]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: add proper escaping to writing of drop-ins/transient unit files
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26
27 #include "sd-id128.h"
28 #include "sd-messages.h"
29
30 #include "alloc-util.h"
31 #include "bus-common-errors.h"
32 #include "bus-util.h"
33 #include "cgroup-util.h"
34 #include "dbus-unit.h"
35 #include "dbus.h"
36 #include "dropin.h"
37 #include "escape.h"
38 #include "execute.h"
39 #include "fd-util.h"
40 #include "fileio-label.h"
41 #include "format-util.h"
42 #include "fs-util.h"
43 #include "id128-util.h"
44 #include "io-util.h"
45 #include "load-dropin.h"
46 #include "load-fragment.h"
47 #include "log.h"
48 #include "macro.h"
49 #include "missing.h"
50 #include "mkdir.h"
51 #include "parse-util.h"
52 #include "path-util.h"
53 #include "process-util.h"
54 #include "set.h"
55 #include "signal-util.h"
56 #include "sparse-endian.h"
57 #include "special.h"
58 #include "specifier.h"
59 #include "stat-util.h"
60 #include "stdio-util.h"
61 #include "string-table.h"
62 #include "string-util.h"
63 #include "strv.h"
64 #include "umask-util.h"
65 #include "unit-name.h"
66 #include "unit.h"
67 #include "user-util.h"
68 #include "virt.h"
69
70 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
71 [UNIT_SERVICE] = &service_vtable,
72 [UNIT_SOCKET] = &socket_vtable,
73 [UNIT_TARGET] = &target_vtable,
74 [UNIT_DEVICE] = &device_vtable,
75 [UNIT_MOUNT] = &mount_vtable,
76 [UNIT_AUTOMOUNT] = &automount_vtable,
77 [UNIT_SWAP] = &swap_vtable,
78 [UNIT_TIMER] = &timer_vtable,
79 [UNIT_PATH] = &path_vtable,
80 [UNIT_SLICE] = &slice_vtable,
81 [UNIT_SCOPE] = &scope_vtable,
82 };
83
84 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
85
86 Unit *unit_new(Manager *m, size_t size) {
87 Unit *u;
88
89 assert(m);
90 assert(size >= sizeof(Unit));
91
92 u = malloc0(size);
93 if (!u)
94 return NULL;
95
96 u->names = set_new(&string_hash_ops);
97 if (!u->names)
98 return mfree(u);
99
100 u->manager = m;
101 u->type = _UNIT_TYPE_INVALID;
102 u->default_dependencies = true;
103 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
104 u->unit_file_preset = -1;
105 u->on_failure_job_mode = JOB_REPLACE;
106 u->cgroup_inotify_wd = -1;
107 u->job_timeout = USEC_INFINITY;
108 u->job_running_timeout = USEC_INFINITY;
109 u->ref_uid = UID_INVALID;
110 u->ref_gid = GID_INVALID;
111 u->cpu_usage_last = NSEC_INFINITY;
112 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
113
114 u->ip_accounting_ingress_map_fd = -1;
115 u->ip_accounting_egress_map_fd = -1;
116 u->ipv4_allow_map_fd = -1;
117 u->ipv6_allow_map_fd = -1;
118 u->ipv4_deny_map_fd = -1;
119 u->ipv6_deny_map_fd = -1;
120
121 u->last_section_private = -1;
122
123 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
124 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
125
126 return u;
127 }
128
129 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
130 Unit *u;
131 int r;
132
133 u = unit_new(m, size);
134 if (!u)
135 return -ENOMEM;
136
137 r = unit_add_name(u, name);
138 if (r < 0) {
139 unit_free(u);
140 return r;
141 }
142
143 *ret = u;
144 return r;
145 }
146
147 bool unit_has_name(Unit *u, const char *name) {
148 assert(u);
149 assert(name);
150
151 return set_contains(u->names, (char*) name);
152 }
153
154 static void unit_init(Unit *u) {
155 CGroupContext *cc;
156 ExecContext *ec;
157 KillContext *kc;
158
159 assert(u);
160 assert(u->manager);
161 assert(u->type >= 0);
162
163 cc = unit_get_cgroup_context(u);
164 if (cc) {
165 cgroup_context_init(cc);
166
167 /* Copy in the manager defaults into the cgroup
168 * context, _before_ the rest of the settings have
169 * been initialized */
170
171 cc->cpu_accounting = u->manager->default_cpu_accounting;
172 cc->io_accounting = u->manager->default_io_accounting;
173 cc->ip_accounting = u->manager->default_ip_accounting;
174 cc->blockio_accounting = u->manager->default_blockio_accounting;
175 cc->memory_accounting = u->manager->default_memory_accounting;
176 cc->tasks_accounting = u->manager->default_tasks_accounting;
177 cc->ip_accounting = u->manager->default_ip_accounting;
178
179 if (u->type != UNIT_SLICE)
180 cc->tasks_max = u->manager->default_tasks_max;
181 }
182
183 ec = unit_get_exec_context(u);
184 if (ec) {
185 exec_context_init(ec);
186
187 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
188 EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
189 }
190
191 kc = unit_get_kill_context(u);
192 if (kc)
193 kill_context_init(kc);
194
195 if (UNIT_VTABLE(u)->init)
196 UNIT_VTABLE(u)->init(u);
197 }
198
199 int unit_add_name(Unit *u, const char *text) {
200 _cleanup_free_ char *s = NULL, *i = NULL;
201 UnitType t;
202 int r;
203
204 assert(u);
205 assert(text);
206
207 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
208
209 if (!u->instance)
210 return -EINVAL;
211
212 r = unit_name_replace_instance(text, u->instance, &s);
213 if (r < 0)
214 return r;
215 } else {
216 s = strdup(text);
217 if (!s)
218 return -ENOMEM;
219 }
220
221 if (set_contains(u->names, s))
222 return 0;
223 if (hashmap_contains(u->manager->units, s))
224 return -EEXIST;
225
226 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
227 return -EINVAL;
228
229 t = unit_name_to_type(s);
230 if (t < 0)
231 return -EINVAL;
232
233 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
234 return -EINVAL;
235
236 r = unit_name_to_instance(s, &i);
237 if (r < 0)
238 return r;
239
240 if (i && !unit_type_may_template(t))
241 return -EINVAL;
242
243 /* Ensure that this unit is either instanced or not instanced,
244 * but not both. Note that we do allow names with different
245 * instance names however! */
246 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
247 return -EINVAL;
248
249 if (!unit_type_may_alias(t) && !set_isempty(u->names))
250 return -EEXIST;
251
252 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
253 return -E2BIG;
254
255 r = set_put(u->names, s);
256 if (r < 0)
257 return r;
258 assert(r > 0);
259
260 r = hashmap_put(u->manager->units, s, u);
261 if (r < 0) {
262 (void) set_remove(u->names, s);
263 return r;
264 }
265
266 if (u->type == _UNIT_TYPE_INVALID) {
267 u->type = t;
268 u->id = s;
269 u->instance = i;
270
271 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
272
273 unit_init(u);
274
275 i = NULL;
276 }
277
278 s = NULL;
279
280 unit_add_to_dbus_queue(u);
281 return 0;
282 }
283
284 int unit_choose_id(Unit *u, const char *name) {
285 _cleanup_free_ char *t = NULL;
286 char *s, *i;
287 int r;
288
289 assert(u);
290 assert(name);
291
292 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
293
294 if (!u->instance)
295 return -EINVAL;
296
297 r = unit_name_replace_instance(name, u->instance, &t);
298 if (r < 0)
299 return r;
300
301 name = t;
302 }
303
304 /* Selects one of the names of this unit as the id */
305 s = set_get(u->names, (char*) name);
306 if (!s)
307 return -ENOENT;
308
309 /* Determine the new instance from the new id */
310 r = unit_name_to_instance(s, &i);
311 if (r < 0)
312 return r;
313
314 u->id = s;
315
316 free(u->instance);
317 u->instance = i;
318
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 int unit_set_description(Unit *u, const char *description) {
325 int r;
326
327 assert(u);
328
329 r = free_and_strdup(&u->description, empty_to_null(description));
330 if (r < 0)
331 return r;
332 if (r > 0)
333 unit_add_to_dbus_queue(u);
334
335 return 0;
336 }
337
338 bool unit_check_gc(Unit *u) {
339 UnitActiveState state;
340 int r;
341
342 assert(u);
343
344 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true, when the unit shall
345 * stay around, false if there's no reason to keep it loaded. */
346
347 if (u->job)
348 return true;
349
350 if (u->nop_job)
351 return true;
352
353 state = unit_active_state(u);
354
355 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
356 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
357 UNIT_VTABLE(u)->release_resources)
358 UNIT_VTABLE(u)->release_resources(u);
359
360 if (u->perpetual)
361 return true;
362
363 if (u->refs)
364 return true;
365
366 if (sd_bus_track_count(u->bus_track) > 0)
367 return true;
368
369 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
370 switch (u->collect_mode) {
371
372 case COLLECT_INACTIVE:
373 if (state != UNIT_INACTIVE)
374 return true;
375
376 break;
377
378 case COLLECT_INACTIVE_OR_FAILED:
379 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
380 return true;
381
382 break;
383
384 default:
385 assert_not_reached("Unknown garbage collection mode");
386 }
387
388 if (u->cgroup_path) {
389 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
390 * around. Units with active processes should never be collected. */
391
392 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
393 if (r < 0)
394 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
395 if (r <= 0)
396 return true;
397 }
398
399 if (UNIT_VTABLE(u)->check_gc)
400 if (UNIT_VTABLE(u)->check_gc(u))
401 return true;
402
403 return false;
404 }
405
406 void unit_add_to_load_queue(Unit *u) {
407 assert(u);
408 assert(u->type != _UNIT_TYPE_INVALID);
409
410 if (u->load_state != UNIT_STUB || u->in_load_queue)
411 return;
412
413 LIST_PREPEND(load_queue, u->manager->load_queue, u);
414 u->in_load_queue = true;
415 }
416
417 void unit_add_to_cleanup_queue(Unit *u) {
418 assert(u);
419
420 if (u->in_cleanup_queue)
421 return;
422
423 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
424 u->in_cleanup_queue = true;
425 }
426
427 void unit_add_to_gc_queue(Unit *u) {
428 assert(u);
429
430 if (u->in_gc_queue || u->in_cleanup_queue)
431 return;
432
433 if (unit_check_gc(u))
434 return;
435
436 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
437 u->in_gc_queue = true;
438 }
439
440 void unit_add_to_dbus_queue(Unit *u) {
441 assert(u);
442 assert(u->type != _UNIT_TYPE_INVALID);
443
444 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
445 return;
446
447 /* Shortcut things if nobody cares */
448 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
449 sd_bus_track_count(u->bus_track) <= 0 &&
450 set_isempty(u->manager->private_buses)) {
451 u->sent_dbus_new_signal = true;
452 return;
453 }
454
455 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
456 u->in_dbus_queue = true;
457 }
458
459 static void bidi_set_free(Unit *u, Hashmap *h) {
460 Unit *other;
461 Iterator i;
462 void *v;
463
464 assert(u);
465
466 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
467
468 HASHMAP_FOREACH_KEY(v, other, h, i) {
469 UnitDependency d;
470
471 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
472 hashmap_remove(other->dependencies[d], u);
473
474 unit_add_to_gc_queue(other);
475 }
476
477 hashmap_free(h);
478 }
479
480 static void unit_remove_transient(Unit *u) {
481 char **i;
482
483 assert(u);
484
485 if (!u->transient)
486 return;
487
488 if (u->fragment_path)
489 (void) unlink(u->fragment_path);
490
491 STRV_FOREACH(i, u->dropin_paths) {
492 _cleanup_free_ char *p = NULL, *pp = NULL;
493
494 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
495 if (!p)
496 continue;
497
498 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
499 if (!pp)
500 continue;
501
502 /* Only drop transient drop-ins */
503 if (!path_equal(u->manager->lookup_paths.transient, pp))
504 continue;
505
506 (void) unlink(*i);
507 (void) rmdir(p);
508 }
509 }
510
511 static void unit_free_requires_mounts_for(Unit *u) {
512 assert(u);
513
514 for (;;) {
515 _cleanup_free_ char *path;
516
517 path = hashmap_steal_first_key(u->requires_mounts_for);
518 if (!path)
519 break;
520 else {
521 char s[strlen(path) + 1];
522
523 PATH_FOREACH_PREFIX_MORE(s, path) {
524 char *y;
525 Set *x;
526
527 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
528 if (!x)
529 continue;
530
531 (void) set_remove(x, u);
532
533 if (set_isempty(x)) {
534 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
535 free(y);
536 set_free(x);
537 }
538 }
539 }
540 }
541
542 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
543 }
544
545 static void unit_done(Unit *u) {
546 ExecContext *ec;
547 CGroupContext *cc;
548
549 assert(u);
550
551 if (u->type < 0)
552 return;
553
554 if (UNIT_VTABLE(u)->done)
555 UNIT_VTABLE(u)->done(u);
556
557 ec = unit_get_exec_context(u);
558 if (ec)
559 exec_context_done(ec);
560
561 cc = unit_get_cgroup_context(u);
562 if (cc)
563 cgroup_context_done(cc);
564 }
565
566 void unit_free(Unit *u) {
567 UnitDependency d;
568 Iterator i;
569 char *t;
570
571 if (!u)
572 return;
573
574 if (u->transient_file)
575 fclose(u->transient_file);
576
577 if (!MANAGER_IS_RELOADING(u->manager))
578 unit_remove_transient(u);
579
580 bus_unit_send_removed_signal(u);
581
582 unit_done(u);
583
584 sd_bus_slot_unref(u->match_bus_slot);
585
586 sd_bus_track_unref(u->bus_track);
587 u->deserialized_refs = strv_free(u->deserialized_refs);
588
589 unit_free_requires_mounts_for(u);
590
591 SET_FOREACH(t, u->names, i)
592 hashmap_remove_value(u->manager->units, t, u);
593
594 if (!sd_id128_is_null(u->invocation_id))
595 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
596
597 if (u->job) {
598 Job *j = u->job;
599 job_uninstall(j);
600 job_free(j);
601 }
602
603 if (u->nop_job) {
604 Job *j = u->nop_job;
605 job_uninstall(j);
606 job_free(j);
607 }
608
609 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
610 bidi_set_free(u, u->dependencies[d]);
611
612 if (u->type != _UNIT_TYPE_INVALID)
613 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
614
615 if (u->in_load_queue)
616 LIST_REMOVE(load_queue, u->manager->load_queue, u);
617
618 if (u->in_dbus_queue)
619 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
620
621 if (u->in_cleanup_queue)
622 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
623
624 if (u->in_gc_queue)
625 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
626
627 if (u->in_cgroup_realize_queue)
628 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
629
630 if (u->in_cgroup_empty_queue)
631 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
632
633 unit_release_cgroup(u);
634
635 if (!MANAGER_IS_RELOADING(u->manager))
636 unit_unlink_state_files(u);
637
638 unit_unref_uid_gid(u, false);
639
640 (void) manager_update_failed_units(u->manager, u, false);
641 set_remove(u->manager->startup_units, u);
642
643 free(u->description);
644 strv_free(u->documentation);
645 free(u->fragment_path);
646 free(u->source_path);
647 strv_free(u->dropin_paths);
648 free(u->instance);
649
650 free(u->job_timeout_reboot_arg);
651
652 set_free_free(u->names);
653
654 unit_unwatch_all_pids(u);
655
656 condition_free_list(u->conditions);
657 condition_free_list(u->asserts);
658
659 free(u->reboot_arg);
660
661 unit_ref_unset(&u->slice);
662
663 while (u->refs)
664 unit_ref_unset(u->refs);
665
666 safe_close(u->ip_accounting_ingress_map_fd);
667 safe_close(u->ip_accounting_egress_map_fd);
668
669 safe_close(u->ipv4_allow_map_fd);
670 safe_close(u->ipv6_allow_map_fd);
671 safe_close(u->ipv4_deny_map_fd);
672 safe_close(u->ipv6_deny_map_fd);
673
674 bpf_program_unref(u->ip_bpf_ingress);
675 bpf_program_unref(u->ip_bpf_egress);
676
677 free(u);
678 }
679
680 UnitActiveState unit_active_state(Unit *u) {
681 assert(u);
682
683 if (u->load_state == UNIT_MERGED)
684 return unit_active_state(unit_follow_merge(u));
685
686 /* After a reload it might happen that a unit is not correctly
687 * loaded but still has a process around. That's why we won't
688 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
689
690 return UNIT_VTABLE(u)->active_state(u);
691 }
692
693 const char* unit_sub_state_to_string(Unit *u) {
694 assert(u);
695
696 return UNIT_VTABLE(u)->sub_state_to_string(u);
697 }
698
699 static int set_complete_move(Set **s, Set **other) {
700 assert(s);
701 assert(other);
702
703 if (!other)
704 return 0;
705
706 if (*s)
707 return set_move(*s, *other);
708 else {
709 *s = *other;
710 *other = NULL;
711 }
712
713 return 0;
714 }
715
716 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
717 assert(s);
718 assert(other);
719
720 if (!*other)
721 return 0;
722
723 if (*s)
724 return hashmap_move(*s, *other);
725 else {
726 *s = *other;
727 *other = NULL;
728 }
729
730 return 0;
731 }
732
733 static int merge_names(Unit *u, Unit *other) {
734 char *t;
735 Iterator i;
736 int r;
737
738 assert(u);
739 assert(other);
740
741 r = set_complete_move(&u->names, &other->names);
742 if (r < 0)
743 return r;
744
745 set_free_free(other->names);
746 other->names = NULL;
747 other->id = NULL;
748
749 SET_FOREACH(t, u->names, i)
750 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
751
752 return 0;
753 }
754
755 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
756 unsigned n_reserve;
757
758 assert(u);
759 assert(other);
760 assert(d < _UNIT_DEPENDENCY_MAX);
761
762 /*
763 * If u does not have this dependency set allocated, there is no need
764 * to reserve anything. In that case other's set will be transferred
765 * as a whole to u by complete_move().
