]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:


17f4ff3ebd84d22e59017b0b77590d24d49e6a75
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <sys/prctl.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #include "sd-id128.h"
11 #include "sd-messages.h"
12
13 #include "alloc-util.h"
14 #include "all-units.h"
15 #include "bus-common-errors.h"
16 #include "bus-util.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "format-util.h"
26 #include "fs-util.h"
27 #include "id128-util.h"
28 #include "io-util.h"
29 #include "load-dropin.h"
30 #include "load-fragment.h"
31 #include "log.h"
32 #include "macro.h"
33 #include "missing.h"
34 #include "mkdir.h"
35 #include "parse-util.h"
36 #include "path-util.h"
37 #include "process-util.h"
38 #include "set.h"
39 #include "signal-util.h"
40 #include "sparse-endian.h"
41 #include "special.h"
42 #include "specifier.h"
43 #include "stat-util.h"
44 #include "stdio-util.h"
45 #include "string-table.h"
46 #include "string-util.h"
47 #include "strv.h"
48 #include "umask-util.h"
49 #include "unit-name.h"
50 #include "unit.h"
51 #include "user-util.h"
52 #include "virt.h"
53
54 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
55 [UNIT_SERVICE] = &service_vtable,
56 [UNIT_SOCKET] = &socket_vtable,
57 [UNIT_TARGET] = &target_vtable,
58 [UNIT_DEVICE] = &device_vtable,
59 [UNIT_MOUNT] = &mount_vtable,
60 [UNIT_AUTOMOUNT] = &automount_vtable,
61 [UNIT_SWAP] = &swap_vtable,
62 [UNIT_TIMER] = &timer_vtable,
63 [UNIT_PATH] = &path_vtable,
64 [UNIT_SLICE] = &slice_vtable,
65 [UNIT_SCOPE] = &scope_vtable,
66 };
67
68 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
69
70 Unit *unit_new(Manager *m, size_t size) {
71 Unit *u;
72
73 assert(m);
74 assert(size >= sizeof(Unit));
75
76 u = malloc0(size);
77 if (!u)
78 return NULL;
79
80 u->names = set_new(&string_hash_ops);
81 if (!u->names)
82 return mfree(u);
83
84 u->manager = m;
85 u->type = _UNIT_TYPE_INVALID;
86 u->default_dependencies = true;
87 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
88 u->unit_file_preset = -1;
89 u->on_failure_job_mode = JOB_REPLACE;
90 u->cgroup_inotify_wd = -1;
91 u->job_timeout = USEC_INFINITY;
92 u->job_running_timeout = USEC_INFINITY;
93 u->ref_uid = UID_INVALID;
94 u->ref_gid = GID_INVALID;
95 u->cpu_usage_last = NSEC_INFINITY;
96 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
97
98 u->ip_accounting_ingress_map_fd = -1;
99 u->ip_accounting_egress_map_fd = -1;
100 u->ipv4_allow_map_fd = -1;
101 u->ipv6_allow_map_fd = -1;
102 u->ipv4_deny_map_fd = -1;
103 u->ipv6_deny_map_fd = -1;
104
105 u->last_section_private = -1;
106
107 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
108 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
109
110 return u;
111 }
112
113 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
114 _cleanup_(unit_freep) Unit *u = NULL;
115 int r;
116
117 u = unit_new(m, size);
118 if (!u)
119 return -ENOMEM;
120
121 r = unit_add_name(u, name);
122 if (r < 0)
123 return r;
124
125 *ret = TAKE_PTR(u);
126
127 return r;
128 }
129
130 bool unit_has_name(Unit *u, const char *name) {
131 assert(u);
132 assert(name);
133
134 return set_contains(u->names, (char*) name);
135 }
136
137 static void unit_init(Unit *u) {
138 CGroupContext *cc;
139 ExecContext *ec;
140 KillContext *kc;
141
142 assert(u);
143 assert(u->manager);
144 assert(u->type >= 0);
145
146 cc = unit_get_cgroup_context(u);
147 if (cc) {
148 cgroup_context_init(cc);
149
150 /* Copy in the manager defaults into the cgroup
151 * context, _before_ the rest of the settings have
152 * been initialized */
153
154 cc->cpu_accounting = u->manager->default_cpu_accounting;
155 cc->io_accounting = u->manager->default_io_accounting;
156 cc->ip_accounting = u->manager->default_ip_accounting;
157 cc->blockio_accounting = u->manager->default_blockio_accounting;
158 cc->memory_accounting = u->manager->default_memory_accounting;
159 cc->tasks_accounting = u->manager->default_tasks_accounting;
160 cc->ip_accounting = u->manager->default_ip_accounting;
161
162 if (u->type != UNIT_SLICE)
163 cc->tasks_max = u->manager->default_tasks_max;
164 }
165
166 ec = unit_get_exec_context(u);
167 if (ec) {
168 exec_context_init(ec);
169
170 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
171 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
172 }
173
174 kc = unit_get_kill_context(u);
175 if (kc)
176 kill_context_init(kc);
177
178 if (UNIT_VTABLE(u)->init)
179 UNIT_VTABLE(u)->init(u);
180 }
181
182 int unit_add_name(Unit *u, const char *text) {
183 _cleanup_free_ char *s = NULL, *i = NULL;
184 UnitType t;
185 int r;
186
187 assert(u);
188 assert(text);
189
190 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
191
192 if (!u->instance)
193 return -EINVAL;
194
195 r = unit_name_replace_instance(text, u->instance, &s);
196 if (r < 0)
197 return r;
198 } else {
199 s = strdup(text);
200 if (!s)
201 return -ENOMEM;
202 }
203
204 if (set_contains(u->names, s))
205 return 0;
206 if (hashmap_contains(u->manager->units, s))
207 return -EEXIST;
208
209 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
210 return -EINVAL;
211
212 t = unit_name_to_type(s);
213 if (t < 0)
214 return -EINVAL;
215
216 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
217 return -EINVAL;
218
219 r = unit_name_to_instance(s, &i);
220 if (r < 0)
221 return r;
222
223 if (i && !unit_type_may_template(t))
224 return -EINVAL;
225
226 /* Ensure that this unit is either instanced or not instanced,
227 * but not both. Note that we do allow names with different
228 * instance names however! */
229 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
230 return -EINVAL;
231
232 if (!unit_type_may_alias(t) && !set_isempty(u->names))
233 return -EEXIST;
234
235 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
236 return -E2BIG;
237
238 r = set_put(u->names, s);
239 if (r < 0)
240 return r;
241 assert(r > 0);
242
243 r = hashmap_put(u->manager->units, s, u);
244 if (r < 0) {
245 (void) set_remove(u->names, s);
246 return r;
247 }
248
249 if (u->type == _UNIT_TYPE_INVALID) {
250 u->type = t;
251 u->id = s;
252 u->instance = TAKE_PTR(i);
253
254 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
255
256 unit_init(u);
257 }
258
259 s = NULL;
260
261 unit_add_to_dbus_queue(u);
262 return 0;
263 }
264
265 int unit_choose_id(Unit *u, const char *name) {
266 _cleanup_free_ char *t = NULL;
267 char *s, *i;
268 int r;
269
270 assert(u);
271 assert(name);
272
273 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
274
275 if (!u->instance)
276 return -EINVAL;
277
278 r = unit_name_replace_instance(name, u->instance, &t);
279 if (r < 0)
280 return r;
281
282 name = t;
283 }
284
285 /* Selects one of the names of this unit as the id */
286 s = set_get(u->names, (char*) name);
287 if (!s)
288 return -ENOENT;
289
290 /* Determine the new instance from the new id */
291 r = unit_name_to_instance(s, &i);
292 if (r < 0)
293 return r;
294
295 u->id = s;
296
297 free(u->instance);
298 u->instance = i;
299
300 unit_add_to_dbus_queue(u);
301
302 return 0;
303 }
304
305 int unit_set_description(Unit *u, const char *description) {
306 int r;
307
308 assert(u);
309
310 r = free_and_strdup(&u->description, empty_to_null(description));
311 if (r < 0)
312 return r;
313 if (r > 0)
314 unit_add_to_dbus_queue(u);
315
316 return 0;
317 }
318
319 bool unit_may_gc(Unit *u) {
320 UnitActiveState state;
321 int r;
322
323 assert(u);
324
325 /* Checks whether the unit is ready to be unloaded for garbage collection.
326 * Returns true when the unit may be collected, and false if there's some
327 * reason to keep it loaded.
328 *
329 * References from other units are *not* checked here. Instead, this is done
330 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
331 */
332
333 if (u->job)
334 return false;
335
336 if (u->nop_job)
337 return false;
338
339 state = unit_active_state(u);
340
341 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
342 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
343 UNIT_VTABLE(u)->release_resources)
344 UNIT_VTABLE(u)->release_resources(u);
345
346 if (u->perpetual)
347 return false;
348
349 if (sd_bus_track_count(u->bus_track) > 0)
350 return false;
351
352 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
353 switch (u->collect_mode) {
354
355 case COLLECT_INACTIVE:
356 if (state != UNIT_INACTIVE)
357 return false;
358
359 break;
360
361 case COLLECT_INACTIVE_OR_FAILED:
362 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
363 return false;
364
365 break;
366
367 default:
368 assert_not_reached("Unknown garbage collection mode");
369 }
370
371 if (u->cgroup_path) {
372 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
373 * around. Units with active processes should never be collected. */
374
375 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
376 if (r < 0)
377 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
378 if (r <= 0)
379 return false;
380 }
381
382 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
383 return false;
384
385 return true;
386 }
387
388 void unit_add_to_load_queue(Unit *u) {
389 assert(u);
390 assert(u->type != _UNIT_TYPE_INVALID);
391
392 if (u->load_state != UNIT_STUB || u->in_load_queue)
393 return;
394
395 LIST_PREPEND(load_queue, u->manager->load_queue, u);
396 u->in_load_queue = true;
397 }
398
399 void unit_add_to_cleanup_queue(Unit *u) {
400 assert(u);
401
402 if (u->in_cleanup_queue)
403 return;
404
405 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
406 u->in_cleanup_queue = true;
407 }
408
409 void unit_add_to_gc_queue(Unit *u) {
410 assert(u);
411
412 if (u->in_gc_queue || u->in_cleanup_queue)
413 return;
414
415 if (!unit_may_gc(u))
416 return;
417
418 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
419 u->in_gc_queue = true;
420 }
421
422 void unit_add_to_dbus_queue(Unit *u) {
423 assert(u);
424 assert(u->type != _UNIT_TYPE_INVALID);
425
426 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
427 return;
428
429 /* Shortcut things if nobody cares */
430 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
431 sd_bus_track_count(u->bus_track) <= 0 &&
432 set_isempty(u->manager->private_buses)) {
433 u->sent_dbus_new_signal = true;
434 return;
435 }
436
437 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
438 u->in_dbus_queue = true;
439 }
440
441 static void bidi_set_free(Unit *u, Hashmap *h) {
442 Unit *other;
443 Iterator i;
444 void *v;
445
446 assert(u);
447
448 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
449
450 HASHMAP_FOREACH_KEY(v, other, h, i) {
451 UnitDependency d;
452
453 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
454 hashmap_remove(other->dependencies[d], u);
455
456 unit_add_to_gc_queue(other);
457 }
458
459 hashmap_free(h);
460 }
461
462 static void unit_remove_transient(Unit *u) {
463 char **i;
464
465 assert(u);
466
467 if (!u->transient)
468 return;
469
470 if (u->fragment_path)
471 (void) unlink(u->fragment_path);
472
473 STRV_FOREACH(i, u->dropin_paths) {
474 _cleanup_free_ char *p = NULL, *pp = NULL;
475
476 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
477 if (!p)
478 continue;
479
480 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
481 if (!pp)
482 continue;
483
484 /* Only drop transient drop-ins */
485 if (!path_equal(u->manager->lookup_paths.transient, pp))
486 continue;
487
488 (void) unlink(*i);
489 (void) rmdir(p);
490 }
491 }
492
493 static void unit_free_requires_mounts_for(Unit *u) {
494 assert(u);
495
496 for (;;) {
497 _cleanup_free_ char *path;
498
499 path = hashmap_steal_first_key(u->requires_mounts_for);
500 if (!path)
501 break;
502 else {
503 char s[strlen(path) + 1];
504
505 PATH_FOREACH_PREFIX_MORE(s, path) {
506 char *y;
507 Set *x;
508
509 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
510 if (!x)
511 continue;
512
513 (void) set_remove(x, u);
514
515 if (set_isempty(x)) {
516 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
517 free(y);
518 set_free(x);
519 }
520 }
521 }
522 }
523
524 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
525 }
526
527 static void unit_done(Unit *u) {
528 ExecContext *ec;
529 CGroupContext *cc;
530
531 assert(u);
532
533 if (u->type < 0)
534 return;
535
536 if (UNIT_VTABLE(u)->done)
537 UNIT_VTABLE(u)->done(u);
538
539 ec = unit_get_exec_context(u);
540 if (ec)
541 exec_context_done(ec);
542
543 cc = unit_get_cgroup_context(u);
544 if (cc)
545 cgroup_context_done(cc);
546 }
547
548 void unit_free(Unit *u) {
549 UnitDependency d;
550 Iterator i;
551 char *t;
552
553 if (!u)
554 return;
555
556 u->transient_file = safe_fclose(u->transient_file);
557
558 if (!MANAGER_IS_RELOADING(u->manager))
559 unit_remove_transient(u);
560
561 bus_unit_send_removed_signal(u);
562
563 unit_done(u);
564
565 unit_dequeue_rewatch_pids(u);
566
567 sd_bus_slot_unref(u->match_bus_slot);
568 sd_bus_track_unref(u->bus_track);
569 u->deserialized_refs = strv_free(u->deserialized_refs);
570
571 unit_free_requires_mounts_for(u);
572
573 SET_FOREACH(t, u->names, i)
574 hashmap_remove_value(u->manager->units, t, u);
575
576 if (!sd_id128_is_null(u->invocation_id))
577 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
578
579 if (u->job) {
580 Job *j = u->job;
581 job_uninstall(j);
582 job_free(j);
583 }
584
585 if (u->nop_job) {
586 Job *j = u->nop_job;
587 job_uninstall(j);
588 job_free(j);
589 }
590
591 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
592 bidi_set_free(u, u->dependencies[d]);
593
594 if (u->on_console)
595 manager_unref_console(u->manager);
596
597 unit_release_cgroup(u);
598
599 if (!MANAGER_IS_RELOADING(u->manager))
600 unit_unlink_state_files(u);
601
602 unit_unref_uid_gid(u, false);
603
604 (void) manager_update_failed_units(u->manager, u, false);
605 set_remove(u->manager->startup_units, u);
606
607 unit_unwatch_all_pids(u);
608
609 unit_ref_unset(&u->slice);
610 while (u->refs_by_target)
611 unit_ref_unset(u->refs_by_target);
612
613 if (u->type != _UNIT_TYPE_INVALID)
614 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
615
616 if (u->in_load_queue)
617 LIST_REMOVE(load_queue, u->manager->load_queue, u);
618
619 if (u->in_dbus_queue)
620 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
621
622 if (u->in_gc_queue)
623 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
624
625 if (u->in_cgroup_realize_queue)
626 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
627
628 if (u->in_cgroup_empty_queue)
629 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
630
631 if (u->in_cleanup_queue)
632 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
633
634 if (u->in_target_deps_queue)
635 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
636
637 safe_close(u->ip_accounting_ingress_map_fd);
638 safe_close(u->ip_accounting_egress_map_fd);
639
640 safe_close(u->ipv4_allow_map_fd);
641 safe_close(u->ipv6_allow_map_fd);
642 safe_close(u->ipv4_deny_map_fd);
643 safe_close(u->ipv6_deny_map_fd);
644
645 bpf_program_unref(u->ip_bpf_ingress);
646 bpf_program_unref(u->ip_bpf_ingress_installed);
647 bpf_program_unref(u->ip_bpf_egress);
648 bpf_program_unref(u->ip_bpf_egress_installed);
649
650 condition_free_list(u->conditions);
651 condition_free_list(u->asserts);
652
653 free(u->description);
654 strv_free(u->documentation);
655 free(u->fragment_path);
656 free(u->source_path);
657 strv_free(u->dropin_paths);
658 free(u->instance);
659
660 free(u->job_timeout_reboot_arg);
661
662 set_free_free(u->names);
663
664 free(u->reboot_arg);
665
666 free(u);
667 }
668
669 UnitActiveState unit_active_state(Unit *u) {
670 assert(u);
671
672 if (u->load_state == UNIT_MERGED)
673 return unit_active_state(unit_follow_merge(u));
674
675 /* After a reload it might happen that a unit is not correctly
676 * loaded but still has a process around. That's why we won't
677 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
678
679 return UNIT_VTABLE(u)->active_state(u);
680 }
681
682 const char* unit_sub_state_to_string(Unit *u) {
683 assert(u);
684
685 return UNIT_VTABLE(u)->sub_state_to_string(u);
686 }
687
688 static int set_complete_move(Set **s, Set **other) {
689 assert(s);
690 assert(other);
691
692 if (!other)
693 return 0;
694
695 if (*s)
696 return set_move(*s, *other);
697 else
698 *s = TAKE_PTR(*other);
699
700 return 0;
701 }
702
703 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
704 assert(s);
705 assert(other);
706
707 if (!*other)
708 return 0;
709
710 if (*s)
711 return hashmap_move(*s, *other);
712 else
713 *s = TAKE_PTR(*other);
714
715 return 0;
716 }
717
718 static int merge_names(Unit *u, Unit *other) {
719 char *t;
720 Iterator i;
721 int r;
722
723 assert(u);
724 assert(other);
725
726 r = set_complete_move(&u->names, &other->names);
727 if (r < 0)
728 return r;
729
730 set_free_free(other->names);
731 other->names = NULL;
732 other->id = NULL;
733
734 SET_FOREACH(t, u->names, i)
735 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
736
737 return 0;
738 }
739
740 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
741 unsigned n_reserve;
742
743 assert(u);
744 assert(other);
745 assert(d < _UNIT_DEPENDENCY_MAX);
746
747 /*
748 * If u does not have this dependency set allocated, there is no need
749 * to reserve anything. In that case other's set will be transferred
750 * as a whole to u by complete_move().
