]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #13246 from keszybz/add-SystemdOptions-efi-variable
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <sys/prctl.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #include "sd-id128.h"
11 #include "sd-messages.h"
12
13 #include "all-units.h"
14 #include "alloc-util.h"
15 #include "bpf-firewall.h"
16 #include "bus-common-errors.h"
17 #include "bus-util.h"
18 #include "cgroup-setup.h"
19 #include "cgroup-util.h"
20 #include "dbus-unit.h"
21 #include "dbus.h"
22 #include "dropin.h"
23 #include "escape.h"
24 #include "execute.h"
25 #include "fd-util.h"
26 #include "fileio-label.h"
27 #include "fileio.h"
28 #include "format-util.h"
29 #include "fs-util.h"
30 #include "id128-util.h"
31 #include "io-util.h"
32 #include "install.h"
33 #include "load-dropin.h"
34 #include "load-fragment.h"
35 #include "log.h"
36 #include "macro.h"
37 #include "missing.h"
38 #include "mkdir.h"
39 #include "parse-util.h"
40 #include "path-util.h"
41 #include "process-util.h"
42 #include "rm-rf.h"
43 #include "serialize.h"
44 #include "set.h"
45 #include "signal-util.h"
46 #include "sparse-endian.h"
47 #include "special.h"
48 #include "specifier.h"
49 #include "stat-util.h"
50 #include "stdio-util.h"
51 #include "string-table.h"
52 #include "string-util.h"
53 #include "strv.h"
54 #include "terminal-util.h"
55 #include "tmpfile-util.h"
56 #include "umask-util.h"
57 #include "unit-name.h"
58 #include "unit.h"
59 #include "user-util.h"
60 #include "virt.h"
61
62 /* Thresholds for logging at INFO level about resource consumption */
63 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
64 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
65 #define MENTIONWORTHY_IP_BYTES (0ULL)
66
67 /* Thresholds for logging at INFO level about resource consumption */
68 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
69 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
70 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
71
72 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
73 [UNIT_SERVICE] = &service_vtable,
74 [UNIT_SOCKET] = &socket_vtable,
75 [UNIT_TARGET] = &target_vtable,
76 [UNIT_DEVICE] = &device_vtable,
77 [UNIT_MOUNT] = &mount_vtable,
78 [UNIT_AUTOMOUNT] = &automount_vtable,
79 [UNIT_SWAP] = &swap_vtable,
80 [UNIT_TIMER] = &timer_vtable,
81 [UNIT_PATH] = &path_vtable,
82 [UNIT_SLICE] = &slice_vtable,
83 [UNIT_SCOPE] = &scope_vtable,
84 };
85
86 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
87
88 Unit *unit_new(Manager *m, size_t size) {
89 Unit *u;
90
91 assert(m);
92 assert(size >= sizeof(Unit));
93
94 u = malloc0(size);
95 if (!u)
96 return NULL;
97
98 u->names = set_new(&string_hash_ops);
99 if (!u->names)
100 return mfree(u);
101
102 u->manager = m;
103 u->type = _UNIT_TYPE_INVALID;
104 u->default_dependencies = true;
105 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
106 u->unit_file_preset = -1;
107 u->on_failure_job_mode = JOB_REPLACE;
108 u->cgroup_control_inotify_wd = -1;
109 u->cgroup_memory_inotify_wd = -1;
110 u->job_timeout = USEC_INFINITY;
111 u->job_running_timeout = USEC_INFINITY;
112 u->ref_uid = UID_INVALID;
113 u->ref_gid = GID_INVALID;
114 u->cpu_usage_last = NSEC_INFINITY;
115 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
116 u->failure_action_exit_status = u->success_action_exit_status = -1;
117
118 u->ip_accounting_ingress_map_fd = -1;
119 u->ip_accounting_egress_map_fd = -1;
120 u->ipv4_allow_map_fd = -1;
121 u->ipv6_allow_map_fd = -1;
122 u->ipv4_deny_map_fd = -1;
123 u->ipv6_deny_map_fd = -1;
124
125 u->last_section_private = -1;
126
127 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
128 u->auto_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
129
130 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
131 u->io_accounting_last[i] = UINT64_MAX;
132
133 return u;
134 }
135
136 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
137 _cleanup_(unit_freep) Unit *u = NULL;
138 int r;
139
140 u = unit_new(m, size);
141 if (!u)
142 return -ENOMEM;
143
144 r = unit_add_name(u, name);
145 if (r < 0)
146 return r;
147
148 *ret = TAKE_PTR(u);
149
150 return r;
151 }
152
153 bool unit_has_name(const Unit *u, const char *name) {
154 assert(u);
155 assert(name);
156
157 return set_contains(u->names, (char*) name);
158 }
159
160 static void unit_init(Unit *u) {
161 CGroupContext *cc;
162 ExecContext *ec;
163 KillContext *kc;
164
165 assert(u);
166 assert(u->manager);
167 assert(u->type >= 0);
168
169 cc = unit_get_cgroup_context(u);
170 if (cc) {
171 cgroup_context_init(cc);
172
173 /* Copy in the manager defaults into the cgroup
174 * context, _before_ the rest of the settings have
175 * been initialized */
176
177 cc->cpu_accounting = u->manager->default_cpu_accounting;
178 cc->io_accounting = u->manager->default_io_accounting;
179 cc->blockio_accounting = u->manager->default_blockio_accounting;
180 cc->memory_accounting = u->manager->default_memory_accounting;
181 cc->tasks_accounting = u->manager->default_tasks_accounting;
182 cc->ip_accounting = u->manager->default_ip_accounting;
183
184 if (u->type != UNIT_SLICE)
185 cc->tasks_max = u->manager->default_tasks_max;
186 }
187
188 ec = unit_get_exec_context(u);
189 if (ec) {
190 exec_context_init(ec);
191
192 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
193 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
194 }
195
196 kc = unit_get_kill_context(u);
197 if (kc)
198 kill_context_init(kc);
199
200 if (UNIT_VTABLE(u)->init)
201 UNIT_VTABLE(u)->init(u);
202 }
203
204 int unit_add_name(Unit *u, const char *text) {
205 _cleanup_free_ char *s = NULL, *i = NULL;
206 UnitType t;
207 int r;
208
209 assert(u);
210 assert(text);
211
212 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
213
214 if (!u->instance)
215 return -EINVAL;
216
217 r = unit_name_replace_instance(text, u->instance, &s);
218 if (r < 0)
219 return r;
220 } else {
221 s = strdup(text);
222 if (!s)
223 return -ENOMEM;
224 }
225
226 if (set_contains(u->names, s))
227 return 0;
228 if (hashmap_contains(u->manager->units, s))
229 return -EEXIST;
230
231 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
232 return -EINVAL;
233
234 t = unit_name_to_type(s);
235 if (t < 0)
236 return -EINVAL;
237
238 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
239 return -EINVAL;
240
241 r = unit_name_to_instance(s, &i);
242 if (r < 0)
243 return r;
244
245 if (i && !unit_type_may_template(t))
246 return -EINVAL;
247
248 /* Ensure that this unit is either instanced or not instanced,
249 * but not both. Note that we do allow names with different
250 * instance names however! */
251 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
252 return -EINVAL;
253
254 if (!unit_type_may_alias(t) && !set_isempty(u->names))
255 return -EEXIST;
256
257 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
258 return -E2BIG;
259
260 r = set_put(u->names, s);
261 if (r < 0)
262 return r;
263 assert(r > 0);
264
265 r = hashmap_put(u->manager->units, s, u);
266 if (r < 0) {
267 (void) set_remove(u->names, s);
268 return r;
269 }
270
271 if (u->type == _UNIT_TYPE_INVALID) {
272 u->type = t;
273 u->id = s;
274 u->instance = TAKE_PTR(i);
275
276 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
277
278 unit_init(u);
279 }
280
281 s = NULL;
282
283 unit_add_to_dbus_queue(u);
284 return 0;
285 }
286
287 int unit_choose_id(Unit *u, const char *name) {
288 _cleanup_free_ char *t = NULL;
289 char *s, *i;
290 int r;
291
292 assert(u);
293 assert(name);
294
295 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
296
297 if (!u->instance)
298 return -EINVAL;
299
300 r = unit_name_replace_instance(name, u->instance, &t);
301 if (r < 0)
302 return r;
303
304 name = t;
305 }
306
307 /* Selects one of the names of this unit as the id */
308 s = set_get(u->names, (char*) name);
309 if (!s)
310 return -ENOENT;
311
312 /* Determine the new instance from the new id */
313 r = unit_name_to_instance(s, &i);
314 if (r < 0)
315 return r;
316
317 u->id = s;
318
319 free(u->instance);
320 u->instance = i;
321
322 unit_add_to_dbus_queue(u);
323
324 return 0;
325 }
326
327 int unit_set_description(Unit *u, const char *description) {
328 int r;
329
330 assert(u);
331
332 r = free_and_strdup(&u->description, empty_to_null(description));
333 if (r < 0)
334 return r;
335 if (r > 0)
336 unit_add_to_dbus_queue(u);
337
338 return 0;
339 }
340
341 bool unit_may_gc(Unit *u) {
342 UnitActiveState state;
343 int r;
344
345 assert(u);
346
347 /* Checks whether the unit is ready to be unloaded for garbage collection.
348 * Returns true when the unit may be collected, and false if there's some
349 * reason to keep it loaded.
350 *
351 * References from other units are *not* checked here. Instead, this is done
352 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
353 */
354
355 if (u->job)
356 return false;
357
358 if (u->nop_job)
359 return false;
360
361 state = unit_active_state(u);
362
363 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
364 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
365 UNIT_VTABLE(u)->release_resources)
366 UNIT_VTABLE(u)->release_resources(u);
367
368 if (u->perpetual)
369 return false;
370
371 if (sd_bus_track_count(u->bus_track) > 0)
372 return false;
373
374 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
375 switch (u->collect_mode) {
376
377 case COLLECT_INACTIVE:
378 if (state != UNIT_INACTIVE)
379 return false;
380
381 break;
382
383 case COLLECT_INACTIVE_OR_FAILED:
384 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
385 return false;
386
387 break;
388
389 default:
390 assert_not_reached("Unknown garbage collection mode");
391 }
392
393 if (u->cgroup_path) {
394 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
395 * around. Units with active processes should never be collected. */
396
397 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
398 if (r < 0)
399 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
400 if (r <= 0)
401 return false;
402 }
403
404 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
405 return false;
406
407 return true;
408 }
409
410 void unit_add_to_load_queue(Unit *u) {
411 assert(u);
412 assert(u->type != _UNIT_TYPE_INVALID);
413
414 if (u->load_state != UNIT_STUB || u->in_load_queue)
415 return;
416
417 LIST_PREPEND(load_queue, u->manager->load_queue, u);
418 u->in_load_queue = true;
419 }
420
421 void unit_add_to_cleanup_queue(Unit *u) {
422 assert(u);
423
424 if (u->in_cleanup_queue)
425 return;
426
427 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
428 u->in_cleanup_queue = true;
429 }
430
431 void unit_add_to_gc_queue(Unit *u) {
432 assert(u);
433
434 if (u->in_gc_queue || u->in_cleanup_queue)
435 return;
436
437 if (!unit_may_gc(u))
438 return;
439
440 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
441 u->in_gc_queue = true;
442 }
443
444 void unit_add_to_dbus_queue(Unit *u) {
445 assert(u);
446 assert(u->type != _UNIT_TYPE_INVALID);
447
448 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
449 return;
450
451 /* Shortcut things if nobody cares */
452 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
453 sd_bus_track_count(u->bus_track) <= 0 &&
454 set_isempty(u->manager->private_buses)) {
455 u->sent_dbus_new_signal = true;
456 return;
457 }
458
459 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
460 u->in_dbus_queue = true;
461 }
462
463 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
464 assert(u);
465
466 if (u->in_stop_when_unneeded_queue)
467 return;
468
469 if (!u->stop_when_unneeded)
470 return;
471
472 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
473 return;
474
475 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
476 u->in_stop_when_unneeded_queue = true;
477 }
478
479 static void bidi_set_free(Unit *u, Hashmap *h) {
480 Unit *other;
481 Iterator i;
482 void *v;
483
484 assert(u);
485
486 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
487
488 HASHMAP_FOREACH_KEY(v, other, h, i) {
489 UnitDependency d;
490
491 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
492 hashmap_remove(other->dependencies[d], u);
493
494 unit_add_to_gc_queue(other);
495 }
496
497 hashmap_free(h);
498 }
499
500 static void unit_remove_transient(Unit *u) {
501 char **i;
502
503 assert(u);
504
505 if (!u->transient)
506 return;
507
508 if (u->fragment_path)
509 (void) unlink(u->fragment_path);
510
511 STRV_FOREACH(i, u->dropin_paths) {
512 _cleanup_free_ char *p = NULL, *pp = NULL;
513
514 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
515 if (!p)
516 continue;
517
518 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
519 if (!pp)
520 continue;
521
522 /* Only drop transient drop-ins */
523 if (!path_equal(u->manager->lookup_paths.transient, pp))
524 continue;
525
526 (void) unlink(*i);
527 (void) rmdir(p);
528 }
529 }
530
531 static void unit_free_requires_mounts_for(Unit *u) {
532 assert(u);
533
534 for (;;) {
535 _cleanup_free_ char *path;
536
537 path = hashmap_steal_first_key(u->requires_mounts_for);
538 if (!path)
539 break;
540 else {
541 char s[strlen(path) + 1];
542
543 PATH_FOREACH_PREFIX_MORE(s, path) {
544 char *y;
545 Set *x;
546
547 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
548 if (!x)
549 continue;
550
551 (void) set_remove(x, u);
552
553 if (set_isempty(x)) {
554 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
555 free(y);
556 set_free(x);
557 }
558 }
559 }
560 }
561
562 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
563 }
564
565 static void unit_done(Unit *u) {
566 ExecContext *ec;
567 CGroupContext *cc;
568
569 assert(u);
570
571 if (u->type < 0)
572 return;
573
574 if (UNIT_VTABLE(u)->done)
575 UNIT_VTABLE(u)->done(u);
576
577 ec = unit_get_exec_context(u);
578 if (ec)
579 exec_context_done(ec);
580
581 cc = unit_get_cgroup_context(u);
582 if (cc)
583 cgroup_context_done(cc);
584 }
585
586 void unit_free(Unit *u) {
587 UnitDependency d;
588 Iterator i;
589 char *t;
590
591 if (!u)
592 return;
593
594 if (UNIT_ISSET(u->slice)) {
595 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
596 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u->slice));
597
598 /* And make sure the parent is realized again, updating cgroup memberships */
599 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u->slice));
600 }
601
602 u->transient_file = safe_fclose(u->transient_file);
603
604 if (!MANAGER_IS_RELOADING(u->manager))
605 unit_remove_transient(u);
606
607 bus_unit_send_removed_signal(u);
608
609 unit_done(u);
610
611 unit_dequeue_rewatch_pids(u);
612
613 sd_bus_slot_unref(u->match_bus_slot);
614 sd_bus_track_unref(u->bus_track);
615 u->deserialized_refs = strv_free(u->deserialized_refs);
616
617 unit_free_requires_mounts_for(u);
618
619 SET_FOREACH(t, u->names, i)
620 hashmap_remove_value(u->manager->units, t, u);
621
622 if (!sd_id128_is_null(u->invocation_id))
623 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
624
625 if (u->job) {
626 Job *j = u->job;
627 job_uninstall(j);
628 job_free(j);
629 }
630
631 if (u->nop_job) {
632 Job *j = u->nop_job;
633 job_uninstall(j);
634 job_free(j);
635 }
636
637 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
638 bidi_set_free(u, u->dependencies[d]);
639
640 if (u->on_console)
641 manager_unref_console(u->manager);
642
643 unit_release_cgroup(u);
644
645 if (!MANAGER_IS_RELOADING(u->manager))
646 unit_unlink_state_files(u);
647
648 unit_unref_uid_gid(u, false);
649
650 (void) manager_update_failed_units(u->manager, u, false);
651 set_remove(u->manager->startup_units, u);
652
653 unit_unwatch_all_pids(u);
654
655 unit_ref_unset(&u->slice);
656 while (u->refs_by_target)
657 unit_ref_unset(u->refs_by_target);
658
659 if (u->type != _UNIT_TYPE_INVALID)
660 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
661
662 if (u->in_load_queue)
663 LIST_REMOVE(load_queue, u->manager->load_queue, u);
664
665 if (u->in_dbus_queue)
666 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
667
668 if (u->in_gc_queue)
669 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
670
671 if (u->in_cgroup_realize_queue)
672 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
673
674 if (u->in_cgroup_empty_queue)
675 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
676
677 if (u->in_cleanup_queue)
678 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
679
680 if (u->in_target_deps_queue)
681 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
682
683 if (u->in_stop_when_unneeded_queue)
684 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
685
686 safe_close(u->ip_accounting_ingress_map_fd);
687 safe_close(u->ip_accounting_egress_map_fd);
688
689 safe_close(u->ipv4_allow_map_fd);
690 safe_close(u->ipv6_allow_map_fd);
691 safe_close(u->ipv4_deny_map_fd);
692 safe_close(u->ipv6_deny_map_fd);
693
694 bpf_program_unref(u->ip_bpf_ingress);
695 bpf_program_unref(u->ip_bpf_ingress_installed);
696 bpf_program_unref(u->ip_bpf_egress);
697 bpf_program_unref(u->ip_bpf_egress_installed);
698
699 set_free(u->ip_bpf_custom_ingress);
700 set_free(u->ip_bpf_custom_egress);
701 set_free(u->ip_bpf_custom_ingress_installed);
702 set_free(u->ip_bpf_custom_egress_installed);
703
704 bpf_program_unref(u->bpf_device_control_installed);
705
706 condition_free_list(u->conditions);
707 condition_free_list(u->asserts);
708
709 free(u->description);
710 strv_free(u->documentation);
711 free(u->fragment_path);
712 free(u->source_path);
713 strv_free(u->dropin_paths);
714 free(u->instance);
715
716 free(u->job_timeout_reboot_arg);
717
718 set_free_free(u->names);
719
720 free(u->reboot_arg);
721
722 free(u);
723 }
724
725 UnitActiveState unit_active_state(Unit *u) {
726 assert(u);
727
728 if (u->load_state == UNIT_MERGED)
729 return unit_active_state(unit_follow_merge(u));
730
731 /* After a reload it might happen that a unit is not correctly
732 * loaded but still has a process around. That's why we won't
733 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
734
735 return UNIT_VTABLE(u)->active_state(u);
736 }
737
738 const char* unit_sub_state_to_string(Unit *u) {
739 assert(u);
740
741 return UNIT_VTABLE(u)->sub_state_to_string(u);
742 }
743
744 static int set_complete_move(Set **s, Set **other) {
745 assert(s);
746 assert(other);
747
748 if (!other)
749 return 0;
750
751 if (*s)
752 return set_move(*s, *other);
753 else
754 *s = TAKE_PTR(*other);
755
756 return 0;
757 }
758
759 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
760 assert(s);
761 assert(other);
762
763 if (!*other)
764 return 0;
765
766 if (*s)
767 return hashmap_move(*s, *other);
768 else
769 *s = TAKE_PTR(*other);
770
771 return 0;
772 }
773
774 static int merge_names(Unit *u, Unit *other) {
775 char *t;
776 Iterator i;
777 int r;
778
779 assert(u);
780 assert(other);
781
782 r = set_complete_move(&u->names, &other->names);
783 if (r < 0)
784 return r;
785
786 set_free_free(other->names);
787 other->names = NULL;
788 other->id = NULL;
789
790 SET_FOREACH(t, u->names, i)
791 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
792
793 return 0;
794 }
795
796 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
797 unsigned n_reserve;
798
799 assert(u);
800 assert(other);
801 assert(d < _UNIT_DEPENDENCY_MAX);
802
803 /*
804 * If u does not have this dependency set allocated, there is no need
805 * to reserve anything. In that case other's set will be transferred
806 * as a whole to u by complete_move().
