]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: add a new unit method "catchup()"
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/prctl.h>
12 #include <sys/stat.h>
13 #include <unistd.h>
14
15 #include "sd-id128.h"
16 #include "sd-messages.h"
17
18 #include "alloc-util.h"
19 #include "all-units.h"
20 #include "bus-common-errors.h"
21 #include "bus-util.h"
22 #include "cgroup-util.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "fs-util.h"
32 #include "id128-util.h"
33 #include "io-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "macro.h"
38 #include "missing.h"
39 #include "mkdir.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "process-util.h"
43 #include "set.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
46 #include "special.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
52 #include "strv.h"
53 #include "umask-util.h"
54 #include "unit-name.h"
55 #include "unit.h"
56 #include "user-util.h"
57 #include "virt.h"
58
59 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
60 [UNIT_SERVICE] = &service_vtable,
61 [UNIT_SOCKET] = &socket_vtable,
62 [UNIT_TARGET] = &target_vtable,
63 [UNIT_DEVICE] = &device_vtable,
64 [UNIT_MOUNT] = &mount_vtable,
65 [UNIT_AUTOMOUNT] = &automount_vtable,
66 [UNIT_SWAP] = &swap_vtable,
67 [UNIT_TIMER] = &timer_vtable,
68 [UNIT_PATH] = &path_vtable,
69 [UNIT_SLICE] = &slice_vtable,
70 [UNIT_SCOPE] = &scope_vtable,
71 };
72
73 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
74
75 Unit *unit_new(Manager *m, size_t size) {
76 Unit *u;
77
78 assert(m);
79 assert(size >= sizeof(Unit));
80
81 u = malloc0(size);
82 if (!u)
83 return NULL;
84
85 u->names = set_new(&string_hash_ops);
86 if (!u->names)
87 return mfree(u);
88
89 u->manager = m;
90 u->type = _UNIT_TYPE_INVALID;
91 u->default_dependencies = true;
92 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
93 u->unit_file_preset = -1;
94 u->on_failure_job_mode = JOB_REPLACE;
95 u->cgroup_inotify_wd = -1;
96 u->job_timeout = USEC_INFINITY;
97 u->job_running_timeout = USEC_INFINITY;
98 u->ref_uid = UID_INVALID;
99 u->ref_gid = GID_INVALID;
100 u->cpu_usage_last = NSEC_INFINITY;
101 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 static void bidi_set_free(Unit *u, Hashmap *h) {
447 Unit *other;
448 Iterator i;
449 void *v;
450
451 assert(u);
452
453 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
454
455 HASHMAP_FOREACH_KEY(v, other, h, i) {
456 UnitDependency d;
457
458 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
459 hashmap_remove(other->dependencies[d], u);
460
461 unit_add_to_gc_queue(other);
462 }
463
464 hashmap_free(h);
465 }
466
467 static void unit_remove_transient(Unit *u) {
468 char **i;
469
470 assert(u);
471
472 if (!u->transient)
473 return;
474
475 if (u->fragment_path)
476 (void) unlink(u->fragment_path);
477
478 STRV_FOREACH(i, u->dropin_paths) {
479 _cleanup_free_ char *p = NULL, *pp = NULL;
480
481 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
482 if (!p)
483 continue;
484
485 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
486 if (!pp)
487 continue;
488
489 /* Only drop transient drop-ins */
490 if (!path_equal(u->manager->lookup_paths.transient, pp))
491 continue;
492
493 (void) unlink(*i);
494 (void) rmdir(p);
495 }
496 }
497
498 static void unit_free_requires_mounts_for(Unit *u) {
499 assert(u);
500
501 for (;;) {
502 _cleanup_free_ char *path;
503
504 path = hashmap_steal_first_key(u->requires_mounts_for);
505 if (!path)
506 break;
507 else {
508 char s[strlen(path) + 1];
509
510 PATH_FOREACH_PREFIX_MORE(s, path) {
511 char *y;
512 Set *x;
513
514 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
515 if (!x)
516 continue;
517
518 (void) set_remove(x, u);
519
520 if (set_isempty(x)) {
521 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
522 free(y);
523 set_free(x);
524 }
525 }
526 }
527 }
528
529 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
530 }
531
532 static void unit_done(Unit *u) {
533 ExecContext *ec;
534 CGroupContext *cc;
535
536 assert(u);
537
538 if (u->type < 0)
539 return;
540
541 if (UNIT_VTABLE(u)->done)
542 UNIT_VTABLE(u)->done(u);
543
544 ec = unit_get_exec_context(u);
545 if (ec)
546 exec_context_done(ec);
547
548 cc = unit_get_cgroup_context(u);
549 if (cc)
550 cgroup_context_done(cc);
551 }
552
553 void unit_free(Unit *u) {
554 UnitDependency d;
555 Iterator i;
556 char *t;
557
558 if (!u)
559 return;
560
561 u->transient_file = safe_fclose(u->transient_file);
562
563 if (!MANAGER_IS_RELOADING(u->manager))
564 unit_remove_transient(u);
565
566 bus_unit_send_removed_signal(u);
567
568 unit_done(u);
569
570 unit_dequeue_rewatch_pids(u);
571
572 sd_bus_slot_unref(u->match_bus_slot);
573 sd_bus_track_unref(u->bus_track);
574 u->deserialized_refs = strv_free(u->deserialized_refs);
575
576 unit_free_requires_mounts_for(u);
577
578 SET_FOREACH(t, u->names, i)
579 hashmap_remove_value(u->manager->units, t, u);
580
581 if (!sd_id128_is_null(u->invocation_id))
582 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
583
584 if (u->job) {
585 Job *j = u->job;
586 job_uninstall(j);
587 job_free(j);
588 }
589
590 if (u->nop_job) {
591 Job *j = u->nop_job;
592 job_uninstall(j);
593 job_free(j);
594 }
595
596 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
597 bidi_set_free(u, u->dependencies[d]);
598
599 if (u->on_console)
600 manager_unref_console(u->manager);
601
602 unit_release_cgroup(u);
603
604 if (!MANAGER_IS_RELOADING(u->manager))
605 unit_unlink_state_files(u);
606
607 unit_unref_uid_gid(u, false);
608
609 (void) manager_update_failed_units(u->manager, u, false);
610 set_remove(u->manager->startup_units, u);
611
612 unit_unwatch_all_pids(u);
613
614 unit_ref_unset(&u->slice);
615 while (u->refs_by_target)
616 unit_ref_unset(u->refs_by_target);
617
618 if (u->type != _UNIT_TYPE_INVALID)
619 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
620
621 if (u->in_load_queue)
622 LIST_REMOVE(load_queue, u->manager->load_queue, u);
623
624 if (u->in_dbus_queue)
625 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
626
627 if (u->in_gc_queue)
628 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
629
630 if (u->in_cgroup_realize_queue)
631 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
632
633 if (u->in_cgroup_empty_queue)
634 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
635
636 if (u->in_cleanup_queue)
637 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
638
639 if (u->in_target_deps_queue)
640 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
641
642 safe_close(u->ip_accounting_ingress_map_fd);
643 safe_close(u->ip_accounting_egress_map_fd);
644
645 safe_close(u->ipv4_allow_map_fd);
646 safe_close(u->ipv6_allow_map_fd);
647 safe_close(u->ipv4_deny_map_fd);
648 safe_close(u->ipv6_deny_map_fd);
649
650 bpf_program_unref(u->ip_bpf_ingress);
651 bpf_program_unref(u->ip_bpf_ingress_installed);
652 bpf_program_unref(u->ip_bpf_egress);
653 bpf_program_unref(u->ip_bpf_egress_installed);
654
655 condition_free_list(u->conditions);
656 condition_free_list(u->asserts);
657
658 free(u->description);
659 strv_free(u->documentation);
660 free(u->fragment_path);
661 free(u->source_path);
662 strv_free(u->dropin_paths);
663 free(u->instance);
664
665 free(u->job_timeout_reboot_arg);
666
667 set_free_free(u->names);
668
669 free(u->reboot_arg);
670
671 free(u);
672 }
673
674 UnitActiveState unit_active_state(Unit *u) {
675 assert(u);
676
677 if (u->load_state == UNIT_MERGED)
678 return unit_active_state(unit_follow_merge(u));
679
680 /* After a reload it might happen that a unit is not correctly
681 * loaded but still has a process around. That's why we won't
682 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
683
684 return UNIT_VTABLE(u)->active_state(u);
685 }
686
687 const char* unit_sub_state_to_string(Unit *u) {
688 assert(u);
689
690 return UNIT_VTABLE(u)->sub_state_to_string(u);
691 }
692
693 static int set_complete_move(Set **s, Set **other) {
694 assert(s);
695 assert(other);
696
697 if (!other)
698 return 0;
699
700 if (*s)
701 return set_move(*s, *other);
702 else
703 *s = TAKE_PTR(*other);
704
705 return 0;
706 }
707
708 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
709 assert(s);
710 assert(other);
711
712 if (!*other)
713 return 0;
714
715 if (*s)
716 return hashmap_move(*s, *other);
717 else
718 *s = TAKE_PTR(*other);
719
720 return 0;
721 }
722
723 static int merge_names(Unit *u, Unit *other) {
724 char *t;
725 Iterator i;
726 int r;
727
728 assert(u);
729 assert(other);
730
731 r = set_complete_move(&u->names, &other->names);
732 if (r < 0)
733 return r;
734
735 set_free_free(other->names);
736 other->names = NULL;
737 other->id = NULL;
738
739 SET_FOREACH(t, u->names, i)
740 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
741
742 return 0;
743 }
744
745 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
746 unsigned n_reserve;
747
748 assert(u);
749 assert(other);
750 assert(d < _UNIT_DEPENDENCY_MAX);
751
752 /*
753 * If u does not have this dependency set allocated, there is no need
754 * to reserve anything. In that case other's set will be transferred
755 * as a whole to u by complete_move().
756 */
757 if (!u->dependencies[d])
758 return 0;
759
760 /* merge_dependencies() will skip a u-on-u dependency */
761 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
762
763 return hashmap_reserve(u->dependencies[d], n_reserve);
764 }
765
766 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
767 Iterator i;
768 Unit *back;
769 void *v;
770 int r;
771
772 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
773
774 assert(u);
775 assert(other);
776 assert(d < _UNIT_DEPENDENCY_MAX);
777
778 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
779 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
780 UnitDependency k;
781
782 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
783 * pointers back, and let's fix them up, to instead point to 'u'. */
784
785 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
786 if (back == u) {
787 /* Do not add dependencies between u and itself. */
788 if (hashmap_remove(back->dependencies[k], other))
789 maybe_warn_about_dependency(u, other_id, k);
790 } else {
791 UnitDependencyInfo di_u, di_other, di_merged;
792
793 /* Let's drop this dependency between "back" and "other", and let's create it between
794 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
795 * and any such dependency which might already exist */
796
797 di_other.data = hashmap_get(back->dependencies[k], other);
798 if (!di_other.data)
799 continue; /* dependency isn't set, let's try the next one */
800
801 di_u.data = hashmap_get(back->dependencies[k], u);
802
803 di_merged = (UnitDependencyInfo) {
804 .origin_mask = di_u.origin_mask | di_other.origin_mask,
805 .destination_mask = di_u.destination_mask | di_other.destination_mask,
806 };
807
808 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
809 if (r < 0)
810 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
811 assert(r >= 0);
812
813 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
814 }
815 }
816
817 }
818
819 /* Also do not move dependencies on u to itself */
820 back = hashmap_remove(other->dependencies[d], u);
821 if (back)
822 maybe_warn_about_dependency(u, other_id, d);
823
824 /* The move cannot fail. The caller must have performed a reservation. */
825 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
826
827 other->dependencies[d] = hashmap_free(other->dependencies[d]);
828 }
829
830 int unit_merge(Unit *u, Unit *other) {
831 UnitDependency d;
832 const char *other_id = NULL;
833 int r;
834
835 assert(u);
836 assert(other);
837 assert(u->manager == other->manager);
838 assert(u->type != _UNIT_TYPE_INVALID);
839
840 other = unit_follow_merge(other);
841
842 if (other == u)
843 return 0;
844
845 if (u->type != other->type)
846 return -EINVAL;
847
848 if (!u->instance != !other->instance)
849 return -EINVAL;
850
851 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
852 return -EEXIST;
853
854 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
855 return -EEXIST;
856
857 if (other->job)
858 return -EEXIST;
859
860 if (other->nop_job)
861 return -EEXIST;
862
863 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
864 return -EEXIST;
865
866 if (other->id)
867 other_id = strdupa(other->id);
868
869 /* Make reservations to ensure merge_dependencies() won't fail */
870 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
871 r = reserve_dependencies(u, other, d);
872 /*
873 * We don't rollback reservations if we fail. We don't have
874 * a way to undo reservations. A reservation is not a leak.