751 */
752 if (!u->dependencies[d])
753 return 0;
754
755 /* merge_dependencies() will skip a u-on-u dependency */
756 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
757
758 return hashmap_reserve(u->dependencies[d], n_reserve);
759 }
760
761 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
762 Iterator i;
763 Unit *back;
764 void *v;
765 int r;
766
767 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
768
769 assert(u);
770 assert(other);
771 assert(d < _UNIT_DEPENDENCY_MAX);
772
773 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
774 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
775 UnitDependency k;
776
777 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
778 * pointers back, and let's fix them up, to instead point to 'u'. */
779
780 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
781 if (back == u) {
782 /* Do not add dependencies between u and itself. */
783 if (hashmap_remove(back->dependencies[k], other))
784 maybe_warn_about_dependency(u, other_id, k);
785 } else {
786 UnitDependencyInfo di_u, di_other, di_merged;
787
788 /* Let's drop this dependency between "back" and "other", and let's create it between
789 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
790 * and any such dependency which might already exist */
791
792 di_other.data = hashmap_get(back->dependencies[k], other);
793 if (!di_other.data)
794 continue; /* dependency isn't set, let's try the next one */
795
796 di_u.data = hashmap_get(back->dependencies[k], u);
797
798 di_merged = (UnitDependencyInfo) {
799 .origin_mask = di_u.origin_mask | di_other.origin_mask,
800 .destination_mask = di_u.destination_mask | di_other.destination_mask,
801 };
802
803 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
804 if (r < 0)
805 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
806 assert(r >= 0);
807
808 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
809 }
810 }
811
812 }
813
814 /* Also do not move dependencies on u to itself */
815 back = hashmap_remove(other->dependencies[d], u);
816 if (back)
817 maybe_warn_about_dependency(u, other_id, d);
818
819 /* The move cannot fail. The caller must have performed a reservation. */
820 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
821
822 other->dependencies[d] = hashmap_free(other->dependencies[d]);
823 }
824
825 int unit_merge(Unit *u, Unit *other) {
826 UnitDependency d;
827 const char *other_id = NULL;
828 int r;
829
830 assert(u);
831 assert(other);
832 assert(u->manager == other->manager);
833 assert(u->type != _UNIT_TYPE_INVALID);
834
835 other = unit_follow_merge(other);
836
837 if (other == u)
838 return 0;
839
840 if (u->type != other->type)
841 return -EINVAL;
842
843 if (!u->instance != !other->instance)
844 return -EINVAL;
845
846 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
847 return -EEXIST;
848
849 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
850 return -EEXIST;
851
852 if (other->job)
853 return -EEXIST;
854
855 if (other->nop_job)
856 return -EEXIST;
857
858 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
859 return -EEXIST;
860
861 if (other->id)
862 other_id = strdupa(other->id);
863
864 /* Make reservations to ensure merge_dependencies() won't fail */
865 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
866 r = reserve_dependencies(u, other, d);
867 /*
868 * We don't rollback reservations if we fail. We don't have
869 * a way to undo reservations. A reservation is not a leak.
870 */
871 if (r < 0)
872 return r;
873 }
874
875 /* Merge names */
876 r = merge_names(u, other);
877 if (r < 0)
878 return r;
879
880 /* Redirect all references */
881 while (other->refs_by_target)
882 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
883
884 /* Merge dependencies */
885 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
886 merge_dependencies(u, other, other_id, d);
887
888 other->load_state = UNIT_MERGED;
889 other->merged_into = u;
890
891 /* If there is still some data attached to the other node, we
892 * don't need it anymore, and can free it. */
893 if (other->load_state != UNIT_STUB)
894 if (UNIT_VTABLE(other)->done)
895 UNIT_VTABLE(other)->done(other);
896
897 unit_add_to_dbus_queue(u);
898 unit_add_to_cleanup_queue(other);
899
900 return 0;
901 }
902
903 int unit_merge_by_name(Unit *u, const char *name) {
904 _cleanup_free_ char *s = NULL;
905 Unit *other;
906 int r;
907
908 assert(u);
909 assert(name);
910
911 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
912 if (!u->instance)
913 return -EINVAL;
914
915 r = unit_name_replace_instance(name, u->instance, &s);
916 if (r < 0)
917 return r;
918
919 name = s;
920 }
921
922 other = manager_get_unit(u->manager, name);
923 if (other)
924 return unit_merge(u, other);
925
926 return unit_add_name(u, name);
927 }
928
929 Unit* unit_follow_merge(Unit *u) {
930 assert(u);
931
932 while (u->load_state == UNIT_MERGED)
933 assert_se(u = u->merged_into);
934
935 return u;
936 }
937
938 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
939 ExecDirectoryType dt;
940 char **dp;
941 int r;
942
943 assert(u);
944 assert(c);
945
946 if (c->working_directory) {
947 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
948 if (r < 0)
949 return r;
950 }
951
952 if (c->root_directory) {
953 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
954 if (r < 0)
955 return r;
956 }
957
958 if (c->root_image) {
959 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
960 if (r < 0)
961 return r;
962 }
963
964 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
965 if (!u->manager->prefix[dt])
966 continue;
967
968 STRV_FOREACH(dp, c->directories[dt].paths) {
969 _cleanup_free_ char *p;
970
971 p = strjoin(u->manager->prefix[dt], "/", *dp);
972 if (!p)
973 return -ENOMEM;
974
975 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
976 if (r < 0)
977 return r;
978 }
979 }
980
981 if (!MANAGER_IS_SYSTEM(u->manager))
982 return 0;
983
984 if (c->private_tmp) {
985 const char *p;
986
987 FOREACH_STRING(p, "/tmp", "/var/tmp") {
988 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
989 if (r < 0)
990 return r;
991 }
992
993 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 if (!IN_SET(c->std_output,
999 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1000 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1001 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1002 !IN_SET(c->std_error,
1003 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1004 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1005 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1006 return 0;
1007
1008 /* If syslog or kernel logging is requested, make sure our own
1009 * logging daemon is run first. */
1010
1011 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1012 if (r < 0)
1013 return r;
1014
1015 return 0;
1016 }
1017
1018 const char *unit_description(Unit *u) {
1019 assert(u);
1020
1021 if (u->description)
1022 return u->description;
1023
1024 return strna(u->id);
1025 }
1026
1027 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1028 const struct {
1029 UnitDependencyMask mask;
1030 const char *name;
1031 } table[] = {
1032 { UNIT_DEPENDENCY_FILE, "file" },
1033 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1034 { UNIT_DEPENDENCY_DEFAULT, "default" },
1035 { UNIT_DEPENDENCY_UDEV, "udev" },
1036 { UNIT_DEPENDENCY_PATH, "path" },
1037 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1038 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1039 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1040 };
1041 size_t i;
1042
1043 assert(f);
1044 assert(kind);
1045 assert(space);
1046
1047 for (i = 0; i < ELEMENTSOF(table); i++) {
1048
1049 if (mask == 0)
1050 break;
1051
1052 if (FLAGS_SET(mask, table[i].mask)) {
1053 if (*space)
1054 fputc(' ', f);
1055 else
1056 *space = true;
1057
1058 fputs(kind, f);
1059 fputs("-", f);
1060 fputs(table[i].name, f);
1061
1062 mask &= ~table[i].mask;
1063 }
1064 }
1065
1066 assert(mask == 0);
1067 }
1068
1069 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1070 char *t, **j;
1071 UnitDependency d;
1072 Iterator i;
1073 const char *prefix2;
1074 char
1075 timestamp0[FORMAT_TIMESTAMP_MAX],
1076 timestamp1[FORMAT_TIMESTAMP_MAX],
1077 timestamp2[FORMAT_TIMESTAMP_MAX],
1078 timestamp3[FORMAT_TIMESTAMP_MAX],
1079 timestamp4[FORMAT_TIMESTAMP_MAX],
1080 timespan[FORMAT_TIMESPAN_MAX];
1081 Unit *following;
1082 _cleanup_set_free_ Set *following_set = NULL;
1083 const char *n;
1084 CGroupMask m;
1085 int r;
1086
1087 assert(u);
1088 assert(u->type >= 0);
1089
1090 prefix = strempty(prefix);
1091 prefix2 = strjoina(prefix, "\t");
1092
1093 fprintf(f,
1094 "%s-> Unit %s:\n"
1095 "%s\tDescription: %s\n"
1096 "%s\tInstance: %s\n"
1097 "%s\tUnit Load State: %s\n"
1098 "%s\tUnit Active State: %s\n"
1099 "%s\tState Change Timestamp: %s\n"
1100 "%s\tInactive Exit Timestamp: %s\n"
1101 "%s\tActive Enter Timestamp: %s\n"
1102 "%s\tActive Exit Timestamp: %s\n"
1103 "%s\tInactive Enter Timestamp: %s\n"
1104 "%s\tMay GC: %s\n"
1105 "%s\tNeed Daemon Reload: %s\n"
1106 "%s\tTransient: %s\n"
1107 "%s\tPerpetual: %s\n"
1108 "%s\tGarbage Collection Mode: %s\n"
1109 "%s\tSlice: %s\n"
1110 "%s\tCGroup: %s\n"
1111 "%s\tCGroup realized: %s\n",
1112 prefix, u->id,
1113 prefix, unit_description(u),
1114 prefix, strna(u->instance),
1115 prefix, unit_load_state_to_string(u->load_state),
1116 prefix, unit_active_state_to_string(unit_active_state(u)),
1117 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1118 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1119 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1120 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1121 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1122 prefix, yes_no(unit_may_gc(u)),
1123 prefix, yes_no(unit_need_daemon_reload(u)),
1124 prefix, yes_no(u->transient),
1125 prefix, yes_no(u->perpetual),
1126 prefix, collect_mode_to_string(u->collect_mode),
1127 prefix, strna(unit_slice_name(u)),
1128 prefix, strna(u->cgroup_path),
1129 prefix, yes_no(u->cgroup_realized));
1130
1131 if (u->cgroup_realized_mask != 0) {
1132 _cleanup_free_ char *s = NULL;
1133 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1134 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1135 }
1136 if (u->cgroup_enabled_mask != 0) {
1137 _cleanup_free_ char *s = NULL;
1138 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1139 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1140 }
1141 m = unit_get_own_mask(u);
1142 if (m != 0) {
1143 _cleanup_free_ char *s = NULL;
1144 (void) cg_mask_to_string(m, &s);
1145 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1146 }
1147 m = unit_get_members_mask(u);
1148 if (m != 0) {
1149 _cleanup_free_ char *s = NULL;
1150 (void) cg_mask_to_string(m, &s);
1151 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1152 }
1153
1154 SET_FOREACH(t, u->names, i)
1155 fprintf(f, "%s\tName: %s\n", prefix, t);
1156
1157 if (!sd_id128_is_null(u->invocation_id))
1158 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1159 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1160
1161 STRV_FOREACH(j, u->documentation)
1162 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1163
1164 following = unit_following(u);
1165 if (following)
1166 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1167
1168 r = unit_following_set(u, &following_set);
1169 if (r >= 0) {
1170 Unit *other;
1171
1172 SET_FOREACH(other, following_set, i)
1173 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1174 }
1175
1176 if (u->fragment_path)
1177 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1178
1179 if (u->source_path)
1180 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1181
1182 STRV_FOREACH(j, u->dropin_paths)
1183 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1184
1185 if (u->failure_action != EMERGENCY_ACTION_NONE)
1186 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1187 if (u->success_action != EMERGENCY_ACTION_NONE)
1188 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1189
1190 if (u->job_timeout != USEC_INFINITY)
1191 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1192
1193 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1194 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1195
1196 if (u->job_timeout_reboot_arg)
1197 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1198
1199 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1200 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1201
1202 if (dual_timestamp_is_set(&u->condition_timestamp))
1203 fprintf(f,
1204 "%s\tCondition Timestamp: %s\n"
1205 "%s\tCondition Result: %s\n",
1206 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1207 prefix, yes_no(u->condition_result));
1208
1209 if (dual_timestamp_is_set(&u->assert_timestamp))
1210 fprintf(f,
1211 "%s\tAssert Timestamp: %s\n"
1212 "%s\tAssert Result: %s\n",
1213 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1214 prefix, yes_no(u->assert_result));
1215
1216 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1217 UnitDependencyInfo di;
1218 Unit *other;
1219
1220 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1221 bool space = false;
1222
1223 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1224
1225 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1226 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1227
1228 fputs(")\n", f);
1229 }
1230 }
1231
1232 if (!hashmap_isempty(u->requires_mounts_for)) {
1233 UnitDependencyInfo di;
1234 const char *path;
1235
1236 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1237 bool space = false;
1238
1239 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1240
1241 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1242 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1243
1244 fputs(")\n", f);
1245 }
1246 }
1247
1248 if (u->load_state == UNIT_LOADED) {
1249
1250 fprintf(f,
1251 "%s\tStopWhenUnneeded: %s\n"
1252 "%s\tRefuseManualStart: %s\n"
1253 "%s\tRefuseManualStop: %s\n"
1254 "%s\tDefaultDependencies: %s\n"
1255 "%s\tOnFailureJobMode: %s\n"
1256 "%s\tIgnoreOnIsolate: %s\n",
1257 prefix, yes_no(u->stop_when_unneeded),
1258 prefix, yes_no(u->refuse_manual_start),
1259 prefix, yes_no(u->refuse_manual_stop),
1260 prefix, yes_no(u->default_dependencies),
1261 prefix, job_mode_to_string(u->on_failure_job_mode),
1262 prefix, yes_no(u->ignore_on_isolate));
1263
1264 if (UNIT_VTABLE(u)->dump)
1265 UNIT_VTABLE(u)->dump(u, f, prefix2);
1266
1267 } else if (u->load_state == UNIT_MERGED)
1268 fprintf(f,
1269 "%s\tMerged into: %s\n",
1270 prefix, u->merged_into->id);
1271 else if (u->load_state == UNIT_ERROR)
1272 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1273
1274 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1275 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1276
1277 if (u->job)
1278 job_dump(u->job, f, prefix2);
1279
1280 if (u->nop_job)
1281 job_dump(u->nop_job, f, prefix2);
1282 }
1283
1284 /* Common implementation for multiple backends */
1285 int unit_load_fragment_and_dropin(Unit *u) {
1286 int r;
1287
1288 assert(u);
1289
1290 /* Load a .{service,socket,...} file */
1291 r = unit_load_fragment(u);
1292 if (r < 0)
1293 return r;
1294
1295 if (u->load_state == UNIT_STUB)
1296 return -ENOENT;
1297
1298 /* Load drop-in directory data. If u is an alias, we might be reloading the
1299 * target unit needlessly. But we cannot be sure which drops-ins have already
1300 * been loaded and which not, at least without doing complicated book-keeping,
1301 * so let's always reread all drop-ins. */
1302 return unit_load_dropin(unit_follow_merge(u));
1303 }
1304
1305 /* Common implementation for multiple backends */
1306 int unit_load_fragment_and_dropin_optional(Unit *u) {
1307 int r;
1308
1309 assert(u);
1310
1311 /* Same as unit_load_fragment_and_dropin(), but whether
1312 * something can be loaded or not doesn't matter. */
1313
1314 /* Load a .service/.socket/.slice/… file */
