]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:


e50080cd97ac70533ce5e1fdbed549af9e485fae
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <sys/prctl.h>
6 #include <unistd.h>
7
8 #include "sd-id128.h"
9 #include "sd-messages.h"
10
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bus-common-errors.h"
15 #include "bus-util.h"
16 #include "cgroup-setup.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "fileio.h"
26 #include "format-util.h"
27 #include "fs-util.h"
28 #include "id128-util.h"
29 #include "io-util.h"
30 #include "install.h"
31 #include "load-dropin.h"
32 #include "load-fragment.h"
33 #include "log.h"
34 #include "macro.h"
35 #include "missing_audit.h"
36 #include "mkdir.h"
37 #include "parse-util.h"
38 #include "path-util.h"
39 #include "process-util.h"
40 #include "rm-rf.h"
41 #include "serialize.h"
42 #include "set.h"
43 #include "signal-util.h"
44 #include "sparse-endian.h"
45 #include "special.h"
46 #include "specifier.h"
47 #include "stat-util.h"
48 #include "stdio-util.h"
49 #include "string-table.h"
50 #include "string-util.h"
51 #include "strv.h"
52 #include "terminal-util.h"
53 #include "tmpfile-util.h"
54 #include "umask-util.h"
55 #include "unit-name.h"
56 #include "unit.h"
57 #include "user-util.h"
58 #include "virt.h"
59
60 /* Thresholds for logging at INFO level about resource consumption */
61 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
62 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
63 #define MENTIONWORTHY_IP_BYTES (0ULL)
64
65 /* Thresholds for logging at INFO level about resource consumption */
66 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
67 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
68 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
69
70 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
71 [UNIT_SERVICE] = &service_vtable,
72 [UNIT_SOCKET] = &socket_vtable,
73 [UNIT_TARGET] = &target_vtable,
74 [UNIT_DEVICE] = &device_vtable,
75 [UNIT_MOUNT] = &mount_vtable,
76 [UNIT_AUTOMOUNT] = &automount_vtable,
77 [UNIT_SWAP] = &swap_vtable,
78 [UNIT_TIMER] = &timer_vtable,
79 [UNIT_PATH] = &path_vtable,
80 [UNIT_SLICE] = &slice_vtable,
81 [UNIT_SCOPE] = &scope_vtable,
82 };
83
84 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
85
86 Unit *unit_new(Manager *m, size_t size) {
87 Unit *u;
88
89 assert(m);
90 assert(size >= sizeof(Unit));
91
92 u = malloc0(size);
93 if (!u)
94 return NULL;
95
96 u->manager = m;
97 u->type = _UNIT_TYPE_INVALID;
98 u->default_dependencies = true;
99 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
100 u->unit_file_preset = -1;
101 u->on_failure_job_mode = JOB_REPLACE;
102 u->cgroup_control_inotify_wd = -1;
103 u->cgroup_memory_inotify_wd = -1;
104 u->job_timeout = USEC_INFINITY;
105 u->job_running_timeout = USEC_INFINITY;
106 u->ref_uid = UID_INVALID;
107 u->ref_gid = GID_INVALID;
108 u->cpu_usage_last = NSEC_INFINITY;
109 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
110 u->failure_action_exit_status = u->success_action_exit_status = -1;
111
112 u->ip_accounting_ingress_map_fd = -1;
113 u->ip_accounting_egress_map_fd = -1;
114 u->ipv4_allow_map_fd = -1;
115 u->ipv6_allow_map_fd = -1;
116 u->ipv4_deny_map_fd = -1;
117 u->ipv6_deny_map_fd = -1;
118
119 u->last_section_private = -1;
120
121 u->start_ratelimit = (RateLimit) { m->default_start_limit_interval, m->default_start_limit_burst };
122 u->auto_stop_ratelimit = (RateLimit) { 10 * USEC_PER_SEC, 16 };
123
124 for (CGroupIOAccountingMetric i = 0; i < _CGROUP_IO_ACCOUNTING_METRIC_MAX; i++)
125 u->io_accounting_last[i] = UINT64_MAX;
126
127 return u;
128 }
129
130 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
131 _cleanup_(unit_freep) Unit *u = NULL;
132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
139 if (r < 0)
140 return r;
141
142 *ret = TAKE_PTR(u);
143
144 return r;
145 }
146
147 bool unit_has_name(const Unit *u, const char *name) {
148 assert(u);
149 assert(name);
150
151 return streq_ptr(name, u->id) ||
152 set_contains(u->aliases, name);
153 }
154
155 static void unit_init(Unit *u) {
156 CGroupContext *cc;
157 ExecContext *ec;
158 KillContext *kc;
159
160 assert(u);
161 assert(u->manager);
162 assert(u->type >= 0);
163
164 cc = unit_get_cgroup_context(u);
165 if (cc) {
166 cgroup_context_init(cc);
167
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
171
172 cc->cpu_accounting = u->manager->default_cpu_accounting;
173 cc->io_accounting = u->manager->default_io_accounting;
174 cc->blockio_accounting = u->manager->default_blockio_accounting;
175 cc->memory_accounting = u->manager->default_memory_accounting;
176 cc->tasks_accounting = u->manager->default_tasks_accounting;
177 cc->ip_accounting = u->manager->default_ip_accounting;
178
179 if (u->type != UNIT_SLICE)
180 cc->tasks_max = u->manager->default_tasks_max;
181 }
182
183 ec = unit_get_exec_context(u);
184 if (ec) {
185 exec_context_init(ec);
186
187 if (MANAGER_IS_SYSTEM(u->manager))
188 ec->keyring_mode = EXEC_KEYRING_SHARED;
189 else {
190 ec->keyring_mode = EXEC_KEYRING_INHERIT;
191
192 /* User manager might have its umask redefined by PAM or UMask=. In this
193 * case let the units it manages inherit this value by default. They can
194 * still tune this value through their own unit file */
195 (void) get_process_umask(getpid_cached(), &ec->umask);
196 }
197 }
198
199 kc = unit_get_kill_context(u);
200 if (kc)
201 kill_context_init(kc);
202
203 if (UNIT_VTABLE(u)->init)
204 UNIT_VTABLE(u)->init(u);
205 }
206
207 static int unit_add_alias(Unit *u, char *donated_name) {
208 int r;
209
210 /* Make sure that u->names is allocated. We may leave u->names
211 * empty if we fail later, but this is not a problem. */
212 r = set_ensure_allocated(&u->aliases, &string_hash_ops);
213 if (r < 0)
214 return r;
215
216 r = set_put(u->aliases, donated_name);
217 if (r < 0)
218 return r;
219 assert(r > 0);
220
221 return 0;
222 }
223
224 int unit_add_name(Unit *u, const char *text) {
225 _cleanup_free_ char *name = NULL, *instance = NULL;
226 UnitType t;
227 int r;
228
229 assert(u);
230 assert(text);
231
232 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
233 if (!u->instance)
234 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
235 "instance is not set when adding name '%s': %m", text);
236
237 r = unit_name_replace_instance(text, u->instance, &name);
238 if (r < 0)
239 return log_unit_debug_errno(u, r,
240 "failed to build instance name from '%s': %m", text);
241 } else {
242 name = strdup(text);
243 if (!name)
244 return -ENOMEM;
245 }
246
247 if (unit_has_name(u, name))
248 return 0;
249
250 if (hashmap_contains(u->manager->units, name))
251 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
252 "unit already exist when adding name '%s': %m", name);
253
254 if (!unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
255 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
256 "name '%s' is invalid: %m", name);
257
258 t = unit_name_to_type(name);
259 if (t < 0)
260 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
261 "failed to to derive unit type from name '%s': %m", name);
262
263 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
264 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
265 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
266 u->type, t, name);
267
268 r = unit_name_to_instance(name, &instance);
269 if (r < 0)
270 return log_unit_debug_errno(u, r, "failed to extract instance from name '%s': %m", name);
271
272 if (instance && !unit_type_may_template(t))
273 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL), "templates are not allowed for name '%s': %m", name);
274
275 /* Ensure that this unit either has no instance, or that the instance matches. */
276 if (u->type != _UNIT_TYPE_INVALID && !streq_ptr(u->instance, instance))
277 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EINVAL),
278 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
279 name, instance, u->instance);
280
281 if (u->id && !unit_type_may_alias(t))
282 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(EEXIST),
283 "cannot add name %s, aliases are not allowed for %s units.",
284 name, unit_type_to_string(t));
285
286 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
287 return log_unit_warning_errno(u, SYNTHETIC_ERRNO(E2BIG), "cannot add name, manager has too many units: %m");
288
289 /* Add name to the global hashmap first, because that's easier to undo */
290 r = hashmap_put(u->manager->units, name, u);
291 if (r < 0)
292 return log_unit_debug_errno(u, r, "add unit to hashmap failed for name '%s': %m", text);
293
294 if (u->id) {
295 r = unit_add_alias(u, name); /* unit_add_alias() takes ownership of the name on success */
296 if (r < 0) {
297 hashmap_remove(u->manager->units, name);
298 return r;
299 }
300 TAKE_PTR(name);
301
302 } else {
303 /* A new name, we don't need the set yet. */
304 assert(u->type == _UNIT_TYPE_INVALID);
305 assert(!u->instance);
306
307 u->type = t;
308 u->id = TAKE_PTR(name);
309 u->instance = TAKE_PTR(instance);
310
311 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
312 unit_init(u);
313 }
314
315 unit_add_to_dbus_queue(u);
316 return 0;
317 }
318
319 int unit_choose_id(Unit *u, const char *name) {
320 _cleanup_free_ char *t = NULL;
321 char *s;
322 int r;
323
324 assert(u);
325 assert(name);
326
327 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
328 if (!u->instance)
329 return -EINVAL;
330
331 r = unit_name_replace_instance(name, u->instance, &t);
332 if (r < 0)
333 return r;
334
335 name = t;
336 }
337
338 if (streq_ptr(u->id, name))
339 return 0; /* Nothing to do. */
340
341 /* Selects one of the aliases of this unit as the id */
342 s = set_get(u->aliases, (char*) name);
343 if (!s)
344 return -ENOENT;
345
346 if (u->id) {
347 r = set_remove_and_put(u->aliases, name, u->id);
348 if (r < 0)
349 return r;
350 } else
351 assert_se(set_remove(u->aliases, name)); /* see set_get() above… */
352
353 u->id = s; /* Old u->id is now stored in the set, and s is not stored anywhere */
354 unit_add_to_dbus_queue(u);
355
356 return 0;
357 }
358
359 int unit_set_description(Unit *u, const char *description) {
360 int r;
361
362 assert(u);
363
364 r = free_and_strdup(&u->description, empty_to_null(description));
365 if (r < 0)
366 return r;
367 if (r > 0)
368 unit_add_to_dbus_queue(u);
369
370 return 0;
371 }
372
373 bool unit_may_gc(Unit *u) {
374 UnitActiveState state;
375 int r;
376
377 assert(u);
378
379 /* Checks whether the unit is ready to be unloaded for garbage collection.
380 * Returns true when the unit may be collected, and false if there's some
381 * reason to keep it loaded.
