1 /* SPDX-License-Identifier: LGPL-2.1+ */
11 #include "sd-messages.h"
13 #include "all-units.h"
14 #include "alloc-util.h"
15 #include "bus-common-errors.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
24 #include "fileio-label.h"
25 #include "format-util.h"
27 #include "id128-util.h"
29 #include "load-dropin.h"
30 #include "load-fragment.h"
35 #include "parse-util.h"
36 #include "path-util.h"
37 #include "process-util.h"
38 #include "serialize.h"
40 #include "signal-util.h"
41 #include "sparse-endian.h"
43 #include "specifier.h"
44 #include "stat-util.h"
45 #include "stdio-util.h"
46 #include "string-table.h"
47 #include "string-util.h"
49 #include "terminal-util.h"
50 #include "umask-util.h"
51 #include "unit-name.h"
53 #include "user-util.h"
56 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
57 [UNIT_SERVICE
] = &service_vtable
,
58 [UNIT_SOCKET
] = &socket_vtable
,
59 [UNIT_TARGET
] = &target_vtable
,
60 [UNIT_DEVICE
] = &device_vtable
,
61 [UNIT_MOUNT
] = &mount_vtable
,
62 [UNIT_AUTOMOUNT
] = &automount_vtable
,
63 [UNIT_SWAP
] = &swap_vtable
,
64 [UNIT_TIMER
] = &timer_vtable
,
65 [UNIT_PATH
] = &path_vtable
,
66 [UNIT_SLICE
] = &slice_vtable
,
67 [UNIT_SCOPE
] = &scope_vtable
,
70 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
);
72 Unit
*unit_new(Manager
*m
, size_t size
) {
76 assert(size
>= sizeof(Unit
));
82 u
->names
= set_new(&string_hash_ops
);
87 u
->type
= _UNIT_TYPE_INVALID
;
88 u
->default_dependencies
= true;
89 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
90 u
->unit_file_preset
= -1;
91 u
->on_failure_job_mode
= JOB_REPLACE
;
92 u
->cgroup_inotify_wd
= -1;
93 u
->job_timeout
= USEC_INFINITY
;
94 u
->job_running_timeout
= USEC_INFINITY
;
95 u
->ref_uid
= UID_INVALID
;
96 u
->ref_gid
= GID_INVALID
;
97 u
->cpu_usage_last
= NSEC_INFINITY
;
98 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
99 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
101 u
->ip_accounting_ingress_map_fd
= -1;
102 u
->ip_accounting_egress_map_fd
= -1;
103 u
->ipv4_allow_map_fd
= -1;
104 u
->ipv6_allow_map_fd
= -1;
105 u
->ipv4_deny_map_fd
= -1;
106 u
->ipv6_deny_map_fd
= -1;
108 u
->last_section_private
= -1;
110 RATELIMIT_INIT(u
->start_limit
, m
->default_start_limit_interval
, m
->default_start_limit_burst
);
111 RATELIMIT_INIT(u
->auto_stop_ratelimit
, 10 * USEC_PER_SEC
, 16);
116 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
117 _cleanup_(unit_freep
) Unit
*u
= NULL
;
120 u
= unit_new(m
, size
);
124 r
= unit_add_name(u
, name
);
133 bool unit_has_name(Unit
*u
, const char *name
) {
137 return set_contains(u
->names
, (char*) name
);
140 static void unit_init(Unit
*u
) {
147 assert(u
->type
>= 0);
149 cc
= unit_get_cgroup_context(u
);
151 cgroup_context_init(cc
);
153 /* Copy in the manager defaults into the cgroup
154 * context, _before_ the rest of the settings have
155 * been initialized */
157 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
158 cc
->io_accounting
= u
->manager
->default_io_accounting
;
159 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
160 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
161 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
162 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
163 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
165 if (u
->type
!= UNIT_SLICE
)
166 cc
->tasks_max
= u
->manager
->default_tasks_max
;
169 ec
= unit_get_exec_context(u
);
171 exec_context_init(ec
);
173 ec
->keyring_mode
= MANAGER_IS_SYSTEM(u
->manager
) ?
174 EXEC_KEYRING_SHARED
: EXEC_KEYRING_INHERIT
;
177 kc
= unit_get_kill_context(u
);
179 kill_context_init(kc
);
181 if (UNIT_VTABLE(u
)->init
)
182 UNIT_VTABLE(u
)->init(u
);
185 int unit_add_name(Unit
*u
, const char *text
) {
186 _cleanup_free_
char *s
= NULL
, *i
= NULL
;
193 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
198 r
= unit_name_replace_instance(text
, u
->instance
, &s
);
207 if (set_contains(u
->names
, s
))
209 if (hashmap_contains(u
->manager
->units
, s
))
212 if (!unit_name_is_valid(s
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
215 t
= unit_name_to_type(s
);
219 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
222 r
= unit_name_to_instance(s
, &i
);
226 if (i
&& !unit_type_may_template(t
))
229 /* Ensure that this unit is either instanced or not instanced,
230 * but not both. Note that we do allow names with different
231 * instance names however! */
232 if (u
->type
!= _UNIT_TYPE_INVALID
&& !u
->instance
!= !i
)
235 if (!unit_type_may_alias(t
) && !set_isempty(u
->names
))
238 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
241 r
= set_put(u
->names
, s
);
246 r
= hashmap_put(u
->manager
->units
, s
, u
);
248 (void) set_remove(u
->names
, s
);
252 if (u
->type
== _UNIT_TYPE_INVALID
) {
255 u
->instance
= TAKE_PTR(i
);
257 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
264 unit_add_to_dbus_queue(u
);
268 int unit_choose_id(Unit
*u
, const char *name
) {
269 _cleanup_free_
char *t
= NULL
;
276 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
281 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
288 /* Selects one of the names of this unit as the id */
289 s
= set_get(u
->names
, (char*) name
);
293 /* Determine the new instance from the new id */
294 r
= unit_name_to_instance(s
, &i
);
303 unit_add_to_dbus_queue(u
);
308 int unit_set_description(Unit
*u
, const char *description
) {
313 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
317 unit_add_to_dbus_queue(u
);
322 bool unit_may_gc(Unit
*u
) {
323 UnitActiveState state
;
328 /* Checks whether the unit is ready to be unloaded for garbage collection.
329 * Returns true when the unit may be collected, and false if there's some
330 * reason to keep it loaded.
332 * References from other units are *not* checked here. Instead, this is done
333 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
342 state
= unit_active_state(u
);
344 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
345 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
346 UNIT_VTABLE(u
)->release_resources
)
347 UNIT_VTABLE(u
)->release_resources(u
);
352 if (sd_bus_track_count(u
->bus_track
) > 0)
355 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
356 switch (u
->collect_mode
) {
358 case COLLECT_INACTIVE
:
359 if (state
!= UNIT_INACTIVE
)
364 case COLLECT_INACTIVE_OR_FAILED
:
365 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
371 assert_not_reached("Unknown garbage collection mode");
374 if (u
->cgroup_path
) {
375 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
376 * around. Units with active processes should never be collected. */
378 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
380 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", u
->cgroup_path
);
385 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
391 void unit_add_to_load_queue(Unit
*u
) {
393 assert(u
->type
!= _UNIT_TYPE_INVALID
);
395 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
398 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
399 u
->in_load_queue
= true;
402 void unit_add_to_cleanup_queue(Unit
*u
) {
405 if (u
->in_cleanup_queue
)
408 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
409 u
->in_cleanup_queue
= true;
412 void unit_add_to_gc_queue(Unit
*u
) {
415 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
421 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
422 u
->in_gc_queue
= true;
425 void unit_add_to_dbus_queue(Unit
*u
) {
427 assert(u
->type
!= _UNIT_TYPE_INVALID
);
429 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
432 /* Shortcut things if nobody cares */
433 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
434 sd_bus_track_count(u
->bus_track
) <= 0 &&
435 set_isempty(u
->manager
->private_buses
)) {
436 u
->sent_dbus_new_signal
= true;
440 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
441 u
->in_dbus_queue
= true;
444 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
447 if (u
->in_stop_when_unneeded_queue
)
450 if (!u
->stop_when_unneeded
)
453 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
456 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
457 u
->in_stop_when_unneeded_queue
= true;
460 static void bidi_set_free(Unit
*u
, Hashmap
*h
) {
467 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
469 HASHMAP_FOREACH_KEY(v
, other
, h
, i
) {
472 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
473 hashmap_remove(other
->dependencies
[d
], u
);
475 unit_add_to_gc_queue(other
);
481 static void unit_remove_transient(Unit
*u
) {
489 if (u
->fragment_path
)
490 (void) unlink(u
->fragment_path
);
492 STRV_FOREACH(i
, u
->dropin_paths
) {
493 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
495 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
499 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
503 /* Only drop transient drop-ins */
504 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
512 static void unit_free_requires_mounts_for(Unit
*u
) {
516 _cleanup_free_
char *path
;
518 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
522 char s
[strlen(path
) + 1];
524 PATH_FOREACH_PREFIX_MORE(s
, path
) {
528 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
532 (void) set_remove(x
, u
);
534 if (set_isempty(x
)) {
535 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
543 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
546 static void unit_done(Unit
*u
) {
555 if (UNIT_VTABLE(u
)->done
)
556 UNIT_VTABLE(u
)->done(u
);
558 ec
= unit_get_exec_context(u
);
560 exec_context_done(ec
);
562 cc
= unit_get_cgroup_context(u
);
564 cgroup_context_done(cc
);
567 void unit_free(Unit
*u
) {
575 if (UNIT_ISSET(u
->slice
)) {
576 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
577 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u
->slice
));
579 /* And make sure the parent is realized again, updating cgroup memberships */
580 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u
->slice
));
583 u
->transient_file
= safe_fclose(u
->transient_file
);
585 if (!MANAGER_IS_RELOADING(u
->manager
))
586 unit_remove_transient(u
);
588 bus_unit_send_removed_signal(u
);
592 unit_dequeue_rewatch_pids(u
);
594 sd_bus_slot_unref(u
->match_bus_slot
);
595 sd_bus_track_unref(u
->bus_track
);
596 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
598 unit_free_requires_mounts_for(u
);
600 SET_FOREACH(t
, u
->names
, i
)
601 hashmap_remove_value(u
->manager
->units
, t
, u
);
603 if (!sd_id128_is_null(u
->invocation_id
))
604 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
618 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
619 bidi_set_free(u
, u
->dependencies
[d
]);
622 manager_unref_console(u
->manager
);
624 unit_release_cgroup(u
);
626 if (!MANAGER_IS_RELOADING(u
->manager
))
627 unit_unlink_state_files(u
);
629 unit_unref_uid_gid(u
, false);
631 (void) manager_update_failed_units(u
->manager
, u
, false);
632 set_remove(u
->manager
->startup_units
, u
);
634 unit_unwatch_all_pids(u
);
636 unit_ref_unset(&u
->slice
);
637 while (u
->refs_by_target
)
638 unit_ref_unset(u
->refs_by_target
);
640 if (u
->type
!= _UNIT_TYPE_INVALID
)
641 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
643 if (u
->in_load_queue
)
644 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
646 if (u
->in_dbus_queue
)
647 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
650 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
652 if (u
->in_cgroup_realize_queue
)
653 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
655 if (u
->in_cgroup_empty_queue
)
656 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
658 if (u
->in_cleanup_queue
)
659 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
661 if (u
->in_target_deps_queue
)
662 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
664 if (u
->in_stop_when_unneeded_queue
)
665 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
667 safe_close(u
->ip_accounting_ingress_map_fd
);
668 safe_close(u
->ip_accounting_egress_map_fd
);
670 safe_close(u
->ipv4_allow_map_fd
);
671 safe_close(u
->ipv6_allow_map_fd
);
672 safe_close(u
->ipv4_deny_map_fd
);
673 safe_close(u
->ipv6_deny_map_fd
);
675 bpf_program_unref(u
->ip_bpf_ingress
);
676 bpf_program_unref(u
->ip_bpf_ingress_installed
);
677 bpf_program_unref(u
->ip_bpf_egress
);
678 bpf_program_unref(u
->ip_bpf_egress_installed
);
680 bpf_program_unref(u
->bpf_device_control_installed
);
682 condition_free_list(u
->conditions
);
683 condition_free_list(u
->asserts
);
685 free(u
->description
);
686 strv_free(u
->documentation
);
687 free(u
->fragment_path
);
688 free(u
->source_path
);
689 strv_free(u
->dropin_paths
);
692 free(u
->job_timeout_reboot_arg
);
694 set_free_free(u
->names
);
701 UnitActiveState
unit_active_state(Unit
*u
) {
704 if (u
->load_state
== UNIT_MERGED
)
705 return unit_active_state(unit_follow_merge(u
));
707 /* After a reload it might happen that a unit is not correctly
708 * loaded but still has a process around. That's why we won't
709 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
711 return UNIT_VTABLE(u
)->active_state(u
);
714 const char* unit_sub_state_to_string(Unit
*u
) {
717 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
720 static int set_complete_move(Set
**s
, Set
**other
) {
728 return set_move(*s
, *other
);
730 *s
= TAKE_PTR(*other
);
735 static int hashmap_complete_move(Hashmap
**s
, Hashmap
**other
) {
743 return hashmap_move(*s
, *other
);
745 *s
= TAKE_PTR(*other
);
750 static int merge_names(Unit
*u
, Unit
*other
) {
758 r
= set_complete_move(&u
->names
, &other
->names
);
762 set_free_free(other
->names
);
766 SET_FOREACH(t
, u
->names
, i
)
767 assert_se(hashmap_replace(u
->manager
->units
, t
, u
) == 0);
772 static int reserve_dependencies(Unit
*u
, Unit
*other
, UnitDependency d
) {
777 assert(d
< _UNIT_DEPENDENCY_MAX
);
780 * If u does not have this dependency set allocated, there is no need
781 * to reserve anything. In that case other's set will be transferred
782 * as a whole to u by complete_move().