1315 r = unit_load_fragment(u);
1316 if (r < 0)
1317 return r;
1318
1319 if (u->load_state == UNIT_STUB)
1320 u->load_state = UNIT_LOADED;
1321
1322 /* Load drop-in directory data */
1323 return unit_load_dropin(unit_follow_merge(u));
1324 }
1325
1326 void unit_add_to_target_deps_queue(Unit *u) {
1327 Manager *m = u->manager;
1328
1329 assert(u);
1330
1331 if (u->in_target_deps_queue)
1332 return;
1333
1334 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1335 u->in_target_deps_queue = true;
1336 }
1337
1338 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1339 assert(u);
1340 assert(target);
1341
1342 if (target->type != UNIT_TARGET)
1343 return 0;
1344
1345 /* Only add the dependency if both units are loaded, so that
1346 * that loop check below is reliable */
1347 if (u->load_state != UNIT_LOADED ||
1348 target->load_state != UNIT_LOADED)
1349 return 0;
1350
1351 /* If either side wants no automatic dependencies, then let's
1352 * skip this */
1353 if (!u->default_dependencies ||
1354 !target->default_dependencies)
1355 return 0;
1356
1357 /* Don't create loops */
1358 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1359 return 0;
1360
1361 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1362 }
1363
1364 static int unit_add_slice_dependencies(Unit *u) {
1365 UnitDependencyMask mask;
1366 assert(u);
1367
1368 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1369 return 0;
1370
1371 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1372 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1373 relationship). */
1374 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1375
1376 if (UNIT_ISSET(u->slice))
1377 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1378
1379 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1380 return 0;
1381
1382 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1383 }
1384
1385 static int unit_add_mount_dependencies(Unit *u) {
1386 UnitDependencyInfo di;
1387 const char *path;
1388 Iterator i;
1389 int r;
1390
1391 assert(u);
1392
1393 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1394 char prefix[strlen(path) + 1];
1395
1396 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1397 _cleanup_free_ char *p = NULL;
1398 Unit *m;
1399
1400 r = unit_name_from_path(prefix, ".mount", &p);
1401 if (r < 0)
1402 return r;
1403
1404 m = manager_get_unit(u->manager, p);
1405 if (!m) {
1406 /* Make sure to load the mount unit if
1407 * it exists. If so the dependencies
1408 * on this unit will be added later
1409 * during the loading of the mount
1410 * unit. */
1411 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1412 continue;
1413 }
1414 if (m == u)
1415 continue;
1416
1417 if (m->load_state != UNIT_LOADED)
1418 continue;
1419
1420 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1421 if (r < 0)
1422 return r;
1423
1424 if (m->fragment_path) {
1425 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1426 if (r < 0)
1427 return r;
1428 }
1429 }
1430 }
1431
1432 return 0;
1433 }
1434
1435 static int unit_add_startup_units(Unit *u) {
1436 CGroupContext *c;
1437 int r;
1438
1439 c = unit_get_cgroup_context(u);
1440 if (!c)
1441 return 0;
1442
1443 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1444 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1445 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1446 return 0;
1447
1448 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1449 if (r < 0)
1450 return r;
1451
1452 return set_put(u->manager->startup_units, u);
1453 }
1454
1455 int unit_load(Unit *u) {
1456 int r;
1457
1458 assert(u);
1459
1460 if (u->in_load_queue) {
1461 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1462 u->in_load_queue = false;
1463 }
1464
1465 if (u->type == _UNIT_TYPE_INVALID)
1466 return -EINVAL;
1467
1468 if (u->load_state != UNIT_STUB)
1469 return 0;
1470
1471 if (u->transient_file) {
1472 r = fflush_and_check(u->transient_file);
1473 if (r < 0)
1474 goto fail;
1475
1476 u->transient_file = safe_fclose(u->transient_file);
1477 u->fragment_mtime = now(CLOCK_REALTIME);
1478 }
1479
1480 if (UNIT_VTABLE(u)->load) {
1481 r = UNIT_VTABLE(u)->load(u);
1482 if (r < 0)
1483 goto fail;
1484 }
1485
1486 if (u->load_state == UNIT_STUB) {
1487 r = -ENOENT;
1488 goto fail;
1489 }
1490
1491 if (u->load_state == UNIT_LOADED) {
1492 unit_add_to_target_deps_queue(u);
1493
1494 r = unit_add_slice_dependencies(u);
1495 if (r < 0)
1496 goto fail;
1497
1498 r = unit_add_mount_dependencies(u);
1499 if (r < 0)
1500 goto fail;
1501
1502 r = unit_add_startup_units(u);
1503 if (r < 0)
1504 goto fail;
1505
1506 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1507 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1508 r = -ENOEXEC;
1509 goto fail;
1510 }
1511
1512 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1513 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1514
1515 unit_update_cgroup_members_masks(u);
1516 }
1517
1518 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1519
1520 unit_add_to_dbus_queue(unit_follow_merge(u));
1521 unit_add_to_gc_queue(u);
1522
1523 return 0;
1524
1525 fail:
1526 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1527 * return ENOEXEC to ensure units are placed in this state after loading */
1528
1529 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1530 r == -ENOEXEC ? UNIT_BAD_SETTING :
1531 UNIT_ERROR;
1532 u->load_error = r;
1533
1534 unit_add_to_dbus_queue(u);
1535 unit_add_to_gc_queue(u);
1536
1537 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1538 }
1539
1540 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1541 Condition *c;
1542 int triggered = -1;
1543
1544 assert(u);
1545 assert(to_string);
1546
1547 /* If the condition list is empty, then it is true */
1548 if (!first)
1549 return true;
1550
1551 /* Otherwise, if all of the non-trigger conditions apply and
1552 * if any of the trigger conditions apply (unless there are
1553 * none) we return true */
1554 LIST_FOREACH(conditions, c, first) {
1555 int r;
1556
1557 r = condition_test(c);
1558 if (r < 0)
1559 log_unit_warning(u,
1560 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1561 to_string(c->type),
1562 c->trigger ? "|" : "",
1563 c->negate ? "!" : "",
1564 c->parameter);
1565 else
1566 log_unit_debug(u,
1567 "%s=%s%s%s %s.",
1568 to_string(c->type),
1569 c->trigger ? "|" : "",
1570 c->negate ? "!" : "",
1571 c->parameter,
1572 condition_result_to_string(c->result));
1573
1574 if (!c->trigger && r <= 0)
1575 return false;
1576
1577 if (c->trigger && triggered <= 0)
1578 triggered = r > 0;
1579 }
1580
1581 return triggered != 0;
1582 }
1583
1584 static bool unit_condition_test(Unit *u) {
1585 assert(u);
1586
1587 dual_timestamp_get(&u->condition_timestamp);
1588 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1589
1590 return u->condition_result;
1591 }
1592
1593 static bool unit_assert_test(Unit *u) {
1594 assert(u);
1595
1596 dual_timestamp_get(&u->assert_timestamp);
1597 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1598
1599 return u->assert_result;
1600 }
1601
1602 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1603 DISABLE_WARNING_FORMAT_NONLITERAL;
1604 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1605 REENABLE_WARNING;
1606 }
1607
1608 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1609 const char *format;
1610 const UnitStatusMessageFormats *format_table;
1611
1612 assert(u);
1613 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1614
1615 if (t != JOB_RELOAD) {
1616 format_table = &UNIT_VTABLE(u)->status_message_formats;
1617 if (format_table) {
1618 format = format_table->starting_stopping[t == JOB_STOP];
1619 if (format)
1620 return format;
1621 }
1622 }
1623
1624 /* Return generic strings */
1625 if (t == JOB_START)
1626 return "Starting %s.";
1627 else if (t == JOB_STOP)
1628 return "Stopping %s.";
1629 else
1630 return "Reloading %s.";
1631 }
1632
1633 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1634 const char *format;
1635
1636 assert(u);
1637
1638 /* Reload status messages have traditionally not been printed to console. */
1639 if (!IN_SET(t, JOB_START, JOB_STOP))
1640 return;
1641
1642 format = unit_get_status_message_format(u, t);
1643
1644 DISABLE_WARNING_FORMAT_NONLITERAL;
1645 unit_status_printf(u, "", format);
1646 REENABLE_WARNING;
1647 }
1648
1649 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1650 const char *format, *mid;
1651 char buf[LINE_MAX];
1652
1653 assert(u);
1654
1655 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1656 return;
1657
1658 if (log_on_console())
1659 return;
1660
1661 /* We log status messages for all units and all operations. */
1662
1663 format = unit_get_status_message_format(u, t);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1667 REENABLE_WARNING;
1668
1669 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1670 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1671 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1672
1673 /* Note that we deliberately use LOG_MESSAGE() instead of
1674 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1675 * closely what is written to screen using the status output,
1676 * which is supposed the highest level, friendliest output
1677 * possible, which means we should avoid the low-level unit
1678 * name. */
1679 log_struct(LOG_INFO,
1680 LOG_MESSAGE("%s", buf),
1681 LOG_UNIT_ID(u),
1682 LOG_UNIT_INVOCATION_ID(u),
1683 mid);
1684 }
1685
1686 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1687 assert(u);
1688 assert(t >= 0);
1689 assert(t < _JOB_TYPE_MAX);
1690
1691 unit_status_log_starting_stopping_reloading(u, t);
1692 unit_status_print_starting_stopping(u, t);
1693 }
1694
1695 int unit_start_limit_test(Unit *u) {
1696 assert(u);
1697
1698 if (ratelimit_below(&u->start_limit)) {
1699 u->start_limit_hit = false;
1700 return 0;
1701 }
1702
1703 log_unit_warning(u, "Start request repeated too quickly.");
1704 u->start_limit_hit = true;
1705
1706 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1707 }
1708
1709 bool unit_shall_confirm_spawn(Unit *u) {
1710 assert(u);
1711
1712 if (manager_is_confirm_spawn_disabled(u->manager))
1713 return false;
1714
1715 /* For some reasons units remaining in the same process group
1716 * as PID 1 fail to acquire the console even if it's not used
1717 * by any process. So skip the confirmation question for them. */
1718 return !unit_get_exec_context(u)->same_pgrp;
1719 }
1720
1721 static bool unit_verify_deps(Unit *u) {
1722 Unit *other;
1723 Iterator j;
1724 void *v;
1725
1726 assert(u);
1727
1728 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1729 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1730 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1731 * conjunction with After= as for them any such check would make things entirely racy. */
1732
1733 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1734
1735 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1736 continue;
1737
1738 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1739 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1740 return false;
1741 }
1742 }
1743
1744 return true;
1745 }
1746
1747 /* Errors:
1748 * -EBADR: This unit type does not support starting.
1749 * -EALREADY: Unit is already started.
1750 * -EAGAIN: An operation is already in progress. Retry later.
1751 * -ECANCELED: Too many requests for now.
1752 * -EPROTO: Assert failed
1753 * -EINVAL: Unit not loaded
1754 * -EOPNOTSUPP: Unit type not supported
1755 * -ENOLINK: The necessary dependencies are not fulfilled.
1756 * -ESTALE: This unit has been started before and can't be started a second time
1757 */
1758 int unit_start(Unit *u) {
1759 UnitActiveState state;
1760 Unit *following;
1761
1762 assert(u);
1763
1764 /* If this is already started, then this will succeed. Note
1765 * that this will even succeed if this unit is not startable
1766 * by the user. This is relied on to detect when we need to
1767 * wait for units and when waiting is finished. */
1768 state = unit_active_state(u);
1769 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1770 return -EALREADY;
1771
1772 /* Units that aren't loaded cannot be started */
1773 if (u->load_state != UNIT_LOADED)
1774 return -EINVAL;
1775
1776 /* Refuse starting scope units more than once */
1777 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1778 return -ESTALE;
1779
1780 /* If the conditions failed, don't do anything at all. If we
1781 * already are activating this call might still be useful to
1782 * speed up activation in case there is some hold-off time,
1783 * but we don't want to recheck the condition in that case. */
1784 if (state != UNIT_ACTIVATING &&
1785 !unit_condition_test(u)) {
1786 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1787 return -EALREADY;
1788 }
1789
1790 /* If the asserts failed, fail the entire job */
1791 if (state != UNIT_ACTIVATING &&
1792 !unit_assert_test(u)) {
1793 log_unit_notice(u, "Starting requested but asserts failed.");
1794 return -EPROTO;
1795 }
1796
1797 /* Units of types that aren't supported cannot be
1798 * started. Note that we do this test only after the condition
1799 * checks, so that we rather return condition check errors
1800 * (which are usually not considered a true failure) than "not
1801 * supported" errors (which are considered a failure).
1802 */
1803 if (!unit_supported(u))
1804 return -EOPNOTSUPP;
1805
1806 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1807 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1808 * effect anymore, due to a reload or due to a failed condition. */
1809 if (!unit_verify_deps(u))
1810 return -ENOLINK;
1811
1812 /* Forward to the main object, if we aren't it. */
1813 following = unit_following(u);
1814 if (following) {
1815 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1816 return unit_start(following);
1817 }
1818
1819 /* If it is stopped, but we cannot start it, then fail */
1820 if (!UNIT_VTABLE(u)->start)
1821 return -EBADR;
1822
1823 /* We don't suppress calls to ->start() here when we are
1824 * already starting, to allow this request to be used as a
1825 * "hurry up" call, for example when the unit is in some "auto
1826 * restart" state where it waits for a holdoff timer to elapse
1827 * before it will start again. */
1828
1829 unit_add_to_dbus_queue(u);
1830
1831 return UNIT_VTABLE(u)->start(u);
1832 }
1833
1834 bool unit_can_start(Unit *u) {
1835 assert(u);
1836
1837 if (u->load_state != UNIT_LOADED)
1838 return false;
1839
1840 if (!unit_supported(u))
1841 return false;
1842
1843 /* Scope units may be started only once */
1844 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1845 return false;
1846
1847 return !!UNIT_VTABLE(u)->start;
1848 }
1849
1850 bool unit_can_isolate(Unit *u) {
1851 assert(u);
1852
1853 return unit_can_start(u) &&
1854 u->allow_isolate;
1855 }
1856
1857 /* Errors:
1858 * -EBADR: This unit type does not support stopping.
1859 * -EALREADY: Unit is already stopped.
1860 * -EAGAIN: An operation is already in progress. Retry later.
1861 */
1862 int unit_stop(Unit *u) {
1863 UnitActiveState state;
1864 Unit *following;
1865
1866 assert(u);
1867
1868 state = unit_active_state(u);
1869 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1870 return -EALREADY;
1871
1872 following = unit_following(u);
1873 if (following) {
1874 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1875 return unit_stop(following);
1876 }
1877
1878 if (!UNIT_VTABLE(u)->stop)
1879 return -EBADR;
1880
1881 unit_add_to_dbus_queue(u);
1882
1883 return UNIT_VTABLE(u)->stop(u);
1884 }
1885
1886 bool unit_can_stop(Unit *u) {
1887 assert(u);
1888
1889 if (!unit_supported(u))
1890 return false;
1891
1892 if (u->perpetual)
1893 return false;
1894
1895 return !!UNIT_VTABLE(u)->stop;
1896 }
1897
1898 /* Errors:
1899 * -EBADR: This unit type does not support reloading.
1900 * -ENOEXEC: Unit is not started.
1901 * -EAGAIN: An operation is already in progress. Retry later.