382 *
383 * References from other units are *not* checked here. Instead, this is done
384 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
385 */
386
387 if (u->job)
388 return false;
389
390 if (u->nop_job)
391 return false;
392
393 state = unit_active_state(u);
394
395 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
396 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
397 UNIT_VTABLE(u)->release_resources)
398 UNIT_VTABLE(u)->release_resources(u);
399
400 if (u->perpetual)
401 return false;
402
403 if (sd_bus_track_count(u->bus_track) > 0)
404 return false;
405
406 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
407 switch (u->collect_mode) {
408
409 case COLLECT_INACTIVE:
410 if (state != UNIT_INACTIVE)
411 return false;
412
413 break;
414
415 case COLLECT_INACTIVE_OR_FAILED:
416 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
417 return false;
418
419 break;
420
421 default:
422 assert_not_reached("Unknown garbage collection mode");
423 }
424
425 if (u->cgroup_path) {
426 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
427 * around. Units with active processes should never be collected. */
428
429 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
430 if (r < 0)
431 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
432 if (r <= 0)
433 return false;
434 }
435
436 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
437 return false;
438
439 return true;
440 }
441
442 void unit_add_to_load_queue(Unit *u) {
443 assert(u);
444 assert(u->type != _UNIT_TYPE_INVALID);
445
446 if (u->load_state != UNIT_STUB || u->in_load_queue)
447 return;
448
449 LIST_PREPEND(load_queue, u->manager->load_queue, u);
450 u->in_load_queue = true;
451 }
452
453 void unit_add_to_cleanup_queue(Unit *u) {
454 assert(u);
455
456 if (u->in_cleanup_queue)
457 return;
458
459 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
460 u->in_cleanup_queue = true;
461 }
462
463 void unit_add_to_gc_queue(Unit *u) {
464 assert(u);
465
466 if (u->in_gc_queue || u->in_cleanup_queue)
467 return;
468
469 if (!unit_may_gc(u))
470 return;
471
472 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
473 u->in_gc_queue = true;
474 }
475
476 void unit_add_to_dbus_queue(Unit *u) {
477 assert(u);
478 assert(u->type != _UNIT_TYPE_INVALID);
479
480 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
481 return;
482
483 /* Shortcut things if nobody cares */
484 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
485 sd_bus_track_count(u->bus_track) <= 0 &&
486 set_isempty(u->manager->private_buses)) {
487 u->sent_dbus_new_signal = true;
488 return;
489 }
490
491 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
492 u->in_dbus_queue = true;
493 }
494
495 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
496 assert(u);
497
498 if (u->in_stop_when_unneeded_queue)
499 return;
500
501 if (!u->stop_when_unneeded)
502 return;
503
504 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
505 return;
506
507 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
508 u->in_stop_when_unneeded_queue = true;
509 }
510
511 static void bidi_set_free(Unit *u, Hashmap *h) {
512 Unit *other;
513 Iterator i;
514 void *v;
515
516 assert(u);
517
518 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
519
520 HASHMAP_FOREACH_KEY(v, other, h, i) {
521 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
522 hashmap_remove(other->dependencies[d], u);
523
524 unit_add_to_gc_queue(other);
525 }
526
527 hashmap_free(h);
528 }
529
530 static void unit_remove_transient(Unit *u) {
531 char **i;
532
533 assert(u);
534
535 if (!u->transient)
536 return;
537
538 if (u->fragment_path)
539 (void) unlink(u->fragment_path);
540
541 STRV_FOREACH(i, u->dropin_paths) {
542 _cleanup_free_ char *p = NULL, *pp = NULL;
543
544 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
545 if (!p)
546 continue;
547
548 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
549 if (!pp)
550 continue;
551
552 /* Only drop transient drop-ins */
553 if (!path_equal(u->manager->lookup_paths.transient, pp))
554 continue;
555
556 (void) unlink(*i);
557 (void) rmdir(p);
558 }
559 }
560
561 static void unit_free_requires_mounts_for(Unit *u) {
562 assert(u);
563
564 for (;;) {
565 _cleanup_free_ char *path;
566
567 path = hashmap_steal_first_key(u->requires_mounts_for);
568 if (!path)
569 break;
570 else {
571 char s[strlen(path) + 1];
572
573 PATH_FOREACH_PREFIX_MORE(s, path) {
574 char *y;
575 Set *x;
576
577 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
578 if (!x)
579 continue;
580
581 (void) set_remove(x, u);
582
583 if (set_isempty(x)) {
584 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
585 free(y);
586 set_free(x);
587 }
588 }
589 }
590 }
591
592 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
593 }
594
595 static void unit_done(Unit *u) {
596 ExecContext *ec;
597 CGroupContext *cc;
598
599 assert(u);
600
601 if (u->type < 0)
602 return;
603
604 if (UNIT_VTABLE(u)->done)
605 UNIT_VTABLE(u)->done(u);
606
607 ec = unit_get_exec_context(u);
608 if (ec)
609 exec_context_done(ec);
610
611 cc = unit_get_cgroup_context(u);
612 if (cc)
613 cgroup_context_done(cc);
614 }
615
616 void unit_free(Unit *u) {
617 Iterator i;
618 char *t;
619
620 if (!u)
621 return;
622
623 if (UNIT_ISSET(u->slice)) {
624 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
625 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u->slice));
626
627 /* And make sure the parent is realized again, updating cgroup memberships */
628 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u->slice));
629 }
630
631 u->transient_file = safe_fclose(u->transient_file);
632
633 if (!MANAGER_IS_RELOADING(u->manager))
634 unit_remove_transient(u);
635
636 bus_unit_send_removed_signal(u);
637
638 unit_done(u);
639
640 unit_dequeue_rewatch_pids(u);
641
642 sd_bus_slot_unref(u->match_bus_slot);
643 sd_bus_track_unref(u->bus_track);
644 u->deserialized_refs = strv_free(u->deserialized_refs);
645 u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
646
647 unit_free_requires_mounts_for(u);
648
649 SET_FOREACH(t, u->aliases, i)
650 hashmap_remove_value(u->manager->units, t, u);
651 if (u->id)
652 hashmap_remove_value(u->manager->units, u->id, u);
653
654 if (!sd_id128_is_null(u->invocation_id))
655 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
656
657 if (u->job) {
658 Job *j = u->job;
659 job_uninstall(j);
660 job_free(j);
661 }
662
663 if (u->nop_job) {
664 Job *j = u->nop_job;
665 job_uninstall(j);
666 job_free(j);
667 }
668
669 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
670 bidi_set_free(u, u->dependencies[d]);
671
672 if (u->on_console)
673 manager_unref_console(u->manager);
674
675 unit_release_cgroup(u);
676
677 if (!MANAGER_IS_RELOADING(u->manager))
678 unit_unlink_state_files(u);
679
680 unit_unref_uid_gid(u, false);
681
682 (void) manager_update_failed_units(u->manager, u, false);
683 set_remove(u->manager->startup_units, u);
684
685 unit_unwatch_all_pids(u);
686
687 unit_ref_unset(&u->slice);
688 while (u->refs_by_target)
689 unit_ref_unset(u->refs_by_target);
690
691 if (u->type != _UNIT_TYPE_INVALID)
692 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
693
694 if (u->in_load_queue)
695 LIST_REMOVE(load_queue, u->manager->load_queue, u);
696
697 if (u->in_dbus_queue)
698 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
699
700 if (u->in_gc_queue)
701 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
702
703 if (u->in_cgroup_realize_queue)
704 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
705
706 if (u->in_cgroup_empty_queue)
707 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
708
709 if (u->in_cleanup_queue)
710 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
711
712 if (u->in_target_deps_queue)
713 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
714
715 if (u->in_stop_when_unneeded_queue)
716 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
717
718 safe_close(u->ip_accounting_ingress_map_fd);
719 safe_close(u->ip_accounting_egress_map_fd);
720
721 safe_close(u->ipv4_allow_map_fd);
722 safe_close(u->ipv6_allow_map_fd);
723 safe_close(u->ipv4_deny_map_fd);
724 safe_close(u->ipv6_deny_map_fd);
725
726 bpf_program_unref(u->ip_bpf_ingress);
727 bpf_program_unref(u->ip_bpf_ingress_installed);
728 bpf_program_unref(u->ip_bpf_egress);
729 bpf_program_unref(u->ip_bpf_egress_installed);
730
731 set_free(u->ip_bpf_custom_ingress);
732 set_free(u->ip_bpf_custom_egress);
733 set_free(u->ip_bpf_custom_ingress_installed);
734 set_free(u->ip_bpf_custom_egress_installed);
735
736 bpf_program_unref(u->bpf_device_control_installed);
737
738 condition_free_list(u->conditions);
739 condition_free_list(u->asserts);
740
741 free(u->description);
742 strv_free(u->documentation);
743 free(u->fragment_path);
744 free(u->source_path);
745 strv_free(u->dropin_paths);
746 free(u->instance);
747
748 free(u->job_timeout_reboot_arg);
749 free(u->reboot_arg);
750
751 set_free_free(u->aliases);
752 free(u->id);
753
754 free(u);
755 }
756
757 FreezerState unit_freezer_state(Unit *u) {
758 assert(u);
759
760 return u->freezer_state;
761 }
762
763 int unit_freezer_state_kernel(Unit *u, FreezerState *ret) {
764 char *values[1] = {};
765 int r;
766
767 assert(u);
768
769 r = cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events",
770 STRV_MAKE("frozen"), values);
771 if (r < 0)
772 return r;
773
774 r = _FREEZER_STATE_INVALID;
775
776 if (values[0]) {
777 if (streq(values[0], "0"))
778 r = FREEZER_RUNNING;
779 else if (streq(values[0], "1"))
780 r = FREEZER_FROZEN;
781 }
782
783 free(values[0]);
784 *ret = r;
785
786 return 0;
787 }
788
789 UnitActiveState unit_active_state(Unit *u) {
790 assert(u);
791
792 if (u->load_state == UNIT_MERGED)
793 return unit_active_state(unit_follow_merge(u));
794
795 /* After a reload it might happen that a unit is not correctly
796 * loaded but still has a process around. That's why we won't
797 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
798
799 return UNIT_VTABLE(u)->active_state(u);
800 }
801
802 const char* unit_sub_state_to_string(Unit *u) {
803 assert(u);
804
805 return UNIT_VTABLE(u)->sub_state_to_string(u);
806 }
807
808 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
809 assert(s);
810 assert(other);
811
812 if (!*other)
813 return 0;
814
815 if (*s)
816 return hashmap_move(*s, *other);
817 else
818 *s = TAKE_PTR(*other);
819
820 return 0;
821 }
822
823 static int merge_names(Unit *u, Unit *other) {
824 char *name;
825 Iterator i;
826 int r;
827
828 assert(u);
829 assert(other);
830
831 r = unit_add_alias(u, other->id);
832 if (r < 0)
833 return r;
834
835 r = set_move(u->aliases, other->aliases);
836 if (r < 0) {
837 set_remove(u->aliases, other->id);
838 return r;
839 }
840
841 TAKE_PTR(other->id);
842 other->aliases = set_free_free(other->aliases);
843
844 SET_FOREACH(name, u->aliases, i)
845 assert_se(hashmap_replace(u->manager->units, name, u) == 0);
846
847 return 0;
848 }
849
850 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
851 unsigned n_reserve;
852
853 assert(u);
854 assert(other);
855 assert(d < _UNIT_DEPENDENCY_MAX);
856
857 /*
858 * If u does not have this dependency set allocated, there is no need
859 * to reserve anything. In that case other's set will be transferred
860 * as a whole to u by complete_move().
861 */
862 if (!u->dependencies[d])
863 return 0;
864
865 /* merge_dependencies() will skip a u-on-u dependency */
866 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
867
868 return hashmap_reserve(u->dependencies[d], n_reserve);
869 }
870
871 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
872 Iterator i;
873 Unit *back;
874 void *v;
875 int r;
876
877 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
878
879 assert(u);
880 assert(other);
881 assert(d < _UNIT_DEPENDENCY_MAX);
882
883 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
884 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i)
885
886 /* Let's now iterate through the dependencies of that dependencies of the other units,
887 * looking for pointers back, and let's fix them up, to instead point to 'u'. */
888 for (UnitDependency k = 0; k < _UNIT_DEPENDENCY_MAX; k++)
889 if (back == u) {
890 /* Do not add dependencies between u and itself. */
891 if (hashmap_remove(back->dependencies[k], other))
892 maybe_warn_about_dependency(u, other_id, k);
893 } else {
894 UnitDependencyInfo di_u, di_other;
895
896 /* Let's drop this dependency between "back" and "other", and let's create it between
897 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
898 * and any such dependency which might already exist */
899
900 di_other.data = hashmap_get(back->dependencies[k], other);
901 if (!di_other.data)
902 continue; /* dependency isn't set, let's try the next one */
903
904 di_u.data = hashmap_get(back->dependencies[k], u);
905
906 UnitDependencyInfo di_merged = {
907 .origin_mask = di_u.origin_mask | di_other.origin_mask,
908 .destination_mask = di_u.destination_mask | di_other.destination_mask,
909 };
910
911 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
912 if (r < 0)
913 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
914 assert(r >= 0);
915
916 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
917 }
918
919 /* Also do not move dependencies on u to itself */
920 back = hashmap_remove(other->dependencies[d], u);
921 if (back)
922 maybe_warn_about_dependency(u, other_id, d);
923
924 /* The move cannot fail. The caller must have performed a reservation. */
925 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
926
927 other->dependencies[d] = hashmap_free(other->dependencies[d]);
928 }
929
930 int unit_merge(Unit *u, Unit *other) {
931 const char *other_id = NULL;
932 int r;
933
934 assert(u);
935 assert(other);
936 assert(u->manager == other->manager);
937 assert(u->type != _UNIT_TYPE_INVALID);
938
939 other = unit_follow_merge(other);
940
941 if (other == u)
942 return 0;
943
944 if (u->type != other->type)
945 return -EINVAL;
946
947 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
948 return -EEXIST;
949
950 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
951 return -EEXIST;
952
953 if (!streq_ptr(u->instance, other->instance))
954 return -EINVAL;
955
956 if (other->job)
957 return -EEXIST;
958
959 if (other->nop_job)
960 return -EEXIST;
961
962 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
963 return -EEXIST;
964
965 if (other->id)
966 other_id = strdupa(other->id);
967
968 /* Make reservations to ensure merge_dependencies() won't fail */
969 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
970 r = reserve_dependencies(u, other, d);
971 /*
972 * We don't rollback reservations if we fail. We don't have
973 * a way to undo reservations. A reservation is not a leak.