784 if (!u
->dependencies
[d
])
787 /* merge_dependencies() will skip a u-on-u dependency */
788 n_reserve
= hashmap_size(other
->dependencies
[d
]) - !!hashmap_get(other
->dependencies
[d
], u
);
790 return hashmap_reserve(u
->dependencies
[d
], n_reserve
);
793 static void merge_dependencies(Unit
*u
, Unit
*other
, const char *other_id
, UnitDependency d
) {
799 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
803 assert(d
< _UNIT_DEPENDENCY_MAX
);
805 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
806 HASHMAP_FOREACH_KEY(v
, back
, other
->dependencies
[d
], i
) {
809 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
810 * pointers back, and let's fix them up, to instead point to 'u'. */
812 for (k
= 0; k
< _UNIT_DEPENDENCY_MAX
; k
++) {
814 /* Do not add dependencies between u and itself. */
815 if (hashmap_remove(back
->dependencies
[k
], other
))
816 maybe_warn_about_dependency(u
, other_id
, k
);
818 UnitDependencyInfo di_u
, di_other
, di_merged
;
820 /* Let's drop this dependency between "back" and "other", and let's create it between
821 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
822 * and any such dependency which might already exist */
824 di_other
.data
= hashmap_get(back
->dependencies
[k
], other
);
826 continue; /* dependency isn't set, let's try the next one */
828 di_u
.data
= hashmap_get(back
->dependencies
[k
], u
);
830 di_merged
= (UnitDependencyInfo
) {
831 .origin_mask
= di_u
.origin_mask
| di_other
.origin_mask
,
832 .destination_mask
= di_u
.destination_mask
| di_other
.destination_mask
,
835 r
= hashmap_remove_and_replace(back
->dependencies
[k
], other
, u
, di_merged
.data
);
837 log_warning_errno(r
, "Failed to remove/replace: back=%s other=%s u=%s: %m", back
->id
, other_id
, u
->id
);
840 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
846 /* Also do not move dependencies on u to itself */
847 back
= hashmap_remove(other
->dependencies
[d
], u
);
849 maybe_warn_about_dependency(u
, other_id
, d
);
851 /* The move cannot fail. The caller must have performed a reservation. */
852 assert_se(hashmap_complete_move(&u
->dependencies
[d
], &other
->dependencies
[d
]) == 0);
854 other
->dependencies
[d
] = hashmap_free(other
->dependencies
[d
]);
857 int unit_merge(Unit
*u
, Unit
*other
) {
859 const char *other_id
= NULL
;
864 assert(u
->manager
== other
->manager
);
865 assert(u
->type
!= _UNIT_TYPE_INVALID
);
867 other
= unit_follow_merge(other
);
872 if (u
->type
!= other
->type
)
875 if (!u
->instance
!= !other
->instance
)
878 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
881 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
890 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
894 other_id
= strdupa(other
->id
);
896 /* Make reservations to ensure merge_dependencies() won't fail */
897 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
898 r
= reserve_dependencies(u
, other
, d
);
900 * We don't rollback reservations if we fail. We don't have
901 * a way to undo reservations. A reservation is not a leak.
908 r
= merge_names(u
, other
);
912 /* Redirect all references */
913 while (other
->refs_by_target
)
914 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
916 /* Merge dependencies */
917 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
918 merge_dependencies(u
, other
, other_id
, d
);
920 other
->load_state
= UNIT_MERGED
;
921 other
->merged_into
= u
;
923 /* If there is still some data attached to the other node, we
924 * don't need it anymore, and can free it. */
925 if (other
->load_state
!= UNIT_STUB
)
926 if (UNIT_VTABLE(other
)->done
)
927 UNIT_VTABLE(other
)->done(other
);
929 unit_add_to_dbus_queue(u
);
930 unit_add_to_cleanup_queue(other
);
935 int unit_merge_by_name(Unit
*u
, const char *name
) {
936 _cleanup_free_
char *s
= NULL
;
943 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
947 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
954 other
= manager_get_unit(u
->manager
, name
);
956 return unit_merge(u
, other
);
958 return unit_add_name(u
, name
);
961 Unit
* unit_follow_merge(Unit
*u
) {
964 while (u
->load_state
== UNIT_MERGED
)
965 assert_se(u
= u
->merged_into
);
970 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
971 ExecDirectoryType dt
;
978 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
979 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
984 if (c
->root_directory
) {
985 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
991 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
996 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
997 if (!u
->manager
->prefix
[dt
])
1000 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1001 _cleanup_free_
char *p
;
1003 p
= strjoin(u
->manager
->prefix
[dt
], "/", *dp
);
1007 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1013 if (!MANAGER_IS_SYSTEM(u
->manager
))
1016 if (c
->private_tmp
) {
1019 FOREACH_STRING(p
, "/tmp", "/var/tmp") {
1020 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1025 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1030 if (!IN_SET(c
->std_output
,
1031 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1032 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1033 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
) &&
1034 !IN_SET(c
->std_error
,
1035 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1036 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1037 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
))
1040 /* If syslog or kernel logging is requested, make sure our own
1041 * logging daemon is run first. */
1043 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1050 const char *unit_description(Unit
*u
) {
1054 return u
->description
;
1056 return strna(u
->id
);
1059 static void print_unit_dependency_mask(FILE *f
, const char *kind
, UnitDependencyMask mask
, bool *space
) {
1061 UnitDependencyMask mask
;
1064 { UNIT_DEPENDENCY_FILE
, "file" },
1065 { UNIT_DEPENDENCY_IMPLICIT
, "implicit" },
1066 { UNIT_DEPENDENCY_DEFAULT
, "default" },
1067 { UNIT_DEPENDENCY_UDEV
, "udev" },
1068 { UNIT_DEPENDENCY_PATH
, "path" },
1069 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT
, "mountinfo-implicit" },
1070 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
, "mountinfo-default" },
1071 { UNIT_DEPENDENCY_PROC_SWAP
, "proc-swap" },
1079 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
1084 if (FLAGS_SET(mask
, table
[i
].mask
)) {
1092 fputs(table
[i
].name
, f
);
1094 mask
&= ~table
[i
].mask
;
1101 void unit_dump(Unit
*u
, FILE *f
, const char *prefix
) {
1105 const char *prefix2
;
1107 timestamp0
[FORMAT_TIMESTAMP_MAX
],
1108 timestamp1
[FORMAT_TIMESTAMP_MAX
],
1109 timestamp2
[FORMAT_TIMESTAMP_MAX
],
1110 timestamp3
[FORMAT_TIMESTAMP_MAX
],
1111 timestamp4
[FORMAT_TIMESTAMP_MAX
],
1112 timespan
[FORMAT_TIMESPAN_MAX
];
1114 _cleanup_set_free_ Set
*following_set
= NULL
;
1120 assert(u
->type
>= 0);
1122 prefix
= strempty(prefix
);
1123 prefix2
= strjoina(prefix
, "\t");
1127 "%s\tDescription: %s\n"
1128 "%s\tInstance: %s\n"
1129 "%s\tUnit Load State: %s\n"
1130 "%s\tUnit Active State: %s\n"
1131 "%s\tState Change Timestamp: %s\n"
1132 "%s\tInactive Exit Timestamp: %s\n"
1133 "%s\tActive Enter Timestamp: %s\n"
1134 "%s\tActive Exit Timestamp: %s\n"
1135 "%s\tInactive Enter Timestamp: %s\n"
1137 "%s\tNeed Daemon Reload: %s\n"
1138 "%s\tTransient: %s\n"
1139 "%s\tPerpetual: %s\n"
1140 "%s\tGarbage Collection Mode: %s\n"
1143 "%s\tCGroup realized: %s\n",
1145 prefix
, unit_description(u
),
1146 prefix
, strna(u
->instance
),
1147 prefix
, unit_load_state_to_string(u
->load_state
),
1148 prefix
, unit_active_state_to_string(unit_active_state(u
)),
1149 prefix
, strna(format_timestamp(timestamp0
, sizeof(timestamp0
), u
->state_change_timestamp
.realtime
)),
1150 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->inactive_exit_timestamp
.realtime
)),
1151 prefix
, strna(format_timestamp(timestamp2
, sizeof(timestamp2
), u
->active_enter_timestamp
.realtime
)),
1152 prefix
, strna(format_timestamp(timestamp3
, sizeof(timestamp3
), u
->active_exit_timestamp
.realtime
)),
1153 prefix
, strna(format_timestamp(timestamp4
, sizeof(timestamp4
), u
->inactive_enter_timestamp
.realtime
)),
1154 prefix
, yes_no(unit_may_gc(u
)),
1155 prefix
, yes_no(unit_need_daemon_reload(u
)),
1156 prefix
, yes_no(u
->transient
),
1157 prefix
, yes_no(u
->perpetual
),
1158 prefix
, collect_mode_to_string(u
->collect_mode
),
1159 prefix
, strna(unit_slice_name(u
)),
1160 prefix
, strna(u
->cgroup_path
),
1161 prefix
, yes_no(u
->cgroup_realized
));
1163 if (u
->cgroup_realized_mask
!= 0) {
1164 _cleanup_free_
char *s
= NULL
;
1165 (void) cg_mask_to_string(u
->cgroup_realized_mask
, &s
);
1166 fprintf(f
, "%s\tCGroup realized mask: %s\n", prefix
, strnull(s
));
1169 if (u
->cgroup_enabled_mask
!= 0) {
1170 _cleanup_free_
char *s
= NULL
;
1171 (void) cg_mask_to_string(u
->cgroup_enabled_mask
, &s
);
1172 fprintf(f
, "%s\tCGroup enabled mask: %s\n", prefix
, strnull(s
));
1175 m
= unit_get_own_mask(u
);
1177 _cleanup_free_
char *s
= NULL
;
1178 (void) cg_mask_to_string(m
, &s
);
1179 fprintf(f
, "%s\tCGroup own mask: %s\n", prefix
, strnull(s
));
1182 m
= unit_get_members_mask(u
);
1184 _cleanup_free_
char *s
= NULL
;
1185 (void) cg_mask_to_string(m
, &s
);
1186 fprintf(f
, "%s\tCGroup members mask: %s\n", prefix
, strnull(s
));
1189 m
= unit_get_delegate_mask(u
);
1191 _cleanup_free_
char *s
= NULL
;
1192 (void) cg_mask_to_string(m
, &s
);
1193 fprintf(f
, "%s\tCGroup delegate mask: %s\n", prefix
, strnull(s
));
1196 SET_FOREACH(t
, u
->names
, i
)
1197 fprintf(f
, "%s\tName: %s\n", prefix
, t
);
1199 if (!sd_id128_is_null(u
->invocation_id
))
1200 fprintf(f
, "%s\tInvocation ID: " SD_ID128_FORMAT_STR
"\n",
1201 prefix
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
1203 STRV_FOREACH(j
, u
->documentation
)
1204 fprintf(f
, "%s\tDocumentation: %s\n", prefix
, *j
);
1206 following
= unit_following(u
);
1208 fprintf(f
, "%s\tFollowing: %s\n", prefix
, following
->id
);
1210 r
= unit_following_set(u
, &following_set
);
1214 SET_FOREACH(other
, following_set
, i
)
1215 fprintf(f
, "%s\tFollowing Set Member: %s\n", prefix
, other
->id
);
1218 if (u
->fragment_path
)
1219 fprintf(f
, "%s\tFragment Path: %s\n", prefix
, u
->fragment_path
);
1222 fprintf(f
, "%s\tSource Path: %s\n", prefix
, u
->source_path
);
1224 STRV_FOREACH(j
, u
->dropin_paths
)
1225 fprintf(f
, "%s\tDropIn Path: %s\n", prefix
, *j
);
1227 if (u
->failure_action
!= EMERGENCY_ACTION_NONE
)
1228 fprintf(f
, "%s\tFailure Action: %s\n", prefix
, emergency_action_to_string(u
->failure_action
));
1229 if (u
->failure_action_exit_status
>= 0)
1230 fprintf(f
, "%s\tFailure Action Exit Status: %i\n", prefix
, u
->failure_action_exit_status
);
1231 if (u
->success_action
!= EMERGENCY_ACTION_NONE
)
1232 fprintf(f
, "%s\tSuccess Action: %s\n", prefix
, emergency_action_to_string(u
->success_action
));
1233 if (u
->success_action_exit_status
>= 0)
1234 fprintf(f
, "%s\tSuccess Action Exit Status: %i\n", prefix
, u
->success_action_exit_status
);
1236 if (u
->job_timeout
!= USEC_INFINITY
)
1237 fprintf(f
, "%s\tJob Timeout: %s\n", prefix
, format_timespan(timespan
, sizeof(timespan
), u
->job_timeout
, 0));
1239 if (u
->job_timeout_action
!= EMERGENCY_ACTION_NONE
)
1240 fprintf(f
, "%s\tJob Timeout Action: %s\n", prefix
, emergency_action_to_string(u
->job_timeout_action
));
1242 if (u
->job_timeout_reboot_arg
)
1243 fprintf(f
, "%s\tJob Timeout Reboot Argument: %s\n", prefix
, u
->job_timeout_reboot_arg
);
1245 condition_dump_list(u
->conditions
, f
, prefix
, condition_type_to_string
);
1246 condition_dump_list(u
->asserts
, f
, prefix
, assert_type_to_string
);
1248 if (dual_timestamp_is_set(&u
->condition_timestamp
))
1250 "%s\tCondition Timestamp: %s\n"
1251 "%s\tCondition Result: %s\n",
1252 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->condition_timestamp
.realtime
)),
1253 prefix
, yes_no(u
->condition_result
));
1255 if (dual_timestamp_is_set(&u
->assert_timestamp
))
1257 "%s\tAssert Timestamp: %s\n"
1258 "%s\tAssert Result: %s\n",
1259 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->assert_timestamp