1902 */
1903 int unit_reload(Unit *u) {
1904 UnitActiveState state;
1905 Unit *following;
1906
1907 assert(u);
1908
1909 if (u->load_state != UNIT_LOADED)
1910 return -EINVAL;
1911
1912 if (!unit_can_reload(u))
1913 return -EBADR;
1914
1915 state = unit_active_state(u);
1916 if (state == UNIT_RELOADING)
1917 return -EALREADY;
1918
1919 if (state != UNIT_ACTIVE) {
1920 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1921 return -ENOEXEC;
1922 }
1923
1924 following = unit_following(u);
1925 if (following) {
1926 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1927 return unit_reload(following);
1928 }
1929
1930 unit_add_to_dbus_queue(u);
1931
1932 if (!UNIT_VTABLE(u)->reload) {
1933 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1934 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1935 return 0;
1936 }
1937
1938 return UNIT_VTABLE(u)->reload(u);
1939 }
1940
1941 bool unit_can_reload(Unit *u) {
1942 assert(u);
1943
1944 if (UNIT_VTABLE(u)->can_reload)
1945 return UNIT_VTABLE(u)->can_reload(u);
1946
1947 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1948 return true;
1949
1950 return UNIT_VTABLE(u)->reload;
1951 }
1952
1953 static void unit_check_unneeded(Unit *u) {
1954
1955 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1956
1957 static const UnitDependency needed_dependencies[] = {
1958 UNIT_REQUIRED_BY,
1959 UNIT_REQUISITE_OF,
1960 UNIT_WANTED_BY,
1961 UNIT_BOUND_BY,
1962 };
1963
1964 unsigned j;
1965 int r;
1966
1967 assert(u);
1968
1969 /* If this service shall be shut down when unneeded then do
1970 * so. */
1971
1972 if (!u->stop_when_unneeded)
1973 return;
1974
1975 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1976 return;
1977
1978 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1979 Unit *other;
1980 Iterator i;
1981 void *v;
1982
1983 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1984 if (unit_active_or_pending(other) || unit_will_restart(other))
1985 return;
1986 }
1987
1988 /* If stopping a unit fails continuously we might enter a stop
1989 * loop here, hence stop acting on the service being
1990 * unnecessary after a while. */
1991 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1992 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1993 return;
1994 }
1995
1996 log_unit_info(u, "Unit not needed anymore. Stopping.");
1997
1998 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
1999 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2000 if (r < 0)
2001 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2002 }
2003
2004 static void unit_check_binds_to(Unit *u) {
2005 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2006 bool stop = false;
2007 Unit *other;
2008 Iterator i;
2009 void *v;
2010 int r;
2011
2012 assert(u);
2013
2014 if (u->job)
2015 return;
2016
2017 if (unit_active_state(u) != UNIT_ACTIVE)
2018 return;
2019
2020 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2021 if (other->job)
2022 continue;
2023
2024 if (!other->coldplugged)
2025 /* We might yet create a job for the other unit… */
2026 continue;
2027
2028 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2029 continue;
2030
2031 stop = true;
2032 break;
2033 }
2034
2035 if (!stop)
2036 return;
2037
2038 /* If stopping a unit fails continuously we might enter a stop
2039 * loop here, hence stop acting on the service being
2040 * unnecessary after a while. */
2041 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2042 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2043 return;
2044 }
2045
2046 assert(other);
2047 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2048
2049 /* A unit we need to run is gone. Sniff. Let's stop this. */
2050 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2051 if (r < 0)
2052 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2053 }
2054
2055 static void retroactively_start_dependencies(Unit *u) {
2056 Iterator i;
2057 Unit *other;
2058 void *v;
2059
2060 assert(u);
2061 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2062
2063 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2064 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2065 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2066 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2067
2068 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2069 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2070 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2071 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2072
2073 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2074 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2075 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2076 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2077
2078 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2079 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2080 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2081
2082 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2083 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2084 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2085 }
2086
2087 static void retroactively_stop_dependencies(Unit *u) {
2088 Unit *other;
2089 Iterator i;
2090 void *v;
2091
2092 assert(u);
2093 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2094
2095 /* Pull down units which are bound to us recursively if enabled */
2096 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2097 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2098 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2099 }
2100
2101 static void check_unneeded_dependencies(Unit *u) {
2102 Unit *other;
2103 Iterator i;
2104 void *v;
2105
2106 assert(u);
2107 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2108
2109 /* Garbage collect services that might not be needed anymore, if enabled */
2110 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2111 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2112 unit_check_unneeded(other);
2113 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2114 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2115 unit_check_unneeded(other);
2116 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2117 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2118 unit_check_unneeded(other);
2119 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2120 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2121 unit_check_unneeded(other);
2122 }
2123
2124 void unit_start_on_failure(Unit *u) {
2125 Unit *other;
2126 Iterator i;
2127 void *v;
2128 int r;
2129
2130 assert(u);
2131
2132 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2133 return;
2134
2135 log_unit_info(u, "Triggering OnFailure= dependencies.");
2136
2137 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2138 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2139
2140 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2141 if (r < 0)
2142 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2143 }
2144 }
2145
2146 void unit_trigger_notify(Unit *u) {
2147 Unit *other;
2148 Iterator i;
2149 void *v;
2150
2151 assert(u);
2152
2153 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2154 if (UNIT_VTABLE(other)->trigger_notify)
2155 UNIT_VTABLE(other)->trigger_notify(other, u);
2156 }
2157
2158 static int unit_log_resources(Unit *u) {
2159
2160 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2161 size_t n_message_parts = 0, n_iovec = 0;
2162 char* message_parts[3 + 1], *t;
2163 nsec_t nsec = NSEC_INFINITY;
2164 CGroupIPAccountingMetric m;
2165 size_t i;
2166 int r;
2167 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2168 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2169 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2170 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2171 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2172 };
2173
2174 assert(u);
2175
2176 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2177 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2178 * information and the complete data in structured fields. */
2179
2180 (void) unit_get_cpu_usage(u, &nsec);
2181 if (nsec != NSEC_INFINITY) {
2182 char buf[FORMAT_TIMESPAN_MAX] = "";
2183
2184 /* Format the CPU time for inclusion in the structured log message */
2185 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2186 r = log_oom();
2187 goto finish;
2188 }
2189 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2190
2191 /* Format the CPU time for inclusion in the human language message string */
2192 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2193 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2194 if (!t) {
2195 r = log_oom();
2196 goto finish;
2197 }
2198
2199 message_parts[n_message_parts++] = t;
2200 }
2201
2202 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2203 char buf[FORMAT_BYTES_MAX] = "";
2204 uint64_t value = UINT64_MAX;
2205
2206 assert(ip_fields[m]);
2207
2208 (void) unit_get_ip_accounting(u, m, &value);
2209 if (value == UINT64_MAX)
2210 continue;
2211
2212 /* Format IP accounting data for inclusion in the structured log message */
2213 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2214 r = log_oom();
2215 goto finish;
2216 }
2217 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2218
2219 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2220 * bytes counters (and not for the packets counters) */
2221 if (m == CGROUP_IP_INGRESS_BYTES)
2222 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2223 format_bytes(buf, sizeof(buf), value),
2224 " IP traffic");
2225 else if (m == CGROUP_IP_EGRESS_BYTES)
2226 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2227 format_bytes(buf, sizeof(buf), value),
2228 " IP traffic");
2229 else
2230 continue;
2231 if (!t) {
2232 r = log_oom();
2233 goto finish;
2234 }
2235
2236 message_parts[n_message_parts++] = t;
2237 }
2238
2239 /* Is there any accounting data available at all? */
2240 if (n_iovec == 0) {
2241 r = 0;
2242 goto finish;
2243 }
2244
2245 if (n_message_parts == 0)
2246 t = strjoina("MESSAGE=", u->id, ": Completed");
2247 else {
2248 _cleanup_free_ char *joined;
2249
2250 message_parts[n_message_parts] = NULL;
2251
2252 joined = strv_join(message_parts, ", ");
2253 if (!joined) {
2254 r = log_oom();
2255 goto finish;
2256 }
2257
2258 t = strjoina("MESSAGE=", u->id, ": ", joined);
2259 }
2260
2261 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2262 * and hence don't increase n_iovec for them */
2263 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2264 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2265
2266 t = strjoina(u->manager->unit_log_field, u->id);
2267 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2268
2269 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2270 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2271
2272 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2273 r = 0;
2274
2275 finish:
2276 for (i = 0; i < n_message_parts; i++)
2277 free(message_parts[i]);
2278
2279 for (i = 0; i < n_iovec; i++)
2280 free(iovec[i].iov_base);
2281
2282 return r;
2283
2284 }
2285
2286 static void unit_update_on_console(Unit *u) {
2287 bool b;
2288
2289 assert(u);
2290
2291 b = unit_needs_console(u);
2292 if (u->on_console == b)
2293 return;
2294
2295 u->on_console = b;
2296 if (b)
2297 manager_ref_console(u->manager);
2298 else
2299 manager_unref_console(u->manager);
2300 }
2301
2302 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2303 bool unexpected;
2304 Manager *m;
2305
2306 assert(u);
2307 assert(os < _UNIT_ACTIVE_STATE_MAX);
2308 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2309
2310 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2311 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2312 * remounted this function will be called too! */
2313
2314 m = u->manager;
2315
2316 /* Update timestamps for state changes */
2317 if (!MANAGER_IS_RELOADING(m)) {
2318 dual_timestamp_get(&u->state_change_timestamp);
2319
2320 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2321 u->inactive_exit_timestamp = u->state_change_timestamp;
2322 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2323 u->inactive_enter_timestamp = u->state_change_timestamp;
2324
2325 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2326 u->active_enter_timestamp = u->state_change_timestamp;
2327 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2328 u->active_exit_timestamp = u->state_change_timestamp;
2329 }
2330
2331 /* Keep track of failed units */
2332 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2333
2334 /* Make sure the cgroup and state files are always removed when we become inactive */
2335 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2336 unit_prune_cgroup(u);
2337 unit_unlink_state_files(u);
2338 }
2339
2340 unit_update_on_console(u);
2341
2342 if (u->job) {
2343 unexpected = false;
2344
2345 if (u->job->state == JOB_WAITING)
2346
2347 /* So we reached a different state for this
2348 * job. Let's see if we can run it now if it
2349 * failed previously due to EAGAIN. */
2350 job_add_to_run_queue(u->job);
2351
2352 /* Let's check whether this state change constitutes a
2353 * finished job, or maybe contradicts a running job and
2354 * hence needs to invalidate jobs. */
2355
2356 switch (u->job->type) {
2357
2358 case JOB_START:
2359 case JOB_VERIFY_ACTIVE:
2360
2361 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2362 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2363 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2364 unexpected = true;
2365
2366 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2367 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2368 }
2369
2370 break;
2371
2372 case JOB_RELOAD:
2373 case JOB_RELOAD_OR_START:
2374 case JOB_TRY_RELOAD:
2375
2376 if (u->job->state == JOB_RUNNING) {
2377 if (ns == UNIT_ACTIVE)
2378 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2379 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2380 unexpected = true;
2381
2382 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2383 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2384 }
2385 }
2386
2387 break;
2388
2389 case JOB_STOP:
2390 case JOB_RESTART:
2391 case JOB_TRY_RESTART:
2392
2393 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2394 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2395 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2396 unexpected = true;
2397 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2398 }
2399
2400 break;
2401
2402 default:
2403 assert_not_reached("Job type unknown");
2404 }
2405
2406 } else
2407 unexpected = true;
2408
2409 if (!MANAGER_IS_RELOADING(m)) {
2410
2411 /* If this state change happened without being
2412 * requested by a job, then let's retroactively start
2413 * or stop dependencies. We skip that step when
2414 * deserializing, since we don't want to create any
2415 * additional jobs just because something is already
2416 * activated. */
2417
2418 if (unexpected) {
2419 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2420 retroactively_start_dependencies(u);
2421 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2422 retroactively_stop_dependencies(u);
2423 }
2424
2425 /* stop unneeded units regardless if going down was expected or not */
2426 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2427 check_unneeded_dependencies(u);
2428
2429 if (ns != os && ns == UNIT_FAILED) {
2430 log_unit_debug(u, "Unit entered failed state.");
2431
2432 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2433 unit_start_on_failure(u);
2434 }
2435 }
2436
2437 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2438
2439 if (u->type == UNIT_SERVICE &&
2440 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2441 !MANAGER_IS_RELOADING(m)) {
2442 /* Write audit record if we have just finished starting up */
2443 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2444 u->in_audit = true;
2445 }
2446
2447 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2448 manager_send_unit_plymouth(m, u);
2449
2450 } else {
2451
2452 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2453 !UNIT_IS_INACTIVE_OR_FAILED(os)
2454 && !MANAGER_IS_RELOADING(m)) {
2455
2456 /* This unit just stopped/failed. */
2457 if (u->type == UNIT_SERVICE) {
2458
2459 /* Hmm, if there was no start record written
2460 * write it now, so that we always have a nice
2461 * pair */
2462 if (!u->in_audit) {
2463 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2464
2465 if (ns == UNIT_INACTIVE)
2466 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2467 } else
2468 /* Write audit record if we have just finished shutting down */
2469 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2470
2471 u->in_audit = false;
2472 }
2473
2474 /* Write a log message about consumed resources */
2475 unit_log_resources(u);
2476 }
2477 }
2478
2479 manager_recheck_journal(m);
2480 manager_recheck_dbus(m);
2481
2482 unit_trigger_notify(u);
2483
2484 if (!MANAGER_IS_RELOADING(u->manager)) {
2485 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2486 unit_check_unneeded(u);
2487