974 */
975 if (r < 0)
976 return r;
977 }
978
979 /* Merge names */
980 r = merge_names(u, other);
981 if (r < 0)
982 return r;
983
984 /* Redirect all references */
985 while (other->refs_by_target)
986 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
987
988 /* Merge dependencies */
989 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
990 merge_dependencies(u, other, other_id, d);
991
992 other->load_state = UNIT_MERGED;
993 other->merged_into = u;
994
995 /* If there is still some data attached to the other node, we
996 * don't need it anymore, and can free it. */
997 if (other->load_state != UNIT_STUB)
998 if (UNIT_VTABLE(other)->done)
999 UNIT_VTABLE(other)->done(other);
1000
1001 unit_add_to_dbus_queue(u);
1002 unit_add_to_cleanup_queue(other);
1003
1004 return 0;
1005 }
1006
1007 int unit_merge_by_name(Unit *u, const char *name) {
1008 _cleanup_free_ char *s = NULL;
1009 Unit *other;
1010 int r;
1011
1012 /* Either add name to u, or if a unit with name already exists, merge it with u.
1013 * If name is a template, do the same for name@instance, where instance is u's instance. */
1014
1015 assert(u);
1016 assert(name);
1017
1018 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
1019 if (!u->instance)
1020 return -EINVAL;
1021
1022 r = unit_name_replace_instance(name, u->instance, &s);
1023 if (r < 0)
1024 return r;
1025
1026 name = s;
1027 }
1028
1029 other = manager_get_unit(u->manager, name);
1030 if (other)
1031 return unit_merge(u, other);
1032
1033 return unit_add_name(u, name);
1034 }
1035
1036 Unit* unit_follow_merge(Unit *u) {
1037 assert(u);
1038
1039 while (u->load_state == UNIT_MERGED)
1040 assert_se(u = u->merged_into);
1041
1042 return u;
1043 }
1044
1045 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
1046 ExecDirectoryType dt;
1047 char **dp;
1048 int r;
1049
1050 assert(u);
1051 assert(c);
1052
1053 if (c->working_directory && !c->working_directory_missing_ok) {
1054 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
1055 if (r < 0)
1056 return r;
1057 }
1058
1059 if (c->root_directory) {
1060 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
1061 if (r < 0)
1062 return r;
1063 }
1064
1065 if (c->root_image) {
1066 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
1067 if (r < 0)
1068 return r;
1069 }
1070
1071 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
1072 if (!u->manager->prefix[dt])
1073 continue;
1074
1075 STRV_FOREACH(dp, c->directories[dt].paths) {
1076 _cleanup_free_ char *p;
1077
1078 p = path_join(u->manager->prefix[dt], *dp);
1079 if (!p)
1080 return -ENOMEM;
1081
1082 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1083 if (r < 0)
1084 return r;
1085 }
1086 }
1087
1088 if (!MANAGER_IS_SYSTEM(u->manager))
1089 return 0;
1090
1091 /* For the following three directory types we need write access, and /var/ is possibly on the root
1092 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1093 if (!strv_isempty(c->directories[EXEC_DIRECTORY_STATE].paths) ||
1094 !strv_isempty(c->directories[EXEC_DIRECTORY_CACHE].paths) ||
1095 !strv_isempty(c->directories[EXEC_DIRECTORY_LOGS].paths)) {
1096 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, true, UNIT_DEPENDENCY_FILE);
1097 if (r < 0)
1098 return r;
1099 }
1100
1101 if (c->private_tmp) {
1102 const char *p;
1103
1104 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1105 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1106 if (r < 0)
1107 return r;
1108 }
1109
1110 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1111 if (r < 0)
1112 return r;
1113 }
1114
1115 if (c->root_image) {
1116 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1117 * implicit dependency on udev */
1118
1119 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_UDEVD_SERVICE, true, UNIT_DEPENDENCY_FILE);
1120 if (r < 0)
1121 return r;
1122 }
1123
1124 if (!IN_SET(c->std_output,
1125 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1126 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1127 !IN_SET(c->std_error,
1128 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1129 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE) &&
1130 !c->log_namespace)
1131 return 0;
1132
1133 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1134 * is run first. */
1135
1136 if (c->log_namespace) {
1137 _cleanup_free_ char *socket_unit = NULL, *varlink_socket_unit = NULL;
1138
1139 r = unit_name_build_from_type("systemd-journald", c->log_namespace, UNIT_SOCKET, &socket_unit);
1140 if (r < 0)
1141 return r;
1142
1143 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, socket_unit, true, UNIT_DEPENDENCY_FILE);
1144 if (r < 0)
1145 return r;
1146
1147 r = unit_name_build_from_type("systemd-journald-varlink", c->log_namespace, UNIT_SOCKET, &varlink_socket_unit);
1148 if (r < 0)
1149 return r;
1150
1151 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, varlink_socket_unit, true, UNIT_DEPENDENCY_FILE);
1152 if (r < 0)
1153 return r;
1154 } else
1155 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1156 if (r < 0)
1157 return r;
1158
1159 return 0;
1160 }
1161
1162 const char *unit_description(Unit *u) {
1163 assert(u);
1164
1165 if (u->description)
1166 return u->description;
1167
1168 return strna(u->id);
1169 }
1170
1171 const char *unit_status_string(Unit *u) {
1172 assert(u);
1173
1174 if (u->manager->status_unit_format == STATUS_UNIT_FORMAT_NAME && u->id)
1175 return u->id;
1176
1177 return unit_description(u);
1178 }
1179
1180 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1181 const struct {
1182 UnitDependencyMask mask;
1183 const char *name;
1184 } table[] = {
1185 { UNIT_DEPENDENCY_FILE, "file" },
1186 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1187 { UNIT_DEPENDENCY_DEFAULT, "default" },
1188 { UNIT_DEPENDENCY_UDEV, "udev" },
1189 { UNIT_DEPENDENCY_PATH, "path" },
1190 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1191 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1192 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1193 };
1194 size_t i;
1195
1196 assert(f);
1197 assert(kind);
1198 assert(space);
1199
1200 for (i = 0; i < ELEMENTSOF(table); i++) {
1201
1202 if (mask == 0)
1203 break;
1204
1205 if (FLAGS_SET(mask, table[i].mask)) {
1206 if (*space)
1207 fputc(' ', f);
1208 else
1209 *space = true;
1210
1211 fputs(kind, f);
1212 fputs("-", f);
1213 fputs(table[i].name, f);
1214
1215 mask &= ~table[i].mask;
1216 }
1217 }
1218
1219 assert(mask == 0);
1220 }
1221
1222 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1223 char *t, **j;
1224 Iterator i;
1225 const char *prefix2;
1226 char timestamp[5][FORMAT_TIMESTAMP_MAX], timespan[FORMAT_TIMESPAN_MAX];
1227 Unit *following;
1228 _cleanup_set_free_ Set *following_set = NULL;
1229 const char *n;
1230 CGroupMask m;
1231 int r;
1232
1233 assert(u);
1234 assert(u->type >= 0);
1235
1236 prefix = strempty(prefix);
1237 prefix2 = strjoina(prefix, "\t");
1238
1239 fprintf(f,
1240 "%s-> Unit %s:\n",
1241 prefix, u->id);
1242
1243 SET_FOREACH(t, u->aliases, i)
1244 fprintf(f, "%s\tAlias: %s\n", prefix, t);
1245
1246 fprintf(f,
1247 "%s\tDescription: %s\n"
1248 "%s\tInstance: %s\n"
1249 "%s\tUnit Load State: %s\n"
1250 "%s\tUnit Active State: %s\n"
1251 "%s\tState Change Timestamp: %s\n"
1252 "%s\tInactive Exit Timestamp: %s\n"
1253 "%s\tActive Enter Timestamp: %s\n"
1254 "%s\tActive Exit Timestamp: %s\n"
1255 "%s\tInactive Enter Timestamp: %s\n"
1256 "%s\tMay GC: %s\n"
1257 "%s\tNeed Daemon Reload: %s\n"
1258 "%s\tTransient: %s\n"
1259 "%s\tPerpetual: %s\n"
1260 "%s\tGarbage Collection Mode: %s\n"
1261 "%s\tSlice: %s\n"
1262 "%s\tCGroup: %s\n"
1263 "%s\tCGroup realized: %s\n",
1264 prefix, unit_description(u),
1265 prefix, strna(u->instance),
1266 prefix, unit_load_state_to_string(u->load_state),
1267 prefix, unit_active_state_to_string(unit_active_state(u)),
1268 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->state_change_timestamp.realtime)),
1269 prefix, strna(format_timestamp(timestamp[1], sizeof(timestamp[1]), u->inactive_exit_timestamp.realtime)),
1270 prefix, strna(format_timestamp(timestamp[2], sizeof(timestamp[2]), u->active_enter_timestamp.realtime)),
1271 prefix, strna(format_timestamp(timestamp[3], sizeof(timestamp[3]), u->active_exit_timestamp.realtime)),
1272 prefix, strna(format_timestamp(timestamp[4], sizeof(timestamp[4]), u->inactive_enter_timestamp.realtime)),
1273 prefix, yes_no(unit_may_gc(u)),
1274 prefix, yes_no(unit_need_daemon_reload(u)),
1275 prefix, yes_no(u->transient),
1276 prefix, yes_no(u->perpetual),
1277 prefix, collect_mode_to_string(u->collect_mode),
1278 prefix, strna(unit_slice_name(u)),
1279 prefix, strna(u->cgroup_path),
1280 prefix, yes_no(u->cgroup_realized));
1281
1282 if (u->cgroup_realized_mask != 0) {
1283 _cleanup_free_ char *s = NULL;
1284 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1285 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1286 }
1287
1288 if (u->cgroup_enabled_mask != 0) {
1289 _cleanup_free_ char *s = NULL;
1290 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1291 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1292 }
1293
1294 m = unit_get_own_mask(u);
1295 if (m != 0) {
1296 _cleanup_free_ char *s = NULL;
1297 (void) cg_mask_to_string(m, &s);
1298 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1299 }
1300
1301 m = unit_get_members_mask(u);
1302 if (m != 0) {
1303 _cleanup_free_ char *s = NULL;
1304 (void) cg_mask_to_string(m, &s);
1305 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1306 }
1307
1308 m = unit_get_delegate_mask(u);
1309 if (m != 0) {
1310 _cleanup_free_ char *s = NULL;
1311 (void) cg_mask_to_string(m, &s);
1312 fprintf(f, "%s\tCGroup delegate mask: %s\n", prefix, strnull(s));
1313 }
1314
1315 if (!sd_id128_is_null(u->invocation_id))
1316 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1317 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1318
1319 STRV_FOREACH(j, u->documentation)
1320 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1321
1322 following = unit_following(u);
1323 if (following)
1324 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1325
1326 r = unit_following_set(u, &following_set);
1327 if (r >= 0) {
1328 Unit *other;
1329
1330 SET_FOREACH(other, following_set, i)
1331 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1332 }
1333
1334 if (u->fragment_path)
1335 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1336
1337 if (u->source_path)
1338 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1339
1340 STRV_FOREACH(j, u->dropin_paths)
1341 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1342
1343 if (u->failure_action != EMERGENCY_ACTION_NONE)
1344 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1345 if (u->failure_action_exit_status >= 0)
1346 fprintf(f, "%s\tFailure Action Exit Status: %i\n", prefix, u->failure_action_exit_status);
1347 if (u->success_action != EMERGENCY_ACTION_NONE)
1348 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1349 if (u->success_action_exit_status >= 0)
1350 fprintf(f, "%s\tSuccess Action Exit Status: %i\n", prefix, u->success_action_exit_status);
1351
1352 if (u->job_timeout != USEC_INFINITY)
1353 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1354
1355 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1356 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1357
1358 if (u->job_timeout_reboot_arg)
1359 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1360
1361 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1362 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1363
1364 if (dual_timestamp_is_set(&u->condition_timestamp))
1365 fprintf(f,
1366 "%s\tCondition Timestamp: %s\n"
1367 "%s\tCondition Result: %s\n",
1368 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->condition_timestamp.realtime)),
1369 prefix, yes_no(u->condition_result));
1370
1371 if (dual_timestamp_is_set(&u->assert_timestamp))
1372 fprintf(f,
1373 "%s\tAssert Timestamp: %s\n"
1374 "%s\tAssert Result: %s\n",
1375 prefix, strna(format_timestamp(timestamp[0], sizeof(timestamp[0]), u->assert_timestamp.realtime)),
1376 prefix, yes_no(u->assert_result));
1377
1378 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1379 UnitDependencyInfo di;
1380 Unit *other;
1381