807 */
808 if (!u->dependencies[d])
809 return 0;
810
811 /* merge_dependencies() will skip a u-on-u dependency */
812 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
813
814 return hashmap_reserve(u->dependencies[d], n_reserve);
815 }
816
817 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
818 Iterator i;
819 Unit *back;
820 void *v;
821 int r;
822
823 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
824
825 assert(u);
826 assert(other);
827 assert(d < _UNIT_DEPENDENCY_MAX);
828
829 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
830 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
831 UnitDependency k;
832
833 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
834 * pointers back, and let's fix them up, to instead point to 'u'. */
835
836 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
837 if (back == u) {
838 /* Do not add dependencies between u and itself. */
839 if (hashmap_remove(back->dependencies[k], other))
840 maybe_warn_about_dependency(u, other_id, k);
841 } else {
842 UnitDependencyInfo di_u, di_other, di_merged;
843
844 /* Let's drop this dependency between "back" and "other", and let's create it between
845 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
846 * and any such dependency which might already exist */
847
848 di_other.data = hashmap_get(back->dependencies[k], other);
849 if (!di_other.data)
850 continue; /* dependency isn't set, let's try the next one */
851
852 di_u.data = hashmap_get(back->dependencies[k], u);
853
854 di_merged = (UnitDependencyInfo) {
855 .origin_mask = di_u.origin_mask | di_other.origin_mask,
856 .destination_mask = di_u.destination_mask | di_other.destination_mask,
857 };
858
859 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
860 if (r < 0)
861 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
862 assert(r >= 0);
863
864 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
865 }
866 }
867
868 }
869
870 /* Also do not move dependencies on u to itself */
871 back = hashmap_remove(other->dependencies[d], u);
872 if (back)
873 maybe_warn_about_dependency(u, other_id, d);
874
875 /* The move cannot fail. The caller must have performed a reservation. */
876 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
877
878 other->dependencies[d] = hashmap_free(other->dependencies[d]);
879 }
880
881 int unit_merge(Unit *u, Unit *other) {
882 UnitDependency d;
883 const char *other_id = NULL;
884 int r;
885
886 assert(u);
887 assert(other);
888 assert(u->manager == other->manager);
889 assert(u->type != _UNIT_TYPE_INVALID);
890
891 other = unit_follow_merge(other);
892
893 if (other == u)
894 return 0;
895
896 if (u->type != other->type)
897 return -EINVAL;
898
899 if (!u->instance != !other->instance)
900 return -EINVAL;
901
902 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
903 return -EEXIST;
904
905 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
906 return -EEXIST;
907
908 if (other->job)
909 return -EEXIST;
910
911 if (other->nop_job)
912 return -EEXIST;
913
914 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
915 return -EEXIST;
916
917 if (other->id)
918 other_id = strdupa(other->id);
919
920 /* Make reservations to ensure merge_dependencies() won't fail */
921 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
922 r = reserve_dependencies(u, other, d);
923 /*
924 * We don't rollback reservations if we fail. We don't have
925 * a way to undo reservations. A reservation is not a leak.
926 */
927 if (r < 0)
928 return r;
929 }
930
931 /* Merge names */
932 r = merge_names(u, other);
933 if (r < 0)
934 return r;
935
936 /* Redirect all references */
937 while (other->refs_by_target)
938 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
939
940 /* Merge dependencies */
941 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
942 merge_dependencies(u, other, other_id, d);
943
944 other->load_state = UNIT_MERGED;
945 other->merged_into = u;
946
947 /* If there is still some data attached to the other node, we
948 * don't need it anymore, and can free it. */
949 if (other->load_state != UNIT_STUB)
950 if (UNIT_VTABLE(other)->done)
951 UNIT_VTABLE(other)->done(other);
952
953 unit_add_to_dbus_queue(u);
954 unit_add_to_cleanup_queue(other);
955
956 return 0;
957 }
958
959 int unit_merge_by_name(Unit *u, const char *name) {
960 _cleanup_free_ char *s = NULL;
961 Unit *other;
962 int r;
963
964 /* Either add name to u, or if a unit with name already exists, merge it with u.
965 * If name is a template, do the same for name@instance, where instance is u's instance. */
966
967 assert(u);
968 assert(name);
969
970 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
971 if (!u->instance)
972 return -EINVAL;
973
974 r = unit_name_replace_instance(name, u->instance, &s);
975 if (r < 0)
976 return r;
977
978 name = s;
979 }
980
981 other = manager_get_unit(u->manager, name);
982 if (other)
983 return unit_merge(u, other);
984
985 return unit_add_name(u, name);
986 }
987
988 Unit* unit_follow_merge(Unit *u) {
989 assert(u);
990
991 while (u->load_state == UNIT_MERGED)
992 assert_se(u = u->merged_into);
993
994 return u;
995 }
996
997 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
998 ExecDirectoryType dt;
999 char **dp;
1000 int r;
1001
1002 assert(u);
1003 assert(c);
1004
1005 if (c->working_directory && !c->working_directory_missing_ok) {
1006 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
1007 if (r < 0)
1008 return r;
1009 }
1010
1011 if (c->root_directory) {
1012 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
1013 if (r < 0)
1014 return r;
1015 }
1016
1017 if (c->root_image) {
1018 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
1019 if (r < 0)
1020 return r;
1021 }
1022
1023 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
1024 if (!u->manager->prefix[dt])
1025 continue;
1026
1027 STRV_FOREACH(dp, c->directories[dt].paths) {
1028 _cleanup_free_ char *p;
1029
1030 p = path_join(u->manager->prefix[dt], *dp);
1031 if (!p)
1032 return -ENOMEM;
1033
1034 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1035 if (r < 0)
1036 return r;
1037 }
1038 }
1039
1040 if (!MANAGER_IS_SYSTEM(u->manager))
1041 return 0;
1042
1043 if (c->private_tmp) {
1044 const char *p;
1045
1046 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1047 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1048 if (r < 0)
1049 return r;
1050 }
1051
1052 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1053 if (r < 0)
1054 return r;
1055 }
1056
1057 if (!IN_SET(c->std_output,
1058 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1059 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1060 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1061 !IN_SET(c->std_error,
1062 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1063 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1064 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1065 return 0;
1066
1067 /* If syslog or kernel logging is requested, make sure our own
1068 * logging daemon is run first. */
1069
1070 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1071 if (r < 0)
1072 return r;
1073
1074 return 0;
1075 }
1076
1077 const char *unit_description(Unit *u) {
1078 assert(u);
1079
1080 if (u->description)
1081 return u->description;
1082
1083 return strna(u->id);
1084 }
1085
1086 const char *unit_status_string(Unit *u) {
1087 assert(u);
1088
1089 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME && u->id)
1090 return u->id;
1091
1092 return unit_description(u);
1093 }
1094
1095 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1096 const struct {
1097 UnitDependencyMask mask;
1098 const char *name;
1099 } table[] = {
1100 { UNIT_DEPENDENCY_FILE, "file" },
1101 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1102 { UNIT_DEPENDENCY_DEFAULT, "default" },
1103 { UNIT_DEPENDENCY_UDEV, "udev" },
1104 { UNIT_DEPENDENCY_PATH, "path" },
1105 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1106 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1107 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1108 };
1109 size_t i;
1110
1111 assert(f);
1112 assert(kind);
1113 assert(space);
1114
1115 for (i = 0; i < ELEMENTSOF(table); i++) {
1116
1117 if (mask == 0)
1118 break;
1119
1120 if (FLAGS_SET(mask, table[i].mask)) {
1121 if (*space)
1122 fputc(' ', f);
1123 else
1124 *space = true;
1125
1126 fputs(kind, f);
1127 fputs("-", f);
1128 fputs(table[i].name, f);
1129
1130 mask &= ~table[i].mask;
1131 }
1132 }
1133
1134 assert(mask == 0);
1135 }
1136
1137 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1138 char *t, **j;
1139 UnitDependency d;
1140 Iterator i;
1141 const char *prefix2;
1142 char timestamp[5][FORMAT_TIMESTAMP_MAX], timespan[FORMAT_TIMESPAN_MAX];
1143 Unit *following;
1144 _cleanup_set_free_ Set *following_set = NULL;
1145 const char *n;
1146 CGroupMask m;
1147 int r;
1148
1149 assert(u);
1150 assert(u->type >= 0);
1151
1152 prefix = strempty(prefix);
1153 prefix2 = strjoina(prefix, "\t");
1154
1155 fprintf(f,
1156 "%s-> Unit %s:\n",
1157 prefix, u->id);
1158
1159 SET_FOREACH(t, u->names, i)
1160 if (!streq(t, u->id))
1161 fprintf(f, "%s\tAlias: %s\n", prefix, t);
1162
1163 fprintf(f,
1164 "%s\tDescription: %s\n"
1165 "%s\tInstance: %s\n"
1166 "%s\tUnit Load State: %s\n"
1167 "%s\tUnit Active State: %s\n"
1168 "%s\tState Change Timestamp: %s\n"
1169 "%s\tInactive Exit Timestamp: %s\n"
1170 "%s\tActive Enter Timestamp: %s\n"
1171 "%s\tActive Exit Timestamp: %s\n"
1172 "%s\tInactive Enter Timestamp: %s\n"
1173 "%s\tMay GC: %s\n"
1174 "%s\tNeed Daemon Reload: %s\n"
1175 "%s\tTransient: %s\n"
1176 "%s\tPerpetual: %s\n"
1177 "%s\tGarbage Collection Mode: %s\n"
1178 "%s\tSlice: %s\n"
1179 "%s\tCGroup: %s\n"
1180 "%s\tCGroup realized: %s\n",
1181 prefix, unit_description(u),
1182 prefix, strna(u->instance),
1183 prefix, unit_load_state_to_string(u->load_state),
1184 prefix, unit_active_state_to_string(unit_active_state(u)),
1185 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->state_change_timestamp.realtime)),
1186 prefix, strna(format_timestamp(timestamp[1], sizeof(timestamp[1]), u->inactive_exit_timestamp.realtime)),
1187 prefix, strna(format_timestamp(timestamp[2], sizeof(timestamp[2]), u->active_enter_timestamp.realtime)),
1188 prefix, strna(format_timestamp(timestamp[3], sizeof(timestamp[3]), u->active_exit_timestamp.realtime)),
1189 prefix, strna(format_timestamp(timestamp[4], sizeof(timestamp[4]), u->inactive_enter_timestamp.realtime)),
1190 prefix, yes_no(unit_may_gc(u)),
1191 prefix, yes_no(unit_need_daemon_reload(u)),
1192 prefix, yes_no(u->transient),
1193 prefix, yes_no(u->perpetual),
1194 prefix, collect_mode_to_string(u->collect_mode),
1195 prefix, strna(unit_slice_name(u)),
1196 prefix, strna(u->cgroup_path),
1197 prefix, yes_no(u->cgroup_realized));
1198
1199 if (u->cgroup_realized_mask != 0) {
1200 _cleanup_free_ char *s = NULL;
1201 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1202 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1203 }
1204
1205 if (u->cgroup_enabled_mask != 0) {
1206 _cleanup_free_ char *s = NULL;
1207 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1208 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1209 }
1210
1211 m = unit_get_own_mask(u);
1212 if (m != 0) {
1213 _cleanup_free_ char *s = NULL;
1214 (void) cg_mask_to_string(m, &s);
1215 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1216 }
1217
1218 m = unit_get_members_mask(u);
1219 if (m != 0) {
1220 _cleanup_free_ char *s = NULL;
1221 (void) cg_mask_to_string(m, &s);
1222 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1223 }
1224
1225 m = unit_get_delegate_mask(u);
1226 if (m != 0) {
1227 _cleanup_free_ char *s = NULL;
1228 (void) cg_mask_to_string(m, &s);
1229 fprintf(f, "%s\tCGroup delegate mask: %s\n", prefix, strnull(s));
1230 }
1231
1232 if (!sd_id128_is_null(u->invocation_id))
1233 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1234 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1235
1236 STRV_FOREACH(j, u->documentation)
1237 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1238
1239 following = unit_following(u);
1240 if (following)
1241 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1242
1243 r = unit_following_set(u, &following_set);
1244 if (r >= 0) {
1245 Unit *other;
1246
1247 SET_FOREACH(other, following_set, i)
1248 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1249 }
1250
1251 if (u->fragment_path)
1252 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1253
1254 if (u->source_path)
1255 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1256
1257 STRV_FOREACH(j, u->dropin_paths)
1258 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1259
1260 if (u->failure_action != EMERGENCY_ACTION_NONE)
1261 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1262 if (u->failure_action_exit_status >= 0)
1263 fprintf(f, "%s\tFailure Action Exit Status: %i\n", prefix, u->failure_action_exit_status);
1264 if (u->success_action != EMERGENCY_ACTION_NONE)
1265 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1266 if (u->success_action_exit_status >= 0)
1267 fprintf(f, "%s\tSuccess Action Exit Status: %i\n", prefix, u->success_action_exit_status);
1268
1269 if (u->job_timeout != USEC_INFINITY)
1270 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1271
1272 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1273 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1274
1275 if (u->job_timeout_reboot_arg)
1276 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1277
1278 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1279 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1280
1281 if (dual_timestamp_is_set(&u->condition_timestamp))
1282 fprintf(f,
1283 "%s\tCondition Timestamp: %s\n"
1284 "%s\tCondition Result: %s\n",
1285 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->condition_timestamp.realtime)),
1286 prefix, yes_no(u->condition_result));
1287
1288 if (dual_timestamp_is_set(&u->assert_timestamp))
1289 fprintf(f,
1290 "%s\tAssert Timestamp: %s\n"
1291 "%s\tAssert Result: %s\n",
1292 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->assert_timestamp.realtime)),
1293 prefix, yes_no(u->assert_result));
1294
1295 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1296 UnitDependencyInfo di;
1297 Unit *other;
1298
1299 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1300 bool space = false;
1301
1302 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1303
1304 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1305 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1306
1307 fputs(")\n", f);
1308 }
1309 }
1310
1311 if (!hashmap_isempty(u->requires_mounts_for)) {
1312 UnitDependencyInfo di;
1313 const char *path;
1314
1315 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1316 bool space = false;
1317
1318 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1319
1320 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1321 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1322
1323 fputs(")\n", f);
1324 }
1325 }
1326
1327 if (u->load_state == UNIT_LOADED) {
1328
1329 fprintf(f,
1330 "%s\tStopWhenUnneeded: %s\n"
1331 "%s\tRefuseManualStart: %s\n"
1332 "%s\tRefuseManualStop: %s\n"
1333 "%s\tDefaultDependencies: %s\n"
1334 "%s\tOnFailureJobMode: %s\n"
1335 "%s\tIgnoreOnIsolate: %s\n",
1336 prefix, yes_no(u->stop_when_unneeded),
1337 prefix, yes_no(u->refuse_manual_start),
1338 prefix, yes_no(u->refuse_manual_stop),
1339 prefix, yes_no(u->default_dependencies),
1340 prefix, job_mode_to_string(u->on_failure_job_mode),
1341 prefix, yes_no(u->ignore_on_isolate));
1342
1343 if (UNIT_VTABLE(u)->dump)
1344 UNIT_VTABLE(u)->dump(u, f, prefix2);
1345
1346 } else if (u->load_state == UNIT_MERGED)
1347 fprintf(f,
1348 "%s\tMerged into: %s\n",
1349 prefix, u->merged_into->id);
1350 else if (u->load_state == UNIT_ERROR)
1351 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror_safe(u->load_error));
1352
1353 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1354 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1355
1356 if (u->job)
1357 job_dump(u->job, f, prefix2);
1358
1359 if (u->nop_job)
1360 job_dump(u->nop_job, f, prefix2);
1361 }
1362
1363 /* Common implementation for multiple backends */
1364 int unit_load_fragment_and_dropin(Unit *u) {
1365 int r;
1366
1367 assert(u);
1368
1369 /* Load a .{service,socket,...} file */
1370 r = unit_load_fragment(u);
1371 if (r < 0)
1372 return r;
1373
1374 if (u->load_state == UNIT_STUB)
1375 return -ENOENT;
1376
1377 /* Load drop-in directory data. If u is an alias, we might be reloading the
1378 * target unit needlessly. But we cannot be sure which drops-ins have already
1379 * been loaded and which not, at least without doing complicated book-keeping,
1380 * so let's always reread all drop-ins. */
1381 return unit_load_dropin(unit_follow_merge(u));
1382 }
1383
1384 /* Common implementation for multiple backends */
1385 int unit_load_fragment_and_dropin_optional(Unit *u) {
1386 int r;
1387
1388 assert(u);
1389
1390 /* Same as unit_load_fragment_and_dropin(), but whether
1391 * something can be loaded or not doesn't matter. */
1392
1393 /* Load a .service/.socket/.slice/… file */
1394 r = unit_load_fragment(u);
1395 if (r < 0)
1396 return r;
1397
1398 if (u->load_state == UNIT_STUB)
1399 u->load_state = UNIT_LOADED;
1400
1401 /* Load drop-in directory data */
1402 return unit_load_dropin(unit_follow_merge(u));
1403 }
1404
1405 void unit_add_to_target_deps_queue(Unit *u) {
1406 Manager *m = u->manager;
1407
1408 assert(u);
1409
1410 if (u->in_target_deps_queue)
1411 return;
1412
1413 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1414 u->in_target_deps_queue = true;
1415 }
1416
1417 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1418 assert(u);
1419 assert(target);
1420
1421 if (target->type != UNIT_TARGET)
1422 return 0;
1423
1424 /* Only add the dependency if both units are loaded, so that
1425 * that loop check below is reliable */
1426 if (u->load_state != UNIT_LOADED ||
1427 target->load_state != UNIT_LOADED)
1428 return 0;
1429
1430 /* If either side wants no automatic dependencies, then let's
1431 * skip this */
1432 if (!u->default_dependencies ||
1433 !target->default_dependencies)
1434 return 0;
1435
1436 /* Don't create loops */
1437 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1438 return 0;
1439
1440 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1441 }
1442
1443 static int unit_add_slice_dependencies(Unit *u) {
1444 UnitDependencyMask mask;
1445 assert(u);
1446
1447 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1448 return 0;
1449
1450 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1451 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1452 relationship). */
1453 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1454
1455 if (UNIT_ISSET(u->slice))
1456 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1457
1458 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1459 return 0;
1460
1461 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1462 }
1463
1464 static int unit_add_mount_dependencies(Unit *u) {
1465 UnitDependencyInfo di;
1466 const char *path;
1467 Iterator i;
1468 int r;
1469
1470 assert(u);
1471
1472 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1473 char prefix[strlen(path) + 1];
1474