2488 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2489 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2490 * without ever entering started.) */
2491 unit_check_binds_to(u);
2492
2493 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2494 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2495 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2496 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2497 }
2498
2499 unit_add_to_dbus_queue(u);
2500 unit_add_to_gc_queue(u);
2501 }
2502
2503 int unit_watch_pid(Unit *u, pid_t pid) {
2504 int r;
2505
2506 assert(u);
2507 assert(pid_is_valid(pid));
2508
2509 /* Watch a specific PID */
2510
2511 r = set_ensure_allocated(&u->pids, NULL);
2512 if (r < 0)
2513 return r;
2514
2515 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2516 if (r < 0)
2517 return r;
2518
2519 /* First try, let's add the unit keyed by "pid". */
2520 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2521 if (r == -EEXIST) {
2522 Unit **array;
2523 bool found = false;
2524 size_t n = 0;
2525
2526 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2527 * to an array of Units rather than just a Unit), lists us already. */
2528
2529 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2530 if (array)
2531 for (; array[n]; n++)
2532 if (array[n] == u)
2533 found = true;
2534
2535 if (found) /* Found it already? if so, do nothing */
2536 r = 0;
2537 else {
2538 Unit **new_array;
2539
2540 /* Allocate a new array */
2541 new_array = new(Unit*, n + 2);
2542 if (!new_array)
2543 return -ENOMEM;
2544
2545 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2546 new_array[n] = u;
2547 new_array[n+1] = NULL;
2548
2549 /* Add or replace the old array */
2550 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2551 if (r < 0) {
2552 free(new_array);
2553 return r;
2554 }
2555
2556 free(array);
2557 }
2558 } else if (r < 0)
2559 return r;
2560
2561 r = set_put(u->pids, PID_TO_PTR(pid));
2562 if (r < 0)
2563 return r;
2564
2565 return 0;
2566 }
2567
2568 void unit_unwatch_pid(Unit *u, pid_t pid) {
2569 Unit **array;
2570
2571 assert(u);
2572 assert(pid_is_valid(pid));
2573
2574 /* First let's drop the unit in case it's keyed as "pid". */
2575 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2576
2577 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2578 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2579 if (array) {
2580 size_t n, m = 0;
2581
2582 /* Let's iterate through the array, dropping our own entry */
2583 for (n = 0; array[n]; n++)
2584 if (array[n] != u)
2585 array[m++] = array[n];
2586 array[m] = NULL;
2587
2588 if (m == 0) {
2589 /* The array is now empty, remove the entire entry */
2590 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2591 free(array);
2592 }
2593 }
2594
2595 (void) set_remove(u->pids, PID_TO_PTR(pid));
2596 }
2597
2598 void unit_unwatch_all_pids(Unit *u) {
2599 assert(u);
2600
2601 while (!set_isempty(u->pids))
2602 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2603
2604 u->pids = set_free(u->pids);
2605 }
2606
2607 static void unit_tidy_watch_pids(Unit *u) {
2608 pid_t except1, except2;
2609 Iterator i;
2610 void *e;
2611
2612 assert(u);
2613
2614 /* Cleans dead PIDs from our list */
2615
2616 except1 = unit_main_pid(u);
2617 except2 = unit_control_pid(u);
2618
2619 SET_FOREACH(e, u->pids, i) {
2620 pid_t pid = PTR_TO_PID(e);
2621
2622 if (pid == except1 || pid == except2)
2623 continue;
2624
2625 if (!pid_is_unwaited(pid))
2626 unit_unwatch_pid(u, pid);
2627 }
2628 }
2629
2630 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2631 Unit *u = userdata;
2632
2633 assert(s);
2634 assert(u);
2635
2636 unit_tidy_watch_pids(u);
2637 unit_watch_all_pids(u);
2638
2639 /* If the PID set is empty now, then let's finish this off. */
2640 unit_synthesize_cgroup_empty_event(u);
2641
2642 return 0;
2643 }
2644
2645 int unit_enqueue_rewatch_pids(Unit *u) {
2646 int r;
2647
2648 assert(u);
2649
2650 if (!u->cgroup_path)
2651 return -ENOENT;
2652
2653 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2654 if (r < 0)
2655 return r;
2656 if (r > 0) /* On unified we can use proper notifications */
2657 return 0;
2658
2659 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2660 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2661 * involves issuing kill(pid, 0) on all processes we watch. */
2662
2663 if (!u->rewatch_pids_event_source) {
2664 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2665
2666 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2667 if (r < 0)
2668 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2669
2670 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2671 if (r < 0)
2672 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2673
2674 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2675
2676 u->rewatch_pids_event_source = TAKE_PTR(s);
2677 }
2678
2679 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2680 if (r < 0)
2681 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2682
2683 return 0;
2684 }
2685
2686 void unit_dequeue_rewatch_pids(Unit *u) {
2687 int r;
2688 assert(u);
2689
2690 if (!u->rewatch_pids_event_source)
2691 return;
2692
2693 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2694 if (r < 0)
2695 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2696
2697 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2698 }
2699
2700 bool unit_job_is_applicable(Unit *u, JobType j) {
2701 assert(u);
2702 assert(j >= 0 && j < _JOB_TYPE_MAX);
2703
2704 switch (j) {
2705
2706 case JOB_VERIFY_ACTIVE:
2707 case JOB_START:
2708 case JOB_NOP:
2709 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2710 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2711 * jobs for it. */
2712 return true;
2713
2714 case JOB_STOP:
2715 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2716 * external events), hence it makes no sense to permit enqueing such a request either. */
2717 return !u->perpetual;
2718
2719 case JOB_RESTART:
2720 case JOB_TRY_RESTART:
2721 return unit_can_stop(u) && unit_can_start(u);
2722
2723 case JOB_RELOAD:
2724 case JOB_TRY_RELOAD:
2725 return unit_can_reload(u);
2726
2727 case JOB_RELOAD_OR_START:
2728 return unit_can_reload(u) && unit_can_start(u);
2729
2730 default:
2731 assert_not_reached("Invalid job type");
2732 }
2733 }
2734
2735 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2736 assert(u);
2737
2738 /* Only warn about some unit types */
2739 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2740 return;
2741
2742 if (streq_ptr(u->id, other))
2743 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2744 else
2745 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2746 }
2747
2748 static int unit_add_dependency_hashmap(
2749 Hashmap **h,
2750 Unit *other,
2751 UnitDependencyMask origin_mask,
2752 UnitDependencyMask destination_mask) {
2753
2754 UnitDependencyInfo info;
2755 int r;
2756
2757 assert(h);
2758 assert(other);
2759 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2760 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2761 assert(origin_mask > 0 || destination_mask > 0);
2762
2763 r = hashmap_ensure_allocated(h, NULL);
2764 if (r < 0)
2765 return r;
2766
2767 assert_cc(sizeof(void*) == sizeof(info));
2768
2769 info.data = hashmap_get(*h, other);
2770 if (info.data) {
2771 /* Entry already exists. Add in our mask. */
2772
2773 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2774 FLAGS_SET(destination_mask, info.destination_mask))
2775 return 0; /* NOP */
2776
2777 info.origin_mask |= origin_mask;
2778 info.destination_mask |= destination_mask;
2779
2780 r = hashmap_update(*h, other, info.data);
2781 } else {
2782 info = (UnitDependencyInfo) {
2783 .origin_mask = origin_mask,
2784 .destination_mask = destination_mask,
2785 };
2786
2787 r = hashmap_put(*h, other, info.data);
2788 }
2789 if (r < 0)
2790 return r;
2791
2792 return 1;
2793 }
2794
2795 int unit_add_dependency(
2796 Unit *u,
2797 UnitDependency d,
2798 Unit *other,
2799 bool add_reference,
2800 UnitDependencyMask mask) {
2801
2802 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2803 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2804 [UNIT_WANTS] = UNIT_WANTED_BY,
2805 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2806 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2807 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2808 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2809 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2810 [UNIT_WANTED_BY] = UNIT_WANTS,
2811 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2812 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2813 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2814 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2815 [UNIT_BEFORE] = UNIT_AFTER,
2816 [UNIT_AFTER] = UNIT_BEFORE,
2817 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2818 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2819 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2820 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2821 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2822 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2823 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2824 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2825 };
2826 Unit *original_u = u, *original_other = other;
2827 int r;
2828
2829 assert(u);
2830 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2831 assert(other);
2832
2833 u = unit_follow_merge(u);
2834 other = unit_follow_merge(other);
2835
2836 /* We won't allow dependencies on ourselves. We will not
2837 * consider them an error however. */
2838 if (u == other) {
2839 maybe_warn_about_dependency(original_u, original_other->id, d);
2840 return 0;
2841 }
2842
2843 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2844 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2845 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2846 return 0;
2847 }
2848
2849 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2850 if (r < 0)
2851 return r;
2852
2853 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2854 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2855 if (r < 0)
2856 return r;
2857 }
2858
2859 if (add_reference) {
2860 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2861 if (r < 0)
2862 return r;
2863
2864 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2865 if (r < 0)
2866 return r;
2867 }
2868
2869 unit_add_to_dbus_queue(u);
2870 return 0;
2871 }
2872
2873 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2874 int r;
2875
2876 assert(u);
2877
2878 r = unit_add_dependency(u, d, other, add_reference, mask);
2879 if (r < 0)
2880 return r;
2881
2882 return unit_add_dependency(u, e, other, add_reference, mask);
2883 }
2884
2885 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2886 int r;
2887
2888 assert(u);
2889 assert(name || path);
2890 assert(buf);
2891 assert(ret);
2892
2893 if (!name)
2894 name = basename(path);
2895
2896 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2897 *buf = NULL;
2898 *ret = name;
2899 return 0;
2900 }
2901
2902 if (u->instance)
2903 r = unit_name_replace_instance(name, u->instance, buf);
2904 else {
2905 _cleanup_free_ char *i = NULL;
2906
2907 r = unit_name_to_prefix(u->id, &i);
2908 if (r < 0)
2909 return r;
2910
2911 r = unit_name_replace_instance(name, i, buf);
2912 }
2913 if (r < 0)
2914 return r;
2915
2916 *ret = *buf;
2917 return 0;
2918 }
2919
2920 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2921 _cleanup_free_ char *buf = NULL;
2922 Unit *other;
2923 int r;
2924
2925 assert(u);
2926 assert(name || path);
2927
2928 r = resolve_template(u, name, path, &buf, &name);
2929 if (r < 0)
2930 return r;
2931
2932 r = manager_load_unit(u->manager, name, path, NULL, &other);
2933 if (r < 0)
2934 return r;
2935
2936 return unit_add_dependency(u, d, other, add_reference, mask);
2937 }
2938
2939 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2940 _cleanup_free_ char *buf = NULL;
2941 Unit *other;
2942 int r;
2943
2944 assert(u);
2945 assert(name || path);
2946
2947 r = resolve_template(u, name, path, &buf, &name);
2948 if (r < 0)
2949 return r;
2950
2951 r = manager_load_unit(u->manager, name, path, NULL, &other);
2952 if (r < 0)
2953 return r;
2954
2955 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2956 }
2957
2958 int set_unit_path(const char *p) {
2959 /* This is mostly for debug purposes */
2960 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2961 return -errno;
2962
2963 return 0;
2964 }
2965
2966 char *unit_dbus_path(Unit *u) {
2967 assert(u);
2968
2969 if (!u->id)
2970 return NULL;
2971
2972 return unit_dbus_path_from_name(u->id);
2973 }
2974
2975 char *unit_dbus_path_invocation_id(Unit *u) {
2976 assert(u);
2977
2978 if (sd_id128_is_null(u->invocation_id))
2979 return NULL;
2980
2981 return unit_dbus_path_from_name(u->invocation_id_string);
2982 }
2983
2984 int unit_set_slice(Unit *u, Unit *slice) {
2985 assert(u);
2986 assert(slice);
2987
2988 /* Sets the unit slice if it has not been set before. Is extra
2989 * careful, to only allow this for units that actually have a
2990 * cgroup context. Also, we don't allow to set this for slices
2991 * (since the parent slice is derived from the name). Make
2992 * sure the unit we set is actually a slice. */
2993
2994 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2995 return -EOPNOTSUPP;
2996
2997 if (u->type == UNIT_SLICE)
2998 return -EINVAL;
2999
3000 if (unit_active_state(u) != UNIT_INACTIVE)
3001 return -EBUSY;
3002
3003 if (slice->type != UNIT_SLICE)
3004 return -EINVAL;
3005
3006 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3007 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3008 return -EPERM;
3009
3010 if (UNIT_DEREF(u->slice) == slice)
3011 return 0;
3012
3013 /* Disallow slice changes if @u is already bound to cgroups */
3014 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3015 return -EBUSY;
3016
3017 unit_ref_set(&u->slice, u, slice);
3018 return 1;
3019 }
3020
3021 int unit_set_default_slice(Unit *u) {
3022 _cleanup_free_ char *b = NULL;
3023 const char *slice_name;
3024 Unit *slice;
3025 int r;
3026
3027 assert(u);
3028
3029 if (UNIT_ISSET(u->slice))
3030 return 0;
3031
3032 if (u->instance) {
3033 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3034
3035 /* Implicitly place all instantiated units in their
3036 * own per-template slice */
3037
3038 r = unit_name_to_prefix(u->id, &prefix);
3039 if (r < 0)
3040 return r;
3041
3042 /* The prefix is already escaped, but it might include
3043 * "-" which has a special meaning for slice units,
3044 * hence escape it here extra. */
3045 escaped = unit_name_escape(prefix);
3046 if (!escaped)
3047 return -ENOMEM;
3048
3049 if (MANAGER_IS_SYSTEM(u->manager))
3050 b = strjoin("system-", escaped, ".slice");
3051 else
3052 b = strappend(escaped, ".slice");
3053 if (!b)
3054 return -ENOMEM;
3055
3056 slice_name = b;
3057 } else
3058 slice_name =
3059 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3060 ? SPECIAL_SYSTEM_SLICE
3061 : SPECIAL_ROOT_SLICE;
3062
3063 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3064 if (r < 0)
3065 return r;
3066
3067 return unit_set_slice(u, slice);
3068 }
3069
3070 const char *unit_slice_name(Unit *u) {
3071 assert(u);
3072
3073 if (!UNIT_ISSET(u->slice))
3074 return NULL;
3075
3076 return UNIT_DEREF(u->slice)->id;
3077 }
3078
3079 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3080 _cleanup_free_ char *t = NULL;
3081 int r;
3082
3083 assert(u);
3084 assert(type);
3085 assert(_found);
3086
3087 r = unit_name_change_suffix(u->id, type, &t);
3088 if (r < 0)
3089 return r;
3090 if (unit_has_name(u, t))
3091 return -EINVAL;
3092
3093 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3094 assert(r < 0 || *_found != u);
3095 return r;
3096 }
3097
3098 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3099 const char *name, *old_owner, *new_owner;
3100 Unit *u = userdata;
3101 int r;
3102
3103 assert(message);
3104 assert(u);
3105
3106 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3107 if (r < 0) {
3108 bus_log_parse_error(r);
3109 return 0;
3110 }
3111
3112 old_owner = empty_to_null(old_owner);
3113 new_owner = empty_to_null(new_owner);
3114
3115 if (UNIT_VTABLE(u)->bus_name_owner_change)
3116 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3117
3118 return 0;
3119 }
3120
3121 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3122 const char *match;
3123
3124 assert(u);
3125 assert(bus);
3126 assert(name);
3127
3128 if (u->match_bus_slot)
3129 return -EBUSY;
3130
3131 match = strjoina("type='signal',"
3132 "sender='org.freedesktop.DBus',"
3133 "path='/org/freedesktop/DBus',"
3134 "interface='org.freedesktop.DBus',"
3135 "member='NameOwnerChanged',"
3136 "arg0='", name, "'");
3137
3138 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3139 }
3140
3141 int unit_watch_bus_name(Unit *u, const char *name) {
3142 int r;
3143
3144 assert(u);
3145 assert(name);
3146
3147 /* Watch a specific name on the bus. We only support one unit
3148 * watching each name for now. */
3149
3150 if (u->manager->api_bus) {
3151 /* If the bus is already available, install the match directly.