.realtime
)),
1260 prefix
, yes_no(u
->assert_result
));
1262 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
1263 UnitDependencyInfo di
;
1266 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
1269 fprintf(f
, "%s\t%s: %s (", prefix
, unit_dependency_to_string(d
), other
->id
);
1271 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1272 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1278 if (!hashmap_isempty(u
->requires_mounts_for
)) {
1279 UnitDependencyInfo di
;
1282 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1285 fprintf(f
, "%s\tRequiresMountsFor: %s (", prefix
, path
);
1287 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1288 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1294 if (u
->load_state
== UNIT_LOADED
) {
1297 "%s\tStopWhenUnneeded: %s\n"
1298 "%s\tRefuseManualStart: %s\n"
1299 "%s\tRefuseManualStop: %s\n"
1300 "%s\tDefaultDependencies: %s\n"
1301 "%s\tOnFailureJobMode: %s\n"
1302 "%s\tIgnoreOnIsolate: %s\n",
1303 prefix
, yes_no(u
->stop_when_unneeded
),
1304 prefix
, yes_no(u
->refuse_manual_start
),
1305 prefix
, yes_no(u
->refuse_manual_stop
),
1306 prefix
, yes_no(u
->default_dependencies
),
1307 prefix
, job_mode_to_string(u
->on_failure_job_mode
),
1308 prefix
, yes_no(u
->ignore_on_isolate
));
1310 if (UNIT_VTABLE(u
)->dump
)
1311 UNIT_VTABLE(u
)->dump(u
, f
, prefix2
);
1313 } else if (u
->load_state
== UNIT_MERGED
)
1315 "%s\tMerged into: %s\n",
1316 prefix
, u
->merged_into
->id
);
1317 else if (u
->load_state
== UNIT_ERROR
)
1318 fprintf(f
, "%s\tLoad Error Code: %s\n", prefix
, strerror(-u
->load_error
));
1320 for (n
= sd_bus_track_first(u
->bus_track
); n
; n
= sd_bus_track_next(u
->bus_track
))
1321 fprintf(f
, "%s\tBus Ref: %s\n", prefix
, n
);
1324 job_dump(u
->job
, f
, prefix2
);
1327 job_dump(u
->nop_job
, f
, prefix2
);
1330 /* Common implementation for multiple backends */
1331 int unit_load_fragment_and_dropin(Unit
*u
) {
1336 /* Load a .{service,socket,...} file */
1337 r
= unit_load_fragment(u
);
1341 if (u
->load_state
== UNIT_STUB
)
1344 /* Load drop-in directory data. If u is an alias, we might be reloading the
1345 * target unit needlessly. But we cannot be sure which drops-ins have already
1346 * been loaded and which not, at least without doing complicated book-keeping,
1347 * so let's always reread all drop-ins. */
1348 return unit_load_dropin(unit_follow_merge(u
));
1351 /* Common implementation for multiple backends */
1352 int unit_load_fragment_and_dropin_optional(Unit
*u
) {
1357 /* Same as unit_load_fragment_and_dropin(), but whether
1358 * something can be loaded or not doesn't matter. */
1360 /* Load a .service/.socket/.slice/… file */
1361 r
= unit_load_fragment(u
);
1365 if (u
->load_state
== UNIT_STUB
)
1366 u
->load_state
= UNIT_LOADED
;
1368 /* Load drop-in directory data */
1369 return unit_load_dropin(unit_follow_merge(u
));
1372 void unit_add_to_target_deps_queue(Unit
*u
) {
1373 Manager
*m
= u
->manager
;
1377 if (u
->in_target_deps_queue
)
1380 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1381 u
->in_target_deps_queue
= true;
1384 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1388 if (target
->type
!= UNIT_TARGET
)
1391 /* Only add the dependency if both units are loaded, so that
1392 * that loop check below is reliable */
1393 if (u
->load_state
!= UNIT_LOADED
||
1394 target
->load_state
!= UNIT_LOADED
)
1397 /* If either side wants no automatic dependencies, then let's
1399 if (!u
->default_dependencies
||
1400 !target
->default_dependencies
)
1403 /* Don't create loops */
1404 if (hashmap_get(target
->dependencies
[UNIT_BEFORE
], u
))
1407 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1410 static int unit_add_slice_dependencies(Unit
*u
) {
1411 UnitDependencyMask mask
;
1414 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1417 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1418 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1420 mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1422 if (UNIT_ISSET(u
->slice
))
1423 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, UNIT_DEREF(u
->slice
), true, mask
);
1425 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1428 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1431 static int unit_add_mount_dependencies(Unit
*u
) {
1432 UnitDependencyInfo di
;
1439 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1440 char prefix
[strlen(path
) + 1];
1442 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1443 _cleanup_free_
char *p
= NULL
;
1446 r
= unit_name_from_path(prefix
, ".mount", &p
);
1450 m
= manager_get_unit(u
->manager
, p
);
1452 /* Make sure to load the mount unit if
1453 * it exists. If so the dependencies
1454 * on this unit will be added later
1455 * during the loading of the mount
1457 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1463 if (m
->load_state
!= UNIT_LOADED
)
1466 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1470 if (m
->fragment_path
) {
1471 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1481 static int unit_add_startup_units(Unit
*u
) {
1485 c
= unit_get_cgroup_context(u
);
1489 if (c
->startup_cpu_shares
== CGROUP_CPU_SHARES_INVALID
&&
1490 c
->startup_io_weight
== CGROUP_WEIGHT_INVALID
&&
1491 c
->startup_blockio_weight
== CGROUP_BLKIO_WEIGHT_INVALID
)
1494 r
= set_ensure_allocated(&u
->manager
->startup_units
, NULL
);
1498 return set_put(u
->manager
->startup_units
, u
);
1501 int unit_load(Unit
*u
) {
1506 if (u
->in_load_queue
) {
1507 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1508 u
->in_load_queue
= false;
1511 if (u
->type
== _UNIT_TYPE_INVALID
)
1514 if (u
->load_state
!= UNIT_STUB
)
1517 if (u
->transient_file
) {
1518 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1519 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1521 r
= fflush_and_check(u
->transient_file
);
1525 u
->transient_file
= safe_fclose(u
->transient_file
);
1526 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1529 if (UNIT_VTABLE(u
)->load
) {
1530 r
= UNIT_VTABLE(u
)->load(u
);
1535 if (u
->load_state
== UNIT_STUB
) {
1540 if (u
->load_state
== UNIT_LOADED
) {
1541 unit_add_to_target_deps_queue(u
);
1543 r
= unit_add_slice_dependencies(u
);
1547 r
= unit_add_mount_dependencies(u
);
1551 r
= unit_add_startup_units(u
);
1555 if (u
->on_failure_job_mode
== JOB_ISOLATE
&& hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) > 1) {
1556 log_unit_error(u
, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1561 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1562 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1564 /* We finished loading, let's ensure our parents recalculate the members mask */
1565 unit_invalidate_cgroup_members_masks(u
);
1568 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1570 unit_add_to_dbus_queue(unit_follow_merge(u
));
1571 unit_add_to_gc_queue(u
);
1576 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1577 * return ENOEXEC to ensure units are placed in this state after loading */
1579 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1580 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1584 unit_add_to_dbus_queue(u
);
1585 unit_add_to_gc_queue(u
);
1587 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1590 static bool unit_condition_test_list(Unit
*u
, Condition
*first
, const char *(*to_string
)(ConditionType t
)) {
1597 /* If the condition list is empty, then it is true */
1601 /* Otherwise, if all of the non-trigger conditions apply and
1602 * if any of the trigger conditions apply (unless there are
1603 * none) we return true */
1604 LIST_FOREACH(conditions
, c
, first
) {
1607 r
= condition_test(c
);
1610 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1612 c
->trigger
? "|" : "",
1613 c
->negate
? "!" : "",
1619 c
->trigger
? "|" : "",
1620 c
->negate
? "!" : "",
1622 condition_result_to_string(c
->result
));
1624 if (!c
->trigger
&& r
<= 0)
1627 if (c
->trigger
&& triggered
<= 0)
1631 return triggered
!= 0;
1634 static bool unit_condition_test(Unit
*u
) {
1637 dual_timestamp_get(&u
->condition_timestamp
);
1638 u
->condition_result
= unit_condition_test_list(u
, u
->conditions
, condition_type_to_string
);
1640 return u
->condition_result
;
1643 static bool unit_assert_test(Unit
*u
) {
1646 dual_timestamp_get(&u
->assert_timestamp
);
1647 u
->assert_result
= unit_condition_test_list(u
, u
->asserts
, assert_type_to_string
);
1649 return u
->assert_result
;
1652 void unit_status_printf(Unit
*u
, const char *status
, const char *unit_status_msg_format
) {
1655 d
= unit_description(u
);
1656 if (log_get_show_color())
1657 d
= strjoina(ANSI_HIGHLIGHT
, d
, ANSI_NORMAL
);
1659 DISABLE_WARNING_FORMAT_NONLITERAL
;
1660 manager_status_printf(u
->manager
, STATUS_TYPE_NORMAL
, status
, unit_status_msg_format
, d
);
1664 int unit_start_limit_test(Unit
*u
) {
1669 if (ratelimit_below(&u
->start_limit
)) {
1670 u
->start_limit_hit
= false;
1674 log_unit_warning(u
, "Start request repeated too quickly.");
1675 u
->start_limit_hit
= true;
1677 reason
= strjoina("unit ", u
->id
, " failed");
1679 return emergency_action(u
->manager
, u
->start_limit_action
,
1680 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1681 u
->reboot_arg
, -1, reason
);
1684 bool unit_shall_confirm_spawn(Unit
*u
) {
1687 if (manager_is_confirm_spawn_disabled(u
->manager
))
1690 /* For some reasons units remaining in the same process group
1691 * as PID 1 fail to acquire the console even if it's not used
1692 * by any process. So skip the confirmation question for them. */
1693 return !unit_get_exec_context(u
)->same_pgrp
;
1696 static bool unit_verify_deps(Unit
*u
) {
1703 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1704 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1705 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1706 * conjunction with After= as for them any such check would make things entirely racy. */
1708 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], j
) {
1710 if (!hashmap_contains(u
->dependencies
[UNIT_AFTER
], other
))
1713 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1714 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1723 * -EBADR: This unit type does not support starting.
1724 * -EALREADY: Unit is already started.
1725 * -EAGAIN: An operation is already in progress. Retry later.
1726 * -ECANCELED: Too many requests for now.
1727 * -EPROTO: Assert failed
1728 * -EINVAL: Unit not loaded
1729 * -EOPNOTSUPP: Unit type not supported
1730 * -ENOLINK: The necessary dependencies are not fulfilled.
1731 * -ESTALE: This unit has been started before and can't be started a second time
1733 int unit_start(Unit
*u
) {
1734 UnitActiveState state
;
1739 /* If this is already started, then this will succeed. Note
1740 * that this will even succeed if this unit is not startable
1741 * by the user. This is relied on to detect when we need to
1742 * wait for units and when waiting is finished. */
1743 state
= unit_active_state(u
);
1744 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1747 /* Units that aren't loaded cannot be started */
1748 if (u
->load_state
!= UNIT_LOADED
)
1751 /* Refuse starting scope units more than once */
1752 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1755 /* If the conditions failed, don't do anything at all. If we
1756 * already are activating this call might still be useful to
1757 * speed up activation in case there is some hold-off time,
1758 * but we don't want to recheck the condition in that case. */
1759 if (state
!= UNIT_ACTIVATING
&&
1760 !unit_condition_test(u
)) {
1761 log_unit_debug(u
, "Starting requested but condition failed. Not starting unit.");
1765 /* If the asserts failed, fail the entire job */
1766 if (state
!= UNIT_ACTIVATING
&&
1767 !unit_assert_test(u
)) {
1768 log_unit_notice(u
, "Starting requested but asserts failed.");
1772 /* Units of types that aren't supported cannot be
1773 * started. Note that we do this test only after the condition
1774 * checks, so that we rather return condition check errors
1775 * (which are usually not considered a true failure) than "not
1776 * supported" errors (which are considered a failure).