1382 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1383 bool space = false;
1384
1385 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1386
1387 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1388 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1389
1390 fputs(")\n", f);
1391 }
1392 }
1393
1394 if (!hashmap_isempty(u->requires_mounts_for)) {
1395 UnitDependencyInfo di;
1396 const char *path;
1397
1398 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1399 bool space = false;
1400
1401 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1402
1403 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1404 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1405
1406 fputs(")\n", f);
1407 }
1408 }
1409
1410 if (u->load_state == UNIT_LOADED) {
1411
1412 fprintf(f,
1413 "%s\tStopWhenUnneeded: %s\n"
1414 "%s\tRefuseManualStart: %s\n"
1415 "%s\tRefuseManualStop: %s\n"
1416 "%s\tDefaultDependencies: %s\n"
1417 "%s\tOnFailureJobMode: %s\n"
1418 "%s\tIgnoreOnIsolate: %s\n",
1419 prefix, yes_no(u->stop_when_unneeded),
1420 prefix, yes_no(u->refuse_manual_start),
1421 prefix, yes_no(u->refuse_manual_stop),
1422 prefix, yes_no(u->default_dependencies),
1423 prefix, job_mode_to_string(u->on_failure_job_mode),
1424 prefix, yes_no(u->ignore_on_isolate));
1425
1426 if (UNIT_VTABLE(u)->dump)
1427 UNIT_VTABLE(u)->dump(u, f, prefix2);
1428
1429 } else if (u->load_state == UNIT_MERGED)
1430 fprintf(f,
1431 "%s\tMerged into: %s\n",
1432 prefix, u->merged_into->id);
1433 else if (u->load_state == UNIT_ERROR)
1434 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror_safe(u->load_error));
1435
1436 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1437 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1438
1439 if (u->job)
1440 job_dump(u->job, f, prefix2);
1441
1442 if (u->nop_job)
1443 job_dump(u->nop_job, f, prefix2);
1444 }
1445
1446 /* Common implementation for multiple backends */
1447 int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) {
1448 int r;
1449
1450 assert(u);
1451
1452 /* Load a .{service,socket,...} file */
1453 r = unit_load_fragment(u);
1454 if (r < 0)
1455 return r;
1456
1457 if (u->load_state == UNIT_STUB) {
1458 if (fragment_required)
1459 return -ENOENT;
1460
1461 u->load_state = UNIT_LOADED;
1462 }
1463
1464 /* Load drop-in directory data. If u is an alias, we might be reloading the
1465 * target unit needlessly. But we cannot be sure which drops-ins have already
1466 * been loaded and which not, at least without doing complicated book-keeping,
1467 * so let's always reread all drop-ins. */
1468 r = unit_load_dropin(unit_follow_merge(u));
1469 if (r < 0)
1470 return r;
1471
1472 if (u->source_path) {
1473 struct stat st;
1474
1475 if (stat(u->source_path, &st) >= 0)
1476 u->source_mtime = timespec_load(&st.st_mtim);
1477 else
1478 u->source_mtime = 0;
1479 }
1480
1481 return 0;
1482 }
1483
1484 void unit_add_to_target_deps_queue(Unit *u) {
1485 Manager *m = u->manager;
1486
1487 assert(u);
1488
1489 if (u->in_target_deps_queue)
1490 return;
1491
1492 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1493 u->in_target_deps_queue = true;
1494 }
1495
1496 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1497 assert(u);
1498 assert(target);
1499
1500 if (target->type != UNIT_TARGET)
1501 return 0;
1502
1503 /* Only add the dependency if both units are loaded, so that
1504 * that loop check below is reliable */
1505 if (u->load_state != UNIT_LOADED ||
1506 target->load_state != UNIT_LOADED)
1507 return 0;
1508
1509 /* If either side wants no automatic dependencies, then let's
1510 * skip this */
1511 if (!u->default_dependencies ||
1512 !target->default_dependencies)
1513 return 0;
1514
1515 /* Don't create loops */
1516 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1517 return 0;
1518
1519 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1520 }
1521
1522 static int unit_add_slice_dependencies(Unit *u) {
1523 assert(u);
1524
1525 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1526 return 0;
1527
1528 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1529 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1530 relationship). */
1531 UnitDependencyMask mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1532
1533 if (UNIT_ISSET(u->slice))
1534 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1535
1536 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1537 return 0;
1538
1539 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1540 }
1541
1542 static int unit_add_mount_dependencies(Unit *u) {
1543 UnitDependencyInfo di;
1544 const char *path;
1545 Iterator i;
1546 int r;
1547
1548 assert(u);
1549
1550 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1551 char prefix[strlen(path) + 1];
1552
1553 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1554 _cleanup_free_ char *p = NULL;
1555 Unit *m;
1556
1557 r = unit_name_from_path(prefix, ".mount", &p);
1558 if (r < 0)
1559 return r;
1560
1561 m = manager_get_unit(u->manager, p);
1562 if (!m) {
1563 /* Make sure to load the mount unit if
1564 * it exists. If so the dependencies
1565 * on this unit will be added later
1566 * during the loading of the mount
1567 * unit. */
1568 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1569 continue;
1570 }
1571 if (m == u)
1572 continue;
1573
1574 if (m->load_state != UNIT_LOADED)
1575 continue;
1576
1577 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1578 if (r < 0)
1579 return r;
1580
1581 if (m->fragment_path) {
1582 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1583 if (r < 0)
1584 return r;
1585 }
1586 }
1587 }
1588
1589 return 0;
1590 }
1591
1592 static int unit_add_startup_units(Unit *u) {
1593 CGroupContext *c;
1594 int r;
1595
1596 c = unit_get_cgroup_context(u);
1597 if (!c)
1598 return 0;
1599
1600 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1601 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1602 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1603 return 0;
1604
1605 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1606 if (r < 0)
1607 return r;
1608
1609 return set_put(u->manager->startup_units, u);
1610 }
1611
1612 int unit_load(Unit *u) {
1613 int r;
1614
1615 assert(u);
1616
1617 if (u->in_load_queue) {
1618 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1619 u->in_load_queue = false;
1620 }
1621
1622 if (u->type == _UNIT_TYPE_INVALID)
1623 return -EINVAL;
1624
1625 if (u->load_state != UNIT_STUB)
1626 return 0;
1627
1628 if (u->transient_file) {
1629 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1630 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1631
1632 r = fflush_and_check(u->transient_file);
1633 if (r < 0)
1634 goto fail;
1635
1636 u->transient_file = safe_fclose(u->transient_file);
1637 u->fragment_mtime = now(CLOCK_REALTIME);
1638 }
1639
1640 r = UNIT_VTABLE(u)->load(u);
1641 if (r < 0)
1642 goto fail;
1643
1644 assert(u->load_state != UNIT_STUB);
1645
1646 if (u->load_state == UNIT_LOADED) {
1647 unit_add_to_target_deps_queue(u);
1648
1649 r = unit_add_slice_dependencies(u);
1650 if (r < 0)
1651 goto fail;
1652
1653 r = unit_add_mount_dependencies(u);
1654 if (r < 0)
1655 goto fail;
1656
1657 r = unit_add_startup_units(u);
1658 if (r < 0)
1659 goto fail;
1660
1661 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1662 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1663 r = -ENOEXEC;
1664 goto fail;
1665 }
1666
1667 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1668 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1669
1670 /* We finished loading, let's ensure our parents recalculate the members mask */
1671 unit_invalidate_cgroup_members_masks(u);
1672 }
1673
1674 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1675
1676 unit_add_to_dbus_queue(unit_follow_merge(u));
1677 unit_add_to_gc_queue(u);
1678
1679 return 0;
1680
1681 fail:
1682 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1683 * return ENOEXEC to ensure units are placed in this state after loading */
1684
1685 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1686 r == -ENOEXEC ? UNIT_BAD_SETTING :
1687 UNIT_ERROR;
1688 u->load_error = r;
1689
1690 unit_add_to_dbus_queue(u);
1691 unit_add_to_gc_queue(u);
1692
1693 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1694 }
1695
1696 _printf_(7, 8)
1697 static int log_unit_internal(void *userdata, int level, int error, const char *file, int line, const char *func, const char *format, ...) {
1698 Unit *u = userdata;
1699 va_list ap;
1700 int r;
1701
1702 va_start(ap, format);
1703 if (u)
1704 r = log_object_internalv(level, error, file, line, func,
1705 u->manager->unit_log_field,
1706 u->id,
1707 u->manager->invocation_log_field,
1708 u->invocation_id_string,
1709 format, ap);
1710 else
1711 r = log_internalv(level, error, file, line, func, format, ap);
1712 va_end(ap);
1713
1714 return r;
1715 }
1716
1717 static bool unit_test_condition(Unit *u) {
1718 _cleanup_strv_free_ char **env = NULL;
1719 int r;
1720
1721 assert(u);
1722
1723 dual_timestamp_get(&u->condition_timestamp);
1724
1725 r = manager_get_effective_environment(u->manager, &env);
1726 if (r < 0) {
1727 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1728 u->condition_result = CONDITION_ERROR;
1729 } else
1730 u->condition_result = condition_test_list(
1731 u->conditions,
1732 env,
1733 condition_type_to_string,
1734 log_unit_internal,
1735 u);
1736
1737 unit_add_to_dbus_queue(u);
1738 return u->condition_result;
1739 }
1740
1741 static bool unit_test_assert(Unit *u) {
1742 _cleanup_strv_free_ char **env = NULL;
1743 int r;
1744
1745 assert(u);
1746
1747 dual_timestamp_get(&u->assert_timestamp);
1748
1749 r = manager_get_effective_environment(u->manager, &env);
1750 if (r < 0) {
1751 log_unit_error_errno(u, r, "Failed to determine effective environment: %m");
1752 u->assert_result = CONDITION_ERROR;
1753 } else
1754 u->assert_result = condition_test_list(
1755 u->asserts,
1756 env,
1757 assert_type_to_string,
1758 log_unit_internal,
1759 u);
1760
1761 unit_add_to_dbus_queue(u);
1762 return u->assert_result;
1763 }
1764
1765 void unit_status_printf(Unit *u, StatusType status_type, const char *status, const char *unit_status_msg_format) {
1766 const char *d;
1767
1768 d = unit_status_string(u);
1769 if (log_get_show_color())
1770 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1771
1772 DISABLE_WARNING_FORMAT_NONLITERAL;
1773 manager_status_printf(u->manager, status_type, status, unit_status_msg_format, d);
1774 REENABLE_WARNING;
1775 }
1776
1777 int unit_test_start_limit(Unit *u) {
1778 const char *reason;
1779
1780 assert(u);
1781
1782 if (ratelimit_below(&u->start_ratelimit)) {
1783 u->start_limit_hit = false;
1784 return 0;
1785 }
1786
1787 log_unit_warning(u, "Start request repeated too quickly.");
1788 u->start_limit_hit = true;
1789
1790 reason = strjoina("unit ", u->id, " failed");
1791
1792 emergency_action(u->manager, u->start_limit_action,
1793 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1794 u->reboot_arg, -1, reason);
1795
1796 return -ECANCELED;
1797 }
1798
1799 bool unit_shall_confirm_spawn(Unit *u) {
1800 assert(u);
1801
1802 if (manager_is_confirm_spawn_disabled(u->manager))
1803 return false;
1804
1805 /* For some reasons units remaining in the same process group
1806 * as PID 1 fail to acquire the console even if it's not used
1807 * by any process. So skip the confirmation question for them. */
1808 return !unit_get_exec_context(u)->same_pgrp;
1809 }
1810
1811 static bool unit_verify_deps(Unit *u) {
1812 Unit *other;
1813 Iterator j;
1814 void *v;
1815
1816 assert(u);
1817
1818 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1819 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1820 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1821 * conjunction with After= as for them any such check would make things entirely racy. */
1822
1823 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1824
1825 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1826 continue;
1827
1828 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1829 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1830 return false;
1831 }
1832 }
1833
1834 return true;
1835 }
1836
1837 /* Errors that aren't really errors:
1838 * -EALREADY: Unit is already started.