875 */
876 if (r < 0)
877 return r;
878 }
879
880 /* Merge names */
881 r = merge_names(u, other);
882 if (r < 0)
883 return r;
884
885 /* Redirect all references */
886 while (other->refs_by_target)
887 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
888
889 /* Merge dependencies */
890 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
891 merge_dependencies(u, other, other_id, d);
892
893 other->load_state = UNIT_MERGED;
894 other->merged_into = u;
895
896 /* If there is still some data attached to the other node, we
897 * don't need it anymore, and can free it. */
898 if (other->load_state != UNIT_STUB)
899 if (UNIT_VTABLE(other)->done)
900 UNIT_VTABLE(other)->done(other);
901
902 unit_add_to_dbus_queue(u);
903 unit_add_to_cleanup_queue(other);
904
905 return 0;
906 }
907
908 int unit_merge_by_name(Unit *u, const char *name) {
909 _cleanup_free_ char *s = NULL;
910 Unit *other;
911 int r;
912
913 assert(u);
914 assert(name);
915
916 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
917 if (!u->instance)
918 return -EINVAL;
919
920 r = unit_name_replace_instance(name, u->instance, &s);
921 if (r < 0)
922 return r;
923
924 name = s;
925 }
926
927 other = manager_get_unit(u->manager, name);
928 if (other)
929 return unit_merge(u, other);
930
931 return unit_add_name(u, name);
932 }
933
934 Unit* unit_follow_merge(Unit *u) {
935 assert(u);
936
937 while (u->load_state == UNIT_MERGED)
938 assert_se(u = u->merged_into);
939
940 return u;
941 }
942
943 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
944 ExecDirectoryType dt;
945 char **dp;
946 int r;
947
948 assert(u);
949 assert(c);
950
951 if (c->working_directory) {
952 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
953 if (r < 0)
954 return r;
955 }
956
957 if (c->root_directory) {
958 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
959 if (r < 0)
960 return r;
961 }
962
963 if (c->root_image) {
964 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
965 if (r < 0)
966 return r;
967 }
968
969 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
970 if (!u->manager->prefix[dt])
971 continue;
972
973 STRV_FOREACH(dp, c->directories[dt].paths) {
974 _cleanup_free_ char *p;
975
976 p = strjoin(u->manager->prefix[dt], "/", *dp);
977 if (!p)
978 return -ENOMEM;
979
980 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
981 if (r < 0)
982 return r;
983 }
984 }
985
986 if (!MANAGER_IS_SYSTEM(u->manager))
987 return 0;
988
989 if (c->private_tmp) {
990 const char *p;
991
992 FOREACH_STRING(p, "/tmp", "/var/tmp") {
993 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
999 if (r < 0)
1000 return r;
1001 }
1002
1003 if (!IN_SET(c->std_output,
1004 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1005 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1006 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1007 !IN_SET(c->std_error,
1008 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1009 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1010 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1011 return 0;
1012
1013 /* If syslog or kernel logging is requested, make sure our own
1014 * logging daemon is run first. */
1015
1016 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1017 if (r < 0)
1018 return r;
1019
1020 return 0;
1021 }
1022
1023 const char *unit_description(Unit *u) {
1024 assert(u);
1025
1026 if (u->description)
1027 return u->description;
1028
1029 return strna(u->id);
1030 }
1031
1032 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1033 const struct {
1034 UnitDependencyMask mask;
1035 const char *name;
1036 } table[] = {
1037 { UNIT_DEPENDENCY_FILE, "file" },
1038 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1039 { UNIT_DEPENDENCY_DEFAULT, "default" },
1040 { UNIT_DEPENDENCY_UDEV, "udev" },
1041 { UNIT_DEPENDENCY_PATH, "path" },
1042 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1043 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1044 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1045 };
1046 size_t i;
1047
1048 assert(f);
1049 assert(kind);
1050 assert(space);
1051
1052 for (i = 0; i < ELEMENTSOF(table); i++) {
1053
1054 if (mask == 0)
1055 break;
1056
1057 if (FLAGS_SET(mask, table[i].mask)) {
1058 if (*space)
1059 fputc(' ', f);
1060 else
1061 *space = true;
1062
1063 fputs(kind, f);
1064 fputs("-", f);
1065 fputs(table[i].name, f);
1066
1067 mask &= ~table[i].mask;
1068 }
1069 }
1070
1071 assert(mask == 0);
1072 }
1073
1074 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1075 char *t, **j;
1076 UnitDependency d;
1077 Iterator i;
1078 const char *prefix2;
1079 char
1080 timestamp0[FORMAT_TIMESTAMP_MAX],
1081 timestamp1[FORMAT_TIMESTAMP_MAX],
1082 timestamp2[FORMAT_TIMESTAMP_MAX],
1083 timestamp3[FORMAT_TIMESTAMP_MAX],
1084 timestamp4[FORMAT_TIMESTAMP_MAX],
1085 timespan[FORMAT_TIMESPAN_MAX];
1086 Unit *following;
1087 _cleanup_set_free_ Set *following_set = NULL;
1088 const char *n;
1089 CGroupMask m;
1090 int r;
1091
1092 assert(u);
1093 assert(u->type >= 0);
1094
1095 prefix = strempty(prefix);
1096 prefix2 = strjoina(prefix, "\t");
1097
1098 fprintf(f,
1099 "%s-> Unit %s:\n"
1100 "%s\tDescription: %s\n"
1101 "%s\tInstance: %s\n"
1102 "%s\tUnit Load State: %s\n"
1103 "%s\tUnit Active State: %s\n"
1104 "%s\tState Change Timestamp: %s\n"
1105 "%s\tInactive Exit Timestamp: %s\n"
1106 "%s\tActive Enter Timestamp: %s\n"
1107 "%s\tActive Exit Timestamp: %s\n"
1108 "%s\tInactive Enter Timestamp: %s\n"
1109 "%s\tMay GC: %s\n"
1110 "%s\tNeed Daemon Reload: %s\n"
1111 "%s\tTransient: %s\n"
1112 "%s\tPerpetual: %s\n"
1113 "%s\tGarbage Collection Mode: %s\n"
1114 "%s\tSlice: %s\n"
1115 "%s\tCGroup: %s\n"
1116 "%s\tCGroup realized: %s\n",
1117 prefix, u->id,
1118 prefix, unit_description(u),
1119 prefix, strna(u->instance),
1120 prefix, unit_load_state_to_string(u->load_state),
1121 prefix, unit_active_state_to_string(unit_active_state(u)),
1122 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1123 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1124 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1125 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1126 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1127 prefix, yes_no(unit_may_gc(u)),
1128 prefix, yes_no(unit_need_daemon_reload(u)),
1129 prefix, yes_no(u->transient),
1130 prefix, yes_no(u->perpetual),
1131 prefix, collect_mode_to_string(u->collect_mode),
1132 prefix, strna(unit_slice_name(u)),
1133 prefix, strna(u->cgroup_path),
1134 prefix, yes_no(u->cgroup_realized));
1135
1136 if (u->cgroup_realized_mask != 0) {
1137 _cleanup_free_ char *s = NULL;
1138 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1139 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1140 }
1141 if (u->cgroup_enabled_mask != 0) {
1142 _cleanup_free_ char *s = NULL;
1143 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1144 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1145 }
1146 m = unit_get_own_mask(u);
1147 if (m != 0) {
1148 _cleanup_free_ char *s = NULL;
1149 (void) cg_mask_to_string(m, &s);
1150 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1151 }
1152 m = unit_get_members_mask(u);
1153 if (m != 0) {
1154 _cleanup_free_ char *s = NULL;
1155 (void) cg_mask_to_string(m, &s);
1156 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1157 }
1158
1159 SET_FOREACH(t, u->names, i)
1160 fprintf(f, "%s\tName: %s\n", prefix, t);
1161
1162 if (!sd_id128_is_null(u->invocation_id))
1163 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1164 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1165
1166 STRV_FOREACH(j, u->documentation)
1167 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1168
1169 following = unit_following(u);
1170 if (following)
1171 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1172
1173 r = unit_following_set(u, &following_set);
1174 if (r >= 0) {
1175 Unit *other;
1176
1177 SET_FOREACH(other, following_set, i)
1178 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1179 }
1180
1181 if (u->fragment_path)
1182 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1183
1184 if (u->source_path)
1185 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1186
1187 STRV_FOREACH(j, u->dropin_paths)
1188 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1189
1190 if (u->failure_action != EMERGENCY_ACTION_NONE)
1191 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1192 if (u->success_action != EMERGENCY_ACTION_NONE)
1193 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1194
1195 if (u->job_timeout != USEC_INFINITY)
1196 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1197
1198 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1199 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1200
1201 if (u->job_timeout_reboot_arg)
1202 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1203
1204 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1205 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1206
1207 if (dual_timestamp_is_set(&u->condition_timestamp))
1208 fprintf(f,
1209 "%s\tCondition Timestamp: %s\n"
1210 "%s\tCondition Result: %s\n",
1211 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1212 prefix, yes_no(u->condition_result));
1213
1214 if (dual_timestamp_is_set(&u->assert_timestamp))
1215 fprintf(f,
1216 "%s\tAssert Timestamp: %s\n"
1217 "%s\tAssert Result: %s\n",
1218 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1219 prefix, yes_no(u->assert_result));
1220
1221 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1222 UnitDependencyInfo di;
1223 Unit *other;
1224
1225 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1226 bool space = false;
1227
1228 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1229
1230 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1231 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1232
1233 fputs(")\n", f);
1234 }
1235 }
1236
1237 if (!hashmap_isempty(u->requires_mounts_for)) {
1238 UnitDependencyInfo di;
1239 const char *path;
1240
1241 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1242 bool space = false;
1243
1244 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1245
1246 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1247 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1248
1249 fputs(")\n", f);
1250 }
1251 }
1252
1253 if (u->load_state == UNIT_LOADED) {
1254
1255 fprintf(f,
1256 "%s\tStopWhenUnneeded: %s\n"
1257 "%s\tRefuseManualStart: %s\n"
1258 "%s\tRefuseManualStop: %s\n"
1259 "%s\tDefaultDependencies: %s\n"
1260 "%s\tOnFailureJobMode: %s\n"
1261 "%s\tIgnoreOnIsolate: %s\n",
1262 prefix, yes_no(u->stop_when_unneeded),
1263 prefix, yes_no(u->refuse_manual_start),
1264 prefix, yes_no(u->refuse_manual_stop),
1265 prefix, yes_no(u->default_dependencies),
1266 prefix, job_mode_to_string(u->on_failure_job_mode),
1267 prefix, yes_no(u->ignore_on_isolate));
1268
1269 if (UNIT_VTABLE(u)->dump)
1270 UNIT_VTABLE(u)->dump(u, f, prefix2);
1271
1272 } else if (u->load_state == UNIT_MERGED)
1273 fprintf(f,
1274 "%s\tMerged into: %s\n",
1275 prefix, u->merged_into->id);
1276 else if (u->load_state == UNIT_ERROR)
1277 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1278
1279 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1280 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1281
1282 if (u->job)
1283 job_dump(u->job, f, prefix2);
1284
1285 if (u->nop_job)
1286 job_dump(u->nop_job, f, prefix2);
1287 }
1288
1289 /* Common implementation for multiple backends */
1290 int unit_load_fragment_and_dropin(Unit *u) {
1291 int r;
1292
1293 assert(u);
1294
1295 /* Load a .{service,socket,...} file */
1296 r = unit_load_fragment(u);
1297 if (r < 0)
1298 return r;
1299
1300 if (u->load_state == UNIT_STUB)
1301 return -ENOENT;
1302
1303 /* Load drop-in directory data. If u is an alias, we might be reloading the
1304 * target unit needlessly. But we cannot be sure which drops-ins have already
1305 * been loaded and which not, at least without doing complicated book-keeping,
1306 * so let's always reread all drop-ins. */
1307 return unit_load_dropin(unit_follow_merge(u));
1308 }
1309
1310 /* Common implementation for multiple backends */
1311 int unit_load_fragment_and_dropin_optional(Unit *u) {
1312 int r;
1313
1314 assert(u);
1315
1316 /* Same as unit_load_fragment_and_dropin(), but whether
1317 * something can be loaded or not doesn't matter. */
1318
1319 /* Load a .service/.socket/.slice/… file */
1320 r = unit_load_fragment(u);
1321 if (r < 0)
1322 return r;
1323
1324 if (u->load_state == UNIT_STUB)
1325 u->load_state = UNIT_LOADED;
1326
1327 /* Load drop-in directory data */
1328 return unit_load_dropin(unit_follow_merge(u));
1329 }
1330
1331 void unit_add_to_target_deps_queue(Unit *u) {
1332 Manager *m = u->manager;
1333
1334 assert(u);
1335
1336 if (u->in_target_deps_queue)
1337 return;
1338
1339 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1340 u->in_target_deps_queue = true;
1341 }
1342
1343 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1344 assert(u);
1345 assert(target);
1346
1347 if (target->type != UNIT_TARGET)
1348 return 0;
1349
1350 /* Only add the dependency if both units are loaded, so that
1351 * that loop check below is reliable */
1352 if (u->load_state != UNIT_LOADED ||
1353 target->load_state != UNIT_LOADED)
1354 return 0;
1355
1356 /* If either side wants no automatic dependencies, then let's
1357 * skip this */
1358 if (!u->default_dependencies ||
1359 !target->default_dependencies)
1360 return 0;
1361
1362 /* Don't create loops */
1363 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1364 return 0;
1365
1366 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1367 }
1368
1369 static int unit_add_slice_dependencies(Unit *u) {
1370 UnitDependencyMask mask;
1371 assert(u);
1372
1373 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1374 return 0;
1375
1376 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1377 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1378 relationship). */
1379 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1380
1381 if (UNIT_ISSET(u->slice))
1382 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1383
1384 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1385 return 0;
1386
1387 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1388 }
1389
1390 static int unit_add_mount_dependencies(Unit *u) {
1391 UnitDependencyInfo di;
1392 const char *path;
1393 Iterator i;
1394 int r;
1395
1396 assert(u);
1397
1398 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1399 char prefix[strlen(path) + 1];
1400
1401 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1402 _cleanup_free_ char *p = NULL;
1403 Unit *m;
1404
1405 r = unit_name_from_path(prefix, ".mount", &p);
1406 if (r < 0)
1407 return r;
1408
1409 m = manager_get_unit(u->manager, p);
1410 if (!m) {
1411 /* Make sure to load the mount unit if
1412 * it exists. If so the dependencies
1413 * on this unit will be added later
1414 * during the loading of the mount
1415 * unit. */
1416 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1417 continue;
1418 }
1419 if (m == u)
1420 continue;
1421
1422 if (m->load_state != UNIT_LOADED)
1423 continue;
1424
1425 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1426 if (r < 0)
1427 return r;
1428
1429 if (m->fragment_path) {
1430 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1431 if (r < 0)
1432 return r;
1433 }
1434 }
1435 }
1436
1437 return 0;
1438 }
1439
1440 static int unit_add_startup_units(Unit *u) {
1441 CGroupContext *c;
1442 int r;
1443
1444 c = unit_get_cgroup_context(u);
1445 if (!c)
1446 return 0;
1447
1448 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1449 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1450 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1451 return 0;
1452
1453 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1454 if (r < 0)
1455 return r;
1456
1457 return set_put(u->manager->startup_units, u);
1458 }
1459
1460 int unit_load(Unit *u) {
1461 int r;
1462
1463 assert(u);
1464
1465 if (u->in_load_queue) {
1466 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1467 u->in_load_queue = false;
1468 }
1469
1470 if (u->type == _UNIT_TYPE_INVALID)
1471 return -EINVAL;
1472
1473 if (u->load_state != UNIT_STUB)
1474 return 0;
1475
1476 if (u->transient_file) {
1477 r = fflush_and_check(u->transient_file);
1478 if (r < 0)
1479 goto fail;
1480
1481 u->transient_file = safe_fclose(u->transient_file);
1482 u->fragment_mtime = now(CLOCK_REALTIME);
1483 }
1484
1485 if (UNIT_VTABLE(u)->load) {
1486 r = UNIT_VTABLE(u)->load(u);
1487 if (r < 0)
1488 goto fail;
1489 }
1490
1491 if (u->load_state == UNIT_STUB) {
1492 r = -ENOENT;
1493 goto fail;
1494 }
1495
1496 if (u->load_state == UNIT_LOADED) {
1497 unit_add_to_target_deps_queue(u);
1498
1499 r = unit_add_slice_dependencies(u);
1500 if (r < 0)
1501 goto fail;
1502
1503 r = unit_add_mount_dependencies(u);
1504 if (r < 0)
1505 goto fail;
1506
1507 r = unit_add_startup_units(u);
1508 if (r < 0)
1509 goto fail;
1510
1511 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1512 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1513 r = -EINVAL;
1514 goto fail;
1515 }
1516
1517 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1518 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1519
1520 unit_update_cgroup_members_masks(u);
1521 }
1522
1523 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1524
1525 unit_add_to_dbus_queue(unit_follow_merge(u));
1526 unit_add_to_gc_queue(u);
1527
1528 return 0;
1529
1530 fail:
1531 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1532 u->load_error = r;
1533 unit_add_to_dbus_queue(u);
1534 unit_add_to_gc_queue(u);
1535
1536 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1537
1538 return r;
1539 }
1540
1541 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1542 Condition *c;
1543 int triggered = -1;
1544
1545 assert(u);
1546 assert(to_string);
1547
1548 /* If the condition list is empty, then it is true */
1549 if (!first)
1550 return true;
1551
1552 /* Otherwise, if all of the non-trigger conditions apply and
1553 * if any of the trigger conditions apply (unless there are
1554 * none) we return true */
1555 LIST_FOREACH(conditions, c, first) {
1556 int r;
1557
1558 r = condition_test(c);
1559 if (r < 0)
1560 log_unit_warning(u,
1561 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1562 to_string(c->type),
1563 c->trigger ? "|" : "",
1564 c->negate ? "!" : "",
1565 c->parameter);
1566 else
1567 log_unit_debug(u,
1568 "%s=%s%s%s %s.",
1569 to_string(c->type),
1570 c->trigger ? "|" : "",
1571 c->negate ? "!" : "",
1572 c->parameter,
1573 condition_result_to_string(c->result));
1574
1575 if (!c->trigger && r <= 0)
1576 return false;
1577
1578 if (c->trigger && triggered <= 0)
1579 triggered = r > 0;
1580 }
1581
1582 return triggered != 0;
1583 }
1584
1585 static bool unit_condition_test(Unit *u) {
1586 assert(u);
1587
1588 dual_timestamp_get(&u->condition_timestamp);
1589 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1590
1591 return u->condition_result;
1592 }
1593
1594 static bool unit_assert_test(Unit *u) {
1595 assert(u);
1596
1597 dual_timestamp_get(&u->assert_timestamp);
1598 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1599
1600 return u->assert_result;
1601 }
1602
1603 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1604 DISABLE_WARNING_FORMAT_NONLITERAL;
1605 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1606 REENABLE_WARNING;
1607 }
1608
1609 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1610 const char *format;
1611 const UnitStatusMessageFormats *format_table;
1612
1613 assert(u);
1614 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1615
1616 if (t != JOB_RELOAD) {
1617 format_table = &UNIT_VTABLE(u)->status_message_formats;
1618 if (format_table) {
1619 format = format_table->starting_stopping[t == JOB_STOP];
1620 if (format)
1621 return format;
1622 }
1623 }
1624
1625 /* Return generic strings */
1626 if (t == JOB_START)
1627 return "Starting %s.";
1628 else if (t == JOB_STOP)
1629 return "Stopping %s.";
1630 else
1631 return "Reloading %s.";
1632 }
1633
1634 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1635 const char *format;
1636
1637 assert(u);
1638
1639 /* Reload status messages have traditionally not been printed to console. */
1640 if (!IN_SET(t, JOB_START, JOB_STOP))
1641 return;
1642
1643 format = unit_get_status_message_format(u, t);
1644
1645 DISABLE_WARNING_FORMAT_NONLITERAL;
1646 unit_status_printf(u, "", format);
1647 REENABLE_WARNING;
1648 }
1649
1650 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1651 const char *format, *mid;
1652 char buf[LINE_MAX];
1653
1654 assert(u);
1655
1656 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1657 return;
1658
1659 if (log_on_console())
1660 return;
1661
1662 /* We log status messages for all units and all operations. */
1663
1664 format = unit_get_status_message_format(u, t);
1665
1666 DISABLE_WARNING_FORMAT_NONLITERAL;
1667 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1668 REENABLE_WARNING;
1669
1670 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1671 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1672 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1673
1674 /* Note that we deliberately use LOG_MESSAGE() instead of
1675 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1676 * closely what is written to screen using the status output,
1677 * which is supposed the highest level, friendliest output
1678 * possible, which means we should avoid the low-level unit
1679 * name. */
1680 log_struct(LOG_INFO,
1681 LOG_MESSAGE("%s", buf),
1682 LOG_UNIT_ID(u),
1683 LOG_UNIT_INVOCATION_ID(u),
1684 mid);
1685 }
1686
1687 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1688 assert(u);
1689 assert(t >= 0);
1690 assert(t < _JOB_TYPE_MAX);
1691
1692 unit_status_log_starting_stopping_reloading(u, t);
1693 unit_status_print_starting_stopping(u, t);
1694 }
1695
1696 int unit_start_limit_test(Unit *u) {
1697 assert(u);
1698
1699 if (ratelimit_below(&u->start_limit)) {
1700 u->start_limit_hit = false;
1701 return 0;
1702 }
1703
1704 log_unit_warning(u, "Start request repeated too quickly.");
1705 u->start_limit_hit = true;
1706
1707 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1708 }
1709
1710 bool unit_shall_confirm_spawn(Unit *u) {
1711 assert(u);
1712
1713 if (manager_is_confirm_spawn_disabled(u->manager))
1714 return false;
1715
1716 /* For some reasons units remaining in the same process group
1717 * as PID 1 fail to acquire the console even if it's not used
1718 * by any process. So skip the confirmation question for them. */
1719 return !unit_get_exec_context(u)->same_pgrp;
1720 }
1721
1722 static bool unit_verify_deps(Unit *u) {
1723 Unit *other;
1724 Iterator j;
1725 void *v;
1726
1727 assert(u);
1728
1729 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1730 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1731 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1732 * conjunction with After= as for them any such check would make things entirely racy. */
1733
1734 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1735
1736 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1737 continue;
1738
1739 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1740 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1741 return false;
1742 }
1743 }
1744
1745 return true;
1746 }
1747
1748 /* Errors:
1749 * -EBADR: This unit type does not support starting.
