]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Make final kill signal configurable
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <sys/prctl.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #include "sd-id128.h"
11 #include "sd-messages.h"
12
13 #include "alloc-util.h"
14 #include "all-units.h"
15 #include "bus-common-errors.h"
16 #include "bus-util.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "format-util.h"
26 #include "fs-util.h"
27 #include "id128-util.h"
28 #include "io-util.h"
29 #include "load-dropin.h"
30 #include "load-fragment.h"
31 #include "log.h"
32 #include "macro.h"
33 #include "missing.h"
34 #include "mkdir.h"
35 #include "parse-util.h"
36 #include "path-util.h"
37 #include "process-util.h"
38 #include "set.h"
39 #include "signal-util.h"
40 #include "sparse-endian.h"
41 #include "special.h"
42 #include "specifier.h"
43 #include "stat-util.h"
44 #include "stdio-util.h"
45 #include "string-table.h"
46 #include "string-util.h"
47 #include "strv.h"
48 #include "umask-util.h"
49 #include "unit-name.h"
50 #include "unit.h"
51 #include "user-util.h"
52 #include "virt.h"
53
54 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
55 [UNIT_SERVICE] = &service_vtable,
56 [UNIT_SOCKET] = &socket_vtable,
57 [UNIT_TARGET] = &target_vtable,
58 [UNIT_DEVICE] = &device_vtable,
59 [UNIT_MOUNT] = &mount_vtable,
60 [UNIT_AUTOMOUNT] = &automount_vtable,
61 [UNIT_SWAP] = &swap_vtable,
62 [UNIT_TIMER] = &timer_vtable,
63 [UNIT_PATH] = &path_vtable,
64 [UNIT_SLICE] = &slice_vtable,
65 [UNIT_SCOPE] = &scope_vtable,
66 };
67
68 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
69
70 Unit *unit_new(Manager *m, size_t size) {
71 Unit *u;
72
73 assert(m);
74 assert(size >= sizeof(Unit));
75
76 u = malloc0(size);
77 if (!u)
78 return NULL;
79
80 u->names = set_new(&string_hash_ops);
81 if (!u->names)
82 return mfree(u);
83
84 u->manager = m;
85 u->type = _UNIT_TYPE_INVALID;
86 u->default_dependencies = true;
87 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
88 u->unit_file_preset = -1;
89 u->on_failure_job_mode = JOB_REPLACE;
90 u->cgroup_inotify_wd = -1;
91 u->job_timeout = USEC_INFINITY;
92 u->job_running_timeout = USEC_INFINITY;
93 u->ref_uid = UID_INVALID;
94 u->ref_gid = GID_INVALID;
95 u->cpu_usage_last = NSEC_INFINITY;
96 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
97
98 u->ip_accounting_ingress_map_fd = -1;
99 u->ip_accounting_egress_map_fd = -1;
100 u->ipv4_allow_map_fd = -1;
101 u->ipv6_allow_map_fd = -1;
102 u->ipv4_deny_map_fd = -1;
103 u->ipv6_deny_map_fd = -1;
104
105 u->last_section_private = -1;
106
107 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
108 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
109
110 return u;
111 }
112
113 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
114 _cleanup_(unit_freep) Unit *u = NULL;
115 int r;
116
117 u = unit_new(m, size);
118 if (!u)
119 return -ENOMEM;
120
121 r = unit_add_name(u, name);
122 if (r < 0)
123 return r;
124
125 *ret = TAKE_PTR(u);
126
127 return r;
128 }
129
130 bool unit_has_name(Unit *u, const char *name) {
131 assert(u);
132 assert(name);
133
134 return set_contains(u->names, (char*) name);
135 }
136
137 static void unit_init(Unit *u) {
138 CGroupContext *cc;
139 ExecContext *ec;
140 KillContext *kc;
141
142 assert(u);
143 assert(u->manager);
144 assert(u->type >= 0);
145
146 cc = unit_get_cgroup_context(u);
147 if (cc) {
148 cgroup_context_init(cc);
149
150 /* Copy in the manager defaults into the cgroup
151 * context, _before_ the rest of the settings have
152 * been initialized */
153
154 cc->cpu_accounting = u->manager->default_cpu_accounting;
155 cc->io_accounting = u->manager->default_io_accounting;
156 cc->ip_accounting = u->manager->default_ip_accounting;
157 cc->blockio_accounting = u->manager->default_blockio_accounting;
158 cc->memory_accounting = u->manager->default_memory_accounting;
159 cc->tasks_accounting = u->manager->default_tasks_accounting;
160 cc->ip_accounting = u->manager->default_ip_accounting;
161
162 if (u->type != UNIT_SLICE)
163 cc->tasks_max = u->manager->default_tasks_max;
164 }
165
166 ec = unit_get_exec_context(u);
167 if (ec) {
168 exec_context_init(ec);
169
170 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
171 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
172 }
173
174 kc = unit_get_kill_context(u);
175 if (kc)
176 kill_context_init(kc);
177
178 if (UNIT_VTABLE(u)->init)
179 UNIT_VTABLE(u)->init(u);
180 }
181
182 int unit_add_name(Unit *u, const char *text) {
183 _cleanup_free_ char *s = NULL, *i = NULL;
184 UnitType t;
185 int r;
186
187 assert(u);
188 assert(text);
189
190 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
191
192 if (!u->instance)
193 return -EINVAL;
194
195 r = unit_name_replace_instance(text, u->instance, &s);
196 if (r < 0)
197 return r;
198 } else {
199 s = strdup(text);
200 if (!s)
201 return -ENOMEM;
202 }
203
204 if (set_contains(u->names, s))
205 return 0;
206 if (hashmap_contains(u->manager->units, s))
207 return -EEXIST;
208
209 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
210 return -EINVAL;
211
212 t = unit_name_to_type(s);
213 if (t < 0)
214 return -EINVAL;
215
216 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
217 return -EINVAL;
218
219 r = unit_name_to_instance(s, &i);
220 if (r < 0)
221 return r;
222
223 if (i && !unit_type_may_template(t))
224 return -EINVAL;
225
226 /* Ensure that this unit is either instanced or not instanced,
227 * but not both. Note that we do allow names with different
228 * instance names however! */
229 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
230 return -EINVAL;
231
232 if (!unit_type_may_alias(t) && !set_isempty(u->names))
233 return -EEXIST;
234
235 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
236 return -E2BIG;
237
238 r = set_put(u->names, s);
239 if (r < 0)
240 return r;
241 assert(r > 0);
242
243 r = hashmap_put(u->manager->units, s, u);
244 if (r < 0) {
245 (void) set_remove(u->names, s);
246 return r;
247 }
248
249 if (u->type == _UNIT_TYPE_INVALID) {
250 u->type = t;
251 u->id = s;
252 u->instance = TAKE_PTR(i);
253
254 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
255
256 unit_init(u);
257 }
258
259 s = NULL;
260
261 unit_add_to_dbus_queue(u);
262 return 0;
263 }
264
265 int unit_choose_id(Unit *u, const char *name) {
266 _cleanup_free_ char *t = NULL;
267 char *s, *i;
268 int r;
269
270 assert(u);
271 assert(name);
272
273 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
274
275 if (!u->instance)
276 return -EINVAL;
277
278 r = unit_name_replace_instance(name, u->instance, &t);
279 if (r < 0)
280 return r;
281
282 name = t;
283 }
284
285 /* Selects one of the names of this unit as the id */
286 s = set_get(u->names, (char*) name);
287 if (!s)
288 return -ENOENT;
289
290 /* Determine the new instance from the new id */
291 r = unit_name_to_instance(s, &i);
292 if (r < 0)
293 return r;
294
295 u->id = s;
296
297 free(u->instance);
298 u->instance = i;
299
300 unit_add_to_dbus_queue(u);
301
302 return 0;
303 }
304
305 int unit_set_description(Unit *u, const char *description) {
306 int r;
307
308 assert(u);
309
310 r = free_and_strdup(&u->description, empty_to_null(description));
311 if (r < 0)
312 return r;
313 if (r > 0)
314 unit_add_to_dbus_queue(u);
315
316 return 0;
317 }
318
319 bool unit_may_gc(Unit *u) {
320 UnitActiveState state;
321 int r;
322
323 assert(u);
324
325 /* Checks whether the unit is ready to be unloaded for garbage collection.
326 * Returns true when the unit may be collected, and false if there's some
327 * reason to keep it loaded.
328 *
329 * References from other units are *not* checked here. Instead, this is done
330 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
331 */
332
333 if (u->job)
334 return false;
335
336 if (u->nop_job)
337 return false;
338
339 state = unit_active_state(u);
340
341 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
342 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
343 UNIT_VTABLE(u)->release_resources)
344 UNIT_VTABLE(u)->release_resources(u);
345
346 if (u->perpetual)
347 return false;
348
349 if (sd_bus_track_count(u->bus_track) > 0)
350 return false;
351
352 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
353 switch (u->collect_mode) {
354
355 case COLLECT_INACTIVE:
356 if (state != UNIT_INACTIVE)
357 return false;
358
359 break;
360
361 case COLLECT_INACTIVE_OR_FAILED:
362 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
363 return false;
364
365 break;
366
367 default:
368 assert_not_reached("Unknown garbage collection mode");
369 }
370
371 if (u->cgroup_path) {
372 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
373 * around. Units with active processes should never be collected. */
374
375 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
376 if (r < 0)
377 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
378 if (r <= 0)
379 return false;
380 }
381
382 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
383 return false;
384
385 return true;
386 }
387
388 void unit_add_to_load_queue(Unit *u) {
389 assert(u);
390 assert(u->type != _UNIT_TYPE_INVALID);
391
392 if (u->load_state != UNIT_STUB || u->in_load_queue)
393 return;
394
395 LIST_PREPEND(load_queue, u->manager->load_queue, u);
396 u->in_load_queue = true;
397 }
398
399 void unit_add_to_cleanup_queue(Unit *u) {
400 assert(u);
401
402 if (u->in_cleanup_queue)
403 return;
404
405 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
406 u->in_cleanup_queue = true;
407 }
408
409 void unit_add_to_gc_queue(Unit *u) {
410 assert(u);
411
412 if (u->in_gc_queue || u->in_cleanup_queue)
413 return;
414
415 if (!unit_may_gc(u))
416 return;
417
418 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
419 u->in_gc_queue = true;
420 }
421
422 void unit_add_to_dbus_queue(Unit *u) {
423 assert(u);
424 assert(u->type != _UNIT_TYPE_INVALID);
425
426 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
427 return;
428
429 /* Shortcut things if nobody cares */
430 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
431 sd_bus_track_count(u->bus_track) <= 0 &&
432 set_isempty(u->manager->private_buses)) {
433 u->sent_dbus_new_signal = true;
434 return;
435 }
436
437 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
438 u->in_dbus_queue = true;
439 }
440
441 static void bidi_set_free(Unit *u, Hashmap *h) {
442 Unit *other;
443 Iterator i;
444 void *v;
445
446 assert(u);
447
448 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
449
450 HASHMAP_FOREACH_KEY(v, other, h, i) {
451 UnitDependency d;
452
453 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
454 hashmap_remove(other->dependencies[d], u);
455
456 unit_add_to_gc_queue(other);
457 }
458
459 hashmap_free(h);
460 }
461
462 static void unit_remove_transient(Unit *u) {
463 char **i;
464
465 assert(u);
466
467 if (!u->transient)
468 return;
469
470 if (u->fragment_path)
471 (void) unlink(u->fragment_path);
472
473 STRV_FOREACH(i, u->dropin_paths) {
474 _cleanup_free_ char *p = NULL, *pp = NULL;
475
476 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
477 if (!p)
478 continue;
479
480 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
481 if (!pp)
482 continue;
483
484 /* Only drop transient drop-ins */
485 if (!path_equal(u->manager->lookup_paths.transient, pp))
486 continue;
487
488 (void) unlink(*i);
489 (void) rmdir(p);
490 }
491 }
492
493 static void unit_free_requires_mounts_for(Unit *u) {
494 assert(u);
495
496 for (;;) {
497 _cleanup_free_ char *path;
498
499 path = hashmap_steal_first_key(u->requires_mounts_for);
500 if (!path)
501 break;
502 else {
503 char s[strlen(path) + 1];
504
505 PATH_FOREACH_PREFIX_MORE(s, path) {
506 char *y;
507 Set *x;
508
509 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
510 if (!x)
511 continue;
512
513 (void) set_remove(x, u);
514
515 if (set_isempty(x)) {
516 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
517 free(y);
518 set_free(x);
519 }
520 }
521 }
522 }
523
524 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
525 }
526
527 static void unit_done(Unit *u) {
528 ExecContext *ec;
529 CGroupContext *cc;
530
531 assert(u);
532
533 if (u->type < 0)
534 return;
535
536 if (UNIT_VTABLE(u)->done)
537 UNIT_VTABLE(u)->done(u);
538
539 ec = unit_get_exec_context(u);
540 if (ec)
541 exec_context_done(ec);
542
543 cc = unit_get_cgroup_context(u);
544 if (cc)
545 cgroup_context_done(cc);
546 }
547
548 void unit_free(Unit *u) {
549 UnitDependency d;
550 Iterator i;
551 char *t;
552
553 if (!u)
554 return;
555
556 u->transient_file = safe_fclose(u->transient_file);
557
558 if (!MANAGER_IS_RELOADING(u->manager))
559 unit_remove_transient(u);
560
561 bus_unit_send_removed_signal(u);
562
563 unit_done(u);
564
565 unit_dequeue_rewatch_pids(u);
566
567 sd_bus_slot_unref(u->match_bus_slot);
568 sd_bus_track_unref(u->bus_track);
569 u->deserialized_refs = strv_free(u->deserialized_refs);
570
571 unit_free_requires_mounts_for(u);
572
573 SET_FOREACH(t, u->names, i)
574 hashmap_remove_value(u->manager->units, t, u);
575
576 if (!sd_id128_is_null(u->invocation_id))
577 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
578
579 if (u->job) {
580 Job *j = u->job;
581 job_uninstall(j);
582 job_free(j);
583 }
584
585 if (u->nop_job) {
586 Job *j = u->nop_job;
587 job_uninstall(j);
588 job_free(j);
589 }
590
591 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
592 bidi_set_free(u, u->dependencies[d]);
593
594 if (u->on_console)
595 manager_unref_console(u->manager);
596
597 unit_release_cgroup(u);
598
599 if (!MANAGER_IS_RELOADING(u->manager))
600 unit_unlink_state_files(u);
601
602 unit_unref_uid_gid(u, false);
603
604 (void) manager_update_failed_units(u->manager, u, false);
605 set_remove(u->manager->startup_units, u);
606
607 unit_unwatch_all_pids(u);
608
609 unit_ref_unset(&u->slice);
610 while (u->refs_by_target)
611 unit_ref_unset(u->refs_by_target);
612
613 if (u->type != _UNIT_TYPE_INVALID)
614 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
615
616 if (u->in_load_queue)
617 LIST_REMOVE(load_queue, u->manager->load_queue, u);
618
619 if (u->in_dbus_queue)
620 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
621
622 if (u->in_gc_queue)
623 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
624
625 if (u->in_cgroup_realize_queue)
626 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
627
628 if (u->in_cgroup_empty_queue)
629 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
630
631 if (u->in_cleanup_queue)
632 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
633
634 if (u->in_target_deps_queue)
635 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
636
637 safe_close(u->ip_accounting_ingress_map_fd);
638 safe_close(u->ip_accounting_egress_map_fd);
639
640 safe_close(u->ipv4_allow_map_fd);
641 safe_close(u->ipv6_allow_map_fd);
642 safe_close(u->ipv4_deny_map_fd);
643 safe_close(u->ipv6_deny_map_fd);
644
645 bpf_program_unref(u->ip_bpf_ingress);
646 bpf_program_unref(u->ip_bpf_ingress_installed);
647 bpf_program_unref(u->ip_bpf_egress);
648 bpf_program_unref(u->ip_bpf_egress_installed);
649
650 condition_free_list(u->conditions);
651 condition_free_list(u->asserts);
652
653 free(u->description);
654 strv_free(u->documentation);
655 free(u->fragment_path);
656 free(u->source_path);
657 strv_free(u->dropin_paths);
658 free(u->instance);
659
660 free(u->job_timeout_reboot_arg);
661
662 set_free_free(u->names);
663
664 free(u->reboot_arg);
665
666 free(u);
667 }
668
669 UnitActiveState unit_active_state(Unit *u) {
670 assert(u);
671
672 if (u->load_state == UNIT_MERGED)
673 return unit_active_state(unit_follow_merge(u));
674
675 /* After a reload it might happen that a unit is not correctly
676 * loaded but still has a process around. That's why we won't
677 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
678
679 return UNIT_VTABLE(u)->active_state(u);
680 }
681
682 const char* unit_sub_state_to_string(Unit *u) {
683 assert(u);
684
685 return UNIT_VTABLE(u)->sub_state_to_string(u);
686 }
687
688 static int set_complete_move(Set **s, Set **other) {
689 assert(s);
690 assert(other);
691
692 if (!other)
693 return 0;
694
695 if (*s)
696 return set_move(*s, *other);
697 else
698 *s = TAKE_PTR(*other);
699
700 return 0;
701 }
702
703 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
704 assert(s);
705 assert(other);
706
707 if (!*other)
708 return 0;
709
710 if (*s)
711 return hashmap_move(*s, *other);
712 else
713 *s = TAKE_PTR(*other);
714
715 return 0;
716 }
717
718 static int merge_names(Unit *u, Unit *other) {
719 char *t;
720 Iterator i;
721 int r;
722
723 assert(u);
724 assert(other);
725
726 r = set_complete_move(&u->names, &other->names);
727 if (r < 0)
728 return r;
729
730 set_free_free(other->names);
731 other->names = NULL;
732 other->id = NULL;
733
734 SET_FOREACH(t, u->names, i)
735 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
736
737 return 0;
738 }
739
740 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
741 unsigned n_reserve;
742
743 assert(u);
744 assert(other);
745 assert(d < _UNIT_DEPENDENCY_MAX);
746
747 /*
748 * If u does not have this dependency set allocated, there is no need
749 * to reserve anything. In that case other's set will be transferred
750 * as a whole to u by complete_move().