1839 * -ECOMM: Condition failed
1840 * -EAGAIN: An operation is already in progress. Retry later.
1841 *
1842 * Errors that are real errors:
1843 * -EBADR: This unit type does not support starting.
1844 * -ECANCELED: Start limit hit, too many requests for now
1845 * -EPROTO: Assert failed
1846 * -EINVAL: Unit not loaded
1847 * -EOPNOTSUPP: Unit type not supported
1848 * -ENOLINK: The necessary dependencies are not fulfilled.
1849 * -ESTALE: This unit has been started before and can't be started a second time
1850 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1851 */
1852 int unit_start(Unit *u) {
1853 UnitActiveState state;
1854 Unit *following;
1855
1856 assert(u);
1857
1858 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1859 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1860 * waiting is finished. */
1861 state = unit_active_state(u);
1862 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1863 return -EALREADY;
1864 if (state == UNIT_MAINTENANCE)
1865 return -EAGAIN;
1866
1867 /* Units that aren't loaded cannot be started */
1868 if (u->load_state != UNIT_LOADED)
1869 return -EINVAL;
1870
1871 /* Refuse starting scope units more than once */
1872 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1873 return -ESTALE;
1874
1875 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1876 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1877 * recheck the condition in that case. */
1878 if (state != UNIT_ACTIVATING &&
1879 !unit_test_condition(u))
1880 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
1881
1882 /* If the asserts failed, fail the entire job */
1883 if (state != UNIT_ACTIVATING &&
1884 !unit_test_assert(u))
1885 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1886
1887 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1888 * condition checks, so that we rather return condition check errors (which are usually not
1889 * considered a true failure) than "not supported" errors (which are considered a failure).
1890 */
1891 if (!unit_type_supported(u->type))
1892 return -EOPNOTSUPP;
1893
1894 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1895 * should have taken care of this already, but let's check this here again. After all, our
1896 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1897 if (!unit_verify_deps(u))
1898 return -ENOLINK;
1899
1900 /* Forward to the main object, if we aren't it. */
1901 following = unit_following(u);
1902 if (following) {
1903 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1904 return unit_start(following);
1905 }
1906
1907 /* If it is stopped, but we cannot start it, then fail */
1908 if (!UNIT_VTABLE(u)->start)
1909 return -EBADR;
1910
1911 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1912 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1913 * waits for a holdoff timer to elapse before it will start again. */
1914
1915 unit_add_to_dbus_queue(u);
1916 unit_cgroup_freezer_action(u, FREEZER_THAW);
1917
1918 return UNIT_VTABLE(u)->start(u);
1919 }
1920
1921 bool unit_can_start(Unit *u) {
1922 assert(u);
1923
1924 if (u->load_state != UNIT_LOADED)
1925 return false;
1926
1927 if (!unit_type_supported(u->type))
1928 return false;
1929
1930 /* Scope units may be started only once */
1931 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1932 return false;
1933
1934 return !!UNIT_VTABLE(u)->start;
1935 }
1936
1937 bool unit_can_isolate(Unit *u) {
1938 assert(u);
1939
1940 return unit_can_start(u) &&
1941 u->allow_isolate;
1942 }
1943
1944 /* Errors:
1945 * -EBADR: This unit type does not support stopping.
1946 * -EALREADY: Unit is already stopped.
1947 * -EAGAIN: An operation is already in progress. Retry later.
1948 */
1949 int unit_stop(Unit *u) {
1950 UnitActiveState state;
1951 Unit *following;
1952
1953 assert(u);
1954
1955 state = unit_active_state(u);
1956 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1957 return -EALREADY;
1958
1959 following = unit_following(u);
1960 if (following) {
1961 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1962 return unit_stop(following);
1963 }
1964
1965 if (!UNIT_VTABLE(u)->stop)
1966 return -EBADR;
1967
1968 unit_add_to_dbus_queue(u);
1969 unit_cgroup_freezer_action(u, FREEZER_THAW);
1970
1971 return UNIT_VTABLE(u)->stop(u);
1972 }
1973
1974 bool unit_can_stop(Unit *u) {
1975 assert(u);
1976
1977 if (!unit_type_supported(u->type))
1978 return false;
1979
1980 if (u->perpetual)
1981 return false;
1982
1983 return !!UNIT_VTABLE(u)->stop;
1984 }
1985
1986 /* Errors:
1987 * -EBADR: This unit type does not support reloading.
1988 * -ENOEXEC: Unit is not started.
1989 * -EAGAIN: An operation is already in progress. Retry later.
1990 */
1991 int unit_reload(Unit *u) {
1992 UnitActiveState state;
1993 Unit *following;
1994
1995 assert(u);
1996
1997 if (u->load_state != UNIT_LOADED)
1998 return -EINVAL;
1999
2000 if (!unit_can_reload(u))
2001 return -EBADR;
2002
2003 state = unit_active_state(u);
2004 if (state == UNIT_RELOADING)
2005 return -EAGAIN;
2006
2007 if (state != UNIT_ACTIVE) {
2008 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
2009 return -ENOEXEC;
2010 }
2011
2012 following = unit_following(u);
2013 if (following) {
2014 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
2015 return unit_reload(following);
2016 }
2017
2018 unit_add_to_dbus_queue(u);
2019
2020 if (!UNIT_VTABLE(u)->reload) {
2021 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2022 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
2023 return 0;
2024 }
2025
2026 unit_cgroup_freezer_action(u, FREEZER_THAW);
2027
2028 return UNIT_VTABLE(u)->reload(u);
2029 }
2030
2031 bool unit_can_reload(Unit *u) {
2032 assert(u);
2033
2034 if (UNIT_VTABLE(u)->can_reload)
2035 return UNIT_VTABLE(u)->can_reload(u);
2036
2037 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
2038 return true;
2039
2040 return UNIT_VTABLE(u)->reload;
2041 }
2042
2043 bool unit_is_unneeded(Unit *u) {
2044 static const UnitDependency deps[] = {
2045 UNIT_REQUIRED_BY,
2046 UNIT_REQUISITE_OF,
2047 UNIT_WANTED_BY,
2048 UNIT_BOUND_BY,
2049 };
2050 size_t j;
2051
2052 assert(u);
2053
2054 if (!u->stop_when_unneeded)
2055 return false;
2056
2057 /* Don't clean up while the unit is transitioning or is even inactive. */
2058 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
2059 return false;
2060 if (u->job)
2061 return false;
2062
2063 for (j = 0; j < ELEMENTSOF(deps); j++) {
2064 Unit *other;
2065 Iterator i;
2066 void *v;
2067
2068 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2069 * restart, then don't clean this one up. */
2070
2071 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) {
2072 if (other->job)
2073 return false;
2074
2075 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2076 return false;
2077
2078 if (unit_will_restart(other))
2079 return false;
2080 }
2081 }
2082
2083 return true;
2084 }
2085
2086 static void check_unneeded_dependencies(Unit *u) {
2087
2088 static const UnitDependency deps[] = {
2089 UNIT_REQUIRES,
2090 UNIT_REQUISITE,
2091 UNIT_WANTS,
2092 UNIT_BINDS_TO,
2093 };
2094 size_t j;
2095
2096 assert(u);
2097
2098 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2099
2100 for (j = 0; j < ELEMENTSOF(deps); j++) {
2101 Unit *other;
2102 Iterator i;
2103 void *v;
2104
2105 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i)
2106 unit_submit_to_stop_when_unneeded_queue(other);
2107 }
2108 }
2109
2110 static void unit_check_binds_to(Unit *u) {
2111 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2112 bool stop = false;
2113 Unit *other;
2114 Iterator i;
2115 void *v;
2116 int r;
2117
2118 assert(u);
2119
2120 if (u->job)
2121 return;
2122
2123 if (unit_active_state(u) != UNIT_ACTIVE)
2124 return;
2125
2126 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2127 if (other->job)
2128 continue;
2129
2130 if (!other->coldplugged)
2131 /* We might yet create a job for the other unit… */
2132 continue;
2133
2134 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2135 continue;
2136
2137 stop = true;
2138 break;
2139 }
2140
2141 if (!stop)
2142 return;
2143
2144 /* If stopping a unit fails continuously we might enter a stop
2145 * loop here, hence stop acting on the service being
2146 * unnecessary after a while. */
2147 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2148 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2149 return;
2150 }
2151
2152 assert(other);
2153 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2154
2155 /* A unit we need to run is gone. Sniff. Let's stop this. */
2156 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, NULL, &error, NULL);
2157 if (r < 0)
2158 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2159 }
2160
2161 static void retroactively_start_dependencies(Unit *u) {
2162 Iterator i;
2163 Unit *other;
2164 void *v;
2165
2166 assert(u);
2167 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2168
2169 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2170 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2171 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2172 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2173
2174 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2175 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2176 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2177 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL, NULL);
2178
2179 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2180 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2181 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2182 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL, NULL);
2183
2184 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2185 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2186 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2187
2188 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2189 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2190 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2191 }
2192
2193 static void retroactively_stop_dependencies(Unit *u) {
2194 Unit *other;
2195 Iterator i;
2196 void *v;
2197
2198 assert(u);
2199 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2200
2201 /* Pull down units which are bound to us recursively if enabled */
2202 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2203 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2204 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL, NULL);
2205 }
2206
2207 void unit_start_on_failure(Unit *u) {
2208 Unit *other;
2209 Iterator i;
2210 void *v;
2211 int r;
2212
2213 assert(u);
2214
2215 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2216 return;
2217
2218 log_unit_info(u, "Triggering OnFailure= dependencies.");
2219
2220 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2221 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2222
2223 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, &error, NULL);
2224 if (r < 0)
2225 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2226 }
2227 }
2228
2229 void unit_trigger_notify(Unit *u) {
2230 Unit *other;
2231 Iterator i;
2232 void *v;
2233
2234 assert(u);
2235
2236 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2237 if (UNIT_VTABLE(other)->trigger_notify)
2238 UNIT_VTABLE(other)->trigger_notify(other, u);
2239 }
2240
2241 static int raise_level(int log_level, bool condition_info, bool condition_notice) {
2242 if (condition_notice && log_level > LOG_NOTICE)
2243 return LOG_NOTICE;
2244 if (condition_info && log_level > LOG_INFO)
2245 return LOG_INFO;
2246 return log_level;
2247 }
2248
2249 static int unit_log_resources(Unit *u) {
2250 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + _CGROUP_IO_ACCOUNTING_METRIC_MAX + 4];
2251 bool any_traffic = false, have_ip_accounting = false, any_io = false, have_io_accounting = false;
2252 _cleanup_free_ char *igress = NULL, *egress = NULL, *rr = NULL, *wr = NULL;
2253 int log_level = LOG_DEBUG; /* May be raised if resources consumed over a threshold */
2254 size_t n_message_parts = 0, n_iovec = 0;
2255 char* message_parts[1 + 2 + 2 + 1], *t;
2256 nsec_t nsec = NSEC_INFINITY;
2257 CGroupIPAccountingMetric m;
2258 size_t i;
2259 int r;
2260 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2261 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2262 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2263 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2264 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2265 };
2266 const char* const io_fields[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
2267 [CGROUP_IO_READ_BYTES] = "IO_METRIC_READ_BYTES",
2268 [CGROUP_IO_WRITE_BYTES] = "IO_METRIC_WRITE_BYTES",
2269 [CGROUP_IO_READ_OPERATIONS] = "IO_METRIC_READ_OPERATIONS",
2270 [CGROUP_IO_WRITE_OPERATIONS] = "IO_METRIC_WRITE_OPERATIONS",
2271 };
2272
2273 assert(u);
2274
2275 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2276 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2277 * information and the complete data in structured fields. */
2278
2279 (void) unit_get_cpu_usage(u, &nsec);
2280 if (nsec != NSEC_INFINITY) {
2281 char buf[FORMAT_TIMESPAN_MAX] = "";
2282