766 */
767 if (!u->dependencies[d])
768 return 0;
769
770 /* merge_dependencies() will skip a u-on-u dependency */
771 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
772
773 return hashmap_reserve(u->dependencies[d], n_reserve);
774 }
775
776 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
777 Iterator i;
778 Unit *back;
779 void *v;
780 int r;
781
782 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
783
784 assert(u);
785 assert(other);
786 assert(d < _UNIT_DEPENDENCY_MAX);
787
788 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
789 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
790 UnitDependency k;
791
792 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
793 * pointers back, and let's fix them up, to instead point to 'u'. */
794
795 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
796 if (back == u) {
797 /* Do not add dependencies between u and itself. */
798 if (hashmap_remove(back->dependencies[k], other))
799 maybe_warn_about_dependency(u, other_id, k);
800 } else {
801 UnitDependencyInfo di_u, di_other, di_merged;
802
803 /* Let's drop this dependency between "back" and "other", and let's create it between
804 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
805 * and any such dependency which might already exist */
806
807 di_other.data = hashmap_get(back->dependencies[k], other);
808 if (!di_other.data)
809 continue; /* dependency isn't set, let's try the next one */
810
811 di_u.data = hashmap_get(back->dependencies[k], u);
812
813 di_merged = (UnitDependencyInfo) {
814 .origin_mask = di_u.origin_mask | di_other.origin_mask,
815 .destination_mask = di_u.destination_mask | di_other.destination_mask,
816 };
817
818 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
819 if (r < 0)
820 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
821 assert(r >= 0);
822
823 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
824 }
825 }
826
827 }
828
829 /* Also do not move dependencies on u to itself */
830 back = hashmap_remove(other->dependencies[d], u);
831 if (back)
832 maybe_warn_about_dependency(u, other_id, d);
833
834 /* The move cannot fail. The caller must have performed a reservation. */
835 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
836
837 other->dependencies[d] = hashmap_free(other->dependencies[d]);
838 }
839
840 int unit_merge(Unit *u, Unit *other) {
841 UnitDependency d;
842 const char *other_id = NULL;
843 int r;
844
845 assert(u);
846 assert(other);
847 assert(u->manager == other->manager);
848 assert(u->type != _UNIT_TYPE_INVALID);
849
850 other = unit_follow_merge(other);
851
852 if (other == u)
853 return 0;
854
855 if (u->type != other->type)
856 return -EINVAL;
857
858 if (!u->instance != !other->instance)
859 return -EINVAL;
860
861 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
862 return -EEXIST;
863
864 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
865 return -EEXIST;
866
867 if (other->job)
868 return -EEXIST;
869
870 if (other->nop_job)
871 return -EEXIST;
872
873 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
874 return -EEXIST;
875
876 if (other->id)
877 other_id = strdupa(other->id);
878
879 /* Make reservations to ensure merge_dependencies() won't fail */
880 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
881 r = reserve_dependencies(u, other, d);
882 /*
883 * We don't rollback reservations if we fail. We don't have
884 * a way to undo reservations. A reservation is not a leak.
885 */
886 if (r < 0)
887 return r;
888 }
889
890 /* Merge names */
891 r = merge_names(u, other);
892 if (r < 0)
893 return r;
894
895 /* Redirect all references */
896 while (other->refs)
897 unit_ref_set(other->refs, u);
898
899 /* Merge dependencies */
900 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
901 merge_dependencies(u, other, other_id, d);
902
903 other->load_state = UNIT_MERGED;
904 other->merged_into = u;
905
906 /* If there is still some data attached to the other node, we
907 * don't need it anymore, and can free it. */
908 if (other->load_state != UNIT_STUB)
909 if (UNIT_VTABLE(other)->done)
910 UNIT_VTABLE(other)->done(other);
911
912 unit_add_to_dbus_queue(u);
913 unit_add_to_cleanup_queue(other);
914
915 return 0;
916 }
917
918 int unit_merge_by_name(Unit *u, const char *name) {
919 _cleanup_free_ char *s = NULL;
920 Unit *other;
921 int r;
922
923 assert(u);
924 assert(name);
925
926 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
927 if (!u->instance)
928 return -EINVAL;
929
930 r = unit_name_replace_instance(name, u->instance, &s);
931 if (r < 0)
932 return r;
933
934 name = s;
935 }
936
937 other = manager_get_unit(u->manager, name);
938 if (other)
939 return unit_merge(u, other);
940
941 return unit_add_name(u, name);
942 }
943
944 Unit* unit_follow_merge(Unit *u) {
945 assert(u);
946
947 while (u->load_state == UNIT_MERGED)
948 assert_se(u = u->merged_into);
949
950 return u;
951 }
952
953 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
954 ExecDirectoryType dt;
955 char **dp;
956 int r;
957
958 assert(u);
959 assert(c);
960
961 if (c->working_directory) {
962 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
963 if (r < 0)
964 return r;
965 }
966
967 if (c->root_directory) {
968 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
969 if (r < 0)
970 return r;
971 }
972
973 if (c->root_image) {
974 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
975 if (r < 0)
976 return r;
977 }
978
979 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
980 if (!u->manager->prefix[dt])
981 continue;
982
983 STRV_FOREACH(dp, c->directories[dt].paths) {
984 _cleanup_free_ char *p;
985
986 p = strjoin(u->manager->prefix[dt], "/", *dp);
987 if (!p)
988 return -ENOMEM;
989
990 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
991 if (r < 0)
992 return r;
993 }
994 }
995
996 if (!MANAGER_IS_SYSTEM(u->manager))
997 return 0;
998
999 if (c->private_tmp) {
1000 const char *p;
1001
1002 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1003 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1004 if (r < 0)
1005 return r;
1006 }
1007
1008 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
1009 if (r < 0)
1010 return r;
1011 }
1012
1013 if (!IN_SET(c->std_output,
1014 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1015 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1016 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1017 !IN_SET(c->std_error,
1018 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1019 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1020 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1021 return 0;
1022
1023 /* If syslog or kernel logging is requested, make sure our own
1024 * logging daemon is run first. */
1025
1026 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1027 if (r < 0)
1028 return r;
1029
1030 return 0;
1031 }
1032
1033 const char *unit_description(Unit *u) {
1034 assert(u);
1035
1036 if (u->description)
1037 return u->description;
1038
1039 return strna(u->id);
1040 }
1041
1042 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1043 const struct {
1044 UnitDependencyMask mask;
1045 const char *name;
1046 } table[] = {
1047 { UNIT_DEPENDENCY_FILE, "file" },
1048 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1049 { UNIT_DEPENDENCY_DEFAULT, "default" },
1050 { UNIT_DEPENDENCY_UDEV, "udev" },
1051 { UNIT_DEPENDENCY_PATH, "path" },
1052 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1053 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1054 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1055 };
1056 size_t i;
1057
1058 assert(f);
1059 assert(kind);
1060 assert(space);
1061
1062 for (i = 0; i < ELEMENTSOF(table); i++) {
1063
1064 if (mask == 0)
1065 break;
1066
1067 if ((mask & table[i].mask) == table[i].mask) {
1068 if (*space)
1069 fputc(' ', f);
1070 else
1071 *space = true;
1072
1073 fputs(kind, f);
1074 fputs("-", f);
1075 fputs(table[i].name, f);
1076
1077 mask &= ~table[i].mask;
1078 }
1079 }
1080
1081 assert(mask == 0);
1082 }
1083
1084 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1085 char *t, **j;
1086 UnitDependency d;
1087 Iterator i;
1088 const char *prefix2;
1089 char
1090 timestamp0[FORMAT_TIMESTAMP_MAX],
1091 timestamp1[FORMAT_TIMESTAMP_MAX],
1092 timestamp2[FORMAT_TIMESTAMP_MAX],
1093 timestamp3[FORMAT_TIMESTAMP_MAX],
1094 timestamp4[FORMAT_TIMESTAMP_MAX],
1095 timespan[FORMAT_TIMESPAN_MAX];
1096 Unit *following;
1097 _cleanup_set_free_ Set *following_set = NULL;
1098 const char *n;
1099 CGroupMask m;
1100 int r;
1101
1102 assert(u);
1103 assert(u->type >= 0);
1104
1105 prefix = strempty(prefix);
1106 prefix2 = strjoina(prefix, "\t");
1107
1108 fprintf(f,
1109 "%s-> Unit %s:\n"
1110 "%s\tDescription: %s\n"
1111 "%s\tInstance: %s\n"
1112 "%s\tUnit Load State: %s\n"
1113 "%s\tUnit Active State: %s\n"
1114 "%s\tState Change Timestamp: %s\n"
1115 "%s\tInactive Exit Timestamp: %s\n"
1116 "%s\tActive Enter Timestamp: %s\n"
1117 "%s\tActive Exit Timestamp: %s\n"
1118 "%s\tInactive Enter Timestamp: %s\n"
1119 "%s\tGC Check Good: %s\n"
1120 "%s\tNeed Daemon Reload: %s\n"
1121 "%s\tTransient: %s\n"
1122 "%s\tPerpetual: %s\n"
1123 "%s\tGarbage Collection Mode: %s\n"
1124 "%s\tSlice: %s\n"
1125 "%s\tCGroup: %s\n"
1126 "%s\tCGroup realized: %s\n",
1127 prefix, u->id,
1128 prefix, unit_description(u),
1129 prefix, strna(u->instance),
1130 prefix, unit_load_state_to_string(u->load_state),
1131 prefix, unit_active_state_to_string(unit_active_state(u)),
1132 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1133 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1134 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1135 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1136 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1137 prefix, yes_no(unit_check_gc(u)),
1138 prefix, yes_no(unit_need_daemon_reload(u)),
1139 prefix, yes_no(u->transient),
1140 prefix, yes_no(u->perpetual),
1141 prefix, collect_mode_to_string(u->collect_mode),
1142 prefix, strna(unit_slice_name(u)),
1143 prefix, strna(u->cgroup_path),
1144 prefix, yes_no(u->cgroup_realized));
1145
1146 if (u->cgroup_realized_mask != 0) {
1147 _cleanup_free_ char *s = NULL;
1148 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1149 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1150 }
1151 if (u->cgroup_enabled_mask != 0) {
1152 _cleanup_free_ char *s = NULL;
1153 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1154 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1155 }
1156 m = unit_get_own_mask(u);
1157 if (m != 0) {
1158 _cleanup_free_ char *s = NULL;
1159 (void) cg_mask_to_string(m, &s);
1160 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1161 }
1162 m = unit_get_members_mask(u);
1163 if (m != 0) {
1164 _cleanup_free_ char *s = NULL;
1165 (void) cg_mask_to_string(m, &s);
1166 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1167 }
1168
1169 SET_FOREACH(t, u->names, i)
1170 fprintf(f, "%s\tName: %s\n", prefix, t);
1171
1172 if (!sd_id128_is_null(u->invocation_id))
1173 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1174 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1175
1176 STRV_FOREACH(j, u->documentation)
1177 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1178
1179 following = unit_following(u);
1180 if (following)
1181 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1182
1183 r = unit_following_set(u, &following_set);
1184 if (r >= 0) {
1185 Unit *other;
1186
1187 SET_FOREACH(other, following_set, i)
1188 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1189 }
1190
1191 if (u->fragment_path)
1192 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1193
1194 if (u->source_path)
1195 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1196
1197 STRV_FOREACH(j, u->dropin_paths)
1198 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1199
1200 if (u->failure_action != EMERGENCY_ACTION_NONE)
1201 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1202 if (u->success_action != EMERGENCY_ACTION_NONE)
1203 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1204
1205 if (u->job_timeout != USEC_INFINITY)
1206 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1207
1208 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1209 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1210
1211 if (u->job_timeout_reboot_arg)
1212 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1213
1214 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1215 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1216
1217 if (dual_timestamp_is_set(&u->condition_timestamp))
1218 fprintf(f,
1219 "%s\tCondition Timestamp: %s\n"
1220 "%s\tCondition Result: %s\n",
1221 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1222 prefix, yes_no(u->condition_result));
1223
1224 if (dual_timestamp_is_set(&u->assert_timestamp))
1225 fprintf(f,
1226 "%s\tAssert Timestamp: %s\n"
1227 "%s\tAssert Result: %s\n",
1228 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1229 prefix, yes_no(u->assert_result));
1230
1231 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1232 UnitDependencyInfo di;
1233 Unit *other;
1234
1235 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1236 bool space = false;
1237
1238 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1239
1240 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1241 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1242
1243 fputs(")\n", f);
1244 }
1245 }
1246
1247 if (!hashmap_isempty(u->requires_mounts_for)) {
1248 UnitDependencyInfo di;
1249 const char *path;
1250
1251 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1252 bool space = false;
1253
1254 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1255
1256 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1257 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1258
1259 fputs(")\n", f);
1260 }
1261 }
1262
1263 if (u->load_state == UNIT_LOADED) {
1264
1265 fprintf(f,
1266 "%s\tStopWhenUnneeded: %s\n"
1267 "%s\tRefuseManualStart: %s\n"
1268 "%s\tRefuseManualStop: %s\n"
1269 "%s\tDefaultDependencies: %s\n"
1270 "%s\tOnFailureJobMode: %s\n"
1271 "%s\tIgnoreOnIsolate: %s\n",
1272 prefix, yes_no(u->stop_when_unneeded),
1273 prefix, yes_no(u->refuse_manual_start),
1274 prefix, yes_no(u->refuse_manual_stop),
1275 prefix, yes_no(u->default_dependencies),
1276 prefix, job_mode_to_string(u->on_failure_job_mode),
1277 prefix, yes_no(u->ignore_on_isolate));
1278
1279 if (UNIT_VTABLE(u)->dump)
1280 UNIT_VTABLE(u)->dump(u, f, prefix2);
1281
1282 } else if (u->load_state == UNIT_MERGED)
1283 fprintf(f,
1284 "%s\tMerged into: %s\n",
1285 prefix, u->merged_into->id);
1286 else if (u->load_state == UNIT_ERROR)
1287 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1288
1289 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1290 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1291
1292 if (u->job)
1293 job_dump(u->job, f, prefix2);
1294
1295 if (u->nop_job)
1296 job_dump(u->nop_job, f, prefix2);
1297 }
1298
1299 /* Common implementation for multiple backends */
1300 int unit_load_fragment_and_dropin(Unit *u) {
1301 int r;
1302
1303 assert(u);
1304
1305 /* Load a .{service,socket,...} file */
1306 r = unit_load_fragment(u);
1307 if (r < 0)
1308 return r;
1309
1310 if (u->load_state == UNIT_STUB)
1311 return -ENOENT;
1312
1313 /* Load drop-in directory data. If u is an alias, we might be reloading the
1314 * target unit needlessly. But we cannot be sure which drops-ins have already
1315 * been loaded and which not, at least without doing complicated book-keeping,
1316 * so let's always reread all drop-ins. */
1317 return unit_load_dropin(unit_follow_merge(u));
1318 }
1319
1320 /* Common implementation for multiple backends */
1321 int unit_load_fragment_and_dropin_optional(Unit *u) {
1322 int r;
1323
1324 assert(u);
1325
1326 /* Same as unit_load_fragment_and_dropin(), but whether