751 */
752 if (!u->dependencies[d])
753 return 0;
754
755 /* merge_dependencies() will skip a u-on-u dependency */
756 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
757
758 return hashmap_reserve(u->dependencies[d], n_reserve);
759 }
760
761 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
762 Iterator i;
763 Unit *back;
764 void *v;
765 int r;
766
767 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
768
769 assert(u);
770 assert(other);
771 assert(d < _UNIT_DEPENDENCY_MAX);
772
773 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
774 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
775 UnitDependency k;
776
777 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
778 * pointers back, and let's fix them up, to instead point to 'u'. */
779
780 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
781 if (back == u) {
782 /* Do not add dependencies between u and itself. */
783 if (hashmap_remove(back->dependencies[k], other))
784 maybe_warn_about_dependency(u, other_id, k);
785 } else {
786 UnitDependencyInfo di_u, di_other, di_merged;
787
788 /* Let's drop this dependency between "back" and "other", and let's create it between
789 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
790 * and any such dependency which might already exist */
791
792 di_other.data = hashmap_get(back->dependencies[k], other);
793 if (!di_other.data)
794 continue; /* dependency isn't set, let's try the next one */
795
796 di_u.data = hashmap_get(back->dependencies[k], u);
797
798 di_merged = (UnitDependencyInfo) {
799 .origin_mask = di_u.origin_mask | di_other.origin_mask,
800 .destination_mask = di_u.destination_mask | di_other.destination_mask,
801 };
802
803 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
804 if (r < 0)
805 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
806 assert(r >= 0);
807
808 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
809 }
810 }
811
812 }
813
814 /* Also do not move dependencies on u to itself */
815 back = hashmap_remove(other->dependencies[d], u);
816 if (back)
817 maybe_warn_about_dependency(u, other_id, d);
818
819 /* The move cannot fail. The caller must have performed a reservation. */
820 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
821
822 other->dependencies[d] = hashmap_free(other->dependencies[d]);
823 }
824
825 int unit_merge(Unit *u, Unit *other) {
826 UnitDependency d;
827 const char *other_id = NULL;
828 int r;
829
830 assert(u);
831 assert(other);
832 assert(u->manager == other->manager);
833 assert(u->type != _UNIT_TYPE_INVALID);
834
835 other = unit_follow_merge(other);
836
837 if (other == u)
838 return 0;
839
840 if (u->type != other->type)
841 return -EINVAL;
842
843 if (!u->instance != !other->instance)
844 return -EINVAL;
845
846 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
847 return -EEXIST;
848
849 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
850 return -EEXIST;
851
852 if (other->job)
853 return -EEXIST;
854
855 if (other->nop_job)
856 return -EEXIST;
857
858 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
859 return -EEXIST;
860
861 if (other->id)
862 other_id = strdupa(other->id);
863
864 /* Make reservations to ensure merge_dependencies() won't fail */
865 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
866 r = reserve_dependencies(u, other, d);
867 /*
868 * We don't rollback reservations if we fail. We don't have
869 * a way to undo reservations. A reservation is not a leak.
870 */
871 if (r < 0)
872 return r;
873 }
874
875 /* Merge names */
876 r = merge_names(u, other);
877 if (r < 0)
878 return r;
879
880 /* Redirect all references */
881 while (other->refs_by_target)
882 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
883
884 /* Merge dependencies */
885 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
886 merge_dependencies(u, other, other_id, d);
887
888 other->load_state = UNIT_MERGED;
889 other->merged_into = u;
890
891 /* If there is still some data attached to the other node, we
892 * don't need it anymore, and can free it. */
893 if (other->load_state != UNIT_STUB)
894 if (UNIT_VTABLE(other)->done)
895 UNIT_VTABLE(other)->done(other);
896
897 unit_add_to_dbus_queue(u);
898 unit_add_to_cleanup_queue(other);
899
900 return 0;
901 }
902
903 int unit_merge_by_name(Unit *u, const char *name) {
904 _cleanup_free_ char *s = NULL;
905 Unit *other;
906 int r;
907
908 assert(u);
909 assert(name);
910
911 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
912 if (!u->instance)
913 return -EINVAL;
914
915 r = unit_name_replace_instance(name, u->instance, &s);
916 if (r < 0)
917 return r;
918
919 name = s;
920 }
921
922 other = manager_get_unit(u->manager, name);
923 if (other)
924 return unit_merge(u, other);
925
926 return unit_add_name(u, name);
927 }
928
929 Unit* unit_follow_merge(Unit *u) {
930 assert(u);
931
932 while (u->load_state == UNIT_MERGED)
933 assert_se(u = u->merged_into);
934
935 return u;
936 }
937
938 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
939 ExecDirectoryType dt;
940 char **dp;
941 int r;
942
943 assert(u);
944 assert(c);
945
946 if (c->working_directory) {
947 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
948 if (r < 0)
949 return r;
950 }
951
952 if (c->root_directory) {
953 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
954 if (r < 0)
955 return r;
956 }
957
958 if (c->root_image) {
959 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
960 if (r < 0)
961 return r;
962 }
963
964 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
965 if (!u->manager->prefix[dt])
966 continue;
967
968 STRV_FOREACH(dp, c->directories[dt].paths) {
969 _cleanup_free_ char *p;
970
971 p = strjoin(u->manager->prefix[dt], "/", *dp);
972 if (!p)
973 return -ENOMEM;
974
975 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
976 if (r < 0)
977 return r;
978 }
979 }
980
981 if (!MANAGER_IS_SYSTEM(u->manager))
982 return 0;
983
984 if (c->private_tmp) {
985 const char *p;
986
987 FOREACH_STRING(p, "/tmp", "/var/tmp") {
988 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
989 if (r < 0)
990 return r;
991 }
992
993 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 if (!IN_SET(c->std_output,
999 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1000 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1001 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1002 !IN_SET(c->std_error,
1003 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1004 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1005 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1006 return 0;
1007
1008 /* If syslog or kernel logging is requested, make sure our own
1009 * logging daemon is run first. */
1010
1011 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1012 if (r < 0)
1013 return r;
1014
1015 return 0;
1016 }
1017
1018 const char *unit_description(Unit *u) {
1019 assert(u);
1020
1021 if (u->description)
1022 return u->description;
1023
1024 return strna(u->id);
1025 }
1026
1027 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1028 const struct {
1029 UnitDependencyMask mask;
1030 const char *name;
1031 } table[] = {
1032 { UNIT_DEPENDENCY_FILE, "file" },
1033 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1034 { UNIT_DEPENDENCY_DEFAULT, "default" },
1035 { UNIT_DEPENDENCY_UDEV, "udev" },
1036 { UNIT_DEPENDENCY_PATH, "path" },
1037 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1038 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1039 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1040 };
1041 size_t i;
1042
1043 assert(f);
1044 assert(kind);
1045 assert(space);
1046
1047 for (i = 0; i < ELEMENTSOF(table); i++) {
1048
1049 if (mask == 0)
1050 break;
1051
1052 if (FLAGS_SET(mask, table[i].mask)) {
1053 if (*space)
1054 fputc(' ', f);
1055 else
1056 *space = true;
1057
1058 fputs(kind, f);
1059 fputs("-", f);
1060 fputs(table[i].name, f);
1061
1062 mask &= ~table[i].mask;
1063 }
1064 }
1065
1066 assert(mask == 0);
1067 }
1068
1069 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1070 char *t, **j;
1071 UnitDependency d;
1072 Iterator i;
1073 const char *prefix2;
1074 char
1075 timestamp0[FORMAT_TIMESTAMP_MAX],
1076 timestamp1[FORMAT_TIMESTAMP_MAX],
1077 timestamp2[FORMAT_TIMESTAMP_MAX],
1078 timestamp3[FORMAT_TIMESTAMP_MAX],
1079 timestamp4[FORMAT_TIMESTAMP_MAX],
1080 timespan[FORMAT_TIMESPAN_MAX];
1081 Unit *following;
1082 _cleanup_set_free_ Set *following_set = NULL;
1083 const char *n;
1084 CGroupMask m;
1085 int r;
1086
1087 assert(u);
1088 assert(u->type >= 0);
1089
1090 prefix = strempty(prefix);
1091 prefix2 = strjoina(prefix, "\t");
1092
1093 fprintf(f,
1094 "%s-> Unit %s:\n"
1095 "%s\tDescription: %s\n"
1096 "%s\tInstance: %s\n"
1097 "%s\tUnit Load State: %s\n"
1098 "%s\tUnit Active State: %s\n"
1099 "%s\tState Change Timestamp: %s\n"
1100 "%s\tInactive Exit Timestamp: %s\n"
1101 "%s\tActive Enter Timestamp: %s\n"
1102 "%s\tActive Exit Timestamp: %s\n"
1103 "%s\tInactive Enter Timestamp: %s\n"
1104 "%s\tMay GC: %s\n"
1105 "%s\tNeed Daemon Reload: %s\n"
1106 "%s\tTransient: %s\n"
1107 "%s\tPerpetual: %s\n"
1108 "%s\tGarbage Collection Mode: %s\n"
1109 "%s\tSlice: %s\n"
1110 "%s\tCGroup: %s\n"
1111 "%s\tCGroup realized: %s\n",
1112 prefix, u->id,
1113 prefix, unit_description(u),
1114 prefix, strna(u->instance),
1115 prefix, unit_load_state_to_string(u->load_state),
1116 prefix, unit_active_state_to_string(unit_active_state(u)),
1117 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1118 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1119 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1120 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1121 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1122 prefix, yes_no(unit_may_gc(u)),
1123 prefix, yes_no(unit_need_daemon_reload(u)),
1124 prefix, yes_no(u->transient),
1125 prefix, yes_no(u->perpetual),
1126 prefix, collect_mode_to_string(u->collect_mode),
1127 prefix, strna(unit_slice_name(u)),
1128 prefix, strna(u->cgroup_path),
1129 prefix, yes_no(u->cgroup_realized));
1130
1131 if (u->cgroup_realized_mask != 0) {
1132 _cleanup_free_ char *s = NULL;
1133 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1134 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1135 }
1136 if (u->cgroup_enabled_mask != 0) {
1137 _cleanup_free_ char *s = NULL;
1138 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1139 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1140 }
1141 m = unit_get_own_mask(u);
1142 if (m != 0) {
1143 _cleanup_free_ char *s = NULL;
1144 (void) cg_mask_to_string(m, &s);
1145 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1146 }
1147 m = unit_get_members_mask(u);
1148 if (m != 0) {
1149 _cleanup_free_ char *s = NULL;
1150 (void) cg_mask_to_string(m, &s);
1151 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1152 }
1153
1154 SET_FOREACH(t, u->names, i)
1155 fprintf(f, "%s\tName: %s\n", prefix, t);
1156
1157 if (!sd_id128_is_null(u->invocation_id))
1158 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1159 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1160
1161 STRV_FOREACH(j, u->documentation)
1162 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1163
1164 following = unit_following(u);
1165 if (following)
1166 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1167
1168 r = unit_following_set(u, &following_set);
1169 if (r >= 0) {
1170 Unit *other;
1171
1172 SET_FOREACH(other, following_set, i)
1173 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1174 }
1175
1176 if (u->fragment_path)
1177 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1178
1179 if (u->source_path)
1180 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1181
1182 STRV_FOREACH(j, u->dropin_paths)
1183 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1184
1185 if (u->failure_action != EMERGENCY_ACTION_NONE)
1186 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1187 if (u->success_action != EMERGENCY_ACTION_NONE)
1188 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1189
1190 if (u->job_timeout != USEC_INFINITY)
1191 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1192
1193 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1194 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1195
1196 if (u->job_timeout_reboot_arg)
1197 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1198
1199 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1200 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1201
1202 if (dual_timestamp_is_set(&u->condition_timestamp))
1203 fprintf(f,
1204 "%s\tCondition Timestamp: %s\n"
1205 "%s\tCondition Result: %s\n",
1206 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1207 prefix, yes_no(u->condition_result));
1208
1209 if (dual_timestamp_is_set(&u->assert_timestamp))
1210 fprintf(f,
1211 "%s\tAssert Timestamp: %s\n"
1212 "%s\tAssert Result: %s\n",
1213 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1214 prefix, yes_no(u->assert_result));
1215
1216 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1217 UnitDependencyInfo di;
1218 Unit *other;
1219
1220 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1221 bool space = false;
1222
1223 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1224
1225 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1226 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1227
1228 fputs(")\n", f);
1229 }
1230 }
1231
1232 if (!hashmap_isempty(u->requires_mounts_for)) {
1233 UnitDependencyInfo di;
1234 const char *path;
1235
1236 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1237 bool space = false;
1238
1239 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1240
1241 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1242 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1243
1244 fputs(")\n", f);
1245 }
1246 }
1247
1248 if (u->load_state == UNIT_LOADED) {
1249
1250 fprintf(f,
1251 "%s\tStopWhenUnneeded: %s\n"
1252 "%s\tRefuseManualStart: %s\n"
1253 "%s\tRefuseManualStop: %s\n"
1254 "%s\tDefaultDependencies: %s\n"
1255 "%s\tOnFailureJobMode: %s\n"
1256 "%s\tIgnoreOnIsolate: %s\n",
1257 prefix, yes_no(u->stop_when_unneeded),
1258 prefix, yes_no(u->refuse_manual_start),
1259 prefix, yes_no(u->refuse_manual_stop),
1260 prefix, yes_no(u->default_dependencies),
1261 prefix, job_mode_to_string(u->on_failure_job_mode),
1262 prefix, yes_no(u->ignore_on_isolate));
1263
1264 if (UNIT_VTABLE(u)->dump)
1265 UNIT_VTABLE(u)->dump(u, f, prefix2);
1266
1267 } else if (u->load_state == UNIT_MERGED)
1268 fprintf(f,
1269 "%s\tMerged into: %s\n",
1270 prefix, u->merged_into->id);
1271 else if (u->load_state == UNIT_ERROR)
1272 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1273
1274 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1275 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1276
1277 if (u->job)
1278 job_dump(u->job, f, prefix2);
1279
1280 if (u->nop_job)
1281 job_dump(u->nop_job, f, prefix2);
1282 }
1283
1284 /* Common implementation for multiple backends */
1285 int unit_load_fragment_and_dropin(Unit *u) {
1286 int r;
1287
1288 assert(u);
1289
1290 /* Load a .{service,socket,...} file */
1291 r = unit_load_fragment(u);
1292 if (r < 0)
1293 return r;
1294
1295 if (u->load_state == UNIT_STUB)
1296 return -ENOENT;
1297
1298 /* Load drop-in directory data. If u is an alias, we might be reloading the
1299 * target unit needlessly. But we cannot be sure which drops-ins have already
1300 * been loaded and which not, at least without doing complicated book-keeping,
1301 * so let's always reread all drop-ins. */
1302 return unit_load_dropin(unit_follow_merge(u));
1303 }
1304
1305 /* Common implementation for multiple backends */
1306 int unit_load_fragment_and_dropin_optional(Unit *u) {
1307 int r;
1308
1309 assert(u);
1310
1311 /* Same as unit_load_fragment_and_dropin(), but whether
1312 * something can be loaded or not doesn't matter. */
1313
1314 /* Load a .service/.socket/.slice/… file */