1778 if (!unit_supported(u
))
1781 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1782 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1783 * effect anymore, due to a reload or due to a failed condition. */
1784 if (!unit_verify_deps(u
))
1787 /* Forward to the main object, if we aren't it. */
1788 following
= unit_following(u
);
1790 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1791 return unit_start(following
);
1794 /* If it is stopped, but we cannot start it, then fail */
1795 if (!UNIT_VTABLE(u
)->start
)
1798 /* We don't suppress calls to ->start() here when we are
1799 * already starting, to allow this request to be used as a
1800 * "hurry up" call, for example when the unit is in some "auto
1801 * restart" state where it waits for a holdoff timer to elapse
1802 * before it will start again. */
1804 unit_add_to_dbus_queue(u
);
1806 return UNIT_VTABLE(u
)->start(u
);
1809 bool unit_can_start(Unit
*u
) {
1812 if (u
->load_state
!= UNIT_LOADED
)
1815 if (!unit_supported(u
))
1818 /* Scope units may be started only once */
1819 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1822 return !!UNIT_VTABLE(u
)->start
;
1825 bool unit_can_isolate(Unit
*u
) {
1828 return unit_can_start(u
) &&
1833 * -EBADR: This unit type does not support stopping.
1834 * -EALREADY: Unit is already stopped.
1835 * -EAGAIN: An operation is already in progress. Retry later.
1837 int unit_stop(Unit
*u
) {
1838 UnitActiveState state
;
1843 state
= unit_active_state(u
);
1844 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1847 following
= unit_following(u
);
1849 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1850 return unit_stop(following
);
1853 if (!UNIT_VTABLE(u
)->stop
)
1856 unit_add_to_dbus_queue(u
);
1858 return UNIT_VTABLE(u
)->stop(u
);
1861 bool unit_can_stop(Unit
*u
) {
1864 if (!unit_supported(u
))
1870 return !!UNIT_VTABLE(u
)->stop
;
1874 * -EBADR: This unit type does not support reloading.
1875 * -ENOEXEC: Unit is not started.
1876 * -EAGAIN: An operation is already in progress. Retry later.
1878 int unit_reload(Unit
*u
) {
1879 UnitActiveState state
;
1884 if (u
->load_state
!= UNIT_LOADED
)
1887 if (!unit_can_reload(u
))
1890 state
= unit_active_state(u
);
1891 if (state
== UNIT_RELOADING
)
1894 if (state
!= UNIT_ACTIVE
) {
1895 log_unit_warning(u
, "Unit cannot be reloaded because it is inactive.");
1899 following
= unit_following(u
);
1901 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
1902 return unit_reload(following
);
1905 unit_add_to_dbus_queue(u
);
1907 if (!UNIT_VTABLE(u
)->reload
) {
1908 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1909 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
1913 return UNIT_VTABLE(u
)->reload(u
);
1916 bool unit_can_reload(Unit
*u
) {
1919 if (UNIT_VTABLE(u
)->can_reload
)
1920 return UNIT_VTABLE(u
)->can_reload(u
);
1922 if (!hashmap_isempty(u
->dependencies
[UNIT_PROPAGATES_RELOAD_TO
]))
1925 return UNIT_VTABLE(u
)->reload
;
1928 bool unit_is_unneeded(Unit
*u
) {
1929 static const UnitDependency deps
[] = {
1939 if (!u
->stop_when_unneeded
)
1942 /* Don't clean up while the unit is transitioning or is even inactive. */
1943 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
1948 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
1953 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
1954 * restart, then don't clean this one up. */
1956 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
) {
1960 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1963 if (unit_will_restart(other
))
1971 static void check_unneeded_dependencies(Unit
*u
) {
1973 static const UnitDependency deps
[] = {
1983 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
1985 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
1990 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
)
1991 unit_submit_to_stop_when_unneeded_queue(other
);
1995 static void unit_check_binds_to(Unit
*u
) {
1996 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2008 if (unit_active_state(u
) != UNIT_ACTIVE
)
2011 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
) {
2015 if (!other
->coldplugged
)
2016 /* We might yet create a job for the other unit… */
2019 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2029 /* If stopping a unit fails continuously we might enter a stop
2030 * loop here, hence stop acting on the service being
2031 * unnecessary after a while. */
2032 if (!ratelimit_below(&u
->auto_stop_ratelimit
)) {
2033 log_unit_warning(u
, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other
->id
);
2038 log_unit_info(u
, "Unit is bound to inactive unit %s. Stopping, too.", other
->id
);
2040 /* A unit we need to run is gone. Sniff. Let's stop this. */
2041 r
= manager_add_job(u
->manager
, JOB_STOP
, u
, JOB_FAIL
, &error
, NULL
);
2043 log_unit_warning_errno(u
, r
, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error
, r
));
2046 static void retroactively_start_dependencies(Unit
*u
) {
2052 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2054 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REQUIRES
], i
)
2055 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2056 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2057 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
);
2059 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
)
2060 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2061 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2062 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
);
2064 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_WANTS
], i
)
2065 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2066 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2067 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
);
2069 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTS
], i
)
2070 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2071 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2073 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTED_BY
], i
)
2074 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2075 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2078 static void retroactively_stop_dependencies(Unit
*u
) {
2084 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2086 /* Pull down units which are bound to us recursively if enabled */
2087 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BOUND_BY
], i
)
2088 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2089 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2092 void unit_start_on_failure(Unit
*u
) {
2100 if (hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) <= 0)
2103 log_unit_info(u
, "Triggering OnFailure= dependencies.");
2105 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_ON_FAILURE
], i
) {
2106 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2108 r
= manager_add_job(u
->manager
, JOB_START
, other
, u
->on_failure_job_mode
, &error
, NULL
);
2110 log_unit_warning_errno(u
, r
, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error
, r
));
2114 void unit_trigger_notify(Unit
*u
) {
2121 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_TRIGGERED_BY
], i
)
2122 if (UNIT_VTABLE(other
)->trigger_notify
)
2123 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2126 static int unit_log_resources(Unit
*u
) {
2127 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ 4];
2128 bool any_traffic
= false, have_ip_accounting
= false;
2129 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
;
2130 size_t n_message_parts
= 0, n_iovec
= 0;
2131 char* message_parts
[3 + 1], *t
;
2132 nsec_t nsec
= NSEC_INFINITY
;
2133 CGroupIPAccountingMetric m
;
2136 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2137 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2138 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2139 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2140 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2145 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2146 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2147 * information and the complete data in structured fields. */
2149 (void) unit_get_cpu_usage(u
, &nsec
);
2150 if (nsec
!= NSEC_INFINITY
) {
2151 char buf
[FORMAT_TIMESPAN_MAX
] = "";
2153 /* Format the CPU time for inclusion in the structured log message */
2154 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2158 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2160 /* Format the CPU time for inclusion in the human language message string */
2161 format_timespan(buf
, sizeof(buf
), nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
);
2162 t
= strjoin("consumed ", buf
, " CPU time");
2168 message_parts
[n_message_parts
++] = t
;
2171 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2172 char buf
[FORMAT_BYTES_MAX
] = "";
2173 uint64_t value
= UINT64_MAX
;
2175 assert(ip_fields
[m
]);
2177 (void) unit_get_ip_accounting(u
, m
, &value
);
2178 if (value
== UINT64_MAX
)
2181 have_ip_accounting
= true;
2185 /* Format IP accounting data for inclusion in the structured log message */
2186 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2190 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2192 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2193 * bytes counters (and not for the packets counters) */
2194 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2196 igress
= strjoin("received ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2201 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2203 egress
= strjoin("sent ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2211 if (have_ip_accounting
) {
2214 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2216 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2221 k
= strdup("no IP traffic");
2227 message_parts
[n_message_parts
++] = k
;
2231 /* Is there any accounting data available at all? */
2237 if (n_message_parts
== 0)
2238 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2240 _cleanup_free_
char *joined
;
2242 message_parts
[n_message_parts
] = NULL
;
2244 joined
= strv_join(message_parts
, ", ");
2250 joined
[0] = ascii_toupper(joined
[0]);
2251 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2254 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2255 * and hence don't increase n_iovec for them */
2256 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2257 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2259 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2260 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2262 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2263 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2265 log_struct_iovec(LOG_INFO
, iovec
, n_iovec
+ 4);
2269 for (i
= 0; i
< n_message_parts
; i
++)
2270 free(message_parts
[i
]);
2272 for (i
= 0; i
< n_iovec
; i
++)
2273 free(iovec
[i
].iov_base
);
2279 static void unit_update_on_console(Unit
*u
) {
2284 b
= unit_needs_console(u
);
2285 if (u
->on_console
== b
)
2290 manager_ref_console(u
->manager
);
2292 manager_unref_console(u
->manager
);
2295 static void unit_emit_audit_start(Unit
*u
) {
2298 if (u
->type
!= UNIT_SERVICE
)
2301 /* Write audit record if we have just finished starting up */
2302 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2306 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2309 if (u
->type
!= UNIT_SERVICE
)
2313 /* Write audit record if we have just finished shutting down */
2314 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2315 u
->in_audit
= false;
2317 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2318 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2320 if (state
== UNIT_INACTIVE
)
2321 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2325 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2331 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2332 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2334 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2335 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2336 * remounted this function will be called too! */
2340 /* Update timestamps for state changes */
2341 if (!MANAGER_IS_RELOADING(m
)) {
2342 dual_timestamp_get(&u
->state_change_timestamp
);
2344 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2345 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2346 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2347 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2349 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2350 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2351 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2352 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2355 /* Keep track of failed units */
2356 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2358 /* Make sure the cgroup and state files are always removed when we become inactive */
2359 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2360 unit_prune_cgroup(u
);
2361 unit_unlink_state_files(u
);
2364 unit_update_on_console(u
);
2369 if (u
->job
->state
== JOB_WAITING
)
2371 /* So we reached a different state for this
2372 * job. Let's see if we can run it now if it
2373 * failed previously due to EAGAIN. */
2374 job_add_to_run_queue(u
->job
);
2376 /* Let's check whether this state change constitutes a
2377 * finished job, or maybe contradicts a running job and
2378 * hence needs to invalidate jobs. */
2380 switch (u
->job
->type
) {
2383 case JOB_VERIFY_ACTIVE
:
2385 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2386 job_finish_and_invalidate(u
->job
, JOB_DONE
, true, false);
2387 else if (u
->job
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2390 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2391 job_finish_and_invalidate(u
->job
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2397 case JOB_RELOAD_OR_START
:
2398 case JOB_TRY_RELOAD
:
2400 if (u
->job
->state
== JOB_RUNNING
) {
2401 if (ns
== UNIT_ACTIVE
)
2402 job_finish_and_invalidate(u
->job
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2403 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2406 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2407 job_finish_and_invalidate(u
->job
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2415 case JOB_TRY_RESTART
:
2417 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2418 job_finish_and_invalidate(u
->job
, JOB_DONE
, true, false);
2419 else if (u
->job
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2421 job_finish_and_invalidate(u
->job
, JOB_FAILED
, true, false);
2427 assert_not_reached("Job type unknown");
2433 if (!MANAGER_IS_RELOADING(m
)) {
2435 /* If this state change happened without being