3152 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3153 r = unit_install_bus_match(u, u->manager->api_bus, name);
3154 if (r < 0)
3155 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3156 }
3157
3158 r = hashmap_put(u->manager->watch_bus, name, u);
3159 if (r < 0) {
3160 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3161 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3162 }
3163
3164 return 0;
3165 }
3166
3167 void unit_unwatch_bus_name(Unit *u, const char *name) {
3168 assert(u);
3169 assert(name);
3170
3171 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3172 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3173 }
3174
3175 bool unit_can_serialize(Unit *u) {
3176 assert(u);
3177
3178 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3179 }
3180
3181 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3182 _cleanup_free_ char *s = NULL;
3183 int r = 0;
3184
3185 assert(f);
3186 assert(key);
3187
3188 if (mask != 0) {
3189 r = cg_mask_to_string(mask, &s);
3190 if (r >= 0) {
3191 fputs(key, f);
3192 fputc('=', f);
3193 fputs(s, f);
3194 fputc('\n', f);
3195 }
3196 }
3197 return r;
3198 }
3199
3200 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3201 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3202 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3203 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3204 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3205 };
3206
3207 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3208 CGroupIPAccountingMetric m;
3209 int r;
3210
3211 assert(u);
3212 assert(f);
3213 assert(fds);
3214
3215 if (unit_can_serialize(u)) {
3216 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3217 if (r < 0)
3218 return r;
3219 }
3220
3221 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3222
3223 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3224 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3225 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3226 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3227
3228 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3229 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3230
3231 if (dual_timestamp_is_set(&u->condition_timestamp))
3232 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3233
3234 if (dual_timestamp_is_set(&u->assert_timestamp))
3235 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3236
3237 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3238
3239 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3240 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3241 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3242
3243 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3244 if (u->cpu_usage_last != NSEC_INFINITY)
3245 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3246
3247 if (u->cgroup_path)
3248 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3249 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3250 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3251 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3252 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3253
3254 if (uid_is_valid(u->ref_uid))
3255 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3256 if (gid_is_valid(u->ref_gid))
3257 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3258
3259 if (!sd_id128_is_null(u->invocation_id))
3260 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3261
3262 bus_track_serialize(u->bus_track, f, "ref");
3263
3264 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3265 uint64_t v;
3266
3267 r = unit_get_ip_accounting(u, m, &v);
3268 if (r >= 0)
3269 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3270 }
3271
3272 if (serialize_jobs) {
3273 if (u->job) {
3274 fprintf(f, "job\n");
3275 job_serialize(u->job, f);
3276 }
3277
3278 if (u->nop_job) {
3279 fprintf(f, "job\n");
3280 job_serialize(u->nop_job, f);
3281 }
3282 }
3283
3284 /* End marker */
3285 fputc('\n', f);
3286 return 0;
3287 }
3288
3289 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3290 assert(u);
3291 assert(f);
3292 assert(key);
3293
3294 if (!value)
3295 return 0;
3296
3297 fputs(key, f);
3298 fputc('=', f);
3299 fputs(value, f);
3300 fputc('\n', f);
3301
3302 return 1;
3303 }
3304
3305 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3306 _cleanup_free_ char *c = NULL;
3307
3308 assert(u);
3309 assert(f);
3310 assert(key);
3311
3312 if (!value)
3313 return 0;
3314
3315 c = cescape(value);
3316 if (!c)
3317 return -ENOMEM;
3318
3319 fputs(key, f);
3320 fputc('=', f);
3321 fputs(c, f);
3322 fputc('\n', f);
3323
3324 return 1;
3325 }
3326
3327 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3328 int copy;
3329
3330 assert(u);
3331 assert(f);
3332 assert(key);
3333
3334 if (fd < 0)
3335 return 0;
3336
3337 copy = fdset_put_dup(fds, fd);
3338 if (copy < 0)
3339 return copy;
3340
3341 fprintf(f, "%s=%i\n", key, copy);
3342 return 1;
3343 }
3344
3345 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3346 va_list ap;
3347
3348 assert(u);
3349 assert(f);
3350 assert(key);
3351 assert(format);
3352
3353 fputs(key, f);
3354 fputc('=', f);
3355
3356 va_start(ap, format);
3357 vfprintf(f, format, ap);
3358 va_end(ap);
3359
3360 fputc('\n', f);
3361 }
3362
3363 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3364 int r;
3365
3366 assert(u);
3367 assert(f);
3368 assert(fds);
3369
3370 for (;;) {
3371 char line[LINE_MAX], *l, *v;
3372 CGroupIPAccountingMetric m;
3373 size_t k;
3374
3375 if (!fgets(line, sizeof(line), f)) {
3376 if (feof(f))
3377 return 0;
3378 return -errno;
3379 }
3380
3381 char_array_0(line);
3382 l = strstrip(line);
3383
3384 /* End marker */
3385 if (isempty(l))
3386 break;
3387
3388 k = strcspn(l, "=");
3389
3390 if (l[k] == '=') {
3391 l[k] = 0;
3392 v = l+k+1;
3393 } else
3394 v = l+k;
3395
3396 if (streq(l, "job")) {
3397 if (v[0] == '\0') {
3398 /* new-style serialized job */
3399 Job *j;
3400
3401 j = job_new_raw(u);
3402 if (!j)
3403 return log_oom();
3404
3405 r = job_deserialize(j, f);
3406 if (r < 0) {
3407 job_free(j);
3408 return r;
3409 }
3410
3411 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3412 if (r < 0) {
3413 job_free(j);
3414 return r;
3415 }
3416
3417 r = job_install_deserialized(j);
3418 if (r < 0) {
3419 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3420 job_free(j);
3421 return r;
3422 }
3423 } else /* legacy for pre-44 */
3424 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3425 continue;
3426 } else if (streq(l, "state-change-timestamp")) {
3427 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3428 continue;
3429 } else if (streq(l, "inactive-exit-timestamp")) {
3430 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3431 continue;
3432 } else if (streq(l, "active-enter-timestamp")) {
3433 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3434 continue;
3435 } else if (streq(l, "active-exit-timestamp")) {
3436 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3437 continue;
3438 } else if (streq(l, "inactive-enter-timestamp")) {
3439 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3440 continue;
3441 } else if (streq(l, "condition-timestamp")) {
3442 dual_timestamp_deserialize(v, &u->condition_timestamp);
3443 continue;
3444 } else if (streq(l, "assert-timestamp")) {
3445 dual_timestamp_deserialize(v, &u->assert_timestamp);
3446 continue;
3447 } else if (streq(l, "condition-result")) {
3448
3449 r = parse_boolean(v);
3450 if (r < 0)
3451 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3452 else
3453 u->condition_result = r;
3454
3455 continue;
3456
3457 } else if (streq(l, "assert-result")) {
3458
3459 r = parse_boolean(v);
3460 if (r < 0)
3461 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3462 else
3463 u->assert_result = r;
3464
3465 continue;
3466
3467 } else if (streq(l, "transient")) {
3468
3469 r = parse_boolean(v);
3470 if (r < 0)
3471 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3472 else
3473 u->transient = r;
3474
3475 continue;
3476
3477 } else if (streq(l, "exported-invocation-id")) {
3478
3479 r = parse_boolean(v);
3480 if (r < 0)
3481 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3482 else
3483 u->exported_invocation_id = r;
3484
3485 continue;
3486
3487 } else if (streq(l, "exported-log-level-max")) {
3488
3489 r = parse_boolean(v);
3490 if (r < 0)
3491 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3492 else
3493 u->exported_log_level_max = r;
3494
3495 continue;
3496
3497 } else if (streq(l, "exported-log-extra-fields")) {
3498
3499 r = parse_boolean(v);
3500 if (r < 0)
3501 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3502 else
3503 u->exported_log_extra_fields = r;
3504
3505 continue;
3506
3507 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3508
3509 r = safe_atou64(v, &u->cpu_usage_base);
3510 if (r < 0)
3511 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3512
3513 continue;
3514
3515 } else if (streq(l, "cpu-usage-last")) {
3516
3517 r = safe_atou64(v, &u->cpu_usage_last);
3518 if (r < 0)
3519 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3520
3521 continue;
3522
3523 } else if (streq(l, "cgroup")) {
3524
3525 r = unit_set_cgroup_path(u, v);
3526 if (r < 0)
3527 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3528
3529 (void) unit_watch_cgroup(u);
3530
3531 continue;
3532 } else if (streq(l, "cgroup-realized")) {
3533 int b;
3534
3535 b = parse_boolean(v);
3536 if (b < 0)
3537 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3538 else
3539 u->cgroup_realized = b;
3540
3541 continue;
3542
3543 } else if (streq(l, "cgroup-realized-mask")) {
3544
3545 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3546 if (r < 0)
3547 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3548 continue;
3549
3550 } else if (streq(l, "cgroup-enabled-mask")) {
3551
3552 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3553 if (r < 0)
3554 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3555 continue;
3556
3557 } else if (streq(l, "cgroup-bpf-realized")) {
3558 int i;
3559
3560 r = safe_atoi(v, &i);
3561 if (r < 0)
3562 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3563 else
3564 u->cgroup_bpf_state =
3565 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3566 i > 0 ? UNIT_CGROUP_BPF_ON :
3567 UNIT_CGROUP_BPF_OFF;
3568
3569 continue;
3570
3571 } else if (streq(l, "ref-uid")) {
3572 uid_t uid;
3573
3574 r = parse_uid(v, &uid);
3575 if (r < 0)
3576 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3577 else
3578 unit_ref_uid_gid(u, uid, GID_INVALID);
3579
3580 continue;
3581
3582 } else if (streq(l, "ref-gid")) {
3583 gid_t gid;
3584
3585 r = parse_gid(v, &gid);
3586 if (r < 0)
3587 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3588 else
3589 unit_ref_uid_gid(u, UID_INVALID, gid);
3590
3591 } else if (streq(l, "ref")) {
3592
3593 r = strv_extend(&u->deserialized_refs, v);
3594 if (r < 0)
3595 log_oom();
3596
3597 continue;
3598 } else if (streq(l, "invocation-id")) {
3599 sd_id128_t id;
3600
3601 r = sd_id128_from_string(v, &id);
3602 if (r < 0)
3603 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3604 else {
3605 r = unit_set_invocation_id(u, id);
3606 if (r < 0)
3607 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3608 }
3609
3610 continue;
3611 }
3612
3613 /* Check if this is an IP accounting metric serialization field */
3614 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3615 if (streq(l, ip_accounting_metric_field[m]))
3616 break;
3617 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3618 uint64_t c;
3619
3620 r = safe_atou64(v, &c);
3621 if (r < 0)
3622 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3623 else
3624 u->ip_accounting_extra[m] = c;
3625 continue;
3626 }
3627
3628 if (unit_can_serialize(u)) {
3629 r = exec_runtime_deserialize_compat(u, l, v, fds);
3630 if (r < 0) {
3631 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3632 continue;
3633 }
3634
3635 /* Returns positive if key was handled by the call */
3636 if (r > 0)
3637 continue;
3638
3639 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3640 if (r < 0)
3641 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3642 }
3643 }
3644
3645 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3646 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3647 * before 228 where the base for timeouts was not persistent across reboots. */
3648
3649 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3650 dual_timestamp_get(&u->state_change_timestamp);
3651
3652 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3653 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3654 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3655 unit_invalidate_cgroup_bpf(u);
3656
3657 return 0;
3658 }
3659
3660 void unit_deserialize_skip(FILE *f) {
3661 assert(f);
3662
3663 /* Skip serialized data for this unit. We don't know what it is. */
3664
3665 for (;;) {
3666 char line[LINE_MAX], *l;
3667
3668 if (!fgets(line, sizeof line, f))
3669 return;
3670
3671 char_array_0(line);
3672 l = strstrip(line);
3673
3674 /* End marker */
3675 if (isempty(l))
3676 return;
3677 }
3678 }
3679
3680 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3681 Unit *device;
3682 _cleanup_free_ char *e = NULL;
3683 int r;
3684
3685 assert(u);
3686
3687 /* Adds in links to the device node that this unit is based on */
3688 if (isempty(what))
3689 return 0;
3690
3691 if (!is_device_path(what))
3692 return 0;
3693
3694 /* When device units aren't supported (such as in a
3695 * container), don't create dependencies on them. */
3696 if (!unit_type_supported(UNIT_DEVICE))
3697 return 0;
3698
3699 r = unit_name_from_path(what, ".device", &e);
3700 if (r < 0)
3701 return r;
3702
3703 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3704 if (r < 0)
3705 return r;
3706
3707 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3708 dep = UNIT_BINDS_TO;
3709
3710 r = unit_add_two_dependencies(u, UNIT_AFTER,
3711 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3712 device, true, mask);
3713 if (r < 0)
3714 return r;
3715
3716 if (wants) {
3717 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3718 if (r < 0)
3719 return r;
3720 }
3721
3722 return 0;
3723 }
3724
3725 int unit_coldplug(Unit *u) {
3726 int r = 0, q;
3727 char **i;
3728
3729 assert(u);
3730
3731 /* Make sure we don't enter a loop, when coldplugging recursively. */
3732 if (u->coldplugged)
3733 return 0;
3734
3735 u->coldplugged = true;
3736
3737 STRV_FOREACH(i, u->deserialized_refs) {
3738 q = bus_unit_track_add_name(u, *i);
3739 if (q < 0 && r >= 0)
3740 r = q;
3741 }
3742 u->deserialized_refs = strv_free(u->deserialized_refs);
3743
3744 if (UNIT_VTABLE(u)->coldplug) {
3745 q = UNIT_VTABLE(u)->coldplug(u);
3746 if (q < 0 && r >= 0)
3747 r = q;
3748 }
3749
3750 if (u->job) {
3751 q = job_coldplug(u->job);
3752 if (q < 0 && r >= 0)
3753 r = q;
3754 }
3755
3756 return r;
3757 }
3758
3759 void unit_catchup(Unit *u) {
3760 assert(u);
3761
3762 if (UNIT_VTABLE(u)->catchup)
3763 UNIT_VTABLE(u)->catchup(u);
3764 }
3765
3766 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3767 struct stat st;
3768
3769 if (!path)
3770 return false;
3771
3772 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3773 * are never out-of-date. */
3774 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3775 return false;
3776
3777 if (stat(path, &st) < 0)
3778 /* What, cannot access this anymore? */
3779 return true;
3780
3781 if (path_masked)
3782 /* For masked files check if they are still so */
3783 return !null_or_empty(&st);
3784 else
3785 /* For non-empty files check the mtime */
3786 return timespec_load(&st.st_mtim) > mtime;
3787
3788 return false;
3789 }
3790
3791 bool unit_need_daemon_reload(Unit *u) {
3792 _cleanup_strv_free_ char **t = NULL;
3793 char **path;
3794
3795 assert(u);
3796
3797 /* For unit files, we allow masking… */
3798 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3799 u->load_state == UNIT_MASKED))
3800 return true;
3801
3802 /* Source paths should not be masked… */
3803 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3804 return true;
3805
3806 if (u->load_state == UNIT_LOADED)
3807 (void) unit_find_dropin_paths(u, &t);
3808 if (!strv_equal(u->dropin_paths, t))
3809 return true;
3810
3811 /* … any drop-ins that are masked are simply omitted from the list. */
3812 STRV_FOREACH(path, u->dropin_paths)
3813 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3814 return true;
3815
3816 return false;
3817 }
3818
3819 void unit_reset_failed(Unit *u) {
3820 assert(u);
3821
3822 if (UNIT_VTABLE(u)->reset_failed)
3823 UNIT_VTABLE(u)->reset_failed(u);
3824
3825 RATELIMIT_RESET(u->start_limit);
3826 u->start_limit_hit = false;
3827 }
3828
3829 Unit *unit_following(Unit *u) {
3830 assert(u);
3831
3832 if (UNIT_VTABLE(u)->following)
3833 return UNIT_VTABLE(u)->following(u);
3834
3835 return NULL;
3836 }
3837
3838 bool unit_stop_pending(Unit *u) {
3839 assert(u);
3840
3841 /* This call does check the current state of the unit. It's
3842 * hence useful to be called from state change calls of the
3843 * unit itself, where the state isn't updated yet. This is
3844 * different from unit_inactive_or_pending() which checks both
3845 * the current state and for a queued job. */
3846
3847 return u->job && u->job->type == JOB_STOP;
3848 }
3849
3850 bool unit_inactive_or_pending(Unit *u) {
3851 assert(u);
3852
3853 /* Returns true if the unit is inactive or going down */
3854
3855 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3856 return true;
3857
3858 if (unit_stop_pending(u))
3859 return true;
3860
3861 return false;
3862 }
3863
3864 bool unit_active_or_pending(Unit *u) {
3865 assert(u);
3866
3867 /* Returns true if the unit is active or going up */
3868
3869 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3870 return true;
3871
3872 if (u->job &&
3873 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3874 return true;
3875
3876 return false;
3877 }
3878
3879 bool unit_will_restart(Unit *u) {
3880 assert(u);
3881
3882 if (!UNIT_VTABLE(u)->will_restart)
3883 return false;
3884
3885 return UNIT_VTABLE(u)->will_restart(u);
3886 }
3887
3888 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3889 assert(u);
3890 assert(w >= 0 && w < _KILL_WHO_MAX);
3891 assert(SIGNAL_VALID(signo));
3892
3893 if (!UNIT_VTABLE(u)->kill)
3894 return -EOPNOTSUPP;
3895
3896 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3897 }
3898
3899 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3900 _cleanup_set_free_ Set *pid_set = NULL;
3901 int r;
3902
3903 pid_set = set_new(NULL);
3904 if (!pid_set)
3905 return NULL;
3906
3907 /* Exclude the main/control pids from being killed via the cgroup */
3908 if (main_pid > 0) {
3909 r = set_put(pid_set, PID_TO_PTR(main_pid));
3910 if (r < 0)
3911 return NULL;
3912 }
3913
3914 if (control_pid > 0) {
3915 r = set_put(pid_set, PID_TO_PTR(control_pid));
3916 if (r < 0)
3917 return NULL;
3918 }
3919
3920 return TAKE_PTR(pid_set);
3921 }
3922
3923 int unit_kill_common(
3924 Unit *u,
3925 KillWho who,
3926 int signo,
3927 pid_t main_pid,
3928 pid_t control_pid,
3929 sd_bus_error *error) {
3930
3931 int r = 0;
3932 bool killed = false;
3933
3934 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3935 if (main_pid < 0)
3936 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3937 else if (main_pid == 0)
3938 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3939 }
3940
3941 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3942 if (control_pid < 0)
3943 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3944 else if (control_pid == 0)
3945 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3946 }
3947
3948 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3949 if (control_pid > 0) {
3950 if (kill(control_pid, signo) < 0)
3951 r = -errno;
3952 else
3953 killed = true;
3954 }
3955
3956 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3957 if (main_pid > 0) {
3958 if (kill(main_pid, signo) < 0)
3959 r = -errno;
3960 else
3961 killed = true;
3962 }
3963
3964 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3965 _cleanup_set_free_ Set *pid_set = NULL;
3966 int q;
3967
3968 /* Exclude the main/control pids from being killed via the cgroup */
3969 pid_set = unit_pid_set(main_pid, control_pid);
3970 if (!pid_set)
3971 return -ENOMEM;
3972
3973 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3974 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3975 r = q;
3976 else
3977 killed = true;
3978 }
3979
3980 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3981 return -ESRCH;
3982
3983 return r;
3984 }
3985
3986 int unit_following_set(Unit *u, Set **s) {
3987 assert(u);
3988 assert(s);
3989
3990 if (UNIT_VTABLE(u)->following_set)
3991 return UNIT_VTABLE(u)->following_set(u, s);
3992
3993 *s = NULL;
3994 return 0;
3995 }
3996
3997 UnitFileState unit_get_unit_file_state(Unit *u) {
3998 int r;
3999
4000 assert(u);
4001
4002 if (u->unit_file_state < 0 && u->fragment_path) {
4003 r = unit_file_get_state(
4004 u->manager->unit_file_scope,
4005 NULL,
4006 u->id,