1315 r = unit_load_fragment(u);
1316 if (r < 0)
1317 return r;
1318
1319 if (u->load_state == UNIT_STUB)
1320 u->load_state = UNIT_LOADED;
1321
1322 /* Load drop-in directory data */
1323 return unit_load_dropin(unit_follow_merge(u));
1324 }
1325
1326 void unit_add_to_target_deps_queue(Unit *u) {
1327 Manager *m = u->manager;
1328
1329 assert(u);
1330
1331 if (u->in_target_deps_queue)
1332 return;
1333
1334 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1335 u->in_target_deps_queue = true;
1336 }
1337
1338 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1339 assert(u);
1340 assert(target);
1341
1342 if (target->type != UNIT_TARGET)
1343 return 0;
1344
1345 /* Only add the dependency if both units are loaded, so that
1346 * that loop check below is reliable */
1347 if (u->load_state != UNIT_LOADED ||
1348 target->load_state != UNIT_LOADED)
1349 return 0;
1350
1351 /* If either side wants no automatic dependencies, then let's
1352 * skip this */
1353 if (!u->default_dependencies ||
1354 !target->default_dependencies)
1355 return 0;
1356
1357 /* Don't create loops */
1358 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1359 return 0;
1360
1361 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1362 }
1363
1364 static int unit_add_slice_dependencies(Unit *u) {
1365 UnitDependencyMask mask;
1366 assert(u);
1367
1368 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1369 return 0;
1370
1371 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1372 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1373 relationship). */
1374 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1375
1376 if (UNIT_ISSET(u->slice))
1377 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1378
1379 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1380 return 0;
1381
1382 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1383 }
1384
1385 static int unit_add_mount_dependencies(Unit *u) {
1386 UnitDependencyInfo di;
1387 const char *path;
1388 Iterator i;
1389 int r;
1390
1391 assert(u);
1392
1393 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1394 char prefix[strlen(path) + 1];
1395
1396 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1397 _cleanup_free_ char *p = NULL;
1398 Unit *m;
1399
1400 r = unit_name_from_path(prefix, ".mount", &p);
1401 if (r < 0)
1402 return r;
1403
1404 m = manager_get_unit(u->manager, p);
1405 if (!m) {
1406 /* Make sure to load the mount unit if
1407 * it exists. If so the dependencies
1408 * on this unit will be added later
1409 * during the loading of the mount
1410 * unit. */
1411 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1412 continue;
1413 }
1414 if (m == u)
1415 continue;
1416
1417 if (m->load_state != UNIT_LOADED)
1418 continue;
1419
1420 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1421 if (r < 0)
1422 return r;
1423
1424 if (m->fragment_path) {
1425 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1426 if (r < 0)
1427 return r;
1428 }
1429 }
1430 }
1431
1432 return 0;
1433 }
1434
1435 static int unit_add_startup_units(Unit *u) {
1436 CGroupContext *c;
1437 int r;
1438
1439 c = unit_get_cgroup_context(u);
1440 if (!c)
1441 return 0;
1442
1443 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1444 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1445 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1446 return 0;
1447
1448 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1449 if (r < 0)
1450 return r;
1451
1452 return set_put(u->manager->startup_units, u);
1453 }
1454
1455 int unit_load(Unit *u) {
1456 int r;
1457
1458 assert(u);
1459
1460 if (u->in_load_queue) {
1461 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1462 u->in_load_queue = false;
1463 }
1464
1465 if (u->type == _UNIT_TYPE_INVALID)
1466 return -EINVAL;
1467
1468 if (u->load_state != UNIT_STUB)
1469 return 0;
1470
1471 if (u->transient_file) {
1472 r = fflush_and_check(u->transient_file);
1473 if (r < 0)
1474 goto fail;
1475
1476 u->transient_file = safe_fclose(u->transient_file);
1477 u->fragment_mtime = now(CLOCK_REALTIME);
1478 }
1479
1480 if (UNIT_VTABLE(u)->load) {
1481 r = UNIT_VTABLE(u)->load(u);
1482 if (r < 0)
1483 goto fail;
1484 }
1485
1486 if (u->load_state == UNIT_STUB) {
1487 r = -ENOENT;
1488 goto fail;
1489 }
1490
1491 if (u->load_state == UNIT_LOADED) {
1492 unit_add_to_target_deps_queue(u);
1493
1494 r = unit_add_slice_dependencies(u);
1495 if (r < 0)
1496 goto fail;
1497
1498 r = unit_add_mount_dependencies(u);
1499 if (r < 0)
1500 goto fail;
1501
1502 r = unit_add_startup_units(u);
1503 if (r < 0)
1504 goto fail;
1505
1506 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1507 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1508 r = -ENOEXEC;
1509 goto fail;
1510 }
1511
1512 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1513 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1514
1515 unit_update_cgroup_members_masks(u);
1516 }
1517
1518 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1519
1520 unit_add_to_dbus_queue(unit_follow_merge(u));
1521 unit_add_to_gc_queue(u);
1522
1523 return 0;
1524
1525 fail:
1526 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1527 * return ENOEXEC to ensure units are placed in this state after loading */
1528
1529 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1530 r == -ENOEXEC ? UNIT_BAD_SETTING :
1531 UNIT_ERROR;
1532 u->load_error = r;
1533
1534 unit_add_to_dbus_queue(u);
1535 unit_add_to_gc_queue(u);
1536
1537 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1538 }
1539
1540 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1541 Condition *c;
1542 int triggered = -1;
1543
1544 assert(u);
1545 assert(to_string);
1546
1547 /* If the condition list is empty, then it is true */
1548 if (!first)
1549 return true;
1550
1551 /* Otherwise, if all of the non-trigger conditions apply and
1552 * if any of the trigger conditions apply (unless there are
1553 * none) we return true */
1554 LIST_FOREACH(conditions, c, first) {
1555 int r;
1556
1557 r = condition_test(c);
1558 if (r < 0)
1559 log_unit_warning(u,
1560 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1561 to_string(c->type),
1562 c->trigger ? "|" : "",
1563 c->negate ? "!" : "",
1564 c->parameter);
1565 else
1566 log_unit_debug(u,
1567 "%s=%s%s%s %s.",
1568 to_string(c->type),
1569 c->trigger ? "|" : "",
1570 c->negate ? "!" : "",
1571 c->parameter,
1572 condition_result_to_string(c->result));
1573
1574 if (!c->trigger && r <= 0)
1575 return false;
1576
1577 if (c->trigger && triggered <= 0)
1578 triggered = r > 0;
1579 }
1580
1581 return triggered != 0;
1582 }
1583
1584 static bool unit_condition_test(Unit *u) {
1585 assert(u);
1586
1587 dual_timestamp_get(&u->condition_timestamp);
1588 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1589
1590 return u->condition_result;
1591 }
1592
1593 static bool unit_assert_test(Unit *u) {
1594 assert(u);
1595
1596 dual_timestamp_get(&u->assert_timestamp);
1597 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1598
1599 return u->assert_result;
1600 }
1601
1602 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1603 DISABLE_WARNING_FORMAT_NONLITERAL;
1604 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1605 REENABLE_WARNING;
1606 }
1607
1608 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1609 const char *format;
1610 const UnitStatusMessageFormats *format_table;
1611
1612 assert(u);
1613 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1614
1615 if (t != JOB_RELOAD) {
1616 format_table = &UNIT_VTABLE(u)->status_message_formats;
1617 if (format_table) {
1618 format = format_table->starting_stopping[t == JOB_STOP];
1619 if (format)
1620 return format;
1621 }
1622 }
1623
1624 /* Return generic strings */
1625 if (t == JOB_START)
1626 return "Starting %s.";
1627 else if (t == JOB_STOP)
1628 return "Stopping %s.";
1629 else
1630 return "Reloading %s.";
1631 }
1632
1633 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1634 const char *format;
1635
1636 assert(u);
1637
1638 /* Reload status messages have traditionally not been printed to console. */
1639 if (!IN_SET(t, JOB_START, JOB_STOP))
1640 return;
1641
1642 format = unit_get_status_message_format(u, t);
1643
1644 DISABLE_WARNING_FORMAT_NONLITERAL;
1645 unit_status_printf(u, "", format);
1646 REENABLE_WARNING;
1647 }
1648
1649 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1650 const char *format, *mid;
1651 char buf[LINE_MAX];
1652
1653 assert(u);
1654
1655 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1656 return;
1657
1658 if (log_on_console())
1659 return;
1660
1661 /* We log status messages for all units and all operations. */
1662
1663 format = unit_get_status_message_format(u, t);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1667 REENABLE_WARNING;
1668
1669 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1670 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1671 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1672
1673 /* Note that we deliberately use LOG_MESSAGE() instead of
1674 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1675 * closely what is written to screen using the status output,
1676 * which is supposed the highest level, friendliest output
1677 * possible, which means we should avoid the low-level unit
1678 * name. */
1679 log_struct(LOG_INFO,
1680 LOG_MESSAGE("%s", buf),
1681 LOG_UNIT_ID(u),
1682 LOG_UNIT_INVOCATION_ID(u),
1683 mid);
1684 }
1685
1686 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1687 assert(u);
1688 assert(t >= 0);
1689 assert(t < _JOB_TYPE_MAX);
1690
1691 unit_status_log_starting_stopping_reloading(u, t);
1692 unit_status_print_starting_stopping(u, t);
1693 }
1694
1695 int unit_start_limit_test(Unit *u) {
1696 assert(u);
1697
1698 if (ratelimit_below(&u->start_limit)) {
1699 u->start_limit_hit = false;
1700 return 0;
1701 }
1702
1703 log_unit_warning(u, "Start request repeated too quickly.");
1704 u->start_limit_hit = true;
1705
1706 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1707 }
1708
1709 bool unit_shall_confirm_spawn(Unit *u) {
1710 assert(u);
1711
1712 if (manager_is_confirm_spawn_disabled(u->manager))
1713 return false;
1714
1715 /* For some reasons units remaining in the same process group
1716 * as PID 1 fail to acquire the console even if it's not used
1717 * by any process. So skip the confirmation question for them. */
1718 return !unit_get_exec_context(u)->same_pgrp;
1719 }
1720
1721 static bool unit_verify_deps(Unit *u) {
1722 Unit *other;
1723 Iterator j;
1724 void *v;
1725
1726 assert(u);
1727
1728 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1729 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1730 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1731 * conjunction with After= as for them any such check would make things entirely racy. */
1732
1733 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1734
1735 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1736 continue;
1737
1738 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1739 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1740 return false;
1741 }
1742 }
1743
1744 return true;
1745 }
1746
1747 /* Errors:
1748 * -EBADR: This unit type does not support starting.
1749 * -EALREADY: Unit is already started.
1750 * -EAGAIN: An operation is already in progress. Retry later.
1751 * -ECANCELED: Too many requests for now.
1752 * -EPROTO: Assert failed
1753 * -EINVAL: Unit not loaded
1754 * -EOPNOTSUPP: Unit type not supported
1755 * -ENOLINK: The necessary dependencies are not fulfilled.
1756 * -ESTALE: This unit has been started before and can't be started a second time
1757 */
1758 int unit_start(Unit *u) {
1759 UnitActiveState state;
1760 Unit *following;
1761
1762 assert(u);
1763
1764 /* If this is already started, then this will succeed. Note
1765 * that this will even succeed if this unit is not startable
1766 * by the user. This is relied on to detect when we need to
1767 * wait for units and when waiting is finished. */
1768 state = unit_active_state(u);
1769 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1770 return -EALREADY;
1771
1772 /* Units that aren't loaded cannot be started */
1773 if (u->load_state != UNIT_LOADED)
1774 return -EINVAL;
1775
1776 /* Refuse starting scope units more than once */
1777 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1778 return -ESTALE;
1779
1780 /* If the conditions failed, don't do anything at all. If we
1781 * already are activating this call might still be useful to
1782 * speed up activation in case there is some hold-off time,
1783 * but we don't want to recheck the condition in that case. */
1784 if (state != UNIT_ACTIVATING &&
1785 !unit_condition_test(u)) {
1786 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1787 return -EALREADY;
1788 }
1789
1790 /* If the asserts failed, fail the entire job */
1791 if (state != UNIT_ACTIVATING &&
1792 !unit_assert_test(u)) {
1793 log_unit_notice(u, "Starting requested but asserts failed.");
1794 return -EPROTO;
1795 }
1796
1797 /* Units of types that aren't supported cannot be
1798 * started. Note that we do this test only after the condition
1799 * checks, so that we rather return condition check errors
1800 * (which are usually not considered a true failure) than "not
1801 * supported" errors (which are considered a failure).
1802 */
1803 if (!unit_supported(u))
1804 return -EOPNOTSUPP;
1805
1806 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1807 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1808 * effect anymore, due to a reload or due to a failed condition. */
1809 if (!unit_verify_deps(u))
1810 return -ENOLINK;
1811
1812 /* Forward to the main object, if we aren't it. */
1813 following = unit_following(u);
1814 if (following) {
1815 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1816 return unit_start(following);
1817 }
1818
1819 /* If it is stopped, but we cannot start it, then fail */
1820 if (!UNIT_VTABLE(u)->start)
1821 return -EBADR;
1822
1823 /* We don't suppress calls to ->start() here when we are
1824 * already starting, to allow this request to be used as a
1825 * "hurry up" call, for example when the unit is in some "auto
1826 * restart" state where it waits for a holdoff timer to elapse
1827 * before it will start again. */
1828
1829 unit_add_to_dbus_queue(u);
1830
1831 return UNIT_VTABLE(u)->start(u);
1832 }
1833
1834 bool unit_can_start(Unit *u) {
1835 assert(u);
1836
1837 if (u->load_state != UNIT_LOADED)
1838 return false;
1839
1840 if (!unit_supported(u))
1841 return false;
1842
1843 /* Scope units may be started only once */
1844 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1845 return false;
1846
1847 return !!UNIT_VTABLE(u)->start;
1848 }
1849
1850 bool unit_can_isolate(Unit *u) {
1851 assert(u);
1852
1853 return unit_can_start(u) &&
1854 u->allow_isolate;
1855 }
1856
1857 /* Errors:
1858 * -EBADR: This unit type does not support stopping.
1859 * -EALREADY: Unit is already stopped.
1860 * -EAGAIN: An operation is already in progress. Retry later.
1861 */
1862 int unit_stop(Unit *u) {
1863 UnitActiveState state;
1864 Unit *following;
1865
1866 assert(u);
1867
1868 state = unit_active_state(u);
1869 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1870 return -EALREADY;
1871
1872 following = unit_following(u);
1873 if (following) {
1874 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1875 return unit_stop(following);
1876 }
1877
1878 if (!UNIT_VTABLE(u)->stop)
1879 return -EBADR;
1880
1881 unit_add_to_dbus_queue(u);
1882
1883 return UNIT_VTABLE(u)->stop(u);
1884 }
1885
1886 bool unit_can_stop(Unit *u) {
1887 assert(u);
1888
1889 if (!unit_supported(u))
1890 return false;
1891
1892 if (u->perpetual)
1893 return false;
1894
1895 return !!UNIT_VTABLE(u)->stop;
1896 }
1897
1898 /* Errors:
1899 * -EBADR: This unit type does not support reloading.
1900 * -ENOEXEC: Unit is not started.
1901 * -EAGAIN: An operation is already in progress. Retry later.