2283 /* Format the CPU time for inclusion in the structured log message */
2284 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2285 r = log_oom();
2286 goto finish;
2287 }
2288 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2289
2290 /* Format the CPU time for inclusion in the human language message string */
2291 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2292 t = strjoin("consumed ", buf, " CPU time");
2293 if (!t) {
2294 r = log_oom();
2295 goto finish;
2296 }
2297
2298 message_parts[n_message_parts++] = t;
2299
2300 log_level = raise_level(log_level,
2301 nsec > NOTICEWORTHY_CPU_NSEC,
2302 nsec > MENTIONWORTHY_CPU_NSEC);
2303 }
2304
2305 for (CGroupIOAccountingMetric k = 0; k < _CGROUP_IO_ACCOUNTING_METRIC_MAX; k++) {
2306 char buf[FORMAT_BYTES_MAX] = "";
2307 uint64_t value = UINT64_MAX;
2308
2309 assert(io_fields[k]);
2310
2311 (void) unit_get_io_accounting(u, k, k > 0, &value);
2312 if (value == UINT64_MAX)
2313 continue;
2314
2315 have_io_accounting = true;
2316 if (value > 0)
2317 any_io = true;
2318
2319 /* Format IO accounting data for inclusion in the structured log message */
2320 if (asprintf(&t, "%s=%" PRIu64, io_fields[k], value) < 0) {
2321 r = log_oom();
2322 goto finish;
2323 }
2324 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2325
2326 /* Format the IO accounting data for inclusion in the human language message string, but only
2327 * for the bytes counters (and not for the operations counters) */
2328 if (k == CGROUP_IO_READ_BYTES) {
2329 assert(!rr);
2330 rr = strjoin("read ", format_bytes(buf, sizeof(buf), value), " from disk");
2331 if (!rr) {
2332 r = log_oom();
2333 goto finish;
2334 }
2335 } else if (k == CGROUP_IO_WRITE_BYTES) {
2336 assert(!wr);
2337 wr = strjoin("written ", format_bytes(buf, sizeof(buf), value), " to disk");
2338 if (!wr) {
2339 r = log_oom();
2340 goto finish;
2341 }
2342 }
2343
2344 if (IN_SET(k, CGROUP_IO_READ_BYTES, CGROUP_IO_WRITE_BYTES))
2345 log_level = raise_level(log_level,
2346 value > MENTIONWORTHY_IO_BYTES,
2347 value > NOTICEWORTHY_IO_BYTES);
2348 }
2349
2350 if (have_io_accounting) {
2351 if (any_io) {
2352 if (rr)
2353 message_parts[n_message_parts++] = TAKE_PTR(rr);
2354 if (wr)
2355 message_parts[n_message_parts++] = TAKE_PTR(wr);
2356
2357 } else {
2358 char *k;
2359
2360 k = strdup("no IO");
2361 if (!k) {
2362 r = log_oom();
2363 goto finish;
2364 }
2365
2366 message_parts[n_message_parts++] = k;
2367 }
2368 }
2369
2370 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2371 char buf[FORMAT_BYTES_MAX] = "";
2372 uint64_t value = UINT64_MAX;
2373
2374 assert(ip_fields[m]);
2375
2376 (void) unit_get_ip_accounting(u, m, &value);
2377 if (value == UINT64_MAX)
2378 continue;
2379
2380 have_ip_accounting = true;
2381 if (value > 0)
2382 any_traffic = true;
2383
2384 /* Format IP accounting data for inclusion in the structured log message */
2385 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2386 r = log_oom();
2387 goto finish;
2388 }
2389 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2390
2391 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2392 * bytes counters (and not for the packets counters) */
2393 if (m == CGROUP_IP_INGRESS_BYTES) {
2394 assert(!igress);
2395 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2396 if (!igress) {
2397 r = log_oom();
2398 goto finish;
2399 }
2400 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2401 assert(!egress);
2402 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2403 if (!egress) {
2404 r = log_oom();
2405 goto finish;
2406 }
2407 }
2408
2409 if (IN_SET(m, CGROUP_IP_INGRESS_BYTES, CGROUP_IP_EGRESS_BYTES))
2410 log_level = raise_level(log_level,
2411 value > MENTIONWORTHY_IP_BYTES,
2412 value > NOTICEWORTHY_IP_BYTES);
2413 }
2414
2415 if (have_ip_accounting) {
2416 if (any_traffic) {
2417 if (igress)
2418 message_parts[n_message_parts++] = TAKE_PTR(igress);
2419 if (egress)
2420 message_parts[n_message_parts++] = TAKE_PTR(egress);
2421
2422 } else {
2423 char *k;
2424
2425 k = strdup("no IP traffic");
2426 if (!k) {
2427 r = log_oom();
2428 goto finish;
2429 }
2430
2431 message_parts[n_message_parts++] = k;
2432 }
2433 }
2434
2435 /* Is there any accounting data available at all? */
2436 if (n_iovec == 0) {
2437 r = 0;
2438 goto finish;
2439 }
2440
2441 if (n_message_parts == 0)
2442 t = strjoina("MESSAGE=", u->id, ": Completed.");
2443 else {
2444 _cleanup_free_ char *joined;
2445
2446 message_parts[n_message_parts] = NULL;
2447
2448 joined = strv_join(message_parts, ", ");
2449 if (!joined) {
2450 r = log_oom();
2451 goto finish;
2452 }
2453
2454 joined[0] = ascii_toupper(joined[0]);
2455 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2456 }
2457
2458 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2459 * and hence don't increase n_iovec for them */
2460 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2461 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2462
2463 t = strjoina(u->manager->unit_log_field, u->id);
2464 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2465
2466 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2467 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2468
2469 log_struct_iovec(log_level, iovec, n_iovec + 4);
2470 r = 0;
2471
2472 finish:
2473 for (i = 0; i < n_message_parts; i++)
2474 free(message_parts[i]);
2475
2476 for (i = 0; i < n_iovec; i++)
2477 free(iovec[i].iov_base);
2478
2479 return r;
2480
2481 }
2482
2483 static void unit_update_on_console(Unit *u) {
2484 bool b;
2485
2486 assert(u);
2487
2488 b = unit_needs_console(u);
2489 if (u->on_console == b)
2490 return;
2491
2492 u->on_console = b;
2493 if (b)
2494 manager_ref_console(u->manager);
2495 else
2496 manager_unref_console(u->manager);
2497 }
2498
2499 static void unit_emit_audit_start(Unit *u) {
2500 assert(u);
2501
2502 if (u->type != UNIT_SERVICE)
2503 return;
2504
2505 /* Write audit record if we have just finished starting up */
2506 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2507 u->in_audit = true;
2508 }
2509
2510 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2511 assert(u);
2512
2513 if (u->type != UNIT_SERVICE)
2514 return;
2515
2516 if (u->in_audit) {
2517 /* Write audit record if we have just finished shutting down */
2518 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2519 u->in_audit = false;
2520 } else {
2521 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2522 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2523
2524 if (state == UNIT_INACTIVE)
2525 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2526 }
2527 }
2528
2529 static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2530 bool unexpected = false;
2531 JobResult result;
2532
2533 assert(j);
2534
2535 if (j->state == JOB_WAITING)
2536
2537 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2538 * due to EAGAIN. */
2539 job_add_to_run_queue(j);
2540
2541 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2542 * hence needs to invalidate jobs. */
2543
2544 switch (j->type) {
2545
2546 case JOB_START:
2547 case JOB_VERIFY_ACTIVE:
2548
2549 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2550 job_finish_and_invalidate(j, JOB_DONE, true, false);
2551 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2552 unexpected = true;
2553
2554 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2555 if (ns == UNIT_FAILED)
2556 result = JOB_FAILED;
2557 else if (FLAGS_SET(flags, UNIT_NOTIFY_SKIP_CONDITION))
2558 result = JOB_SKIPPED;
2559 else
2560 result = JOB_DONE;
2561
2562 job_finish_and_invalidate(j, result, true, false);
2563 }
2564 }
2565
2566 break;
2567
2568 case JOB_RELOAD:
2569 case JOB_RELOAD_OR_START:
2570 case JOB_TRY_RELOAD:
2571
2572 if (j->state == JOB_RUNNING) {
2573 if (ns == UNIT_ACTIVE)
2574 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2575 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2576 unexpected = true;
2577
2578 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2579 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2580 }
2581 }
2582
2583 break;
2584
2585 case JOB_STOP:
2586 case JOB_RESTART:
2587 case JOB_TRY_RESTART:
2588
2589 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2590 job_finish_and_invalidate(j, JOB_DONE, true, false);
2591 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2592 unexpected = true;
2593 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2594 }
2595
2596 break;
2597
2598 default:
2599 assert_not_reached("Job type unknown");
2600 }
2601
2602 return unexpected;
2603 }
2604
2605 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2606 const char *reason;
2607 Manager *m;
2608
2609 assert(u);
2610 assert(os < _UNIT_ACTIVE_STATE_MAX);
2611 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2612
2613 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2614 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2615 * remounted this function will be called too! */
2616
2617 m = u->manager;
2618
2619 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2620 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2621 unit_add_to_dbus_queue(u);
2622
2623 /* Update timestamps for state changes */
2624 if (!MANAGER_IS_RELOADING(m)) {
2625 dual_timestamp_get(&u->state_change_timestamp);
2626
2627 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2628 u->inactive_exit_timestamp = u->state_change_timestamp;
2629 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2630 u->inactive_enter_timestamp = u->state_change_timestamp;
2631
2632 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2633 u->active_enter_timestamp = u->state_change_timestamp;
2634 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2635 u->active_exit_timestamp = u->state_change_timestamp;
2636 }
2637
2638 /* Keep track of failed units */
2639 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2640
2641 /* Make sure the cgroup and state files are always removed when we become inactive */
2642 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2643 unit_prune_cgroup(u);
2644 unit_unlink_state_files(u);
2645 }
2646
2647 unit_update_on_console(u);
2648
2649 if (!MANAGER_IS_RELOADING(m)) {
2650 bool unexpected;
2651
2652 /* Let's propagate state changes to the job */
2653 if (u->job)
2654 unexpected = unit_process_job(u->job, ns, flags);
2655 else
2656 unexpected = true;
2657
2658 /* If this state change happened without being requested by a job, then let's retroactively start or
2659 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2660 * additional jobs just because something is already activated. */
2661
2662 if (unexpected) {
2663 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2664 retroactively_start_dependencies(u);
2665 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2666 retroactively_stop_dependencies(u);
2667 }
2668
2669 /* stop unneeded units regardless if going down was expected or not */
2670 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2671 check_unneeded_dependencies(u);
2672
2673 if (ns != os && ns == UNIT_FAILED) {
2674 log_unit_debug(u, "Unit entered failed state.");
2675
2676 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2677 unit_start_on_failure(u);
2678 }
2679
2680 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2681 /* This unit just finished starting up */
2682
2683 unit_emit_audit_start(u);
2684 manager_send_unit_plymouth(m, u);
2685 }
2686
2687 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2688 /* This unit just stopped/failed. */
2689
2690 unit_emit_audit_stop(u, ns);
2691 unit_log_resources(u);
2692 }
2693 }
2694
2695 manager_recheck_journal(m);
2696 manager_recheck_dbus(m);
2697
2698 unit_trigger_notify(u);
2699
2700 if (!MANAGER_IS_RELOADING(m)) {
2701 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2702 unit_submit_to_stop_when_unneeded_queue(u);
2703
2704 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2705 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2706 * without ever entering started.) */
2707 unit_check_binds_to(u);
2708
2709 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2710 reason = strjoina("unit ", u->id, " failed");
2711 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2712 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2713 reason = strjoina("unit ", u->id, " succeeded");
2714 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2715 }
2716 }
2717
2718 unit_add_to_gc_queue(u);
2719 }
2720
2721 int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) {
2722 int r;
2723
2724 assert(u);
2725 assert(pid_is_valid(pid));
2726
2727 /* Watch a specific PID */
2728
2729 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2730 * opportunity to remove any stalled references to this PID as they can be created
2731 * easily (when watching a process which is not our direct child). */
2732 if (exclusive)
2733 manager_unwatch_pid(u->manager, pid);
2734
2735 r = set_ensure_allocated(&u->pids, NULL);
2736 if (r < 0)
2737 return r;
2738
2739 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2740 if (r < 0)
2741 return r;
2742
2743 /* First try, let's add the unit keyed by "pid". */
2744 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2745 if (r == -EEXIST) {
2746 Unit **array;