2436 * requested by a job, then let's retroactively start
2437 * or stop dependencies. We skip that step when
2438 * deserializing, since we don't want to create any
2439 * additional jobs just because something is already
2443 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2444 retroactively_start_dependencies(u
);
2445 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2446 retroactively_stop_dependencies(u
);
2449 /* stop unneeded units regardless if going down was expected or not */
2450 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2451 check_unneeded_dependencies(u
);
2453 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2454 log_unit_debug(u
, "Unit entered failed state.");
2456 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2457 unit_start_on_failure(u
);
2460 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2461 /* This unit just finished starting up */
2463 unit_emit_audit_start(u
);
2464 manager_send_unit_plymouth(m
, u
);
2467 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2468 /* This unit just stopped/failed. */
2470 unit_emit_audit_stop(u
, ns
);
2471 unit_log_resources(u
);
2475 manager_recheck_journal(m
);
2476 manager_recheck_dbus(m
);
2478 unit_trigger_notify(u
);
2480 if (!MANAGER_IS_RELOADING(m
)) {
2481 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2482 unit_submit_to_stop_when_unneeded_queue(u
);
2484 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2485 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2486 * without ever entering started.) */
2487 unit_check_binds_to(u
);
2489 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2490 reason
= strjoina("unit ", u
->id
, " failed");
2491 (void) emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2492 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2493 reason
= strjoina("unit ", u
->id
, " succeeded");
2494 (void) emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2498 unit_add_to_dbus_queue(u
);
2499 unit_add_to_gc_queue(u
);
2502 int unit_watch_pid(Unit
*u
, pid_t pid
) {
2506 assert(pid_is_valid(pid
));
2508 /* Watch a specific PID */
2510 r
= set_ensure_allocated(&u
->pids
, NULL
);
2514 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2518 /* First try, let's add the unit keyed by "pid". */
2519 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2525 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2526 * to an array of Units rather than just a Unit), lists us already. */
2528 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2530 for (; array
[n
]; n
++)
2534 if (found
) /* Found it already? if so, do nothing */
2539 /* Allocate a new array */
2540 new_array
= new(Unit
*, n
+ 2);
2544 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2546 new_array
[n
+1] = NULL
;
2548 /* Add or replace the old array */
2549 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2560 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2567 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2571 assert(pid_is_valid(pid
));
2573 /* First let's drop the unit in case it's keyed as "pid". */
2574 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2576 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2577 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2581 /* Let's iterate through the array, dropping our own entry */
2582 for (n
= 0; array
[n
]; n
++)
2584 array
[m
++] = array
[n
];
2588 /* The array is now empty, remove the entire entry */
2589 assert(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2594 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2597 void unit_unwatch_all_pids(Unit
*u
) {
2600 while (!set_isempty(u
->pids
))
2601 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2603 u
->pids
= set_free(u
->pids
);
2606 static void unit_tidy_watch_pids(Unit
*u
) {
2607 pid_t except1
, except2
;
2613 /* Cleans dead PIDs from our list */
2615 except1
= unit_main_pid(u
);
2616 except2
= unit_control_pid(u
);
2618 SET_FOREACH(e
, u
->pids
, i
) {
2619 pid_t pid
= PTR_TO_PID(e
);
2621 if (pid
== except1
|| pid
== except2
)
2624 if (!pid_is_unwaited(pid
))
2625 unit_unwatch_pid(u
, pid
);
2629 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2635 unit_tidy_watch_pids(u
);
2636 unit_watch_all_pids(u
);
2638 /* If the PID set is empty now, then let's finish this off. */
2639 unit_synthesize_cgroup_empty_event(u
);
2644 int unit_enqueue_rewatch_pids(Unit
*u
) {
2649 if (!u
->cgroup_path
)
2652 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2655 if (r
> 0) /* On unified we can use proper notifications */
2658 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2659 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2660 * involves issuing kill(pid, 0) on all processes we watch. */
2662 if (!u
->rewatch_pids_event_source
) {
2663 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2665 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2667 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2669 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2671 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: m");
2673 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2675 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2678 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2680 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2685 void unit_dequeue_rewatch_pids(Unit
*u
) {
2689 if (!u
->rewatch_pids_event_source
)
2692 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2694 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2696 u
->rewatch_pids_event_source
= sd_event_source_unref(u
->rewatch_pids_event_source
);
2699 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2701 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2705 case JOB_VERIFY_ACTIVE
:
2708 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2709 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2714 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2715 * external events), hence it makes no sense to permit enqueing such a request either. */
2716 return !u
->perpetual
;
2719 case JOB_TRY_RESTART
:
2720 return unit_can_stop(u
) && unit_can_start(u
);
2723 case JOB_TRY_RELOAD
:
2724 return unit_can_reload(u
);
2726 case JOB_RELOAD_OR_START
:
2727 return unit_can_reload(u
) && unit_can_start(u
);
2730 assert_not_reached("Invalid job type");
2734 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
) {
2737 /* Only warn about some unit types */
2738 if (!IN_SET(dependency
, UNIT_CONFLICTS
, UNIT_CONFLICTED_BY
, UNIT_BEFORE
, UNIT_AFTER
, UNIT_ON_FAILURE
, UNIT_TRIGGERS
, UNIT_TRIGGERED_BY
))
2741 if (streq_ptr(u
->id
, other
))
2742 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
2744 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other
), u
->id
);
2747 static int unit_add_dependency_hashmap(
2750 UnitDependencyMask origin_mask
,
2751 UnitDependencyMask destination_mask
) {
2753 UnitDependencyInfo info
;
2758 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2759 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2760 assert(origin_mask
> 0 || destination_mask
> 0);
2762 r
= hashmap_ensure_allocated(h
, NULL
);
2766 assert_cc(sizeof(void*) == sizeof(info
));
2768 info
.data
= hashmap_get(*h
, other
);
2770 /* Entry already exists. Add in our mask. */
2772 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
2773 FLAGS_SET(destination_mask
, info
.destination_mask
))
2776 info
.origin_mask
|= origin_mask
;
2777 info
.destination_mask
|= destination_mask
;
2779 r
= hashmap_update(*h
, other
, info
.data
);
2781 info
= (UnitDependencyInfo
) {
2782 .origin_mask
= origin_mask
,
2783 .destination_mask
= destination_mask
,
2786 r
= hashmap_put(*h
, other
, info
.data
);
2794 int unit_add_dependency(
2799 UnitDependencyMask mask
) {
2801 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
2802 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
2803 [UNIT_WANTS
] = UNIT_WANTED_BY
,
2804 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
2805 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
2806 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
2807 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
2808 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
2809 [UNIT_WANTED_BY
] = UNIT_WANTS
,
2810 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
2811 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
2812 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
2813 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
2814 [UNIT_BEFORE
] = UNIT_AFTER
,
2815 [UNIT_AFTER
] = UNIT_BEFORE
,
2816 [UNIT_ON_FAILURE
] = _UNIT_DEPENDENCY_INVALID
,
2817 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
2818 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
2819 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
2820 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
2821 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
2822 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
2823 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
,
2825 Unit
*original_u
= u
, *original_other
= other
;
2829 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
2832 u
= unit_follow_merge(u
);
2833 other
= unit_follow_merge(other
);
2835 /* We won't allow dependencies on ourselves. We will not
2836 * consider them an error however. */
2838 maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
2842 if ((d
== UNIT_BEFORE
&& other
->type
== UNIT_DEVICE
) ||
2843 (d
== UNIT_AFTER
&& u
->type
== UNIT_DEVICE
)) {
2844 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
2848 r
= unit_add_dependency_hashmap(u
->dependencies
+ d
, other
, mask
, 0);
2852 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
2853 r
= unit_add_dependency_hashmap(other
->dependencies
+ inverse_table
[d
], u
, 0, mask
);
2858 if (add_reference
) {
2859 r
= unit_add_dependency_hashmap(u
->dependencies
+ UNIT_REFERENCES
, other
, mask
, 0);
2863 r
= unit_add_dependency_hashmap(other
->dependencies
+ UNIT_REFERENCED_BY
, u
, 0, mask
);
2868 unit_add_to_dbus_queue(u
);
2872 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
2877 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
2881 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
2884 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
2892 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
2899 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
2901 _cleanup_free_
char *i
= NULL
;
2903 r
= unit_name_to_prefix(u
->id
, &i
);
2907 r
= unit_name_replace_instance(name
, i
, buf
);
2916 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
2917 _cleanup_free_
char *buf
= NULL
;
2924 r
= resolve_template(u
, name
, &buf
, &name
);
2928 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
2932 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
2935 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
2936 _cleanup_free_
char *buf
= NULL
;
2943 r
= resolve_template(u
, name
, &buf
, &name
);
2947 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
2951 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
2954 int set_unit_path(const char *p
) {
2955 /* This is mostly for debug purposes */
2956 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
2962 char *unit_dbus_path(Unit
*u
) {
2968 return unit_dbus_path_from_name(u
->id
);
2971 char *unit_dbus_path_invocation_id(Unit
*u
) {
2974 if (sd_id128_is_null(u
->invocation_id
))
2977 return unit_dbus_path_from_name(u
->invocation_id_string
);
2980 int unit_set_slice(Unit
*u
, Unit
*slice
) {
2984 /* Sets the unit slice if it has not been set before. Is extra
2985 * careful, to only allow this for units that actually have a
2986 * cgroup context. Also, we don't allow to set this for slices
2987 * (since the parent slice is derived from the name). Make
2988 * sure the unit we set is actually a slice. */
2990 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
2993 if (u
->type
== UNIT_SLICE
)
2996 if (unit_active_state(u
) != UNIT_INACTIVE
)
2999 if (slice
->type
!= UNIT_SLICE
)
3002 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3003 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3006 if (UNIT_DEREF(u
->slice
) == slice
)
3009 /* Disallow slice changes if @u is already bound to cgroups */
3010 if (UNIT_ISSET(u
->slice
) && u
->cgroup_realized
)
3013 unit_ref_set(&u
->slice
, u
, slice
);
3017 int unit_set_default_slice(Unit
*u
) {
3018 const char *slice_name
;
3024 if (UNIT_ISSET(u
->slice
))
3028 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3030 /* Implicitly place all instantiated units in their
3031 * own per-template slice */
3033 r
= unit_name_to_prefix(u
->id
, &prefix
);
3037 /* The prefix is already escaped, but it might include
3038 * "-" which has a special meaning for slice units,
3039 * hence escape it here extra. */
3040 escaped
= unit_name_escape(prefix
);
3044 if (MANAGER_IS_SYSTEM(u
->manager
))
3045 slice_name
= strjoina("system-", escaped
, ".slice");
3047 slice_name
= strjoina(escaped
, ".slice");
3050 MANAGER_IS_SYSTEM(u
->manager
) && !unit_has_name(u
, SPECIAL_INIT_SCOPE
)
3051 ? SPECIAL_SYSTEM_SLICE
3052 : SPECIAL_ROOT_SLICE
;
3054 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3058 return unit_set_slice(u
, slice
);
3061 const char *unit_slice_name(Unit
*u
) {
3064 if (!UNIT_ISSET(u
->slice
))
3067 return UNIT_DEREF(u
->slice
)->id
;
3070 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3071 _cleanup_free_
char *t
= NULL
;
3078 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3081 if (unit_has_name(u
, t
))
3084 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3085 assert(r
< 0 || *_found
!= u
);
3089 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3090 const char *name
, *old_owner
, *new_owner
;
3097 r
= sd_bus_message_read(message
, "sss", &name
, &old_owner
, &new_owner
);
3099 bus_log_parse_error(r
);
3103 old_owner
= empty_to_null(old_owner
);
3104 new_owner
= empty_to_null(new_owner
);
3106 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3107 UNIT_VTABLE(u
)->bus_name_owner_change(u
, name
, old_owner
, new_owner
);
3112 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3119 if (u
->match_bus_slot
)
3122 match
= strjoina("type='signal',"
3123 "sender='org.freedesktop.DBus',"
3124 "path='/org/freedesktop/DBus',"
3125 "interface='org.freedesktop.DBus',"
3126 "member='NameOwnerChanged',"
3127 "arg0='", name
, "'");
3129 return sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3132 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3138 /* Watch a specific name on the bus. We only support one unit
3139 * watching each name for now. */
3141 if (u
->manager
->api_bus
) {
3142 /* If the bus is already available, install the match directly.