1902 */
1903 int unit_reload(Unit *u) {
1904 UnitActiveState state;
1905 Unit *following;
1906
1907 assert(u);
1908
1909 if (u->load_state != UNIT_LOADED)
1910 return -EINVAL;
1911
1912 if (!unit_can_reload(u))
1913 return -EBADR;
1914
1915 state = unit_active_state(u);
1916 if (state == UNIT_RELOADING)
1917 return -EALREADY;
1918
1919 if (state != UNIT_ACTIVE) {
1920 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1921 return -ENOEXEC;
1922 }
1923
1924 following = unit_following(u);
1925 if (following) {
1926 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1927 return unit_reload(following);
1928 }
1929
1930 unit_add_to_dbus_queue(u);
1931
1932 if (!UNIT_VTABLE(u)->reload) {
1933 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1934 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1935 return 0;
1936 }
1937
1938 return UNIT_VTABLE(u)->reload(u);
1939 }
1940
1941 bool unit_can_reload(Unit *u) {
1942 assert(u);
1943
1944 if (UNIT_VTABLE(u)->can_reload)
1945 return UNIT_VTABLE(u)->can_reload(u);
1946
1947 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1948 return true;
1949
1950 return UNIT_VTABLE(u)->reload;
1951 }
1952
1953 static void unit_check_unneeded(Unit *u) {
1954
1955 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1956
1957 static const UnitDependency needed_dependencies[] = {
1958 UNIT_REQUIRED_BY,
1959 UNIT_REQUISITE_OF,
1960 UNIT_WANTED_BY,
1961 UNIT_BOUND_BY,
1962 };
1963
1964 unsigned j;
1965 int r;
1966
1967 assert(u);
1968
1969 /* If this service shall be shut down when unneeded then do
1970 * so. */
1971
1972 if (!u->stop_when_unneeded)
1973 return;
1974
1975 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1976 return;
1977
1978 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1979 Unit *other;
1980 Iterator i;
1981 void *v;
1982
1983 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1984 if (unit_active_or_pending(other) || unit_will_restart(other))
1985 return;
1986 }
1987
1988 /* If stopping a unit fails continuously we might enter a stop
1989 * loop here, hence stop acting on the service being
1990 * unnecessary after a while. */
1991 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1992 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1993 return;
1994 }
1995
1996 log_unit_info(u, "Unit not needed anymore. Stopping.");
1997
1998 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
1999 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2000 if (r < 0)
2001 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2002 }
2003
2004 static void unit_check_binds_to(Unit *u) {
2005 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2006 bool stop = false;
2007 Unit *other;
2008 Iterator i;
2009 void *v;
2010 int r;
2011
2012 assert(u);
2013
2014 if (u->job)
2015 return;
2016
2017 if (unit_active_state(u) != UNIT_ACTIVE)
2018 return;
2019
2020 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2021 if (other->job)
2022 continue;
2023
2024 if (!other->coldplugged)
2025 /* We might yet create a job for the other unit… */
2026 continue;
2027
2028 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2029 continue;
2030
2031 stop = true;
2032 break;
2033 }
2034
2035 if (!stop)
2036 return;
2037
2038 /* If stopping a unit fails continuously we might enter a stop
2039 * loop here, hence stop acting on the service being
2040 * unnecessary after a while. */
2041 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2042 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2043 return;
2044 }
2045
2046 assert(other);
2047 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2048
2049 /* A unit we need to run is gone. Sniff. Let's stop this. */
2050 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2051 if (r < 0)
2052 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2053 }
2054
2055 static void retroactively_start_dependencies(Unit *u) {
2056 Iterator i;
2057 Unit *other;
2058 void *v;
2059
2060 assert(u);
2061 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2062
2063 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2064 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2065 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2066 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2067
2068 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2069 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2070 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2071 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2072
2073 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2074 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2075 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2076 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2077
2078 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2079 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2080 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2081
2082 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2083 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2084 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2085 }
2086
2087 static void retroactively_stop_dependencies(Unit *u) {
2088 Unit *other;
2089 Iterator i;
2090 void *v;
2091
2092 assert(u);
2093 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2094
2095 /* Pull down units which are bound to us recursively if enabled */
2096 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2097 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2098 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2099 }
2100
2101 static void check_unneeded_dependencies(Unit *u) {
2102 Unit *other;
2103 Iterator i;
2104 void *v;
2105
2106 assert(u);
2107 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2108
2109 /* Garbage collect services that might not be needed anymore, if enabled */
2110 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2111 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2112 unit_check_unneeded(other);
2113 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2114 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2115 unit_check_unneeded(other);
2116 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2117 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2118 unit_check_unneeded(other);
2119 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2120 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2121 unit_check_unneeded(other);
2122 }
2123
2124 void unit_start_on_failure(Unit *u) {
2125 Unit *other;
2126 Iterator i;
2127 void *v;
2128 int r;
2129
2130 assert(u);
2131
2132 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2133 return;
2134
2135 log_unit_info(u, "Triggering OnFailure= dependencies.");
2136
2137 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2138 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2139
2140 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2141 if (r < 0)
2142 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2143 }
2144 }
2145
2146 void unit_trigger_notify(Unit *u) {
2147 Unit *other;
2148 Iterator i;
2149 void *v;
2150
2151 assert(u);
2152
2153 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2154 if (UNIT_VTABLE(other)->trigger_notify)
2155 UNIT_VTABLE(other)->trigger_notify(other, u);
2156 }
2157
2158 static int unit_log_resources(Unit *u) {
2159
2160 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2161 size_t n_message_parts = 0, n_iovec = 0;
2162 char* message_parts[3 + 1], *t;
2163 nsec_t nsec = NSEC_INFINITY;
2164 CGroupIPAccountingMetric m;
2165 size_t i;
2166 int r;
2167 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2168 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2169 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2170 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2171 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2172 };
2173
2174 assert(u);
2175
2176 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2177 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2178 * information and the complete data in structured fields. */
2179
2180 (void) unit_get_cpu_usage(u, &nsec);
2181 if (nsec != NSEC_INFINITY) {
2182 char buf[FORMAT_TIMESPAN_MAX] = "";
2183
2184 /* Format the CPU time for inclusion in the structured log message */
2185 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2186 r = log_oom();
2187 goto finish;
2188 }
2189 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2190
2191 /* Format the CPU time for inclusion in the human language message string */
2192 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2193 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2194 if (!t) {
2195 r = log_oom();
2196 goto finish;
2197 }
2198
2199 message_parts[n_message_parts++] = t;
2200 }
2201
2202 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2203 char buf[FORMAT_BYTES_MAX] = "";
2204 uint64_t value = UINT64_MAX;
2205
2206 assert(ip_fields[m]);
2207
2208 (void) unit_get_ip_accounting(u, m, &value);
2209 if (value == UINT64_MAX)
2210 continue;
2211
2212 /* Format IP accounting data for inclusion in the structured log message */
2213 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2214 r = log_oom();
2215 goto finish;
2216 }
2217 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2218
2219 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2220 * bytes counters (and not for the packets counters) */
2221 if (m == CGROUP_IP_INGRESS_BYTES)
2222 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2223 format_bytes(buf, sizeof(buf), value),
2224 " IP traffic");
2225 else if (m == CGROUP_IP_EGRESS_BYTES)
2226 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2227 format_bytes(buf, sizeof(buf), value),
2228 " IP traffic");
2229 else
2230 continue;
2231 if (!t) {
2232 r = log_oom();
2233 goto finish;
2234 }
2235
2236 message_parts[n_message_parts++] = t;
2237 }
2238
2239 /* Is there any accounting data available at all? */
2240 if (n_iovec == 0) {
2241 r = 0;
2242 goto finish;
2243 }
2244
2245 if (n_message_parts == 0)
2246 t = strjoina("MESSAGE=", u->id, ": Completed");
2247 else {
2248 _cleanup_free_ char *joined;
2249
2250 message_parts[n_message_parts] = NULL;
2251
2252 joined = strv_join(message_parts, ", ");
2253 if (!joined) {
2254 r = log_oom();
2255 goto finish;
2256 }
2257
2258 t = strjoina("MESSAGE=", u->id, ": ", joined);
2259 }
2260
2261 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2262 * and hence don't increase n_iovec for them */
2263 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2264 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2265
2266 t = strjoina(u->manager->unit_log_field, u->id);
2267 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2268
2269 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2270 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2271
2272 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2273 r = 0;
2274
2275 finish:
2276 for (i = 0; i < n_message_parts; i++)
2277 free(message_parts[i]);
2278
2279 for (i = 0; i < n_iovec; i++)
2280 free(iovec[i].iov_base);
2281
2282 return r;
2283
2284 }
2285
2286 static void unit_update_on_console(Unit *u) {
2287 bool b;
2288
2289 assert(u);
2290
2291 b = unit_needs_console(u);
2292 if (u->on_console == b)
2293 return;
2294
2295 u->on_console = b;
2296 if (b)
2297 manager_ref_console(u->manager);
2298 else
2299 manager_unref_console(u->manager);
2300 }
2301
2302 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2303 bool unexpected;
2304 Manager *m;
2305
2306 assert(u);
2307 assert(os < _UNIT_ACTIVE_STATE_MAX);
2308 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2309
2310 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2311 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2312 * remounted this function will be called too! */
2313
2314 m = u->manager;
2315
2316 /* Update timestamps for state changes */
2317 if (!MANAGER_IS_RELOADING(m)) {
2318 dual_timestamp_get(&u->state_change_timestamp);
2319
2320 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2321 u->inactive_exit_timestamp = u->state_change_timestamp;
2322 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2323 u->inactive_enter_timestamp = u->state_change_timestamp;
2324
2325 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2326 u->active_enter_timestamp = u->state_change_timestamp;
2327 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2328 u->active_exit_timestamp = u->state_change_timestamp;
2329 }
2330
2331 /* Keep track of failed units */
2332 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2333
2334 /* Make sure the cgroup and state files are always removed when we become inactive */
2335 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2336 unit_prune_cgroup(u);
2337 unit_unlink_state_files(u);
2338 }
2339
2340 unit_update_on_console(u);
2341
2342 if (u->job) {
2343 unexpected = false;
2344
2345 if (u->job->state == JOB_WAITING)
2346
2347 /* So we reached a different state for this
2348 * job. Let's see if we can run it now if it
2349 * failed previously due to EAGAIN. */
2350 job_add_to_run_queue(u->job);
2351
2352 /* Let's check whether this state change constitutes a
2353 * finished job, or maybe contradicts a running job and
2354 * hence needs to invalidate jobs. */
2355
2356 switch (u->job->type) {
2357
2358 case JOB_START:
2359 case JOB_VERIFY_ACTIVE:
2360
2361 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2362 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2363 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2364 unexpected = true;
2365
2366 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2367 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2368 }
2369
2370 break;
2371
2372 case JOB_RELOAD:
2373 case JOB_RELOAD_OR_START:
2374 case JOB_TRY_RELOAD:
2375
2376 if (u->job->state == JOB_RUNNING) {
2377 if (ns == UNIT_ACTIVE)
2378 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2379 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2380 unexpected = true;
2381
2382 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2383 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2384 }
2385 }
2386
2387 break;
2388
2389 case JOB_STOP:
2390 case JOB_RESTART:
2391 case JOB_TRY_RESTART:
2392
2393 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2394 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2395 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2396 unexpected = true;
2397 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2398 }
2399
2400 break;
2401
2402 default:
2403 assert_not_reached("Job type unknown");
2404 }
2405
2406 } else
2407 unexpected = true;
2408
2409 if (!MANAGER_IS_RELOADING(m)) {
2410
2411 /* If this state change happened without being
2412 * requested by a job, then let's retroactively start
2413 * or stop dependencies. We skip that step when
2414 * deserializing, since we don't want to create any
2415 * additional jobs just because something is already
2416 * activated. */
2417
2418 if (unexpected) {
2419 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2420 retroactively_start_dependencies(u);
2421 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2422 retroactively_stop_dependencies(u);
2423 }
2424
2425 /* stop unneeded units regardless if going down was expected or not */
2426 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2427 check_unneeded_dependencies(u);
2428
2429 if (ns != os && ns == UNIT_FAILED) {
2430 log_unit_debug(u, "Unit entered failed state.");
2431
2432 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2433 unit_start_on_failure(u);
2434 }
2435 }
2436
2437 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2438
2439 if (u->type == UNIT_SERVICE &&
2440 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2441 !MANAGER_IS_RELOADING(m)) {
2442 /* Write audit record if we have just finished starting up */
2443 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2444 u->in_audit = true;
2445 }
2446
2447 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2448 manager_send_unit_plymouth(m, u);
2449
2450 } else {
2451
2452 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2453 !UNIT_IS_INACTIVE_OR_FAILED(os)
2454 && !MANAGER_IS_RELOADING(m)) {
2455
2456 /* This unit just stopped/failed. */
2457 if (u->type == UNIT_SERVICE) {
2458
2459 /* Hmm, if there was no start record written
2460 * write it now, so that we always have a nice
2461 * pair */
2462 if (!u->in_audit) {
2463 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2464
2465 if (ns == UNIT_INACTIVE)
2466 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2467 } else
2468 /* Write audit record if we have just finished shutting down */
2469 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2470
2471 u->in_audit = false;
2472 }
2473
2474 /* Write a log message about consumed resources */
2475 unit_log_resources(u);
2476 }
2477 }
2478
2479 manager_recheck_journal(m);
2480 manager_recheck_dbus(m);
2481
2482 unit_trigger_notify(u);
2483
2484 if (!MANAGER_IS_RELOADING(u->manager)) {
2485 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2486 unit_check_unneeded(u);
2487