2747 bool found = false;
2748 size_t n = 0;
2749
2750 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2751 * to an array of Units rather than just a Unit), lists us already. */
2752
2753 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2754 if (array)
2755 for (; array[n]; n++)
2756 if (array[n] == u)
2757 found = true;
2758
2759 if (found) /* Found it already? if so, do nothing */
2760 r = 0;
2761 else {
2762 Unit **new_array;
2763
2764 /* Allocate a new array */
2765 new_array = new(Unit*, n + 2);
2766 if (!new_array)
2767 return -ENOMEM;
2768
2769 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2770 new_array[n] = u;
2771 new_array[n+1] = NULL;
2772
2773 /* Add or replace the old array */
2774 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2775 if (r < 0) {
2776 free(new_array);
2777 return r;
2778 }
2779
2780 free(array);
2781 }
2782 } else if (r < 0)
2783 return r;
2784
2785 r = set_put(u->pids, PID_TO_PTR(pid));
2786 if (r < 0)
2787 return r;
2788
2789 return 0;
2790 }
2791
2792 void unit_unwatch_pid(Unit *u, pid_t pid) {
2793 Unit **array;
2794
2795 assert(u);
2796 assert(pid_is_valid(pid));
2797
2798 /* First let's drop the unit in case it's keyed as "pid". */
2799 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2800
2801 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2802 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2803 if (array) {
2804 size_t n, m = 0;
2805
2806 /* Let's iterate through the array, dropping our own entry */
2807 for (n = 0; array[n]; n++)
2808 if (array[n] != u)
2809 array[m++] = array[n];
2810 array[m] = NULL;
2811
2812 if (m == 0) {
2813 /* The array is now empty, remove the entire entry */
2814 assert_se(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2815 free(array);
2816 }
2817 }
2818
2819 (void) set_remove(u->pids, PID_TO_PTR(pid));
2820 }
2821
2822 void unit_unwatch_all_pids(Unit *u) {
2823 assert(u);
2824
2825 while (!set_isempty(u->pids))
2826 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2827
2828 u->pids = set_free(u->pids);
2829 }
2830
2831 static void unit_tidy_watch_pids(Unit *u) {
2832 pid_t except1, except2;
2833 Iterator i;
2834 void *e;
2835
2836 assert(u);
2837
2838 /* Cleans dead PIDs from our list */
2839
2840 except1 = unit_main_pid(u);
2841 except2 = unit_control_pid(u);
2842
2843 SET_FOREACH(e, u->pids, i) {
2844 pid_t pid = PTR_TO_PID(e);
2845
2846 if (pid == except1 || pid == except2)
2847 continue;
2848
2849 if (!pid_is_unwaited(pid))
2850 unit_unwatch_pid(u, pid);
2851 }
2852 }
2853
2854 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2855 Unit *u = userdata;
2856
2857 assert(s);
2858 assert(u);
2859
2860 unit_tidy_watch_pids(u);
2861 unit_watch_all_pids(u);
2862
2863 /* If the PID set is empty now, then let's finish this off. */
2864 unit_synthesize_cgroup_empty_event(u);
2865
2866 return 0;
2867 }
2868
2869 int unit_enqueue_rewatch_pids(Unit *u) {
2870 int r;
2871
2872 assert(u);
2873
2874 if (!u->cgroup_path)
2875 return -ENOENT;
2876
2877 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2878 if (r < 0)
2879 return r;
2880 if (r > 0) /* On unified we can use proper notifications */
2881 return 0;
2882
2883 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2884 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2885 * involves issuing kill(pid, 0) on all processes we watch. */
2886
2887 if (!u->rewatch_pids_event_source) {
2888 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2889
2890 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2891 if (r < 0)
2892 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2893
2894 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2895 if (r < 0)
2896 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2897
2898 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2899
2900 u->rewatch_pids_event_source = TAKE_PTR(s);
2901 }
2902
2903 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2904 if (r < 0)
2905 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2906
2907 return 0;
2908 }
2909
2910 void unit_dequeue_rewatch_pids(Unit *u) {
2911 int r;
2912 assert(u);
2913
2914 if (!u->rewatch_pids_event_source)
2915 return;
2916
2917 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2918 if (r < 0)
2919 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2920
2921 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2922 }
2923
2924 bool unit_job_is_applicable(Unit *u, JobType j) {
2925 assert(u);
2926 assert(j >= 0 && j < _JOB_TYPE_MAX);
2927
2928 switch (j) {
2929
2930 case JOB_VERIFY_ACTIVE:
2931 case JOB_START:
2932 case JOB_NOP:
2933 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2934 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2935 * jobs for it. */
2936 return true;
2937
2938 case JOB_STOP:
2939 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2940 * external events), hence it makes no sense to permit enqueuing such a request either. */
2941 return !u->perpetual;
2942
2943 case JOB_RESTART:
2944 case JOB_TRY_RESTART:
2945 return unit_can_stop(u) && unit_can_start(u);
2946
2947 case JOB_RELOAD:
2948 case JOB_TRY_RELOAD:
2949 return unit_can_reload(u);
2950
2951 case JOB_RELOAD_OR_START:
2952 return unit_can_reload(u) && unit_can_start(u);
2953
2954 default:
2955 assert_not_reached("Invalid job type");
2956 }
2957 }
2958
2959 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2960 assert(u);
2961
2962 /* Only warn about some unit types */
2963 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2964 return;
2965
2966 if (streq_ptr(u->id, other))
2967 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2968 else
2969 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2970 }
2971
2972 static int unit_add_dependency_hashmap(
2973 Hashmap **h,
2974 Unit *other,
2975 UnitDependencyMask origin_mask,
2976 UnitDependencyMask destination_mask) {
2977
2978 UnitDependencyInfo info;
2979 int r;
2980
2981 assert(h);
2982 assert(other);
2983 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2984 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2985 assert(origin_mask > 0 || destination_mask > 0);
2986
2987 r = hashmap_ensure_allocated(h, NULL);
2988 if (r < 0)
2989 return r;
2990
2991 assert_cc(sizeof(void*) == sizeof(info));
2992
2993 info.data = hashmap_get(*h, other);
2994 if (info.data) {
2995 /* Entry already exists. Add in our mask. */
2996
2997 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2998 FLAGS_SET(destination_mask, info.destination_mask))
2999 return 0; /* NOP */
3000
3001 info.origin_mask |= origin_mask;
3002 info.destination_mask |= destination_mask;
3003
3004 r = hashmap_update(*h, other, info.data);
3005 } else {
3006 info = (UnitDependencyInfo) {
3007 .origin_mask = origin_mask,
3008 .destination_mask = destination_mask,
3009 };
3010
3011 r = hashmap_put(*h, other, info.data);
3012 }
3013 if (r < 0)
3014 return r;
3015
3016 return 1;
3017 }
3018
3019 int unit_add_dependency(
3020 Unit *u,
3021 UnitDependency d,
3022 Unit *other,
3023 bool add_reference,
3024 UnitDependencyMask mask) {
3025
3026 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
3027 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
3028 [UNIT_WANTS] = UNIT_WANTED_BY,
3029 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
3030 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
3031 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
3032 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
3033 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
3034 [UNIT_WANTED_BY] = UNIT_WANTS,
3035 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
3036 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
3037 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
3038 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
3039 [UNIT_BEFORE] = UNIT_AFTER,
3040 [UNIT_AFTER] = UNIT_BEFORE,
3041 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
3042 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
3043 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
3044 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
3045 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
3046 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
3047 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
3048 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
3049 };
3050 Unit *original_u = u, *original_other = other;
3051 int r;
3052
3053 assert(u);
3054 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
3055 assert(other);
3056
3057 u = unit_follow_merge(u);
3058 other = unit_follow_merge(other);
3059
3060 /* We won't allow dependencies on ourselves. We will not
3061 * consider them an error however. */
3062 if (u == other) {
3063 maybe_warn_about_dependency(original_u, original_other->id, d);
3064 return 0;
3065 }
3066
3067 /* Note that ordering a device unit after a unit is permitted since it
3068 * allows to start its job running timeout at a specific time. */
3069 if (d == UNIT_BEFORE && other->type == UNIT_DEVICE) {
3070 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
3071 return 0;
3072 }
3073
3074 if (d == UNIT_ON_FAILURE && !UNIT_VTABLE(u)->can_fail) {
3075 log_unit_warning(u, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other->id, unit_type_to_string(u->type));
3076 return 0;
3077 }
3078
3079 if (d == UNIT_TRIGGERS && !UNIT_VTABLE(u)->can_trigger)
3080 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3081 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(u->type));
3082 if (d == UNIT_TRIGGERED_BY && !UNIT_VTABLE(other)->can_trigger)
3083 return log_unit_error_errno(u, SYNTHETIC_ERRNO(EINVAL),
3084 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other->id, unit_type_to_string(other->type));
3085
3086 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
3087 if (r < 0)
3088 return r;
3089
3090 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
3091 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
3092 if (r < 0)
3093 return r;
3094 }
3095
3096 if (add_reference) {
3097 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
3098 if (r < 0)
3099 return r;
3100
3101 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
3102 if (r < 0)
3103 return r;
3104 }
3105
3106 unit_add_to_dbus_queue(u);
3107 return 0;
3108 }
3109
3110 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
3111 int r;
3112
3113 assert(u);
3114
3115 r = unit_add_dependency(u, d, other, add_reference, mask);
3116 if (r < 0)
3117 return r;
3118
3119 return unit_add_dependency(u, e, other, add_reference, mask);
3120 }
3121
3122 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
3123 int r;
3124
3125 assert(u);
3126 assert(name);
3127 assert(buf);
3128 assert(ret);
3129
3130 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
3131 *buf = NULL;
3132 *ret = name;
3133 return 0;
3134 }
3135
3136 if (u->instance)
3137 r = unit_name_replace_instance(name, u->instance, buf);
3138 else {
3139 _cleanup_free_ char *i = NULL;
3140
3141 r = unit_name_to_prefix(u->id, &i);
3142 if (r < 0)
3143 return r;
3144
3145 r = unit_name_replace_instance(name, i, buf);
3146 }
3147 if (r < 0)
3148 return r;
3149
3150 *ret = *buf;
3151 return 0;
3152 }
3153
3154 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
3155 _cleanup_free_ char *buf = NULL;
3156 Unit *other;
3157 int r;
3158
3159 assert(u);
3160 assert(name);
3161
3162 r = resolve_template(u, name, &buf, &name);
3163 if (r < 0)
3164 return r;
3165
3166 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3167 if (r < 0)
3168 return r;
3169
3170 return unit_add_dependency(u, d, other, add_reference, mask);
3171 }
3172
3173 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
3174 _cleanup_free_ char *buf = NULL;
3175 Unit *other;
3176 int r;
3177
3178 assert(u);
3179 assert(name);
3180
3181 r = resolve_template(u, name, &buf, &name);
3182 if (r < 0)
3183 return r;
3184
3185 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
3186 if (r < 0)
3187 return r;
3188
3189 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
3190 }
3191
3192 int set_unit_path(const char *p) {
3193 /* This is mostly for debug purposes */
3194 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
3195 return -errno;
3196
3197 return 0;
3198 }
3199
3200 char *unit_dbus_path(Unit *u) {
3201 assert(u);
3202
3203 if (!u->id)
3204 return NULL;
3205
3206 return unit_dbus_path_from_name(u->id);
3207 }
3208
3209 char *unit_dbus_path_invocation_id(Unit *u) {
3210 assert(u);
3211
3212 if (sd_id128_is_null(u->invocation_id))
3213 return NULL;
3214
3215 return unit_dbus_path_from_name(u->invocation_id_string);
3216 }
3217
3218 static int unit_set_invocation_id(Unit *u, sd_id128_t id) {
3219 int r;
3220
3221 assert(u);
3222
3223 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3224
3225 if (sd_id128_equal(u->invocation_id, id))
3226 return 0;
3227
3228 if (!sd_id128_is_null(u->invocation_id))
3229 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
3230
3231 if (sd_id128_is_null(id)) {
3232 r = 0;
3233 goto reset;
3234 }
3235
3236 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
3237 if (r < 0)
3238 goto reset;
3239
3240 u->invocation_id = id;
3241 sd_id128_to_string(id, u->invocation_id_string);
3242