3143 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3144 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3146 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3149 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3151 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3152 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3158 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3162 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3163 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3166 bool unit_can_serialize(Unit
*u
) {
3169 return UNIT_VTABLE(u
)->serialize
&& UNIT_VTABLE(u
)->deserialize_item
;
3172 static int serialize_cgroup_mask(FILE *f
, const char *key
, CGroupMask mask
) {
3173 _cleanup_free_
char *s
= NULL
;
3182 r
= cg_mask_to_string(mask
, &s
);
3184 return log_error_errno(r
, "Failed to format cgroup mask: %m");
3186 return serialize_item(f
, key
, s
);
3189 static const char *ip_accounting_metric_field
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
3190 [CGROUP_IP_INGRESS_BYTES
] = "ip-accounting-ingress-bytes",
3191 [CGROUP_IP_INGRESS_PACKETS
] = "ip-accounting-ingress-packets",
3192 [CGROUP_IP_EGRESS_BYTES
] = "ip-accounting-egress-bytes",
3193 [CGROUP_IP_EGRESS_PACKETS
] = "ip-accounting-egress-packets",
3196 int unit_serialize(Unit
*u
, FILE *f
, FDSet
*fds
, bool serialize_jobs
) {
3197 CGroupIPAccountingMetric m
;
3204 if (unit_can_serialize(u
)) {
3205 r
= UNIT_VTABLE(u
)->serialize(u
, f
, fds
);
3210 (void) serialize_dual_timestamp(f
, "state-change-timestamp", &u
->state_change_timestamp
);
3212 (void) serialize_dual_timestamp(f
, "inactive-exit-timestamp", &u
->inactive_exit_timestamp
);
3213 (void) serialize_dual_timestamp(f
, "active-enter-timestamp", &u
->active_enter_timestamp
);
3214 (void) serialize_dual_timestamp(f
, "active-exit-timestamp", &u
->active_exit_timestamp
);
3215 (void) serialize_dual_timestamp(f
, "inactive-enter-timestamp", &u
->inactive_enter_timestamp
);
3217 (void) serialize_dual_timestamp(f
, "condition-timestamp", &u
->condition_timestamp
);
3218 (void) serialize_dual_timestamp(f
, "assert-timestamp", &u
->assert_timestamp
);
3220 if (dual_timestamp_is_set(&u
->condition_timestamp
))
3221 (void) serialize_bool(f
, "condition-result", u
->condition_result
);
3223 if (dual_timestamp_is_set(&u
->assert_timestamp
))
3224 (void) serialize_bool(f
, "assert-result", u
->assert_result
);
3226 (void) serialize_bool(f
, "transient", u
->transient
);
3227 (void) serialize_bool(f
, "in-audit", u
->in_audit
);
3229 (void) serialize_bool(f
, "exported-invocation-id", u
->exported_invocation_id
);
3230 (void) serialize_bool(f
, "exported-log-level-max", u
->exported_log_level_max
);
3231 (void) serialize_bool(f
, "exported-log-extra-fields", u
->exported_log_extra_fields
);
3232 (void) serialize_bool(f
, "exported-log-rate-limit-interval", u
->exported_log_rate_limit_interval
);
3233 (void) serialize_bool(f
, "exported-log-rate-limit-burst", u
->exported_log_rate_limit_burst
);
3235 (void) serialize_item_format(f
, "cpu-usage-base", "%" PRIu64
, u
->cpu_usage_base
);
3236 if (u
->cpu_usage_last
!= NSEC_INFINITY
)
3237 (void) serialize_item_format(f
, "cpu-usage-last", "%" PRIu64
, u
->cpu_usage_last
);
3240 (void) serialize_item(f
, "cgroup", u
->cgroup_path
);
3242 (void) serialize_bool(f
, "cgroup-realized", u
->cgroup_realized
);
3243 (void) serialize_cgroup_mask(f
, "cgroup-realized-mask", u
->cgroup_realized_mask
);
3244 (void) serialize_cgroup_mask(f
, "cgroup-enabled-mask", u
->cgroup_enabled_mask
);
3245 (void) serialize_cgroup_mask(f
, "cgroup-invalidated-mask", u
->cgroup_invalidated_mask
);
3247 if (uid_is_valid(u
->ref_uid
))
3248 (void) serialize_item_format(f
, "ref-uid", UID_FMT
, u
->ref_uid
);
3249 if (gid_is_valid(u
->ref_gid
))
3250 (void) serialize_item_format(f
, "ref-gid", GID_FMT
, u
->ref_gid
);
3252 if (!sd_id128_is_null(u
->invocation_id
))
3253 (void) serialize_item_format(f
, "invocation-id", SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
3255 bus_track_serialize(u
->bus_track
, f
, "ref");
3257 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
3260 r
= unit_get_ip_accounting(u
, m
, &v
);
3262 (void) serialize_item_format(f
, ip_accounting_metric_field
[m
], "%" PRIu64
, v
);
3265 if (serialize_jobs
) {
3268 job_serialize(u
->job
, f
);
3273 job_serialize(u
->nop_job
, f
);
3282 int unit_deserialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
3290 _cleanup_free_
char *line
= NULL
;
3291 CGroupIPAccountingMetric m
;
3295 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3297 return log_error_errno(r
, "Failed to read serialization line: %m");
3298 if (r
== 0) /* eof */
3302 if (isempty(l
)) /* End marker */
3305 k
= strcspn(l
, "=");
3313 if (streq(l
, "job")) {
3315 /* new-style serialized job */
3322 r
= job_deserialize(j
, f
);
3328 r
= hashmap_put(u
->manager
->jobs
, UINT32_TO_PTR(j
->id
), j
);
3334 r
= job_install_deserialized(j
);
3336 hashmap_remove(u
->manager
->jobs
, UINT32_TO_PTR(j
->id
));
3340 } else /* legacy for pre-44 */
3341 log_unit_warning(u
, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v
);
3343 } else if (streq(l
, "state-change-timestamp")) {
3344 (void) deserialize_dual_timestamp(v
, &u
->state_change_timestamp
);
3346 } else if (streq(l
, "inactive-exit-timestamp")) {
3347 (void) deserialize_dual_timestamp(v
, &u
->inactive_exit_timestamp
);
3349 } else if (streq(l
, "active-enter-timestamp")) {
3350 (void) deserialize_dual_timestamp(v
, &u
->active_enter_timestamp
);
3352 } else if (streq(l
, "active-exit-timestamp")) {
3353 (void) deserialize_dual_timestamp(v
, &u
->active_exit_timestamp
);
3355 } else if (streq(l
, "inactive-enter-timestamp")) {
3356 (void) deserialize_dual_timestamp(v
, &u
->inactive_enter_timestamp
);
3358 } else if (streq(l
, "condition-timestamp")) {
3359 (void) deserialize_dual_timestamp(v
, &u
->condition_timestamp
);
3361 } else if (streq(l
, "assert-timestamp")) {
3362 (void) deserialize_dual_timestamp(v
, &u
->assert_timestamp
);
3364 } else if (streq(l
, "condition-result")) {
3366 r
= parse_boolean(v
);
3368 log_unit_debug(u
, "Failed to parse condition result value %s, ignoring.", v
);
3370 u
->condition_result
= r
;
3374 } else if (streq(l
, "assert-result")) {
3376 r
= parse_boolean(v
);
3378 log_unit_debug(u
, "Failed to parse assert result value %s, ignoring.", v
);
3380 u
->assert_result
= r
;
3384 } else if (streq(l
, "transient")) {
3386 r
= parse_boolean(v
);
3388 log_unit_debug(u
, "Failed to parse transient bool %s, ignoring.", v
);
3394 } else if (streq(l
, "in-audit")) {
3396 r
= parse_boolean(v
);
3398 log_unit_debug(u
, "Failed to parse in-audit bool %s, ignoring.", v
);
3404 } else if (streq(l
, "exported-invocation-id")) {
3406 r
= parse_boolean(v
);
3408 log_unit_debug(u
, "Failed to parse exported invocation ID bool %s, ignoring.", v
);
3410 u
->exported_invocation_id
= r
;
3414 } else if (streq(l
, "exported-log-level-max")) {
3416 r
= parse_boolean(v
);
3418 log_unit_debug(u
, "Failed to parse exported log level max bool %s, ignoring.", v
);
3420 u
->exported_log_level_max
= r
;
3424 } else if (streq(l
, "exported-log-extra-fields")) {
3426 r
= parse_boolean(v
);
3428 log_unit_debug(u
, "Failed to parse exported log extra fields bool %s, ignoring.", v
);
3430 u
->exported_log_extra_fields
= r
;
3434 } else if (streq(l
, "exported-log-rate-limit-interval")) {
3436 r
= parse_boolean(v
);
3438 log_unit_debug(u
, "Failed to parse exported log rate limit interval %s, ignoring.", v
);
3440 u
->exported_log_rate_limit_interval
= r
;
3444 } else if (streq(l
, "exported-log-rate-limit-burst")) {
3446 r
= parse_boolean(v
);
3448 log_unit_debug(u
, "Failed to parse exported log rate limit burst %s, ignoring.", v
);
3450 u
->exported_log_rate_limit_burst
= r
;
3454 } else if (STR_IN_SET(l
, "cpu-usage-base", "cpuacct-usage-base")) {
3456 r
= safe_atou64(v
, &u
->cpu_usage_base
);
3458 log_unit_debug(u
, "Failed to parse CPU usage base %s, ignoring.", v
);
3462 } else if (streq(l
, "cpu-usage-last")) {
3464 r
= safe_atou64(v
, &u
->cpu_usage_last
);
3466 log_unit_debug(u
, "Failed to read CPU usage last %s, ignoring.", v
);
3470 } else if (streq(l
, "cgroup")) {
3472 r
= unit_set_cgroup_path(u
, v
);
3474 log_unit_debug_errno(u
, r
, "Failed to set cgroup path %s, ignoring: %m", v
);
3476 (void) unit_watch_cgroup(u
);
3479 } else if (streq(l
, "cgroup-realized")) {
3482 b
= parse_boolean(v
);
3484 log_unit_debug(u
, "Failed to parse cgroup-realized bool %s, ignoring.", v
);
3486 u
->cgroup_realized
= b
;
3490 } else if (streq(l
, "cgroup-realized-mask")) {
3492 r
= cg_mask_from_string(v
, &u
->cgroup_realized_mask
);
3494 log_unit_debug(u
, "Failed to parse cgroup-realized-mask %s, ignoring.", v
);
3497 } else if (streq(l
, "cgroup-enabled-mask")) {
3499 r
= cg_mask_from_string(v
, &u
->cgroup_enabled_mask
);
3501 log_unit_debug(u
, "Failed to parse cgroup-enabled-mask %s, ignoring.", v
);
3504 } else if (streq(l
, "cgroup-invalidated-mask")) {
3506 r
= cg_mask_from_string(v
, &u
->cgroup_invalidated_mask
);
3508 log_unit_debug(u
, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v
);
3511 } else if (streq(l
, "ref-uid")) {
3514 r
= parse_uid(v
, &uid
);
3516 log_unit_debug(u
, "Failed to parse referenced UID %s, ignoring.", v
);
3518 unit_ref_uid_gid(u
, uid
, GID_INVALID
);
3522 } else if (streq(l
, "ref-gid")) {
3525 r
= parse_gid(v
, &gid
);
3527 log_unit_debug(u
, "Failed to parse referenced GID %s, ignoring.", v
);
3529 unit_ref_uid_gid(u
, UID_INVALID
, gid
);
3533 } else if (streq(l
, "ref")) {
3535 r
= strv_extend(&u
->deserialized_refs
, v
);
3540 } else if (streq(l
, "invocation-id")) {
3543 r
= sd_id128_from_string(v
, &id
);
3545 log_unit_debug(u
, "Failed to parse invocation id %s, ignoring.", v
);
3547 r
= unit_set_invocation_id(u
, id
);
3549 log_unit_warning_errno(u
, r
, "Failed to set invocation ID for unit: %m");
3555 /* Check if this is an IP accounting metric serialization field */
3556 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++)
3557 if (streq(l
, ip_accounting_metric_field
[m
]))
3559 if (m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
) {
3562 r
= safe_atou64(v
, &c
);
3564 log_unit_debug(u
, "Failed to parse IP accounting value %s, ignoring.", v
);
3566 u
->ip_accounting_extra
[m
] = c
;
3570 if (unit_can_serialize(u
)) {
3571 r
= exec_runtime_deserialize_compat(u
, l
, v
, fds
);
3573 log_unit_warning(u
, "Failed to deserialize runtime parameter '%s', ignoring.", l
);
3577 /* Returns positive if key was handled by the call */
3581 r
= UNIT_VTABLE(u
)->deserialize_item(u
, l
, v
, fds
);
3583 log_unit_warning(u
, "Failed to deserialize unit parameter '%s', ignoring.", l
);
3587 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3588 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3589 * before 228 where the base for timeouts was not persistent across reboots. */
3591 if (!dual_timestamp_is_set(&u
->state_change_timestamp
))
3592 dual_timestamp_get(&u
->state_change_timestamp
);
3594 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3595 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3596 unit_invalidate_cgroup(u
, _CGROUP_MASK_ALL
);
3597 unit_invalidate_cgroup_bpf(u
);
3602 int unit_deserialize_skip(FILE *f
) {
3606 /* Skip serialized data for this unit. We don't know what it is. */
3609 _cleanup_free_
char *line
= NULL
;
3612 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3614 return log_error_errno(r
, "Failed to read serialization line: %m");
3626 int unit_add_node_dependency(Unit
*u
, const char *what
, bool wants
, UnitDependency dep
, UnitDependencyMask mask
) {
3628 _cleanup_free_
char *e
= NULL
;
3633 /* Adds in links to the device node that this unit is based on */
3637 if (!is_device_path(what
))
3640 /* When device units aren't supported (such as in a
3641 * container), don't create dependencies on them. */
3642 if (!unit_type_supported(UNIT_DEVICE
))
3645 r
= unit_name_from_path(what
, ".device", &e
);
3649 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3653 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3654 dep
= UNIT_BINDS_TO
;
3656 r
= unit_add_two_dependencies(u
, UNIT_AFTER
,
3657 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3658 device
, true, mask
);
3663 r
= unit_add_dependency(device
, UNIT_WANTS
, u
, false, mask
);
3671 int unit_coldplug(Unit
*u
) {
3677 /* Make sure we don't enter a loop, when coldplugging recursively. */
3681 u
->coldplugged
= true;
3683 STRV_FOREACH(i
, u
->deserialized_refs
) {
3684 q
= bus_unit_track_add_name(u
, *i
);
3685 if (q
< 0 && r
>= 0)
3688 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3690 if (UNIT_VTABLE(u
)->coldplug
) {
3691 q
= UNIT_VTABLE(u
)->coldplug(u
);
3692 if (q
< 0 && r
>= 0)
3697 q
= job_coldplug(u
->job
);
3698 if (q
< 0 && r
>= 0)
3705 void unit_catchup(Unit
*u
) {
3708 if (UNIT_VTABLE(u
)->catchup
)
3709 UNIT_VTABLE(u
)->catchup(u
);
3712 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3718 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3719 * are never out-of-date. */
3720 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3723 if (stat(path
, &st
) < 0)
3724 /* What, cannot access this anymore? */
3728 /* For masked files check if they are still so */
3729 return !null_or_empty(&st
);
3731 /* For non-empty files check the mtime */
3732 return timespec_load(&st
.st_mtim
) > mtime
;
3737 bool unit_need_daemon_reload(Unit
*u
) {
3738 _cleanup_strv_free_
char **t
= NULL
;
3743 /* For unit files, we allow masking… */
3744 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3745 u
->load_state
== UNIT_MASKED
))
3748 /* Source paths should not be masked… */
3749 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3752 if (u
->load_state
== UNIT_LOADED
)
3753 (void) unit_find_dropin_paths(u
, &t
);
3754 if (!strv_equal(u
->dropin_paths
, t
))
3757 /* … any drop-ins that are masked are simply omitted from the list. */
3758 STRV_FOREACH(path
, u
->dropin_paths
)
3759 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3765 void unit_reset_failed(Unit
*u
) {
3768 if (UNIT_VTABLE(u
)->reset_failed
)
3769 UNIT_VTABLE(u
)->reset_failed(u
);
3771 RATELIMIT_RESET(u
->start_limit
);
3772 u
->start_limit_hit
= false;
3775 Unit
*unit_following(Unit
*u
) {
3778 if (UNIT_VTABLE(u
)->following
)
3779 return UNIT_VTABLE(u
)->following(u
);
3784 bool unit_stop_pending(Unit
*u
) {
3787 /* This call does check the current state of the unit. It's
3788 * hence useful to be called from state change calls of the
3789 * unit itself, where the state isn't updated yet. This is
3790 * different from unit_inactive_or_pending() which checks both
3791 * the current state and for a queued job. */
3793 return u
->job
&& u
->job
->type
== JOB_STOP
;
3796 bool unit_inactive_or_pending(Unit
*u
) {
3799 /* Returns true if the unit is inactive or going down */
3801 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3804 if (unit_stop_pending(u
))
3810 bool unit_active_or_pending(Unit
*u
) {
3813 /* Returns true if the unit is active or going up */
3815 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3819 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3825 bool unit_will_restart(Unit
*u
) {
3828 if (!UNIT_VTABLE(u
)->will_restart
)
3831 return UNIT_VTABLE(u
)->will_restart(u
);
3834 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3836 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3837 assert(SIGNAL_VALID(signo
));
3839 if (!UNIT_VTABLE(u
)->kill
)
3842 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
3845 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
3846 _cleanup_set_free_ Set
*pid_set
= NULL
;
3849 pid_set
= set_new(NULL
);
3853 /* Exclude the main/control pids from being killed via the cgroup */
3855 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
3860 if (control_pid
> 0) {
3861 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
3866 return TAKE_PTR(pid_set
);
3869 int unit_kill_common(
3875 sd_bus_error
*error
) {
3878 bool killed
= false;
3880 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
3882 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
3883 else if (main_pid
== 0)
3884 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
3887 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
3888 if (control_pid
< 0)
3889 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