2488 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2489 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2490 * without ever entering started.) */
2491 unit_check_binds_to(u);
2492
2493 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2494 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2495 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2496 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2497 }
2498
2499 unit_add_to_dbus_queue(u);
2500 unit_add_to_gc_queue(u);
2501 }
2502
2503 int unit_watch_pid(Unit *u, pid_t pid) {
2504 int r;
2505
2506 assert(u);
2507 assert(pid_is_valid(pid));
2508
2509 /* Watch a specific PID */
2510
2511 r = set_ensure_allocated(&u->pids, NULL);
2512 if (r < 0)
2513 return r;
2514
2515 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2516 if (r < 0)
2517 return r;
2518
2519 /* First try, let's add the unit keyed by "pid". */
2520 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2521 if (r == -EEXIST) {
2522 Unit **array;
2523 bool found = false;
2524 size_t n = 0;
2525
2526 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2527 * to an array of Units rather than just a Unit), lists us already. */
2528
2529 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2530 if (array)
2531 for (; array[n]; n++)
2532 if (array[n] == u)
2533 found = true;
2534
2535 if (found) /* Found it already? if so, do nothing */
2536 r = 0;
2537 else {
2538 Unit **new_array;
2539
2540 /* Allocate a new array */
2541 new_array = new(Unit*, n + 2);
2542 if (!new_array)
2543 return -ENOMEM;
2544
2545 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2546 new_array[n] = u;
2547 new_array[n+1] = NULL;
2548
2549 /* Add or replace the old array */
2550 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2551 if (r < 0) {
2552 free(new_array);
2553 return r;
2554 }
2555
2556 free(array);
2557 }
2558 } else if (r < 0)
2559 return r;
2560
2561 r = set_put(u->pids, PID_TO_PTR(pid));
2562 if (r < 0)
2563 return r;
2564
2565 return 0;
2566 }
2567
2568 void unit_unwatch_pid(Unit *u, pid_t pid) {
2569 Unit **array;
2570
2571 assert(u);
2572 assert(pid_is_valid(pid));
2573
2574 /* First let's drop the unit in case it's keyed as "pid". */
2575 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2576
2577 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2578 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2579 if (array) {
2580 size_t n, m = 0;
2581
2582 /* Let's iterate through the array, dropping our own entry */
2583 for (n = 0; array[n]; n++)
2584 if (array[n] != u)
2585 array[m++] = array[n];
2586 array[m] = NULL;
2587
2588 if (m == 0) {
2589 /* The array is now empty, remove the entire entry */
2590 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2591 free(array);
2592 }
2593 }
2594
2595 (void) set_remove(u->pids, PID_TO_PTR(pid));
2596 }
2597
2598 void unit_unwatch_all_pids(Unit *u) {
2599 assert(u);
2600
2601 while (!set_isempty(u->pids))
2602 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2603
2604 u->pids = set_free(u->pids);
2605 }
2606
2607 static void unit_tidy_watch_pids(Unit *u) {
2608 pid_t except1, except2;
2609 Iterator i;
2610 void *e;
2611
2612 assert(u);
2613
2614 /* Cleans dead PIDs from our list */
2615
2616 except1 = unit_main_pid(u);
2617 except2 = unit_control_pid(u);
2618
2619 SET_FOREACH(e, u->pids, i) {
2620 pid_t pid = PTR_TO_PID(e);
2621
2622 if (pid == except1 || pid == except2)
2623 continue;
2624
2625 if (!pid_is_unwaited(pid))
2626 unit_unwatch_pid(u, pid);
2627 }
2628 }
2629
2630 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2631 Unit *u = userdata;
2632
2633 assert(s);
2634 assert(u);
2635
2636 unit_tidy_watch_pids(u);
2637 unit_watch_all_pids(u);
2638
2639 /* If the PID set is empty now, then let's finish this off. */
2640 unit_synthesize_cgroup_empty_event(u);
2641
2642 return 0;
2643 }
2644
2645 int unit_enqueue_rewatch_pids(Unit *u) {
2646 int r;
2647
2648 assert(u);
2649
2650 if (!u->cgroup_path)
2651 return -ENOENT;
2652
2653 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2654 if (r < 0)
2655 return r;
2656 if (r > 0) /* On unified we can use proper notifications */
2657 return 0;
2658
2659 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2660 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2661 * involves issuing kill(pid, 0) on all processes we watch. */
2662
2663 if (!u->rewatch_pids_event_source) {
2664 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2665
2666 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2667 if (r < 0)
2668 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2669
2670 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2671 if (r < 0)
2672 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2673
2674 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2675
2676 u->rewatch_pids_event_source = TAKE_PTR(s);
2677 }
2678
2679 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2680 if (r < 0)
2681 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2682
2683 return 0;
2684 }
2685
2686 void unit_dequeue_rewatch_pids(Unit *u) {
2687 int r;
2688 assert(u);
2689
2690 if (!u->rewatch_pids_event_source)
2691 return;
2692
2693 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2694 if (r < 0)
2695 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2696
2697 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2698 }
2699
2700 bool unit_job_is_applicable(Unit *u, JobType j) {
2701 assert(u);
2702 assert(j >= 0 && j < _JOB_TYPE_MAX);
2703
2704 switch (j) {
2705
2706 case JOB_VERIFY_ACTIVE:
2707 case JOB_START:
2708 case JOB_NOP:
2709 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2710 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2711 * jobs for it. */
2712 return true;
2713
2714 case JOB_STOP:
2715 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2716 * external events), hence it makes no sense to permit enqueing such a request either. */
2717 return !u->perpetual;
2718
2719 case JOB_RESTART:
2720 case JOB_TRY_RESTART:
2721 return unit_can_stop(u) && unit_can_start(u);
2722
2723 case JOB_RELOAD:
2724 case JOB_TRY_RELOAD:
2725 return unit_can_reload(u);
2726
2727 case JOB_RELOAD_OR_START:
2728 return unit_can_reload(u) && unit_can_start(u);
2729
2730 default:
2731 assert_not_reached("Invalid job type");
2732 }
2733 }
2734
2735 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2736 assert(u);
2737
2738 /* Only warn about some unit types */
2739 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2740 return;
2741
2742 if (streq_ptr(u->id, other))
2743 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2744 else
2745 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2746 }
2747
2748 static int unit_add_dependency_hashmap(
2749 Hashmap **h,
2750 Unit *other,
2751 UnitDependencyMask origin_mask,
2752 UnitDependencyMask destination_mask) {
2753
2754 UnitDependencyInfo info;
2755 int r;
2756
2757 assert(h);
2758 assert(other);
2759 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2760 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2761 assert(origin_mask > 0 || destination_mask > 0);
2762
2763 r = hashmap_ensure_allocated(h, NULL);
2764 if (r < 0)
2765 return r;
2766
2767 assert_cc(sizeof(void*) == sizeof(info));
2768
2769 info.data = hashmap_get(*h, other);
2770 if (info.data) {
2771 /* Entry already exists. Add in our mask. */
2772
2773 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2774 FLAGS_SET(destination_mask, info.destination_mask))
2775 return 0; /* NOP */
2776
2777 info.origin_mask |= origin_mask;
2778 info.destination_mask |= destination_mask;
2779
2780 r = hashmap_update(*h, other, info.data);
2781 } else {
2782 info = (UnitDependencyInfo) {
2783 .origin_mask = origin_mask,
2784 .destination_mask = destination_mask,
2785 };
2786
2787 r = hashmap_put(*h, other, info.data);
2788 }
2789 if (r < 0)
2790 return r;
2791
2792 return 1;
2793 }
2794
2795 int unit_add_dependency(
2796 Unit *u,
2797 UnitDependency d,
2798 Unit *other,
2799 bool add_reference,
2800 UnitDependencyMask mask) {
2801
2802 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2803 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2804 [UNIT_WANTS] = UNIT_WANTED_BY,
2805 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2806 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2807 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2808 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2809 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2810 [UNIT_WANTED_BY] = UNIT_WANTS,
2811 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2812 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2813 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2814 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2815 [UNIT_BEFORE] = UNIT_AFTER,
2816 [UNIT_AFTER] = UNIT_BEFORE,
2817 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2818 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2819 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2820 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2821 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2822 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2823 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2824 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2825 };
2826 Unit *original_u = u, *original_other = other;
2827 int r;
2828
2829 assert(u);
2830 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2831 assert(other);
2832
2833 u = unit_follow_merge(u);
2834 other = unit_follow_merge(other);
2835
2836 /* We won't allow dependencies on ourselves. We will not
2837 * consider them an error however. */
2838 if (u == other) {
2839 maybe_warn_about_dependency(original_u, original_other->id, d);
2840 return 0;
2841 }
2842
2843 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2844 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2845 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2846 return 0;
2847 }
2848
2849 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2850 if (r < 0)
2851 return r;
2852
2853 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2854 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2855 if (r < 0)
2856 return r;
2857 }
2858
2859 if (add_reference) {
2860 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2861 if (r < 0)
2862 return r;
2863
2864 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2865 if (r < 0)
2866 return r;
2867 }
2868
2869 unit_add_to_dbus_queue(u);
2870 return 0;
2871 }
2872
2873 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2874 int r;
2875
2876 assert(u);
2877
2878 r = unit_add_dependency(u, d, other, add_reference, mask);
2879 if (r < 0)
2880 return r;
2881
2882 return unit_add_dependency(u, e, other, add_reference, mask);
2883 }
2884
2885 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2886 int r;
2887
2888 assert(u);
2889 assert(name || path);
2890 assert(buf);
2891 assert(ret);
2892
2893 if (!name)
2894 name = basename(path);
2895
2896 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2897 *buf = NULL;
2898 *ret = name;
2899 return 0;
2900 }
2901
2902 if (u->instance)
2903 r = unit_name_replace_instance(name, u->instance, buf);
2904 else {
2905 _cleanup_free_ char *i = NULL;
2906
2907 r = unit_name_to_prefix(u->id, &i);
2908 if (r < 0)
2909 return r;
2910
2911 r = unit_name_replace_instance(name, i, buf);
2912 }
2913 if (r < 0)
2914 return r;
2915
2916 *ret = *buf;
2917 return 0;
2918 }
2919
2920 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2921 _cleanup_free_ char *buf = NULL;
2922 Unit *other;
2923 int r;
2924
2925 assert(u);
2926 assert(name || path);
2927
2928 r = resolve_template(u, name, path, &buf, &name);
2929 if (r < 0)
2930 return r;
2931
2932 r = manager_load_unit(u->manager, name, path, NULL, &other);
2933 if (r < 0)
2934 return r;
2935
2936 return unit_add_dependency(u, d, other, add_reference, mask);
2937 }
2938
2939 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2940 _cleanup_free_ char *buf = NULL;
2941 Unit *other;
2942 int r;
2943
2944 assert(u);
2945 assert(name || path);
2946
2947 r = resolve_template(u, name, path, &buf, &name);
2948 if (r < 0)
2949 return r;
2950
2951 r = manager_load_unit(u->manager, name, path, NULL, &other);
2952 if (r < 0)
2953 return r;
2954
2955 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2956 }
2957
2958 int set_unit_path(const char *p) {
2959 /* This is mostly for debug purposes */
2960 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2961 return -errno;
2962
2963 return 0;
2964 }
2965
2966 char *unit_dbus_path(Unit *u) {
2967 assert(u);
2968
2969 if (!u->id)
2970 return NULL;
2971
2972 return unit_dbus_path_from_name(u->id);
2973 }
2974
2975 char *unit_dbus_path_invocation_id(Unit *u) {
2976 assert(u);
2977
2978 if (sd_id128_is_null(u->invocation_id))
2979 return NULL;
2980
2981 return unit_dbus_path_from_name(u->invocation_id_string);
2982 }
2983
2984 int unit_set_slice(Unit *u, Unit *slice) {
2985 assert(u);
2986 assert(slice);
2987
2988 /* Sets the unit slice if it has not been set before. Is extra
2989 * careful, to only allow this for units that actually have a
2990 * cgroup context. Also, we don't allow to set this for slices
2991 * (since the parent slice is derived from the name). Make
2992 * sure the unit we set is actually a slice. */
2993
2994 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2995 return -EOPNOTSUPP;
2996
2997 if (u->type == UNIT_SLICE)
2998 return -EINVAL;
2999
3000 if (unit_active_state(u) != UNIT_INACTIVE)
3001 return -EBUSY;
3002
3003 if (slice->type != UNIT_SLICE)
3004 return -EINVAL;
3005
3006 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3007 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3008 return -EPERM;
3009
3010 if (UNIT_DEREF(u->slice) == slice)
3011 return 0;
3012
3013 /* Disallow slice changes if @u is already bound to cgroups */
3014 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3015 return -EBUSY;
3016
3017 unit_ref_set(&u->slice, u, slice);
3018 return 1;
3019 }
3020
3021 int unit_set_default_slice(Unit *u) {
3022 _cleanup_free_ char *b = NULL;
3023 const char *slice_name;
3024 Unit *slice;
3025 int r;
3026
3027 assert(u);
3028
3029 if (UNIT_ISSET(u->slice))
3030 return 0;
3031
3032 if (u->instance) {
3033 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3034
3035 /* Implicitly place all instantiated units in their
3036 * own per-template slice */
3037
3038 r = unit_name_to_prefix(u->id, &prefix);
3039 if (r < 0)
3040 return r;
3041
3042 /* The prefix is already escaped, but it might include
3043 * "-" which has a special meaning for slice units,
3044 * hence escape it here extra. */
3045 escaped = unit_name_escape(prefix);
3046 if (!escaped)
3047 return -ENOMEM;
3048
3049 if (MANAGER_IS_SYSTEM(u->manager))
3050 b = strjoin("system-", escaped, ".slice");
3051 else
3052 b = strappend(escaped, ".slice");
3053 if (!b)
3054 return -ENOMEM;
3055
3056 slice_name = b;
3057 } else
3058 slice_name =
3059 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3060 ? SPECIAL_SYSTEM_SLICE
3061 : SPECIAL_ROOT_SLICE;
3062
3063 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3064 if (r < 0)
3065 return r;
3066
3067 return unit_set_slice(u, slice);
3068 }
3069
3070 const char *unit_slice_name(Unit *u) {
3071 assert(u);
3072
3073 if (!UNIT_ISSET(u->slice))
3074 return NULL;
3075
3076 return UNIT_DEREF(u->slice)->id;
3077 }
3078
3079 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3080 _cleanup_free_ char *t = NULL;
3081 int r;
3082
3083 assert(u);
3084 assert(type);
3085 assert(_found);
3086
3087 r = unit_name_change_suffix(u->id, type, &t);
3088 if (r < 0)
3089 return r;
3090 if (unit_has_name(u, t))
3091 return -EINVAL;
3092
3093 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3094 assert(r < 0 || *_found != u);
3095 return r;
3096 }
3097
3098 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3099 const char *name, *old_owner, *new_owner;
3100 Unit *u = userdata;
3101 int r;
3102
3103 assert(message);
3104 assert(u);
3105
3106 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3107 if (r < 0) {
3108 bus_log_parse_error(r);
3109 return 0;
3110 }
3111
3112 old_owner = empty_to_null(old_owner);
3113 new_owner = empty_to_null(new_owner);
3114
3115 if (UNIT_VTABLE(u)->bus_name_owner_change)
3116 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3117
3118 return 0;
3119 }
3120
3121 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3122 const char *match;
3123
3124 assert(u);
3125 assert(bus);
3126 assert(name);
3127
3128 if (u->match_bus_slot)
3129 return -EBUSY;
3130
3131 match = strjoina("type='signal',"
3132 "sender='org.freedesktop.DBus',"
3133 "path='/org/freedesktop/DBus',"
3134 "interface='org.freedesktop.DBus',"
3135 "member='NameOwnerChanged',"
3136 "arg0='", name, "'");
3137
3138 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3139 }
3140
3141 int unit_watch_bus_name(Unit *u, const char *name) {
3142 int r;
3143
3144 assert(u);
3145 assert(name);
3146
3147 /* Watch a specific name on the bus. We only support one unit
3148 * watching each name for now. */
3149
3150 if (u->manager->api_bus) {
3151 /* If the bus is already available, install the match directly.