4007 &u->unit_file_state);
4008 if (r < 0)
4009 u->unit_file_state = UNIT_FILE_BAD;
4010 }
4011
4012 return u->unit_file_state;
4013 }
4014
4015 int unit_get_unit_file_preset(Unit *u) {
4016 assert(u);
4017
4018 if (u->unit_file_preset < 0 && u->fragment_path)
4019 u->unit_file_preset = unit_file_query_preset(
4020 u->manager->unit_file_scope,
4021 NULL,
4022 basename(u->fragment_path));
4023
4024 return u->unit_file_preset;
4025 }
4026
4027 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4028 assert(ref);
4029 assert(source);
4030 assert(target);
4031
4032 if (ref->target)
4033 unit_ref_unset(ref);
4034
4035 ref->source = source;
4036 ref->target = target;
4037 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4038 return target;
4039 }
4040
4041 void unit_ref_unset(UnitRef *ref) {
4042 assert(ref);
4043
4044 if (!ref->target)
4045 return;
4046
4047 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4048 * be unreferenced now. */
4049 unit_add_to_gc_queue(ref->target);
4050
4051 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4052 ref->source = ref->target = NULL;
4053 }
4054
4055 static int user_from_unit_name(Unit *u, char **ret) {
4056
4057 static const uint8_t hash_key[] = {
4058 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4059 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4060 };
4061
4062 _cleanup_free_ char *n = NULL;
4063 int r;
4064
4065 r = unit_name_to_prefix(u->id, &n);
4066 if (r < 0)
4067 return r;
4068
4069 if (valid_user_group_name(n)) {
4070 *ret = TAKE_PTR(n);
4071 return 0;
4072 }
4073
4074 /* If we can't use the unit name as a user name, then let's hash it and use that */
4075 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4076 return -ENOMEM;
4077
4078 return 0;
4079 }
4080
4081 int unit_patch_contexts(Unit *u) {
4082 CGroupContext *cc;
4083 ExecContext *ec;
4084 unsigned i;
4085 int r;
4086
4087 assert(u);
4088
4089 /* Patch in the manager defaults into the exec and cgroup
4090 * contexts, _after_ the rest of the settings have been
4091 * initialized */
4092
4093 ec = unit_get_exec_context(u);
4094 if (ec) {
4095 /* This only copies in the ones that need memory */
4096 for (i = 0; i < _RLIMIT_MAX; i++)
4097 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4098 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4099 if (!ec->rlimit[i])
4100 return -ENOMEM;
4101 }
4102
4103 if (MANAGER_IS_USER(u->manager) &&
4104 !ec->working_directory) {
4105
4106 r = get_home_dir(&ec->working_directory);
4107 if (r < 0)
4108 return r;
4109
4110 /* Allow user services to run, even if the
4111 * home directory is missing */
4112 ec->working_directory_missing_ok = true;
4113 }
4114
4115 if (ec->private_devices)
4116 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4117
4118 if (ec->protect_kernel_modules)
4119 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4120
4121 if (ec->dynamic_user) {
4122 if (!ec->user) {
4123 r = user_from_unit_name(u, &ec->user);
4124 if (r < 0)
4125 return r;
4126 }
4127
4128 if (!ec->group) {
4129 ec->group = strdup(ec->user);
4130 if (!ec->group)
4131 return -ENOMEM;
4132 }
4133
4134 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4135 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4136
4137 ec->private_tmp = true;
4138 ec->remove_ipc = true;
4139 ec->protect_system = PROTECT_SYSTEM_STRICT;
4140 if (ec->protect_home == PROTECT_HOME_NO)
4141 ec->protect_home = PROTECT_HOME_READ_ONLY;
4142 }
4143 }
4144
4145 cc = unit_get_cgroup_context(u);
4146 if (cc && ec) {
4147
4148 if (ec->private_devices &&
4149 cc->device_policy == CGROUP_AUTO)
4150 cc->device_policy = CGROUP_CLOSED;
4151
4152 if (ec->root_image &&
4153 (cc->device_policy != CGROUP_AUTO || cc->device_allow)) {
4154
4155 /* When RootImage= is specified, the following devices are touched. */
4156 r = cgroup_add_device_allow(cc, "/dev/loop-control", "rw");
4157 if (r < 0)
4158 return r;
4159
4160 r = cgroup_add_device_allow(cc, "block-loop", "rwm");
4161 if (r < 0)
4162 return r;
4163
4164 r = cgroup_add_device_allow(cc, "block-blkext", "rwm");
4165 if (r < 0)
4166 return r;
4167 }
4168 }
4169
4170 return 0;
4171 }
4172
4173 ExecContext *unit_get_exec_context(Unit *u) {
4174 size_t offset;
4175 assert(u);
4176
4177 if (u->type < 0)
4178 return NULL;
4179
4180 offset = UNIT_VTABLE(u)->exec_context_offset;
4181 if (offset <= 0)
4182 return NULL;
4183
4184 return (ExecContext*) ((uint8_t*) u + offset);
4185 }
4186
4187 KillContext *unit_get_kill_context(Unit *u) {
4188 size_t offset;
4189 assert(u);
4190
4191 if (u->type < 0)
4192 return NULL;
4193
4194 offset = UNIT_VTABLE(u)->kill_context_offset;
4195 if (offset <= 0)
4196 return NULL;
4197
4198 return (KillContext*) ((uint8_t*) u + offset);
4199 }
4200
4201 CGroupContext *unit_get_cgroup_context(Unit *u) {
4202 size_t offset;
4203
4204 if (u->type < 0)
4205 return NULL;
4206
4207 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4208 if (offset <= 0)
4209 return NULL;
4210
4211 return (CGroupContext*) ((uint8_t*) u + offset);
4212 }
4213
4214 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4215 size_t offset;
4216
4217 if (u->type < 0)
4218 return NULL;
4219
4220 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4221 if (offset <= 0)
4222 return NULL;
4223
4224 return *(ExecRuntime**) ((uint8_t*) u + offset);
4225 }
4226
4227 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4228 assert(u);
4229
4230 if (UNIT_WRITE_FLAGS_NOOP(flags))
4231 return NULL;
4232
4233 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4234 return u->manager->lookup_paths.transient;
4235
4236 if (flags & UNIT_PERSISTENT)
4237 return u->manager->lookup_paths.persistent_control;
4238
4239 if (flags & UNIT_RUNTIME)
4240 return u->manager->lookup_paths.runtime_control;
4241
4242 return NULL;
4243 }
4244
4245 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4246 char *ret = NULL;
4247
4248 if (!s)
4249 return NULL;
4250
4251 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4252 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4253 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4254 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4255 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4256 * allocations. */
4257
4258 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4259 ret = specifier_escape(s);
4260 if (!ret)
4261 return NULL;
4262
4263 s = ret;
4264 }
4265
4266 if (flags & UNIT_ESCAPE_C) {
4267 char *a;
4268
4269 a = cescape(s);
4270 free(ret);
4271 if (!a)
4272 return NULL;
4273
4274 ret = a;
4275 }
4276
4277 if (buf) {
4278 *buf = ret;
4279 return ret ?: (char*) s;
4280 }
4281
4282 return ret ?: strdup(s);
4283 }
4284
4285 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4286 _cleanup_free_ char *result = NULL;
4287 size_t n = 0, allocated = 0;
4288 char **i;
4289
4290 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4291 * way suitable for ExecStart= stanzas */
4292
4293 STRV_FOREACH(i, l) {
4294 _cleanup_free_ char *buf = NULL;
4295 const char *p;
4296 size_t a;
4297 char *q;
4298
4299 p = unit_escape_setting(*i, flags, &buf);
4300 if (!p)
4301 return NULL;
4302
4303 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4304 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4305 return NULL;
4306
4307 q = result + n;
4308 if (n > 0)
4309 *(q++) = ' ';
4310
4311 *(q++) = '"';
4312 q = stpcpy(q, p);
4313 *(q++) = '"';
4314
4315 n += a;
4316 }
4317
4318 if (!GREEDY_REALLOC(result, allocated, n + 1))
4319 return NULL;
4320
4321 result[n] = 0;
4322
4323 return TAKE_PTR(result);
4324 }
4325
4326 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4327 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4328 const char *dir, *wrapped;
4329 int r;
4330
4331 assert(u);
4332 assert(name);
4333 assert(data);
4334
4335 if (UNIT_WRITE_FLAGS_NOOP(flags))
4336 return 0;
4337
4338 data = unit_escape_setting(data, flags, &escaped);
4339 if (!data)
4340 return -ENOMEM;
4341
4342 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4343 * previous section header is the same */
4344
4345 if (flags & UNIT_PRIVATE) {
4346 if (!UNIT_VTABLE(u)->private_section)
4347 return -EINVAL;
4348
4349 if (!u->transient_file || u->last_section_private < 0)
4350 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4351 else if (u->last_section_private == 0)
4352 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4353 } else {
4354 if (!u->transient_file || u->last_section_private < 0)
4355 data = strjoina("[Unit]\n", data);
4356 else if (u->last_section_private > 0)
4357 data = strjoina("\n[Unit]\n", data);
4358 }
4359
4360 if (u->transient_file) {
4361 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4362 * write to the transient unit file. */
4363 fputs(data, u->transient_file);
4364
4365 if (!endswith(data, "\n"))
4366 fputc('\n', u->transient_file);
4367
4368 /* Remember which section we wrote this entry to */
4369 u->last_section_private = !!(flags & UNIT_PRIVATE);
4370 return 0;
4371 }
4372
4373 dir = unit_drop_in_dir(u, flags);
4374 if (!dir)
4375 return -EINVAL;
4376
4377 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4378 "# or an equivalent operation. Do not edit.\n",
4379 data,
4380 "\n");
4381
4382 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4383 if (r < 0)
4384 return r;
4385
4386 (void) mkdir_p_label(p, 0755);
4387 r = write_string_file_atomic_label(q, wrapped);
4388 if (r < 0)
4389 return r;
4390
4391 r = strv_push(&u->dropin_paths, q);
4392 if (r < 0)
4393 return r;
4394 q = NULL;
4395
4396 strv_uniq(u->dropin_paths);
4397
4398 u->dropin_mtime = now(CLOCK_REALTIME);
4399
4400 return 0;
4401 }
4402
4403 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4404 _cleanup_free_ char *p = NULL;
4405 va_list ap;
4406 int r;
4407
4408 assert(u);
4409 assert(name);
4410 assert(format);
4411
4412 if (UNIT_WRITE_FLAGS_NOOP(flags))
4413 return 0;
4414
4415 va_start(ap, format);
4416 r = vasprintf(&p, format, ap);
4417 va_end(ap);
4418
4419 if (r < 0)
4420 return -ENOMEM;
4421
4422 return unit_write_setting(u, flags, name, p);
4423 }
4424
4425 int unit_make_transient(Unit *u) {
4426 _cleanup_free_ char *path = NULL;
4427 FILE *f;
4428
4429 assert(u);
4430
4431 if (!UNIT_VTABLE(u)->can_transient)
4432 return -EOPNOTSUPP;
4433
4434 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4435
4436 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4437 if (!path)
4438 return -ENOMEM;
4439
4440 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4441 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4442
4443 RUN_WITH_UMASK(0022) {
4444 f = fopen(path, "we");
4445 if (!f)
4446 return -errno;
4447 }
4448
4449 safe_fclose(u->transient_file);
4450 u->transient_file = f;
4451
4452 free_and_replace(u->fragment_path, path);
4453
4454 u->source_path = mfree(u->source_path);
4455 u->dropin_paths = strv_free(u->dropin_paths);
4456 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4457
4458 u->load_state = UNIT_STUB;
4459 u->load_error = 0;
4460 u->transient = true;
4461
4462 unit_add_to_dbus_queue(u);
4463 unit_add_to_gc_queue(u);
4464
4465 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4466 u->transient_file);
4467
4468 return 0;
4469 }
4470
4471 static void log_kill(pid_t pid, int sig, void *userdata) {
4472 _cleanup_free_ char *comm = NULL;
4473
4474 (void) get_process_comm(pid, &comm);
4475
4476 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4477 only, like for example systemd's own PAM stub process. */
4478 if (comm && comm[0] == '(')
4479 return;
4480
4481 log_unit_notice(userdata,
4482 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4483 pid,
4484 strna(comm),
4485 signal_to_string(sig));
4486 }
4487
4488 static int operation_to_signal(KillContext *c, KillOperation k) {
4489 assert(c);
4490
4491 switch (k) {
4492
4493 case KILL_TERMINATE:
4494 case KILL_TERMINATE_AND_LOG:
4495 return c->kill_signal;
4496
4497 case KILL_KILL:
4498 return c->final_kill_signal;
4499
4500 case KILL_ABORT:
4501 return SIGABRT;
4502
4503 default:
4504 assert_not_reached("KillOperation unknown");
4505 }
4506 }
4507
4508 int unit_kill_context(
4509 Unit *u,
4510 KillContext *c,
4511 KillOperation k,
4512 pid_t main_pid,
4513 pid_t control_pid,
4514 bool main_pid_alien) {
4515
4516 bool wait_for_exit = false, send_sighup;
4517 cg_kill_log_func_t log_func = NULL;
4518 int sig, r;
4519
4520 assert(u);
4521 assert(c);
4522
4523 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4524 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4525
4526 if (c->kill_mode == KILL_NONE)
4527 return 0;
4528
4529 sig = operation_to_signal(c, k);
4530
4531 send_sighup =
4532 c->send_sighup &&
4533 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4534 sig != SIGHUP;
4535
4536 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4537 log_func = log_kill;
4538
4539 if (main_pid > 0) {
4540 if (log_func)
4541 log_func(main_pid, sig, u);
4542
4543 r = kill_and_sigcont(main_pid, sig);
4544 if (r < 0 && r != -ESRCH) {
4545 _cleanup_free_ char *comm = NULL;
4546 (void) get_process_comm(main_pid, &comm);
4547
4548 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4549 } else {
4550 if (!main_pid_alien)
4551 wait_for_exit = true;
4552
4553 if (r != -ESRCH && send_sighup)
4554 (void) kill(main_pid, SIGHUP);
4555 }
4556 }
4557
4558 if (control_pid > 0) {
4559 if (log_func)
4560 log_func(control_pid, sig, u);
4561
4562 r = kill_and_sigcont(control_pid, sig);
4563 if (r < 0 && r != -ESRCH) {
4564 _cleanup_free_ char *comm = NULL;
4565 (void) get_process_comm(control_pid, &comm);
4566
4567 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4568 } else {
4569 wait_for_exit = true;
4570
4571 if (r != -ESRCH && send_sighup)
4572 (void) kill(control_pid, SIGHUP);
4573 }
4574 }
4575
4576 if (u->cgroup_path &&
4577 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4578 _cleanup_set_free_ Set *pid_set = NULL;
4579
4580 /* Exclude the main/control pids from being killed via the cgroup */
4581 pid_set = unit_pid_set(main_pid, control_pid);
4582 if (!pid_set)
4583 return -ENOMEM;
4584
4585 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4586 sig,
4587 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4588 pid_set,
4589 log_func, u);
4590 if (r < 0) {
4591 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4592 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4593
4594 } else if (r > 0) {
4595
4596 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4597 * we are running in a container or if this is a delegation unit, simply because cgroup
4598 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4599 * of containers it can be confused easily by left-over directories in the cgroup — which
4600 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4601 * there we get proper events. Hence rely on them. */
4602
4603 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4604 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4605 wait_for_exit = true;
4606
4607 if (send_sighup) {
4608 set_free(pid_set);
4609
4610 pid_set = unit_pid_set(main_pid, control_pid);
4611 if (!pid_set)
4612 return -ENOMEM;
4613
4614 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4615 SIGHUP,
4616 CGROUP_IGNORE_SELF,
4617 pid_set,
4618 NULL, NULL);
4619 }
4620 }
4621 }
4622
4623 return wait_for_exit;
4624 }
4625
4626 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4627 _cleanup_free_ char *p = NULL;
4628 char *prefix;
4629 UnitDependencyInfo di;
4630 int r;
4631
4632 assert(u);
4633 assert(path);
4634
4635 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4636 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4637 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4638 * determine which units to make themselves a dependency of. */
4639
4640 if (!path_is_absolute(path))
4641 return -EINVAL;
4642
4643 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4644 if (r < 0)
4645 return r;
4646
4647 p = strdup(path);
4648 if (!p)
4649 return -ENOMEM;
4650
4651 path = path_simplify(p, false);
4652
4653 if (!path_is_normalized(path))
4654 return -EPERM;
4655
4656 if (hashmap_contains(u->requires_mounts_for, path))
4657 return 0;
4658
4659 di = (UnitDependencyInfo) {
4660 .origin_mask = mask
4661 };
4662
4663 r = hashmap_put(u->requires_mounts_for, path, di.data);
4664 if (r < 0)
4665 return r;
4666 p = NULL;
4667
4668 prefix = alloca(strlen(path) + 1);
4669 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4670 Set *x;
4671
4672 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4673 if (!x) {
4674 _cleanup_free_ char *q = NULL;
4675
4676 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4677 if (r < 0)
4678 return r;
4679
4680 q = strdup(prefix);
4681 if (!q)
4682 return -ENOMEM;
4683
4684 x = set_new(NULL);
4685 if (!x)
4686 return -ENOMEM;
4687
4688 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4689 if (r < 0) {
4690 set_free(x);
4691 return r;
4692 }
4693 q = NULL;
4694 }
4695
4696 r = set_put(x, u);
4697 if (r < 0)
4698 return r;
4699 }
4700
4701 return 0;
4702 }
4703
4704 int unit_setup_exec_runtime(Unit *u) {
4705 ExecRuntime **rt;
4706 size_t offset;
4707 Unit *other;
4708 Iterator i;
4709 void *v;
4710 int r;
4711
4712 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4713 assert(offset > 0);
4714
4715 /* Check if there already is an ExecRuntime for this unit? */
4716 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4717 if (*rt)
4718 return 0;
4719
4720 /* Try to get it from somebody else */
4721 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4722 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4723 if (r == 1)
4724 return 1;
4725 }
4726
4727 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4728 }
4729
4730 int unit_setup_dynamic_creds(Unit *u) {
4731 ExecContext *ec;
4732 DynamicCreds *dcreds;
4733 size_t offset;
4734
4735 assert(u);
4736
4737 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4738 assert(offset > 0);
4739 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4740
4741 ec = unit_get_exec_context(u);
4742 assert(ec);
4743
4744 if (!ec->dynamic_user)
4745 return 0;
4746
4747 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4748 }
4749
4750 bool unit_type_supported(UnitType t) {
4751 if (_unlikely_(t < 0))
4752 return false;
4753 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4754 return false;
4755
4756 if (!unit_vtable[t]->supported)
4757 return true;
4758
4759 return unit_vtable[t]->supported();
4760 }
4761
4762 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4763 int r;
4764
4765 assert(u);
4766 assert(where);
4767
4768 r = dir_is_empty(where);
4769 if (r > 0 || r == -ENOTDIR)
4770 return;
4771 if (r < 0) {
4772 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4773 return;
4774 }
4775
4776 log_struct(LOG_NOTICE,
4777 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4778 LOG_UNIT_ID(u),
4779 LOG_UNIT_INVOCATION_ID(u),
4780 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4781 "WHERE=%s", where);
4782 }
4783
4784 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4785 _cleanup_free_ char *canonical_where;
4786 int r;
4787
4788 assert(u);
4789 assert(where);
4790
4791 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4792 if (r < 0) {
4793 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4794 return 0;
4795 }
4796
4797 /* We will happily ignore a trailing slash (or any redundant slashes) */
4798 if (path_equal(where, canonical_where))
4799 return 0;
4800
4801 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4802 log_struct(LOG_ERR,
4803 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4804 LOG_UNIT_ID(u),
4805 LOG_UNIT_INVOCATION_ID(u),
4806 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4807 "WHERE=%s", where);
4808
4809 return -ELOOP;
4810 }
4811
4812 bool unit_is_pristine(Unit *u) {
4813 assert(u);
4814
4815 /* Check if the unit already exists or is already around,
4816 * in a number of different ways. Note that to cater for unit
4817 * types such as slice, we are generally fine with units that
4818 * are marked UNIT_LOADED even though nothing was actually
4819 * loaded, as those unit types don't require a file on disk. */
4820
4821 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4822 u->fragment_path ||
4823 u->source_path ||
4824 !strv_isempty(u->dropin_paths) ||
4825 u->job ||
4826 u->merged_into);
4827 }
4828
4829 pid_t unit_control_pid(Unit *u) {
4830 assert(u);
4831
4832 if (UNIT_VTABLE(u)->control_pid)
4833 return UNIT_VTABLE(u)->control_pid(u);
4834
4835 return 0;
4836 }
4837
4838 pid_t unit_main_pid(Unit *u) {
4839 assert(u);
4840
4841 if (UNIT_VTABLE(u)->main_pid)
4842 return UNIT_VTABLE(u)->main_pid(u);
4843
4844 return 0;
4845 }
4846
4847 static void unit_unref_uid_internal(
4848 Unit *u,
4849 uid_t *ref_uid,
4850 bool destroy_now,
4851 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4852
4853 assert(u);
4854 assert(ref_uid);
4855 assert(_manager_unref_uid);
4856
4857 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4858 * gid_t are actually the same time, with the same validity rules.