1327 * something can be loaded or not doesn't matter. */
1328
1329 /* Load a .service file */
1330 r = unit_load_fragment(u);
1331 if (r < 0)
1332 return r;
1333
1334 if (u->load_state == UNIT_STUB)
1335 u->load_state = UNIT_LOADED;
1336
1337 /* Load drop-in directory data */
1338 return unit_load_dropin(unit_follow_merge(u));
1339 }
1340
1341 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1342 assert(u);
1343 assert(target);
1344
1345 if (target->type != UNIT_TARGET)
1346 return 0;
1347
1348 /* Only add the dependency if both units are loaded, so that
1349 * that loop check below is reliable */
1350 if (u->load_state != UNIT_LOADED ||
1351 target->load_state != UNIT_LOADED)
1352 return 0;
1353
1354 /* If either side wants no automatic dependencies, then let's
1355 * skip this */
1356 if (!u->default_dependencies ||
1357 !target->default_dependencies)
1358 return 0;
1359
1360 /* Don't create loops */
1361 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1362 return 0;
1363
1364 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1365 }
1366
1367 static int unit_add_target_dependencies(Unit *u) {
1368
1369 static const UnitDependency deps[] = {
1370 UNIT_REQUIRED_BY,
1371 UNIT_REQUISITE_OF,
1372 UNIT_WANTED_BY,
1373 UNIT_BOUND_BY
1374 };
1375
1376 unsigned k;
1377 int r = 0;
1378
1379 assert(u);
1380
1381 for (k = 0; k < ELEMENTSOF(deps); k++) {
1382 Unit *target;
1383 Iterator i;
1384 void *v;
1385
1386 HASHMAP_FOREACH_KEY(v, target, u->dependencies[deps[k]], i) {
1387 r = unit_add_default_target_dependency(u, target);
1388 if (r < 0)
1389 return r;
1390 }
1391 }
1392
1393 return r;
1394 }
1395
1396 static int unit_add_slice_dependencies(Unit *u) {
1397 UnitDependencyMask mask;
1398 assert(u);
1399
1400 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1401 return 0;
1402
1403 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1404 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1405 relationship). */
1406 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1407
1408 if (UNIT_ISSET(u->slice))
1409 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1410
1411 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1412 return 0;
1413
1414 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1415 }
1416
1417 static int unit_add_mount_dependencies(Unit *u) {
1418 UnitDependencyInfo di;
1419 const char *path;
1420 Iterator i;
1421 int r;
1422
1423 assert(u);
1424
1425 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1426 char prefix[strlen(path) + 1];
1427
1428 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1429 _cleanup_free_ char *p = NULL;
1430 Unit *m;
1431
1432 r = unit_name_from_path(prefix, ".mount", &p);
1433 if (r < 0)
1434 return r;
1435
1436 m = manager_get_unit(u->manager, p);
1437 if (!m) {
1438 /* Make sure to load the mount unit if
1439 * it exists. If so the dependencies
1440 * on this unit will be added later
1441 * during the loading of the mount
1442 * unit. */
1443 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1444 continue;
1445 }
1446 if (m == u)
1447 continue;
1448
1449 if (m->load_state != UNIT_LOADED)
1450 continue;
1451
1452 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1453 if (r < 0)
1454 return r;
1455
1456 if (m->fragment_path) {
1457 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1458 if (r < 0)
1459 return r;
1460 }
1461 }
1462 }
1463
1464 return 0;
1465 }
1466
1467 static int unit_add_startup_units(Unit *u) {
1468 CGroupContext *c;
1469 int r;
1470
1471 c = unit_get_cgroup_context(u);
1472 if (!c)
1473 return 0;
1474
1475 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1476 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1477 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1478 return 0;
1479
1480 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1481 if (r < 0)
1482 return r;
1483
1484 return set_put(u->manager->startup_units, u);
1485 }
1486
1487 int unit_load(Unit *u) {
1488 int r;
1489
1490 assert(u);
1491
1492 if (u->in_load_queue) {
1493 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1494 u->in_load_queue = false;
1495 }
1496
1497 if (u->type == _UNIT_TYPE_INVALID)
1498 return -EINVAL;
1499
1500 if (u->load_state != UNIT_STUB)
1501 return 0;
1502
1503 if (u->transient_file) {
1504 r = fflush_and_check(u->transient_file);
1505 if (r < 0)
1506 goto fail;
1507
1508 fclose(u->transient_file);
1509 u->transient_file = NULL;
1510
1511 u->fragment_mtime = now(CLOCK_REALTIME);
1512 }
1513
1514 if (UNIT_VTABLE(u)->load) {
1515 r = UNIT_VTABLE(u)->load(u);
1516 if (r < 0)
1517 goto fail;
1518 }
1519
1520 if (u->load_state == UNIT_STUB) {
1521 r = -ENOENT;
1522 goto fail;
1523 }
1524
1525 if (u->load_state == UNIT_LOADED) {
1526
1527 r = unit_add_target_dependencies(u);
1528 if (r < 0)
1529 goto fail;
1530
1531 r = unit_add_slice_dependencies(u);
1532 if (r < 0)
1533 goto fail;
1534
1535 r = unit_add_mount_dependencies(u);
1536 if (r < 0)
1537 goto fail;
1538
1539 r = unit_add_startup_units(u);
1540 if (r < 0)
1541 goto fail;
1542
1543 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1544 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1545 r = -EINVAL;
1546 goto fail;
1547 }
1548
1549 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1550 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1551
1552 unit_update_cgroup_members_masks(u);
1553 }
1554
1555 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1556
1557 unit_add_to_dbus_queue(unit_follow_merge(u));
1558 unit_add_to_gc_queue(u);
1559
1560 return 0;
1561
1562 fail:
1563 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1564 u->load_error = r;
1565 unit_add_to_dbus_queue(u);
1566 unit_add_to_gc_queue(u);
1567
1568 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1569
1570 return r;
1571 }
1572
1573 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1574 Condition *c;
1575 int triggered = -1;
1576
1577 assert(u);
1578 assert(to_string);
1579
1580 /* If the condition list is empty, then it is true */
1581 if (!first)
1582 return true;
1583
1584 /* Otherwise, if all of the non-trigger conditions apply and
1585 * if any of the trigger conditions apply (unless there are
1586 * none) we return true */
1587 LIST_FOREACH(conditions, c, first) {
1588 int r;
1589
1590 r = condition_test(c);
1591 if (r < 0)
1592 log_unit_warning(u,
1593 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1594 to_string(c->type),
1595 c->trigger ? "|" : "",
1596 c->negate ? "!" : "",
1597 c->parameter);
1598 else
1599 log_unit_debug(u,
1600 "%s=%s%s%s %s.",
1601 to_string(c->type),
1602 c->trigger ? "|" : "",
1603 c->negate ? "!" : "",
1604 c->parameter,
1605 condition_result_to_string(c->result));
1606
1607 if (!c->trigger && r <= 0)
1608 return false;
1609
1610 if (c->trigger && triggered <= 0)
1611 triggered = r > 0;
1612 }
1613
1614 return triggered != 0;
1615 }
1616
1617 static bool unit_condition_test(Unit *u) {
1618 assert(u);
1619
1620 dual_timestamp_get(&u->condition_timestamp);
1621 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1622
1623 return u->condition_result;
1624 }
1625
1626 static bool unit_assert_test(Unit *u) {
1627 assert(u);
1628
1629 dual_timestamp_get(&u->assert_timestamp);
1630 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1631
1632 return u->assert_result;
1633 }
1634
1635 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1636 DISABLE_WARNING_FORMAT_NONLITERAL;
1637 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1638 REENABLE_WARNING;
1639 }
1640
1641 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1642 const char *format;
1643 const UnitStatusMessageFormats *format_table;
1644
1645 assert(u);
1646 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1647
1648 if (t != JOB_RELOAD) {
1649 format_table = &UNIT_VTABLE(u)->status_message_formats;
1650 if (format_table) {
1651 format = format_table->starting_stopping[t == JOB_STOP];
1652 if (format)
1653 return format;
1654 }
1655 }
1656
1657 /* Return generic strings */
1658 if (t == JOB_START)
1659 return "Starting %s.";
1660 else if (t == JOB_STOP)
1661 return "Stopping %s.";
1662 else
1663 return "Reloading %s.";
1664 }
1665
1666 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1667 const char *format;
1668
1669 assert(u);
1670
1671 /* Reload status messages have traditionally not been printed to console. */
1672 if (!IN_SET(t, JOB_START, JOB_STOP))
1673 return;
1674
1675 format = unit_get_status_message_format(u, t);
1676
1677 DISABLE_WARNING_FORMAT_NONLITERAL;
1678 unit_status_printf(u, "", format);
1679 REENABLE_WARNING;
1680 }
1681
1682 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1683 const char *format, *mid;
1684 char buf[LINE_MAX];
1685
1686 assert(u);
1687
1688 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1689 return;
1690
1691 if (log_on_console())
1692 return;
1693
1694 /* We log status messages for all units and all operations. */
1695
1696 format = unit_get_status_message_format(u, t);
1697
1698 DISABLE_WARNING_FORMAT_NONLITERAL;
1699 xsprintf(buf, format, unit_description(u));
1700 REENABLE_WARNING;
1701
1702 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1703 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1704 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1705
1706 /* Note that we deliberately use LOG_MESSAGE() instead of
1707 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1708 * closely what is written to screen using the status output,
1709 * which is supposed the highest level, friendliest output
1710 * possible, which means we should avoid the low-level unit
1711 * name. */
1712 log_struct(LOG_INFO,
1713 LOG_MESSAGE("%s", buf),
1714 LOG_UNIT_ID(u),
1715 LOG_UNIT_INVOCATION_ID(u),
1716 mid,
1717 NULL);
1718 }
1719
1720 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1721 assert(u);
1722 assert(t >= 0);
1723 assert(t < _JOB_TYPE_MAX);
1724
1725 unit_status_log_starting_stopping_reloading(u, t);
1726 unit_status_print_starting_stopping(u, t);
1727 }
1728
1729 int unit_start_limit_test(Unit *u) {
1730 assert(u);
1731
1732 if (ratelimit_test(&u->start_limit)) {
1733 u->start_limit_hit = false;
1734 return 0;
1735 }
1736
1737 log_unit_warning(u, "Start request repeated too quickly.");
1738 u->start_limit_hit = true;
1739
1740 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1741 }
1742
1743 bool unit_shall_confirm_spawn(Unit *u) {
1744 assert(u);
1745
1746 if (manager_is_confirm_spawn_disabled(u->manager))
1747 return false;
1748
1749 /* For some reasons units remaining in the same process group
1750 * as PID 1 fail to acquire the console even if it's not used
1751 * by any process. So skip the confirmation question for them. */
1752 return !unit_get_exec_context(u)->same_pgrp;
1753 }
1754
1755 static bool unit_verify_deps(Unit *u) {
1756 Unit *other;
1757 Iterator j;
1758 void *v;
1759
1760 assert(u);
1761
1762 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1763 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1764 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1765 * conjunction with After= as for them any such check would make things entirely racy. */
1766
1767 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1768
1769 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1770 continue;
1771
1772 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1773 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1774 return false;
1775 }
1776 }
1777
1778 return true;
1779 }
1780
1781 /* Errors:
1782 * -EBADR: This unit type does not support starting.
1783 * -EALREADY: Unit is already started.
1784 * -EAGAIN: An operation is already in progress. Retry later.
1785 * -ECANCELED: Too many requests for now.
1786 * -EPROTO: Assert failed
1787 * -EINVAL: Unit not loaded
1788 * -EOPNOTSUPP: Unit type not supported
1789 * -ENOLINK: The necessary dependencies are not fulfilled.
1790 */
1791 int unit_start(Unit *u) {
1792 UnitActiveState state;
1793 Unit *following;
1794
1795 assert(u);
1796
1797 /* If this is already started, then this will succeed. Note
1798 * that this will even succeed if this unit is not startable
1799 * by the user. This is relied on to detect when we need to
1800 * wait for units and when waiting is finished. */
1801 state = unit_active_state(u);
1802 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1803 return -EALREADY;
1804
1805 /* Units that aren't loaded cannot be started */
1806 if (u->load_state != UNIT_LOADED)
1807 return -EINVAL;
1808
1809 /* If the conditions failed, don't do anything at all. If we
1810 * already are activating this call might still be useful to
1811 * speed up activation in case there is some hold-off time,
1812 * but we don't want to recheck the condition in that case. */
1813 if (state != UNIT_ACTIVATING &&
1814 !unit_condition_test(u)) {
1815 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1816 return -EALREADY;
1817 }
1818
1819 /* If the asserts failed, fail the entire job */
1820 if (state != UNIT_ACTIVATING &&
1821 !unit_assert_test(u)) {
1822 log_unit_notice(u, "Starting requested but asserts failed.");
1823 return -EPROTO;
1824 }
1825
1826 /* Units of types that aren't supported cannot be
1827 * started. Note that we do this test only after the condition
1828 * checks, so that we rather return condition check errors
1829 * (which are usually not considered a true failure) than "not
1830 * supported" errors (which are considered a failure).
1831 */
1832 if (!unit_supported(u))
1833 return -EOPNOTSUPP;
1834
1835 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1836 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1837 * effect anymore, due to a reload or due to a failed condition. */
1838 if (!unit_verify_deps(u))
1839 return -ENOLINK;
1840
1841 /* Forward to the main object, if we aren't it. */
1842 following = unit_following(u);
1843 if (following) {
1844 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1845 return unit_start(following);
1846 }
1847
1848 /* If it is stopped, but we cannot start it, then fail */
1849 if (!UNIT_VTABLE(u)->start)
1850 return -EBADR;
1851
1852 /* We don't suppress calls to ->start() here when we are
1853 * already starting, to allow this request to be used as a
1854 * "hurry up" call, for example when the unit is in some "auto
1855 * restart" state where it waits for a holdoff timer to elapse
1856 * before it will start again. */
1857
1858 unit_add_to_dbus_queue(u);
1859
1860 return UNIT_VTABLE(u)->start(u);
1861 }
1862
1863 bool unit_can_start(Unit *u) {
1864 assert(u);
1865
1866 if (u->load_state != UNIT_LOADED)
1867 return false;
1868
1869 if (!unit_supported(u))
1870 return false;
1871
1872 return !!UNIT_VTABLE(u)->start;
1873 }
1874
1875 bool unit_can_isolate(Unit *u) {
1876 assert(u);
1877
1878 return unit_can_start(u) &&
1879 u->allow_isolate;
1880 }
1881
1882 /* Errors:
1883 * -EBADR: This unit type does not support stopping.
1884 * -EALREADY: Unit is already stopped.
1885 * -EAGAIN: An operation is already in progress. Retry later.
1886 */
1887 int unit_stop(Unit *u) {
1888 UnitActiveState state;
1889 Unit *following;
1890
1891 assert(u);
1892
1893 state = unit_active_state(u);
1894 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1895 return -EALREADY;
1896
1897 following = unit_following(u);
1898 if (following) {
1899 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1900 return unit_stop(following);
1901 }
1902
1903 if (!UNIT_VTABLE(u)->stop)
1904 return -EBADR;
1905
1906 unit_add_to_dbus_queue(u);
1907
1908 return UNIT_VTABLE(u)->stop(u);
1909 }
1910
1911 bool unit_can_stop(Unit *u) {
1912 assert(u);
1913
1914 if (!unit_supported(u))
1915 return false;
1916
1917 if (u->perpetual)
1918 return false;
1919
1920 return !!UNIT_VTABLE(u)->stop;
1921 }
1922
1923 /* Errors:
1924 * -EBADR: This unit type does not support reloading.
1925 * -ENOEXEC: Unit is not started.
1926 * -EAGAIN: An operation is already in progress. Retry later.