3152 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3153 r = unit_install_bus_match(u, u->manager->api_bus, name);
3154 if (r < 0)
3155 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3156 }
3157
3158 r = hashmap_put(u->manager->watch_bus, name, u);
3159 if (r < 0) {
3160 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3161 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3162 }
3163
3164 return 0;
3165 }
3166
3167 void unit_unwatch_bus_name(Unit *u, const char *name) {
3168 assert(u);
3169 assert(name);
3170
3171 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3172 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3173 }
3174
3175 bool unit_can_serialize(Unit *u) {
3176 assert(u);
3177
3178 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3179 }
3180
3181 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3182 _cleanup_free_ char *s = NULL;
3183 int r = 0;
3184
3185 assert(f);
3186 assert(key);
3187
3188 if (mask != 0) {
3189 r = cg_mask_to_string(mask, &s);
3190 if (r >= 0) {
3191 fputs(key, f);
3192 fputc('=', f);
3193 fputs(s, f);
3194 fputc('\n', f);
3195 }
3196 }
3197 return r;
3198 }
3199
3200 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3201 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3202 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3203 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3204 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3205 };
3206
3207 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3208 CGroupIPAccountingMetric m;
3209 int r;
3210
3211 assert(u);
3212 assert(f);
3213 assert(fds);
3214
3215 if (unit_can_serialize(u)) {
3216 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3217 if (r < 0)
3218 return r;
3219 }
3220
3221 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3222
3223 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3224 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3225 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3226 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3227
3228 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3229 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3230
3231 if (dual_timestamp_is_set(&u->condition_timestamp))
3232 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3233
3234 if (dual_timestamp_is_set(&u->assert_timestamp))
3235 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3236
3237 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3238
3239 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3240 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3241 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3242
3243 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3244 if (u->cpu_usage_last != NSEC_INFINITY)
3245 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3246
3247 if (u->cgroup_path)
3248 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3249 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3250 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3251 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3252 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3253
3254 if (uid_is_valid(u->ref_uid))
3255 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3256 if (gid_is_valid(u->ref_gid))
3257 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3258
3259 if (!sd_id128_is_null(u->invocation_id))
3260 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3261
3262 bus_track_serialize(u->bus_track, f, "ref");
3263
3264 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3265 uint64_t v;
3266
3267 r = unit_get_ip_accounting(u, m, &v);
3268 if (r >= 0)
3269 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3270 }
3271
3272 if (serialize_jobs) {
3273 if (u->job) {
3274 fprintf(f, "job\n");
3275 job_serialize(u->job, f);
3276 }
3277
3278 if (u->nop_job) {
3279 fprintf(f, "job\n");
3280 job_serialize(u->nop_job, f);
3281 }
3282 }
3283
3284 /* End marker */
3285 fputc('\n', f);
3286 return 0;
3287 }
3288
3289 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3290 assert(u);
3291 assert(f);
3292 assert(key);
3293
3294 if (!value)
3295 return 0;
3296
3297 fputs(key, f);
3298 fputc('=', f);
3299 fputs(value, f);
3300 fputc('\n', f);
3301
3302 return 1;
3303 }
3304
3305 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3306 _cleanup_free_ char *c = NULL;
3307
3308 assert(u);
3309 assert(f);
3310 assert(key);
3311
3312 if (!value)
3313 return 0;
3314
3315 c = cescape(value);
3316 if (!c)
3317 return -ENOMEM;
3318
3319 fputs(key, f);
3320 fputc('=', f);
3321 fputs(c, f);
3322 fputc('\n', f);
3323
3324 return 1;
3325 }
3326
3327 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3328 int copy;
3329
3330 assert(u);
3331 assert(f);
3332 assert(key);
3333
3334 if (fd < 0)
3335 return 0;
3336
3337 copy = fdset_put_dup(fds, fd);
3338 if (copy < 0)
3339 return copy;
3340
3341 fprintf(f, "%s=%i\n", key, copy);
3342 return 1;
3343 }
3344
3345 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3346 va_list ap;
3347
3348 assert(u);
3349 assert(f);
3350 assert(key);
3351 assert(format);
3352
3353 fputs(key, f);
3354 fputc('=', f);
3355
3356 va_start(ap, format);
3357 vfprintf(f, format, ap);
3358 va_end(ap);
3359
3360 fputc('\n', f);
3361 }
3362
3363 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3364 int r;
3365
3366 assert(u);
3367 assert(f);
3368 assert(fds);
3369
3370 for (;;) {
3371 char line[LINE_MAX], *l, *v;
3372 CGroupIPAccountingMetric m;
3373 size_t k;
3374
3375 if (!fgets(line, sizeof(line), f)) {
3376 if (feof(f))
3377 return 0;
3378 return -errno;
3379 }
3380
3381 char_array_0(line);
3382 l = strstrip(line);
3383
3384 /* End marker */
3385 if (isempty(l))
3386 break;
3387
3388 k = strcspn(l, "=");
3389
3390 if (l[k] == '=') {
3391 l[k] = 0;
3392 v = l+k+1;
3393 } else
3394 v = l+k;
3395
3396 if (streq(l, "job")) {
3397 if (v[0] == '\0') {
3398 /* new-style serialized job */
3399 Job *j;
3400
3401 j = job_new_raw(u);
3402 if (!j)
3403 return log_oom();
3404
3405 r = job_deserialize(j, f);
3406 if (r < 0) {
3407 job_free(j);
3408 return r;
3409 }
3410
3411 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3412 if (r < 0) {
3413 job_free(j);
3414 return r;
3415 }
3416
3417 r = job_install_deserialized(j);
3418 if (r < 0) {
3419 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3420 job_free(j);
3421 return r;
3422 }
3423 } else /* legacy for pre-44 */
3424 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3425 continue;
3426 } else if (streq(l, "state-change-timestamp")) {
3427 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3428 continue;
3429 } else if (streq(l, "inactive-exit-timestamp")) {
3430 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3431 continue;
3432 } else if (streq(l, "active-enter-timestamp")) {
3433 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3434 continue;
3435 } else if (streq(l, "active-exit-timestamp")) {
3436 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3437 continue;
3438 } else if (streq(l, "inactive-enter-timestamp")) {
3439 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3440 continue;
3441 } else if (streq(l, "condition-timestamp")) {
3442 dual_timestamp_deserialize(v, &u->condition_timestamp);
3443 continue;
3444 } else if (streq(l, "assert-timestamp")) {
3445 dual_timestamp_deserialize(v, &u->assert_timestamp);
3446 continue;
3447 } else if (streq(l, "condition-result")) {
3448
3449 r = parse_boolean(v);
3450 if (r < 0)
3451 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3452 else
3453 u->condition_result = r;
3454
3455 continue;
3456
3457 } else if (streq(l, "assert-result")) {
3458
3459 r = parse_boolean(v);
3460 if (r < 0)
3461 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3462 else
3463 u->assert_result = r;
3464
3465 continue;
3466
3467 } else if (streq(l, "transient")) {
3468
3469 r = parse_boolean(v);
3470 if (r < 0)
3471 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3472 else
3473 u->transient = r;
3474
3475 continue;
3476
3477 } else if (streq(l, "exported-invocation-id")) {
3478
3479 r = parse_boolean(v);
3480 if (r < 0)
3481 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3482 else
3483 u->exported_invocation_id = r;
3484
3485 continue;
3486
3487 } else if (streq(l, "exported-log-level-max")) {
3488
3489 r = parse_boolean(v);
3490 if (r < 0)
3491 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3492 else
3493 u->exported_log_level_max = r;
3494
3495 continue;
3496
3497 } else if (streq(l, "exported-log-extra-fields")) {
3498
3499 r = parse_boolean(v);
3500 if (r < 0)
3501 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3502 else
3503 u->exported_log_extra_fields = r;
3504
3505 continue;
3506
3507 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3508
3509 r = safe_atou64(v, &u->cpu_usage_base);
3510 if (r < 0)
3511 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3512
3513 continue;
3514
3515 } else if (streq(l, "cpu-usage-last")) {
3516
3517 r = safe_atou64(v, &u->cpu_usage_last);
3518 if (r < 0)
3519 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3520
3521 continue;
3522
3523 } else if (streq(l, "cgroup")) {
3524
3525 r = unit_set_cgroup_path(u, v);
3526 if (r < 0)
3527 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3528
3529 (void) unit_watch_cgroup(u);
3530
3531 continue;
3532 } else if (streq(l, "cgroup-realized")) {
3533 int b;
3534
3535 b = parse_boolean(v);
3536 if (b < 0)
3537 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3538 else
3539 u->cgroup_realized = b;
3540
3541 continue;
3542
3543 } else if (streq(l, "cgroup-realized-mask")) {
3544
3545 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3546 if (r < 0)
3547 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3548 continue;
3549
3550 } else if (streq(l, "cgroup-enabled-mask")) {
3551
3552 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3553 if (r < 0)
3554 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3555 continue;
3556
3557 } else if (streq(l, "cgroup-bpf-realized")) {
3558 int i;
3559
3560 r = safe_atoi(v, &i);
3561 if (r < 0)
3562 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3563 else
3564 u->cgroup_bpf_state =
3565 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3566 i > 0 ? UNIT_CGROUP_BPF_ON :
3567 UNIT_CGROUP_BPF_OFF;
3568
3569 continue;
3570
3571 } else if (streq(l, "ref-uid")) {
3572 uid_t uid;
3573
3574 r = parse_uid(v, &uid);
3575 if (r < 0)
3576 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3577 else
3578 unit_ref_uid_gid(u, uid, GID_INVALID);
3579
3580 continue;
3581
3582 } else if (streq(l, "ref-gid")) {
3583 gid_t gid;
3584
3585 r = parse_gid(v, &gid);
3586 if (r < 0)
3587 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3588 else
3589 unit_ref_uid_gid(u, UID_INVALID, gid);
3590
3591 } else if (streq(l, "ref")) {
3592
3593 r = strv_extend(&u->deserialized_refs, v);
3594 if (r < 0)
3595 log_oom();
3596
3597 continue;
3598 } else if (streq(l, "invocation-id")) {
3599 sd_id128_t id;
3600
3601 r = sd_id128_from_string(v, &id);
3602 if (r < 0)
3603 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3604 else {
3605 r = unit_set_invocation_id(u, id);
3606 if (r < 0)
3607 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3608 }
3609
3610 continue;
3611 }
3612
3613 /* Check if this is an IP accounting metric serialization field */
3614 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3615 if (streq(l, ip_accounting_metric_field[m]))
3616 break;
3617 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3618 uint64_t c;
3619
3620 r = safe_atou64(v, &c);
3621 if (r < 0)
3622 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3623 else
3624 u->ip_accounting_extra[m] = c;
3625 continue;
3626 }
3627
3628 if (unit_can_serialize(u)) {
3629 r = exec_runtime_deserialize_compat(u, l, v, fds);
3630 if (r < 0) {
3631 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3632 continue;
3633 }
3634
3635 /* Returns positive if key was handled by the call */
3636 if (r > 0)
3637 continue;
3638
3639 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3640 if (r < 0)
3641 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3642 }
3643 }
3644
3645 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3646 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3647 * before 228 where the base for timeouts was not persistent across reboots. */
3648
3649 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3650 dual_timestamp_get(&u->state_change_timestamp);
3651
3652 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3653 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3654 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3655 unit_invalidate_cgroup_bpf(u);
3656
3657 return 0;
3658 }
3659
3660 void unit_deserialize_skip(FILE *f) {
3661 assert(f);
3662
3663 /* Skip serialized data for this unit. We don't know what it is. */
3664
3665 for (;;) {
3666 char line[LINE_MAX], *l;
3667
3668 if (!fgets(line, sizeof line, f))
3669 return;
3670
3671 char_array_0(line);
3672 l = strstrip(line);
3673
3674 /* End marker */
3675 if (isempty(l))
3676 return;
3677 }
3678 }
3679
3680 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3681 Unit *device;
3682 _cleanup_free_ char *e = NULL;
3683 int r;
3684
3685 assert(u);
3686
3687 /* Adds in links to the device node that this unit is based on */
3688 if (isempty(what))
3689 return 0;
3690
3691 if (!is_device_path(what))
3692 return 0;
3693
3694 /* When device units aren't supported (such as in a
3695 * container), don't create dependencies on them. */
3696 if (!unit_type_supported(UNIT_DEVICE))
3697 return 0;
3698
3699 r = unit_name_from_path(what, ".device", &e);
3700 if (r < 0)
3701 return r;
3702
3703 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3704 if (r < 0)
3705 return r;
3706
3707 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3708 dep = UNIT_BINDS_TO;
3709
3710 r = unit_add_two_dependencies(u, UNIT_AFTER,
3711 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3712 device, true, mask);
3713 if (r < 0)
3714 return r;
3715
3716 if (wants) {
3717 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3718 if (r < 0)
3719 return r;
3720 }
3721
3722 return 0;
3723 }
3724
3725 int unit_coldplug(Unit *u) {
3726 int r = 0, q;
3727 char **i;
3728
3729 assert(u);
3730
3731 /* Make sure we don't enter a loop, when coldplugging recursively. */
3732 if (u->coldplugged)
3733 return 0;
3734
3735 u->coldplugged = true;
3736
3737 STRV_FOREACH(i, u->deserialized_refs) {
3738 q = bus_unit_track_add_name(u, *i);
3739 if (q < 0 && r >= 0)
3740 r = q;
3741 }
3742 u->deserialized_refs = strv_free(u->deserialized_refs);
3743
3744 if (UNIT_VTABLE(u)->coldplug) {
3745 q = UNIT_VTABLE(u)->coldplug(u);
3746 if (q < 0 && r >= 0)
3747 r = q;
3748 }
3749
3750 if (u->job) {
3751 q = job_coldplug(u->job);
3752 if (q < 0 && r >= 0)
3753 r = q;
3754 }
3755
3756 return r;
3757 }
3758
3759 void unit_catchup(Unit *u) {
3760 assert(u);
3761
3762 if (UNIT_VTABLE(u)->catchup)
3763 UNIT_VTABLE(u)->catchup(u);
3764 }
3765
3766 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3767 struct stat st;
3768
3769 if (!path)
3770 return false;
3771
3772 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3773 * are never out-of-date. */
3774 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3775 return false;
3776
3777 if (stat(path, &st) < 0)
3778 /* What, cannot access this anymore? */
3779 return true;
3780
3781 if (path_masked)
3782 /* For masked files check if they are still so */
3783 return !null_or_empty(&st);
3784 else
3785 /* For non-empty files check the mtime */
3786 return timespec_load(&st.st_mtim) > mtime;
3787
3788 return false;
3789 }
3790
3791 bool unit_need_daemon_reload(Unit *u) {
3792 _cleanup_strv_free_ char **t = NULL;
3793 char **path;
3794
3795 assert(u);
3796
3797 /* For unit files, we allow masking… */
3798 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3799 u->load_state == UNIT_MASKED))
3800 return true;
3801
3802 /* Source paths should not be masked… */
3803 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3804 return true;
3805
3806 if (u->load_state == UNIT_LOADED)
3807 (void) unit_find_dropin_paths(u, &t);
3808 if (!strv_equal(u->dropin_paths, t))
3809 return true;
3810
3811 /* … any drop-ins that are masked are simply omitted from the list. */
3812 STRV_FOREACH(path, u->dropin_paths)
3813 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3814 return true;
3815
3816 return false;
3817 }
3818
3819 void unit_reset_failed(Unit *u) {
3820 assert(u);
3821
3822 if (UNIT_VTABLE(u)->reset_failed)
3823 UNIT_VTABLE(u)->reset_failed(u);
3824
3825 RATELIMIT_RESET(u->start_limit);
3826 u->start_limit_hit = false;
3827 }
3828
3829 Unit *unit_following(Unit *u) {
3830 assert(u);
3831
3832 if (UNIT_VTABLE(u)->following)
3833 return UNIT_VTABLE(u)->following(u);
3834
3835 return NULL;
3836 }
3837
3838 bool unit_stop_pending(Unit *u) {
3839 assert(u);
3840
3841 /* This call does check the current state of the unit. It's
3842 * hence useful to be called from state change calls of the
3843 * unit itself, where the state isn't updated yet. This is
3844 * different from unit_inactive_or_pending() which checks both
3845 * the current state and for a queued job. */
3846
3847 return u->job && u->job->type == JOB_STOP;
3848 }
3849
3850 bool unit_inactive_or_pending(Unit *u) {
3851 assert(u);
3852
3853 /* Returns true if the unit is inactive or going down */
3854
3855 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3856 return true;
3857
3858 if (unit_stop_pending(u))
3859 return true;
3860
3861 return false;
3862 }
3863
3864 bool unit_active_or_pending(Unit *u) {
3865 assert(u);
3866
3867 /* Returns true if the unit is active or going up */
3868
3869 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3870 return true;
3871
3872 if (u->job &&
3873 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3874 return true;
3875
3876 return false;
3877 }
3878
3879 bool unit_will_restart(Unit *u) {
3880 assert(u);
3881
3882 if (!UNIT_VTABLE(u)->will_restart)
3883 return false;
3884
3885 return UNIT_VTABLE(u)->will_restart(u);
3886 }
3887
3888 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3889 assert(u);
3890 assert(w >= 0 && w < _KILL_WHO_MAX);
3891 assert(SIGNAL_VALID(signo));
3892
3893 if (!UNIT_VTABLE(u)->kill)
3894 return -EOPNOTSUPP;
3895
3896 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3897 }
3898
3899 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3900 _cleanup_set_free_ Set *pid_set = NULL;
3901 int r;
3902
3903 pid_set = set_new(NULL);
3904 if (!pid_set)
3905 return NULL;
3906
3907 /* Exclude the main/control pids from being killed via the cgroup */
3908 if (main_pid > 0) {
3909 r = set_put(pid_set, PID_TO_PTR(main_pid));
3910 if (r < 0)
3911 return NULL;
3912 }
3913
3914 if (control_pid > 0) {
3915 r = set_put(pid_set, PID_TO_PTR(control_pid));
3916 if (r < 0)
3917 return NULL;
3918 }
3919
3920 return TAKE_PTR(pid_set);
3921 }
3922
3923 int unit_kill_common(
3924 Unit *u,
3925 KillWho who,
3926 int signo,
3927 pid_t main_pid,
3928 pid_t control_pid,
3929 sd_bus_error *error) {
3930
3931 int r = 0;
3932 bool killed = false;
3933
3934 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3935 if (main_pid < 0)
3936 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3937 else if (main_pid == 0)
3938 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3939 }
3940
3941 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3942 if (control_pid < 0)
3943 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3944 else if (control_pid == 0)
3945 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3946 }
3947
3948 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3949 if (control_pid > 0) {
3950 if (kill(control_pid, signo) < 0)
3951 r = -errno;
3952 else
3953 killed = true;
3954 }
3955
3956 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3957 if (main_pid > 0) {
3958 if (kill(main_pid, signo) < 0)
3959 r = -errno;
3960 else
3961 killed = true;
3962 }
3963
3964 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3965 _cleanup_set_free_ Set *pid_set = NULL;
3966 int q;
3967
3968 /* Exclude the main/control pids from being killed via the cgroup */
3969 pid_set = unit_pid_set(main_pid, control_pid);
3970 if (!pid_set)
3971 return -ENOMEM;
3972
3973 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3974 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3975 r = q;
3976 else
3977 killed = true;
3978 }
3979
3980 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3981 return -ESRCH;
3982
3983 return r;
3984 }
3985
3986 int unit_following_set(Unit *u, Set **s) {
3987 assert(u);
3988 assert(s);
3989
3990 if (UNIT_VTABLE(u)->following_set)
3991 return UNIT_VTABLE(u)->following_set(u, s);
3992
3993 *s = NULL;
3994 return 0;
3995 }
3996