1750 * -EALREADY: Unit is already started.
1751 * -EAGAIN: An operation is already in progress. Retry later.
1752 * -ECANCELED: Too many requests for now.
1753 * -EPROTO: Assert failed
1754 * -EINVAL: Unit not loaded
1755 * -EOPNOTSUPP: Unit type not supported
1756 * -ENOLINK: The necessary dependencies are not fulfilled.
1757 * -ESTALE: This unit has been started before and can't be started a second time
1758 */
1759 int unit_start(Unit *u) {
1760 UnitActiveState state;
1761 Unit *following;
1762
1763 assert(u);
1764
1765 /* If this is already started, then this will succeed. Note
1766 * that this will even succeed if this unit is not startable
1767 * by the user. This is relied on to detect when we need to
1768 * wait for units and when waiting is finished. */
1769 state = unit_active_state(u);
1770 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1771 return -EALREADY;
1772
1773 /* Units that aren't loaded cannot be started */
1774 if (u->load_state != UNIT_LOADED)
1775 return -EINVAL;
1776
1777 /* Refuse starting scope units more than once */
1778 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1779 return -ESTALE;
1780
1781 /* If the conditions failed, don't do anything at all. If we
1782 * already are activating this call might still be useful to
1783 * speed up activation in case there is some hold-off time,
1784 * but we don't want to recheck the condition in that case. */
1785 if (state != UNIT_ACTIVATING &&
1786 !unit_condition_test(u)) {
1787 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1788 return -EALREADY;
1789 }
1790
1791 /* If the asserts failed, fail the entire job */
1792 if (state != UNIT_ACTIVATING &&
1793 !unit_assert_test(u)) {
1794 log_unit_notice(u, "Starting requested but asserts failed.");
1795 return -EPROTO;
1796 }
1797
1798 /* Units of types that aren't supported cannot be
1799 * started. Note that we do this test only after the condition
1800 * checks, so that we rather return condition check errors
1801 * (which are usually not considered a true failure) than "not
1802 * supported" errors (which are considered a failure).
1803 */
1804 if (!unit_supported(u))
1805 return -EOPNOTSUPP;
1806
1807 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1808 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1809 * effect anymore, due to a reload or due to a failed condition. */
1810 if (!unit_verify_deps(u))
1811 return -ENOLINK;
1812
1813 /* Forward to the main object, if we aren't it. */
1814 following = unit_following(u);
1815 if (following) {
1816 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1817 return unit_start(following);
1818 }
1819
1820 /* If it is stopped, but we cannot start it, then fail */
1821 if (!UNIT_VTABLE(u)->start)
1822 return -EBADR;
1823
1824 /* We don't suppress calls to ->start() here when we are
1825 * already starting, to allow this request to be used as a
1826 * "hurry up" call, for example when the unit is in some "auto
1827 * restart" state where it waits for a holdoff timer to elapse
1828 * before it will start again. */
1829
1830 unit_add_to_dbus_queue(u);
1831
1832 return UNIT_VTABLE(u)->start(u);
1833 }
1834
1835 bool unit_can_start(Unit *u) {
1836 assert(u);
1837
1838 if (u->load_state != UNIT_LOADED)
1839 return false;
1840
1841 if (!unit_supported(u))
1842 return false;
1843
1844 /* Scope units may be started only once */
1845 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1846 return false;
1847
1848 return !!UNIT_VTABLE(u)->start;
1849 }
1850
1851 bool unit_can_isolate(Unit *u) {
1852 assert(u);
1853
1854 return unit_can_start(u) &&
1855 u->allow_isolate;
1856 }
1857
1858 /* Errors:
1859 * -EBADR: This unit type does not support stopping.
1860 * -EALREADY: Unit is already stopped.
1861 * -EAGAIN: An operation is already in progress. Retry later.
1862 */
1863 int unit_stop(Unit *u) {
1864 UnitActiveState state;
1865 Unit *following;
1866
1867 assert(u);
1868
1869 state = unit_active_state(u);
1870 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1871 return -EALREADY;
1872
1873 following = unit_following(u);
1874 if (following) {
1875 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1876 return unit_stop(following);
1877 }
1878
1879 if (!UNIT_VTABLE(u)->stop)
1880 return -EBADR;
1881
1882 unit_add_to_dbus_queue(u);
1883
1884 return UNIT_VTABLE(u)->stop(u);
1885 }
1886
1887 bool unit_can_stop(Unit *u) {
1888 assert(u);
1889
1890 if (!unit_supported(u))
1891 return false;
1892
1893 if (u->perpetual)
1894 return false;
1895
1896 return !!UNIT_VTABLE(u)->stop;
1897 }
1898
1899 /* Errors:
1900 * -EBADR: This unit type does not support reloading.
1901 * -ENOEXEC: Unit is not started.
1902 * -EAGAIN: An operation is already in progress. Retry later.
1903 */
1904 int unit_reload(Unit *u) {
1905 UnitActiveState state;
1906 Unit *following;
1907
1908 assert(u);
1909
1910 if (u->load_state != UNIT_LOADED)
1911 return -EINVAL;
1912
1913 if (!unit_can_reload(u))
1914 return -EBADR;
1915
1916 state = unit_active_state(u);
1917 if (state == UNIT_RELOADING)
1918 return -EALREADY;
1919
1920 if (state != UNIT_ACTIVE) {
1921 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1922 return -ENOEXEC;
1923 }
1924
1925 following = unit_following(u);
1926 if (following) {
1927 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1928 return unit_reload(following);
1929 }
1930
1931 unit_add_to_dbus_queue(u);
1932
1933 if (!UNIT_VTABLE(u)->reload) {
1934 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1935 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1936 return 0;
1937 }
1938
1939 return UNIT_VTABLE(u)->reload(u);
1940 }
1941
1942 bool unit_can_reload(Unit *u) {
1943 assert(u);
1944
1945 if (UNIT_VTABLE(u)->can_reload)
1946 return UNIT_VTABLE(u)->can_reload(u);
1947
1948 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1949 return true;
1950
1951 return UNIT_VTABLE(u)->reload;
1952 }
1953
1954 static void unit_check_unneeded(Unit *u) {
1955
1956 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1957
1958 static const UnitDependency needed_dependencies[] = {
1959 UNIT_REQUIRED_BY,
1960 UNIT_REQUISITE_OF,
1961 UNIT_WANTED_BY,
1962 UNIT_BOUND_BY,
1963 };
1964
1965 unsigned j;
1966 int r;
1967
1968 assert(u);
1969
1970 /* If this service shall be shut down when unneeded then do
1971 * so. */
1972
1973 if (!u->stop_when_unneeded)
1974 return;
1975
1976 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1977 return;
1978
1979 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1980 Unit *other;
1981 Iterator i;
1982 void *v;
1983
1984 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1985 if (unit_active_or_pending(other) || unit_will_restart(other))
1986 return;
1987 }
1988
1989 /* If stopping a unit fails continuously we might enter a stop
1990 * loop here, hence stop acting on the service being
1991 * unnecessary after a while. */
1992 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1993 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1994 return;
1995 }
1996
1997 log_unit_info(u, "Unit not needed anymore. Stopping.");
1998
1999 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2000 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2001 if (r < 0)
2002 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2003 }
2004
2005 static void unit_check_binds_to(Unit *u) {
2006 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2007 bool stop = false;
2008 Unit *other;
2009 Iterator i;
2010 void *v;
2011 int r;
2012
2013 assert(u);
2014
2015 if (u->job)
2016 return;
2017
2018 if (unit_active_state(u) != UNIT_ACTIVE)
2019 return;
2020
2021 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2022 if (other->job)
2023 continue;
2024
2025 if (!other->coldplugged)
2026 /* We might yet create a job for the other unit… */
2027 continue;
2028
2029 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2030 continue;
2031
2032 stop = true;
2033 break;
2034 }
2035
2036 if (!stop)
2037 return;
2038
2039 /* If stopping a unit fails continuously we might enter a stop
2040 * loop here, hence stop acting on the service being
2041 * unnecessary after a while. */
2042 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2043 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2044 return;
2045 }
2046
2047 assert(other);
2048 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2049
2050 /* A unit we need to run is gone. Sniff. Let's stop this. */
2051 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2052 if (r < 0)
2053 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2054 }
2055
2056 static void retroactively_start_dependencies(Unit *u) {
2057 Iterator i;
2058 Unit *other;
2059 void *v;
2060
2061 assert(u);
2062 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2063
2064 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2065 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2066 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2067 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2068
2069 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2070 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2071 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2072 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2073
2074 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2075 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2076 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2077 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2078
2079 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2080 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2081 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2082
2083 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2084 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2085 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2086 }
2087
2088 static void retroactively_stop_dependencies(Unit *u) {
2089 Unit *other;
2090 Iterator i;
2091 void *v;
2092
2093 assert(u);
2094 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2095
2096 /* Pull down units which are bound to us recursively if enabled */
2097 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2098 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2099 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2100 }
2101
2102 static void check_unneeded_dependencies(Unit *u) {
2103 Unit *other;
2104 Iterator i;
2105 void *v;
2106
2107 assert(u);
2108 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2109
2110 /* Garbage collect services that might not be needed anymore, if enabled */
2111 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2112 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2113 unit_check_unneeded(other);
2114 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2115 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2116 unit_check_unneeded(other);
2117 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2118 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2119 unit_check_unneeded(other);
2120 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2121 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2122 unit_check_unneeded(other);
2123 }
2124
2125 void unit_start_on_failure(Unit *u) {
2126 Unit *other;
2127 Iterator i;
2128 void *v;
2129 int r;
2130
2131 assert(u);
2132
2133 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2134 return;
2135
2136 log_unit_info(u, "Triggering OnFailure= dependencies.");
2137
2138 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2139 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2140
2141 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2142 if (r < 0)
2143 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2144 }
2145 }
2146
2147 void unit_trigger_notify(Unit *u) {
2148 Unit *other;
2149 Iterator i;
2150 void *v;
2151
2152 assert(u);
2153
2154 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2155 if (UNIT_VTABLE(other)->trigger_notify)
2156 UNIT_VTABLE(other)->trigger_notify(other, u);
2157 }
2158
2159 static int unit_log_resources(Unit *u) {
2160
2161 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2162 size_t n_message_parts = 0, n_iovec = 0;
2163 char* message_parts[3 + 1], *t;
2164 nsec_t nsec = NSEC_INFINITY;
2165 CGroupIPAccountingMetric m;
2166 size_t i;
2167 int r;
2168 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2169 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2170 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2171 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2172 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2173 };
2174
2175 assert(u);
2176
2177 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2178 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2179 * information and the complete data in structured fields. */
2180
2181 (void) unit_get_cpu_usage(u, &nsec);
2182 if (nsec != NSEC_INFINITY) {
2183 char buf[FORMAT_TIMESPAN_MAX] = "";
2184
2185 /* Format the CPU time for inclusion in the structured log message */
2186 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2187 r = log_oom();
2188 goto finish;
2189 }
2190 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2191
2192 /* Format the CPU time for inclusion in the human language message string */
2193 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2194 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2195 if (!t) {
2196 r = log_oom();
2197 goto finish;
2198 }
2199
2200 message_parts[n_message_parts++] = t;
2201 }
2202
2203 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2204 char buf[FORMAT_BYTES_MAX] = "";
2205 uint64_t value = UINT64_MAX;
2206
2207 assert(ip_fields[m]);
2208
2209 (void) unit_get_ip_accounting(u, m, &value);
2210 if (value == UINT64_MAX)
2211 continue;
2212
2213 /* Format IP accounting data for inclusion in the structured log message */
2214 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2215 r = log_oom();
2216 goto finish;
2217 }
2218 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2219
2220 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2221 * bytes counters (and not for the packets counters) */
2222 if (m == CGROUP_IP_INGRESS_BYTES)
2223 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2224 format_bytes(buf, sizeof(buf), value),
2225 " IP traffic");
2226 else if (m == CGROUP_IP_EGRESS_BYTES)
2227 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2228 format_bytes(buf, sizeof(buf), value),
2229 " IP traffic");
2230 else
2231 continue;
2232 if (!t) {
2233 r = log_oom();
2234 goto finish;
2235 }
2236
2237 message_parts[n_message_parts++] = t;
2238 }
2239
2240 /* Is there any accounting data available at all? */
2241 if (n_iovec == 0) {
2242 r = 0;
2243 goto finish;
2244 }
2245
2246 if (n_message_parts == 0)
2247 t = strjoina("MESSAGE=", u->id, ": Completed");
2248 else {
2249 _cleanup_free_ char *joined;
2250
2251 message_parts[n_message_parts] = NULL;
2252
2253 joined = strv_join(message_parts, ", ");
2254 if (!joined) {
2255 r = log_oom();
2256 goto finish;
2257 }
2258
2259 t = strjoina("MESSAGE=", u->id, ": ", joined);
2260 }
2261
2262 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2263 * and hence don't increase n_iovec for them */
2264 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2265 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2266
2267 t = strjoina(u->manager->unit_log_field, u->id);
2268 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2269
2270 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2271 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2272
2273 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2274 r = 0;
2275
2276 finish:
2277 for (i = 0; i < n_message_parts; i++)
2278 free(message_parts[i]);
2279
2280 for (i = 0; i < n_iovec; i++)
2281 free(iovec[i].iov_base);
2282
2283 return r;
2284
2285 }
2286
2287 static void unit_update_on_console(Unit *u) {
2288 bool b;
2289
2290 assert(u);
2291
2292 b = unit_needs_console(u);
2293 if (u->on_console == b)
2294 return;
2295
2296 u->on_console = b;
2297 if (b)
2298 manager_ref_console(u->manager);
2299 else
2300 manager_unref_console(u->manager);
2301 }
2302