1927 */
1928 int unit_reload(Unit *u) {
1929 UnitActiveState state;
1930 Unit *following;
1931
1932 assert(u);
1933
1934 if (u->load_state != UNIT_LOADED)
1935 return -EINVAL;
1936
1937 if (!unit_can_reload(u))
1938 return -EBADR;
1939
1940 state = unit_active_state(u);
1941 if (state == UNIT_RELOADING)
1942 return -EALREADY;
1943
1944 if (state != UNIT_ACTIVE) {
1945 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1946 return -ENOEXEC;
1947 }
1948
1949 following = unit_following(u);
1950 if (following) {
1951 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1952 return unit_reload(following);
1953 }
1954
1955 unit_add_to_dbus_queue(u);
1956
1957 if (!UNIT_VTABLE(u)->reload) {
1958 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1959 unit_notify(u, unit_active_state(u), unit_active_state(u), true);
1960 return 0;
1961 }
1962
1963 return UNIT_VTABLE(u)->reload(u);
1964 }
1965
1966 bool unit_can_reload(Unit *u) {
1967 assert(u);
1968
1969 if (UNIT_VTABLE(u)->can_reload)
1970 return UNIT_VTABLE(u)->can_reload(u);
1971
1972 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1973 return true;
1974
1975 return UNIT_VTABLE(u)->reload;
1976 }
1977
1978 static void unit_check_unneeded(Unit *u) {
1979
1980 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1981
1982 static const UnitDependency needed_dependencies[] = {
1983 UNIT_REQUIRED_BY,
1984 UNIT_REQUISITE_OF,
1985 UNIT_WANTED_BY,
1986 UNIT_BOUND_BY,
1987 };
1988
1989 unsigned j;
1990 int r;
1991
1992 assert(u);
1993
1994 /* If this service shall be shut down when unneeded then do
1995 * so. */
1996
1997 if (!u->stop_when_unneeded)
1998 return;
1999
2000 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
2001 return;
2002
2003 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
2004 Unit *other;
2005 Iterator i;
2006 void *v;
2007
2008 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
2009 if (unit_active_or_pending(other))
2010 return;
2011 }
2012
2013 /* If stopping a unit fails continuously we might enter a stop
2014 * loop here, hence stop acting on the service being
2015 * unnecessary after a while. */
2016 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2017 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
2018 return;
2019 }
2020
2021 log_unit_info(u, "Unit not needed anymore. Stopping.");
2022
2023 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2024 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2025 if (r < 0)
2026 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2027 }
2028
2029 static void unit_check_binds_to(Unit *u) {
2030 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2031 bool stop = false;
2032 Unit *other;
2033 Iterator i;
2034 void *v;
2035 int r;
2036
2037 assert(u);
2038
2039 if (u->job)
2040 return;
2041
2042 if (unit_active_state(u) != UNIT_ACTIVE)
2043 return;
2044
2045 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2046 if (other->job)
2047 continue;
2048
2049 if (!other->coldplugged)
2050 /* We might yet create a job for the other unit… */
2051 continue;
2052
2053 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2054 continue;
2055
2056 stop = true;
2057 break;
2058 }
2059
2060 if (!stop)
2061 return;
2062
2063 /* If stopping a unit fails continuously we might enter a stop
2064 * loop here, hence stop acting on the service being
2065 * unnecessary after a while. */
2066 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2067 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2068 return;
2069 }
2070
2071 assert(other);
2072 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2073
2074 /* A unit we need to run is gone. Sniff. Let's stop this. */
2075 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2076 if (r < 0)
2077 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2078 }
2079
2080 static void retroactively_start_dependencies(Unit *u) {
2081 Iterator i;
2082 Unit *other;
2083 void *v;
2084
2085 assert(u);
2086 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2087
2088 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2089 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2090 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2091 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2092
2093 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2094 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2095 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2096 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2097
2098 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2099 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2100 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2101 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2102
2103 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2104 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2105 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2106
2107 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2108 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2109 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2110 }
2111
2112 static void retroactively_stop_dependencies(Unit *u) {
2113 Unit *other;
2114 Iterator i;
2115 void *v;
2116
2117 assert(u);
2118 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2119
2120 /* Pull down units which are bound to us recursively if enabled */
2121 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2122 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2123 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2124 }
2125
2126 static void check_unneeded_dependencies(Unit *u) {
2127 Unit *other;
2128 Iterator i;
2129 void *v;
2130
2131 assert(u);
2132 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2133
2134 /* Garbage collect services that might not be needed anymore, if enabled */
2135 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2136 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2137 unit_check_unneeded(other);
2138 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2139 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2140 unit_check_unneeded(other);
2141 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2142 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2143 unit_check_unneeded(other);
2144 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2145 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2146 unit_check_unneeded(other);
2147 }
2148
2149 void unit_start_on_failure(Unit *u) {
2150 Unit *other;
2151 Iterator i;
2152 void *v;
2153
2154 assert(u);
2155
2156 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2157 return;
2158
2159 log_unit_info(u, "Triggering OnFailure= dependencies.");
2160
2161 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2162 int r;
2163
2164 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
2165 if (r < 0)
2166 log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
2167 }
2168 }
2169
2170 void unit_trigger_notify(Unit *u) {
2171 Unit *other;
2172 Iterator i;
2173 void *v;
2174
2175 assert(u);
2176
2177 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2178 if (UNIT_VTABLE(other)->trigger_notify)
2179 UNIT_VTABLE(other)->trigger_notify(other, u);
2180 }
2181
2182 static int unit_log_resources(Unit *u) {
2183
2184 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2185 size_t n_message_parts = 0, n_iovec = 0;
2186 char* message_parts[3 + 1], *t;
2187 nsec_t nsec = NSEC_INFINITY;
2188 CGroupIPAccountingMetric m;
2189 size_t i;
2190 int r;
2191 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2192 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2193 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2194 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2195 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2196 };
2197
2198 assert(u);
2199
2200 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2201 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2202 * information and the complete data in structured fields. */
2203
2204 (void) unit_get_cpu_usage(u, &nsec);
2205 if (nsec != NSEC_INFINITY) {
2206 char buf[FORMAT_TIMESPAN_MAX] = "";
2207
2208 /* Format the CPU time for inclusion in the structured log message */
2209 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2210 r = log_oom();
2211 goto finish;
2212 }
2213 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2214
2215 /* Format the CPU time for inclusion in the human language message string */
2216 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2217 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2218 if (!t) {
2219 r = log_oom();
2220 goto finish;
2221 }
2222
2223 message_parts[n_message_parts++] = t;
2224 }
2225
2226 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2227 char buf[FORMAT_BYTES_MAX] = "";
2228 uint64_t value = UINT64_MAX;
2229
2230 assert(ip_fields[m]);
2231
2232 (void) unit_get_ip_accounting(u, m, &value);
2233 if (value == UINT64_MAX)
2234 continue;
2235
2236 /* Format IP accounting data for inclusion in the structured log message */
2237 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2238 r = log_oom();
2239 goto finish;
2240 }
2241 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2242
2243 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2244 * bytes counters (and not for the packets counters) */
2245 if (m == CGROUP_IP_INGRESS_BYTES)
2246 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2247 format_bytes(buf, sizeof(buf), value),
2248 " IP traffic");
2249 else if (m == CGROUP_IP_EGRESS_BYTES)
2250 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2251 format_bytes(buf, sizeof(buf), value),
2252 " IP traffic");
2253 else
2254 continue;
2255 if (!t) {
2256 r = log_oom();
2257 goto finish;
2258 }
2259
2260 message_parts[n_message_parts++] = t;
2261 }
2262
2263 /* Is there any accounting data available at all? */
2264 if (n_iovec == 0) {
2265 r = 0;
2266 goto finish;
2267 }
2268
2269 if (n_message_parts == 0)
2270 t = strjoina("MESSAGE=", u->id, ": Completed");
2271 else {
2272 _cleanup_free_ char *joined;
2273
2274 message_parts[n_message_parts] = NULL;
2275
2276 joined = strv_join(message_parts, ", ");
2277 if (!joined) {
2278 r = log_oom();
2279 goto finish;
2280 }
2281
2282 t = strjoina("MESSAGE=", u->id, ": ", joined);
2283 }
2284
2285 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2286 * and hence don't increase n_iovec for them */
2287 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2288 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2289
2290 t = strjoina(u->manager->unit_log_field, u->id);
2291 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2292
2293 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2294 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2295
2296 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2297 r = 0;
2298
2299 finish:
2300 for (i = 0; i < n_message_parts; i++)
2301 free(message_parts[i]);
2302
2303 for (i = 0; i < n_iovec; i++)
2304 free(iovec[i].iov_base);
2305
2306 return r;
2307
2308 }
2309
2310 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2311 Manager *m;
2312 bool unexpected;
2313
2314 assert(u);
2315 assert(os < _UNIT_ACTIVE_STATE_MAX);
2316 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2317
2318 /* Note that this is called for all low-level state changes,
2319 * even if they might map to the same high-level
2320 * UnitActiveState! That means that ns == os is an expected
2321 * behavior here. For example: if a mount point is remounted
2322 * this function will be called too! */
2323
2324 m = u->manager;
2325
2326 /* Update timestamps for state changes */
2327 if (!MANAGER_IS_RELOADING(m)) {
2328 dual_timestamp_get(&u->state_change_timestamp);
2329
2330 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2331 u->inactive_exit_timestamp = u->state_change_timestamp;
2332 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2333 u->inactive_enter_timestamp = u->state_change_timestamp;
2334
2335 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2336 u->active_enter_timestamp = u->state_change_timestamp;
2337 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2338 u->active_exit_timestamp = u->state_change_timestamp;
2339 }
2340
2341 /* Keep track of failed units */
2342 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2343
2344 /* Make sure the cgroup and state files are always removed when we become inactive */
2345 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2346 unit_prune_cgroup(u);
2347 unit_unlink_state_files(u);
2348 }
2349
2350 /* Note that this doesn't apply to RemainAfterExit services exiting
2351 * successfully, since there's no change of state in that case. Which is
2352 * why it is handled in service_set_state() */
2353 if (UNIT_IS_INACTIVE_OR_FAILED(os) != UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2354 ExecContext *ec;
2355
2356 ec = unit_get_exec_context(u);
2357 if (ec && exec_context_may_touch_console(ec)) {
2358 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2359 m->n_on_console--;
2360
2361 if (m->n_on_console == 0)
2362 /* unset no_console_output flag, since the console is free */
2363 m->no_console_output = false;
2364 } else
2365 m->n_on_console++;
2366 }
2367 }
2368
2369 if (u->job) {
2370 unexpected = false;
2371
2372 if (u->job->state == JOB_WAITING)
2373
2374 /* So we reached a different state for this
2375 * job. Let's see if we can run it now if it
2376 * failed previously due to EAGAIN. */
2377 job_add_to_run_queue(u->job);
2378
2379 /* Let's check whether this state change constitutes a
2380 * finished job, or maybe contradicts a running job and
2381 * hence needs to invalidate jobs. */
2382
2383 switch (u->job->type) {
2384
2385 case JOB_START:
2386 case JOB_VERIFY_ACTIVE:
2387
2388 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2389 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2390 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2391 unexpected = true;
2392
2393 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2394 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2395 }
2396
2397 break;
2398
2399 case JOB_RELOAD:
2400 case JOB_RELOAD_OR_START:
2401 case JOB_TRY_RELOAD:
2402
2403 if (u->job->state == JOB_RUNNING) {
2404 if (ns == UNIT_ACTIVE)
2405 job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2406 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2407 unexpected = true;
2408
2409 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2410 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2411 }
2412 }
2413
2414 break;
2415
2416 case JOB_STOP:
2417 case JOB_RESTART:
2418 case JOB_TRY_RESTART:
2419
2420 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2421 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2422 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2423 unexpected = true;
2424 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2425 }
2426
2427 break;
2428
2429 default:
2430 assert_not_reached("Job type unknown");
2431 }
2432
2433 } else
2434 unexpected = true;
2435
2436 if (!MANAGER_IS_RELOADING(m)) {
2437
2438 /* If this state change happened without being
2439 * requested by a job, then let's retroactively start
2440 * or stop dependencies. We skip that step when
2441 * deserializing, since we don't want to create any
2442 * additional jobs just because something is already
2443 * activated. */
2444
2445 if (unexpected) {
2446 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2447 retroactively_start_dependencies(u);
2448 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2449 retroactively_stop_dependencies(u);
2450 }
2451
2452 /* stop unneeded units regardless if going down was expected or not */
2453 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2454 check_unneeded_dependencies(u);
2455
2456 if (ns != os && ns == UNIT_FAILED) {
2457 log_unit_debug(u, "Unit entered failed state.");
2458 unit_start_on_failure(u);
2459 }
2460 }
2461
2462 /* Some names are special */
2463 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2464