1475 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1476 _cleanup_free_ char *p = NULL;
1477 Unit *m;
1478
1479 r = unit_name_from_path(prefix, ".mount", &p);
1480 if (r < 0)
1481 return r;
1482
1483 m = manager_get_unit(u->manager, p);
1484 if (!m) {
1485 /* Make sure to load the mount unit if
1486 * it exists. If so the dependencies
1487 * on this unit will be added later
1488 * during the loading of the mount
1489 * unit. */
1490 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1491 continue;
1492 }
1493 if (m == u)
1494 continue;
1495
1496 if (m->load_state != UNIT_LOADED)
1497 continue;
1498
1499 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1500 if (r < 0)
1501 return r;
1502
1503 if (m->fragment_path) {
1504 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1505 if (r < 0)
1506 return r;
1507 }
1508 }
1509 }
1510
1511 return 0;
1512 }
1513
1514 static int unit_add_startup_units(Unit *u) {
1515 CGroupContext *c;
1516 int r;
1517
1518 c = unit_get_cgroup_context(u);
1519 if (!c)
1520 return 0;
1521
1522 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1523 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1524 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1525 return 0;
1526
1527 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1528 if (r < 0)
1529 return r;
1530
1531 return set_put(u->manager->startup_units, u);
1532 }
1533
1534 int unit_load(Unit *u) {
1535 int r;
1536
1537 assert(u);
1538
1539 if (u->in_load_queue) {
1540 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1541 u->in_load_queue = false;
1542 }
1543
1544 if (u->type == _UNIT_TYPE_INVALID)
1545 return -EINVAL;
1546
1547 if (u->load_state != UNIT_STUB)
1548 return 0;
1549
1550 if (u->transient_file) {
1551 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1552 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1553
1554 r = fflush_and_check(u->transient_file);
1555 if (r < 0)
1556 goto fail;
1557
1558 u->transient_file = safe_fclose(u->transient_file);
1559 u->fragment_mtime = now(CLOCK_REALTIME);
1560 }
1561
1562 if (UNIT_VTABLE(u)->load) {
1563 r = UNIT_VTABLE(u)->load(u);
1564 if (r < 0)
1565 goto fail;
1566 }
1567
1568 if (u->load_state == UNIT_STUB) {
1569 r = -ENOENT;
1570 goto fail;
1571 }
1572
1573 if (u->load_state == UNIT_LOADED) {
1574 unit_add_to_target_deps_queue(u);
1575
1576 r = unit_add_slice_dependencies(u);
1577 if (r < 0)
1578 goto fail;
1579
1580 r = unit_add_mount_dependencies(u);
1581 if (r < 0)
1582 goto fail;
1583
1584 r = unit_add_startup_units(u);
1585 if (r < 0)
1586 goto fail;
1587
1588 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1589 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1590 r = -ENOEXEC;
1591 goto fail;
1592 }
1593
1594 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1595 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1596
1597 /* We finished loading, let's ensure our parents recalculate the members mask */
1598 unit_invalidate_cgroup_members_masks(u);
1599 }
1600
1601 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1602
1603 unit_add_to_dbus_queue(unit_follow_merge(u));
1604 unit_add_to_gc_queue(u);
1605
1606 return 0;
1607
1608 fail:
1609 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1610 * return ENOEXEC to ensure units are placed in this state after loading */
1611
1612 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1613 r == -ENOEXEC ? UNIT_BAD_SETTING :
1614 UNIT_ERROR;
1615 u->load_error = r;
1616
1617 unit_add_to_dbus_queue(u);
1618 unit_add_to_gc_queue(u);
1619
1620 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1621 }
1622
1623 _printf_(7, 8)
1624 static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1625 Unit *u = userdata;
1626 va_list ap;
1627 int r;
1628
1629 va_start(ap, format);
1630 if (u)
1631 r = log_object_internalv(level, error, file, line, func,
1632 u->manager->unit_log_field,
1633 u->id,
1634 u->manager->invocation_log_field,
1635 u->invocation_id_string,
1636 format, ap);
1637 else
1638 r = log_internalv(level, error, file, line, func, format, ap);
1639 va_end(ap);
1640
1641 return r;
1642 }
1643
1644 static bool unit_test_condition(Unit *u) {
1645 assert(u);
1646
1647 dual_timestamp_get(&u->condition_timestamp);
1648 u->condition_result = condition_test_list(u->conditions, condition_type_to_string, log_unit_internal, u);
1649
1650 unit_add_to_dbus_queue(u);
1651
1652 return u->condition_result;
1653 }
1654
1655 static bool unit_test_assert(Unit *u) {
1656 assert(u);
1657
1658 dual_timestamp_get(&u->assert_timestamp);
1659 u->assert_result = condition_test_list(u->asserts, assert_type_to_string, log_unit_internal, u);
1660
1661 unit_add_to_dbus_queue(u);
1662
1663 return u->assert_result;
1664 }
1665
1666 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1667 const char *d;
1668
1669 d = unit_status_string(u);
1670 if (log_get_show_color())
1671 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1672
1673 DISABLE_WARNING_FORMAT_NONLITERAL;
1674 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, d);
1675 REENABLE_WARNING;
1676 }
1677
1678 int unit_test_start_limit(Unit *u) {
1679 const char *reason;
1680
1681 assert(u);
1682
1683 if (ratelimit_below(&u->start_ratelimit)) {
1684 u->start_limit_hit = false;
1685 return 0;
1686 }
1687
1688 log_unit_warning(u, "Start request repeated too quickly.");
1689 u->start_limit_hit = true;
1690
1691 reason = strjoina("unit ", u->id, " failed");
1692
1693 emergency_action(u->manager, u->start_limit_action,
1694 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1695 u->reboot_arg, -1, reason);
1696
1697 return -ECANCELED;
1698 }
1699
1700 bool unit_shall_confirm_spawn(Unit *u) {
1701 assert(u);
1702
1703 if (manager_is_confirm_spawn_disabled(u->manager))
1704 return false;
1705
1706 /* For some reasons units remaining in the same process group
1707 * as PID 1 fail to acquire the console even if it's not used
1708 * by any process. So skip the confirmation question for them. */
1709 return !unit_get_exec_context(u)->same_pgrp;
1710 }
1711
1712 static bool unit_verify_deps(Unit *u) {
1713 Unit *other;
1714 Iterator j;
1715 void *v;
1716
1717 assert(u);
1718
1719 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1720 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1721 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1722 * conjunction with After= as for them any such check would make things entirely racy. */
1723
1724 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1725
1726 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1727 continue;
1728
1729 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1730 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1731 return false;
1732 }
1733 }
1734
1735 return true;
1736 }
1737
1738 /* Errors that aren't really errors:
1739 * -EALREADY: Unit is already started.
1740 * -ECOMM: Condition failed
1741 * -EAGAIN: An operation is already in progress. Retry later.
1742 *
1743 * Errors that are real errors:
1744 * -EBADR: This unit type does not support starting.
1745 * -ECANCELED: Start limit hit, too many requests for now
1746 * -EPROTO: Assert failed
1747 * -EINVAL: Unit not loaded
1748 * -EOPNOTSUPP: Unit type not supported
1749 * -ENOLINK: The necessary dependencies are not fulfilled.
1750 * -ESTALE: This unit has been started before and can't be started a second time
1751 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1752 */
1753 int unit_start(Unit *u) {
1754 UnitActiveState state;
1755 Unit *following;
1756
1757 assert(u);
1758
1759 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1760 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1761 * waiting is finished. */
1762 state = unit_active_state(u);
1763 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1764 return -EALREADY;
1765 if (state == UNIT_MAINTENANCE)
1766 return -EAGAIN;
1767
1768 /* Units that aren't loaded cannot be started */
1769 if (u->load_state != UNIT_LOADED)
1770 return -EINVAL;
1771
1772 /* Refuse starting scope units more than once */
1773 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1774 return -ESTALE;
1775
1776 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1777 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1778 * recheck the condition in that case. */
1779 if (state != UNIT_ACTIVATING &&
1780 !unit_test_condition(u))
1781 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
1782
1783 /* If the asserts failed, fail the entire job */
1784 if (state != UNIT_ACTIVATING &&
1785 !unit_test_assert(u))
1786 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1787
1788 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1789 * condition checks, so that we rather return condition check errors (which are usually not
1790 * considered a true failure) than "not supported" errors (which are considered a failure).
1791 */
1792 if (!unit_type_supported(u->type))
1793 return -EOPNOTSUPP;
1794
1795 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1796 * should have taken care of this already, but let's check this here again. After all, our
1797 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1798 if (!unit_verify_deps(u))
1799 return -ENOLINK;
1800
1801 /* Forward to the main object, if we aren't it. */
1802 following = unit_following(u);
1803 if (following) {
1804 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1805 return unit_start(following);
1806 }
1807
1808 /* If it is stopped, but we cannot start it, then fail */
1809 if (!UNIT_VTABLE(u)->start)
1810 return -EBADR;
1811
1812 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1813 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1814 * waits for a holdoff timer to elapse before it will start again. */
1815
1816 unit_add_to_dbus_queue(u);
1817
1818 return UNIT_VTABLE(u)->start(u);
1819 }
1820
1821 bool unit_can_start(Unit *u) {
1822 assert(u);
1823
1824 if (u->load_state != UNIT_LOADED)
1825 return false;
1826
1827 if (!unit_type_supported(u->type))
1828 return false;
1829
1830 /* Scope units may be started only once */
1831 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1832 return false;
1833
1834 return !!UNIT_VTABLE(u)->start;
1835 }
1836
1837 bool unit_can_isolate(Unit *u) {
1838 assert(u);
1839
1840 return unit_can_start(u) &&
1841 u->allow_isolate;
1842 }
1843
1844 /* Errors:
1845 * -EBADR: This unit type does not support stopping.
1846 * -EALREADY: Unit is already stopped.
1847 * -EAGAIN: An operation is already in progress. Retry later.
1848 */
1849 int unit_stop(Unit *u) {
1850 UnitActiveState state;
1851 Unit *following;
1852
1853 assert(u);
1854
1855 state = unit_active_state(u);
1856 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1857 return -EALREADY;
1858
1859 following = unit_following(u);
1860 if (following) {
1861 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1862 return unit_stop(following);
1863 }
1864
1865 if (!UNIT_VTABLE(u)->stop)
1866 return -EBADR;
1867
1868 unit_add_to_dbus_queue(u);
1869
1870 return UNIT_VTABLE(u)->stop(u);
1871 }
1872
1873 bool unit_can_stop(Unit *u) {
1874 assert(u);
1875
1876 if (!unit_type_supported(u->type))
1877 return false;
1878
1879 if (u->perpetual)
1880 return false;
1881
1882 return !!UNIT_VTABLE(u)->stop;
1883 }
1884
1885 /* Errors:
1886 * -EBADR: This unit type does not support reloading.
1887 * -ENOEXEC: Unit is not started.
1888 * -EAGAIN: An operation is already in progress. Retry later.
1889 */
1890 int unit_reload(Unit *u) {
1891 UnitActiveState state;
1892 Unit *following;
1893
1894 assert(u);
1895
1896 if (u->load_state != UNIT_LOADED)
1897 return -EINVAL;
1898
1899 if (!unit_can_reload(u))
1900 return -EBADR;
1901
1902 state = unit_active_state(u);
1903 if (state == UNIT_RELOADING)
1904 return -EAGAIN;
1905
1906 if (state != UNIT_ACTIVE) {
1907 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1908 return -ENOEXEC;
1909 }
1910
1911 following = unit_following(u);
1912 if (following) {
1913 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1914 return unit_reload(following);
1915 }
1916
1917 unit_add_to_dbus_queue(u);
1918
1919 if (!UNIT_VTABLE(u)->reload) {
1920 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1921 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1922 return 0;
1923 }
1924
1925 return UNIT_VTABLE(u)->reload(u);
1926 }
1927
1928 bool unit_can_reload(Unit *u) {
1929 assert(u);
1930
1931 if (UNIT_VTABLE(u)->can_reload)
1932 return UNIT_VTABLE(u)->can_reload(u);
1933
1934 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1935 return true;
1936
1937 return UNIT_VTABLE(u)->reload;
1938 }
1939
1940 bool unit_is_unneeded(Unit *u) {
1941 static const UnitDependency deps[] = {
1942 UNIT_REQUIRED_BY,
1943 UNIT_REQUISITE_OF,
1944 UNIT_WANTED_BY,
1945 UNIT_BOUND_BY,
1946 };
1947 size_t j;
1948
1949 assert(u);
1950
1951 if (!u->stop_when_unneeded)
1952 return false;
1953
1954 /* Don't clean up while the unit is transitioning or is even inactive. */
1955 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
1956 return false;
1957 if (u->job)
1958 return false;
1959
1960 for (j = 0; j < ELEMENTSOF(deps); j++) {
1961 Unit *other;
1962 Iterator i;
1963 void *v;
1964
1965 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
1966 * restart, then don't clean this one up. */
1967
1968 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) {
1969 if (other->job)
1970 return false;
1971
1972 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1973 return false;
1974
1975 if (unit_will_restart(other))
1976 return false;
1977 }
1978 }
1979
1980 return true;
1981 }
1982
1983 static void check_unneeded_dependencies(Unit *u) {
1984
1985 static const UnitDependency deps[] = {
1986 UNIT_REQUIRES,
1987 UNIT_REQUISITE,
1988 UNIT_WANTS,
1989 UNIT_BINDS_TO,
1990 };
1991 size_t j;
1992
1993 assert(u);
1994
1995 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
1996
1997 for (j = 0; j < ELEMENTSOF(deps); j++) {
1998 Unit *other;
1999 Iterator i;
2000 void *v;
2001
2002 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i)
2003 unit_submit_to_stop_when_unneeded_queue(other);
2004 }
2005 }
2006
2007 static void unit_check_binds_to(Unit *u) {
2008 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2009 bool stop = false;
2010 Unit *other;
2011 Iterator i;
2012 void *v;
2013 int r;
2014
2015 assert(u);
2016
2017 if (u->job)
2018 return;
2019
2020 if (unit_active_state(u) != UNIT_ACTIVE)
2021 return;
2022
2023 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2024 if (other->job)
2025 continue;
2026
2027 if (!other->coldplugged)
2028 /* We might yet create a job for the other unit… */
2029 continue;
2030
2031 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2032 continue;
2033
2034 stop = true;
2035 break;
2036 }
2037
2038 if (!stop)
2039 return;
2040
2041 /* If stopping a unit fails continuously we might enter a stop
2042 * loop here, hence stop acting on the service being
2043 * unnecessary after a while. */
2044 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2045 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2046 return;
2047 }
2048
2049 assert(other);
2050 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2051
2052 /* A unit we need to run is gone. Sniff. Let's stop this. */
2053 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL);
2054 if (r < 0)
2055 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2056 }
2057
2058 static void retroactively_start_dependencies(Unit *u) {
2059 Iterator i;
2060 Unit *other;
2061 void *v;
2062
2063 assert(u);
2064 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2065
2066 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2067 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2068 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2069 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2070
2071 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2072 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2073 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2074 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2075
2076 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2077 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2078 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2079 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
2080
2081 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2082 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2083 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2084
2085 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2086 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2087 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2088 }
2089
2090 static void retroactively_stop_dependencies(Unit *u) {
2091 Unit *other;
2092 Iterator i;
2093 void *v;
2094
2095 assert(u);
2096 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2097
2098 /* Pull down units which are bound to us recursively if enabled */
2099 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2100 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2101 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2102 }
2103
2104 void unit_start_on_failure(Unit *u) {
2105 Unit *other;
2106 Iterator i;
2107 void *v;
2108 int r;
2109
2110 assert(u);
2111
2112 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2113 return;
2114
2115 log_unit_info(u, "Triggering OnFailure= dependencies.");
2116
2117 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2118 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2119
2120 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, &error, NULL);
2121 if (r < 0)
2122 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2123 }
2124 }
2125
2126 void unit_trigger_notify(Unit *u) {
2127 Unit *other;
2128 Iterator i;
2129 void *v;
2130
2131 assert(u);
2132
2133 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2134 if (UNIT_VTABLE(other)->trigger_notify)
2135 UNIT_VTABLE(other)->trigger_notify(other, u);
2136 }
2137
2138 static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2139 if (condition_notice && log_level > LOG_NOTICE)
2140 return LOG_NOTICE;
2141 if (condition_info && log_level > LOG_INFO)
2142 return LOG_INFO;
2143 return log_level;
2144 }
2145
2146 static int unit_log_resources(Unit *u) {
2147 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2148 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2149 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
2150 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a treshold */
2151 size_t n_message_parts = 0, n_iovec = 0;
2152 char* message_parts[1 + 2 + 2 + 1], *t;
2153 nsec_t nsec = NSEC_INFINITY;
2154 CGroupIPAccountingMetric m;
2155 size_t i;
2156 int r;
2157 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2158 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2159 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2160 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2161 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2162 };
2163 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2164 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2165 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2166 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2167 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2168 };
2169
2170 assert(u);
2171