3997 UnitFileState unit_get_unit_file_state(Unit *u) {
3998 int r;
3999
4000 assert(u);
4001
4002 if (u->unit_file_state < 0 && u->fragment_path) {
4003 r = unit_file_get_state(
4004 u->manager->unit_file_scope,
4005 NULL,
4006 u->id,
4007 &u->unit_file_state);
4008 if (r < 0)
4009 u->unit_file_state = UNIT_FILE_BAD;
4010 }
4011
4012 return u->unit_file_state;
4013 }
4014
4015 int unit_get_unit_file_preset(Unit *u) {
4016 assert(u);
4017
4018 if (u->unit_file_preset < 0 && u->fragment_path)
4019 u->unit_file_preset = unit_file_query_preset(
4020 u->manager->unit_file_scope,
4021 NULL,
4022 basename(u->fragment_path));
4023
4024 return u->unit_file_preset;
4025 }
4026
4027 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4028 assert(ref);
4029 assert(source);
4030 assert(target);
4031
4032 if (ref->target)
4033 unit_ref_unset(ref);
4034
4035 ref->source = source;
4036 ref->target = target;
4037 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4038 return target;
4039 }
4040
4041 void unit_ref_unset(UnitRef *ref) {
4042 assert(ref);
4043
4044 if (!ref->target)
4045 return;
4046
4047 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4048 * be unreferenced now. */
4049 unit_add_to_gc_queue(ref->target);
4050
4051 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4052 ref->source = ref->target = NULL;
4053 }
4054
4055 static int user_from_unit_name(Unit *u, char **ret) {
4056
4057 static const uint8_t hash_key[] = {
4058 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4059 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4060 };
4061
4062 _cleanup_free_ char *n = NULL;
4063 int r;
4064
4065 r = unit_name_to_prefix(u->id, &n);
4066 if (r < 0)
4067 return r;
4068
4069 if (valid_user_group_name(n)) {
4070 *ret = TAKE_PTR(n);
4071 return 0;
4072 }
4073
4074 /* If we can't use the unit name as a user name, then let's hash it and use that */
4075 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4076 return -ENOMEM;
4077
4078 return 0;
4079 }
4080
4081 int unit_patch_contexts(Unit *u) {
4082 CGroupContext *cc;
4083 ExecContext *ec;
4084 unsigned i;
4085 int r;
4086
4087 assert(u);
4088
4089 /* Patch in the manager defaults into the exec and cgroup
4090 * contexts, _after_ the rest of the settings have been
4091 * initialized */
4092
4093 ec = unit_get_exec_context(u);
4094 if (ec) {
4095 /* This only copies in the ones that need memory */
4096 for (i = 0; i < _RLIMIT_MAX; i++)
4097 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4098 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4099 if (!ec->rlimit[i])
4100 return -ENOMEM;
4101 }
4102
4103 if (MANAGER_IS_USER(u->manager) &&
4104 !ec->working_directory) {
4105
4106 r = get_home_dir(&ec->working_directory);
4107 if (r < 0)
4108 return r;
4109
4110 /* Allow user services to run, even if the
4111 * home directory is missing */
4112 ec->working_directory_missing_ok = true;
4113 }
4114
4115 if (ec->private_devices)
4116 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4117
4118 if (ec->protect_kernel_modules)
4119 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4120
4121 if (ec->dynamic_user) {
4122 if (!ec->user) {
4123 r = user_from_unit_name(u, &ec->user);
4124 if (r < 0)
4125 return r;
4126 }
4127
4128 if (!ec->group) {
4129 ec->group = strdup(ec->user);
4130 if (!ec->group)
4131 return -ENOMEM;
4132 }
4133
4134 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4135 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4136
4137 ec->private_tmp = true;
4138 ec->remove_ipc = true;
4139 ec->protect_system = PROTECT_SYSTEM_STRICT;
4140 if (ec->protect_home == PROTECT_HOME_NO)
4141 ec->protect_home = PROTECT_HOME_READ_ONLY;
4142 }
4143 }
4144
4145 cc = unit_get_cgroup_context(u);
4146 if (cc) {
4147
4148 if (ec &&
4149 ec->private_devices &&
4150 cc->device_policy == CGROUP_AUTO)
4151 cc->device_policy = CGROUP_CLOSED;
4152 }
4153
4154 return 0;
4155 }
4156
4157 ExecContext *unit_get_exec_context(Unit *u) {
4158 size_t offset;
4159 assert(u);
4160
4161 if (u->type < 0)
4162 return NULL;
4163
4164 offset = UNIT_VTABLE(u)->exec_context_offset;
4165 if (offset <= 0)
4166 return NULL;
4167
4168 return (ExecContext*) ((uint8_t*) u + offset);
4169 }
4170
4171 KillContext *unit_get_kill_context(Unit *u) {
4172 size_t offset;
4173 assert(u);
4174
4175 if (u->type < 0)
4176 return NULL;
4177
4178 offset = UNIT_VTABLE(u)->kill_context_offset;
4179 if (offset <= 0)
4180 return NULL;
4181
4182 return (KillContext*) ((uint8_t*) u + offset);
4183 }
4184
4185 CGroupContext *unit_get_cgroup_context(Unit *u) {
4186 size_t offset;
4187
4188 if (u->type < 0)
4189 return NULL;
4190
4191 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4192 if (offset <= 0)
4193 return NULL;
4194
4195 return (CGroupContext*) ((uint8_t*) u + offset);
4196 }
4197
4198 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4199 size_t offset;
4200
4201 if (u->type < 0)
4202 return NULL;
4203
4204 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4205 if (offset <= 0)
4206 return NULL;
4207
4208 return *(ExecRuntime**) ((uint8_t*) u + offset);
4209 }
4210
4211 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4212 assert(u);
4213
4214 if (UNIT_WRITE_FLAGS_NOOP(flags))
4215 return NULL;
4216
4217 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4218 return u->manager->lookup_paths.transient;
4219
4220 if (flags & UNIT_PERSISTENT)
4221 return u->manager->lookup_paths.persistent_control;
4222
4223 if (flags & UNIT_RUNTIME)
4224 return u->manager->lookup_paths.runtime_control;
4225
4226 return NULL;
4227 }
4228
4229 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4230 char *ret = NULL;
4231
4232 if (!s)
4233 return NULL;
4234
4235 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4236 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4237 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4238 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4239 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4240 * allocations. */
4241
4242 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4243 ret = specifier_escape(s);
4244 if (!ret)
4245 return NULL;
4246
4247 s = ret;
4248 }
4249
4250 if (flags & UNIT_ESCAPE_C) {
4251 char *a;
4252
4253 a = cescape(s);
4254 free(ret);
4255 if (!a)
4256 return NULL;
4257
4258 ret = a;
4259 }
4260
4261 if (buf) {
4262 *buf = ret;
4263 return ret ?: (char*) s;
4264 }
4265
4266 return ret ?: strdup(s);
4267 }
4268
4269 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4270 _cleanup_free_ char *result = NULL;
4271 size_t n = 0, allocated = 0;
4272 char **i;
4273
4274 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4275 * way suitable for ExecStart= stanzas */
4276
4277 STRV_FOREACH(i, l) {
4278 _cleanup_free_ char *buf = NULL;
4279 const char *p;
4280 size_t a;
4281 char *q;
4282
4283 p = unit_escape_setting(*i, flags, &buf);
4284 if (!p)
4285 return NULL;
4286
4287 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4288 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4289 return NULL;
4290
4291 q = result + n;
4292 if (n > 0)
4293 *(q++) = ' ';
4294
4295 *(q++) = '"';
4296 q = stpcpy(q, p);
4297 *(q++) = '"';
4298
4299 n += a;
4300 }
4301
4302 if (!GREEDY_REALLOC(result, allocated, n + 1))
4303 return NULL;
4304
4305 result[n] = 0;
4306
4307 return TAKE_PTR(result);
4308 }
4309
4310 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4311 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4312 const char *dir, *wrapped;
4313 int r;
4314
4315 assert(u);
4316 assert(name);
4317 assert(data);
4318
4319 if (UNIT_WRITE_FLAGS_NOOP(flags))
4320 return 0;
4321
4322 data = unit_escape_setting(data, flags, &escaped);
4323 if (!data)
4324 return -ENOMEM;
4325
4326 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4327 * previous section header is the same */
4328
4329 if (flags & UNIT_PRIVATE) {
4330 if (!UNIT_VTABLE(u)->private_section)
4331 return -EINVAL;
4332
4333 if (!u->transient_file || u->last_section_private < 0)
4334 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4335 else if (u->last_section_private == 0)
4336 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4337 } else {
4338 if (!u->transient_file || u->last_section_private < 0)
4339 data = strjoina("[Unit]\n", data);
4340 else if (u->last_section_private > 0)
4341 data = strjoina("\n[Unit]\n", data);
4342 }
4343
4344 if (u->transient_file) {
4345 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4346 * write to the transient unit file. */
4347 fputs(data, u->transient_file);
4348
4349 if (!endswith(data, "\n"))
4350 fputc('\n', u->transient_file);
4351
4352 /* Remember which section we wrote this entry to */
4353 u->last_section_private = !!(flags & UNIT_PRIVATE);
4354 return 0;
4355 }
4356
4357 dir = unit_drop_in_dir(u, flags);
4358 if (!dir)
4359 return -EINVAL;
4360
4361 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4362 "# or an equivalent operation. Do not edit.\n",
4363 data,
4364 "\n");
4365
4366 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4367 if (r < 0)
4368 return r;
4369
4370 (void) mkdir_p_label(p, 0755);
4371 r = write_string_file_atomic_label(q, wrapped);
4372 if (r < 0)
4373 return r;
4374
4375 r = strv_push(&u->dropin_paths, q);
4376 if (r < 0)
4377 return r;
4378 q = NULL;
4379
4380 strv_uniq(u->dropin_paths);
4381
4382 u->dropin_mtime = now(CLOCK_REALTIME);
4383
4384 return 0;
4385 }
4386
4387 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4388 _cleanup_free_ char *p = NULL;
4389 va_list ap;
4390 int r;
4391
4392 assert(u);
4393 assert(name);
4394 assert(format);
4395
4396 if (UNIT_WRITE_FLAGS_NOOP(flags))
4397 return 0;
4398
4399 va_start(ap, format);
4400 r = vasprintf(&p, format, ap);
4401 va_end(ap);
4402
4403 if (r < 0)
4404 return -ENOMEM;
4405
4406 return unit_write_setting(u, flags, name, p);
4407 }
4408
4409 int unit_make_transient(Unit *u) {
4410 _cleanup_free_ char *path = NULL;
4411 FILE *f;
4412
4413 assert(u);
4414
4415 if (!UNIT_VTABLE(u)->can_transient)
4416 return -EOPNOTSUPP;
4417
4418 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4419
4420 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4421 if (!path)
4422 return -ENOMEM;
4423
4424 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4425 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4426
4427 RUN_WITH_UMASK(0022) {
4428 f = fopen(path, "we");
4429 if (!f)
4430 return -errno;
4431 }
4432
4433 safe_fclose(u->transient_file);
4434 u->transient_file = f;
4435
4436 free_and_replace(u->fragment_path, path);
4437
4438 u->source_path = mfree(u->source_path);
4439 u->dropin_paths = strv_free(u->dropin_paths);
4440 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4441
4442 u->load_state = UNIT_STUB;
4443 u->load_error = 0;
4444 u->transient = true;
4445
4446 unit_add_to_dbus_queue(u);
4447 unit_add_to_gc_queue(u);
4448
4449 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4450 u->transient_file);
4451
4452 return 0;
4453 }
4454
4455 static void log_kill(pid_t pid, int sig, void *userdata) {
4456 _cleanup_free_ char *comm = NULL;
4457
4458 (void) get_process_comm(pid, &comm);
4459
4460 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4461 only, like for example systemd's own PAM stub process. */
4462 if (comm && comm[0] == '(')
4463 return;
4464
4465 log_unit_notice(userdata,
4466 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4467 pid,
4468 strna(comm),
4469 signal_to_string(sig));
4470 }
4471
4472 static int operation_to_signal(KillContext *c, KillOperation k) {
4473 assert(c);
4474
4475 switch (k) {
4476
4477 case KILL_TERMINATE:
4478 case KILL_TERMINATE_AND_LOG:
4479 return c->kill_signal;
4480
4481 case KILL_KILL:
4482 return c->final_kill_signal;
4483
4484 case KILL_ABORT:
4485 return SIGABRT;
4486
4487 default:
4488 assert_not_reached("KillOperation unknown");
4489 }
4490 }
4491
4492 int unit_kill_context(
4493 Unit *u,
4494 KillContext *c,
4495 KillOperation k,
4496 pid_t main_pid,
4497 pid_t control_pid,
4498 bool main_pid_alien) {
4499
4500 bool wait_for_exit = false, send_sighup;
4501 cg_kill_log_func_t log_func = NULL;
4502 int sig, r;
4503
4504 assert(u);
4505 assert(c);
4506
4507 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4508 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4509
4510 if (c->kill_mode == KILL_NONE)
4511 return 0;
4512
4513 sig = operation_to_signal(c, k);
4514
4515 send_sighup =
4516 c->send_sighup &&
4517 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4518 sig != SIGHUP;
4519
4520 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4521 log_func = log_kill;
4522
4523 if (main_pid > 0) {
4524 if (log_func)
4525 log_func(main_pid, sig, u);
4526
4527 r = kill_and_sigcont(main_pid, sig);
4528 if (r < 0 && r != -ESRCH) {
4529 _cleanup_free_ char *comm = NULL;
4530 (void) get_process_comm(main_pid, &comm);
4531
4532 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4533 } else {
4534 if (!main_pid_alien)
4535 wait_for_exit = true;
4536
4537 if (r != -ESRCH && send_sighup)
4538 (void) kill(main_pid, SIGHUP);
4539 }
4540 }
4541
4542 if (control_pid > 0) {
4543 if (log_func)
4544 log_func(control_pid, sig, u);
4545
4546 r = kill_and_sigcont(control_pid, sig);
4547 if (r < 0 && r != -ESRCH) {
4548 _cleanup_free_ char *comm = NULL;
4549 (void) get_process_comm(control_pid, &comm);
4550
4551 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4552 } else {
4553 wait_for_exit = true;
4554
4555 if (r != -ESRCH && send_sighup)
4556 (void) kill(control_pid, SIGHUP);
4557 }
4558 }
4559
4560 if (u->cgroup_path &&
4561 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4562 _cleanup_set_free_ Set *pid_set = NULL;
4563
4564 /* Exclude the main/control pids from being killed via the cgroup */
4565 pid_set = unit_pid_set(main_pid, control_pid);
4566 if (!pid_set)
4567 return -ENOMEM;
4568
4569 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4570 sig,
4571 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4572 pid_set,
4573 log_func, u);
4574 if (r < 0) {
4575 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4576 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4577
4578 } else if (r > 0) {
4579
4580 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4581 * we are running in a container or if this is a delegation unit, simply because cgroup
4582 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4583 * of containers it can be confused easily by left-over directories in the cgroup — which
4584 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4585 * there we get proper events. Hence rely on them. */
4586
4587 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4588 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4589 wait_for_exit = true;
4590
4591 if (send_sighup) {
4592 set_free(pid_set);
4593
4594 pid_set = unit_pid_set(main_pid, control_pid);
4595 if (!pid_set)
4596 return -ENOMEM;
4597
4598 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4599 SIGHUP,
4600 CGROUP_IGNORE_SELF,
4601 pid_set,
4602 NULL, NULL);
4603 }
4604 }
4605 }
4606
4607 return wait_for_exit;
4608 }
4609
4610 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4611 _cleanup_free_ char *p = NULL;
4612 char *prefix;
4613 UnitDependencyInfo di;
4614 int r;
4615
4616 assert(u);
4617 assert(path);
4618
4619 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4620 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4621 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4622 * determine which units to make themselves a dependency of. */
4623
4624 if (!path_is_absolute(path))
4625 return -EINVAL;
4626
4627 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4628 if (r < 0)
4629 return r;
4630
4631 p = strdup(path);
4632 if (!p)
4633 return -ENOMEM;
4634
4635 path = path_simplify(p, false);
4636
4637 if (!path_is_normalized(path))
4638 return -EPERM;
4639
4640 if (hashmap_contains(u->requires_mounts_for, path))
4641 return 0;
4642
4643 di = (UnitDependencyInfo) {
4644 .origin_mask = mask
4645 };
4646
4647 r = hashmap_put(u->requires_mounts_for, path, di.data);
4648 if (r < 0)
4649 return r;
4650 p = NULL;
4651
4652 prefix = alloca(strlen(path) + 1);
4653 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4654 Set *x;
4655
4656 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4657 if (!x) {
4658 _cleanup_free_ char *q = NULL;
4659
4660 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4661 if (r < 0)
4662 return r;
4663
4664 q = strdup(prefix);
4665 if (!q)
4666 return -ENOMEM;
4667
4668 x = set_new(NULL);
4669 if (!x)
4670 return -ENOMEM;
4671
4672 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4673 if (r < 0) {
4674 set_free(x);
4675 return r;
4676 }
4677 q = NULL;
4678 }
4679
4680 r = set_put(x, u);
4681 if (r < 0)
4682 return r;
4683 }
4684
4685 return 0;
4686 }
4687
4688 int unit_setup_exec_runtime(Unit *u) {
4689 ExecRuntime **rt;
4690 size_t offset;
4691 Unit *other;
4692 Iterator i;
4693 void *v;
4694 int r;
4695
4696 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4697 assert(offset > 0);
4698
4699 /* Check if there already is an ExecRuntime for this unit? */
4700 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4701 if (*rt)
4702 return 0;
4703
4704 /* Try to get it from somebody else */
4705 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4706 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4707 if (r == 1)
4708 return 1;
4709 }
4710
4711 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4712 }
4713
4714 int unit_setup_dynamic_creds(Unit *u) {
4715 ExecContext *ec;
4716 DynamicCreds *dcreds;
4717 size_t offset;
4718
4719 assert(u);
4720
4721 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4722 assert(offset > 0);
4723 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4724
4725 ec = unit_get_exec_context(u);
4726 assert(ec);
4727
4728 if (!ec->dynamic_user)
4729 return 0;
4730
4731 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4732 }
4733
4734 bool unit_type_supported(UnitType t) {
4735 if (_unlikely_(t < 0))
4736 return false;
4737 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4738 return false;
4739
4740 if (!unit_vtable[t]->supported)
4741 return true;
4742
4743 return unit_vtable[t]->supported();
4744 }
4745
4746 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4747 int r;
4748
4749 assert(u);
4750 assert(where);
4751
4752 r = dir_is_empty(where);
4753 if (r > 0 || r == -ENOTDIR)
4754 return;
4755 if (r < 0) {
4756 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4757 return;
4758 }
4759
4760 log_struct(LOG_NOTICE,
4761 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4762 LOG_UNIT_ID(u),
4763 LOG_UNIT_INVOCATION_ID(u),
4764 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4765 "WHERE=%s", where);
4766 }
4767
4768 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4769 _cleanup_free_ char *canonical_where;
4770 int r;
4771
4772 assert(u);
4773 assert(where);
4774
4775 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4776 if (r < 0) {
4777 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4778 return 0;
4779 }
4780
4781 /* We will happily ignore a trailing slash (or any redundant slashes) */
4782 if (path_equal(where, canonical_where))
4783 return 0;
4784
4785 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4786 log_struct(LOG_ERR,
4787 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4788 LOG_UNIT_ID(u),
4789 LOG_UNIT_INVOCATION_ID(u),
4790 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4791 "WHERE=%s", where);
4792
4793 return -ELOOP;
4794 }
4795
4796 bool unit_is_pristine(Unit *u) {
4797 assert(u);
4798
4799 /* Check if the unit already exists or is already around,
4800 * in a number of different ways. Note that to cater for unit
4801 * types such as slice, we are generally fine with units that
4802 * are marked UNIT_LOADED even though nothing was actually
4803 * loaded, as those unit types don't require a file on disk. */
4804
4805 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4806 u->fragment_path ||
4807 u->source_path ||
4808 !strv_isempty(u->dropin_paths) ||
4809 u->job ||
4810 u->merged_into);
4811 }
4812
4813 pid_t unit_control_pid(Unit *u) {
4814 assert(u);
4815
4816 if (UNIT_VTABLE(u)->control_pid)
4817 return UNIT_VTABLE(u)->control_pid(u);
4818
4819 return 0;
4820 }
4821
4822 pid_t unit_main_pid(Unit *u) {
4823 assert(u);
4824
4825 if (UNIT_VTABLE(u)->main_pid)
4826 return UNIT_VTABLE(u)->main_pid(u);
4827
4828 return 0;
4829 }
4830
4831 static void unit_unref_uid_internal(
4832 Unit *u,
4833 uid_t *ref_uid,
4834 bool destroy_now,
4835 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4836
4837 assert(u);
4838 assert(ref_uid);
4839 assert(_manager_unref_uid);
4840
4841 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4842 * gid_t are actually the same time, with the same validity rules.