2465 if (unit_has_name(u, SPECIAL_DBUS_SERVICE))
2466 /* The bus might have just become available,
2467 * hence try to connect to it, if we aren't
2468 * yet connected. */
2469 bus_init(m, true);
2470
2471 if (u->type == UNIT_SERVICE &&
2472 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2473 !MANAGER_IS_RELOADING(m)) {
2474 /* Write audit record if we have just finished starting up */
2475 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2476 u->in_audit = true;
2477 }
2478
2479 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2480 manager_send_unit_plymouth(m, u);
2481
2482 } else {
2483 /* We don't care about D-Bus going down here, since we'll get an asynchronous notification for it
2484 * anyway. */
2485
2486 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2487 !UNIT_IS_INACTIVE_OR_FAILED(os)
2488 && !MANAGER_IS_RELOADING(m)) {
2489
2490 /* This unit just stopped/failed. */
2491 if (u->type == UNIT_SERVICE) {
2492
2493 /* Hmm, if there was no start record written
2494 * write it now, so that we always have a nice
2495 * pair */
2496 if (!u->in_audit) {
2497 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2498
2499 if (ns == UNIT_INACTIVE)
2500 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2501 } else
2502 /* Write audit record if we have just finished shutting down */
2503 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2504
2505 u->in_audit = false;
2506 }
2507
2508 /* Write a log message about consumed resources */
2509 unit_log_resources(u);
2510 }
2511 }
2512
2513 manager_recheck_journal(m);
2514 unit_trigger_notify(u);
2515
2516 if (!MANAGER_IS_RELOADING(u->manager)) {
2517 /* Maybe we finished startup and are now ready for
2518 * being stopped because unneeded? */
2519 unit_check_unneeded(u);
2520
2521 /* Maybe we finished startup, but something we needed
2522 * has vanished? Let's die then. (This happens when
2523 * something BindsTo= to a Type=oneshot unit, as these
2524 * units go directly from starting to inactive,
2525 * without ever entering started.) */
2526 unit_check_binds_to(u);
2527
2528 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2529 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2530 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2531 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2532 }
2533
2534 unit_add_to_dbus_queue(u);
2535 unit_add_to_gc_queue(u);
2536 }
2537
2538 int unit_watch_pid(Unit *u, pid_t pid) {
2539 int q, r;
2540
2541 assert(u);
2542 assert(pid >= 1);
2543
2544 /* Watch a specific PID. We only support one or two units
2545 * watching each PID for now, not more. */
2546
2547 r = set_ensure_allocated(&u->pids, NULL);
2548 if (r < 0)
2549 return r;
2550
2551 r = hashmap_ensure_allocated(&u->manager->watch_pids1, NULL);
2552 if (r < 0)
2553 return r;
2554
2555 r = hashmap_put(u->manager->watch_pids1, PID_TO_PTR(pid), u);
2556 if (r == -EEXIST) {
2557 r = hashmap_ensure_allocated(&u->manager->watch_pids2, NULL);
2558 if (r < 0)
2559 return r;
2560
2561 r = hashmap_put(u->manager->watch_pids2, PID_TO_PTR(pid), u);
2562 }
2563
2564 q = set_put(u->pids, PID_TO_PTR(pid));
2565 if (q < 0)
2566 return q;
2567
2568 return r;
2569 }
2570
2571 void unit_unwatch_pid(Unit *u, pid_t pid) {
2572 assert(u);
2573 assert(pid >= 1);
2574
2575 (void) hashmap_remove_value(u->manager->watch_pids1, PID_TO_PTR(pid), u);
2576 (void) hashmap_remove_value(u->manager->watch_pids2, PID_TO_PTR(pid), u);
2577 (void) set_remove(u->pids, PID_TO_PTR(pid));
2578 }
2579
2580 void unit_unwatch_all_pids(Unit *u) {
2581 assert(u);
2582
2583 while (!set_isempty(u->pids))
2584 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2585
2586 u->pids = set_free(u->pids);
2587 }
2588
2589 void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
2590 Iterator i;
2591 void *e;
2592
2593 assert(u);
2594
2595 /* Cleans dead PIDs from our list */
2596
2597 SET_FOREACH(e, u->pids, i) {
2598 pid_t pid = PTR_TO_PID(e);
2599
2600 if (pid == except1 || pid == except2)
2601 continue;
2602
2603 if (!pid_is_unwaited(pid))
2604 unit_unwatch_pid(u, pid);
2605 }
2606 }
2607
2608 bool unit_job_is_applicable(Unit *u, JobType j) {
2609 assert(u);
2610 assert(j >= 0 && j < _JOB_TYPE_MAX);
2611
2612 switch (j) {
2613
2614 case JOB_VERIFY_ACTIVE:
2615 case JOB_START:
2616 case JOB_NOP:
2617 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2618 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2619 * jobs for it. */
2620 return true;
2621
2622 case JOB_STOP:
2623 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2624 * external events), hence it makes no sense to permit enqueing such a request either. */
2625 return !u->perpetual;
2626
2627 case JOB_RESTART:
2628 case JOB_TRY_RESTART:
2629 return unit_can_stop(u) && unit_can_start(u);
2630
2631 case JOB_RELOAD:
2632 case JOB_TRY_RELOAD:
2633 return unit_can_reload(u);
2634
2635 case JOB_RELOAD_OR_START:
2636 return unit_can_reload(u) && unit_can_start(u);
2637
2638 default:
2639 assert_not_reached("Invalid job type");
2640 }
2641 }
2642
2643 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2644 assert(u);
2645
2646 /* Only warn about some unit types */
2647 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2648 return;
2649
2650 if (streq_ptr(u->id, other))
2651 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2652 else
2653 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2654 }
2655
2656 static int unit_add_dependency_hashmap(
2657 Hashmap **h,
2658 Unit *other,
2659 UnitDependencyMask origin_mask,
2660 UnitDependencyMask destination_mask) {
2661
2662 UnitDependencyInfo info;
2663 int r;
2664
2665 assert(h);
2666 assert(other);
2667 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2668 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2669 assert(origin_mask > 0 || destination_mask > 0);
2670
2671 r = hashmap_ensure_allocated(h, NULL);
2672 if (r < 0)
2673 return r;
2674
2675 assert_cc(sizeof(void*) == sizeof(info));
2676
2677 info.data = hashmap_get(*h, other);
2678 if (info.data) {
2679 /* Entry already exists. Add in our mask. */
2680
2681 if ((info.origin_mask & origin_mask) == info.origin_mask &&
2682 (info.destination_mask & destination_mask) == info.destination_mask)
2683 return 0; /* NOP */
2684
2685 info.origin_mask |= origin_mask;
2686 info.destination_mask |= destination_mask;
2687
2688 r = hashmap_update(*h, other, info.data);
2689 } else {
2690 info = (UnitDependencyInfo) {
2691 .origin_mask = origin_mask,
2692 .destination_mask = destination_mask,
2693 };
2694
2695 r = hashmap_put(*h, other, info.data);
2696 }
2697 if (r < 0)
2698 return r;
2699
2700 return 1;
2701 }
2702
2703 int unit_add_dependency(
2704 Unit *u,
2705 UnitDependency d,
2706 Unit *other,
2707 bool add_reference,
2708 UnitDependencyMask mask) {
2709
2710 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2711 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2712 [UNIT_WANTS] = UNIT_WANTED_BY,
2713 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2714 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2715 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2716 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2717 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2718 [UNIT_WANTED_BY] = UNIT_WANTS,
2719 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2720 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2721 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2722 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2723 [UNIT_BEFORE] = UNIT_AFTER,
2724 [UNIT_AFTER] = UNIT_BEFORE,
2725 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2726 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2727 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2728 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2729 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2730 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2731 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2732 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2733 };
2734 Unit *original_u = u, *original_other = other;
2735 int r;
2736
2737 assert(u);
2738 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2739 assert(other);
2740
2741 u = unit_follow_merge(u);
2742 other = unit_follow_merge(other);
2743
2744 /* We won't allow dependencies on ourselves. We will not
2745 * consider them an error however. */
2746 if (u == other) {
2747 maybe_warn_about_dependency(original_u, original_other->id, d);
2748 return 0;
2749 }
2750
2751 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2752 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2753 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2754 return 0;
2755 }
2756
2757 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2758 if (r < 0)
2759 return r;
2760
2761 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2762 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2763 if (r < 0)
2764 return r;
2765 }
2766
2767 if (add_reference) {
2768 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2769 if (r < 0)
2770 return r;
2771
2772 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2773 if (r < 0)
2774 return r;
2775 }
2776
2777 unit_add_to_dbus_queue(u);
2778 return 0;
2779 }
2780
2781 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2782 int r;
2783
2784 assert(u);
2785
2786 r = unit_add_dependency(u, d, other, add_reference, mask);
2787 if (r < 0)
2788 return r;
2789
2790 return unit_add_dependency(u, e, other, add_reference, mask);
2791 }
2792
2793 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2794 int r;
2795
2796 assert(u);
2797 assert(name || path);
2798 assert(buf);
2799 assert(ret);
2800
2801 if (!name)
2802 name = basename(path);
2803
2804 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2805 *buf = NULL;
2806 *ret = name;
2807 return 0;
2808 }
2809
2810 if (u->instance)
2811 r = unit_name_replace_instance(name, u->instance, buf);
2812 else {
2813 _cleanup_free_ char *i = NULL;
2814
2815 r = unit_name_to_prefix(u->id, &i);
2816 if (r < 0)
2817 return r;
2818
2819 r = unit_name_replace_instance(name, i, buf);
2820 }
2821 if (r < 0)
2822 return r;
2823
2824 *ret = *buf;
2825 return 0;
2826 }
2827
2828 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2829 _cleanup_free_ char *buf = NULL;
2830 Unit *other;
2831 int r;
2832
2833 assert(u);
2834 assert(name || path);
2835
2836 r = resolve_template(u, name, path, &buf, &name);
2837 if (r < 0)
2838 return r;
2839
2840 r = manager_load_unit(u->manager, name, path, NULL, &other);
2841 if (r < 0)
2842 return r;
2843
2844 return unit_add_dependency(u, d, other, add_reference, mask);
2845 }
2846
2847 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2848 _cleanup_free_ char *buf = NULL;
2849 Unit *other;
2850 int r;
2851
2852 assert(u);
2853 assert(name || path);
2854
2855 r = resolve_template(u, name, path, &buf, &name);
2856 if (r < 0)
2857 return r;
2858
2859 r = manager_load_unit(u->manager, name, path, NULL, &other);
2860 if (r < 0)
2861 return r;
2862
2863 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2864 }
2865
2866 int set_unit_path(const char *p) {
2867 /* This is mostly for debug purposes */
2868 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2869 return -errno;
2870
2871 return 0;
2872 }
2873
2874 char *unit_dbus_path(Unit *u) {
2875 assert(u);
2876
2877 if (!u->id)
2878 return NULL;
2879
2880 return unit_dbus_path_from_name(u->id);
2881 }
2882
2883 char *unit_dbus_path_invocation_id(Unit *u) {
2884 assert(u);
2885
2886 if (sd_id128_is_null(u->invocation_id))
2887 return NULL;
2888
2889 return unit_dbus_path_from_name(u->invocation_id_string);
2890 }
2891
2892 int unit_set_slice(Unit *u, Unit *slice) {
2893 assert(u);
2894 assert(slice);
2895
2896 /* Sets the unit slice if it has not been set before. Is extra
2897 * careful, to only allow this for units that actually have a
2898 * cgroup context. Also, we don't allow to set this for slices
2899 * (since the parent slice is derived from the name). Make
2900 * sure the unit we set is actually a slice. */
2901
2902 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2903 return -EOPNOTSUPP;
2904
2905 if (u->type == UNIT_SLICE)
2906 return -EINVAL;
2907
2908 if (unit_active_state(u) != UNIT_INACTIVE)
2909 return -EBUSY;
2910
2911 if (slice->type != UNIT_SLICE)
2912 return -EINVAL;
2913
2914 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
2915 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
2916 return -EPERM;
2917
2918 if (UNIT_DEREF(u->slice) == slice)
2919 return 0;
2920
2921 /* Disallow slice changes if @u is already bound to cgroups */
2922 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
2923 return -EBUSY;
2924
2925 unit_ref_unset(&u->slice);
2926 unit_ref_set(&u->slice, slice);
2927 return 1;
2928 }
2929
2930 int unit_set_default_slice(Unit *u) {
2931 _cleanup_free_ char *b = NULL;
2932 const char *slice_name;
2933 Unit *slice;
2934 int r;
2935
2936 assert(u);
2937
2938 if (UNIT_ISSET(u->slice))
2939 return 0;
2940
2941 if (u->instance) {
2942 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
2943
2944 /* Implicitly place all instantiated units in their
2945 * own per-template slice */
2946
2947 r = unit_name_to_prefix(u->id, &prefix);
2948 if (r < 0)
2949 return r;
2950
2951 /* The prefix is already escaped, but it might include
2952 * "-" which has a special meaning for slice units,
2953 * hence escape it here extra. */
2954 escaped = unit_name_escape(prefix);
2955 if (!escaped)
2956 return -ENOMEM;
2957
2958 if (MANAGER_IS_SYSTEM(u->manager))
2959 b = strjoin("system-", escaped, ".slice");
2960 else
2961 b = strappend(escaped, ".slice");
2962 if (!b)
2963 return -ENOMEM;
2964
2965 slice_name = b;
2966 } else
2967 slice_name =
2968 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
2969 ? SPECIAL_SYSTEM_SLICE
2970 : SPECIAL_ROOT_SLICE;
2971
2972 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
2973 if (r < 0)
2974 return r;
2975
2976 return unit_set_slice(u, slice);
2977 }
2978
2979 const char *unit_slice_name(Unit *u) {
2980 assert(u);
2981
2982 if (!UNIT_ISSET(u->slice))
2983 return NULL;
2984
2985 return UNIT_DEREF(u->slice)->id;
2986 }
2987
2988 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
2989 _cleanup_free_ char *t = NULL;
2990 int r;
2991
2992 assert(u);
2993 assert(type);
2994 assert(_found);
2995
2996 r = unit_name_change_suffix(u->id, type, &t);
2997 if (r < 0)
2998 return r;
2999 if (unit_has_name(u, t))
3000 return -EINVAL;
3001
3002 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3003 assert(r < 0 || *_found != u);
3004 return r;
3005 }
3006
3007 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3008 const char *name, *old_owner, *new_owner;
3009 Unit *u = userdata;
3010 int r;
3011
3012 assert(message);
3013 assert(u);
3014
3015 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3016 if (r < 0) {
3017 bus_log_parse_error(r);
3018 return 0;
3019 }
3020
3021 old_owner = isempty(old_owner) ? NULL : old_owner;
3022 new_owner = isempty(new_owner) ? NULL : new_owner;
3023
3024 if (UNIT_VTABLE(u)->bus_name_owner_change)
3025 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3026
3027 return 0;
3028 }
3029
3030 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3031 const char *match;
3032
3033 assert(u);
3034 assert(bus);
3035 assert(name);
3036
3037 if (u->match_bus_slot)
3038 return -EBUSY;
3039
3040 match = strjoina("type='signal',"
3041 "sender='org.freedesktop.DBus',"
3042 "path='/org/freedesktop/DBus',"
3043 "interface='org.freedesktop.DBus',"
3044 "member='NameOwnerChanged',"
3045 "arg0='", name, "'");
3046
3047 return sd_bus_add_match(bus, &u->match_bus_slot, match, signal_name_owner_changed, u);
3048 }
3049
3050 int unit_watch_bus_name(Unit *u, const char *name) {
3051 int r;
3052
3053 assert(u);
3054 assert(name);
3055
3056 /* Watch a specific name on the bus. We only support one unit
3057 * watching each name for now. */
3058
3059 if (u->manager->api_bus) {
3060 /* If the bus is already available, install the match directly.