4859 *
4860 * Drops a reference to UID/GID from a unit. */
4861
4862 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4863 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4864
4865 if (!uid_is_valid(*ref_uid))
4866 return;
4867
4868 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4869 *ref_uid = UID_INVALID;
4870 }
4871
4872 void unit_unref_uid(Unit *u, bool destroy_now) {
4873 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4874 }
4875
4876 void unit_unref_gid(Unit *u, bool destroy_now) {
4877 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4878 }
4879
4880 static int unit_ref_uid_internal(
4881 Unit *u,
4882 uid_t *ref_uid,
4883 uid_t uid,
4884 bool clean_ipc,
4885 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4886
4887 int r;
4888
4889 assert(u);
4890 assert(ref_uid);
4891 assert(uid_is_valid(uid));
4892 assert(_manager_ref_uid);
4893
4894 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4895 * are actually the same type, and have the same validity rules.
4896 *
4897 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4898 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4899 * drops to zero. */
4900
4901 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4902 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4903
4904 if (*ref_uid == uid)
4905 return 0;
4906
4907 if (uid_is_valid(*ref_uid)) /* Already set? */
4908 return -EBUSY;
4909
4910 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4911 if (r < 0)
4912 return r;
4913
4914 *ref_uid = uid;
4915 return 1;
4916 }
4917
4918 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4919 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4920 }
4921
4922 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4923 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4924 }
4925
4926 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4927 int r = 0, q = 0;
4928
4929 assert(u);
4930
4931 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4932
4933 if (uid_is_valid(uid)) {
4934 r = unit_ref_uid(u, uid, clean_ipc);
4935 if (r < 0)
4936 return r;
4937 }
4938
4939 if (gid_is_valid(gid)) {
4940 q = unit_ref_gid(u, gid, clean_ipc);
4941 if (q < 0) {
4942 if (r > 0)
4943 unit_unref_uid(u, false);
4944
4945 return q;
4946 }
4947 }
4948
4949 return r > 0 || q > 0;
4950 }
4951
4952 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4953 ExecContext *c;
4954 int r;
4955
4956 assert(u);
4957
4958 c = unit_get_exec_context(u);
4959
4960 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4961 if (r < 0)
4962 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4963
4964 return r;
4965 }
4966
4967 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4968 assert(u);
4969
4970 unit_unref_uid(u, destroy_now);
4971 unit_unref_gid(u, destroy_now);
4972 }
4973
4974 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4975 int r;
4976
4977 assert(u);
4978
4979 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4980 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4981 * objects when no service references the UID/GID anymore. */
4982
4983 r = unit_ref_uid_gid(u, uid, gid);
4984 if (r > 0)
4985 bus_unit_send_change_signal(u);
4986 }
4987
4988 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4989 int r;
4990
4991 assert(u);
4992
4993 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4994
4995 if (sd_id128_equal(u->invocation_id, id))
4996 return 0;
4997
4998 if (!sd_id128_is_null(u->invocation_id))
4999 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
5000
5001 if (sd_id128_is_null(id)) {
5002 r = 0;
5003 goto reset;
5004 }
5005
5006 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
5007 if (r < 0)
5008 goto reset;
5009
5010 u->invocation_id = id;
5011 sd_id128_to_string(id, u->invocation_id_string);
5012
5013 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
5014 if (r < 0)
5015 goto reset;
5016
5017 return 0;
5018
5019 reset:
5020 u->invocation_id = SD_ID128_NULL;
5021 u->invocation_id_string[0] = 0;
5022 return r;
5023 }
5024
5025 int unit_acquire_invocation_id(Unit *u) {
5026 sd_id128_t id;
5027 int r;
5028
5029 assert(u);
5030
5031 r = sd_id128_randomize(&id);
5032 if (r < 0)
5033 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5034
5035 r = unit_set_invocation_id(u, id);
5036 if (r < 0)
5037 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5038
5039 return 0;
5040 }
5041
5042 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5043 assert(u);
5044 assert(p);
5045
5046 /* Copy parameters from manager */
5047 p->environment = u->manager->environment;
5048 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5049 p->cgroup_supported = u->manager->cgroup_supported;
5050 p->prefix = u->manager->prefix;
5051 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5052
5053 /* Copy paramaters from unit */
5054 p->cgroup_path = u->cgroup_path;
5055 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5056 }
5057
5058 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5059 int r;
5060
5061 assert(u);
5062 assert(ret);
5063
5064 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5065 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5066
5067 (void) unit_realize_cgroup(u);
5068
5069 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5070 if (r != 0)
5071 return r;
5072
5073 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5074 (void) ignore_signals(SIGPIPE, -1);
5075
5076 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5077
5078 if (u->cgroup_path) {
5079 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5080 if (r < 0) {
5081 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5082 _exit(EXIT_CGROUP);
5083 }
5084 }
5085
5086 return 0;
5087 }
5088
5089 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5090 assert(u);
5091 assert(d >= 0);
5092 assert(d < _UNIT_DEPENDENCY_MAX);
5093 assert(other);
5094
5095 if (di.origin_mask == 0 && di.destination_mask == 0) {
5096 /* No bit set anymore, let's drop the whole entry */
5097 assert_se(hashmap_remove(u->dependencies[d], other));
5098 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5099 } else
5100 /* Mask was reduced, let's update the entry */
5101 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5102 }
5103
5104 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5105 UnitDependency d;
5106
5107 assert(u);
5108
5109 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5110
5111 if (mask == 0)
5112 return;
5113
5114 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5115 bool done;
5116
5117 do {
5118 UnitDependencyInfo di;
5119 Unit *other;
5120 Iterator i;
5121
5122 done = true;
5123
5124 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5125 UnitDependency q;
5126
5127 if ((di.origin_mask & ~mask) == di.origin_mask)
5128 continue;
5129 di.origin_mask &= ~mask;
5130 unit_update_dependency_mask(u, d, other, di);
5131
5132 /* We updated the dependency from our unit to the other unit now. But most dependencies
5133 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5134 * all dependency types on the other unit and delete all those which point to us and
5135 * have the right mask set. */
5136
5137 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5138 UnitDependencyInfo dj;
5139
5140 dj.data = hashmap_get(other->dependencies[q], u);
5141 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5142 continue;
5143 dj.destination_mask &= ~mask;
5144
5145 unit_update_dependency_mask(other, q, u, dj);
5146 }
5147
5148 unit_add_to_gc_queue(other);
5149
5150 done = false;
5151 break;
5152 }
5153
5154 } while (!done);
5155 }
5156 }
5157
5158 static int unit_export_invocation_id(Unit *u) {
5159 const char *p;
5160 int r;
5161
5162 assert(u);
5163
5164 if (u->exported_invocation_id)
5165 return 0;
5166
5167 if (sd_id128_is_null(u->invocation_id))
5168 return 0;
5169
5170 p = strjoina("/run/systemd/units/invocation:", u->id);
5171 r = symlink_atomic(u->invocation_id_string, p);
5172 if (r < 0)
5173 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5174
5175 u->exported_invocation_id = true;
5176 return 0;
5177 }
5178
5179 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5180 const char *p;
5181 char buf[2];
5182 int r;
5183
5184 assert(u);
5185 assert(c);
5186
5187 if (u->exported_log_level_max)
5188 return 0;
5189
5190 if (c->log_level_max < 0)
5191 return 0;
5192
5193 assert(c->log_level_max <= 7);
5194
5195 buf[0] = '0' + c->log_level_max;
5196 buf[1] = 0;
5197
5198 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5199 r = symlink_atomic(buf, p);
5200 if (r < 0)
5201 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5202
5203 u->exported_log_level_max = true;
5204 return 0;
5205 }
5206
5207 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5208 _cleanup_close_ int fd = -1;
5209 struct iovec *iovec;
5210 const char *p;
5211 char *pattern;
5212 le64_t *sizes;
5213 ssize_t n;
5214 size_t i;
5215 int r;
5216
5217 if (u->exported_log_extra_fields)
5218 return 0;
5219
5220 if (c->n_log_extra_fields <= 0)
5221 return 0;
5222
5223 sizes = newa(le64_t, c->n_log_extra_fields);
5224 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5225
5226 for (i = 0; i < c->n_log_extra_fields; i++) {
5227 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5228
5229 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5230 iovec[i*2+1] = c->log_extra_fields[i];
5231 }
5232
5233 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5234 pattern = strjoina(p, ".XXXXXX");
5235
5236 fd = mkostemp_safe(pattern);
5237 if (fd < 0)
5238 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5239
5240 n = writev(fd, iovec, c->n_log_extra_fields*2);
5241 if (n < 0) {
5242 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5243 goto fail;
5244 }
5245
5246 (void) fchmod(fd, 0644);
5247
5248 if (rename(pattern, p) < 0) {
5249 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5250 goto fail;
5251 }
5252
5253 u->exported_log_extra_fields = true;
5254 return 0;
5255
5256 fail:
5257 (void) unlink(pattern);
5258 return r;
5259 }
5260
5261 void unit_export_state_files(Unit *u) {
5262 const ExecContext *c;
5263
5264 assert(u);
5265
5266 if (!u->id)
5267 return;
5268
5269 if (!MANAGER_IS_SYSTEM(u->manager))
5270 return;
5271
5272 if (u->manager->test_run_flags != 0)
5273 return;
5274
5275 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5276 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5277 * the IPC system itself and PID 1 also log to the journal.
5278 *
5279 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5280 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5281 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5282 * namespace at least.
5283 *
5284 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5285 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5286 * them with one. */
5287
5288 (void) unit_export_invocation_id(u);
5289
5290 c = unit_get_exec_context(u);
5291 if (c) {
5292 (void) unit_export_log_level_max(u, c);
5293 (void) unit_export_log_extra_fields(u, c);
5294 }
5295 }
5296
5297 void unit_unlink_state_files(Unit *u) {
5298 const char *p;
5299
5300 assert(u);
5301
5302 if (!u->id)
5303 return;
5304
5305 if (!MANAGER_IS_SYSTEM(u->manager))
5306 return;
5307
5308 /* Undoes the effect of unit_export_state() */
5309
5310 if (u->exported_invocation_id) {
5311 p = strjoina("/run/systemd/units/invocation:", u->id);
5312 (void) unlink(p);
5313
5314 u->exported_invocation_id = false;
5315 }
5316
5317 if (u->exported_log_level_max) {
5318 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5319 (void) unlink(p);
5320
5321 u->exported_log_level_max = false;
5322 }
5323
5324 if (u->exported_log_extra_fields) {
5325 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5326 (void) unlink(p);
5327
5328 u->exported_log_extra_fields = false;
5329 }
5330 }
5331
5332 int unit_prepare_exec(Unit *u) {
5333 int r;
5334
5335 assert(u);
5336
5337 /* Prepares everything so that we can fork of a process for this unit */
5338
5339 (void) unit_realize_cgroup(u);
5340
5341 if (u->reset_accounting) {
5342 (void) unit_reset_cpu_accounting(u);
5343 (void) unit_reset_ip_accounting(u);
5344 u->reset_accounting = false;
5345 }
5346
5347 unit_export_state_files(u);
5348
5349 r = unit_setup_exec_runtime(u);
5350 if (r < 0)
5351 return r;
5352
5353 r = unit_setup_dynamic_creds(u);
5354 if (r < 0)
5355 return r;
5356
5357 return 0;
5358 }
5359
5360 static void log_leftover(pid_t pid, int sig, void *userdata) {
5361 _cleanup_free_ char *comm = NULL;
5362
5363 (void) get_process_comm(pid, &comm);
5364
5365 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5366 return;
5367
5368 log_unit_warning(userdata,
5369 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5370 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5371 pid, strna(comm));
5372 }
5373
5374 void unit_warn_leftover_processes(Unit *u) {
5375 assert(u);
5376
5377 (void) unit_pick_cgroup_path(u);
5378
5379 if (!u->cgroup_path)
5380 return;
5381
5382 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5383 }
5384
5385 bool unit_needs_console(Unit *u) {
5386 ExecContext *ec;
5387 UnitActiveState state;
5388
5389 assert(u);
5390
5391 state = unit_active_state(u);
5392
5393 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5394 return false;
5395
5396 if (UNIT_VTABLE(u)->needs_console)
5397 return UNIT_VTABLE(u)->needs_console(u);
5398
5399 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5400 ec = unit_get_exec_context(u);
5401 if (!ec)
5402 return false;
5403
5404 return exec_context_may_touch_console(ec);
5405 }
5406
5407 const char *unit_label_path(Unit *u) {
5408 const char *p;
5409
5410 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5411 * when validating access checks. */
5412
5413 p = u->source_path ?: u->fragment_path;
5414 if (!p)
5415 return NULL;
5416
5417 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5418 if (path_equal(p, "/dev/null"))
5419 return NULL;
5420
5421 return p;
5422 }
5423
5424 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5425 int r;
5426
5427 assert(u);
5428
5429 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5430 * and not a kernel thread either */
5431
5432 /* First, a simple range check */
5433 if (!pid_is_valid(pid))
5434 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5435
5436 /* Some extra safety check */
5437 if (pid == 1 || pid == getpid_cached())
5438 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5439
5440 /* Don't even begin to bother with kernel threads */
5441 r = is_kernel_thread(pid);
5442 if (r == -ESRCH)
5443 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5444 if (r < 0)
5445 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5446 if (r > 0)
5447 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5448
5449 return 0;
5450 }
5451
5452 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5453 [COLLECT_INACTIVE] = "inactive",
5454 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5455 };
5456
5457 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.