2172 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2173 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2174 * information and the complete data in structured fields. */
2175
2176 (void) unit_get_cpu_usage(u, &nsec);
2177 if (nsec != NSEC_INFINITY) {
2178 char buf[FORMAT_TIMESPAN_MAX] = "";
2179
2180 /* Format the CPU time for inclusion in the structured log message */
2181 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2182 r = log_oom();
2183 goto finish;
2184 }
2185 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2186
2187 /* Format the CPU time for inclusion in the human language message string */
2188 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2189 t = strjoin("consumed ", buf, " CPU time");
2190 if (!t) {
2191 r = log_oom();
2192 goto finish;
2193 }
2194
2195 message_parts[n_message_parts++] = t;
2196
2197 log_level = raise_level(log_level,
2198 nsec > NOTICEWORTHY_CPU_NSEC,
2199 nsec > MENTIONWORTHY_CPU_NSEC);
2200 }
2201
2202 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2203 char buf[FORMAT_BYTES_MAX] = "";
2204 uint64_t value = UINT64_MAX;
2205
2206 assert(io_fields[k]);
2207
2208 (void) unit_get_io_accounting(u, k, k > 0, &value);
2209 if (value == UINT64_MAX)
2210 continue;
2211
2212 have_io_accounting = true;
2213 if (value > 0)
2214 any_io = true;
2215
2216 /* Format IO accounting data for inclusion in the structured log message */
2217 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2218 r = log_oom();
2219 goto finish;
2220 }
2221 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2222
2223 /* Format the IO accounting data for inclusion in the human language message string, but only
2224 * for the bytes counters (and not for the operations counters) */
2225 if (k == CGROUP_IO_READ_BYTES) {
2226 assert(!rr);
2227 rr = strjoin("read ", format_bytes(buf, sizeof(buf), value), " from disk");
2228 if (!rr) {
2229 r = log_oom();
2230 goto finish;
2231 }
2232 } else if (k == CGROUP_IO_WRITE_BYTES) {
2233 assert(!wr);
2234 wr = strjoin("written ", format_bytes(buf, sizeof(buf), value), " to disk");
2235 if (!wr) {
2236 r = log_oom();
2237 goto finish;
2238 }
2239 }
2240
2241 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2242 log_level = raise_level(log_level,
2243 value > MENTIONWORTHY_IO_BYTES,
2244 value > NOTICEWORTHY_IO_BYTES);
2245 }
2246
2247 if (have_io_accounting) {
2248 if (any_io) {
2249 if (rr)
2250 message_parts[n_message_parts++] = TAKE_PTR(rr);
2251 if (wr)
2252 message_parts[n_message_parts++] = TAKE_PTR(wr);
2253
2254 } else {
2255 char *k;
2256
2257 k = strdup("no IO");
2258 if (!k) {
2259 r = log_oom();
2260 goto finish;
2261 }
2262
2263 message_parts[n_message_parts++] = k;
2264 }
2265 }
2266
2267 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2268 char buf[FORMAT_BYTES_MAX] = "";
2269 uint64_t value = UINT64_MAX;
2270
2271 assert(ip_fields[m]);
2272
2273 (void) unit_get_ip_accounting(u, m, &value);
2274 if (value == UINT64_MAX)
2275 continue;
2276
2277 have_ip_accounting = true;
2278 if (value > 0)
2279 any_traffic = true;
2280
2281 /* Format IP accounting data for inclusion in the structured log message */
2282 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2283 r = log_oom();
2284 goto finish;
2285 }
2286 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2287
2288 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2289 * bytes counters (and not for the packets counters) */
2290 if (m == CGROUP_IP_INGRESS_BYTES) {
2291 assert(!igress);
2292 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2293 if (!igress) {
2294 r = log_oom();
2295 goto finish;
2296 }
2297 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2298 assert(!egress);
2299 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2300 if (!egress) {
2301 r = log_oom();
2302 goto finish;
2303 }
2304 }
2305
2306 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2307 log_level = raise_level(log_level,
2308 value > MENTIONWORTHY_IP_BYTES,
2309 value > NOTICEWORTHY_IP_BYTES);
2310 }
2311
2312 if (have_ip_accounting) {
2313 if (any_traffic) {
2314 if (igress)
2315 message_parts[n_message_parts++] = TAKE_PTR(igress);
2316 if (egress)
2317 message_parts[n_message_parts++] = TAKE_PTR(egress);
2318
2319 } else {
2320 char *k;
2321
2322 k = strdup("no IP traffic");
2323 if (!k) {
2324 r = log_oom();
2325 goto finish;
2326 }
2327
2328 message_parts[n_message_parts++] = k;
2329 }
2330 }
2331
2332 /* Is there any accounting data available at all? */
2333 if (n_iovec == 0) {
2334 r = 0;
2335 goto finish;
2336 }
2337
2338 if (n_message_parts == 0)
2339 t = strjoina("MESSAGE=", u->id, ": Completed.");
2340 else {
2341 _cleanup_free_ char *joined;
2342
2343 message_parts[n_message_parts] = NULL;
2344
2345 joined = strv_join(message_parts, ", ");
2346 if (!joined) {
2347 r = log_oom();
2348 goto finish;
2349 }
2350
2351 joined[0] = ascii_toupper(joined[0]);
2352 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2353 }
2354
2355 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2356 * and hence don't increase n_iovec for them */
2357 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2358 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2359
2360 t = strjoina(u->manager->unit_log_field, u->id);
2361 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2362
2363 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2364 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2365
2366 log_struct_iovec(log_level, iovec, n_iovec + 4);
2367 r = 0;
2368
2369 finish:
2370 for (i = 0; i < n_message_parts; i++)
2371 free(message_parts[i]);
2372
2373 for (i = 0; i < n_iovec; i++)
2374 free(iovec[i].iov_base);
2375
2376 return r;
2377
2378 }
2379
2380 static void unit_update_on_console(Unit *u) {
2381 bool b;
2382
2383 assert(u);
2384
2385 b = unit_needs_console(u);
2386 if (u->on_console == b)
2387 return;
2388
2389 u->on_console = b;
2390 if (b)
2391 manager_ref_console(u->manager);
2392 else
2393 manager_unref_console(u->manager);
2394 }
2395
2396 static void unit_emit_audit_start(Unit *u) {
2397 assert(u);
2398
2399 if (u->type != UNIT_SERVICE)
2400 return;
2401
2402 /* Write audit record if we have just finished starting up */
2403 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2404 u->in_audit = true;
2405 }
2406
2407 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2408 assert(u);
2409
2410 if (u->type != UNIT_SERVICE)
2411 return;
2412
2413 if (u->in_audit) {
2414 /* Write audit record if we have just finished shutting down */
2415 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2416 u->in_audit = false;
2417 } else {
2418 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2419 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2420
2421 if (state == UNIT_INACTIVE)
2422 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2423 }
2424 }
2425
2426 static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2427 bool unexpected = false;
2428 JobResult result;
2429
2430 assert(j);
2431
2432 if (j->state == JOB_WAITING)
2433
2434 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2435 * due to EAGAIN. */
2436 job_add_to_run_queue(j);
2437
2438 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2439 * hence needs to invalidate jobs. */
2440
2441 switch (j->type) {
2442
2443 case JOB_START:
2444 case JOB_VERIFY_ACTIVE:
2445
2446 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2447 job_finish_and_invalidate(j, JOB_DONE, true, false);
2448 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2449 unexpected = true;
2450
2451 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2452 if (ns == UNIT_FAILED)
2453 result = JOB_FAILED;
2454 else if (FLAGS_SET(flags, UNIT_NOTIFY_SKIP_CONDITION))
2455 result = JOB_SKIPPED;
2456 else
2457 result = JOB_DONE;
2458
2459 job_finish_and_invalidate(j, result, true, false);
2460 }
2461 }
2462
2463 break;
2464
2465 case JOB_RELOAD:
2466 case JOB_RELOAD_OR_START:
2467 case JOB_TRY_RELOAD:
2468
2469 if (j->state == JOB_RUNNING) {
2470 if (ns == UNIT_ACTIVE)
2471 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2472 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2473 unexpected = true;
2474
2475 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2476 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2477 }
2478 }
2479
2480 break;
2481
2482 case JOB_STOP:
2483 case JOB_RESTART:
2484 case JOB_TRY_RESTART:
2485
2486 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2487 job_finish_and_invalidate(j, JOB_DONE, true, false);
2488 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2489 unexpected = true;
2490 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2491 }
2492
2493 break;
2494
2495 default:
2496 assert_not_reached("Job type unknown");
2497 }
2498
2499 return unexpected;
2500 }
2501
2502 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2503 const char *reason;
2504 Manager *m;
2505
2506 assert(u);
2507 assert(os < _UNIT_ACTIVE_STATE_MAX);
2508 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2509
2510 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2511 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2512 * remounted this function will be called too! */
2513
2514 m = u->manager;
2515
2516 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2517 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2518 unit_add_to_dbus_queue(u);
2519
2520 /* Update timestamps for state changes */
2521 if (!MANAGER_IS_RELOADING(m)) {
2522 dual_timestamp_get(&u->state_change_timestamp);
2523
2524 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2525 u->inactive_exit_timestamp = u->state_change_timestamp;
2526 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2527 u->inactive_enter_timestamp = u->state_change_timestamp;
2528
2529 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2530 u->active_enter_timestamp = u->state_change_timestamp;
2531 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2532 u->active_exit_timestamp = u->state_change_timestamp;
2533 }
2534
2535 /* Keep track of failed units */
2536 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2537
2538 /* Make sure the cgroup and state files are always removed when we become inactive */
2539 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2540 unit_prune_cgroup(u);
2541 unit_unlink_state_files(u);
2542 }
2543
2544 unit_update_on_console(u);
2545
2546 if (!MANAGER_IS_RELOADING(m)) {
2547 bool unexpected;
2548
2549 /* Let's propagate state changes to the job */
2550 if (u->job)
2551 unexpected = unit_process_job(u->job, ns, flags);
2552 else
2553 unexpected = true;
2554
2555 /* If this state change happened without being requested by a job, then let's retroactively start or
2556 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2557 * additional jobs just because something is already activated. */
2558
2559 if (unexpected) {
2560 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2561 retroactively_start_dependencies(u);
2562 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2563 retroactively_stop_dependencies(u);
2564 }
2565
2566 /* stop unneeded units regardless if going down was expected or not */
2567 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2568 check_unneeded_dependencies(u);
2569
2570 if (ns != os && ns == UNIT_FAILED) {
2571 log_unit_debug(u, "Unit entered failed state.");
2572
2573 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2574 unit_start_on_failure(u);
2575 }
2576
2577 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2578 /* This unit just finished starting up */
2579
2580 unit_emit_audit_start(u);
2581 manager_send_unit_plymouth(m, u);
2582 }
2583
2584 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2585 /* This unit just stopped/failed. */
2586
2587 unit_emit_audit_stop(u, ns);
2588 unit_log_resources(u);
2589 }
2590 }
2591
2592 manager_recheck_journal(m);
2593 manager_recheck_dbus(m);
2594
2595 unit_trigger_notify(u);
2596
2597 if (!MANAGER_IS_RELOADING(m)) {
2598 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2599 unit_submit_to_stop_when_unneeded_queue(u);
2600
2601 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2602 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2603 * without ever entering started.) */
2604 unit_check_binds_to(u);
2605
2606 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2607 reason = strjoina("unit ", u->id, " failed");
2608 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2609 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2610 reason = strjoina("unit ", u->id, " succeeded");
2611 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2612 }
2613 }
2614
2615 unit_add_to_gc_queue(u);
2616 }
2617
2618 int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2619 int r;
2620
2621 assert(u);
2622 assert(pid_is_valid(pid));
2623
2624 /* Watch a specific PID */
2625
2626 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2627 * opportunity to remove any stalled references to this PID as they can be created
2628 * easily (when watching a process which is not our direct child). */
2629 if (exclusive)
2630 manager_unwatch_pid(u->manager, pid);
2631
2632 r = set_ensure_allocated(&u->pids, NULL);
2633 if (r < 0)
2634 return r;
2635
2636 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2637 if (r < 0)
2638 return r;
2639
2640 /* First try, let's add the unit keyed by "pid". */
2641 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2642 if (r == -EEXIST) {
2643 Unit **array;
2644 bool found = false;
2645 size_t n = 0;
2646
2647 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2648 * to an array of Units rather than just a Unit), lists us already. */
2649
2650 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2651 if (array)
2652 for (; array[n]; n++)
2653 if (array[n] == u)
2654 found = true;
2655
2656 if (found) /* Found it already? if so, do nothing */
2657 r = 0;
2658 else {
2659 Unit **new_array;
2660
2661 /* Allocate a new array */
2662 new_array = new(Unit*, n + 2);
2663 if (!new_array)
2664 return -ENOMEM;
2665
2666 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2667 new_array[n] = u;
2668 new_array[n+1] = NULL;
2669
2670 /* Add or replace the old array */
2671 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2672 if (r < 0) {
2673 free(new_array);
2674 return r;
2675 }
2676
2677 free(array);
2678 }
2679 } else if (r < 0)
2680 return r;
2681
2682 r = set_put(u->pids, PID_TO_PTR(pid));
2683 if (r < 0)
2684 return r;
2685
2686 return 0;
2687 }
2688
2689 void unit_unwatch_pid(Unit *u, pid_t pid) {
2690 Unit **array;
2691
2692 assert(u);
2693 assert(pid_is_valid(pid));
2694
2695 /* First let's drop the unit in case it's keyed as "pid". */
2696 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2697
2698 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2699 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2700 if (array) {
2701 size_t n, m = 0;
2702
2703 /* Let's iterate through the array, dropping our own entry */
2704 for (n = 0; array[n]; n++)
2705 if (array[n] != u)
2706 array[m++] = array[n];
2707 array[m] = NULL;
2708
2709 if (m == 0) {
2710 /* The array is now empty, remove the entire entry */
2711 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2712 free(array);
2713 }
2714 }
2715
2716 (void) set_remove(u->pids, PID_TO_PTR(pid));
2717 }
2718
2719 void unit_unwatch_all_pids(Unit *u) {
2720 assert(u);
2721
2722 while (!set_isempty(u->pids))
2723 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2724
2725 u->pids = set_free(u->pids);
2726 }
2727
2728 static void unit_tidy_watch_pids(Unit *u) {
2729 pid_t except1, except2;
2730 Iterator i;
2731 void *e;
2732
2733 assert(u);
2734
2735 /* Cleans dead PIDs from our list */
2736
2737 except1 = unit_main_pid(u);
2738 except2 = unit_control_pid(u);
2739
2740 SET_FOREACH(e, u->pids, i) {
2741 pid_t pid = PTR_TO_PID(e);
2742
2743 if (pid == except1 || pid == except2)
2744 continue;
2745
2746 if (!pid_is_unwaited(pid))
2747 unit_unwatch_pid(u, pid);
2748 }
2749 }
2750
2751 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2752 Unit *u = userdata;
2753
2754 assert(s);
2755 assert(u);
2756
2757 unit_tidy_watch_pids(u);
2758 unit_watch_all_pids(u);
2759
2760 /* If the PID set is empty now, then let's finish this off. */
2761 unit_synthesize_cgroup_empty_event(u);
2762
2763 return 0;
2764 }
2765
2766 int unit_enqueue_rewatch_pids(Unit *u) {
2767 int r;
2768
2769 assert(u);
2770
2771 if (!u->cgroup_path)
2772 return -ENOENT;
2773
2774 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2775 if (r < 0)
2776 return r;
2777 if (r > 0) /* On unified we can use proper notifications */
2778 return 0;
2779
2780 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2781 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2782 * involves issuing kill(pid, 0) on all processes we watch. */
2783
2784 if (!u->rewatch_pids_event_source) {
2785 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2786
2787 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2788 if (r < 0)
2789 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2790
2791 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2792 if (r < 0)
2793 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2794
2795 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2796
2797 u->rewatch_pids_event_source = TAKE_PTR(s);
2798 }
2799
2800 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2801 if (r < 0)
2802 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2803
2804 return 0;
2805 }
2806
2807 void unit_dequeue_rewatch_pids(Unit *u) {
2808 int r;
2809 assert(u);
2810
2811 if (!u->rewatch_pids_event_source)
2812 return;
2813
2814 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2815 if (r < 0)
2816 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2817
2818 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2819 }
2820
2821 bool unit_job_is_applicable(Unit *u, JobType j) {
2822 assert(u);
2823 assert(j >= 0 && j < _JOB_TYPE_MAX);
2824
2825 switch (j) {
2826
2827 case JOB_VERIFY_ACTIVE:
2828 case JOB_START:
2829 case JOB_NOP:
2830 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2831 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2832 * jobs for it. */
2833 return true;
2834
2835 case JOB_STOP:
2836 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2837 * external events), hence it makes no sense to permit enqueing such a request either. */
2838 return !u->perpetual;
2839
2840 case JOB_RESTART:
2841 case JOB_TRY_RESTART:
2842 return unit_can_stop(u) && unit_can_start(u);
2843
2844 case JOB_RELOAD:
2845 case JOB_TRY_RELOAD:
2846 return unit_can_reload(u);
2847
2848 case JOB_RELOAD_OR_START:
2849 return unit_can_reload(u) && unit_can_start(u);
2850
2851 default:
2852 assert_not_reached("Invalid job type");
2853 }
2854 }
2855
2856 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2857 assert(u);
2858
2859 /* Only warn about some unit types */
2860 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2861 return;
2862
2863 if (streq_ptr(u->id, other))
2864 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2865 else
2866 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2867 }
2868
2869 static int unit_add_dependency_hashmap(
2870 Hashmap **h,
2871 Unit *other,
2872 UnitDependencyMask origin_mask,
2873 UnitDependencyMask destination_mask) {
2874
2875 UnitDependencyInfo info;
2876 int r;
2877
2878 assert(h);
2879 assert(other);