2303 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2304 bool unexpected;
2305 Manager *m;
2306
2307 assert(u);
2308 assert(os < _UNIT_ACTIVE_STATE_MAX);
2309 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2310
2311 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2312 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2313 * remounted this function will be called too! */
2314
2315 m = u->manager;
2316
2317 /* Update timestamps for state changes */
2318 if (!MANAGER_IS_RELOADING(m)) {
2319 dual_timestamp_get(&u->state_change_timestamp);
2320
2321 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2322 u->inactive_exit_timestamp = u->state_change_timestamp;
2323 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2324 u->inactive_enter_timestamp = u->state_change_timestamp;
2325
2326 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2327 u->active_enter_timestamp = u->state_change_timestamp;
2328 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2329 u->active_exit_timestamp = u->state_change_timestamp;
2330 }
2331
2332 /* Keep track of failed units */
2333 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2334
2335 /* Make sure the cgroup and state files are always removed when we become inactive */
2336 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2337 unit_prune_cgroup(u);
2338 unit_unlink_state_files(u);
2339 }
2340
2341 unit_update_on_console(u);
2342
2343 if (u->job) {
2344 unexpected = false;
2345
2346 if (u->job->state == JOB_WAITING)
2347
2348 /* So we reached a different state for this
2349 * job. Let's see if we can run it now if it
2350 * failed previously due to EAGAIN. */
2351 job_add_to_run_queue(u->job);
2352
2353 /* Let's check whether this state change constitutes a
2354 * finished job, or maybe contradicts a running job and
2355 * hence needs to invalidate jobs. */
2356
2357 switch (u->job->type) {
2358
2359 case JOB_START:
2360 case JOB_VERIFY_ACTIVE:
2361
2362 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2363 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2364 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2365 unexpected = true;
2366
2367 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2368 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2369 }
2370
2371 break;
2372
2373 case JOB_RELOAD:
2374 case JOB_RELOAD_OR_START:
2375 case JOB_TRY_RELOAD:
2376
2377 if (u->job->state == JOB_RUNNING) {
2378 if (ns == UNIT_ACTIVE)
2379 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2380 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2381 unexpected = true;
2382
2383 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2384 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2385 }
2386 }
2387
2388 break;
2389
2390 case JOB_STOP:
2391 case JOB_RESTART:
2392 case JOB_TRY_RESTART:
2393
2394 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2395 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2396 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2397 unexpected = true;
2398 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2399 }
2400
2401 break;
2402
2403 default:
2404 assert_not_reached("Job type unknown");
2405 }
2406
2407 } else
2408 unexpected = true;
2409
2410 if (!MANAGER_IS_RELOADING(m)) {
2411
2412 /* If this state change happened without being
2413 * requested by a job, then let's retroactively start
2414 * or stop dependencies. We skip that step when
2415 * deserializing, since we don't want to create any
2416 * additional jobs just because something is already
2417 * activated. */
2418
2419 if (unexpected) {
2420 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2421 retroactively_start_dependencies(u);
2422 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2423 retroactively_stop_dependencies(u);
2424 }
2425
2426 /* stop unneeded units regardless if going down was expected or not */
2427 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2428 check_unneeded_dependencies(u);
2429
2430 if (ns != os && ns == UNIT_FAILED) {
2431 log_unit_debug(u, "Unit entered failed state.");
2432
2433 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2434 unit_start_on_failure(u);
2435 }
2436 }
2437
2438 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2439
2440 if (u->type == UNIT_SERVICE &&
2441 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2442 !MANAGER_IS_RELOADING(m)) {
2443 /* Write audit record if we have just finished starting up */
2444 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2445 u->in_audit = true;
2446 }
2447
2448 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2449 manager_send_unit_plymouth(m, u);
2450
2451 } else {
2452
2453 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2454 !UNIT_IS_INACTIVE_OR_FAILED(os)
2455 && !MANAGER_IS_RELOADING(m)) {
2456
2457 /* This unit just stopped/failed. */
2458 if (u->type == UNIT_SERVICE) {
2459
2460 /* Hmm, if there was no start record written
2461 * write it now, so that we always have a nice
2462 * pair */
2463 if (!u->in_audit) {
2464 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2465
2466 if (ns == UNIT_INACTIVE)
2467 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2468 } else
2469 /* Write audit record if we have just finished shutting down */
2470 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2471
2472 u->in_audit = false;
2473 }
2474
2475 /* Write a log message about consumed resources */
2476 unit_log_resources(u);
2477 }
2478 }
2479
2480 manager_recheck_journal(m);
2481 manager_recheck_dbus(m);
2482
2483 unit_trigger_notify(u);
2484
2485 if (!MANAGER_IS_RELOADING(u->manager)) {
2486 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2487 unit_check_unneeded(u);
2488
2489 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2490 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2491 * without ever entering started.) */
2492 unit_check_binds_to(u);
2493
2494 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2495 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2496 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2497 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2498 }
2499
2500 unit_add_to_dbus_queue(u);
2501 unit_add_to_gc_queue(u);
2502 }
2503
2504 int unit_watch_pid(Unit *u, pid_t pid) {
2505 int r;
2506
2507 assert(u);
2508 assert(pid_is_valid(pid));
2509
2510 /* Watch a specific PID */
2511
2512 r = set_ensure_allocated(&u->pids, NULL);
2513 if (r < 0)
2514 return r;
2515
2516 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2517 if (r < 0)
2518 return r;
2519
2520 /* First try, let's add the unit keyed by "pid". */
2521 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2522 if (r == -EEXIST) {
2523 Unit **array;
2524 bool found = false;
2525 size_t n = 0;
2526
2527 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2528 * to an array of Units rather than just a Unit), lists us already. */
2529
2530 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2531 if (array)
2532 for (; array[n]; n++)
2533 if (array[n] == u)
2534 found = true;
2535
2536 if (found) /* Found it already? if so, do nothing */
2537 r = 0;
2538 else {
2539 Unit **new_array;
2540
2541 /* Allocate a new array */
2542 new_array = new(Unit*, n + 2);
2543 if (!new_array)
2544 return -ENOMEM;
2545
2546 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2547 new_array[n] = u;
2548 new_array[n+1] = NULL;
2549
2550 /* Add or replace the old array */
2551 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2552 if (r < 0) {
2553 free(new_array);
2554 return r;
2555 }
2556
2557 free(array);
2558 }
2559 } else if (r < 0)
2560 return r;
2561
2562 r = set_put(u->pids, PID_TO_PTR(pid));
2563 if (r < 0)
2564 return r;
2565
2566 return 0;
2567 }
2568
2569 void unit_unwatch_pid(Unit *u, pid_t pid) {
2570 Unit **array;
2571
2572 assert(u);
2573 assert(pid_is_valid(pid));
2574
2575 /* First let's drop the unit in case it's keyed as "pid". */
2576 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2577
2578 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2579 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2580 if (array) {
2581 size_t n, m = 0;
2582
2583 /* Let's iterate through the array, dropping our own entry */
2584 for (n = 0; array[n]; n++)
2585 if (array[n] != u)
2586 array[m++] = array[n];
2587 array[m] = NULL;
2588
2589 if (m == 0) {
2590 /* The array is now empty, remove the entire entry */
2591 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2592 free(array);
2593 }
2594 }
2595
2596 (void) set_remove(u->pids, PID_TO_PTR(pid));
2597 }
2598
2599 void unit_unwatch_all_pids(Unit *u) {
2600 assert(u);
2601
2602 while (!set_isempty(u->pids))
2603 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2604
2605 u->pids = set_free(u->pids);
2606 }
2607
2608 static void unit_tidy_watch_pids(Unit *u) {
2609 pid_t except1, except2;
2610 Iterator i;
2611 void *e;
2612
2613 assert(u);
2614
2615 /* Cleans dead PIDs from our list */
2616
2617 except1 = unit_main_pid(u);
2618 except2 = unit_control_pid(u);
2619
2620 SET_FOREACH(e, u->pids, i) {
2621 pid_t pid = PTR_TO_PID(e);
2622
2623 if (pid == except1 || pid == except2)
2624 continue;
2625
2626 if (!pid_is_unwaited(pid))
2627 unit_unwatch_pid(u, pid);
2628 }
2629 }
2630
2631 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2632 Unit *u = userdata;
2633
2634 assert(s);
2635 assert(u);
2636
2637 unit_tidy_watch_pids(u);
2638 unit_watch_all_pids(u);
2639
2640 /* If the PID set is empty now, then let's finish this off. */
2641 unit_synthesize_cgroup_empty_event(u);
2642
2643 return 0;
2644 }
2645
2646 int unit_enqueue_rewatch_pids(Unit *u) {
2647 int r;
2648
2649 assert(u);
2650
2651 if (!u->cgroup_path)
2652 return -ENOENT;
2653
2654 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2655 if (r < 0)
2656 return r;
2657 if (r > 0) /* On unified we can use proper notifications */
2658 return 0;
2659
2660 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2661 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2662 * involves issuing kill(pid, 0) on all processes we watch. */
2663
2664 if (!u->rewatch_pids_event_source) {
2665 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2666
2667 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2668 if (r < 0)
2669 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2670
2671 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2672 if (r < 0)
2673 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2674
2675 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2676
2677 u->rewatch_pids_event_source = TAKE_PTR(s);
2678 }
2679
2680 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2681 if (r < 0)
2682 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2683
2684 return 0;
2685 }
2686
2687 void unit_dequeue_rewatch_pids(Unit *u) {
2688 int r;
2689 assert(u);
2690
2691 if (!u->rewatch_pids_event_source)
2692 return;
2693
2694 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2695 if (r < 0)
2696 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2697
2698 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2699 }
2700
2701 bool unit_job_is_applicable(Unit *u, JobType j) {
2702 assert(u);
2703 assert(j >= 0 && j < _JOB_TYPE_MAX);
2704
2705 switch (j) {
2706
2707 case JOB_VERIFY_ACTIVE:
2708 case JOB_START:
2709 case JOB_NOP:
2710 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2711 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2712 * jobs for it. */
2713 return true;
2714
2715 case JOB_STOP:
2716 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2717 * external events), hence it makes no sense to permit enqueing such a request either. */
2718 return !u->perpetual;
2719
2720 case JOB_RESTART:
2721 case JOB_TRY_RESTART:
2722 return unit_can_stop(u) && unit_can_start(u);
2723
2724 case JOB_RELOAD:
2725 case JOB_TRY_RELOAD:
2726 return unit_can_reload(u);
2727
2728 case JOB_RELOAD_OR_START:
2729 return unit_can_reload(u) && unit_can_start(u);
2730
2731 default:
2732 assert_not_reached("Invalid job type");
2733 }
2734 }
2735
2736 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2737 assert(u);
2738
2739 /* Only warn about some unit types */
2740 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2741 return;
2742
2743 if (streq_ptr(u->id, other))
2744 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2745 else
2746 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2747 }
2748
2749 static int unit_add_dependency_hashmap(
2750 Hashmap **h,
2751 Unit *other,
2752 UnitDependencyMask origin_mask,
2753 UnitDependencyMask destination_mask) {
2754
2755 UnitDependencyInfo info;
2756 int r;
2757
2758 assert(h);
2759 assert(other);
2760 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2761 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2762 assert(origin_mask > 0 || destination_mask > 0);
2763
2764 r = hashmap_ensure_allocated(h, NULL);
2765 if (r < 0)
2766 return r;
2767
2768 assert_cc(sizeof(void*) == sizeof(info));
2769
2770 info.data = hashmap_get(*h, other);
2771 if (info.data) {
2772 /* Entry already exists. Add in our mask. */
2773
2774 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2775 FLAGS_SET(destination_mask, info.destination_mask))
2776 return 0; /* NOP */
2777
2778 info.origin_mask |= origin_mask;
2779 info.destination_mask |= destination_mask;
2780
2781 r = hashmap_update(*h, other, info.data);
2782 } else {
2783 info = (UnitDependencyInfo) {
2784 .origin_mask = origin_mask,
2785 .destination_mask = destination_mask,
2786 };
2787
2788 r = hashmap_put(*h, other, info.data);
2789 }
2790 if (r < 0)
2791 return r;
2792
2793 return 1;
2794 }
2795
2796 int unit_add_dependency(
2797 Unit *u,
2798 UnitDependency d,
2799 Unit *other,
2800 bool add_reference,
2801 UnitDependencyMask mask) {
2802
2803 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2804 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2805 [UNIT_WANTS] = UNIT_WANTED_BY,
2806 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2807 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2808 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2809 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2810 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2811 [UNIT_WANTED_BY] = UNIT_WANTS,
2812 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2813 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2814 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2815 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2816 [UNIT_BEFORE] = UNIT_AFTER,
2817 [UNIT_AFTER] = UNIT_BEFORE,
2818 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2819 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2820 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2821 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2822 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2823 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2824 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2825 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2826 };
2827 Unit *original_u = u, *original_other = other;
2828 int r;
2829
2830 assert(u);
2831 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2832 assert(other);
2833
2834 u = unit_follow_merge(u);
2835 other = unit_follow_merge(other);
2836
2837 /* We won't allow dependencies on ourselves. We will not
2838 * consider them an error however. */
2839 if (u == other) {
2840 maybe_warn_about_dependency(original_u, original_other->id, d);
2841 return 0;
2842 }
2843
2844 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2845 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2846 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2847 return 0;
2848 }
2849
2850 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2851 if (r < 0)
2852 return r;
2853
2854 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2855 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2856 if (r < 0)
2857 return r;
2858 }
2859
2860 if (add_reference) {
2861 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2862 if (r < 0)
2863 return r;
2864
2865 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2866 if (r < 0)
2867 return r;
2868 }
2869