3061 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3062 r = unit_install_bus_match(u, u->manager->api_bus, name);
3063 if (r < 0)
3064 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3065 }
3066
3067 r = hashmap_put(u->manager->watch_bus, name, u);
3068 if (r < 0) {
3069 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3070 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3071 }
3072
3073 return 0;
3074 }
3075
3076 void unit_unwatch_bus_name(Unit *u, const char *name) {
3077 assert(u);
3078 assert(name);
3079
3080 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3081 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3082 }
3083
3084 bool unit_can_serialize(Unit *u) {
3085 assert(u);
3086
3087 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3088 }
3089
3090 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3091 _cleanup_free_ char *s = NULL;
3092 int r = 0;
3093
3094 assert(f);
3095 assert(key);
3096
3097 if (mask != 0) {
3098 r = cg_mask_to_string(mask, &s);
3099 if (r >= 0) {
3100 fputs(key, f);
3101 fputc('=', f);
3102 fputs(s, f);
3103 fputc('\n', f);
3104 }
3105 }
3106 return r;
3107 }
3108
3109 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3110 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3111 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3112 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3113 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3114 };
3115
3116 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3117 CGroupIPAccountingMetric m;
3118 int r;
3119
3120 assert(u);
3121 assert(f);
3122 assert(fds);
3123
3124 if (unit_can_serialize(u)) {
3125 ExecRuntime *rt;
3126
3127 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3128 if (r < 0)
3129 return r;
3130
3131 rt = unit_get_exec_runtime(u);
3132 if (rt) {
3133 r = exec_runtime_serialize(u, rt, f, fds);
3134 if (r < 0)
3135 return r;
3136 }
3137 }
3138
3139 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3140
3141 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3142 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3143 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3144 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3145
3146 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3147 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3148
3149 if (dual_timestamp_is_set(&u->condition_timestamp))
3150 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3151
3152 if (dual_timestamp_is_set(&u->assert_timestamp))
3153 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3154
3155 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3156
3157 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3158 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3159 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3160
3161 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3162 if (u->cpu_usage_last != NSEC_INFINITY)
3163 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3164
3165 if (u->cgroup_path)
3166 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3167 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3168 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3169 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3170 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3171
3172 if (uid_is_valid(u->ref_uid))
3173 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3174 if (gid_is_valid(u->ref_gid))
3175 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3176
3177 if (!sd_id128_is_null(u->invocation_id))
3178 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3179
3180 bus_track_serialize(u->bus_track, f, "ref");
3181
3182 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3183 uint64_t v;
3184
3185 r = unit_get_ip_accounting(u, m, &v);
3186 if (r >= 0)
3187 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3188 }
3189
3190 if (serialize_jobs) {
3191 if (u->job) {
3192 fprintf(f, "job\n");
3193 job_serialize(u->job, f);
3194 }
3195
3196 if (u->nop_job) {
3197 fprintf(f, "job\n");
3198 job_serialize(u->nop_job, f);
3199 }
3200 }
3201
3202 /* End marker */
3203 fputc('\n', f);
3204 return 0;
3205 }
3206
3207 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3208 assert(u);
3209 assert(f);
3210 assert(key);
3211
3212 if (!value)
3213 return 0;
3214
3215 fputs(key, f);
3216 fputc('=', f);
3217 fputs(value, f);
3218 fputc('\n', f);
3219
3220 return 1;
3221 }
3222
3223 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3224 _cleanup_free_ char *c = NULL;
3225
3226 assert(u);
3227 assert(f);
3228 assert(key);
3229
3230 if (!value)
3231 return 0;
3232
3233 c = cescape(value);
3234 if (!c)
3235 return -ENOMEM;
3236
3237 fputs(key, f);
3238 fputc('=', f);
3239 fputs(c, f);
3240 fputc('\n', f);
3241
3242 return 1;
3243 }
3244
3245 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3246 int copy;
3247
3248 assert(u);
3249 assert(f);
3250 assert(key);
3251
3252 if (fd < 0)
3253 return 0;
3254
3255 copy = fdset_put_dup(fds, fd);
3256 if (copy < 0)
3257 return copy;
3258
3259 fprintf(f, "%s=%i\n", key, copy);
3260 return 1;
3261 }
3262
3263 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3264 va_list ap;
3265
3266 assert(u);
3267 assert(f);
3268 assert(key);
3269 assert(format);
3270
3271 fputs(key, f);
3272 fputc('=', f);
3273
3274 va_start(ap, format);
3275 vfprintf(f, format, ap);
3276 va_end(ap);
3277
3278 fputc('\n', f);
3279 }
3280
3281 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3282 ExecRuntime **rt = NULL;
3283 size_t offset;
3284 int r;
3285
3286 assert(u);
3287 assert(f);
3288 assert(fds);
3289
3290 offset = UNIT_VTABLE(u)->exec_runtime_offset;
3291 if (offset > 0)
3292 rt = (ExecRuntime**) ((uint8_t*) u + offset);
3293
3294 for (;;) {
3295 char line[LINE_MAX], *l, *v;
3296 CGroupIPAccountingMetric m;
3297 size_t k;
3298
3299 if (!fgets(line, sizeof(line), f)) {
3300 if (feof(f))
3301 return 0;
3302 return -errno;
3303 }
3304
3305 char_array_0(line);
3306 l = strstrip(line);
3307
3308 /* End marker */
3309 if (isempty(l))
3310 break;
3311
3312 k = strcspn(l, "=");
3313
3314 if (l[k] == '=') {
3315 l[k] = 0;
3316 v = l+k+1;
3317 } else
3318 v = l+k;
3319
3320 if (streq(l, "job")) {
3321 if (v[0] == '\0') {
3322 /* new-style serialized job */
3323 Job *j;
3324
3325 j = job_new_raw(u);
3326 if (!j)
3327 return log_oom();
3328
3329 r = job_deserialize(j, f);
3330 if (r < 0) {
3331 job_free(j);
3332 return r;
3333 }
3334
3335 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3336 if (r < 0) {
3337 job_free(j);
3338 return r;
3339 }
3340
3341 r = job_install_deserialized(j);
3342 if (r < 0) {
3343 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3344 job_free(j);
3345 return r;
3346 }
3347 } else /* legacy for pre-44 */
3348 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3349 continue;
3350 } else if (streq(l, "state-change-timestamp")) {
3351 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3352 continue;
3353 } else if (streq(l, "inactive-exit-timestamp")) {
3354 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3355 continue;
3356 } else if (streq(l, "active-enter-timestamp")) {
3357 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3358 continue;
3359 } else if (streq(l, "active-exit-timestamp")) {
3360 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3361 continue;
3362 } else if (streq(l, "inactive-enter-timestamp")) {
3363 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3364 continue;
3365 } else if (streq(l, "condition-timestamp")) {
3366 dual_timestamp_deserialize(v, &u->condition_timestamp);
3367 continue;
3368 } else if (streq(l, "assert-timestamp")) {
3369 dual_timestamp_deserialize(v, &u->assert_timestamp);
3370 continue;
3371 } else if (streq(l, "condition-result")) {
3372
3373 r = parse_boolean(v);
3374 if (r < 0)
3375 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3376 else
3377 u->condition_result = r;
3378
3379 continue;
3380
3381 } else if (streq(l, "assert-result")) {
3382
3383 r = parse_boolean(v);
3384 if (r < 0)
3385 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3386 else
3387 u->assert_result = r;
3388
3389 continue;
3390
3391 } else if (streq(l, "transient")) {
3392
3393 r = parse_boolean(v);
3394 if (r < 0)
3395 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3396 else
3397 u->transient = r;
3398
3399 continue;
3400
3401 } else if (streq(l, "exported-invocation-id")) {
3402
3403 r = parse_boolean(v);
3404 if (r < 0)
3405 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3406 else
3407 u->exported_invocation_id = r;
3408
3409 continue;
3410
3411 } else if (streq(l, "exported-log-level-max")) {
3412
3413 r = parse_boolean(v);
3414 if (r < 0)
3415 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3416 else
3417 u->exported_log_level_max = r;
3418
3419 continue;
3420
3421 } else if (streq(l, "exported-log-extra-fields")) {
3422
3423 r = parse_boolean(v);
3424 if (r < 0)
3425 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3426 else
3427 u->exported_log_extra_fields = r;
3428
3429 continue;
3430
3431 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3432
3433 r = safe_atou64(v, &u->cpu_usage_base);
3434 if (r < 0)
3435 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3436
3437 continue;
3438
3439 } else if (streq(l, "cpu-usage-last")) {
3440
3441 r = safe_atou64(v, &u->cpu_usage_last);
3442 if (r < 0)
3443 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3444
3445 continue;
3446
3447 } else if (streq(l, "cgroup")) {
3448
3449 r = unit_set_cgroup_path(u, v);
3450 if (r < 0)
3451 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3452
3453 (void) unit_watch_cgroup(u);
3454
3455 continue;
3456 } else if (streq(l, "cgroup-realized")) {
3457 int b;
3458
3459 b = parse_boolean(v);
3460 if (b < 0)
3461 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3462 else
3463 u->cgroup_realized = b;
3464
3465 continue;
3466
3467 } else if (streq(l, "cgroup-realized-mask")) {
3468
3469 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3470 if (r < 0)
3471 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3472 continue;
3473
3474 } else if (streq(l, "cgroup-enabled-mask")) {
3475
3476 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3477 if (r < 0)
3478 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3479 continue;
3480
3481 } else if (streq(l, "cgroup-bpf-realized")) {
3482 int i;
3483
3484 r = safe_atoi(v, &i);
3485 if (r < 0)
3486 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3487 else
3488 u->cgroup_bpf_state =
3489 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3490 i > 0 ? UNIT_CGROUP_BPF_ON :
3491 UNIT_CGROUP_BPF_OFF;
3492
3493 continue;
3494
3495 } else if (streq(l, "ref-uid")) {
3496 uid_t uid;
3497
3498 r = parse_uid(v, &uid);
3499 if (r < 0)
3500 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3501 else
3502 unit_ref_uid_gid(u, uid, GID_INVALID);
3503
3504 continue;
3505
3506 } else if (streq(l, "ref-gid")) {
3507 gid_t gid;
3508
3509 r = parse_gid(v, &gid);
3510 if (r < 0)
3511 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3512 else
3513 unit_ref_uid_gid(u, UID_INVALID, gid);
3514
3515 } else if (streq(l, "ref")) {
3516
3517 r = strv_extend(&u->deserialized_refs, v);
3518 if (r < 0)
3519 log_oom();
3520
3521 continue;
3522 } else if (streq(l, "invocation-id")) {
3523 sd_id128_t id;
3524
3525 r = sd_id128_from_string(v, &id);
3526 if (r < 0)
3527 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3528 else {
3529 r = unit_set_invocation_id(u, id);
3530 if (r < 0)
3531 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3532 }
3533
3534 continue;
3535 }
3536
3537 /* Check if this is an IP accounting metric serialization field */
3538 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3539 if (streq(l, ip_accounting_metric_field[m]))
3540 break;
3541 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3542 uint64_t c;
3543
3544 r = safe_atou64(v, &c);
3545 if (r < 0)
3546 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3547 else
3548 u->ip_accounting_extra[m] = c;
3549 continue;
3550 }
3551
3552 if (unit_can_serialize(u)) {
3553 if (rt) {
3554 r = exec_runtime_deserialize_item(u, rt, l, v, fds);
3555 if (r < 0) {
3556 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3557 continue;
3558 }
3559
3560 /* Returns positive if key was handled by the call */
3561 if (r > 0)
3562 continue;
3563 }
3564
3565 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3566 if (r < 0)
3567 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3568 }
3569 }
3570
3571 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3572 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3573 * before 228 where the base for timeouts was not persistent across reboots. */
3574
3575 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3576 dual_timestamp_get(&u->state_change_timestamp);
3577
3578 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3579 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3580 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3581 unit_invalidate_cgroup_bpf(u);
3582
3583 return 0;
3584 }
3585
3586 void unit_deserialize_skip(FILE *f) {
3587 assert(f);
3588
3589 /* Skip serialized data for this unit. We don't know what it is. */
3590
3591 for (;;) {
3592 char line[LINE_MAX], *l;
3593
3594 if (!fgets(line, sizeof line, f))
3595 return;
3596
3597 char_array_0(line);
3598 l = strstrip(line);
3599
3600 /* End marker */
3601 if (isempty(l))
3602 return;
3603 }
3604 }
3605
3606
3607 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3608 Unit *device;
3609 _cleanup_free_ char *e = NULL;
3610 int r;
3611
3612 assert(u);
3613
3614 /* Adds in links to the device node that this unit is based on */
3615 if (isempty(what))
3616 return 0;
3617
3618 if (!is_device_path(what))
3619 return 0;
3620
3621 /* When device units aren't supported (such as in a
3622 * container), don't create dependencies on them. */
3623 if (!unit_type_supported(UNIT_DEVICE))
3624 return 0;
3625
3626 r = unit_name_from_path(what, ".device", &e);
3627 if (r < 0)
3628 return r;
3629
3630 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3631 if (r < 0)
3632 return r;
3633
3634 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3635 dep = UNIT_BINDS_TO;
3636
3637 r = unit_add_two_dependencies(u, UNIT_AFTER,
3638 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3639 device, true, mask);
3640 if (r < 0)
3641 return r;
3642
3643 if (wants) {
3644 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3645 if (r < 0)
3646 return r;
3647 }
3648
3649 return 0;
3650 }
3651
3652 int unit_coldplug(Unit *u) {
3653 int r = 0, q;
3654 char **i;
3655
3656 assert(u);
3657
3658 /* Make sure we don't enter a loop, when coldplugging
3659 * recursively. */
3660 if (u->coldplugged)
3661 return 0;
3662
3663 u->coldplugged = true;
3664
3665 STRV_FOREACH(i, u->deserialized_refs) {
3666 q = bus_unit_track_add_name(u, *i);
3667 if (q < 0 && r >= 0)
3668 r = q;
3669 }
3670 u->deserialized_refs = strv_free(u->deserialized_refs);
3671
3672 if (UNIT_VTABLE(u)->coldplug) {
3673 q = UNIT_VTABLE(u)->coldplug(u);
3674 if (q < 0 && r >= 0)
3675 r = q;
3676 }
3677
3678 if (u->job) {
3679 q = job_coldplug(u->job);
3680 if (q < 0 && r >= 0)
3681 r = q;
3682 }
3683
3684 return r;
3685 }
3686
3687 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3688 struct stat st;
3689
3690 if (!path)
3691 return false;
3692
3693 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3694 * are never out-of-date. */
3695 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3696 return false;
3697
3698 if (stat(path, &st) < 0)
3699 /* What, cannot access this anymore? */
3700 return true;
3701
3702 if (path_masked)
3703 /* For masked files check if they are still so */
3704 return !null_or_empty(&st);
3705 else
3706 /* For non-empty files check the mtime */
3707 return timespec_load(&st.st_mtim) > mtime;
3708
3709 return false;
3710 }
3711
3712 bool unit_need_daemon_reload(Unit *u) {
3713 _cleanup_strv_free_ char **t = NULL;
3714 char **path;
3715
3716 assert(u);
3717
3718 /* For unit files, we allow masking… */
3719 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3720 u->load_state == UNIT_MASKED))
3721 return true;
3722
3723 /* Source paths should not be masked… */
3724 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3725 return true;
3726
3727 if (u->load_state == UNIT_LOADED)
3728 (void) unit_find_dropin_paths(u, &t);
3729 if (!strv_equal(u->dropin_paths, t))
3730 return true;
3731
3732 /* … any drop-ins that are masked are simply omitted from the list. */
3733 STRV_FOREACH(path, u->dropin_paths)
3734 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3735 return true;
3736
3737 return false;
3738 }
3739
3740 void unit_reset_failed(Unit *u) {
3741 assert(u);
3742
3743 if (UNIT_VTABLE(u)->reset_failed)
3744 UNIT_VTABLE(u)->reset_failed(u);
3745
3746 RATELIMIT_RESET(u->start_limit);
3747 u->start_limit_hit = false;
3748 }
3749
3750 Unit *unit_following(Unit *u) {
3751 assert(u);
3752
3753 if (UNIT_VTABLE(u)->following)
3754 return UNIT_VTABLE(u)->following(u);
3755
3756 return NULL;
3757 }
3758
3759 bool unit_stop_pending(Unit *u) {
3760 assert(u);
3761
3762 /* This call does check the current state of the unit. It's
3763 * hence useful to be called from state change calls of the
3764 * unit itself, where the state isn't updated yet. This is
3765 * different from unit_inactive_or_pending() which checks both
3766 * the current state and for a queued job. */
3767
3768 return u->job && u->job->type == JOB_STOP;
3769 }
3770
3771 bool unit_inactive_or_pending(Unit *u) {
3772 assert(u);
3773
3774 /* Returns true if the unit is inactive or going down */
3775
3776 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3777 return true;
3778
3779 if (unit_stop_pending(u))
3780 return true;
3781
3782 return false;
3783 }
3784
3785 bool unit_active_or_pending(Unit *u) {
3786 assert(u);
3787
3788 /* Returns true if the unit is active or going up */
3789
3790 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3791 return true;
3792
3793 if (u->job &&
3794 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3795 return true;
3796
3797 return false;
3798 }
3799
3800 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3801 assert(u);
3802 assert(w >= 0 && w < _KILL_WHO_MAX);
3803 assert(SIGNAL_VALID(signo));
3804
3805 if (!UNIT_VTABLE(u)->kill)
3806 return -EOPNOTSUPP;
3807
3808 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3809 }
3810
3811 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3812 Set *pid_set;
3813 int r;
3814
3815 pid_set = set_new(NULL);
3816 if (!pid_set)
3817 return NULL;
3818
3819 /* Exclude the main/control pids from being killed via the cgroup */
3820 if (main_pid > 0) {
3821 r = set_put(pid_set, PID_TO_PTR(main_pid));
3822 if (r < 0)
3823 goto fail;
3824 }
3825
3826 if (control_pid > 0) {
3827 r = set_put(pid_set, PID_TO_PTR(control_pid));
3828 if (r < 0)
3829 goto fail;
3830 }
3831
3832 return pid_set;
3833
3834 fail:
3835 set_free(pid_set);
3836 return NULL;
3837 }
3838
3839 int unit_kill_common(
3840 Unit *u,
3841 KillWho who,
3842 int signo,
3843 pid_t main_pid,
3844 pid_t control_pid,
3845 sd_bus_error *error) {
3846
3847 int r = 0;
3848 bool killed = false;
3849
3850 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3851 if (main_pid < 0)
3852 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3853 else if (main_pid == 0)
3854 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3855 }
3856
3857 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3858 if (control_pid < 0)
3859 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3860 else if (control_pid == 0)
3861 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3862 }
3863
3864 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3865 if (control_pid > 0) {
3866 if (kill(control_pid, signo) < 0)
3867 r = -errno;
3868 else
3869 killed = true;
3870 }
3871
3872 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3873 if (main_pid > 0) {
3874 if (kill(main_pid, signo) < 0)
3875 r = -errno;
3876 else
3877 killed = true;
3878 }
3879
3880 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3881 _cleanup_set_free_ Set *pid_set = NULL;
3882 int q;
3883
3884 /* Exclude the main/control pids from being killed via the cgroup */
3885 pid_set = unit_pid_set(main_pid, control_pid);
3886 if (!pid_set)
3887 return -ENOMEM;
3888
3889 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3890 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3891 r = q;
3892 else
3893 killed = true;
3894 }
3895
3896 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3897 return -ESRCH;
3898
3899 return r;
3900 }
3901
3902 int unit_following_set(Unit *u, Set **s) {
3903 assert(u);
3904 assert(s);
3905
3906 if (UNIT_VTABLE(u)->following_set)