2880 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2881 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2882 assert(origin_mask > 0 || destination_mask > 0);
2883
2884 r = hashmap_ensure_allocated(h, NULL);
2885 if (r < 0)
2886 return r;
2887
2888 assert_cc(sizeof(void*) == sizeof(info));
2889
2890 info.data = hashmap_get(*h, other);
2891 if (info.data) {
2892 /* Entry already exists. Add in our mask. */
2893
2894 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2895 FLAGS_SET(destination_mask, info.destination_mask))
2896 return 0; /* NOP */
2897
2898 info.origin_mask |= origin_mask;
2899 info.destination_mask |= destination_mask;
2900
2901 r = hashmap_update(*h, other, info.data);
2902 } else {
2903 info = (UnitDependencyInfo) {
2904 .origin_mask = origin_mask,
2905 .destination_mask = destination_mask,
2906 };
2907
2908 r = hashmap_put(*h, other, info.data);
2909 }
2910 if (r < 0)
2911 return r;
2912
2913 return 1;
2914 }
2915
2916 int unit_add_dependency(
2917 Unit *u,
2918 UnitDependency d,
2919 Unit *other,
2920 bool add_reference,
2921 UnitDependencyMask mask) {
2922
2923 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2924 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2925 [UNIT_WANTS] = UNIT_WANTED_BY,
2926 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2927 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2928 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2929 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2930 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2931 [UNIT_WANTED_BY] = UNIT_WANTS,
2932 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2933 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2934 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2935 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2936 [UNIT_BEFORE] = UNIT_AFTER,
2937 [UNIT_AFTER] = UNIT_BEFORE,
2938 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2939 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2940 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2941 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2942 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2943 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2944 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2945 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2946 };
2947 Unit *original_u = u, *original_other = other;
2948 int r;
2949
2950 assert(u);
2951 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2952 assert(other);
2953
2954 u = unit_follow_merge(u);
2955 other = unit_follow_merge(other);
2956
2957 /* We won't allow dependencies on ourselves. We will not
2958 * consider them an error however. */
2959 if (u == other) {
2960 maybe_warn_about_dependency(original_u, original_other->id, d);
2961 return 0;
2962 }
2963
2964 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2965 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2966 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2967 return 0;
2968 }
2969
2970 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2971 if (r < 0)
2972 return r;
2973
2974 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2975 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2976 if (r < 0)
2977 return r;
2978 }
2979
2980 if (add_reference) {
2981 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2982 if (r < 0)
2983 return r;
2984
2985 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2986 if (r < 0)
2987 return r;
2988 }
2989
2990 unit_add_to_dbus_queue(u);
2991 return 0;
2992 }
2993
2994 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2995 int r;
2996
2997 assert(u);
2998
2999 r = unit_add_dependency(u, d, other, add_reference, mask);
3000 if (r < 0)
3001 return r;
3002
3003 return unit_add_dependency(u, e, other, add_reference, mask);
3004 }
3005
3006 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
3007 int r;
3008
3009 assert(u);
3010 assert(name);
3011 assert(buf);
3012 assert(ret);
3013
3014 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3015 *buf = NULL;
3016 *ret = name;
3017 return 0;
3018 }
3019
3020 if (u->instance)
3021 r = unit_name_replace_instance(name, u->instance, buf);
3022 else {
3023 _cleanup_free_ char *i = NULL;
3024
3025 r = unit_name_to_prefix(u->id, &i);
3026 if (r < 0)
3027 return r;
3028
3029 r = unit_name_replace_instance(name, i, buf);
3030 }
3031 if (r < 0)
3032 return r;
3033
3034 *ret = *buf;
3035 return 0;
3036 }
3037
3038 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
3039 _cleanup_free_ char *buf = NULL;
3040 Unit *other;
3041 int r;
3042
3043 assert(u);
3044 assert(name);
3045
3046 r = resolve_template(u, name, &buf, &name);
3047 if (r < 0)
3048 return r;
3049
3050 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3051 if (r < 0)
3052 return r;
3053
3054 return unit_add_dependency(u, d, other, add_reference, mask);
3055 }
3056
3057 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
3058 _cleanup_free_ char *buf = NULL;
3059 Unit *other;
3060 int r;
3061
3062 assert(u);
3063 assert(name);
3064
3065 r = resolve_template(u, name, &buf, &name);
3066 if (r < 0)
3067 return r;
3068
3069 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3070 if (r < 0)
3071 return r;
3072
3073 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
3074 }
3075
3076 int set_unit_path(const char *p) {
3077 /* This is mostly for debug purposes */
3078 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
3079 return -errno;
3080
3081 return 0;
3082 }
3083
3084 char *unit_dbus_path(Unit *u) {
3085 assert(u);
3086
3087 if (!u->id)
3088 return NULL;
3089
3090 return unit_dbus_path_from_name(u->id);
3091 }
3092
3093 char *unit_dbus_path_invocation_id(Unit *u) {
3094 assert(u);
3095
3096 if (sd_id128_is_null(u->invocation_id))
3097 return NULL;
3098
3099 return unit_dbus_path_from_name(u->invocation_id_string);
3100 }
3101
3102 int unit_set_slice(Unit *u, Unit *slice) {
3103 assert(u);
3104 assert(slice);
3105
3106 /* Sets the unit slice if it has not been set before. Is extra
3107 * careful, to only allow this for units that actually have a
3108 * cgroup context. Also, we don't allow to set this for slices
3109 * (since the parent slice is derived from the name). Make
3110 * sure the unit we set is actually a slice. */
3111
3112 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3113 return -EOPNOTSUPP;
3114
3115 if (u->type == UNIT_SLICE)
3116 return -EINVAL;
3117
3118 if (unit_active_state(u) != UNIT_INACTIVE)
3119 return -EBUSY;
3120
3121 if (slice->type != UNIT_SLICE)
3122 return -EINVAL;
3123
3124 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3125 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3126 return -EPERM;
3127
3128 if (UNIT_DEREF(u->slice) == slice)
3129 return 0;
3130
3131 /* Disallow slice changes if @u is already bound to cgroups */
3132 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3133 return -EBUSY;
3134
3135 unit_ref_set(&u->slice, u, slice);
3136 return 1;
3137 }
3138
3139 int unit_set_default_slice(Unit *u) {
3140 const char *slice_name;
3141 Unit *slice;
3142 int r;
3143
3144 assert(u);
3145
3146 if (UNIT_ISSET(u->slice))
3147 return 0;
3148
3149 if (u->instance) {
3150 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3151
3152 /* Implicitly place all instantiated units in their
3153 * own per-template slice */
3154
3155 r = unit_name_to_prefix(u->id, &prefix);
3156 if (r < 0)
3157 return r;
3158
3159 /* The prefix is already escaped, but it might include
3160 * "-" which has a special meaning for slice units,
3161 * hence escape it here extra. */
3162 escaped = unit_name_escape(prefix);
3163 if (!escaped)
3164 return -ENOMEM;
3165
3166 if (MANAGER_IS_SYSTEM(u->manager))
3167 slice_name = strjoina("system-", escaped, ".slice");
3168 else
3169 slice_name = strjoina(escaped, ".slice");
3170 } else
3171 slice_name =
3172 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3173 ? SPECIAL_SYSTEM_SLICE
3174 : SPECIAL_ROOT_SLICE;
3175
3176 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3177 if (r < 0)
3178 return r;
3179
3180 return unit_set_slice(u, slice);
3181 }
3182
3183 const char *unit_slice_name(Unit *u) {
3184 assert(u);
3185
3186 if (!UNIT_ISSET(u->slice))
3187 return NULL;
3188
3189 return UNIT_DEREF(u->slice)->id;
3190 }
3191
3192 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3193 _cleanup_free_ char *t = NULL;
3194 int r;
3195
3196 assert(u);
3197 assert(type);
3198 assert(_found);
3199
3200 r = unit_name_change_suffix(u->id, type, &t);
3201 if (r < 0)
3202 return r;
3203 if (unit_has_name(u, t))
3204 return -EINVAL;
3205
3206 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3207 assert(r < 0 || *_found != u);
3208 return r;
3209 }
3210
3211 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3212 const char *name, *old_owner, *new_owner;
3213 Unit *u = userdata;
3214 int r;
3215
3216 assert(message);
3217 assert(u);
3218
3219 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3220 if (r < 0) {
3221 bus_log_parse_error(r);
3222 return 0;
3223 }
3224
3225 old_owner = empty_to_null(old_owner);
3226 new_owner = empty_to_null(new_owner);
3227
3228 if (UNIT_VTABLE(u)->bus_name_owner_change)
3229 UNIT_VTABLE(u)->bus_name_owner_change(u, old_owner, new_owner);
3230
3231 return 0;
3232 }
3233
3234 static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3235 const sd_bus_error *e;
3236 const char *new_owner;
3237 Unit *u = userdata;
3238 int r;
3239
3240 assert(message);
3241 assert(u);
3242
3243 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3244
3245 if (sd_bus_error_is_set(error)) {
3246 log_error("Failed to get name owner from bus: %s", error->message);
3247 return 0;
3248 }
3249
3250 e = sd_bus_message_get_error(message);
3251 if (sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3252 return 0;
3253
3254 if (e) {
3255 log_error("Unexpected error response from GetNameOwner: %s", e->message);
3256 return 0;
3257 }
3258
3259 r = sd_bus_message_read(message, "s", &new_owner);
3260 if (r < 0) {
3261 bus_log_parse_error(r);
3262 return 0;
3263 }
3264
3265 new_owner = empty_to_null(new_owner);
3266
3267 if (UNIT_VTABLE(u)->bus_name_owner_change)
3268 UNIT_VTABLE(u)->bus_name_owner_change(u, NULL, new_owner);
3269
3270 return 0;
3271 }
3272
3273 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3274 const char *match;
3275
3276 assert(u);
3277 assert(bus);
3278 assert(name);
3279
3280 if (u->match_bus_slot)
3281 return -EBUSY;
3282
3283 match = strjoina("type='signal',"
3284 "sender='org.freedesktop.DBus',"
3285 "path='/org/freedesktop/DBus',"
3286 "interface='org.freedesktop.DBus',"
3287 "member='NameOwnerChanged',"
3288 "arg0='", name, "'");
3289
3290 int r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3291 if (r < 0)
3292 return r;
3293
3294 return sd_bus_call_method_async(bus,
3295 &u->get_name_owner_slot,
3296 "org.freedesktop.DBus",
3297 "/org/freedesktop/DBus",
3298 "org.freedesktop.DBus",
3299 "GetNameOwner",
3300 get_name_owner_handler,
3301 u,
3302 "s", name);
3303 }
3304
3305 int unit_watch_bus_name(Unit *u, const char *name) {
3306 int r;
3307
3308 assert(u);
3309 assert(name);
3310
3311 /* Watch a specific name on the bus. We only support one unit
3312 * watching each name for now. */
3313
3314 if (u->manager->api_bus) {
3315 /* If the bus is already available, install the match directly.
3316 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3317 r = unit_install_bus_match(u, u->manager->api_bus, name);
3318 if (r < 0)
3319 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3320 }
3321
3322 r = hashmap_put(u->manager->watch_bus, name, u);
3323 if (r < 0) {
3324 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3325 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3326 }
3327
3328 return 0;
3329 }
3330
3331 void unit_unwatch_bus_name(Unit *u, const char *name) {
3332 assert(u);
3333 assert(name);
3334
3335 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3336 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3337 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3338 }
3339
3340 bool unit_can_serialize(Unit *u) {
3341 assert(u);
3342
3343 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3344 }
3345
3346 static int serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3347 _cleanup_free_ char *s = NULL;
3348 int r;
3349
3350 assert(f);
3351 assert(key);
3352
3353 if (mask == 0)
3354 return 0;
3355
3356 r = cg_mask_to_string(mask, &s);
3357 if (r < 0)
3358 return log_error_errno(r, "Failed to format cgroup mask: %m");
3359
3360 return serialize_item(f, key, s);
3361 }
3362
3363 static const char *const ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3364 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3365 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3366 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3367 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3368 };
3369
3370 static const char *const io_accounting_metric_field_base[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3371 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-base",
3372 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-base",
3373 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-base",
3374 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-base",
3375 };
3376
3377 static const char *const io_accounting_metric_field_last[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3378 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-last",
3379 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-last",
3380 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-last",
3381 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-last",
3382 };
3383
3384 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3385 CGroupIPAccountingMetric m;
3386 int r;
3387
3388 assert(u);
3389 assert(f);
3390 assert(fds);
3391
3392 if (unit_can_serialize(u)) {
3393 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3394 if (r < 0)
3395 return r;
3396 }
3397
3398 (void) serialize_dual_timestamp(f, "state-change-timestamp", &u->state_change_timestamp);
3399
3400 (void) serialize_dual_timestamp(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3401 (void) serialize_dual_timestamp(f, "active-enter-timestamp", &u->active_enter_timestamp);
3402 (void) serialize_dual_timestamp(f, "active-exit-timestamp", &u->active_exit_timestamp);
3403 (void) serialize_dual_timestamp(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3404
3405 (void) serialize_dual_timestamp(f, "condition-timestamp", &u->condition_timestamp);
3406 (void) serialize_dual_timestamp(f, "assert-timestamp", &u->assert_timestamp);
3407
3408 if (dual_timestamp_is_set(&u->condition_timestamp))
3409 (void) serialize_bool(f, "condition-result", u->condition_result);
3410
3411 if (dual_timestamp_is_set(&u->assert_timestamp))
3412 (void) serialize_bool(f, "assert-result", u->assert_result);
3413
3414 (void) serialize_bool(f, "transient", u->transient);
3415 (void) serialize_bool(f, "in-audit", u->in_audit);
3416
3417 (void) serialize_bool(f, "exported-invocation-id", u->exported_invocation_id);
3418 (void) serialize_bool(f, "exported-log-level-max", u->exported_log_level_max);
3419 (void) serialize_bool(f, "exported-log-extra-fields", u->exported_log_extra_fields);
3420 (void) serialize_bool(f, "exported-log-rate-limit-interval", u->exported_log_ratelimit_interval);
3421 (void) serialize_bool(f, "exported-log-rate-limit-burst", u->exported_log_ratelimit_burst);
3422
3423 (void) serialize_item_format(f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3424 if (u->cpu_usage_last != NSEC_INFINITY)
3425 (void) serialize_item_format(f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3426
3427 if (u->oom_kill_last > 0)
3428 (void) serialize_item_format(f, "oom-kill-last", "%" PRIu64, u->oom_kill_last);
3429
3430 for (CGroupIOAccountingMetric im = 0; im < _CGROUP_IO_ACCOUNTING_METRIC_MAX; im++) {
3431 (void) serialize_item_format(f, io_accounting_metric_field_base[im], "%" PRIu64, u->io_accounting_base[im]);
3432
3433 if (u->io_accounting_last[im] != UINT64_MAX)
3434 (void) serialize_item_format(f, io_accounting_metric_field_last[im], "%" PRIu64, u->io_accounting_last[im]);
3435 }
3436
3437 if (u->cgroup_path)
3438 (void) serialize_item(f, "cgroup", u->cgroup_path);
3439
3440 (void) serialize_bool(f, "cgroup-realized", u->cgroup_realized);
3441 (void) serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3442 (void) serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3443 (void) serialize_cgroup_mask(f, "cgroup-invalidated-mask", u->cgroup_invalidated_mask);
3444
3445 if (uid_is_valid(u->ref_uid))
3446 (void) serialize_item_format(f, "ref-uid", UID_FMT, u->ref_uid);
3447 if (gid_is_valid(u->ref_gid))
3448 (void) serialize_item_format(f, "ref-gid", GID_FMT, u->ref_gid);
3449
3450 if (!sd_id128_is_null(u->invocation_id))
3451 (void) serialize_item_format(f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3452
3453 bus_track_serialize(u->bus_track, f, "ref");
3454
3455 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3456 uint64_t v;
3457
3458 r = unit_get_ip_accounting(u, m, &v);
3459 if (r >= 0)
3460 (void) serialize_item_format(f, ip_accounting_metric_field[m], "%" PRIu64, v);
3461 }
3462
3463 if (serialize_jobs) {
3464 if (u->job) {
3465 fputs("job\n", f);
3466 job_serialize(u->job, f);
3467 }
3468
3469 if (u->nop_job) {
3470 fputs("job\n", f);
3471 job_serialize(u->nop_job, f);
3472 }
3473 }
3474
3475 /* End marker */
3476 fputc('\n', f);
3477 return 0;
3478 }
3479
3480 static int unit_deserialize_job(Unit *u, FILE *f) {
3481 _cleanup_(job_freep) Job *j = NULL;
3482 int r;
3483
3484 assert(u);
3485 assert(f);
3486
3487 j = job_new_raw(u);
3488 if (!j)
3489 return log_oom();
3490
3491 r = job_deserialize(j, f);
3492 if (r < 0)
3493 return r;
3494
3495 r = job_install_deserialized(j);
3496 if (r < 0)
3497 return r;
3498
3499 TAKE_PTR(j);
3500 return 0;
3501 }
3502
3503 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3504 int r;
3505
3506 assert(u);
3507 assert(f);
3508 assert(fds);
3509
3510 for (;;) {
3511 _cleanup_free_ char *line = NULL;
3512 char *l, *v;
3513 ssize_t m;
3514 size_t k;
3515
3516 r = read_line(f, LONG_LINE_MAX, &line);
3517 if (r < 0)
3518 return log_error_errno(r, "Failed to read serialization line: %m");
3519 if (r == 0) /* eof */
3520 break;
3521
3522 l = strstrip(line);
3523 if (isempty(l)) /* End marker */
3524 break;
3525
3526 k = strcspn(l, "=");
3527
3528 if (l[k] == '=') {
3529 l[k] = 0;
3530 v = l+k+1;
3531 } else
3532 v = l+k;
3533
3534 if (streq(l, "job")) {
3535 if (v[0] == '\0') {
3536 /* New-style serialized job */
3537 r = unit_deserialize_job(u, f);
3538 if (r < 0)
3539 return r;
3540 } else /* Legacy for pre-44 */
3541 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3542 continue;
3543 } else if (streq(l, "state-change-timestamp")) {
3544 (void) deserialize_dual_timestamp(v, &u->state_change_timestamp);
3545 continue;
3546 } else if (streq(l, "inactive-exit-timestamp")) {
3547 (void) deserialize_dual_timestamp(v, &u->inactive_exit_timestamp);
3548 continue;
3549 } else if (streq(l, "active-enter-timestamp")) {
3550 (void) deserialize_dual_timestamp(v, &u->active_enter_timestamp);
3551 continue;
3552 } else if (streq(l, "active-exit-timestamp")) {
3553 (void) deserialize_dual_timestamp(v, &u->active_exit_timestamp);