2870 unit_add_to_dbus_queue(u);
2871 return 0;
2872 }
2873
2874 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2875 int r;
2876
2877 assert(u);
2878
2879 r = unit_add_dependency(u, d, other, add_reference, mask);
2880 if (r < 0)
2881 return r;
2882
2883 return unit_add_dependency(u, e, other, add_reference, mask);
2884 }
2885
2886 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2887 int r;
2888
2889 assert(u);
2890 assert(name || path);
2891 assert(buf);
2892 assert(ret);
2893
2894 if (!name)
2895 name = basename(path);
2896
2897 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2898 *buf = NULL;
2899 *ret = name;
2900 return 0;
2901 }
2902
2903 if (u->instance)
2904 r = unit_name_replace_instance(name, u->instance, buf);
2905 else {
2906 _cleanup_free_ char *i = NULL;
2907
2908 r = unit_name_to_prefix(u->id, &i);
2909 if (r < 0)
2910 return r;
2911
2912 r = unit_name_replace_instance(name, i, buf);
2913 }
2914 if (r < 0)
2915 return r;
2916
2917 *ret = *buf;
2918 return 0;
2919 }
2920
2921 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2922 _cleanup_free_ char *buf = NULL;
2923 Unit *other;
2924 int r;
2925
2926 assert(u);
2927 assert(name || path);
2928
2929 r = resolve_template(u, name, path, &buf, &name);
2930 if (r < 0)
2931 return r;
2932
2933 r = manager_load_unit(u->manager, name, path, NULL, &other);
2934 if (r < 0)
2935 return r;
2936
2937 return unit_add_dependency(u, d, other, add_reference, mask);
2938 }
2939
2940 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2941 _cleanup_free_ char *buf = NULL;
2942 Unit *other;
2943 int r;
2944
2945 assert(u);
2946 assert(name || path);
2947
2948 r = resolve_template(u, name, path, &buf, &name);
2949 if (r < 0)
2950 return r;
2951
2952 r = manager_load_unit(u->manager, name, path, NULL, &other);
2953 if (r < 0)
2954 return r;
2955
2956 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2957 }
2958
2959 int set_unit_path(const char *p) {
2960 /* This is mostly for debug purposes */
2961 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2962 return -errno;
2963
2964 return 0;
2965 }
2966
2967 char *unit_dbus_path(Unit *u) {
2968 assert(u);
2969
2970 if (!u->id)
2971 return NULL;
2972
2973 return unit_dbus_path_from_name(u->id);
2974 }
2975
2976 char *unit_dbus_path_invocation_id(Unit *u) {
2977 assert(u);
2978
2979 if (sd_id128_is_null(u->invocation_id))
2980 return NULL;
2981
2982 return unit_dbus_path_from_name(u->invocation_id_string);
2983 }
2984
2985 int unit_set_slice(Unit *u, Unit *slice) {
2986 assert(u);
2987 assert(slice);
2988
2989 /* Sets the unit slice if it has not been set before. Is extra
2990 * careful, to only allow this for units that actually have a
2991 * cgroup context. Also, we don't allow to set this for slices
2992 * (since the parent slice is derived from the name). Make
2993 * sure the unit we set is actually a slice. */
2994
2995 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2996 return -EOPNOTSUPP;
2997
2998 if (u->type == UNIT_SLICE)
2999 return -EINVAL;
3000
3001 if (unit_active_state(u) != UNIT_INACTIVE)
3002 return -EBUSY;
3003
3004 if (slice->type != UNIT_SLICE)
3005 return -EINVAL;
3006
3007 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3008 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3009 return -EPERM;
3010
3011 if (UNIT_DEREF(u->slice) == slice)
3012 return 0;
3013
3014 /* Disallow slice changes if @u is already bound to cgroups */
3015 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3016 return -EBUSY;
3017
3018 unit_ref_set(&u->slice, u, slice);
3019 return 1;
3020 }
3021
3022 int unit_set_default_slice(Unit *u) {
3023 _cleanup_free_ char *b = NULL;
3024 const char *slice_name;
3025 Unit *slice;
3026 int r;
3027
3028 assert(u);
3029
3030 if (UNIT_ISSET(u->slice))
3031 return 0;
3032
3033 if (u->instance) {
3034 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3035
3036 /* Implicitly place all instantiated units in their
3037 * own per-template slice */
3038
3039 r = unit_name_to_prefix(u->id, &prefix);
3040 if (r < 0)
3041 return r;
3042
3043 /* The prefix is already escaped, but it might include
3044 * "-" which has a special meaning for slice units,
3045 * hence escape it here extra. */
3046 escaped = unit_name_escape(prefix);
3047 if (!escaped)
3048 return -ENOMEM;
3049
3050 if (MANAGER_IS_SYSTEM(u->manager))
3051 b = strjoin("system-", escaped, ".slice");
3052 else
3053 b = strappend(escaped, ".slice");
3054 if (!b)
3055 return -ENOMEM;
3056
3057 slice_name = b;
3058 } else
3059 slice_name =
3060 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3061 ? SPECIAL_SYSTEM_SLICE
3062 : SPECIAL_ROOT_SLICE;
3063
3064 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3065 if (r < 0)
3066 return r;
3067
3068 return unit_set_slice(u, slice);
3069 }
3070
3071 const char *unit_slice_name(Unit *u) {
3072 assert(u);
3073
3074 if (!UNIT_ISSET(u->slice))
3075 return NULL;
3076
3077 return UNIT_DEREF(u->slice)->id;
3078 }
3079
3080 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3081 _cleanup_free_ char *t = NULL;
3082 int r;
3083
3084 assert(u);
3085 assert(type);
3086 assert(_found);
3087
3088 r = unit_name_change_suffix(u->id, type, &t);
3089 if (r < 0)
3090 return r;
3091 if (unit_has_name(u, t))
3092 return -EINVAL;
3093
3094 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3095 assert(r < 0 || *_found != u);
3096 return r;
3097 }
3098
3099 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3100 const char *name, *old_owner, *new_owner;
3101 Unit *u = userdata;
3102 int r;
3103
3104 assert(message);
3105 assert(u);
3106
3107 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3108 if (r < 0) {
3109 bus_log_parse_error(r);
3110 return 0;
3111 }
3112
3113 old_owner = empty_to_null(old_owner);
3114 new_owner = empty_to_null(new_owner);
3115
3116 if (UNIT_VTABLE(u)->bus_name_owner_change)
3117 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3118
3119 return 0;
3120 }
3121
3122 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3123 const char *match;
3124
3125 assert(u);
3126 assert(bus);
3127 assert(name);
3128
3129 if (u->match_bus_slot)
3130 return -EBUSY;
3131
3132 match = strjoina("type='signal',"
3133 "sender='org.freedesktop.DBus',"
3134 "path='/org/freedesktop/DBus',"
3135 "interface='org.freedesktop.DBus',"
3136 "member='NameOwnerChanged',"
3137 "arg0='", name, "'");
3138
3139 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3140 }
3141
3142 int unit_watch_bus_name(Unit *u, const char *name) {
3143 int r;
3144
3145 assert(u);
3146 assert(name);
3147
3148 /* Watch a specific name on the bus. We only support one unit
3149 * watching each name for now. */
3150
3151 if (u->manager->api_bus) {
3152 /* If the bus is already available, install the match directly.
3153 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3154 r = unit_install_bus_match(u, u->manager->api_bus, name);
3155 if (r < 0)
3156 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3157 }
3158
3159 r = hashmap_put(u->manager->watch_bus, name, u);
3160 if (r < 0) {
3161 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3162 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3163 }
3164
3165 return 0;
3166 }
3167
3168 void unit_unwatch_bus_name(Unit *u, const char *name) {
3169 assert(u);
3170 assert(name);
3171
3172 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3173 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3174 }
3175
3176 bool unit_can_serialize(Unit *u) {
3177 assert(u);
3178
3179 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3180 }
3181
3182 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3183 _cleanup_free_ char *s = NULL;
3184 int r = 0;
3185
3186 assert(f);
3187 assert(key);
3188
3189 if (mask != 0) {
3190 r = cg_mask_to_string(mask, &s);
3191 if (r >= 0) {
3192 fputs(key, f);
3193 fputc('=', f);
3194 fputs(s, f);
3195 fputc('\n', f);
3196 }
3197 }
3198 return r;
3199 }
3200
3201 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3202 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3203 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3204 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3205 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3206 };
3207
3208 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3209 CGroupIPAccountingMetric m;
3210 int r;
3211
3212 assert(u);
3213 assert(f);
3214 assert(fds);
3215
3216 if (unit_can_serialize(u)) {
3217 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3218 if (r < 0)
3219 return r;
3220 }
3221
3222 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3223
3224 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3225 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3226 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3227 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3228
3229 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3230 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3231
3232 if (dual_timestamp_is_set(&u->condition_timestamp))
3233 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3234
3235 if (dual_timestamp_is_set(&u->assert_timestamp))
3236 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3237
3238 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3239
3240 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3241 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3242 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3243
3244 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3245 if (u->cpu_usage_last != NSEC_INFINITY)
3246 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3247
3248 if (u->cgroup_path)
3249 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3250 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3251 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3252 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3253 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3254
3255 if (uid_is_valid(u->ref_uid))
3256 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3257 if (gid_is_valid(u->ref_gid))
3258 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3259
3260 if (!sd_id128_is_null(u->invocation_id))
3261 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3262
3263 bus_track_serialize(u->bus_track, f, "ref");
3264
3265 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3266 uint64_t v;
3267
3268 r = unit_get_ip_accounting(u, m, &v);
3269 if (r >= 0)
3270 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3271 }
3272
3273 if (serialize_jobs) {
3274 if (u->job) {
3275 fprintf(f, "job\n");
3276 job_serialize(u->job, f);
3277 }
3278
3279 if (u->nop_job) {
3280 fprintf(f, "job\n");
3281 job_serialize(u->nop_job, f);
3282 }
3283 }
3284
3285 /* End marker */
3286 fputc('\n', f);
3287 return 0;
3288 }
3289
3290 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3291 assert(u);
3292 assert(f);
3293 assert(key);
3294
3295 if (!value)
3296 return 0;
3297
3298 fputs(key, f);
3299 fputc('=', f);
3300 fputs(value, f);
3301 fputc('\n', f);
3302
3303 return 1;
3304 }
3305
3306 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3307 _cleanup_free_ char *c = NULL;
3308
3309 assert(u);
3310 assert(f);
3311 assert(key);
3312
3313 if (!value)
3314 return 0;
3315
3316 c = cescape(value);
3317 if (!c)
3318 return -ENOMEM;
3319
3320 fputs(key, f);
3321 fputc('=', f);
3322 fputs(c, f);
3323 fputc('\n', f);
3324
3325 return 1;
3326 }
3327
3328 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3329 int copy;
3330
3331 assert(u);
3332 assert(f);
3333 assert(key);
3334
3335 if (fd < 0)
3336 return 0;
3337
3338 copy = fdset_put_dup(fds, fd);
3339 if (copy < 0)
3340 return copy;
3341
3342 fprintf(f, "%s=%i\n", key, copy);
3343 return 1;
3344 }
3345
3346 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3347 va_list ap;
3348
3349 assert(u);
3350 assert(f);
3351 assert(key);
3352 assert(format);
3353
3354 fputs(key, f);
3355 fputc('=', f);
3356
3357 va_start(ap, format);
3358 vfprintf(f, format, ap);
3359 va_end(ap);
3360
3361 fputc('\n', f);
3362 }
3363
3364 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3365 int r;
3366
3367 assert(u);
3368 assert(f);
3369 assert(fds);
3370
3371 for (;;) {
3372 char line[LINE_MAX], *l, *v;
3373 CGroupIPAccountingMetric m;
3374 size_t k;
3375
3376 if (!fgets(line, sizeof(line), f)) {
3377 if (feof(f))
3378 return 0;
3379 return -errno;
3380 }
3381
3382 char_array_0(line);
3383 l = strstrip(line);
3384
3385 /* End marker */
3386 if (isempty(l))
3387 break;
3388
3389 k = strcspn(l, "=");
3390
3391 if (l[k] == '=') {
3392 l[k] = 0;
3393 v = l+k+1;
3394 } else
3395 v = l+k;
3396
3397 if (streq(l, "job")) {
3398 if (v[0] == '\0') {
3399 /* new-style serialized job */
3400 Job *j;
3401
3402 j = job_new_raw(u);
3403 if (!j)
3404 return log_oom();
3405
3406 r = job_deserialize(j, f);
3407 if (r < 0) {
3408 job_free(j);
3409 return r;
3410 }
3411
3412 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3413 if (r < 0) {
3414 job_free(j);
3415 return r;
3416 }
3417
3418 r = job_install_deserialized(j);
3419 if (r < 0) {
3420 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3421 job_free(j);
3422 return r;
3423 }
3424 } else /* legacy for pre-44 */
3425 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3426 continue;
3427 } else if (streq(l, "state-change-timestamp")) {
3428 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3429 continue;
3430 } else if (streq(l, "inactive-exit-timestamp")) {
3431 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3432 continue;
3433 } else if (streq(l, "active-enter-timestamp")) {
3434 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3435 continue;
3436 } else if (streq(l, "active-exit-timestamp")) {
3437 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3438 continue;
3439 } else if (streq(l, "inactive-enter-timestamp")) {
3440 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3441 continue;
3442 } else if (streq(l, "condition-timestamp")) {
3443 dual_timestamp_deserialize(v, &u->condition_timestamp);
3444 continue;
3445 } else if (streq(l, "assert-timestamp")) {
3446 dual_timestamp_deserialize(v, &u->assert_timestamp);
3447 continue;
3448 } else if (streq(l, "condition-result")) {
3449
3450 r = parse_boolean(v);
3451 if (r < 0)
3452 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3453 else
3454 u->condition_result = r;
3455
3456 continue;
3457
3458 } else if (streq(l, "assert-result")) {
3459
3460 r = parse_boolean(v);
3461 if (r < 0)
3462 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3463 else
3464 u->assert_result = r;
3465
3466 continue;
3467
3468 } else if (streq(l, "transient")) {
3469
3470 r = parse_boolean(v);
3471 if (r < 0)
3472 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3473 else
3474 u->transient = r;
3475
3476 continue;
3477
3478 } else if (streq(l, "exported-invocation-id")) {
3479
3480 r = parse_boolean(v);
3481 if (r < 0)
3482 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3483 else
3484 u->exported_invocation_id = r;
3485
3486 continue;
3487
3488 } else if (streq(l, "exported-log-level-max")) {
3489
3490 r = parse_boolean(v);
3491 if (r < 0)
3492 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3493 else
3494 u->exported_log_level_max = r;
3495
3496 continue;
3497
3498 } else if (streq(l, "exported-log-extra-fields")) {
3499
3500 r = parse_boolean(v);
3501 if (r < 0)
3502 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3503 else
3504 u->exported_log_extra_fields = r;
3505
3506 continue;
3507
3508 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3509
3510 r = safe_atou64(v, &u->cpu_usage_base);
3511 if (r < 0)
3512 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3513
3514 continue;
3515
3516 } else if (streq(l, "cpu-usage-last")) {
3517
3518 r = safe_atou64(v, &u->cpu_usage_last);
3519 if (r < 0)
3520 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3521
3522 continue;
3523
3524 } else if (streq(l, "cgroup")) {
3525
3526 r = unit_set_cgroup_path(u, v);
3527 if (r < 0)
3528 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3529
3530 (void) unit_watch_cgroup(u);
3531
3532 continue;
3533 } else if (streq(l, "cgroup-realized")) {