3907 return UNIT_VTABLE(u)->following_set(u, s);
3908
3909 *s = NULL;
3910 return 0;
3911 }
3912
3913 UnitFileState unit_get_unit_file_state(Unit *u) {
3914 int r;
3915
3916 assert(u);
3917
3918 if (u->unit_file_state < 0 && u->fragment_path) {
3919 r = unit_file_get_state(
3920 u->manager->unit_file_scope,
3921 NULL,
3922 basename(u->fragment_path),
3923 &u->unit_file_state);
3924 if (r < 0)
3925 u->unit_file_state = UNIT_FILE_BAD;
3926 }
3927
3928 return u->unit_file_state;
3929 }
3930
3931 int unit_get_unit_file_preset(Unit *u) {
3932 assert(u);
3933
3934 if (u->unit_file_preset < 0 && u->fragment_path)
3935 u->unit_file_preset = unit_file_query_preset(
3936 u->manager->unit_file_scope,
3937 NULL,
3938 basename(u->fragment_path));
3939
3940 return u->unit_file_preset;
3941 }
3942
3943 Unit* unit_ref_set(UnitRef *ref, Unit *u) {
3944 assert(ref);
3945 assert(u);
3946
3947 if (ref->unit)
3948 unit_ref_unset(ref);
3949
3950 ref->unit = u;
3951 LIST_PREPEND(refs, u->refs, ref);
3952 return u;
3953 }
3954
3955 void unit_ref_unset(UnitRef *ref) {
3956 assert(ref);
3957
3958 if (!ref->unit)
3959 return;
3960
3961 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3962 * be unreferenced now. */
3963 unit_add_to_gc_queue(ref->unit);
3964
3965 LIST_REMOVE(refs, ref->unit->refs, ref);
3966 ref->unit = NULL;
3967 }
3968
3969 static int user_from_unit_name(Unit *u, char **ret) {
3970
3971 static const uint8_t hash_key[] = {
3972 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3973 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3974 };
3975
3976 _cleanup_free_ char *n = NULL;
3977 int r;
3978
3979 r = unit_name_to_prefix(u->id, &n);
3980 if (r < 0)
3981 return r;
3982
3983 if (valid_user_group_name(n)) {
3984 *ret = n;
3985 n = NULL;
3986 return 0;
3987 }
3988
3989 /* If we can't use the unit name as a user name, then let's hash it and use that */
3990 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3991 return -ENOMEM;
3992
3993 return 0;
3994 }
3995
3996 int unit_patch_contexts(Unit *u) {
3997 CGroupContext *cc;
3998 ExecContext *ec;
3999 unsigned i;
4000 int r;
4001
4002 assert(u);
4003
4004 /* Patch in the manager defaults into the exec and cgroup
4005 * contexts, _after_ the rest of the settings have been
4006 * initialized */
4007
4008 ec = unit_get_exec_context(u);
4009 if (ec) {
4010 /* This only copies in the ones that need memory */
4011 for (i = 0; i < _RLIMIT_MAX; i++)
4012 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4013 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4014 if (!ec->rlimit[i])
4015 return -ENOMEM;
4016 }
4017
4018 if (MANAGER_IS_USER(u->manager) &&
4019 !ec->working_directory) {
4020
4021 r = get_home_dir(&ec->working_directory);
4022 if (r < 0)
4023 return r;
4024
4025 /* Allow user services to run, even if the
4026 * home directory is missing */
4027 ec->working_directory_missing_ok = true;
4028 }
4029
4030 if (ec->private_devices)
4031 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4032
4033 if (ec->protect_kernel_modules)
4034 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4035
4036 if (ec->dynamic_user) {
4037 if (!ec->user) {
4038 r = user_from_unit_name(u, &ec->user);
4039 if (r < 0)
4040 return r;
4041 }
4042
4043 if (!ec->group) {
4044 ec->group = strdup(ec->user);
4045 if (!ec->group)
4046 return -ENOMEM;
4047 }
4048
4049 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4050 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4051
4052 ec->private_tmp = true;
4053 ec->remove_ipc = true;
4054 ec->protect_system = PROTECT_SYSTEM_STRICT;
4055 if (ec->protect_home == PROTECT_HOME_NO)
4056 ec->protect_home = PROTECT_HOME_READ_ONLY;
4057 }
4058 }
4059
4060 cc = unit_get_cgroup_context(u);
4061 if (cc) {
4062
4063 if (ec &&
4064 ec->private_devices &&
4065 cc->device_policy == CGROUP_AUTO)
4066 cc->device_policy = CGROUP_CLOSED;
4067 }
4068
4069 return 0;
4070 }
4071
4072 ExecContext *unit_get_exec_context(Unit *u) {
4073 size_t offset;
4074 assert(u);
4075
4076 if (u->type < 0)
4077 return NULL;
4078
4079 offset = UNIT_VTABLE(u)->exec_context_offset;
4080 if (offset <= 0)
4081 return NULL;
4082
4083 return (ExecContext*) ((uint8_t*) u + offset);
4084 }
4085
4086 KillContext *unit_get_kill_context(Unit *u) {
4087 size_t offset;
4088 assert(u);
4089
4090 if (u->type < 0)
4091 return NULL;
4092
4093 offset = UNIT_VTABLE(u)->kill_context_offset;
4094 if (offset <= 0)
4095 return NULL;
4096
4097 return (KillContext*) ((uint8_t*) u + offset);
4098 }
4099
4100 CGroupContext *unit_get_cgroup_context(Unit *u) {
4101 size_t offset;
4102
4103 if (u->type < 0)
4104 return NULL;
4105
4106 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4107 if (offset <= 0)
4108 return NULL;
4109
4110 return (CGroupContext*) ((uint8_t*) u + offset);
4111 }
4112
4113 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4114 size_t offset;
4115
4116 if (u->type < 0)
4117 return NULL;
4118
4119 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4120 if (offset <= 0)
4121 return NULL;
4122
4123 return *(ExecRuntime**) ((uint8_t*) u + offset);
4124 }
4125
4126 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4127 assert(u);
4128
4129 if (UNIT_WRITE_FLAGS_NOOP(flags))
4130 return NULL;
4131
4132 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4133 return u->manager->lookup_paths.transient;
4134
4135 if (flags & UNIT_PERSISTENT)
4136 return u->manager->lookup_paths.persistent_control;
4137
4138 if (flags & UNIT_RUNTIME)
4139 return u->manager->lookup_paths.runtime_control;
4140
4141 return NULL;
4142 }
4143
4144 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4145 char *ret = NULL;
4146
4147 if (!s)
4148 return NULL;
4149
4150 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4151 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4152 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4153 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4154 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4155 * allocations. */
4156
4157 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4158 ret = specifier_escape(s);
4159 if (!ret)
4160 return NULL;
4161
4162 s = ret;
4163 }
4164
4165 if (flags & UNIT_ESCAPE_C) {
4166 char *a;
4167
4168 a = cescape(s);
4169 free(ret);
4170 if (!a)
4171 return NULL;
4172
4173 ret = a;
4174 }
4175
4176 if (buf) {
4177 *buf = ret;
4178 return ret ?: (char*) s;
4179 }
4180
4181 return ret ?: strdup(s);
4182 }
4183
4184 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4185 _cleanup_free_ char *result = NULL;
4186 size_t n = 0, allocated = 0;
4187 char **i, *ret;
4188
4189 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4190 * way suitable for ExecStart= stanzas */
4191
4192 STRV_FOREACH(i, l) {
4193 _cleanup_free_ char *buf = NULL;
4194 const char *p;
4195 size_t a;
4196 char *q;
4197
4198 p = unit_escape_setting(*i, flags, &buf);
4199 if (!p)
4200 return NULL;
4201
4202 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4203 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4204 return NULL;
4205
4206 q = result + n;
4207 if (n > 0)
4208 *(q++) = ' ';
4209
4210 *(q++) = '"';
4211 q = stpcpy(q, p);
4212 *(q++) = '"';
4213
4214 n += a;
4215 }
4216
4217 if (!GREEDY_REALLOC(result, allocated, n + 1))
4218 return NULL;
4219
4220 result[n] = 0;
4221
4222 ret = result;
4223 result = NULL;
4224
4225 return ret;
4226 }
4227
4228 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4229 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4230 const char *dir, *wrapped;
4231 int r;
4232
4233 assert(u);
4234 assert(name);
4235 assert(data);
4236
4237 if (UNIT_WRITE_FLAGS_NOOP(flags))
4238 return 0;
4239
4240 data = unit_escape_setting(data, flags, &escaped);
4241 if (!data)
4242 return -ENOMEM;
4243
4244 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4245 * previous section header is the same */
4246
4247 if (flags & UNIT_PRIVATE) {
4248 if (!UNIT_VTABLE(u)->private_section)
4249 return -EINVAL;
4250
4251 if (!u->transient_file || u->last_section_private < 0)
4252 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4253 else if (u->last_section_private == 0)
4254 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4255 } else {
4256 if (!u->transient_file || u->last_section_private < 0)
4257 data = strjoina("[Unit]\n", data);
4258 else if (u->last_section_private > 0)
4259 data = strjoina("\n[Unit]\n", data);
4260 }
4261
4262 if (u->transient_file) {
4263 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4264 * write to the transient unit file. */
4265 fputs(data, u->transient_file);
4266
4267 if (!endswith(data, "\n"))
4268 fputc('\n', u->transient_file);
4269
4270 /* Remember which section we wrote this entry to */
4271 u->last_section_private = !!(flags & UNIT_PRIVATE);
4272 return 0;
4273 }
4274
4275 dir = unit_drop_in_dir(u, flags);
4276 if (!dir)
4277 return -EINVAL;
4278
4279 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4280 "# or an equivalent operation. Do not edit.\n",
4281 data,
4282 "\n");
4283
4284 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4285 if (r < 0)
4286 return r;
4287
4288 (void) mkdir_p(p, 0755);
4289 r = write_string_file_atomic_label(q, wrapped);
4290 if (r < 0)
4291 return r;
4292
4293 r = strv_push(&u->dropin_paths, q);
4294 if (r < 0)
4295 return r;
4296 q = NULL;
4297
4298 strv_uniq(u->dropin_paths);
4299
4300 u->dropin_mtime = now(CLOCK_REALTIME);
4301
4302 return 0;
4303 }
4304
4305 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4306 _cleanup_free_ char *p = NULL;
4307 va_list ap;
4308 int r;
4309
4310 assert(u);
4311 assert(name);
4312 assert(format);
4313
4314 if (UNIT_WRITE_FLAGS_NOOP(flags))
4315 return 0;
4316
4317 va_start(ap, format);
4318 r = vasprintf(&p, format, ap);
4319 va_end(ap);
4320
4321 if (r < 0)
4322 return -ENOMEM;
4323
4324 return unit_write_setting(u, flags, name, p);
4325 }
4326
4327 int unit_make_transient(Unit *u) {
4328 FILE *f;
4329 char *path;
4330
4331 assert(u);
4332
4333 if (!UNIT_VTABLE(u)->can_transient)
4334 return -EOPNOTSUPP;
4335
4336 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4337 if (!path)
4338 return -ENOMEM;
4339
4340 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4341 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4342
4343 RUN_WITH_UMASK(0022) {
4344 f = fopen(path, "we");
4345 if (!f) {
4346 free(path);
4347 return -errno;
4348 }
4349 }
4350
4351 if (u->transient_file)
4352 fclose(u->transient_file);
4353 u->transient_file = f;
4354
4355 free(u->fragment_path);
4356 u->fragment_path = path;
4357
4358 u->source_path = mfree(u->source_path);
4359 u->dropin_paths = strv_free(u->dropin_paths);
4360 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4361
4362 u->load_state = UNIT_STUB;
4363 u->load_error = 0;
4364 u->transient = true;
4365
4366 unit_add_to_dbus_queue(u);
4367 unit_add_to_gc_queue(u);
4368
4369 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4370 u->transient_file);
4371
4372 return 0;
4373 }
4374
4375 static void log_kill(pid_t pid, int sig, void *userdata) {
4376 _cleanup_free_ char *comm = NULL;
4377
4378 (void) get_process_comm(pid, &comm);
4379
4380 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4381 only, like for example systemd's own PAM stub process. */
4382 if (comm && comm[0] == '(')
4383 return;
4384
4385 log_unit_notice(userdata,
4386 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4387 pid,
4388 strna(comm),
4389 signal_to_string(sig));
4390 }
4391
4392 static int operation_to_signal(KillContext *c, KillOperation k) {
4393 assert(c);
4394
4395 switch (k) {
4396
4397 case KILL_TERMINATE:
4398 case KILL_TERMINATE_AND_LOG:
4399 return c->kill_signal;
4400
4401 case KILL_KILL:
4402 return SIGKILL;
4403
4404 case KILL_ABORT:
4405 return SIGABRT;
4406
4407 default:
4408 assert_not_reached("KillOperation unknown");
4409 }
4410 }
4411
4412 int unit_kill_context(
4413 Unit *u,
4414 KillContext *c,
4415 KillOperation k,
4416 pid_t main_pid,
4417 pid_t control_pid,
4418 bool main_pid_alien) {
4419
4420 bool wait_for_exit = false, send_sighup;
4421 cg_kill_log_func_t log_func = NULL;
4422 int sig, r;
4423
4424 assert(u);
4425 assert(c);
4426
4427 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4428 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4429
4430 if (c->kill_mode == KILL_NONE)
4431 return 0;
4432
4433 sig = operation_to_signal(c, k);
4434
4435 send_sighup =
4436 c->send_sighup &&
4437 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4438 sig != SIGHUP;
4439
4440 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4441 log_func = log_kill;
4442
4443 if (main_pid > 0) {
4444 if (log_func)
4445 log_func(main_pid, sig, u);
4446
4447 r = kill_and_sigcont(main_pid, sig);
4448 if (r < 0 && r != -ESRCH) {
4449 _cleanup_free_ char *comm = NULL;
4450 (void) get_process_comm(main_pid, &comm);
4451
4452 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4453 } else {
4454 if (!main_pid_alien)
4455 wait_for_exit = true;
4456
4457 if (r != -ESRCH && send_sighup)
4458 (void) kill(main_pid, SIGHUP);
4459 }
4460 }
4461
4462 if (control_pid > 0) {
4463 if (log_func)
4464 log_func(control_pid, sig, u);
4465
4466 r = kill_and_sigcont(control_pid, sig);
4467 if (r < 0 && r != -ESRCH) {
4468 _cleanup_free_ char *comm = NULL;
4469 (void) get_process_comm(control_pid, &comm);
4470
4471 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4472 } else {
4473 wait_for_exit = true;
4474
4475 if (r != -ESRCH && send_sighup)
4476 (void) kill(control_pid, SIGHUP);
4477 }
4478 }
4479
4480 if (u->cgroup_path &&
4481 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4482 _cleanup_set_free_ Set *pid_set = NULL;
4483
4484 /* Exclude the main/control pids from being killed via the cgroup */
4485 pid_set = unit_pid_set(main_pid, control_pid);
4486 if (!pid_set)
4487 return -ENOMEM;
4488
4489 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4490 sig,
4491 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4492 pid_set,
4493 log_func, u);
4494 if (r < 0) {
4495 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4496 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4497
4498 } else if (r > 0) {
4499
4500 /* FIXME: For now, on the legacy hierarchy, we
4501 * will not wait for the cgroup members to die
4502 * if we are running in a container or if this
4503 * is a delegation unit, simply because cgroup
4504 * notification is unreliable in these
4505 * cases. It doesn't work at all in
4506 * containers, and outside of containers it
4507 * can be confused easily by left-over
4508 * directories in the cgroup — which however
4509 * should not exist in non-delegated units. On
4510 * the unified hierarchy that's different,
4511 * there we get proper events. Hence rely on
4512 * them. */
4513
4514 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4515 (detect_container() == 0 && !UNIT_CGROUP_BOOL(u, delegate)))
4516 wait_for_exit = true;
4517
4518 if (send_sighup) {
4519 set_free(pid_set);
4520
4521 pid_set = unit_pid_set(main_pid, control_pid);
4522 if (!pid_set)
4523 return -ENOMEM;
4524
4525 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4526 SIGHUP,
4527 CGROUP_IGNORE_SELF,
4528 pid_set,
4529 NULL, NULL);
4530 }
4531 }
4532 }
4533
4534 return wait_for_exit;
4535 }
4536
4537 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4538 char prefix[strlen(path) + 1], *p;
4539 UnitDependencyInfo di;
4540 int r;
4541
4542 assert(u);
4543 assert(path);
4544
4545 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4546 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4547 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4548 * determine which units to make themselves a dependency of. */
4549
4550 if (!path_is_absolute(path))
4551 return -EINVAL;
4552
4553 r = hashmap_ensure_allocated(&u->requires_mounts_for, &string_hash_ops);
4554 if (r < 0)
4555 return r;
4556
4557 p = strdup(path);
4558 if (!p)
4559 return -ENOMEM;
4560
4561 path_kill_slashes(p);
4562
4563 if (!path_is_normalized(p)) {
4564 free(p);
4565 return -EPERM;
4566 }
4567
4568 if (hashmap_contains(u->requires_mounts_for, p)) {
4569 free(p);
4570 return 0;
4571 }
4572
4573 di = (UnitDependencyInfo) {
4574 .origin_mask = mask
4575 };
4576
4577 r = hashmap_put(u->requires_mounts_for, p, di.data);
4578 if (r < 0) {
4579 free(p);
4580 return r;
4581 }
4582
4583 PATH_FOREACH_PREFIX_MORE(prefix, p) {
4584 Set *x;
4585
4586 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4587 if (!x) {
4588 char *q;
4589
4590 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &string_hash_ops);
4591 if (r < 0)
4592 return r;
4593
4594 q = strdup(prefix);
4595 if (!q)
4596 return -ENOMEM;
4597
4598 x = set_new(NULL);
4599 if (!x) {
4600 free(q);
4601 return -ENOMEM;
4602 }
4603
4604 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4605 if (r < 0) {
4606 free(q);
4607 set_free(x);
4608 return r;
4609 }
4610 }
4611
4612 r = set_put(x, u);
4613 if (r < 0)
4614 return r;
4615 }
4616
4617 return 0;
4618 }
4619
4620 int unit_setup_exec_runtime(Unit *u) {
4621 ExecRuntime **rt;
4622 size_t offset;
4623 Unit *other;
4624 Iterator i;
4625 void *v;
4626
4627 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4628 assert(offset > 0);
4629
4630 /* Check if there already is an ExecRuntime for this unit? */
4631 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4632 if (*rt)
4633 return 0;
4634
4635 /* Try to get it from somebody else */
4636 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4637
4638 *rt = unit_get_exec_runtime(other);
4639 if (*rt) {
4640 exec_runtime_ref(*rt);
4641 return 0;
4642 }
4643 }
4644
4645 return exec_runtime_make(rt, unit_get_exec_context(u), u->id);
4646 }
4647
4648 int unit_setup_dynamic_creds(Unit *u) {
4649 ExecContext *ec;
4650 DynamicCreds *dcreds;
4651 size_t offset;
4652
4653 assert(u);
4654
4655 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4656 assert(offset > 0);
4657 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4658
4659 ec = unit_get_exec_context(u);
4660 assert(ec);
4661
4662 if (!ec->dynamic_user)
4663 return 0;
4664
4665 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4666 }
4667
4668 bool unit_type_supported(UnitType t) {
4669 if (_unlikely_(t < 0))
4670 return false;
4671 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4672 return false;
4673
4674 if (!unit_vtable[t]->supported)
4675 return true;
4676
4677 return unit_vtable[t]->supported();
4678 }
4679
4680 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4681 int r;
4682
4683 assert(u);
4684 assert(where);
4685
4686 r = dir_is_empty(where);
4687 if (r > 0)
4688 return;
4689 if (r < 0) {
4690 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4691 return;
4692 }
4693
4694 log_struct(LOG_NOTICE,
4695 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4696 LOG_UNIT_ID(u),
4697 LOG_UNIT_INVOCATION_ID(u),
4698 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4699 "WHERE=%s", where,
4700 NULL);
4701 }
4702
4703 int unit_fail_if_symlink(Unit *u, const char* where) {
4704 int r;
4705
4706 assert(u);
4707 assert(where);
4708
4709 r = is_symlink(where);
4710 if (r < 0) {
4711 log_unit_debug_errno(u, r, "Failed to check symlink %s, ignoring: %m", where);
4712 return 0;
4713 }
4714 if (r == 0)
4715 return 0;
4716
4717 log_struct(LOG_ERR,
4718 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4719 LOG_UNIT_ID(u),
4720 LOG_UNIT_INVOCATION_ID(u),
4721 LOG_UNIT_MESSAGE(u, "Mount on symlink %s not allowed.", where),
4722 "WHERE=%s", where,
4723 NULL);
4724
4725 return -ELOOP;
4726 }
4727
4728 bool unit_is_pristine(Unit *u) {
4729 assert(u);
4730
4731 /* Check if the unit already exists or is already around,
4732 * in a number of different ways. Note that to cater for unit
4733 * types such as slice, we are generally fine with units that
4734 * are marked UNIT_LOADED even though nothing was
4735 * actually loaded, as those unit types don't require a file
4736 * on disk to validly load. */
4737
4738 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4739 u->fragment_path ||
4740 u->source_path ||
4741 !strv_isempty(u->dropin_paths) ||
4742 u->job ||
4743 u->merged_into);
4744 }
4745
4746 pid_t unit_control_pid(Unit *u) {
4747 assert(u);
4748
4749 if (UNIT_VTABLE(u)->control_pid)
4750 return UNIT_VTABLE(u)->control_pid(u);
4751
4752 return 0;
4753 }
4754
4755 pid_t unit_main_pid(Unit *u) {
4756 assert(u);
4757
4758 if (UNIT_VTABLE(u)->main_pid)
4759 return UNIT_VTABLE(u)->main_pid(u);
4760
4761 return 0;
4762 }
4763
4764 static void unit_unref_uid_internal(
4765 Unit *u,
4766 uid_t *ref_uid,
4767 bool destroy_now,
4768 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4769
4770 assert(u);
4771 assert(ref_uid);
4772 assert(_manager_unref_uid);
4773
4774 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4775 * gid_t are actually the same time, with the same validity rules.