3554 continue;
3555 } else if (streq(l, "inactive-enter-timestamp")) {
3556 (void) deserialize_dual_timestamp(v, &u->inactive_enter_timestamp);
3557 continue;
3558 } else if (streq(l, "condition-timestamp")) {
3559 (void) deserialize_dual_timestamp(v, &u->condition_timestamp);
3560 continue;
3561 } else if (streq(l, "assert-timestamp")) {
3562 (void) deserialize_dual_timestamp(v, &u->assert_timestamp);
3563 continue;
3564 } else if (streq(l, "condition-result")) {
3565
3566 r = parse_boolean(v);
3567 if (r < 0)
3568 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3569 else
3570 u->condition_result = r;
3571
3572 continue;
3573
3574 } else if (streq(l, "assert-result")) {
3575
3576 r = parse_boolean(v);
3577 if (r < 0)
3578 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3579 else
3580 u->assert_result = r;
3581
3582 continue;
3583
3584 } else if (streq(l, "transient")) {
3585
3586 r = parse_boolean(v);
3587 if (r < 0)
3588 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3589 else
3590 u->transient = r;
3591
3592 continue;
3593
3594 } else if (streq(l, "in-audit")) {
3595
3596 r = parse_boolean(v);
3597 if (r < 0)
3598 log_unit_debug(u, "Failed to parse in-audit bool %s, ignoring.", v);
3599 else
3600 u->in_audit = r;
3601
3602 continue;
3603
3604 } else if (streq(l, "exported-invocation-id")) {
3605
3606 r = parse_boolean(v);
3607 if (r < 0)
3608 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3609 else
3610 u->exported_invocation_id = r;
3611
3612 continue;
3613
3614 } else if (streq(l, "exported-log-level-max")) {
3615
3616 r = parse_boolean(v);
3617 if (r < 0)
3618 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3619 else
3620 u->exported_log_level_max = r;
3621
3622 continue;
3623
3624 } else if (streq(l, "exported-log-extra-fields")) {
3625
3626 r = parse_boolean(v);
3627 if (r < 0)
3628 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3629 else
3630 u->exported_log_extra_fields = r;
3631
3632 continue;
3633
3634 } else if (streq(l, "exported-log-rate-limit-interval")) {
3635
3636 r = parse_boolean(v);
3637 if (r < 0)
3638 log_unit_debug(u, "Failed to parse exported log rate limit interval %s, ignoring.", v);
3639 else
3640 u->exported_log_ratelimit_interval = r;
3641
3642 continue;
3643
3644 } else if (streq(l, "exported-log-rate-limit-burst")) {
3645
3646 r = parse_boolean(v);
3647 if (r < 0)
3648 log_unit_debug(u, "Failed to parse exported log rate limit burst %s, ignoring.", v);
3649 else
3650 u->exported_log_ratelimit_burst = r;
3651
3652 continue;
3653
3654 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3655
3656 r = safe_atou64(v, &u->cpu_usage_base);
3657 if (r < 0)
3658 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3659
3660 continue;
3661
3662 } else if (streq(l, "cpu-usage-last")) {
3663
3664 r = safe_atou64(v, &u->cpu_usage_last);
3665 if (r < 0)
3666 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3667
3668 continue;
3669
3670 } else if (streq(l, "oom-kill-last")) {
3671
3672 r = safe_atou64(v, &u->oom_kill_last);
3673 if (r < 0)
3674 log_unit_debug(u, "Failed to read OOM kill last %s, ignoring.", v);
3675
3676 continue;
3677
3678 } else if (streq(l, "cgroup")) {
3679
3680 r = unit_set_cgroup_path(u, v);
3681 if (r < 0)
3682 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3683
3684 (void) unit_watch_cgroup(u);
3685 (void) unit_watch_cgroup_memory(u);
3686
3687 continue;
3688 } else if (streq(l, "cgroup-realized")) {
3689 int b;
3690
3691 b = parse_boolean(v);
3692 if (b < 0)
3693 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3694 else
3695 u->cgroup_realized = b;
3696
3697 continue;
3698
3699 } else if (streq(l, "cgroup-realized-mask")) {
3700
3701 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3702 if (r < 0)
3703 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3704 continue;
3705
3706 } else if (streq(l, "cgroup-enabled-mask")) {
3707
3708 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3709 if (r < 0)
3710 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3711 continue;
3712
3713 } else if (streq(l, "cgroup-invalidated-mask")) {
3714
3715 r = cg_mask_from_string(v, &u->cgroup_invalidated_mask);
3716 if (r < 0)
3717 log_unit_debug(u, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v);
3718 continue;
3719
3720 } else if (streq(l, "ref-uid")) {
3721 uid_t uid;
3722
3723 r = parse_uid(v, &uid);
3724 if (r < 0)
3725 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3726 else
3727 unit_ref_uid_gid(u, uid, GID_INVALID);
3728
3729 continue;
3730
3731 } else if (streq(l, "ref-gid")) {
3732 gid_t gid;
3733
3734 r = parse_gid(v, &gid);
3735 if (r < 0)
3736 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3737 else
3738 unit_ref_uid_gid(u, UID_INVALID, gid);
3739
3740 continue;
3741
3742 } else if (streq(l, "ref")) {
3743
3744 r = strv_extend(&u->deserialized_refs, v);
3745 if (r < 0)
3746 return log_oom();
3747
3748 continue;
3749 } else if (streq(l, "invocation-id")) {
3750 sd_id128_t id;
3751
3752 r = sd_id128_from_string(v, &id);
3753 if (r < 0)
3754 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3755 else {
3756 r = unit_set_invocation_id(u, id);
3757 if (r < 0)
3758 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3759 }
3760
3761 continue;
3762 }
3763
3764 /* Check if this is an IP accounting metric serialization field */
3765 m = string_table_lookup(ip_accounting_metric_field, ELEMENTSOF(ip_accounting_metric_field), l);
3766 if (m >= 0) {
3767 uint64_t c;
3768
3769 r = safe_atou64(v, &c);
3770 if (r < 0)
3771 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3772 else
3773 u->ip_accounting_extra[m] = c;
3774 continue;
3775 }
3776
3777 m = string_table_lookup(io_accounting_metric_field_base, ELEMENTSOF(io_accounting_metric_field_base), l);
3778 if (m >= 0) {
3779 uint64_t c;
3780
3781 r = safe_atou64(v, &c);
3782 if (r < 0)
3783 log_unit_debug(u, "Failed to parse IO accounting base value %s, ignoring.", v);
3784 else
3785 u->io_accounting_base[m] = c;
3786 continue;
3787 }
3788
3789 m = string_table_lookup(io_accounting_metric_field_last, ELEMENTSOF(io_accounting_metric_field_last), l);
3790 if (m >= 0) {
3791 uint64_t c;
3792
3793 r = safe_atou64(v, &c);
3794 if (r < 0)
3795 log_unit_debug(u, "Failed to parse IO accounting last value %s, ignoring.", v);
3796 else
3797 u->io_accounting_last[m] = c;
3798 continue;
3799 }
3800
3801 if (unit_can_serialize(u)) {
3802 r = exec_runtime_deserialize_compat(u, l, v, fds);
3803 if (r < 0) {
3804 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3805 continue;
3806 }
3807
3808 /* Returns positive if key was handled by the call */
3809 if (r > 0)
3810 continue;
3811
3812 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3813 if (r < 0)
3814 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3815 }
3816 }
3817
3818 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3819 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3820 * before 228 where the base for timeouts was not persistent across reboots. */
3821
3822 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3823 dual_timestamp_get(&u->state_change_timestamp);
3824
3825 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3826 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3827 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3828 unit_invalidate_cgroup_bpf(u);
3829
3830 return 0;
3831 }
3832
3833 int unit_deserialize_skip(FILE *f) {
3834 int r;
3835 assert(f);
3836
3837 /* Skip serialized data for this unit. We don't know what it is. */
3838
3839 for (;;) {
3840 _cleanup_free_ char *line = NULL;
3841 char *l;
3842
3843 r = read_line(f, LONG_LINE_MAX, &line);
3844 if (r < 0)
3845 return log_error_errno(r, "Failed to read serialization line: %m");
3846 if (r == 0)
3847 return 0;
3848
3849 l = strstrip(line);
3850
3851 /* End marker */
3852 if (isempty(l))
3853 return 1;
3854 }
3855 }
3856
3857 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3858 Unit *device;
3859 _cleanup_free_ char *e = NULL;
3860 int r;
3861
3862 assert(u);
3863
3864 /* Adds in links to the device node that this unit is based on */
3865 if (isempty(what))
3866 return 0;
3867
3868 if (!is_device_path(what))
3869 return 0;
3870
3871 /* When device units aren't supported (such as in a
3872 * container), don't create dependencies on them. */
3873 if (!unit_type_supported(UNIT_DEVICE))
3874 return 0;
3875
3876 r = unit_name_from_path(what, ".device", &e);
3877 if (r < 0)
3878 return r;
3879
3880 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3881 if (r < 0)
3882 return r;
3883
3884 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3885 dep = UNIT_BINDS_TO;
3886
3887 r = unit_add_two_dependencies(u, UNIT_AFTER,
3888 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3889 device, true, mask);
3890 if (r < 0)
3891 return r;
3892
3893 if (wants) {
3894 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3895 if (r < 0)
3896 return r;
3897 }
3898
3899 return 0;
3900 }
3901
3902 int unit_coldplug(Unit *u) {
3903 int r = 0, q;
3904 char **i;
3905 Job *uj;
3906
3907 assert(u);
3908
3909 /* Make sure we don't enter a loop, when coldplugging recursively. */
3910 if (u->coldplugged)
3911 return 0;
3912
3913 u->coldplugged = true;
3914
3915 STRV_FOREACH(i, u->deserialized_refs) {
3916 q = bus_unit_track_add_name(u, *i);
3917 if (q < 0 && r >= 0)
3918 r = q;
3919 }
3920 u->deserialized_refs = strv_free(u->deserialized_refs);
3921
3922 if (UNIT_VTABLE(u)->coldplug) {
3923 q = UNIT_VTABLE(u)->coldplug(u);
3924 if (q < 0 && r >= 0)
3925 r = q;
3926 }
3927
3928 uj = u->job ?: u->nop_job;
3929 if (uj) {
3930 q = job_coldplug(uj);
3931 if (q < 0 && r >= 0)
3932 r = q;
3933 }
3934
3935 return r;
3936 }
3937
3938 void unit_catchup(Unit *u) {
3939 assert(u);
3940
3941 if (UNIT_VTABLE(u)->catchup)
3942 UNIT_VTABLE(u)->catchup(u);
3943 }
3944
3945 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3946 struct stat st;
3947
3948 if (!path)
3949 return false;
3950
3951 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3952 * are never out-of-date. */
3953 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3954 return false;
3955
3956 if (stat(path, &st) < 0)
3957 /* What, cannot access this anymore? */
3958 return true;
3959
3960 if (path_masked)
3961 /* For masked files check if they are still so */
3962 return !null_or_empty(&st);
3963 else
3964 /* For non-empty files check the mtime */
3965 return timespec_load(&st.st_mtim) > mtime;
3966
3967 return false;
3968 }
3969
3970 bool unit_need_daemon_reload(Unit *u) {
3971 _cleanup_strv_free_ char **t = NULL;
3972 char **path;
3973
3974 assert(u);
3975
3976 /* For unit files, we allow masking… */
3977 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3978 u->load_state == UNIT_MASKED))
3979 return true;
3980
3981 /* Source paths should not be masked… */
3982 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3983 return true;
3984
3985 if (u->load_state == UNIT_LOADED)
3986 (void) unit_find_dropin_paths(u, &t);
3987 if (!strv_equal(u->dropin_paths, t))
3988 return true;
3989
3990 /* … any drop-ins that are masked are simply omitted from the list. */
3991 STRV_FOREACH(path, u->dropin_paths)
3992 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3993 return true;
3994
3995 return false;
3996 }
3997
3998 void unit_reset_failed(Unit *u) {
3999 assert(u);
4000
4001 if (UNIT_VTABLE(u)->reset_failed)
4002 UNIT_VTABLE(u)->reset_failed(u);
4003
4004 ratelimit_reset(&u->start_ratelimit);
4005 u->start_limit_hit = false;
4006 }
4007
4008 Unit *unit_following(Unit *u) {
4009 assert(u);
4010
4011 if (UNIT_VTABLE(u)->following)
4012 return UNIT_VTABLE(u)->following(u);
4013
4014 return NULL;
4015 }
4016
4017 bool unit_stop_pending(Unit *u) {
4018 assert(u);
4019
4020 /* This call does check the current state of the unit. It's
4021 * hence useful to be called from state change calls of the
4022 * unit itself, where the state isn't updated yet. This is
4023 * different from unit_inactive_or_pending() which checks both
4024 * the current state and for a queued job. */
4025
4026 return unit_has_job_type(u, JOB_STOP);
4027 }
4028
4029 bool unit_inactive_or_pending(Unit *u) {
4030 assert(u);
4031
4032 /* Returns true if the unit is inactive or going down */
4033
4034 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
4035 return true;
4036
4037 if (unit_stop_pending(u))
4038 return true;
4039
4040 return false;
4041 }
4042
4043 bool unit_active_or_pending(Unit *u) {
4044 assert(u);
4045
4046 /* Returns true if the unit is active or going up */
4047
4048 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
4049 return true;
4050
4051 if (u->job &&
4052 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
4053 return true;
4054
4055 return false;
4056 }
4057
4058 bool unit_will_restart_default(Unit *u) {
4059 assert(u);
4060
4061 return unit_has_job_type(u, JOB_START);
4062 }
4063
4064 bool unit_will_restart(Unit *u) {
4065 assert(u);
4066
4067 if (!UNIT_VTABLE(u)->will_restart)
4068 return false;
4069
4070 return UNIT_VTABLE(u)->will_restart(u);
4071 }
4072
4073 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
4074 assert(u);
4075 assert(w >= 0 && w < _KILL_WHO_MAX);
4076 assert(SIGNAL_VALID(signo));
4077
4078 if (!UNIT_VTABLE(u)->kill)
4079 return -EOPNOTSUPP;
4080
4081 return UNIT_VTABLE(u)->kill(u, w, signo, error);
4082 }
4083
4084 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
4085 _cleanup_set_free_ Set *pid_set = NULL;
4086 int r;
4087
4088 pid_set = set_new(NULL);
4089 if (!pid_set)
4090 return NULL;
4091
4092 /* Exclude the main/control pids from being killed via the cgroup */
4093 if (main_pid > 0) {
4094 r = set_put(pid_set, PID_TO_PTR(main_pid));
4095 if (r < 0)
4096 return NULL;
4097 }
4098
4099 if (control_pid > 0) {
4100 r = set_put(pid_set, PID_TO_PTR(control_pid));
4101 if (r < 0)
4102 return NULL;
4103 }
4104
4105 return TAKE_PTR(pid_set);
4106 }
4107
4108 int unit_kill_common(
4109 Unit *u,
4110 KillWho who,
4111 int signo,
4112 pid_t main_pid,
4113 pid_t control_pid,
4114 sd_bus_error *error) {
4115
4116 int r = 0;
4117 bool killed = false;
4118
4119 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
4120 if (main_pid < 0)
4121 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
4122 else if (main_pid == 0)
4123 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
4124 }
4125
4126 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
4127 if (control_pid < 0)
4128 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
4129 else if (control_pid == 0)
4130 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
4131 }
4132
4133 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
4134 if (control_pid > 0) {
4135 if (kill(control_pid, signo) < 0)
4136 r = -errno;
4137 else
4138 killed = true;
4139 }
4140
4141 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
4142 if (main_pid > 0) {
4143 if (kill(main_pid, signo) < 0)
4144 r = -errno;
4145 else
4146 killed = true;
4147 }
4148
4149 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
4150 _cleanup_set_free_ Set *pid_set = NULL;
4151 int q;
4152
4153 /* Exclude the main/control pids from being killed via the cgroup */
4154 pid_set = unit_pid_set(main_pid, control_pid);
4155 if (!pid_set)
4156 return -ENOMEM;
4157
4158 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
4159 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
4160 r = q;
4161 else
4162 killed = true;
4163 }
4164
4165 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
4166 return -ESRCH;
4167
4168 return r;
4169 }
4170
4171 int unit_following_set(Unit *u, Set **s) {
4172 assert(u);
4173 assert(s);
4174
4175 if (UNIT_VTABLE(u)->following_set)
4176 return UNIT_VTABLE(u)->following_set(u, s);
4177
4178 *s = NULL;
4179 return 0;
4180 }
4181
4182 UnitFileState unit_get_unit_file_state(Unit *u) {
4183 int r;
4184
4185 assert(u);
4186
4187 if (u->unit_file_state < 0 && u->fragment_path) {
4188 r = unit_file_get_state(
4189 u->manager->unit_file_scope,
4190 NULL,
4191 u->id,
4192 &u->unit_file_state);
4193 if (r < 0)
4194 u->unit_file_state = UNIT_FILE_BAD;
4195 }
4196
4197 return u->unit_file_state;
4198 }
4199
4200 int unit_get_unit_file_preset(Unit *u) {
4201 assert(u);
4202
4203 if (u->unit_file_preset < 0 && u->fragment_path)
4204 u->unit_file_preset = unit_file_query_preset(
4205 u->manager->unit_file_scope,
4206 NULL,
4207 basename(u->fragment_path));
4208
4209 return u->unit_file_preset;
4210 }
4211
4212 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4213 assert(ref);
4214 assert(source);
4215 assert(target);
4216
4217 if (ref->target)
4218 unit_ref_unset(ref);
4219
4220 ref->source = source;
4221 ref->target = target;
4222 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4223 return target;
4224 }
4225
4226 void unit_ref_unset(UnitRef *ref) {
4227 assert(ref);
4228
4229 if (!ref->target)
4230 return;
4231
4232 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4233 * be unreferenced now. */
4234 unit_add_to_gc_queue(ref->target);
4235
4236 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4237 ref->source = ref->target = NULL;
4238 }
4239
4240 static int user_from_unit_name(Unit *u, char **ret) {
4241
4242 static const uint8_t hash_key[] = {
4243 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4244 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4245 };
4246
4247 _cleanup_free_ char *n = NULL;
4248 int r;
4249
4250 r = unit_name_to_prefix(u->id, &n);
4251 if (r < 0)
4252 return r;
4253
4254 if (valid_user_group_name(n)) {
4255 *ret = TAKE_PTR(n);
4256 return 0;
4257 }
4258
4259 /* If we can't use the unit name as a user name, then let's hash it and use that */
4260 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4261 return -ENOMEM;
4262
4263 return 0;
4264 }
4265
4266 int unit_patch_contexts(Unit *u) {
4267 CGroupContext *cc;
4268 ExecContext *ec;
4269 unsigned i;
4270 int r;
4271
4272 assert(u);
4273
4274 /* Patch in the manager defaults into the exec and cgroup
4275 * contexts, _after_ the rest of the settings have been
4276 * initialized */
4277
4278 ec = unit_get_exec_context(u);
4279 if (ec) {
4280 /* This only copies in the ones that need memory */
4281 for (i = 0; i < _RLIMIT_MAX; i++)
4282 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4283 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4284 if (!ec->rlimit[i])
4285 return -ENOMEM;
4286 }
4287
4288 if (MANAGER_IS_USER(u->manager) &&
4289 !ec->working_directory) {
4290
4291 r = get_home_dir(&ec->working_directory);
4292 if (r < 0)
4293 return r;
4294
4295 /* Allow user services to run, even if the
4296 * home directory is missing */
4297 ec->working_directory_missing_ok = true;
4298 }
4299
4300 if (ec->private_devices)
4301 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4302
4303 if (ec->protect_kernel_modules)
4304 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4305
4306 if (ec->dynamic_user) {
4307 if (!ec->user) {
4308 r = user_from_unit_name(u, &ec->user);
4309 if (r < 0)
4310 return r;
4311 }
4312
4313 if (!ec->group) {
4314 ec->group = strdup(ec->user);
4315 if (!ec->group)
4316 return -ENOMEM;
4317 }
4318
4319 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4320 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4321 * sandbox. */
4322
4323 ec->private_tmp = true;
4324 ec->remove_ipc = true;