3534 int b;
3535
3536 b = parse_boolean(v);
3537 if (b < 0)
3538 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3539 else
3540 u->cgroup_realized = b;
3541
3542 continue;
3543
3544 } else if (streq(l, "cgroup-realized-mask")) {
3545
3546 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3547 if (r < 0)
3548 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3549 continue;
3550
3551 } else if (streq(l, "cgroup-enabled-mask")) {
3552
3553 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3554 if (r < 0)
3555 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3556 continue;
3557
3558 } else if (streq(l, "cgroup-bpf-realized")) {
3559 int i;
3560
3561 r = safe_atoi(v, &i);
3562 if (r < 0)
3563 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3564 else
3565 u->cgroup_bpf_state =
3566 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3567 i > 0 ? UNIT_CGROUP_BPF_ON :
3568 UNIT_CGROUP_BPF_OFF;
3569
3570 continue;
3571
3572 } else if (streq(l, "ref-uid")) {
3573 uid_t uid;
3574
3575 r = parse_uid(v, &uid);
3576 if (r < 0)
3577 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3578 else
3579 unit_ref_uid_gid(u, uid, GID_INVALID);
3580
3581 continue;
3582
3583 } else if (streq(l, "ref-gid")) {
3584 gid_t gid;
3585
3586 r = parse_gid(v, &gid);
3587 if (r < 0)
3588 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3589 else
3590 unit_ref_uid_gid(u, UID_INVALID, gid);
3591
3592 } else if (streq(l, "ref")) {
3593
3594 r = strv_extend(&u->deserialized_refs, v);
3595 if (r < 0)
3596 log_oom();
3597
3598 continue;
3599 } else if (streq(l, "invocation-id")) {
3600 sd_id128_t id;
3601
3602 r = sd_id128_from_string(v, &id);
3603 if (r < 0)
3604 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3605 else {
3606 r = unit_set_invocation_id(u, id);
3607 if (r < 0)
3608 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3609 }
3610
3611 continue;
3612 }
3613
3614 /* Check if this is an IP accounting metric serialization field */
3615 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3616 if (streq(l, ip_accounting_metric_field[m]))
3617 break;
3618 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3619 uint64_t c;
3620
3621 r = safe_atou64(v, &c);
3622 if (r < 0)
3623 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3624 else
3625 u->ip_accounting_extra[m] = c;
3626 continue;
3627 }
3628
3629 if (unit_can_serialize(u)) {
3630 r = exec_runtime_deserialize_compat(u, l, v, fds);
3631 if (r < 0) {
3632 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3633 continue;
3634 }
3635
3636 /* Returns positive if key was handled by the call */
3637 if (r > 0)
3638 continue;
3639
3640 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3641 if (r < 0)
3642 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3643 }
3644 }
3645
3646 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3647 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3648 * before 228 where the base for timeouts was not persistent across reboots. */
3649
3650 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3651 dual_timestamp_get(&u->state_change_timestamp);
3652
3653 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3654 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3655 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3656 unit_invalidate_cgroup_bpf(u);
3657
3658 return 0;
3659 }
3660
3661 void unit_deserialize_skip(FILE *f) {
3662 assert(f);
3663
3664 /* Skip serialized data for this unit. We don't know what it is. */
3665
3666 for (;;) {
3667 char line[LINE_MAX], *l;
3668
3669 if (!fgets(line, sizeof line, f))
3670 return;
3671
3672 char_array_0(line);
3673 l = strstrip(line);
3674
3675 /* End marker */
3676 if (isempty(l))
3677 return;
3678 }
3679 }
3680
3681 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3682 Unit *device;
3683 _cleanup_free_ char *e = NULL;
3684 int r;
3685
3686 assert(u);
3687
3688 /* Adds in links to the device node that this unit is based on */
3689 if (isempty(what))
3690 return 0;
3691
3692 if (!is_device_path(what))
3693 return 0;
3694
3695 /* When device units aren't supported (such as in a
3696 * container), don't create dependencies on them. */
3697 if (!unit_type_supported(UNIT_DEVICE))
3698 return 0;
3699
3700 r = unit_name_from_path(what, ".device", &e);
3701 if (r < 0)
3702 return r;
3703
3704 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3705 if (r < 0)
3706 return r;
3707
3708 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3709 dep = UNIT_BINDS_TO;
3710
3711 r = unit_add_two_dependencies(u, UNIT_AFTER,
3712 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3713 device, true, mask);
3714 if (r < 0)
3715 return r;
3716
3717 if (wants) {
3718 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3719 if (r < 0)
3720 return r;
3721 }
3722
3723 return 0;
3724 }
3725
3726 int unit_coldplug(Unit *u) {
3727 int r = 0, q;
3728 char **i;
3729
3730 assert(u);
3731
3732 /* Make sure we don't enter a loop, when coldplugging recursively. */
3733 if (u->coldplugged)
3734 return 0;
3735
3736 u->coldplugged = true;
3737
3738 STRV_FOREACH(i, u->deserialized_refs) {
3739 q = bus_unit_track_add_name(u, *i);
3740 if (q < 0 && r >= 0)
3741 r = q;
3742 }
3743 u->deserialized_refs = strv_free(u->deserialized_refs);
3744
3745 if (UNIT_VTABLE(u)->coldplug) {
3746 q = UNIT_VTABLE(u)->coldplug(u);
3747 if (q < 0 && r >= 0)
3748 r = q;
3749 }
3750
3751 if (u->job) {
3752 q = job_coldplug(u->job);
3753 if (q < 0 && r >= 0)
3754 r = q;
3755 }
3756
3757 return r;
3758 }
3759
3760 void unit_catchup(Unit *u) {
3761 assert(u);
3762
3763 if (UNIT_VTABLE(u)->catchup)
3764 UNIT_VTABLE(u)->catchup(u);
3765 }
3766
3767 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3768 struct stat st;
3769
3770 if (!path)
3771 return false;
3772
3773 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3774 * are never out-of-date. */
3775 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3776 return false;
3777
3778 if (stat(path, &st) < 0)
3779 /* What, cannot access this anymore? */
3780 return true;
3781
3782 if (path_masked)
3783 /* For masked files check if they are still so */
3784 return !null_or_empty(&st);
3785 else
3786 /* For non-empty files check the mtime */
3787 return timespec_load(&st.st_mtim) > mtime;
3788
3789 return false;
3790 }
3791
3792 bool unit_need_daemon_reload(Unit *u) {
3793 _cleanup_strv_free_ char **t = NULL;
3794 char **path;
3795
3796 assert(u);
3797
3798 /* For unit files, we allow masking… */
3799 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3800 u->load_state == UNIT_MASKED))
3801 return true;
3802
3803 /* Source paths should not be masked… */
3804 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3805 return true;
3806
3807 if (u->load_state == UNIT_LOADED)
3808 (void) unit_find_dropin_paths(u, &t);
3809 if (!strv_equal(u->dropin_paths, t))
3810 return true;
3811
3812 /* … any drop-ins that are masked are simply omitted from the list. */
3813 STRV_FOREACH(path, u->dropin_paths)
3814 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3815 return true;
3816
3817 return false;
3818 }
3819
3820 void unit_reset_failed(Unit *u) {
3821 assert(u);
3822
3823 if (UNIT_VTABLE(u)->reset_failed)
3824 UNIT_VTABLE(u)->reset_failed(u);
3825
3826 RATELIMIT_RESET(u->start_limit);
3827 u->start_limit_hit = false;
3828 }
3829
3830 Unit *unit_following(Unit *u) {
3831 assert(u);
3832
3833 if (UNIT_VTABLE(u)->following)
3834 return UNIT_VTABLE(u)->following(u);
3835
3836 return NULL;
3837 }
3838
3839 bool unit_stop_pending(Unit *u) {
3840 assert(u);
3841
3842 /* This call does check the current state of the unit. It's
3843 * hence useful to be called from state change calls of the
3844 * unit itself, where the state isn't updated yet. This is
3845 * different from unit_inactive_or_pending() which checks both
3846 * the current state and for a queued job. */
3847
3848 return u->job && u->job->type == JOB_STOP;
3849 }
3850
3851 bool unit_inactive_or_pending(Unit *u) {
3852 assert(u);
3853
3854 /* Returns true if the unit is inactive or going down */
3855
3856 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3857 return true;
3858
3859 if (unit_stop_pending(u))
3860 return true;
3861
3862 return false;
3863 }
3864
3865 bool unit_active_or_pending(Unit *u) {
3866 assert(u);
3867
3868 /* Returns true if the unit is active or going up */
3869
3870 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3871 return true;
3872
3873 if (u->job &&
3874 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3875 return true;
3876
3877 return false;
3878 }
3879
3880 bool unit_will_restart(Unit *u) {
3881 assert(u);
3882
3883 if (!UNIT_VTABLE(u)->will_restart)
3884 return false;
3885
3886 return UNIT_VTABLE(u)->will_restart(u);
3887 }
3888
3889 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3890 assert(u);
3891 assert(w >= 0 && w < _KILL_WHO_MAX);
3892 assert(SIGNAL_VALID(signo));
3893
3894 if (!UNIT_VTABLE(u)->kill)
3895 return -EOPNOTSUPP;
3896
3897 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3898 }
3899
3900 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3901 _cleanup_set_free_ Set *pid_set = NULL;
3902 int r;
3903
3904 pid_set = set_new(NULL);
3905 if (!pid_set)
3906 return NULL;
3907
3908 /* Exclude the main/control pids from being killed via the cgroup */
3909 if (main_pid > 0) {
3910 r = set_put(pid_set, PID_TO_PTR(main_pid));
3911 if (r < 0)
3912 return NULL;
3913 }
3914
3915 if (control_pid > 0) {
3916 r = set_put(pid_set, PID_TO_PTR(control_pid));
3917 if (r < 0)
3918 return NULL;
3919 }
3920
3921 return TAKE_PTR(pid_set);
3922 }
3923
3924 int unit_kill_common(
3925 Unit *u,
3926 KillWho who,
3927 int signo,
3928 pid_t main_pid,
3929 pid_t control_pid,
3930 sd_bus_error *error) {
3931
3932 int r = 0;
3933 bool killed = false;
3934
3935 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3936 if (main_pid < 0)
3937 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3938 else if (main_pid == 0)
3939 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3940 }
3941
3942 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3943 if (control_pid < 0)
3944 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3945 else if (control_pid == 0)
3946 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3947 }
3948
3949 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3950 if (control_pid > 0) {
3951 if (kill(control_pid, signo) < 0)
3952 r = -errno;
3953 else
3954 killed = true;
3955 }
3956
3957 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3958 if (main_pid > 0) {
3959 if (kill(main_pid, signo) < 0)
3960 r = -errno;
3961 else
3962 killed = true;
3963 }
3964
3965 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3966 _cleanup_set_free_ Set *pid_set = NULL;
3967 int q;
3968
3969 /* Exclude the main/control pids from being killed via the cgroup */
3970 pid_set = unit_pid_set(main_pid, control_pid);
3971 if (!pid_set)
3972 return -ENOMEM;
3973
3974 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3975 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3976 r = q;
3977 else
3978 killed = true;
3979 }
3980
3981 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3982 return -ESRCH;
3983
3984 return r;
3985 }
3986
3987 int unit_following_set(Unit *u, Set **s) {
3988 assert(u);
3989 assert(s);
3990
3991 if (UNIT_VTABLE(u)->following_set)
3992 return UNIT_VTABLE(u)->following_set(u, s);
3993
3994 *s = NULL;
3995 return 0;
3996 }
3997
3998 UnitFileState unit_get_unit_file_state(Unit *u) {
3999 int r;
4000
4001 assert(u);
4002
4003 if (u->unit_file_state < 0 && u->fragment_path) {
4004 r = unit_file_get_state(
4005 u->manager->unit_file_scope,
4006 NULL,
4007 u->id,
4008 &u->unit_file_state);
4009 if (r < 0)
4010 u->unit_file_state = UNIT_FILE_BAD;
4011 }
4012
4013 return u->unit_file_state;
4014 }
4015
4016 int unit_get_unit_file_preset(Unit *u) {
4017 assert(u);
4018
4019 if (u->unit_file_preset < 0 && u->fragment_path)
4020 u->unit_file_preset = unit_file_query_preset(
4021 u->manager->unit_file_scope,
4022 NULL,
4023 basename(u->fragment_path));
4024
4025 return u->unit_file_preset;
4026 }
4027
4028 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4029 assert(ref);
4030 assert(source);
4031 assert(target);
4032
4033 if (ref->target)
4034 unit_ref_unset(ref);
4035
4036 ref->source = source;
4037 ref->target = target;
4038 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4039 return target;
4040 }
4041
4042 void unit_ref_unset(UnitRef *ref) {
4043 assert(ref);
4044
4045 if (!ref->target)
4046 return;
4047
4048 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4049 * be unreferenced now. */
4050 unit_add_to_gc_queue(ref->target);
4051
4052 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4053 ref->source = ref->target = NULL;
4054 }
4055
4056 static int user_from_unit_name(Unit *u, char **ret) {
4057
4058 static const uint8_t hash_key[] = {
4059 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4060 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4061 };
4062
4063 _cleanup_free_ char *n = NULL;
4064 int r;
4065
4066 r = unit_name_to_prefix(u->id, &n);
4067 if (r < 0)
4068 return r;
4069
4070 if (valid_user_group_name(n)) {
4071 *ret = TAKE_PTR(n);
4072 return 0;
4073 }
4074
4075 /* If we can't use the unit name as a user name, then let's hash it and use that */
4076 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4077 return -ENOMEM;
4078
4079 return 0;
4080 }
4081
4082 int unit_patch_contexts(Unit *u) {
4083 CGroupContext *cc;
4084 ExecContext *ec;
4085 unsigned i;
4086 int r;
4087
4088 assert(u);
4089
4090 /* Patch in the manager defaults into the exec and cgroup
4091 * contexts, _after_ the rest of the settings have been
4092 * initialized */
4093
4094 ec = unit_get_exec_context(u);
4095 if (ec) {
4096 /* This only copies in the ones that need memory */
4097 for (i = 0; i < _RLIMIT_MAX; i++)
4098 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4099 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4100 if (!ec->rlimit[i])
4101 return -ENOMEM;
4102 }
4103
4104 if (MANAGER_IS_USER(u->manager) &&
4105 !ec->working_directory) {
4106
4107 r = get_home_dir(&ec->working_directory);
4108 if (r < 0)
4109 return r;
4110
4111 /* Allow user services to run, even if the
4112 * home directory is missing */
4113 ec->working_directory_missing_ok = true;
4114 }
4115
4116 if (ec->private_devices)
4117 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4118
4119 if (ec->protect_kernel_modules)
4120 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4121
4122 if (ec->dynamic_user) {
4123 if (!ec->user) {
4124 r = user_from_unit_name(u, &ec->user);
4125 if (r < 0)
4126 return r;
4127 }
4128
4129 if (!ec->group) {
4130 ec->group = strdup(ec->user);
4131 if (!ec->group)
4132 return -ENOMEM;
4133 }
4134
4135 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4136 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4137
4138 ec->private_tmp = true;
4139 ec->remove_ipc = true;
4140 ec->protect_system = PROTECT_SYSTEM_STRICT;
4141 if (ec->protect_home == PROTECT_HOME_NO)
4142 ec->protect_home = PROTECT_HOME_READ_ONLY;
4143 }
4144 }
4145
4146 cc = unit_get_cgroup_context(u);
4147 if (cc) {
4148
4149 if (ec &&
4150 ec->private_devices &&
4151 cc->device_policy == CGROUP_AUTO)
4152 cc->device_policy = CGROUP_CLOSED;
4153 }
4154
4155 return 0;
4156 }
4157
4158 ExecContext *unit_get_exec_context(Unit *u) {
4159 size_t offset;
4160 assert(u);
4161
4162 if (u->type < 0)
4163 return NULL;
4164
4165 offset = UNIT_VTABLE(u)->exec_context_offset;
4166 if (offset <= 0)
4167 return NULL;
4168
4169 return (ExecContext*) ((uint8_t*) u + offset);
4170 }
4171
4172 KillContext *unit_get_kill_context(Unit *u) {
4173 size_t offset;
4174 assert(u);
4175
4176 if (u->type < 0)
4177 return NULL;
4178
4179 offset = UNIT_VTABLE(u)->kill_context_offset;
4180 if (offset <= 0)
4181 return NULL;
4182
4183 return (KillContext*) ((uint8_t*) u + offset);
4184 }
4185
4186 CGroupContext *unit_get_cgroup_context(Unit *u) {
4187 size_t offset;
4188
4189 if (u->type < 0)
4190 return NULL;
4191