3890 else if (control_pid
== 0)
3891 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
3894 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3895 if (control_pid
> 0) {
3896 if (kill(control_pid
, signo
) < 0)
3902 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3904 if (kill(main_pid
, signo
) < 0)
3910 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
3911 _cleanup_set_free_ Set
*pid_set
= NULL
;
3914 /* Exclude the main/control pids from being killed via the cgroup */
3915 pid_set
= unit_pid_set(main_pid
, control_pid
);
3919 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, NULL
, NULL
);
3920 if (q
< 0 && !IN_SET(q
, -EAGAIN
, -ESRCH
, -ENOENT
))
3926 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
))
3932 int unit_following_set(Unit
*u
, Set
**s
) {
3936 if (UNIT_VTABLE(u
)->following_set
)
3937 return UNIT_VTABLE(u
)->following_set(u
, s
);
3943 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
3948 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
3949 r
= unit_file_get_state(
3950 u
->manager
->unit_file_scope
,
3953 &u
->unit_file_state
);
3955 u
->unit_file_state
= UNIT_FILE_BAD
;
3958 return u
->unit_file_state
;
3961 int unit_get_unit_file_preset(Unit
*u
) {
3964 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
3965 u
->unit_file_preset
= unit_file_query_preset(
3966 u
->manager
->unit_file_scope
,
3968 basename(u
->fragment_path
));
3970 return u
->unit_file_preset
;
3973 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
3979 unit_ref_unset(ref
);
3981 ref
->source
= source
;
3982 ref
->target
= target
;
3983 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
3987 void unit_ref_unset(UnitRef
*ref
) {
3993 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3994 * be unreferenced now. */
3995 unit_add_to_gc_queue(ref
->target
);
3997 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
3998 ref
->source
= ref
->target
= NULL
;
4001 static int user_from_unit_name(Unit
*u
, char **ret
) {
4003 static const uint8_t hash_key
[] = {
4004 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4005 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4008 _cleanup_free_
char *n
= NULL
;
4011 r
= unit_name_to_prefix(u
->id
, &n
);
4015 if (valid_user_group_name(n
)) {
4020 /* If we can't use the unit name as a user name, then let's hash it and use that */
4021 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4027 int unit_patch_contexts(Unit
*u
) {
4035 /* Patch in the manager defaults into the exec and cgroup
4036 * contexts, _after_ the rest of the settings have been
4039 ec
= unit_get_exec_context(u
);
4041 /* This only copies in the ones that need memory */
4042 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
4043 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4044 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4049 if (MANAGER_IS_USER(u
->manager
) &&
4050 !ec
->working_directory
) {
4052 r
= get_home_dir(&ec
->working_directory
);
4056 /* Allow user services to run, even if the
4057 * home directory is missing */
4058 ec
->working_directory_missing_ok
= true;
4061 if (ec
->private_devices
)
4062 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4064 if (ec
->protect_kernel_modules
)
4065 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4067 if (ec
->dynamic_user
) {
4069 r
= user_from_unit_name(u
, &ec
->user
);
4075 ec
->group
= strdup(ec
->user
);
4080 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4081 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4083 ec
->private_tmp
= true;
4084 ec
->remove_ipc
= true;
4085 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4086 if (ec
->protect_home
== PROTECT_HOME_NO
)
4087 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4091 cc
= unit_get_cgroup_context(u
);
4094 if (ec
->private_devices
&&
4095 cc
->device_policy
== CGROUP_AUTO
)
4096 cc
->device_policy
= CGROUP_CLOSED
;
4098 if (ec
->root_image
&&
4099 (cc
->device_policy
!= CGROUP_AUTO
|| cc
->device_allow
)) {
4101 /* When RootImage= is specified, the following devices are touched. */
4102 r
= cgroup_add_device_allow(cc
, "/dev/loop-control", "rw");
4106 r
= cgroup_add_device_allow(cc
, "block-loop", "rwm");
4110 r
= cgroup_add_device_allow(cc
, "block-blkext", "rwm");
4119 ExecContext
*unit_get_exec_context(Unit
*u
) {
4126 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4130 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4133 KillContext
*unit_get_kill_context(Unit
*u
) {
4140 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4144 return (KillContext
*) ((uint8_t*) u
+ offset
);
4147 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4153 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4157 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4160 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4166 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4170 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4173 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4176 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4179 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4180 return u
->manager
->lookup_paths
.transient
;
4182 if (flags
& UNIT_PERSISTENT
)
4183 return u
->manager
->lookup_paths
.persistent_control
;
4185 if (flags
& UNIT_RUNTIME
)
4186 return u
->manager
->lookup_paths
.runtime_control
;
4191 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4197 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4198 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4199 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4200 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4201 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4204 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4205 ret
= specifier_escape(s
);
4212 if (flags
& UNIT_ESCAPE_C
) {
4225 return ret
?: (char*) s
;
4228 return ret
?: strdup(s
);
4231 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4232 _cleanup_free_
char *result
= NULL
;
4233 size_t n
= 0, allocated
= 0;
4236 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4237 * way suitable for ExecStart= stanzas */
4239 STRV_FOREACH(i
, l
) {
4240 _cleanup_free_
char *buf
= NULL
;
4245 p
= unit_escape_setting(*i
, flags
, &buf
);
4249 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4250 if (!GREEDY_REALLOC(result
, allocated
, n
+ a
+ 1))
4264 if (!GREEDY_REALLOC(result
, allocated
, n
+ 1))
4269 return TAKE_PTR(result
);
4272 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4273 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4274 const char *dir
, *wrapped
;
4281 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4284 data
= unit_escape_setting(data
, flags
, &escaped
);
4288 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4289 * previous section header is the same */
4291 if (flags
& UNIT_PRIVATE
) {
4292 if (!UNIT_VTABLE(u
)->private_section
)
4295 if (!u
->transient_file
|| u
->last_section_private
< 0)
4296 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4297 else if (u
->last_section_private
== 0)
4298 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4300 if (!u
->transient_file
|| u
->last_section_private
< 0)
4301 data
= strjoina("[Unit]\n", data
);
4302 else if (u
->last_section_private
> 0)
4303 data
= strjoina("\n[Unit]\n", data
);
4306 if (u
->transient_file
) {
4307 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4308 * write to the transient unit file. */
4309 fputs(data
, u
->transient_file
);
4311 if (!endswith(data
, "\n"))
4312 fputc('\n', u
->transient_file
);
4314 /* Remember which section we wrote this entry to */
4315 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4319 dir
= unit_drop_in_dir(u
, flags
);
4323 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4324 "# or an equivalent operation. Do not edit.\n",
4328 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4332 (void) mkdir_p_label(p
, 0755);
4333 r
= write_string_file_atomic_label(q
, wrapped
);
4337 r
= strv_push(&u
->dropin_paths
, q
);
4342 strv_uniq(u
->dropin_paths
);
4344 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4349 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4350 _cleanup_free_
char *p
= NULL
;
4358 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4361 va_start(ap
, format
);
4362 r
= vasprintf(&p
, format
, ap
);
4368 return unit_write_setting(u
, flags
, name
, p
);
4371 int unit_make_transient(Unit
*u
) {
4372 _cleanup_free_
char *path
= NULL
;
4377 if (!UNIT_VTABLE(u
)->can_transient
)
4380 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4382 path
= strjoin(u
->manager
->lookup_paths
.transient
, "/", u
->id
);
4386 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4387 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4389 RUN_WITH_UMASK(0022) {
4390 f
= fopen(path
, "we");
4395 safe_fclose(u
->transient_file
);
4396 u
->transient_file
= f
;
4398 free_and_replace(u
->fragment_path
, path
);
4400 u
->source_path
= mfree(u
->source_path
);
4401 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4402 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4404 u
->load_state
= UNIT_STUB
;
4406 u
->transient
= true;
4408 unit_add_to_dbus_queue(u
);
4409 unit_add_to_gc_queue(u
);
4411 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4417 static void log_kill(pid_t pid
, int sig
, void *userdata
) {
4418 _cleanup_free_
char *comm
= NULL
;
4420 (void) get_process_comm(pid
, &comm
);
4422 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4423 only, like for example systemd's own PAM stub process. */
4424 if (comm
&& comm
[0] == '(')
4427 log_unit_notice(userdata
,
4428 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4431 signal_to_string(sig
));
4434 static int operation_to_signal(KillContext
*c
, KillOperation k
) {
4439 case KILL_TERMINATE
:
4440 case KILL_TERMINATE_AND_LOG
:
4441 return c
->kill_signal
;
4444 return c
->final_kill_signal
;
4447 return c
->watchdog_signal
;
4450 assert_not_reached("KillOperation unknown");
4454 int unit_kill_context(
4460 bool main_pid_alien
) {
4462 bool wait_for_exit
= false, send_sighup
;
4463 cg_kill_log_func_t log_func
= NULL
;
4469 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4470 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4472 if (c
->kill_mode
== KILL_NONE
)
4475 sig
= operation_to_signal(c
, k
);
4479 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4482 if (k
!= KILL_TERMINATE
|| IN_SET(sig
, SIGKILL
, SIGABRT
))
4483 log_func
= log_kill
;
4487 log_func(main_pid
, sig
, u
);
4489 r
= kill_and_sigcont(main_pid
, sig
);
4490 if (r
< 0 && r
!= -ESRCH
) {
4491 _cleanup_free_
char *comm
= NULL
;
4492 (void) get_process_comm(main_pid
, &comm
);
4494 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4496 if (!main_pid_alien
)
4497 wait_for_exit
= true;
4499 if (r
!= -ESRCH
&& send_sighup
)
4500 (void) kill(main_pid
, SIGHUP
);
4504 if (control_pid
> 0) {
4506 log_func(control_pid
, sig
, u
);
4508 r
= kill_and_sigcont(control_pid
, sig
);
4509 if (r
< 0 && r
!= -ESRCH
) {
4510 _cleanup_free_
char *comm
= NULL
;
4511 (void) get_process_comm(control_pid
, &comm
);
4513 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4515 wait_for_exit
= true;
4517 if (r
!= -ESRCH
&& send_sighup
)
4518 (void) kill(control_pid
, SIGHUP
);
4522 if (u
->cgroup_path
&&
4523 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4524 _cleanup_set_free_ Set
*pid_set
= NULL
;
4526 /* Exclude the main/control pids from being killed via the cgroup */
4527 pid_set
= unit_pid_set(main_pid
, control_pid
);
4531 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4533 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4537 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4538 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", u
->cgroup_path
);
4542 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4543 * we are running in a container or if this is a delegation unit, simply because cgroup
4544 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4545 * of containers it can be confused easily by left-over directories in the cgroup — which
4546 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4547 * there we get proper events. Hence rely on them. */
4549 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4550 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4551 wait_for_exit
= true;
4556 pid_set
= unit_pid_set(main_pid
, control_pid
);
4560 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4569 return wait_for_exit
;
4572 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4573 _cleanup_free_
char *p
= NULL
;
4575 UnitDependencyInfo di
;
4581 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4582 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4583 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4584 * determine which units to make themselves a dependency of. */
4586 if (!path_is_absolute(path
))
4589 r
= hashmap_ensure_allocated(&u
->requires_mounts_for
, &path_hash_ops
);
4597 path
= path_simplify(p
, false);
4599 if (!path_is_normalized(path
))
4602 if (hashmap_contains(u
->requires_mounts_for
, path
))
4605 di
= (UnitDependencyInfo
) {
4609 r
= hashmap_put(u
->requires_mounts_for
, path
, di
.data
);
4614 prefix
= alloca(strlen(path
) + 1);
4615 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4618 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4620 _cleanup_free_
char *q
= NULL
;
4622 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4634 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4650 int unit_setup_exec_runtime(Unit
*u
) {
4658 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4661 /* Check if there already is an ExecRuntime for this unit? */
4662 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4666 /* Try to get it from somebody else */
4667 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_JOINS_NAMESPACE_OF
], i
) {
4668 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4673 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4676 int unit_setup_dynamic_creds(Unit
*u
) {
4678 DynamicCreds
*dcreds
;
4683 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4685 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4687 ec
= unit_get_exec_context(u
);
4690 if (!ec
->dynamic_user
)
4693 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4696 bool unit_type_supported(UnitType t
) {
4697 if (_unlikely_(t
< 0))
4699 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4702 if (!unit_vtable
[t
]->supported
)
4705 return unit_vtable
[t
]->supported();
4708 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4714 r
= dir_is_empty(where
);
4715 if (r
> 0 || r
== -ENOTDIR
)
4718 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4722 log_struct(LOG_NOTICE
,
4723 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4725 LOG_UNIT_INVOCATION_ID(u
),
4726 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4730 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4731 _cleanup_free_
char *canonical_where
;
4737 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
);
4739 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4743 /* We will happily ignore a trailing slash (or any redundant slashes) */
4744 if (path_equal(where
, canonical_where
))
4747 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4749 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4751 LOG_UNIT_INVOCATION_ID(u
),
4752 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4758 bool unit_is_pristine(Unit
*u
) {
4761 /* Check if the unit already exists or is already around,
4762 * in a number of different ways. Note that to cater for unit
4763 * types such as slice, we are generally fine with units that
4764 * are marked UNIT_LOADED even though nothing was actually
4765 * loaded, as those unit types don't require a file on disk. */
4767 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4770 !strv_isempty(u
->dropin_paths
) ||
4775 pid_t
unit_control_pid(Unit
*u
) {
4778 if (UNIT_VTABLE(u
)->control_pid
)
4779 return UNIT_VTABLE(u
)->control_pid(u
);
4784 pid_t
unit_main_pid(Unit
*u
) {
4787 if (UNIT_VTABLE(u
)->main_pid
)
4788 return UNIT_VTABLE(u
)->main_pid(u
);
4793 static void unit_unref_uid_internal(
4797 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4801 assert(_manager_unref_uid
);
4803 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4804 * gid_t are actually the same time, with the same validity rules.
