strna(comm));
5907
5908 return 1;
5909 }
5910
5911 int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
5912 assert(u);
5913
5914 (void) unit_pick_cgroup_path(u);
5915
5916 if (!u->cgroup_path)
5917 return 0;
5918
5919 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
5920 }
5921
5922 bool unit_needs_console(Unit *u) {
5923 ExecContext *ec;
5924 UnitActiveState state;
5925
5926 assert(u);
5927
5928 state = unit_active_state(u);
5929
5930 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5931 return false;
5932
5933 if (UNIT_VTABLE(u)->needs_console)
5934 return UNIT_VTABLE(u)->needs_console(u);
5935
5936 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5937 ec = unit_get_exec_context(u);
5938 if (!ec)
5939 return false;
5940
5941 return exec_context_may_touch_console(ec);
5942 }
5943
5944 const char *unit_label_path(const Unit *u) {
5945 const char *p;
5946
5947 assert(u);
5948
5949 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5950 * when validating access checks. */
5951
5952 p = u->source_path ?: u->fragment_path;
5953 if (!p)
5954 return NULL;
5955
5956 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5957 if (null_or_empty_path(p) > 0)
5958 return NULL;
5959
5960 return p;
5961 }
5962
5963 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5964 int r;
5965
5966 assert(u);
5967
5968 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5969 * and not a kernel thread either */
5970
5971 /* First, a simple range check */
5972 if (!pid_is_valid(pid))
5973 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5974
5975 /* Some extra safety check */
5976 if (pid == 1 || pid == getpid_cached())
5977 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5978
5979 /* Don't even begin to bother with kernel threads */
5980 r = is_kernel_thread(pid);
5981 if (r == -ESRCH)
5982 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5983 if (r < 0)
5984 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5985 if (r > 0)
5986 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5987
5988 return 0;
5989 }
5990
5991 void unit_log_success(Unit *u) {
5992 assert(u);
5993
5994 log_struct(LOG_INFO,
5995 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5996 LOG_UNIT_ID(u),
5997 LOG_UNIT_INVOCATION_ID(u),
5998 LOG_UNIT_MESSAGE(u, "Succeeded."));
5999 }
6000
6001 void unit_log_failure(Unit *u, const char *result) {
6002 assert(u);
6003 assert(result);
6004
6005 log_struct(LOG_WARNING,
6006 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
6007 LOG_UNIT_ID(u),
6008 LOG_UNIT_INVOCATION_ID(u),
6009 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
6010 "UNIT_RESULT=%s", result);
6011 }
6012
6013 void unit_log_skip(Unit *u, const char *result) {
6014 assert(u);
6015 assert(result);
6016
6017 log_struct(LOG_INFO,
6018 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
6019 LOG_UNIT_ID(u),
6020 LOG_UNIT_INVOCATION_ID(u),
6021 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
6022 "UNIT_RESULT=%s", result);
6023 }
6024
6025 void unit_log_process_exit(
6026 Unit *u,
6027 const char *kind,
6028 const char *command,
6029 bool success,
6030 int code,
6031 int status) {
6032
6033 int level;
6034
6035 assert(u);
6036 assert(kind);
6037
6038 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6039 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6040 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6041 * WARNING. */
6042 if (success)
6043 level = LOG_DEBUG;
6044 else if (code == CLD_EXITED)
6045 level = LOG_NOTICE;
6046 else
6047 level = LOG_WARNING;
6048
6049 log_struct(level,
6050 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
6051 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
6052 kind,
6053 sigchld_code_to_string(code), status,
6054 strna(code == CLD_EXITED
6055 ? exit_status_to_string(status, EXIT_STATUS_FULL)
6056 : signal_to_string(status))),
6057 "EXIT_CODE=%s", sigchld_code_to_string(code),
6058 "EXIT_STATUS=%i", status,
6059 "COMMAND=%s", strna(command),
6060 LOG_UNIT_ID(u),
6061 LOG_UNIT_INVOCATION_ID(u));
6062 }
6063
6064 int unit_exit_status(Unit *u) {
6065 assert(u);
6066
6067 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6068 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6069 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6070 * service process has exited abnormally (signal/coredump). */
6071
6072 if (!UNIT_VTABLE(u)->exit_status)
6073 return -EOPNOTSUPP;
6074
6075 return UNIT_VTABLE(u)->exit_status(u);
6076 }
6077
6078 int unit_failure_action_exit_status(Unit *u) {
6079 int r;
6080
6081 assert(u);
6082
6083 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6084