4843 *
4844 * Drops a reference to UID/GID from a unit. */
4845
4846 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4847 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4848
4849 if (!uid_is_valid(*ref_uid))
4850 return;
4851
4852 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4853 *ref_uid = UID_INVALID;
4854 }
4855
4856 void unit_unref_uid(Unit *u, bool destroy_now) {
4857 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4858 }
4859
4860 void unit_unref_gid(Unit *u, bool destroy_now) {
4861 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4862 }
4863
4864 static int unit_ref_uid_internal(
4865 Unit *u,
4866 uid_t *ref_uid,
4867 uid_t uid,
4868 bool clean_ipc,
4869 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4870
4871 int r;
4872
4873 assert(u);
4874 assert(ref_uid);
4875 assert(uid_is_valid(uid));
4876 assert(_manager_ref_uid);
4877
4878 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4879 * are actually the same type, and have the same validity rules.
4880 *
4881 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4882 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4883 * drops to zero. */
4884
4885 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4886 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4887
4888 if (*ref_uid == uid)
4889 return 0;
4890
4891 if (uid_is_valid(*ref_uid)) /* Already set? */
4892 return -EBUSY;
4893
4894 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4895 if (r < 0)
4896 return r;
4897
4898 *ref_uid = uid;
4899 return 1;
4900 }
4901
4902 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4903 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4904 }
4905
4906 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4907 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4908 }
4909
4910 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4911 int r = 0, q = 0;
4912
4913 assert(u);
4914
4915 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4916
4917 if (uid_is_valid(uid)) {
4918 r = unit_ref_uid(u, uid, clean_ipc);
4919 if (r < 0)
4920 return r;
4921 }
4922
4923 if (gid_is_valid(gid)) {
4924 q = unit_ref_gid(u, gid, clean_ipc);
4925 if (q < 0) {
4926 if (r > 0)
4927 unit_unref_uid(u, false);
4928
4929 return q;
4930 }
4931 }
4932
4933 return r > 0 || q > 0;
4934 }
4935
4936 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4937 ExecContext *c;
4938 int r;
4939
4940 assert(u);
4941
4942 c = unit_get_exec_context(u);
4943
4944 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4945 if (r < 0)
4946 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4947
4948 return r;
4949 }
4950
4951 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4952 assert(u);
4953
4954 unit_unref_uid(u, destroy_now);
4955 unit_unref_gid(u, destroy_now);
4956 }
4957
4958 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4959 int r;
4960
4961 assert(u);
4962
4963 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4964 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4965 * objects when no service references the UID/GID anymore. */
4966
4967 r = unit_ref_uid_gid(u, uid, gid);
4968 if (r > 0)
4969 bus_unit_send_change_signal(u);
4970 }
4971
4972 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4973 int r;
4974
4975 assert(u);
4976
4977 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4978
4979 if (sd_id128_equal(u->invocation_id, id))
4980 return 0;
4981
4982 if (!sd_id128_is_null(u->invocation_id))
4983 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4984
4985 if (sd_id128_is_null(id)) {
4986 r = 0;
4987 goto reset;
4988 }
4989
4990 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4991 if (r < 0)
4992 goto reset;
4993
4994 u->invocation_id = id;
4995 sd_id128_to_string(id, u->invocation_id_string);
4996
4997 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4998 if (r < 0)
4999 goto reset;
5000
5001 return 0;
5002
5003 reset:
5004 u->invocation_id = SD_ID128_NULL;
5005 u->invocation_id_string[0] = 0;
5006 return r;
5007 }
5008
5009 int unit_acquire_invocation_id(Unit *u) {
5010 sd_id128_t id;
5011 int r;
5012
5013 assert(u);
5014
5015 r = sd_id128_randomize(&id);
5016 if (r < 0)
5017 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5018
5019 r = unit_set_invocation_id(u, id);
5020 if (r < 0)
5021 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5022
5023 return 0;
5024 }
5025
5026 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5027 assert(u);
5028 assert(p);
5029
5030 /* Copy parameters from manager */
5031 p->environment = u->manager->environment;
5032 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5033 p->cgroup_supported = u->manager->cgroup_supported;
5034 p->prefix = u->manager->prefix;
5035 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5036
5037 /* Copy paramaters from unit */
5038 p->cgroup_path = u->cgroup_path;
5039 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5040 }
5041
5042 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5043 int r;
5044
5045 assert(u);
5046 assert(ret);
5047
5048 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5049 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5050
5051 (void) unit_realize_cgroup(u);
5052
5053 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5054 if (r != 0)
5055 return r;
5056
5057 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5058 (void) ignore_signals(SIGPIPE, -1);
5059
5060 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5061
5062 if (u->cgroup_path) {
5063 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5064 if (r < 0) {
5065 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5066 _exit(EXIT_CGROUP);
5067 }
5068 }
5069
5070 return 0;
5071 }
5072
5073 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5074 assert(u);
5075 assert(d >= 0);
5076 assert(d < _UNIT_DEPENDENCY_MAX);
5077 assert(other);
5078
5079 if (di.origin_mask == 0 && di.destination_mask == 0) {
5080 /* No bit set anymore, let's drop the whole entry */
5081 assert_se(hashmap_remove(u->dependencies[d], other));
5082 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5083 } else
5084 /* Mask was reduced, let's update the entry */
5085 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5086 }
5087
5088 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5089 UnitDependency d;
5090
5091 assert(u);
5092
5093 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5094
5095 if (mask == 0)
5096 return;
5097
5098 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5099 bool done;
5100
5101 do {
5102 UnitDependencyInfo di;
5103 Unit *other;
5104 Iterator i;
5105
5106 done = true;
5107
5108 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5109 UnitDependency q;
5110
5111 if ((di.origin_mask & ~mask) == di.origin_mask)
5112 continue;
5113 di.origin_mask &= ~mask;
5114 unit_update_dependency_mask(u, d, other, di);
5115
5116 /* We updated the dependency from our unit to the other unit now. But most dependencies
5117 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5118 * all dependency types on the other unit and delete all those which point to us and
5119 * have the right mask set. */
5120
5121 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5122 UnitDependencyInfo dj;
5123
5124 dj.data = hashmap_get(other->dependencies[q], u);
5125 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5126 continue;
5127 dj.destination_mask &= ~mask;
5128
5129 unit_update_dependency_mask(other, q, u, dj);
5130 }
5131
5132 unit_add_to_gc_queue(other);
5133
5134 done = false;
5135 break;
5136 }
5137
5138 } while (!done);
5139 }
5140 }
5141
5142 static int unit_export_invocation_id(Unit *u) {
5143 const char *p;
5144 int r;
5145
5146 assert(u);
5147
5148 if (u->exported_invocation_id)
5149 return 0;
5150
5151 if (sd_id128_is_null(u->invocation_id))
5152 return 0;
5153
5154 p = strjoina("/run/systemd/units/invocation:", u->id);
5155 r = symlink_atomic(u->invocation_id_string, p);
5156 if (r < 0)
5157 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5158
5159 u->exported_invocation_id = true;
5160 return 0;
5161 }
5162
5163 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5164 const char *p;
5165 char buf[2];
5166 int r;
5167
5168 assert(u);
5169 assert(c);
5170
5171 if (u->exported_log_level_max)
5172 return 0;
5173
5174 if (c->log_level_max < 0)
5175 return 0;
5176
5177 assert(c->log_level_max <= 7);
5178
5179 buf[0] = '0' + c->log_level_max;
5180 buf[1] = 0;
5181
5182 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5183 r = symlink_atomic(buf, p);
5184 if (r < 0)
5185 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5186
5187 u->exported_log_level_max = true;
5188 return 0;
5189 }
5190
5191 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5192 _cleanup_close_ int fd = -1;
5193 struct iovec *iovec;
5194 const char *p;
5195 char *pattern;
5196 le64_t *sizes;
5197 ssize_t n;
5198 size_t i;
5199 int r;
5200
5201 if (u->exported_log_extra_fields)
5202 return 0;
5203
5204 if (c->n_log_extra_fields <= 0)
5205 return 0;
5206
5207 sizes = newa(le64_t, c->n_log_extra_fields);
5208 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5209
5210 for (i = 0; i < c->n_log_extra_fields; i++) {
5211 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5212
5213 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5214 iovec[i*2+1] = c->log_extra_fields[i];
5215 }
5216
5217 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5218 pattern = strjoina(p, ".XXXXXX");
5219
5220 fd = mkostemp_safe(pattern);
5221 if (fd < 0)
5222 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5223
5224 n = writev(fd, iovec, c->n_log_extra_fields*2);
5225 if (n < 0) {
5226 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5227 goto fail;
5228 }
5229
5230 (void) fchmod(fd, 0644);
5231
5232 if (rename(pattern, p) < 0) {
5233 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5234 goto fail;
5235 }
5236
5237 u->exported_log_extra_fields = true;
5238 return 0;
5239
5240 fail:
5241 (void) unlink(pattern);
5242 return r;
5243 }
5244
5245 void unit_export_state_files(Unit *u) {
5246 const ExecContext *c;
5247
5248 assert(u);
5249
5250 if (!u->id)
5251 return;
5252
5253 if (!MANAGER_IS_SYSTEM(u->manager))
5254 return;
5255
5256 if (u->manager->test_run_flags != 0)
5257 return;
5258
5259 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5260 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5261 * the IPC system itself and PID 1 also log to the journal.
5262 *
5263 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5264 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5265 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5266 * namespace at least.
5267 *
5268 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5269 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5270 * them with one. */
5271
5272 (void) unit_export_invocation_id(u);
5273
5274 c = unit_get_exec_context(u);
5275 if (c) {
5276 (void) unit_export_log_level_max(u, c);
5277 (void) unit_export_log_extra_fields(u, c);
5278 }
5279 }
5280
5281 void unit_unlink_state_files(Unit *u) {
5282 const char *p;
5283
5284 assert(u);
5285
5286 if (!u->id)
5287 return;
5288
5289 if (!MANAGER_IS_SYSTEM(u->manager))
5290 return;
5291
5292 /* Undoes the effect of unit_export_state() */
5293
5294 if (u->exported_invocation_id) {
5295 p = strjoina("/run/systemd/units/invocation:", u->id);
5296 (void) unlink(p);
5297
5298 u->exported_invocation_id = false;
5299 }
5300
5301 if (u->exported_log_level_max) {
5302 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5303 (void) unlink(p);
5304
5305 u->exported_log_level_max = false;
5306 }
5307
5308 if (u->exported_log_extra_fields) {
5309 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5310 (void) unlink(p);
5311
5312 u->exported_log_extra_fields = false;
5313 }
5314 }
5315
5316 int unit_prepare_exec(Unit *u) {
5317 int r;
5318
5319 assert(u);
5320
5321 /* Prepares everything so that we can fork of a process for this unit */
5322
5323 (void) unit_realize_cgroup(u);
5324
5325 if (u->reset_accounting) {
5326 (void) unit_reset_cpu_accounting(u);
5327 (void) unit_reset_ip_accounting(u);
5328 u->reset_accounting = false;
5329 }
5330
5331 unit_export_state_files(u);
5332
5333 r = unit_setup_exec_runtime(u);
5334 if (r < 0)
5335 return r;
5336
5337 r = unit_setup_dynamic_creds(u);
5338 if (r < 0)
5339 return r;
5340
5341 return 0;
5342 }
5343
5344 static void log_leftover(pid_t pid, int sig, void *userdata) {
5345 _cleanup_free_ char *comm = NULL;
5346
5347 (void) get_process_comm(pid, &comm);
5348
5349 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5350 return;
5351
5352 log_unit_warning(userdata,
5353 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5354 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5355 pid, strna(comm));
5356 }
5357
5358 void unit_warn_leftover_processes(Unit *u) {
5359 assert(u);
5360
5361 (void) unit_pick_cgroup_path(u);
5362
5363 if (!u->cgroup_path)
5364 return;
5365
5366 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5367 }
5368
5369 bool unit_needs_console(Unit *u) {
5370 ExecContext *ec;
5371 UnitActiveState state;
5372
5373 assert(u);
5374
5375 state = unit_active_state(u);
5376
5377 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5378 return false;
5379
5380 if (UNIT_VTABLE(u)->needs_console)
5381 return UNIT_VTABLE(u)->needs_console(u);
5382
5383 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5384 ec = unit_get_exec_context(u);
5385 if (!ec)
5386 return false;
5387
5388 return exec_context_may_touch_console(ec);
5389 }
5390
5391 const char *unit_label_path(Unit *u) {
5392 const char *p;
5393
5394 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5395 * when validating access checks. */
5396
5397 p = u->source_path ?: u->fragment_path;
5398 if (!p)
5399 return NULL;
5400
5401 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5402 if (path_equal(p, "/dev/null"))
5403 return NULL;
5404
5405 return p;
5406 }
5407
5408 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5409 int r;
5410
5411 assert(u);
5412
5413 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5414 * and not a kernel thread either */
5415
5416 /* First, a simple range check */
5417 if (!pid_is_valid(pid))
5418 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5419
5420 /* Some extra safety check */
5421 if (pid == 1 || pid == getpid_cached())
5422 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5423
5424 /* Don't even begin to bother with kernel threads */
5425 r = is_kernel_thread(pid);
5426 if (r == -ESRCH)
5427 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5428 if (r < 0)
5429 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5430 if (r > 0)
5431 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5432
5433 return 0;
5434 }
5435
5436 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5437 [COLLECT_INACTIVE] = "inactive",
5438 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5439 };
5440
5441 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.