4192 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4193 if (offset <= 0)
4194 return NULL;
4195
4196 return (CGroupContext*) ((uint8_t*) u + offset);
4197 }
4198
4199 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4200 size_t offset;
4201
4202 if (u->type < 0)
4203 return NULL;
4204
4205 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4206 if (offset <= 0)
4207 return NULL;
4208
4209 return *(ExecRuntime**) ((uint8_t*) u + offset);
4210 }
4211
4212 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4213 assert(u);
4214
4215 if (UNIT_WRITE_FLAGS_NOOP(flags))
4216 return NULL;
4217
4218 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4219 return u->manager->lookup_paths.transient;
4220
4221 if (flags & UNIT_PERSISTENT)
4222 return u->manager->lookup_paths.persistent_control;
4223
4224 if (flags & UNIT_RUNTIME)
4225 return u->manager->lookup_paths.runtime_control;
4226
4227 return NULL;
4228 }
4229
4230 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4231 char *ret = NULL;
4232
4233 if (!s)
4234 return NULL;
4235
4236 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4237 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4238 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4239 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4240 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4241 * allocations. */
4242
4243 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4244 ret = specifier_escape(s);
4245 if (!ret)
4246 return NULL;
4247
4248 s = ret;
4249 }
4250
4251 if (flags & UNIT_ESCAPE_C) {
4252 char *a;
4253
4254 a = cescape(s);
4255 free(ret);
4256 if (!a)
4257 return NULL;
4258
4259 ret = a;
4260 }
4261
4262 if (buf) {
4263 *buf = ret;
4264 return ret ?: (char*) s;
4265 }
4266
4267 return ret ?: strdup(s);
4268 }
4269
4270 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4271 _cleanup_free_ char *result = NULL;
4272 size_t n = 0, allocated = 0;
4273 char **i;
4274
4275 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4276 * way suitable for ExecStart= stanzas */
4277
4278 STRV_FOREACH(i, l) {
4279 _cleanup_free_ char *buf = NULL;
4280 const char *p;
4281 size_t a;
4282 char *q;
4283
4284 p = unit_escape_setting(*i, flags, &buf);
4285 if (!p)
4286 return NULL;
4287
4288 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4289 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4290 return NULL;
4291
4292 q = result + n;
4293 if (n > 0)
4294 *(q++) = ' ';
4295
4296 *(q++) = '"';
4297 q = stpcpy(q, p);
4298 *(q++) = '"';
4299
4300 n += a;
4301 }
4302
4303 if (!GREEDY_REALLOC(result, allocated, n + 1))
4304 return NULL;
4305
4306 result[n] = 0;
4307
4308 return TAKE_PTR(result);
4309 }
4310
4311 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4312 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4313 const char *dir, *wrapped;
4314 int r;
4315
4316 assert(u);
4317 assert(name);
4318 assert(data);
4319
4320 if (UNIT_WRITE_FLAGS_NOOP(flags))
4321 return 0;
4322
4323 data = unit_escape_setting(data, flags, &escaped);
4324 if (!data)
4325 return -ENOMEM;
4326
4327 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4328 * previous section header is the same */
4329
4330 if (flags & UNIT_PRIVATE) {
4331 if (!UNIT_VTABLE(u)->private_section)
4332 return -EINVAL;
4333
4334 if (!u->transient_file || u->last_section_private < 0)
4335 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4336 else if (u->last_section_private == 0)
4337 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4338 } else {
4339 if (!u->transient_file || u->last_section_private < 0)
4340 data = strjoina("[Unit]\n", data);
4341 else if (u->last_section_private > 0)
4342 data = strjoina("\n[Unit]\n", data);
4343 }
4344
4345 if (u->transient_file) {
4346 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4347 * write to the transient unit file. */
4348 fputs(data, u->transient_file);
4349
4350 if (!endswith(data, "\n"))
4351 fputc('\n', u->transient_file);
4352
4353 /* Remember which section we wrote this entry to */
4354 u->last_section_private = !!(flags & UNIT_PRIVATE);
4355 return 0;
4356 }
4357
4358 dir = unit_drop_in_dir(u, flags);
4359 if (!dir)
4360 return -EINVAL;
4361
4362 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4363 "# or an equivalent operation. Do not edit.\n",
4364 data,
4365 "\n");
4366
4367 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4368 if (r < 0)
4369 return r;
4370
4371 (void) mkdir_p_label(p, 0755);
4372 r = write_string_file_atomic_label(q, wrapped);
4373 if (r < 0)
4374 return r;
4375
4376 r = strv_push(&u->dropin_paths, q);
4377 if (r < 0)
4378 return r;
4379 q = NULL;
4380
4381 strv_uniq(u->dropin_paths);
4382
4383 u->dropin_mtime = now(CLOCK_REALTIME);
4384
4385 return 0;
4386 }
4387
4388 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4389 _cleanup_free_ char *p = NULL;
4390 va_list ap;
4391 int r;
4392
4393 assert(u);
4394 assert(name);
4395 assert(format);
4396
4397 if (UNIT_WRITE_FLAGS_NOOP(flags))
4398 return 0;
4399
4400 va_start(ap, format);
4401 r = vasprintf(&p, format, ap);
4402 va_end(ap);
4403
4404 if (r < 0)
4405 return -ENOMEM;
4406
4407 return unit_write_setting(u, flags, name, p);
4408 }
4409
4410 int unit_make_transient(Unit *u) {
4411 _cleanup_free_ char *path = NULL;
4412 FILE *f;
4413
4414 assert(u);
4415
4416 if (!UNIT_VTABLE(u)->can_transient)
4417 return -EOPNOTSUPP;
4418
4419 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4420
4421 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4422 if (!path)
4423 return -ENOMEM;
4424
4425 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4426 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4427
4428 RUN_WITH_UMASK(0022) {
4429 f = fopen(path, "we");
4430 if (!f)
4431 return -errno;
4432 }
4433
4434 safe_fclose(u->transient_file);
4435 u->transient_file = f;
4436
4437 free_and_replace(u->fragment_path, path);
4438
4439 u->source_path = mfree(u->source_path);
4440 u->dropin_paths = strv_free(u->dropin_paths);
4441 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4442
4443 u->load_state = UNIT_STUB;
4444 u->load_error = 0;
4445 u->transient = true;
4446
4447 unit_add_to_dbus_queue(u);
4448 unit_add_to_gc_queue(u);
4449
4450 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4451 u->transient_file);
4452
4453 return 0;
4454 }
4455
4456 static void log_kill(pid_t pid, int sig, void *userdata) {
4457 _cleanup_free_ char *comm = NULL;
4458
4459 (void) get_process_comm(pid, &comm);
4460
4461 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4462 only, like for example systemd's own PAM stub process. */
4463 if (comm && comm[0] == '(')
4464 return;
4465
4466 log_unit_notice(userdata,
4467 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4468 pid,
4469 strna(comm),
4470 signal_to_string(sig));
4471 }
4472
4473 static int operation_to_signal(KillContext *c, KillOperation k) {
4474 assert(c);
4475
4476 switch (k) {
4477
4478 case KILL_TERMINATE:
4479 case KILL_TERMINATE_AND_LOG:
4480 return c->kill_signal;
4481
4482 case KILL_KILL:
4483 return SIGKILL;
4484
4485 case KILL_ABORT:
4486 return SIGABRT;
4487
4488 default:
4489 assert_not_reached("KillOperation unknown");
4490 }
4491 }
4492
4493 int unit_kill_context(
4494 Unit *u,
4495 KillContext *c,
4496 KillOperation k,
4497 pid_t main_pid,
4498 pid_t control_pid,
4499 bool main_pid_alien) {
4500
4501 bool wait_for_exit = false, send_sighup;
4502 cg_kill_log_func_t log_func = NULL;
4503 int sig, r;
4504
4505 assert(u);
4506 assert(c);
4507
4508 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4509 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4510
4511 if (c->kill_mode == KILL_NONE)
4512 return 0;
4513
4514 sig = operation_to_signal(c, k);
4515
4516 send_sighup =
4517 c->send_sighup &&
4518 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4519 sig != SIGHUP;
4520
4521 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4522 log_func = log_kill;
4523
4524 if (main_pid > 0) {
4525 if (log_func)
4526 log_func(main_pid, sig, u);
4527
4528 r = kill_and_sigcont(main_pid, sig);
4529 if (r < 0 && r != -ESRCH) {
4530 _cleanup_free_ char *comm = NULL;
4531 (void) get_process_comm(main_pid, &comm);
4532
4533 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4534 } else {
4535 if (!main_pid_alien)
4536 wait_for_exit = true;
4537
4538 if (r != -ESRCH && send_sighup)
4539 (void) kill(main_pid, SIGHUP);
4540 }
4541 }
4542
4543 if (control_pid > 0) {
4544 if (log_func)
4545 log_func(control_pid, sig, u);
4546
4547 r = kill_and_sigcont(control_pid, sig);
4548 if (r < 0 && r != -ESRCH) {
4549 _cleanup_free_ char *comm = NULL;
4550 (void) get_process_comm(control_pid, &comm);
4551
4552 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4553 } else {
4554 wait_for_exit = true;
4555
4556 if (r != -ESRCH && send_sighup)
4557 (void) kill(control_pid, SIGHUP);
4558 }
4559 }
4560
4561 if (u->cgroup_path &&
4562 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4563 _cleanup_set_free_ Set *pid_set = NULL;
4564
4565 /* Exclude the main/control pids from being killed via the cgroup */
4566 pid_set = unit_pid_set(main_pid, control_pid);
4567 if (!pid_set)
4568 return -ENOMEM;
4569
4570 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4571 sig,
4572 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4573 pid_set,
4574 log_func, u);
4575 if (r < 0) {
4576 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4577 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4578
4579 } else if (r > 0) {
4580
4581 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4582 * we are running in a container or if this is a delegation unit, simply because cgroup
4583 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4584 * of containers it can be confused easily by left-over directories in the cgroup — which
4585 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4586 * there we get proper events. Hence rely on them. */
4587
4588 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4589 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4590 wait_for_exit = true;
4591
4592 if (send_sighup) {
4593 set_free(pid_set);
4594
4595 pid_set = unit_pid_set(main_pid, control_pid);
4596 if (!pid_set)
4597 return -ENOMEM;
4598
4599 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4600 SIGHUP,
4601 CGROUP_IGNORE_SELF,
4602 pid_set,
4603 NULL, NULL);
4604 }
4605 }
4606 }
4607
4608 return wait_for_exit;
4609 }
4610
4611 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4612 _cleanup_free_ char *p = NULL;
4613 char *prefix;
4614 UnitDependencyInfo di;
4615 int r;
4616
4617 assert(u);
4618 assert(path);
4619
4620 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4621 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4622 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4623 * determine which units to make themselves a dependency of. */
4624
4625 if (!path_is_absolute(path))
4626 return -EINVAL;
4627
4628 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4629 if (r < 0)
4630 return r;
4631
4632 p = strdup(path);
4633 if (!p)
4634 return -ENOMEM;
4635
4636 path = path_simplify(p, false);
4637
4638 if (!path_is_normalized(path))
4639 return -EPERM;
4640
4641 if (hashmap_contains(u->requires_mounts_for, path))
4642 return 0;
4643
4644 di = (UnitDependencyInfo) {
4645 .origin_mask = mask
4646 };
4647
4648 r = hashmap_put(u->requires_mounts_for, path, di.data);
4649 if (r < 0)
4650 return r;
4651 p = NULL;
4652
4653 prefix = alloca(strlen(path) + 1);
4654 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4655 Set *x;
4656
4657 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4658 if (!x) {
4659 _cleanup_free_ char *q = NULL;
4660
4661 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4662 if (r < 0)
4663 return r;
4664
4665 q = strdup(prefix);
4666 if (!q)
4667 return -ENOMEM;
4668
4669 x = set_new(NULL);
4670 if (!x)
4671 return -ENOMEM;
4672
4673 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4674 if (r < 0) {
4675 set_free(x);
4676 return r;
4677 }
4678 q = NULL;
4679 }
4680
4681 r = set_put(x, u);
4682 if (r < 0)
4683 return r;
4684 }
4685
4686 return 0;
4687 }
4688
4689 int unit_setup_exec_runtime(Unit *u) {
4690 ExecRuntime **rt;
4691 size_t offset;
4692 Unit *other;
4693 Iterator i;
4694 void *v;
4695 int r;
4696
4697 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4698 assert(offset > 0);
4699
4700 /* Check if there already is an ExecRuntime for this unit? */
4701 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4702 if (*rt)
4703 return 0;
4704
4705 /* Try to get it from somebody else */
4706 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4707 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4708 if (r == 1)
4709 return 1;
4710 }
4711
4712 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4713 }
4714
4715 int unit_setup_dynamic_creds(Unit *u) {
4716 ExecContext *ec;
4717 DynamicCreds *dcreds;
4718 size_t offset;
4719
4720 assert(u);
4721
4722 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4723 assert(offset > 0);
4724 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4725
4726 ec = unit_get_exec_context(u);
4727 assert(ec);
4728
4729 if (!ec->dynamic_user)
4730 return 0;
4731
4732 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4733 }
4734
4735 bool unit_type_supported(UnitType t) {
4736 if (_unlikely_(t < 0))
4737 return false;
4738 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4739 return false;
4740
4741 if (!unit_vtable[t]->supported)
4742 return true;
4743
4744 return unit_vtable[t]->supported();
4745 }
4746
4747 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4748 int r;
4749
4750 assert(u);
4751 assert(where);
4752
4753 r = dir_is_empty(where);
4754 if (r > 0 || r == -ENOTDIR)
4755 return;
4756 if (r < 0) {
4757 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4758 return;
4759 }
4760
4761 log_struct(LOG_NOTICE,
4762 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4763 LOG_UNIT_ID(u),
4764 LOG_UNIT_INVOCATION_ID(u),
4765 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4766 "WHERE=%s", where);
4767 }
4768
4769 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4770 _cleanup_free_ char *canonical_where;
4771 int r;
4772
4773 assert(u);
4774 assert(where);
4775
4776 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4777 if (r < 0) {
4778 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4779 return 0;
4780 }
4781
4782 /* We will happily ignore a trailing slash (or any redundant slashes) */
4783 if (path_equal(where, canonical_where))
4784 return 0;
4785
4786 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4787 log_struct(LOG_ERR,
4788 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4789 LOG_UNIT_ID(u),
4790 LOG_UNIT_INVOCATION_ID(u),
4791 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4792 "WHERE=%s", where);
4793
4794 return -ELOOP;
4795 }
4796
4797 bool unit_is_pristine(Unit *u) {
4798 assert(u);
4799
4800 /* Check if the unit already exists or is already around,
4801 * in a number of different ways. Note that to cater for unit
4802 * types such as slice, we are generally fine with units that
4803 * are marked UNIT_LOADED even though nothing was actually
4804 * loaded, as those unit types don't require a file on disk. */
4805
4806 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4807 u->fragment_path ||
4808 u->source_path ||
4809 !strv_isempty(u->dropin_paths) ||
4810 u->job ||
4811 u->merged_into);
4812 }
4813
4814 pid_t unit_control_pid(Unit *u) {
4815 assert(u);
4816
4817 if (UNIT_VTABLE(u)->control_pid)
4818 return UNIT_VTABLE(u)->control_pid(u);
4819
4820 return 0;
4821 }
4822
4823 pid_t unit_main_pid(Unit *u) {
4824 assert(u);
4825
4826 if (UNIT_VTABLE(u)->main_pid)
4827 return UNIT_VTABLE(u)->main_pid(u);
4828
4829 return 0;
4830 }
4831
4832 static void unit_unref_uid_internal(
4833 Unit *u,
4834 uid_t *ref_uid,
4835 bool destroy_now,
4836 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4837
4838 assert(u);
4839 assert(ref_uid);
4840 assert(_manager_unref_uid);
4841
4842 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4843 * gid_t are actually the same time, with the same validity rules.