6085 if (u->failure_action_exit_status >= 0)
6086 return u->failure_action_exit_status;
6087
6088 r = unit_exit_status(u);
6089 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6090 return 255;
6091
6092 return r;
6093 }
6094
6095 int unit_success_action_exit_status(Unit *u) {
6096 int r;
6097
6098 assert(u);
6099
6100 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6101
6102 if (u->success_action_exit_status >= 0)
6103 return u->success_action_exit_status;
6104
6105 r = unit_exit_status(u);
6106 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6107 return 255;
6108
6109 return r;
6110 }
6111
6112 int unit_test_trigger_loaded(Unit *u) {
6113 Unit *trigger;
6114
6115 /* Tests whether the unit to trigger is loaded */
6116
6117 trigger = UNIT_TRIGGER(u);
6118 if (!trigger)
6119 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6120 "Refusing to start, no unit to trigger.");
6121 if (trigger->load_state != UNIT_LOADED)
6122 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6123 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
6124
6125 return 0;
6126 }
6127
6128 void unit_destroy_runtime_data(Unit *u, const ExecContext *context) {
6129 assert(u);
6130 assert(context);
6131
6132 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
6133 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
6134 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
6135
6136 exec_context_destroy_credentials(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME], u->id);
6137 }
6138
6139 int unit_clean(Unit *u, ExecCleanMask mask) {
6140 UnitActiveState state;
6141
6142 assert(u);
6143
6144 /* Special return values:
6145 *
6146 * -EOPNOTSUPP → cleaning not supported for this unit type
6147 * -EUNATCH → cleaning not defined for this resource type
6148 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6149 * a job queued or similar
6150 */
6151
6152 if (!UNIT_VTABLE(u)->clean)
6153 return -EOPNOTSUPP;
6154
6155 if (mask == 0)
6156 return -EUNATCH;
6157
6158 if (u->load_state != UNIT_LOADED)
6159 return -EBUSY;
6160
6161 if (u->job)
6162 return -EBUSY;
6163
6164 state = unit_active_state(u);
6165 if (!IN_SET(state, UNIT_INACTIVE))
6166 return -EBUSY;
6167
6168 return UNIT_VTABLE(u)->clean(u, mask);
6169 }
6170
6171 int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6172 assert(u);
6173
6174 if (!UNIT_VTABLE(u)->clean ||
6175 u->load_state != UNIT_LOADED) {
6176 *ret = 0;
6177 return 0;
6178 }
6179
6180 /* When the clean() method is set, can_clean() really should be set too */
6181 assert(UNIT_VTABLE(u)->can_clean);
6182
6183 return UNIT_VTABLE(u)->can_clean(u, ret);
6184 }
6185
6186 bool unit_can_freeze(Unit *u) {
6187 assert(u);
6188
6189 if (UNIT_VTABLE(u)->can_freeze)
6190 return UNIT_VTABLE(u)->can_freeze(u);
6191
6192 return UNIT_VTABLE(u)->freeze;
6193 }
6194
6195 void unit_frozen(Unit *u) {
6196 assert(u);
6197
6198 u->freezer_state = FREEZER_FROZEN;
6199
6200 bus_unit_send_pending_freezer_message(u);
6201 }
6202
6203 void unit_thawed(Unit *u) {
6204 assert(u);
6205
6206 u->freezer_state = FREEZER_RUNNING;
6207
6208 bus_unit_send_pending_freezer_message(u);
6209 }
6210
6211 static int unit_freezer_action(Unit *u, FreezerAction action) {
6212 UnitActiveState s;
6213 int (*method)(Unit*);
6214 int r;
6215
6216 assert(u);
6217 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6218
6219 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
6220 if (!method || !cg_freezer_supported())
6221 return -EOPNOTSUPP;
6222
6223 if (u->job)
6224 return -EBUSY;
6225
6226 if (u->load_state != UNIT_LOADED)
6227 return -EHOSTDOWN;
6228
6229 s = unit_active_state(u);
6230 if (s != UNIT_ACTIVE)
6231 return -EHOSTDOWN;
6232
6233 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
6234 return -EALREADY;
6235
6236 r = method(u);
6237 if (r <= 0)
6238 return r;
6239
6240 return 1;
6241 }
6242
6243 int unit_freeze(Unit *u) {
6244 return unit_freezer_action(u, FREEZER_FREEZE);
6245 }
6246
6247 int unit_thaw(Unit *u) {
6248 return unit_freezer_action(u, FREEZER_THAW);
6249 }
6250
6251 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6252 int unit_freeze_vtable_common(Unit *u) {
6253 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
6254 }
6255
6256 int unit_thaw_vtable_common(Unit *u) {
6257 return unit_cgroup_freezer_action(u, FREEZER_THAW);
6258 }
6259
6260 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
6261 [COLLECT_INACTIVE] = "inactive",
6262 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6263 };
6264
6265 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.