4325 ec->protect_system = PROTECT_SYSTEM_STRICT;
4326 if (ec->protect_home == PROTECT_HOME_NO)
4327 ec->protect_home = PROTECT_HOME_READ_ONLY;
4328
4329 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4330 * them. */
4331 ec->no_new_privileges = true;
4332 ec->restrict_suid_sgid = true;
4333 }
4334 }
4335
4336 cc = unit_get_cgroup_context(u);
4337 if (cc && ec) {
4338
4339 if (ec->private_devices &&
4340 cc->device_policy == CGROUP_AUTO)
4341 cc->device_policy = CGROUP_CLOSED;
4342
4343 if (ec->root_image &&
4344 (cc->device_policy != CGROUP_AUTO || cc->device_allow)) {
4345
4346 /* When RootImage= is specified, the following devices are touched. */
4347 r = cgroup_add_device_allow(cc, "/dev/loop-control", "rw");
4348 if (r < 0)
4349 return r;
4350
4351 r = cgroup_add_device_allow(cc, "block-loop", "rwm");
4352 if (r < 0)
4353 return r;
4354
4355 r = cgroup_add_device_allow(cc, "block-blkext", "rwm");
4356 if (r < 0)
4357 return r;
4358 }
4359 }
4360
4361 return 0;
4362 }
4363
4364 ExecContext *unit_get_exec_context(Unit *u) {
4365 size_t offset;
4366 assert(u);
4367
4368 if (u->type < 0)
4369 return NULL;
4370
4371 offset = UNIT_VTABLE(u)->exec_context_offset;
4372 if (offset <= 0)
4373 return NULL;
4374
4375 return (ExecContext*) ((uint8_t*) u + offset);
4376 }
4377
4378 KillContext *unit_get_kill_context(Unit *u) {
4379 size_t offset;
4380 assert(u);
4381
4382 if (u->type < 0)
4383 return NULL;
4384
4385 offset = UNIT_VTABLE(u)->kill_context_offset;
4386 if (offset <= 0)
4387 return NULL;
4388
4389 return (KillContext*) ((uint8_t*) u + offset);
4390 }
4391
4392 CGroupContext *unit_get_cgroup_context(Unit *u) {
4393 size_t offset;
4394
4395 if (u->type < 0)
4396 return NULL;
4397
4398 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4399 if (offset <= 0)
4400 return NULL;
4401
4402 return (CGroupContext*) ((uint8_t*) u + offset);
4403 }
4404
4405 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4406 size_t offset;
4407
4408 if (u->type < 0)
4409 return NULL;
4410
4411 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4412 if (offset <= 0)
4413 return NULL;
4414
4415 return *(ExecRuntime**) ((uint8_t*) u + offset);
4416 }
4417
4418 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4419 assert(u);
4420
4421 if (UNIT_WRITE_FLAGS_NOOP(flags))
4422 return NULL;
4423
4424 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4425 return u->manager->lookup_paths.transient;
4426
4427 if (flags & UNIT_PERSISTENT)
4428 return u->manager->lookup_paths.persistent_control;
4429
4430 if (flags & UNIT_RUNTIME)
4431 return u->manager->lookup_paths.runtime_control;
4432
4433 return NULL;
4434 }
4435
4436 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4437 char *ret = NULL;
4438
4439 if (!s)
4440 return NULL;
4441
4442 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4443 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4444 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4445 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4446 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4447 * allocations. */
4448
4449 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4450 ret = specifier_escape(s);
4451 if (!ret)
4452 return NULL;
4453
4454 s = ret;
4455 }
4456
4457 if (flags & UNIT_ESCAPE_C) {
4458 char *a;
4459
4460 a = cescape(s);
4461 free(ret);
4462 if (!a)
4463 return NULL;
4464
4465 ret = a;
4466 }
4467
4468 if (buf) {
4469 *buf = ret;
4470 return ret ?: (char*) s;
4471 }
4472
4473 return ret ?: strdup(s);
4474 }
4475
4476 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4477 _cleanup_free_ char *result = NULL;
4478 size_t n = 0, allocated = 0;
4479 char **i;
4480
4481 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4482 * way suitable for ExecStart= stanzas */
4483
4484 STRV_FOREACH(i, l) {
4485 _cleanup_free_ char *buf = NULL;
4486 const char *p;
4487 size_t a;
4488 char *q;
4489
4490 p = unit_escape_setting(*i, flags, &buf);
4491 if (!p)
4492 return NULL;
4493
4494 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4495 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4496 return NULL;
4497
4498 q = result + n;
4499 if (n > 0)
4500 *(q++) = ' ';
4501
4502 *(q++) = '"';
4503 q = stpcpy(q, p);
4504 *(q++) = '"';
4505
4506 n += a;
4507 }
4508
4509 if (!GREEDY_REALLOC(result, allocated, n + 1))
4510 return NULL;
4511
4512 result[n] = 0;
4513
4514 return TAKE_PTR(result);
4515 }
4516
4517 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4518 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4519 const char *dir, *wrapped;
4520 int r;
4521
4522 assert(u);
4523 assert(name);
4524 assert(data);
4525
4526 if (UNIT_WRITE_FLAGS_NOOP(flags))
4527 return 0;
4528
4529 data = unit_escape_setting(data, flags, &escaped);
4530 if (!data)
4531 return -ENOMEM;
4532
4533 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4534 * previous section header is the same */
4535
4536 if (flags & UNIT_PRIVATE) {
4537 if (!UNIT_VTABLE(u)->private_section)
4538 return -EINVAL;
4539
4540 if (!u->transient_file || u->last_section_private < 0)
4541 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4542 else if (u->last_section_private == 0)
4543 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4544 } else {
4545 if (!u->transient_file || u->last_section_private < 0)
4546 data = strjoina("[Unit]\n", data);
4547 else if (u->last_section_private > 0)
4548 data = strjoina("\n[Unit]\n", data);
4549 }
4550
4551 if (u->transient_file) {
4552 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4553 * write to the transient unit file. */
4554 fputs(data, u->transient_file);
4555
4556 if (!endswith(data, "\n"))
4557 fputc('\n', u->transient_file);
4558
4559 /* Remember which section we wrote this entry to */
4560 u->last_section_private = !!(flags & UNIT_PRIVATE);
4561 return 0;
4562 }
4563
4564 dir = unit_drop_in_dir(u, flags);
4565 if (!dir)
4566 return -EINVAL;
4567
4568 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4569 "# or an equivalent operation. Do not edit.\n",
4570 data,
4571 "\n");
4572
4573 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4574 if (r < 0)
4575 return r;
4576
4577 (void) mkdir_p_label(p, 0755);
4578
4579 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4580 * recreate the cache after every drop-in we write. */
4581 if (u->manager->unit_path_cache) {
4582 r = set_put_strdup(u->manager->unit_path_cache, p);
4583 if (r < 0)
4584 return r;
4585 }
4586
4587 r = write_string_file_atomic_label(q, wrapped);
4588 if (r < 0)
4589 return r;
4590
4591 r = strv_push(&u->dropin_paths, q);
4592 if (r < 0)
4593 return r;
4594 q = NULL;
4595
4596 strv_uniq(u->dropin_paths);
4597
4598 u->dropin_mtime = now(CLOCK_REALTIME);
4599
4600 return 0;
4601 }
4602
4603 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4604 _cleanup_free_ char *p = NULL;
4605 va_list ap;
4606 int r;
4607
4608 assert(u);
4609 assert(name);
4610 assert(format);
4611
4612 if (UNIT_WRITE_FLAGS_NOOP(flags))
4613 return 0;
4614
4615 va_start(ap, format);
4616 r = vasprintf(&p, format, ap);
4617 va_end(ap);
4618
4619 if (r < 0)
4620 return -ENOMEM;
4621
4622 return unit_write_setting(u, flags, name, p);
4623 }
4624
4625 int unit_make_transient(Unit *u) {
4626 _cleanup_free_ char *path = NULL;
4627 FILE *f;
4628
4629 assert(u);
4630
4631 if (!UNIT_VTABLE(u)->can_transient)
4632 return -EOPNOTSUPP;
4633
4634 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4635
4636 path = path_join(u->manager->lookup_paths.transient, u->id);
4637 if (!path)
4638 return -ENOMEM;
4639
4640 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4641 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4642
4643 RUN_WITH_UMASK(0022) {
4644 f = fopen(path, "we");
4645 if (!f)
4646 return -errno;
4647 }
4648
4649 safe_fclose(u->transient_file);
4650 u->transient_file = f;
4651
4652 free_and_replace(u->fragment_path, path);
4653
4654 u->source_path = mfree(u->source_path);
4655 u->dropin_paths = strv_free(u->dropin_paths);
4656 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4657
4658 u->load_state = UNIT_STUB;
4659 u->load_error = 0;
4660 u->transient = true;
4661
4662 unit_add_to_dbus_queue(u);
4663 unit_add_to_gc_queue(u);
4664
4665 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4666 u->transient_file);
4667
4668 return 0;
4669 }
4670
4671 static int log_kill(pid_t pid, int sig, void *userdata) {
4672 _cleanup_free_ char *comm = NULL;
4673
4674 (void) get_process_comm(pid, &comm);
4675
4676 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4677 only, like for example systemd's own PAM stub process. */
4678 if (comm && comm[0] == '(')
4679 return 0;
4680
4681 log_unit_notice(userdata,
4682 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4683 pid,
4684 strna(comm),
4685 signal_to_string(sig));
4686
4687 return 1;
4688 }
4689
4690 static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
4691 assert(c);
4692
4693 switch (k) {
4694
4695 case KILL_TERMINATE:
4696 case KILL_TERMINATE_AND_LOG:
4697 *noteworthy = false;
4698 return c->kill_signal;
4699
4700 case KILL_RESTART:
4701 *noteworthy = false;
4702 return restart_kill_signal(c);
4703
4704 case KILL_KILL:
4705 *noteworthy = true;
4706 return c->final_kill_signal;
4707
4708 case KILL_WATCHDOG:
4709 *noteworthy = true;
4710 return c->watchdog_signal;
4711
4712 default:
4713 assert_not_reached("KillOperation unknown");
4714 }
4715 }
4716
4717 int unit_kill_context(
4718 Unit *u,
4719 KillContext *c,
4720 KillOperation k,
4721 pid_t main_pid,
4722 pid_t control_pid,
4723 bool main_pid_alien) {
4724
4725 bool wait_for_exit = false, send_sighup;
4726 cg_kill_log_func_t log_func = NULL;
4727 int sig, r;
4728
4729 assert(u);
4730 assert(c);
4731
4732 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4733 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4734
4735 if (c->kill_mode == KILL_NONE)
4736 return 0;
4737
4738 bool noteworthy;
4739 sig = operation_to_signal(c, k, &noteworthy);
4740 if (noteworthy)
4741 log_func = log_kill;
4742
4743 send_sighup =
4744 c->send_sighup &&
4745 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4746 sig != SIGHUP;
4747
4748 if (main_pid > 0) {
4749 if (log_func)
4750 log_func(main_pid, sig, u);
4751
4752 r = kill_and_sigcont(main_pid, sig);
4753 if (r < 0 && r != -ESRCH) {
4754 _cleanup_free_ char *comm = NULL;
4755 (void) get_process_comm(main_pid, &comm);
4756
4757 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4758 } else {
4759 if (!main_pid_alien)
4760 wait_for_exit = true;
4761
4762 if (r != -ESRCH && send_sighup)
4763 (void) kill(main_pid, SIGHUP);
4764 }
4765 }
4766
4767 if (control_pid > 0) {
4768 if (log_func)
4769 log_func(control_pid, sig, u);
4770
4771 r = kill_and_sigcont(control_pid, sig);
4772 if (r < 0 && r != -ESRCH) {
4773 _cleanup_free_ char *comm = NULL;
4774 (void) get_process_comm(control_pid, &comm);
4775
4776 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4777 } else {
4778 wait_for_exit = true;
4779
4780 if (r != -ESRCH && send_sighup)
4781 (void) kill(control_pid, SIGHUP);
4782 }
4783 }
4784
4785 if (u->cgroup_path &&
4786 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4787 _cleanup_set_free_ Set *pid_set = NULL;
4788
4789 /* Exclude the main/control pids from being killed via the cgroup */
4790 pid_set = unit_pid_set(main_pid, control_pid);
4791 if (!pid_set)
4792 return -ENOMEM;
4793
4794 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4795 sig,
4796 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4797 pid_set,
4798 log_func, u);
4799 if (r < 0) {
4800 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4801 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4802
4803 } else if (r > 0) {
4804
4805 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4806 * we are running in a container or if this is a delegation unit, simply because cgroup
4807 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4808 * of containers it can be confused easily by left-over directories in the cgroup — which
4809 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4810 * there we get proper events. Hence rely on them. */
4811
4812 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4813 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4814 wait_for_exit = true;
4815
4816 if (send_sighup) {
4817 set_free(pid_set);
4818
4819 pid_set = unit_pid_set(main_pid, control_pid);
4820 if (!pid_set)
4821 return -ENOMEM;
4822
4823 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4824 SIGHUP,
4825 CGROUP_IGNORE_SELF,
4826 pid_set,
4827 NULL, NULL);
4828 }
4829 }
4830 }
4831
4832 return wait_for_exit;
4833 }
4834
4835 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4836 _cleanup_free_ char *p = NULL;
4837 UnitDependencyInfo di;
4838 int r;
4839
4840 assert(u);
4841 assert(path);
4842
4843 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4844 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4845 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4846 * determine which units to make themselves a dependency of. */
4847
4848 if (!path_is_absolute(path))
4849 return -EINVAL;
4850
4851 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4852 if (r < 0)
4853 return r;
4854
4855 p = strdup(path);
4856 if (!p)
4857 return -ENOMEM;
4858
4859 path = path_simplify(p, true);
4860
4861 if (!path_is_normalized(path))
4862 return -EPERM;
4863
4864 if (hashmap_contains(u->requires_mounts_for, path))
4865 return 0;
4866
4867 di = (UnitDependencyInfo) {
4868 .origin_mask = mask
4869 };
4870
4871 r = hashmap_put(u->requires_mounts_for, path, di.data);
4872 if (r < 0)
4873 return r;
4874 p = NULL;
4875
4876 char prefix[strlen(path) + 1];
4877 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4878 Set *x;
4879
4880 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4881 if (!x) {
4882 _cleanup_free_ char *q = NULL;
4883
4884 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4885 if (r < 0)
4886 return r;
4887
4888 q = strdup(prefix);
4889 if (!q)
4890 return -ENOMEM;
4891
4892 x = set_new(NULL);
4893 if (!x)
4894 return -ENOMEM;
4895
4896 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4897 if (r < 0) {
4898 set_free(x);
4899 return r;
4900 }
4901 q = NULL;
4902 }
4903
4904 r = set_put(x, u);
4905 if (r < 0)
4906 return r;
4907 }
4908
4909 return 0;
4910 }
4911
4912 int unit_setup_exec_runtime(Unit *u) {
4913 ExecRuntime **rt;
4914 size_t offset;
4915 Unit *other;
4916 Iterator i;
4917 void *v;
4918 int r;
4919
4920 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4921 assert(offset > 0);
4922
4923 /* Check if there already is an ExecRuntime for this unit? */
4924 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4925 if (*rt)
4926 return 0;
4927
4928 /* Try to get it from somebody else */
4929 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4930 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4931 if (r == 1)
4932 return 1;
4933 }
4934
4935 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4936 }
4937
4938 int unit_setup_dynamic_creds(Unit *u) {
4939 ExecContext *ec;
4940 DynamicCreds *dcreds;
4941 size_t offset;
4942
4943 assert(u);
4944
4945 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4946 assert(offset > 0);
4947 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4948
4949 ec = unit_get_exec_context(u);
4950 assert(ec);
4951
4952 if (!ec->dynamic_user)
4953 return 0;
4954
4955 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4956 }
4957
4958 bool unit_type_supported(UnitType t) {
4959 if (_unlikely_(t < 0))
4960 return false;
4961 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4962 return false;
4963
4964 if (!unit_vtable[t]->supported)
4965 return true;
4966
4967 return unit_vtable[t]->supported();
4968 }
4969
4970 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4971 int r;
4972
4973 assert(u);
4974 assert(where);
4975
4976 r = dir_is_empty(where);
4977 if (r > 0 || r == -ENOTDIR)
4978 return;
4979 if (r < 0) {
4980 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4981 return;
4982 }
4983
4984 log_struct(LOG_NOTICE,
4985 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4986 LOG_UNIT_ID(u),
4987 LOG_UNIT_INVOCATION_ID(u),
4988 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4989 "WHERE=%s", where);
4990 }
4991
4992 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4993 _cleanup_free_ char *canonical_where = NULL;
4994 int r;
4995
4996 assert(u);
4997 assert(where);
4998
4999 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
5000 if (r < 0) {
5001 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
5002 return 0;
5003 }
5004
5005 /* We will happily ignore a trailing slash (or any redundant slashes) */
5006 if (path_equal(where, canonical_where))
5007 return 0;
5008
5009 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5010 log_struct(LOG_ERR,
5011 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5012 LOG_UNIT_ID(u),
5013 LOG_UNIT_INVOCATION_ID(u),
5014 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
5015 "WHERE=%s", where);
5016
5017 return -ELOOP;
5018 }
5019
5020 bool unit_is_pristine(Unit *u) {
5021 assert(u);
5022
5023 /* Check if the unit already exists or is already around,
5024 * in a number of different ways. Note that to cater for unit
5025 * types such as slice, we are generally fine with units that
5026 * are marked UNIT_LOADED even though nothing was actually
5027 * loaded, as those unit types don't require a file on disk. */
5028
5029 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
5030 u->fragment_path ||
5031 u->source_path ||
5032 !strv_isempty(u->dropin_paths) ||
5033 u->job ||
5034 u->merged_into);
5035 }
5036
5037 pid_t unit_control_pid(Unit *u) {
5038 assert(u);
5039
5040 if (UNIT_VTABLE(u)->control_pid)
5041 return UNIT_VTABLE(u)->control_pid(u);
5042
5043 return 0;
5044 }
5045
5046 pid_t unit_main_pid(Unit *u) {
5047 assert(u);
5048
5049 if (UNIT_VTABLE(u)->main_pid)
5050 return UNIT_VTABLE(u)->main_pid(u);
5051
5052 return 0;
5053 }
5054
5055 static void unit_unref_uid_internal(
5056 Unit *u,
5057 uid_t *ref_uid,
5058 bool destroy_now,
5059 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5060
5061 assert(u);
5062 assert(ref_uid);
5063 assert(_manager_unref_uid);
5064
5065 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5066 * gid_t are actually the same time, with the same validity rules.
5067 *
5068 * Drops a reference to UID/GID from a unit. */
5069
5070 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5071 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5072
5073 if (!uid_is_valid(*ref_uid))
5074 return;
5075
5076 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5077 *ref_uid = UID_INVALID;
5078 }
5079
5080 void unit_unref_uid(Unit *u, bool destroy_now) {
5081 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5082 }
5083
5084 void unit_unref_gid(Unit *u, bool destroy_now) {
5085 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5086 }
5087
5088 static int unit_ref_uid_internal(
5089 Unit *u,
5090 uid_t *ref_uid,
5091 uid_t uid,
5092 bool clean_ipc,
5093 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5094
5095 int r;
5096
5097 assert(u);
5098 assert(ref_uid);
5099 assert(uid_is_valid(uid));
5100 assert(_manager_ref_uid);
5101
5102 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5103 * are actually the same type, and have the same validity rules.