4844 *
4845 * Drops a reference to UID/GID from a unit. */
4846
4847 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4848 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4849
4850 if (!uid_is_valid(*ref_uid))
4851 return;
4852
4853 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4854 *ref_uid = UID_INVALID;
4855 }
4856
4857 void unit_unref_uid(Unit *u, bool destroy_now) {
4858 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4859 }
4860
4861 void unit_unref_gid(Unit *u, bool destroy_now) {
4862 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4863 }
4864
4865 static int unit_ref_uid_internal(
4866 Unit *u,
4867 uid_t *ref_uid,
4868 uid_t uid,
4869 bool clean_ipc,
4870 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4871
4872 int r;
4873
4874 assert(u);
4875 assert(ref_uid);
4876 assert(uid_is_valid(uid));
4877 assert(_manager_ref_uid);
4878
4879 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4880 * are actually the same type, and have the same validity rules.
4881 *
4882 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4883 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4884 * drops to zero. */
4885
4886 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4887 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4888
4889 if (*ref_uid == uid)
4890 return 0;
4891
4892 if (uid_is_valid(*ref_uid)) /* Already set? */
4893 return -EBUSY;
4894
4895 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4896 if (r < 0)
4897 return r;
4898
4899 *ref_uid = uid;
4900 return 1;
4901 }
4902
4903 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4904 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4905 }
4906
4907 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4908 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4909 }
4910
4911 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4912 int r = 0, q = 0;
4913
4914 assert(u);
4915
4916 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4917
4918 if (uid_is_valid(uid)) {
4919 r = unit_ref_uid(u, uid, clean_ipc);
4920 if (r < 0)
4921 return r;
4922 }
4923
4924 if (gid_is_valid(gid)) {
4925 q = unit_ref_gid(u, gid, clean_ipc);
4926 if (q < 0) {
4927 if (r > 0)
4928 unit_unref_uid(u, false);
4929
4930 return q;
4931 }
4932 }
4933
4934 return r > 0 || q > 0;
4935 }
4936
4937 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4938 ExecContext *c;
4939 int r;
4940
4941 assert(u);
4942
4943 c = unit_get_exec_context(u);
4944
4945 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4946 if (r < 0)
4947 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4948
4949 return r;
4950 }
4951
4952 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4953 assert(u);
4954
4955 unit_unref_uid(u, destroy_now);
4956 unit_unref_gid(u, destroy_now);
4957 }
4958
4959 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4960 int r;
4961
4962 assert(u);
4963
4964 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4965 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4966 * objects when no service references the UID/GID anymore. */
4967
4968 r = unit_ref_uid_gid(u, uid, gid);
4969 if (r > 0)
4970 bus_unit_send_change_signal(u);
4971 }
4972
4973 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4974 int r;
4975
4976 assert(u);
4977
4978 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4979
4980 if (sd_id128_equal(u->invocation_id, id))
4981 return 0;
4982
4983 if (!sd_id128_is_null(u->invocation_id))
4984 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4985
4986 if (sd_id128_is_null(id)) {
4987 r = 0;
4988 goto reset;
4989 }
4990
4991 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4992 if (r < 0)
4993 goto reset;
4994
4995 u->invocation_id = id;
4996 sd_id128_to_string(id, u->invocation_id_string);
4997
4998 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4999 if (r < 0)
5000 goto reset;
5001
5002 return 0;
5003
5004 reset:
5005 u->invocation_id = SD_ID128_NULL;
5006 u->invocation_id_string[0] = 0;
5007 return r;
5008 }
5009
5010 int unit_acquire_invocation_id(Unit *u) {
5011 sd_id128_t id;
5012 int r;
5013
5014 assert(u);
5015
5016 r = sd_id128_randomize(&id);
5017 if (r < 0)
5018 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5019
5020 r = unit_set_invocation_id(u, id);
5021 if (r < 0)
5022 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5023
5024 return 0;
5025 }
5026
5027 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5028 assert(u);
5029 assert(p);
5030
5031 /* Copy parameters from manager */
5032 p->environment = u->manager->environment;
5033 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5034 p->cgroup_supported = u->manager->cgroup_supported;
5035 p->prefix = u->manager->prefix;
5036 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5037
5038 /* Copy paramaters from unit */
5039 p->cgroup_path = u->cgroup_path;
5040 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5041 }
5042
5043 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5044 int r;
5045
5046 assert(u);
5047 assert(ret);
5048
5049 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5050 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5051
5052 (void) unit_realize_cgroup(u);
5053
5054 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5055 if (r != 0)
5056 return r;
5057
5058 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5059 (void) ignore_signals(SIGPIPE, -1);
5060
5061 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5062
5063 if (u->cgroup_path) {
5064 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5065 if (r < 0) {
5066 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5067 _exit(EXIT_CGROUP);
5068 }
5069 }
5070
5071 return 0;
5072 }
5073
5074 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5075 assert(u);
5076 assert(d >= 0);
5077 assert(d < _UNIT_DEPENDENCY_MAX);
5078 assert(other);
5079
5080 if (di.origin_mask == 0 && di.destination_mask == 0) {
5081 /* No bit set anymore, let's drop the whole entry */
5082 assert_se(hashmap_remove(u->dependencies[d], other));
5083 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5084 } else
5085 /* Mask was reduced, let's update the entry */
5086 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5087 }
5088
5089 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5090 UnitDependency d;
5091
5092 assert(u);
5093
5094 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5095
5096 if (mask == 0)
5097 return;
5098
5099 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5100 bool done;
5101
5102 do {
5103 UnitDependencyInfo di;
5104 Unit *other;
5105 Iterator i;
5106
5107 done = true;
5108
5109 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5110 UnitDependency q;
5111
5112 if ((di.origin_mask & ~mask) == di.origin_mask)
5113 continue;
5114 di.origin_mask &= ~mask;
5115 unit_update_dependency_mask(u, d, other, di);
5116
5117 /* We updated the dependency from our unit to the other unit now. But most dependencies
5118 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5119 * all dependency types on the other unit and delete all those which point to us and
5120 * have the right mask set. */
5121
5122 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5123 UnitDependencyInfo dj;
5124
5125 dj.data = hashmap_get(other->dependencies[q], u);
5126 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5127 continue;
5128 dj.destination_mask &= ~mask;
5129
5130 unit_update_dependency_mask(other, q, u, dj);
5131 }
5132
5133 unit_add_to_gc_queue(other);
5134
5135 done = false;
5136 break;
5137 }
5138
5139 } while (!done);
5140 }
5141 }
5142
5143 static int unit_export_invocation_id(Unit *u) {
5144 const char *p;
5145 int r;
5146
5147 assert(u);
5148
5149 if (u->exported_invocation_id)
5150 return 0;
5151
5152 if (sd_id128_is_null(u->invocation_id))
5153 return 0;
5154
5155 p = strjoina("/run/systemd/units/invocation:", u->id);
5156 r = symlink_atomic(u->invocation_id_string, p);
5157 if (r < 0)
5158 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5159
5160 u->exported_invocation_id = true;
5161 return 0;
5162 }
5163
5164 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5165 const char *p;
5166 char buf[2];
5167 int r;
5168
5169 assert(u);
5170 assert(c);
5171
5172 if (u->exported_log_level_max)
5173 return 0;
5174
5175 if (c->log_level_max < 0)
5176 return 0;
5177
5178 assert(c->log_level_max <= 7);
5179
5180 buf[0] = '0' + c->log_level_max;
5181 buf[1] = 0;
5182
5183 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5184 r = symlink_atomic(buf, p);
5185 if (r < 0)
5186 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5187
5188 u->exported_log_level_max = true;
5189 return 0;
5190 }
5191
5192 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5193 _cleanup_close_ int fd = -1;
5194 struct iovec *iovec;
5195 const char *p;
5196 char *pattern;
5197 le64_t *sizes;
5198 ssize_t n;
5199 size_t i;
5200 int r;
5201
5202 if (u->exported_log_extra_fields)
5203 return 0;
5204
5205 if (c->n_log_extra_fields <= 0)
5206 return 0;
5207
5208 sizes = newa(le64_t, c->n_log_extra_fields);
5209 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5210
5211 for (i = 0; i < c->n_log_extra_fields; i++) {
5212 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5213
5214 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5215 iovec[i*2+1] = c->log_extra_fields[i];
5216 }
5217
5218 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5219 pattern = strjoina(p, ".XXXXXX");
5220
5221 fd = mkostemp_safe(pattern);
5222 if (fd < 0)
5223 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5224
5225 n = writev(fd, iovec, c->n_log_extra_fields*2);
5226 if (n < 0) {
5227 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5228 goto fail;
5229 }
5230
5231 (void) fchmod(fd, 0644);
5232
5233 if (rename(pattern, p) < 0) {
5234 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5235 goto fail;
5236 }
5237
5238 u->exported_log_extra_fields = true;
5239 return 0;
5240
5241 fail:
5242 (void) unlink(pattern);
5243 return r;
5244 }
5245
5246 void unit_export_state_files(Unit *u) {
5247 const ExecContext *c;
5248
5249 assert(u);
5250
5251 if (!u->id)
5252 return;
5253
5254 if (!MANAGER_IS_SYSTEM(u->manager))
5255 return;
5256
5257 if (u->manager->test_run_flags != 0)
5258 return;
5259
5260 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5261 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5262 * the IPC system itself and PID 1 also log to the journal.
5263 *
5264 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5265 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5266 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5267 * namespace at least.
5268 *
5269 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5270 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5271 * them with one. */
5272
5273 (void) unit_export_invocation_id(u);
5274
5275 c = unit_get_exec_context(u);
5276 if (c) {
5277 (void) unit_export_log_level_max(u, c);
5278 (void) unit_export_log_extra_fields(u, c);
5279 }
5280 }
5281
5282 void unit_unlink_state_files(Unit *u) {
5283 const char *p;
5284
5285 assert(u);
5286
5287 if (!u->id)
5288 return;
5289
5290 if (!MANAGER_IS_SYSTEM(u->manager))
5291 return;
5292
5293 /* Undoes the effect of unit_export_state() */
5294
5295 if (u->exported_invocation_id) {
5296 p = strjoina("/run/systemd/units/invocation:", u->id);
5297 (void) unlink(p);
5298
5299 u->exported_invocation_id = false;
5300 }
5301
5302 if (u->exported_log_level_max) {
5303 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5304 (void) unlink(p);
5305
5306 u->exported_log_level_max = false;
5307 }
5308
5309 if (u->exported_log_extra_fields) {
5310 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5311 (void) unlink(p);
5312
5313 u->exported_log_extra_fields = false;
5314 }
5315 }
5316
5317 int unit_prepare_exec(Unit *u) {
5318 int r;
5319
5320 assert(u);
5321
5322 /* Prepares everything so that we can fork of a process for this unit */
5323
5324 (void) unit_realize_cgroup(u);
5325
5326 if (u->reset_accounting) {
5327 (void) unit_reset_cpu_accounting(u);
5328 (void) unit_reset_ip_accounting(u);
5329 u->reset_accounting = false;
5330 }
5331
5332 unit_export_state_files(u);
5333
5334 r = unit_setup_exec_runtime(u);
5335 if (r < 0)
5336 return r;
5337
5338 r = unit_setup_dynamic_creds(u);
5339 if (r < 0)
5340 return r;
5341
5342 return 0;
5343 }
5344
5345 static void log_leftover(pid_t pid, int sig, void *userdata) {
5346 _cleanup_free_ char *comm = NULL;
5347
5348 (void) get_process_comm(pid, &comm);
5349
5350 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5351 return;
5352
5353 log_unit_warning(userdata,
5354 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5355 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5356 pid, strna(comm));
5357 }
5358
5359 void unit_warn_leftover_processes(Unit *u) {
5360 assert(u);
5361
5362 (void) unit_pick_cgroup_path(u);
5363
5364 if (!u->cgroup_path)
5365 return;
5366
5367 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5368 }
5369
5370 bool unit_needs_console(Unit *u) {
5371 ExecContext *ec;
5372 UnitActiveState state;
5373
5374 assert(u);
5375
5376 state = unit_active_state(u);
5377
5378 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5379 return false;
5380
5381 if (UNIT_VTABLE(u)->needs_console)
5382 return UNIT_VTABLE(u)->needs_console(u);
5383
5384 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5385 ec = unit_get_exec_context(u);
5386 if (!ec)
5387 return false;
5388
5389 return exec_context_may_touch_console(ec);
5390 }
5391
5392 const char *unit_label_path(Unit *u) {
5393 const char *p;
5394
5395 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5396 * when validating access checks. */
5397
5398 p = u->source_path ?: u->fragment_path;
5399 if (!p)
5400 return NULL;
5401
5402 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5403 if (path_equal(p, "/dev/null"))
5404 return NULL;
5405
5406 return p;
5407 }
5408
5409 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5410 int r;
5411
5412 assert(u);
5413
5414 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5415 * and not a kernel thread either */
5416
5417 /* First, a simple range check */
5418 if (!pid_is_valid(pid))
5419 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5420
5421 /* Some extra safety check */
5422 if (pid == 1 || pid == getpid_cached())
5423 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5424
5425 /* Don't even begin to bother with kernel threads */
5426 r = is_kernel_thread(pid);
5427 if (r == -ESRCH)
5428 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5429 if (r < 0)
5430 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5431 if (r > 0)
5432 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5433
5434 return 0;
5435 }
5436
5437 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5438 [COLLECT_INACTIVE] = "inactive",
5439 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5440 };
5441
5442 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.