4806 * Drops a reference to UID/GID from a unit. */
4808 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4809 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4811 if (!uid_is_valid(*ref_uid
))
4814 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4815 *ref_uid
= UID_INVALID
;
4818 void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4819 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4822 void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4823 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4826 static int unit_ref_uid_internal(
4831 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
4837 assert(uid_is_valid(uid
));
4838 assert(_manager_ref_uid
);
4840 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4841 * are actually the same type, and have the same validity rules.
4843 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4844 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4847 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4848 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4850 if (*ref_uid
== uid
)
4853 if (uid_is_valid(*ref_uid
)) /* Already set? */
4856 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
4864 int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
4865 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
4868 int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
4869 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
4872 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
4877 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4879 if (uid_is_valid(uid
)) {
4880 r
= unit_ref_uid(u
, uid
, clean_ipc
);
4885 if (gid_is_valid(gid
)) {
4886 q
= unit_ref_gid(u
, gid
, clean_ipc
);
4889 unit_unref_uid(u
, false);
4895 return r
> 0 || q
> 0;
4898 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
4904 c
= unit_get_exec_context(u
);
4906 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
4908 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4913 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
4916 unit_unref_uid(u
, destroy_now
);
4917 unit_unref_gid(u
, destroy_now
);
4920 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
4925 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4926 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4927 * objects when no service references the UID/GID anymore. */
4929 r
= unit_ref_uid_gid(u
, uid
, gid
);
4931 bus_unit_send_change_signal(u
);
4934 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
4939 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4941 if (sd_id128_equal(u
->invocation_id
, id
))
4944 if (!sd_id128_is_null(u
->invocation_id
))
4945 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
4947 if (sd_id128_is_null(id
)) {
4952 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
4956 u
->invocation_id
= id
;
4957 sd_id128_to_string(id
, u
->invocation_id_string
);
4959 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
4966 u
->invocation_id
= SD_ID128_NULL
;
4967 u
->invocation_id_string
[0] = 0;
4971 int unit_acquire_invocation_id(Unit
*u
) {
4977 r
= sd_id128_randomize(&id
);
4979 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
4981 r
= unit_set_invocation_id(u
, id
);
4983 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
4988 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
4994 /* Copy parameters from manager */
4995 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
4999 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5000 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5001 p
->prefix
= u
->manager
->prefix
;
5002 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5004 /* Copy paramaters from unit */
5005 p
->cgroup_path
= u
->cgroup_path
;
5006 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5011 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5017 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5018 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5020 (void) unit_realize_cgroup(u
);
5022 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5026 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
5027 (void) ignore_signals(SIGPIPE
, -1);
5029 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5031 if (u
->cgroup_path
) {
5032 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5034 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", u
->cgroup_path
);
5042 static void unit_update_dependency_mask(Unit
*u
, UnitDependency d
, Unit
*other
, UnitDependencyInfo di
) {
5045 assert(d
< _UNIT_DEPENDENCY_MAX
);
5048 if (di
.origin_mask
== 0 && di
.destination_mask
== 0) {
5049 /* No bit set anymore, let's drop the whole entry */
5050 assert_se(hashmap_remove(u
->dependencies
[d
], other
));
5051 log_unit_debug(u
, "%s lost dependency %s=%s", u
->id
, unit_dependency_to_string(d
), other
->id
);
5053 /* Mask was reduced, let's update the entry */
5054 assert_se(hashmap_update(u
->dependencies
[d
], other
, di
.data
) == 0);
5057 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5062 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5067 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
5071 UnitDependencyInfo di
;
5077 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
5080 if ((di
.origin_mask
& ~mask
) == di
.origin_mask
)
5082 di
.origin_mask
&= ~mask
;
5083 unit_update_dependency_mask(u
, d
, other
, di
);
5085 /* We updated the dependency from our unit to the other unit now. But most dependencies
5086 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5087 * all dependency types on the other unit and delete all those which point to us and
5088 * have the right mask set. */
5090 for (q
= 0; q
< _UNIT_DEPENDENCY_MAX
; q
++) {
5091 UnitDependencyInfo dj
;
5093 dj
.data
= hashmap_get(other
->dependencies
[q
], u
);
5094 if ((dj
.destination_mask
& ~mask
) == dj
.destination_mask
)
5096 dj
.destination_mask
&= ~mask
;
5098 unit_update_dependency_mask(other
, q
, u
, dj
);
5101 unit_add_to_gc_queue(other
);
5111 static int unit_export_invocation_id(Unit
*u
) {
5117 if (u
->exported_invocation_id
)
5120 if (sd_id128_is_null(u
->invocation_id
))
5123 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5124 r
= symlink_atomic(u
->invocation_id_string
, p
);
5126 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5128 u
->exported_invocation_id
= true;
5132 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5140 if (u
->exported_log_level_max
)
5143 if (c
->log_level_max
< 0)
5146 assert(c
->log_level_max
<= 7);
5148 buf
[0] = '0' + c
->log_level_max
;
5151 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5152 r
= symlink_atomic(buf
, p
);
5154 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5156 u
->exported_log_level_max
= true;
5160 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5161 _cleanup_close_
int fd
= -1;
5162 struct iovec
*iovec
;
5170 if (u
->exported_log_extra_fields
)
5173 if (c
->n_log_extra_fields
<= 0)
5176 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5177 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5179 for (i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5180 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5182 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5183 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5186 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5187 pattern
= strjoina(p
, ".XXXXXX");
5189 fd
= mkostemp_safe(pattern
);
5191 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5193 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5195 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5199 (void) fchmod(fd
, 0644);
5201 if (rename(pattern
, p
) < 0) {
5202 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5206 u
->exported_log_extra_fields
= true;
5210 (void) unlink(pattern
);
5214 static int unit_export_log_rate_limit_interval(Unit
*u
, const ExecContext
*c
) {
5215 _cleanup_free_
char *buf
= NULL
;
5222 if (u
->exported_log_rate_limit_interval
)
5225 if (c
->log_rate_limit_interval_usec
== 0)
5228 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5230 if (asprintf(&buf
, "%" PRIu64
, c
->log_rate_limit_interval_usec
) < 0)
5233 r
= symlink_atomic(buf
, p
);
5235 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5237 u
->exported_log_rate_limit_interval
= true;
5241 static int unit_export_log_rate_limit_burst(Unit
*u
, const ExecContext
*c
) {
5242 _cleanup_free_
char *buf
= NULL
;
5249 if (u
->exported_log_rate_limit_burst
)
5252 if (c
->log_rate_limit_burst
== 0)
5255 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5257 if (asprintf(&buf
, "%u", c
->log_rate_limit_burst
) < 0)
5260 r
= symlink_atomic(buf
, p
);
5262 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5264 u
->exported_log_rate_limit_burst
= true;
5268 void unit_export_state_files(Unit
*u
) {
5269 const ExecContext
*c
;
5276 if (!MANAGER_IS_SYSTEM(u
->manager
))
5279 if (MANAGER_IS_TEST_RUN(u
->manager
))
5282 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5283 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5284 * the IPC system itself and PID 1 also log to the journal.
5286 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5287 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5288 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5289 * namespace at least.
5291 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5292 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5295 (void) unit_export_invocation_id(u
);
5297 c
= unit_get_exec_context(u
);
5299 (void) unit_export_log_level_max(u
, c
);
5300 (void) unit_export_log_extra_fields(u
, c
);
5301 (void) unit_export_log_rate_limit_interval(u
, c
);
5302 (void) unit_export_log_rate_limit_burst(u
, c
);
5306 void unit_unlink_state_files(Unit
*u
) {
5314 if (!MANAGER_IS_SYSTEM(u
->manager
))
5317 /* Undoes the effect of unit_export_state() */
5319 if (u
->exported_invocation_id
) {
5320 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5323 u
->exported_invocation_id
= false;
5326 if (u
->exported_log_level_max
) {
5327 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5330 u
->exported_log_level_max
= false;
5333 if (u
->exported_log_extra_fields
) {
5334 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5337 u
->exported_log_extra_fields
= false;
5340 if (u
->exported_log_rate_limit_interval
) {
5341 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5344 u
->exported_log_rate_limit_interval
= false;
5347 if (u
->exported_log_rate_limit_burst
) {
5348 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5351 u
->exported_log_rate_limit_burst
= false;
5355 int unit_prepare_exec(Unit
*u
) {
5360 /* Prepares everything so that we can fork of a process for this unit */
5362 (void) unit_realize_cgroup(u
);
5364 if (u
->reset_accounting
) {
5365 (void) unit_reset_cpu_accounting(u
);
5366 (void) unit_reset_ip_accounting(u
);
5367 u
->reset_accounting
= false;
5370 unit_export_state_files(u
);
5372 r
= unit_setup_exec_runtime(u
);
5376 r
= unit_setup_dynamic_creds(u
);
5383 static void log_leftover(pid_t pid
, int sig
, void *userdata
) {
5384 _cleanup_free_
char *comm
= NULL
;
5386 (void) get_process_comm(pid
, &comm
);
5388 if (comm
&& comm
[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5391 log_unit_warning(userdata
,
5392 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5393 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5397 void unit_warn_leftover_processes(Unit
*u
) {
5400 (void) unit_pick_cgroup_path(u
);
5402 if (!u
->cgroup_path
)
5405 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_leftover
, u
);
5408 bool unit_needs_console(Unit
*u
) {
5410 UnitActiveState state
;
5414 state
= unit_active_state(u
);
5416 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5419 if (UNIT_VTABLE(u
)->needs_console
)
5420 return UNIT_VTABLE(u
)->needs_console(u
);
5422 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5423 ec
= unit_get_exec_context(u
);
5427 return exec_context_may_touch_console(ec
);
5430 const char *unit_label_path(Unit
*u
) {
5433 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5434 * when validating access checks. */
5436 p
= u
->source_path
?: u
->fragment_path
;
5440 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5441 if (path_equal(p
, "/dev/null"))
5447 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5452 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5453 * and not a kernel thread either */
5455 /* First, a simple range check */
5456 if (!pid_is_valid(pid
))
5457 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5459 /* Some extra safety check */
5460 if (pid
== 1 || pid
== getpid_cached())
5461 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5463 /* Don't even begin to bother with kernel threads */
5464 r
= is_kernel_thread(pid
);
5466 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5468 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5470 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5475 void unit_log_success(Unit
*u
) {
5478 log_struct(LOG_INFO
,
5479 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5481 LOG_UNIT_INVOCATION_ID(u
),
5482 LOG_UNIT_MESSAGE(u
, "Succeeded."));
5485 void unit_log_failure(Unit
*u
, const char *result
) {
5489 log_struct(LOG_WARNING
,
5490 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5492 LOG_UNIT_INVOCATION_ID(u
),
5493 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5494 "UNIT_RESULT=%s", result
);
5497 void unit_log_process_exit(
5501 const char *command
,
5508 if (code
!= CLD_EXITED
)
5509 level
= LOG_WARNING
;
5512 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5513 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s",
5515 sigchld_code_to_string(code
), status
,
5516 strna(code
== CLD_EXITED
5517 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5518 : signal_to_string(status
))),
5519 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5520 "EXIT_STATUS=%i", status
,
5521 "COMMAND=%s", strna(command
),
5523 LOG_UNIT_INVOCATION_ID(u
));
5526 int unit_exit_status(Unit
*u
) {
5529 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5530 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5531 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5532 * service process has exited abnormally (signal/coredump). */
5534 if (!UNIT_VTABLE(u
)->exit_status
)
5537 return UNIT_VTABLE(u
)->exit_status(u
);
5540 int unit_failure_action_exit_status(Unit
*u
) {
5545 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5547 if (u
->failure_action_exit_status
>= 0)
5548 return u
->failure_action_exit_status
;
5550 r
= unit_exit_status(u
);
5551 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5557 int unit_success_action_exit_status(Unit
*u
) {
5562 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5564 if (u
->success_action_exit_status
>= 0)
5565 return u
->success_action_exit_status
;
5567 r
= unit_exit_status(u
);
5568 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5574 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5575 [COLLECT_INACTIVE
] = "inactive",
5576 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5579 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);