4776 *
4777 * Drops a reference to UID/GID from a unit. */
4778
4779 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4780 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4781
4782 if (!uid_is_valid(*ref_uid))
4783 return;
4784
4785 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4786 *ref_uid = UID_INVALID;
4787 }
4788
4789 void unit_unref_uid(Unit *u, bool destroy_now) {
4790 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4791 }
4792
4793 void unit_unref_gid(Unit *u, bool destroy_now) {
4794 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4795 }
4796
4797 static int unit_ref_uid_internal(
4798 Unit *u,
4799 uid_t *ref_uid,
4800 uid_t uid,
4801 bool clean_ipc,
4802 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4803
4804 int r;
4805
4806 assert(u);
4807 assert(ref_uid);
4808 assert(uid_is_valid(uid));
4809 assert(_manager_ref_uid);
4810
4811 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4812 * are actually the same type, and have the same validity rules.
4813 *
4814 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4815 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4816 * drops to zero. */
4817
4818 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4819 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4820
4821 if (*ref_uid == uid)
4822 return 0;
4823
4824 if (uid_is_valid(*ref_uid)) /* Already set? */
4825 return -EBUSY;
4826
4827 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4828 if (r < 0)
4829 return r;
4830
4831 *ref_uid = uid;
4832 return 1;
4833 }
4834
4835 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4836 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4837 }
4838
4839 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4840 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4841 }
4842
4843 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4844 int r = 0, q = 0;
4845
4846 assert(u);
4847
4848 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4849
4850 if (uid_is_valid(uid)) {
4851 r = unit_ref_uid(u, uid, clean_ipc);
4852 if (r < 0)
4853 return r;
4854 }
4855
4856 if (gid_is_valid(gid)) {
4857 q = unit_ref_gid(u, gid, clean_ipc);
4858 if (q < 0) {
4859 if (r > 0)
4860 unit_unref_uid(u, false);
4861
4862 return q;
4863 }
4864 }
4865
4866 return r > 0 || q > 0;
4867 }
4868
4869 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4870 ExecContext *c;
4871 int r;
4872
4873 assert(u);
4874
4875 c = unit_get_exec_context(u);
4876
4877 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4878 if (r < 0)
4879 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4880
4881 return r;
4882 }
4883
4884 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4885 assert(u);
4886
4887 unit_unref_uid(u, destroy_now);
4888 unit_unref_gid(u, destroy_now);
4889 }
4890
4891 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4892 int r;
4893
4894 assert(u);
4895
4896 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4897 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4898 * objects when no service references the UID/GID anymore. */
4899
4900 r = unit_ref_uid_gid(u, uid, gid);
4901 if (r > 0)
4902 bus_unit_send_change_signal(u);
4903 }
4904
4905 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4906 int r;
4907
4908 assert(u);
4909
4910 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4911
4912 if (sd_id128_equal(u->invocation_id, id))
4913 return 0;
4914
4915 if (!sd_id128_is_null(u->invocation_id))
4916 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4917
4918 if (sd_id128_is_null(id)) {
4919 r = 0;
4920 goto reset;
4921 }
4922
4923 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4924 if (r < 0)
4925 goto reset;
4926
4927 u->invocation_id = id;
4928 sd_id128_to_string(id, u->invocation_id_string);
4929
4930 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4931 if (r < 0)
4932 goto reset;
4933
4934 return 0;
4935
4936 reset:
4937 u->invocation_id = SD_ID128_NULL;
4938 u->invocation_id_string[0] = 0;
4939 return r;
4940 }
4941
4942 int unit_acquire_invocation_id(Unit *u) {
4943 sd_id128_t id;
4944 int r;
4945
4946 assert(u);
4947
4948 r = sd_id128_randomize(&id);
4949 if (r < 0)
4950 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4951
4952 r = unit_set_invocation_id(u, id);
4953 if (r < 0)
4954 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4955
4956 return 0;
4957 }
4958
4959 void unit_set_exec_params(Unit *u, ExecParameters *p) {
4960 assert(u);
4961 assert(p);
4962
4963 p->cgroup_path = u->cgroup_path;
4964 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, UNIT_CGROUP_BOOL(u, delegate));
4965 }
4966
4967 int unit_fork_helper_process(Unit *u, pid_t *ret) {
4968 pid_t pid;
4969 int r;
4970
4971 assert(u);
4972 assert(ret);
4973
4974 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4975 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4976
4977 (void) unit_realize_cgroup(u);
4978
4979 pid = fork();
4980 if (pid < 0)
4981 return -errno;
4982
4983 if (pid == 0) {
4984
4985 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
4986 (void) ignore_signals(SIGPIPE, -1);
4987
4988 log_close();
4989 log_open();
4990
4991 if (u->cgroup_path) {
4992 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
4993 if (r < 0) {
4994 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
4995 _exit(EXIT_CGROUP);
4996 }
4997 }
4998
4999 *ret = getpid_cached();
5000 return 0;
5001 }
5002
5003 *ret = pid;
5004 return 1;
5005 }
5006
5007 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5008 assert(u);
5009 assert(d >= 0);
5010 assert(d < _UNIT_DEPENDENCY_MAX);
5011 assert(other);
5012
5013 if (di.origin_mask == 0 && di.destination_mask == 0) {
5014 /* No bit set anymore, let's drop the whole entry */
5015 assert_se(hashmap_remove(u->dependencies[d], other));
5016 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5017 } else
5018 /* Mask was reduced, let's update the entry */
5019 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5020 }
5021
5022 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5023 UnitDependency d;
5024
5025 assert(u);
5026
5027 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5028
5029 if (mask == 0)
5030 return;
5031
5032 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5033 bool done;
5034
5035 do {
5036 UnitDependencyInfo di;
5037 Unit *other;
5038 Iterator i;
5039
5040 done = true;
5041
5042 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5043 UnitDependency q;
5044
5045 if ((di.origin_mask & ~mask) == di.origin_mask)
5046 continue;
5047 di.origin_mask &= ~mask;
5048 unit_update_dependency_mask(u, d, other, di);
5049
5050 /* We updated the dependency from our unit to the other unit now. But most dependencies
5051 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5052 * all dependency types on the other unit and delete all those which point to us and
5053 * have the right mask set. */
5054
5055 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5056 UnitDependencyInfo dj;
5057
5058 dj.data = hashmap_get(other->dependencies[q], u);
5059 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5060 continue;
5061 dj.destination_mask &= ~mask;
5062
5063 unit_update_dependency_mask(other, q, u, dj);
5064 }
5065
5066 unit_add_to_gc_queue(other);
5067
5068 done = false;
5069 break;
5070 }
5071
5072 } while (!done);
5073 }
5074 }
5075
5076 static int unit_export_invocation_id(Unit *u) {
5077 const char *p;
5078 int r;
5079
5080 assert(u);
5081
5082 if (u->exported_invocation_id)
5083 return 0;
5084
5085 if (sd_id128_is_null(u->invocation_id))
5086 return 0;
5087
5088 p = strjoina("/run/systemd/units/invocation:", u->id);
5089 r = symlink_atomic(u->invocation_id_string, p);
5090 if (r < 0)
5091 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5092
5093 u->exported_invocation_id = true;
5094 return 0;
5095 }
5096
5097 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5098 const char *p;
5099 char buf[2];
5100 int r;
5101
5102 assert(u);
5103 assert(c);
5104
5105 if (u->exported_log_level_max)
5106 return 0;
5107
5108 if (c->log_level_max < 0)
5109 return 0;
5110
5111 assert(c->log_level_max <= 7);
5112
5113 buf[0] = '0' + c->log_level_max;
5114 buf[1] = 0;
5115
5116 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5117 r = symlink_atomic(buf, p);
5118 if (r < 0)
5119 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5120
5121 u->exported_log_level_max = true;
5122 return 0;
5123 }
5124
5125 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5126 _cleanup_close_ int fd = -1;
5127 struct iovec *iovec;
5128 const char *p;
5129 char *pattern;
5130 le64_t *sizes;
5131 ssize_t n;
5132 size_t i;
5133 int r;
5134
5135 if (u->exported_log_extra_fields)
5136 return 0;
5137
5138 if (c->n_log_extra_fields <= 0)
5139 return 0;
5140
5141 sizes = newa(le64_t, c->n_log_extra_fields);
5142 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5143
5144 for (i = 0; i < c->n_log_extra_fields; i++) {
5145 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5146
5147 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5148 iovec[i*2+1] = c->log_extra_fields[i];
5149 }
5150
5151 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5152 pattern = strjoina(p, ".XXXXXX");
5153
5154 fd = mkostemp_safe(pattern);
5155 if (fd < 0)
5156 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5157
5158 n = writev(fd, iovec, c->n_log_extra_fields*2);
5159 if (n < 0) {
5160 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5161 goto fail;
5162 }
5163
5164 (void) fchmod(fd, 0644);
5165
5166 if (rename(pattern, p) < 0) {
5167 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5168 goto fail;
5169 }
5170
5171 u->exported_log_extra_fields = true;
5172 return 0;
5173
5174 fail:
5175 (void) unlink(pattern);
5176 return r;
5177 }
5178
5179 void unit_export_state_files(Unit *u) {
5180 const ExecContext *c;
5181
5182 assert(u);
5183
5184 if (!u->id)
5185 return;
5186
5187 if (!MANAGER_IS_SYSTEM(u->manager))
5188 return;
5189
5190 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5191 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5192 * the IPC system itself and PID 1 also log to the journal.
5193 *
5194 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5195 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5196 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5197 * namespace at least.
5198 *
5199 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5200 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5201 * them with one. */
5202
5203 (void) unit_export_invocation_id(u);
5204
5205 c = unit_get_exec_context(u);
5206 if (c) {
5207 (void) unit_export_log_level_max(u, c);
5208 (void) unit_export_log_extra_fields(u, c);
5209 }
5210 }
5211
5212 void unit_unlink_state_files(Unit *u) {
5213 const char *p;
5214
5215 assert(u);
5216
5217 if (!u->id)
5218 return;
5219
5220 if (!MANAGER_IS_SYSTEM(u->manager))
5221 return;
5222
5223 /* Undoes the effect of unit_export_state() */
5224
5225 if (u->exported_invocation_id) {
5226 p = strjoina("/run/systemd/units/invocation:", u->id);
5227 (void) unlink(p);
5228
5229 u->exported_invocation_id = false;
5230 }
5231
5232 if (u->exported_log_level_max) {
5233 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5234 (void) unlink(p);
5235
5236 u->exported_log_level_max = false;
5237 }
5238
5239 if (u->exported_log_extra_fields) {
5240 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5241 (void) unlink(p);
5242
5243 u->exported_log_extra_fields = false;
5244 }
5245 }
5246
5247 int unit_prepare_exec(Unit *u) {
5248 int r;
5249
5250 assert(u);
5251
5252 /* Prepares everything so that we can fork of a process for this unit */
5253
5254 (void) unit_realize_cgroup(u);
5255
5256 if (u->reset_accounting) {
5257 (void) unit_reset_cpu_accounting(u);
5258 (void) unit_reset_ip_accounting(u);
5259 u->reset_accounting = false;
5260 }
5261
5262 unit_export_state_files(u);
5263
5264 r = unit_setup_exec_runtime(u);
5265 if (r < 0)
5266 return r;
5267
5268 r = unit_setup_dynamic_creds(u);
5269 if (r < 0)
5270 return r;
5271
5272 return 0;
5273 }
5274
5275 static void log_leftover(pid_t pid, int sig, void *userdata) {
5276 _cleanup_free_ char *comm = NULL;
5277
5278 (void) get_process_comm(pid, &comm);
5279
5280 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5281 return;
5282
5283 log_unit_warning(userdata,
5284 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5285 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5286 pid, strna(comm));
5287 }
5288
5289 void unit_warn_leftover_processes(Unit *u) {
5290 assert(u);
5291
5292 (void) unit_pick_cgroup_path(u);
5293
5294 if (!u->cgroup_path)
5295 return;
5296
5297 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5298 }
5299
5300 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5301 [COLLECT_INACTIVE] = "inactive",
5302 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5303 };
5304
5305 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.