5104 *
5105 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5106 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5107 * drops to zero. */
5108
5109 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5110 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5111
5112 if (*ref_uid == uid)
5113 return 0;
5114
5115 if (uid_is_valid(*ref_uid)) /* Already set? */
5116 return -EBUSY;
5117
5118 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5119 if (r < 0)
5120 return r;
5121
5122 *ref_uid = uid;
5123 return 1;
5124 }
5125
5126 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
5127 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5128 }
5129
5130 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
5131 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5132 }
5133
5134 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5135 int r = 0, q = 0;
5136
5137 assert(u);
5138
5139 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5140
5141 if (uid_is_valid(uid)) {
5142 r = unit_ref_uid(u, uid, clean_ipc);
5143 if (r < 0)
5144 return r;
5145 }
5146
5147 if (gid_is_valid(gid)) {
5148 q = unit_ref_gid(u, gid, clean_ipc);
5149 if (q < 0) {
5150 if (r > 0)
5151 unit_unref_uid(u, false);
5152
5153 return q;
5154 }
5155 }
5156
5157 return r > 0 || q > 0;
5158 }
5159
5160 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5161 ExecContext *c;
5162 int r;
5163
5164 assert(u);
5165
5166 c = unit_get_exec_context(u);
5167
5168 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5169 if (r < 0)
5170 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5171
5172 return r;
5173 }
5174
5175 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5176 assert(u);
5177
5178 unit_unref_uid(u, destroy_now);
5179 unit_unref_gid(u, destroy_now);
5180 }
5181
5182 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5183 int r;
5184
5185 assert(u);
5186
5187 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5188 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5189 * objects when no service references the UID/GID anymore. */
5190
5191 r = unit_ref_uid_gid(u, uid, gid);
5192 if (r > 0)
5193 unit_add_to_dbus_queue(u);
5194 }
5195
5196 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
5197 int r;
5198
5199 assert(u);
5200
5201 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
5202
5203 if (sd_id128_equal(u->invocation_id, id))
5204 return 0;
5205
5206 if (!sd_id128_is_null(u->invocation_id))
5207 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
5208
5209 if (sd_id128_is_null(id)) {
5210 r = 0;
5211 goto reset;
5212 }
5213
5214 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
5215 if (r < 0)
5216 goto reset;
5217
5218 u->invocation_id = id;
5219 sd_id128_to_string(id, u->invocation_id_string);
5220
5221 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
5222 if (r < 0)
5223 goto reset;
5224
5225 return 0;
5226
5227 reset:
5228 u->invocation_id = SD_ID128_NULL;
5229 u->invocation_id_string[0] = 0;
5230 return r;
5231 }
5232
5233 int unit_acquire_invocation_id(Unit *u) {
5234 sd_id128_t id;
5235 int r;
5236
5237 assert(u);
5238
5239 r = sd_id128_randomize(&id);
5240 if (r < 0)
5241 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5242
5243 r = unit_set_invocation_id(u, id);
5244 if (r < 0)
5245 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5246
5247 unit_add_to_dbus_queue(u);
5248 return 0;
5249 }
5250
5251 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5252 int r;
5253
5254 assert(u);
5255 assert(p);
5256
5257 /* Copy parameters from manager */
5258 r = manager_get_effective_environment(u->manager, &p->environment);
5259 if (r < 0)
5260 return r;
5261
5262 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5263 p->cgroup_supported = u->manager->cgroup_supported;
5264 p->prefix = u->manager->prefix;
5265 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5266
5267 /* Copy parameters from unit */
5268 p->cgroup_path = u->cgroup_path;
5269 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5270
5271 return 0;
5272 }
5273
5274 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5275 int r;
5276
5277 assert(u);
5278 assert(ret);
5279
5280 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5281 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5282
5283 (void) unit_realize_cgroup(u);
5284
5285 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5286 if (r != 0)
5287 return r;
5288
5289 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5290 (void) ignore_signals(SIGPIPE, -1);
5291
5292 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5293
5294 if (u->cgroup_path) {
5295 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5296 if (r < 0) {
5297 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5298 _exit(EXIT_CGROUP);
5299 }
5300 }
5301
5302 return 0;
5303 }
5304
5305 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5306 pid_t pid;
5307 int r;
5308
5309 assert(u);
5310 assert(ret_pid);
5311
5312 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5313 if (r < 0)
5314 return r;
5315 if (r == 0) {
5316 int ret = EXIT_SUCCESS;
5317 char **i;
5318
5319 STRV_FOREACH(i, paths) {
5320 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5321 if (r < 0) {
5322 log_error_errno(r, "Failed to remove '%s': %m", *i);
5323 ret = EXIT_FAILURE;
5324 }
5325 }
5326
5327 _exit(ret);
5328 }
5329
5330 r = unit_watch_pid(u, pid, true);
5331 if (r < 0)
5332 return r;
5333
5334 *ret_pid = pid;
5335 return 0;
5336 }
5337
5338 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5339 assert(u);
5340 assert(d >= 0);
5341 assert(d < _UNIT_DEPENDENCY_MAX);
5342 assert(other);
5343
5344 if (di.origin_mask == 0 && di.destination_mask == 0) {
5345 /* No bit set anymore, let's drop the whole entry */
5346 assert_se(hashmap_remove(u->dependencies[d], other));
5347 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5348 } else
5349 /* Mask was reduced, let's update the entry */
5350 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5351 }
5352
5353 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5354 UnitDependency d;
5355
5356 assert(u);
5357
5358 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5359
5360 if (mask == 0)
5361 return;
5362
5363 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5364 bool done;
5365
5366 do {
5367 UnitDependencyInfo di;
5368 Unit *other;
5369 Iterator i;
5370
5371 done = true;
5372
5373 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5374 UnitDependency q;
5375
5376 if ((di.origin_mask & ~mask) == di.origin_mask)
5377 continue;
5378 di.origin_mask &= ~mask;
5379 unit_update_dependency_mask(u, d, other, di);
5380
5381 /* We updated the dependency from our unit to the other unit now. But most dependencies
5382 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5383 * all dependency types on the other unit and delete all those which point to us and
5384 * have the right mask set. */
5385
5386 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5387 UnitDependencyInfo dj;
5388
5389 dj.data = hashmap_get(other->dependencies[q], u);
5390 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5391 continue;
5392 dj.destination_mask &= ~mask;
5393
5394 unit_update_dependency_mask(other, q, u, dj);
5395 }
5396
5397 unit_add_to_gc_queue(other);
5398
5399 done = false;
5400 break;
5401 }
5402
5403 } while (!done);
5404 }
5405 }
5406
5407 static int unit_export_invocation_id(Unit *u) {
5408 const char *p;
5409 int r;
5410
5411 assert(u);
5412
5413 if (u->exported_invocation_id)
5414 return 0;
5415
5416 if (sd_id128_is_null(u->invocation_id))
5417 return 0;
5418
5419 p = strjoina("/run/systemd/units/invocation:", u->id);
5420 r = symlink_atomic(u->invocation_id_string, p);
5421 if (r < 0)
5422 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5423
5424 u->exported_invocation_id = true;
5425 return 0;
5426 }
5427
5428 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5429 const char *p;
5430 char buf[2];
5431 int r;
5432
5433 assert(u);
5434 assert(c);
5435
5436 if (u->exported_log_level_max)
5437 return 0;
5438
5439 if (c->log_level_max < 0)
5440 return 0;
5441
5442 assert(c->log_level_max <= 7);
5443
5444 buf[0] = '0' + c->log_level_max;
5445 buf[1] = 0;
5446
5447 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5448 r = symlink_atomic(buf, p);
5449 if (r < 0)
5450 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5451
5452 u->exported_log_level_max = true;
5453 return 0;
5454 }
5455
5456 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5457 _cleanup_close_ int fd = -1;
5458 struct iovec *iovec;
5459 const char *p;
5460 char *pattern;
5461 le64_t *sizes;
5462 ssize_t n;
5463 size_t i;
5464 int r;
5465
5466 if (u->exported_log_extra_fields)
5467 return 0;
5468
5469 if (c->n_log_extra_fields <= 0)
5470 return 0;
5471
5472 sizes = newa(le64_t, c->n_log_extra_fields);
5473 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5474
5475 for (i = 0; i < c->n_log_extra_fields; i++) {
5476 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5477
5478 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5479 iovec[i*2+1] = c->log_extra_fields[i];
5480 }
5481
5482 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5483 pattern = strjoina(p, ".XXXXXX");
5484
5485 fd = mkostemp_safe(pattern);
5486 if (fd < 0)
5487 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5488
5489 n = writev(fd, iovec, c->n_log_extra_fields*2);
5490 if (n < 0) {
5491 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5492 goto fail;
5493 }
5494
5495 (void) fchmod(fd, 0644);
5496
5497 if (rename(pattern, p) < 0) {
5498 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5499 goto fail;
5500 }
5501
5502 u->exported_log_extra_fields = true;
5503 return 0;
5504
5505 fail:
5506 (void) unlink(pattern);
5507 return r;
5508 }
5509
5510 static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
5511 _cleanup_free_ char *buf = NULL;
5512 const char *p;
5513 int r;
5514
5515 assert(u);
5516 assert(c);
5517
5518 if (u->exported_log_ratelimit_interval)
5519 return 0;
5520
5521 if (c->log_ratelimit_interval_usec == 0)
5522 return 0;
5523
5524 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5525
5526 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
5527 return log_oom();
5528
5529 r = symlink_atomic(buf, p);
5530 if (r < 0)
5531 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5532
5533 u->exported_log_ratelimit_interval = true;
5534 return 0;
5535 }
5536
5537 static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
5538 _cleanup_free_ char *buf = NULL;
5539 const char *p;
5540 int r;
5541
5542 assert(u);
5543 assert(c);
5544
5545 if (u->exported_log_ratelimit_burst)
5546 return 0;
5547
5548 if (c->log_ratelimit_burst == 0)
5549 return 0;
5550
5551 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5552
5553 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
5554 return log_oom();
5555
5556 r = symlink_atomic(buf, p);
5557 if (r < 0)
5558 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5559
5560 u->exported_log_ratelimit_burst = true;
5561 return 0;
5562 }
5563
5564 void unit_export_state_files(Unit *u) {
5565 const ExecContext *c;
5566
5567 assert(u);
5568
5569 if (!u->id)
5570 return;
5571
5572 if (!MANAGER_IS_SYSTEM(u->manager))
5573 return;
5574
5575 if (MANAGER_IS_TEST_RUN(u->manager))
5576 return;
5577
5578 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5579 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5580 * the IPC system itself and PID 1 also log to the journal.
5581 *
5582 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5583 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5584 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5585 * namespace at least.
5586 *
5587 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5588 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5589 * them with one. */
5590
5591 (void) unit_export_invocation_id(u);
5592
5593 c = unit_get_exec_context(u);
5594 if (c) {
5595 (void) unit_export_log_level_max(u, c);
5596 (void) unit_export_log_extra_fields(u, c);
5597 (void) unit_export_log_ratelimit_interval(u, c);
5598 (void) unit_export_log_ratelimit_burst(u, c);
5599 }
5600 }
5601
5602 void unit_unlink_state_files(Unit *u) {
5603 const char *p;
5604
5605 assert(u);
5606
5607 if (!u->id)
5608 return;
5609
5610 if (!MANAGER_IS_SYSTEM(u->manager))
5611 return;
5612
5613 /* Undoes the effect of unit_export_state() */
5614
5615 if (u->exported_invocation_id) {
5616 p = strjoina("/run/systemd/units/invocation:", u->id);
5617 (void) unlink(p);
5618
5619 u->exported_invocation_id = false;
5620 }
5621
5622 if (u->exported_log_level_max) {
5623 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5624 (void) unlink(p);
5625
5626 u->exported_log_level_max = false;
5627 }
5628
5629 if (u->exported_log_extra_fields) {
5630 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5631 (void) unlink(p);
5632
5633 u->exported_log_extra_fields = false;
5634 }
5635
5636 if (u->exported_log_ratelimit_interval) {
5637 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5638 (void) unlink(p);
5639
5640 u->exported_log_ratelimit_interval = false;
5641 }
5642
5643 if (u->exported_log_ratelimit_burst) {
5644 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5645 (void) unlink(p);
5646
5647 u->exported_log_ratelimit_burst = false;
5648 }
5649 }
5650
5651 int unit_prepare_exec(Unit *u) {
5652 int r;
5653
5654 assert(u);
5655
5656 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5657 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5658 r = bpf_firewall_load_custom(u);
5659 if (r < 0)
5660 return r;
5661
5662 /* Prepares everything so that we can fork of a process for this unit */
5663
5664 (void) unit_realize_cgroup(u);
5665
5666 if (u->reset_accounting) {
5667 (void) unit_reset_accounting(u);
5668 u->reset_accounting = false;
5669 }
5670
5671 unit_export_state_files(u);
5672
5673 r = unit_setup_exec_runtime(u);
5674 if (r < 0)
5675 return r;
5676
5677 r = unit_setup_dynamic_creds(u);
5678 if (r < 0)
5679 return r;
5680
5681 return 0;
5682 }
5683
5684 static int log_leftover(pid_t pid, int sig, void *userdata) {
5685 _cleanup_free_ char *comm = NULL;
5686
5687 (void) get_process_comm(pid, &comm);
5688
5689 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5690 return 0;
5691
5692 log_unit_warning(userdata,
5693 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5694 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5695 pid, strna(comm));
5696
5697 return 1;
5698 }
5699
5700 int unit_warn_leftover_processes(Unit *u) {
5701 assert(u);
5702
5703 (void) unit_pick_cgroup_path(u);
5704
5705 if (!u->cgroup_path)
5706 return 0;
5707
5708 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5709 }
5710
5711 bool unit_needs_console(Unit *u) {
5712 ExecContext *ec;
5713 UnitActiveState state;
5714
5715 assert(u);
5716
5717 state = unit_active_state(u);
5718
5719 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5720 return false;
5721
5722 if (UNIT_VTABLE(u)->needs_console)
5723 return UNIT_VTABLE(u)->needs_console(u);
5724
5725 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5726 ec = unit_get_exec_context(u);
5727 if (!ec)
5728 return false;
5729
5730 return exec_context_may_touch_console(ec);
5731 }
5732
5733 const char *unit_label_path(Unit *u) {
5734 const char *p;
5735
5736 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5737 * when validating access checks. */
5738
5739 p = u->source_path ?: u->fragment_path;
5740 if (!p)
5741 return NULL;
5742
5743 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5744 if (path_equal(p, "/dev/null"))
5745 return NULL;
5746
5747 return p;
5748 }
5749
5750 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5751 int r;
5752
5753 assert(u);
5754
5755 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5756 * and not a kernel thread either */
5757
5758 /* First, a simple range check */
5759 if (!pid_is_valid(pid))
5760 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5761
5762 /* Some extra safety check */
5763 if (pid == 1 || pid == getpid_cached())
5764 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5765
5766 /* Don't even begin to bother with kernel threads */
5767 r = is_kernel_thread(pid);
5768 if (r == -ESRCH)
5769 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5770 if (r < 0)
5771 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5772 if (r > 0)
5773 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5774
5775 return 0;
5776 }
5777
5778 void unit_log_success(Unit *u) {
5779 assert(u);
5780
5781 log_struct(LOG_INFO,
5782 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5783 LOG_UNIT_ID(u),
5784 LOG_UNIT_INVOCATION_ID(u),
5785 LOG_UNIT_MESSAGE(u, "Succeeded."));
5786 }
5787
5788 void unit_log_failure(Unit *u, const char *result) {
5789 assert(u);
5790 assert(result);
5791
5792 log_struct(LOG_WARNING,
5793 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5794 LOG_UNIT_ID(u),
5795 LOG_UNIT_INVOCATION_ID(u),
5796 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5797 "UNIT_RESULT=%s", result);
5798 }
5799
5800 void unit_log_skip(Unit *u, const char *result) {
5801 assert(u);
5802 assert(result);
5803
5804 log_struct(LOG_INFO,
5805 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
5806 LOG_UNIT_ID(u),
5807 LOG_UNIT_INVOCATION_ID(u),
5808 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
5809 "UNIT_RESULT=%s", result);
5810 }
5811
5812 void unit_log_process_exit(
5813 Unit *u,
5814 const char *kind,
5815 const char *command,
5816 bool success,
5817 int code,
5818 int status) {
5819
5820 int level;
5821
5822 assert(u);
5823 assert(kind);
5824
5825 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5826 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5827 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5828 * WARNING. */
5829 if (success)
5830 level = LOG_DEBUG;
5831 else if (code == CLD_EXITED)
5832 level = LOG_NOTICE;
5833 else
5834 level = LOG_WARNING;
5835
5836 log_struct(level,
5837 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
5838 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
5839 kind,
5840 sigchld_code_to_string(code), status,
5841 strna(code == CLD_EXITED
5842 ? exit_status_to_string(status, EXIT_STATUS_FULL)
5843 : signal_to_string(status))),
5844 "EXIT_CODE=%s", sigchld_code_to_string(code),
5845 "EXIT_STATUS=%i", status,
5846 "COMMAND=%s", strna(command),
5847 LOG_UNIT_ID(u),
5848 LOG_UNIT_INVOCATION_ID(u));
5849 }
5850
5851 int unit_exit_status(Unit *u) {
5852 assert(u);
5853
5854 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5855 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5856 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5857 * service process has exited abnormally (signal/coredump). */
5858
5859 if (!UNIT_VTABLE(u)->exit_status)
5860 return -EOPNOTSUPP;
5861
5862 return UNIT_VTABLE(u)->exit_status(u);
5863 }
5864
5865 int unit_failure_action_exit_status(Unit *u) {
5866 int r;
5867
5868 assert(u);
5869
5870 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5871
5872 if (u->failure_action_exit_status >= 0)
5873 return u->failure_action_exit_status;
5874
5875 r = unit_exit_status(u);
5876 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5877 return 255;
5878
5879 return r;
5880 }
5881
5882 int unit_success_action_exit_status(Unit *u) {
5883 int r;
5884
5885 assert(u);
5886
5887 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5888
5889 if (u->success_action_exit_status >= 0)
5890 return u->success_action_exit_status;
5891
5892 r = unit_exit_status(u);
5893 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5894 return 255;
5895
5896 return r;
5897 }
5898
5899 int unit_test_trigger_loaded(Unit *u) {
5900 Unit *trigger;
5901
5902 /* Tests whether the unit to trigger is loaded */
5903
5904 trigger = UNIT_TRIGGER(u);
5905 if (!trigger)
5906 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5907 "Refusing to start, no unit to trigger.");
5908 if (trigger->load_state != UNIT_LOADED)
5909 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
5910 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
5911
5912 return 0;
5913 }
5914
5915 void unit_destroy_runtime_directory(Unit *u, const ExecContext *context) {
5916 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
5917 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
5918 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
5919 }
5920
5921 int unit_clean(Unit *u, ExecCleanMask mask) {
5922 UnitActiveState state;
5923
5924 assert(u);
5925
5926 /* Special return values:
5927 *
5928 * -EOPNOTSUPP → cleaning not supported for this unit type
5929 * -EUNATCH → cleaning not defined for this resource type
5930 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5931 * a job queued or similar
5932 */
5933
5934 if (!UNIT_VTABLE(u)->clean)
5935 return -EOPNOTSUPP;
5936
5937 if (mask == 0)
5938 return -EUNATCH;
5939
5940 if (u->load_state != UNIT_LOADED)
5941 return -EBUSY;
5942
5943 if (u->job)
5944 return -EBUSY;
5945
5946 state = unit_active_state(u);
5947 if (!IN_SET(state, UNIT_INACTIVE))
5948 return -EBUSY;
5949
5950 return UNIT_VTABLE(u)->clean(u, mask);
5951 }
5952
5953 int unit_can_clean(Unit *u, ExecCleanMask *ret) {
5954 assert(u);
5955
5956 if (!UNIT_VTABLE(u)->clean ||
5957 u->load_state != UNIT_LOADED) {
5958 *ret = 0;
5959 return 0;
5960 }
5961
5962 /* When the clean() method is set, can_clean() really should be set too */
5963 assert(UNIT_VTABLE(u)->can_clean);
5964
5965 return UNIT_VTABLE(u)->can_clean(u, ret);
5966 }
5967
5968 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5969 [COLLECT_INACTIVE] = "inactive",
5970 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5971 };
5972
5973 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.