3243 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
3244 if (r < 0)
3245 goto reset;
3246
3247 return 0;
3248
3249 reset:
3250 u->invocation_id = SD_ID128_NULL;
3251 u->invocation_id_string[0] = 0;
3252 return r;
3253 }
3254
3255 int unit_set_slice(Unit *u, Unit *slice) {
3256 assert(u);
3257 assert(slice);
3258
3259 /* Sets the unit slice if it has not been set before. Is extra
3260 * careful, to only allow this for units that actually have a
3261 * cgroup context. Also, we don't allow to set this for slices
3262 * (since the parent slice is derived from the name). Make
3263 * sure the unit we set is actually a slice. */
3264
3265 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3266 return -EOPNOTSUPP;
3267
3268 if (u->type == UNIT_SLICE)
3269 return -EINVAL;
3270
3271 if (unit_active_state(u) != UNIT_INACTIVE)
3272 return -EBUSY;
3273
3274 if (slice->type != UNIT_SLICE)
3275 return -EINVAL;
3276
3277 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3278 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3279 return -EPERM;
3280
3281 if (UNIT_DEREF(u->slice) == slice)
3282 return 0;
3283
3284 /* Disallow slice changes if @u is already bound to cgroups */
3285 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3286 return -EBUSY;
3287
3288 unit_ref_set(&u->slice, u, slice);
3289 return 1;
3290 }
3291
3292 int unit_set_default_slice(Unit *u) {
3293 const char *slice_name;
3294 Unit *slice;
3295 int r;
3296
3297 assert(u);
3298
3299 if (UNIT_ISSET(u->slice))
3300 return 0;
3301
3302 if (u->instance) {
3303 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3304
3305 /* Implicitly place all instantiated units in their
3306 * own per-template slice */
3307
3308 r = unit_name_to_prefix(u->id, &prefix);
3309 if (r < 0)
3310 return r;
3311
3312 /* The prefix is already escaped, but it might include
3313 * "-" which has a special meaning for slice units,
3314 * hence escape it here extra. */
3315 escaped = unit_name_escape(prefix);
3316 if (!escaped)
3317 return -ENOMEM;
3318
3319 if (MANAGER_IS_SYSTEM(u->manager))
3320 slice_name = strjoina("system-", escaped, ".slice");
3321 else
3322 slice_name = strjoina(escaped, ".slice");
3323 } else
3324 slice_name =
3325 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3326 ? SPECIAL_SYSTEM_SLICE
3327 : SPECIAL_ROOT_SLICE;
3328
3329 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3330 if (r < 0)
3331 return r;
3332
3333 return unit_set_slice(u, slice);
3334 }
3335
3336 const char *unit_slice_name(Unit *u) {
3337 assert(u);
3338
3339 if (!UNIT_ISSET(u->slice))
3340 return NULL;
3341
3342 return UNIT_DEREF(u->slice)->id;
3343 }
3344
3345 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3346 _cleanup_free_ char *t = NULL;
3347 int r;
3348
3349 assert(u);
3350 assert(type);
3351 assert(_found);
3352
3353 r = unit_name_change_suffix(u->id, type, &t);
3354 if (r < 0)
3355 return r;
3356 if (unit_has_name(u, t))
3357 return -EINVAL;
3358
3359 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3360 assert(r < 0 || *_found != u);
3361 return r;
3362 }
3363
3364 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3365 const char *new_owner;
3366 Unit *u = userdata;
3367 int r;
3368
3369 assert(message);
3370 assert(u);
3371
3372 r = sd_bus_message_read(message, "sss", NULL, NULL, &new_owner);
3373 if (r < 0) {
3374 bus_log_parse_error(r);
3375 return 0;
3376 }
3377
3378 if (UNIT_VTABLE(u)->bus_name_owner_change)
3379 UNIT_VTABLE(u)->bus_name_owner_change(u, empty_to_null(new_owner));
3380
3381 return 0;
3382 }
3383
3384 static int get_name_owner_handler(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3385 const sd_bus_error *e;
3386 const char *new_owner;
3387 Unit *u = userdata;
3388 int r;
3389
3390 assert(message);
3391 assert(u);
3392
3393 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3394
3395 e = sd_bus_message_get_error(message);
3396 if (e) {
3397 if (!sd_bus_error_has_name(e, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3398 log_unit_error(u, "Unexpected error response from GetNameOwner(): %s", e->message);
3399
3400 new_owner = NULL;
3401 } else {
3402 r = sd_bus_message_read(message, "s", &new_owner);
3403 if (r < 0)
3404 return bus_log_parse_error(r);
3405
3406 assert(!isempty(new_owner));
3407 }
3408
3409 if (UNIT_VTABLE(u)->bus_name_owner_change)
3410 UNIT_VTABLE(u)->bus_name_owner_change(u, new_owner);
3411
3412 return 0;
3413 }
3414
3415 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3416 const char *match;
3417 int r;
3418
3419 assert(u);
3420 assert(bus);
3421 assert(name);
3422
3423 if (u->match_bus_slot || u->get_name_owner_slot)
3424 return -EBUSY;
3425
3426 match = strjoina("type='signal',"
3427 "sender='org.freedesktop.DBus',"
3428 "path='/org/freedesktop/DBus',"
3429 "interface='org.freedesktop.DBus',"
3430 "member='NameOwnerChanged',"
3431 "arg0='", name, "'");
3432
3433 r = sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3434 if (r < 0)
3435 return r;
3436
3437 r = sd_bus_call_method_async(
3438 bus,
3439 &u->get_name_owner_slot,
3440 "org.freedesktop.DBus",
3441 "/org/freedesktop/DBus",
3442 "org.freedesktop.DBus",
3443 "GetNameOwner",
3444 get_name_owner_handler,
3445 u,
3446 "s", name);
3447 if (r < 0) {
3448 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3449 return r;
3450 }
3451
3452 log_unit_debug(u, "Watching D-Bus name '%s'.", name);
3453 return 0;
3454 }
3455
3456 int unit_watch_bus_name(Unit *u, const char *name) {
3457 int r;
3458
3459 assert(u);
3460 assert(name);
3461
3462 /* Watch a specific name on the bus. We only support one unit
3463 * watching each name for now. */
3464
3465 if (u->manager->api_bus) {
3466 /* If the bus is already available, install the match directly.
3467 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3468 r = unit_install_bus_match(u, u->manager->api_bus, name);
3469 if (r < 0)
3470 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3471 }
3472
3473 r = hashmap_put(u->manager->watch_bus, name, u);
3474 if (r < 0) {
3475 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3476 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3477 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3478 }
3479
3480 return 0;
3481 }
3482
3483 void unit_unwatch_bus_name(Unit *u, const char *name) {
3484 assert(u);
3485 assert(name);
3486
3487 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3488 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3489 u->get_name_owner_slot = sd_bus_slot_unref(u->get_name_owner_slot);
3490 }
3491
3492 bool unit_can_serialize(Unit *u) {
3493 assert(u);
3494
3495 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3496 }
3497
3498 static int serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3499 _cleanup_free_ char *s = NULL;
3500 int r;
3501
3502 assert(f);
3503 assert(key);
3504
3505 if (mask == 0)
3506 return 0;
3507
3508 r = cg_mask_to_string(mask, &s);
3509 if (r < 0)
3510 return log_error_errno(r, "Failed to format cgroup mask: %m");
3511
3512 return serialize_item(f, key, s);
3513 }
3514
3515 static const char *const ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3516 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3517 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3518 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3519 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3520 };
3521
3522 static const char *const io_accounting_metric_field_base[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3523 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-base",
3524 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-base",
3525 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-base",
3526 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-base",
3527 };
3528
3529 static const char *const io_accounting_metric_field_last[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
3530 [CGROUP_IO_READ_BYTES] = "io-accounting-read-bytes-last",
3531 [CGROUP_IO_WRITE_BYTES] = "io-accounting-write-bytes-last",
3532 [CGROUP_IO_READ_OPERATIONS] = "io-accounting-read-operations-last",
3533 [CGROUP_IO_WRITE_OPERATIONS] = "io-accounting-write-operations-last",
3534 };
3535
3536 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3537 CGroupIPAccountingMetric m;
3538 int r;
3539
3540 assert(u);
3541 assert(f);
3542 assert(fds);
3543
3544 if (unit_can_serialize(u)) {
3545 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3546 if (r < 0)
3547 return r;
3548 }
3549
3550 (void) serialize_dual_timestamp(f, "state-change-timestamp", &u->state_change_timestamp);
3551
3552 (void) serialize_dual_timestamp(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3553 (void) serialize_dual_timestamp(f, "active-enter-timestamp", &u->active_enter_timestamp);
3554 (void) serialize_dual_timestamp(f, "active-exit-timestamp", &u->active_exit_timestamp);
3555 (void) serialize_dual_timestamp(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3556
3557 (void) serialize_dual_timestamp(f, "condition-timestamp", &u->condition_timestamp);
3558 (void) serialize_dual_timestamp(f, "assert-timestamp", &u->assert_timestamp);
3559
3560 if (dual_timestamp_is_set(&u->condition_timestamp))
3561 (void) serialize_bool(f, "condition-result", u->condition_result);
3562
3563 if (dual_timestamp_is_set(&u->assert_timestamp))
3564 (void) serialize_bool(f, "assert-result", u->assert_result);
3565
3566 (void) serialize_bool(f, "transient", u->transient);
3567 (void) serialize_bool(f, "in-audit", u->in_audit);
3568
3569 (void) serialize_bool(f, "exported-invocation-id", u->exported_invocation_id);
3570 (void) serialize_bool(f, "exported-log-level-max", u->exported_log_level_max);
3571 (void) serialize_bool(f, "exported-log-extra-fields", u->exported_log_extra_fields);
3572 (void) serialize_bool(f, "exported-log-rate-limit-interval", u->exported_log_ratelimit_interval);
3573 (void) serialize_bool(f, "exported-log-rate-limit-burst", u->exported_log_ratelimit_burst);
3574
3575 (void) serialize_item_format(f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3576 if (u->cpu_usage_last != NSEC_INFINITY)
3577 (void) serialize_item_format(f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3578
3579 if (u->oom_kill_last > 0)
3580 (void) serialize_item_format(f, "oom-kill-last", "%" PRIu64, u->oom_kill_last);
3581
3582 for (CGroupIOAccountingMetric im = 0; im < _CGROUP_IO_ACCOUNTING_METRIC_MAX; im++) {
3583 (void) serialize_item_format(f, io_accounting_metric_field_base[im], "%" PRIu64, u->io_accounting_base[im]);
3584
3585 if (u->io_accounting_last[im] != UINT64_MAX)
3586 (void) serialize_item_format(f, io_accounting_metric_field_last[im], "%" PRIu64, u->io_accounting_last[im]);
3587 }
3588
3589 if (u->cgroup_path)
3590 (void) serialize_item(f, "cgroup", u->cgroup_path);
3591
3592 (void) serialize_bool(f, "cgroup-realized", u->cgroup_realized);
3593 (void) serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3594 (void) serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3595 (void) serialize_cgroup_mask(f, "cgroup-invalidated-mask", u->cgroup_invalidated_mask);
3596
3597 if (uid_is_valid(u->ref_uid))
3598 (void) serialize_item_format(f, "ref-uid", UID_FMT, u->ref_uid);
3599 if (gid_is_valid(u->ref_gid))
3600 (void) serialize_item_format(f, "ref-gid", GID_FMT, u->ref_gid);
3601
3602 if (!sd_id128_is_null(u->invocation_id))
3603 (void) serialize_item_format(f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3604
3605 (void) serialize_item_format(f, "freezer-state", "%s", freezer_state_to_string(unit_freezer_state(u)));
3606
3607 bus_track_serialize(u->bus_track, f, "ref");
3608
3609 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3610 uint64_t v;
3611
3612 r = unit_get_ip_accounting(u, m, &v);
3613 if (r >= 0)
3614 (void) serialize_item_format(f, ip_accounting_metric_field[m], "%" PRIu64, v);
3615 }
3616
3617 if (serialize_jobs) {
3618 if (u->job) {
3619 fputs("job\n", f);
3620 job_serialize(u->job, f);
3621 }
3622
3623 if (u->nop_job) {
3624 fputs("job\n", f);
3625 job_serialize(u->nop_job, f);
3626 }
3627 }
3628
3629 /* End marker */
3630 fputc('\n', f);
3631 return 0;
3632 }
3633
3634 static int unit_deserialize_job(Unit *u, FILE *f) {
3635 _cleanup_(job_freep) Job *j = NULL;
3636 int r;
3637
3638 assert(u);
3639 assert(f);
3640
3641 j = job_new_raw(u);
3642 if (!j)
3643 return log_oom();
3644
3645 r = job_deserialize(j, f);
3646 if (r < 0)
3647 return r;
3648
3649 r = job_install_deserialized(j);
3650 if (r < 0)
3651 return r;
3652
3653 TAKE_PTR(j);
3654 return 0;
3655 }
3656
3657 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3658 int r;
3659
3660 assert(u);
3661 assert(f);
3662 assert(fds);
3663
3664 for (;;) {
3665 _cleanup_free_ char *line = NULL;
3666 char *l, *v;
3667 ssize_t m;
3668 size_t k;
3669
3670 r = read_line(f, LONG_LINE_MAX, &line);
3671 if (r < 0)
3672 return log_error_errno(r, "Failed to read serialization line: %m");
3673 if (r == 0) /* eof */
3674 break;
3675
3676 l = strstrip(line);
3677 if (isempty(l)) /* End marker */
3678 break;
3679
3680 k = strcspn(l, "=");
3681
3682 if (l[k] == '=') {
3683 l[k] = 0;
3684 v = l+k+1;
3685 } else
3686 v = l+k;
3687
3688 if (streq(l, "job")) {
3689 if (v[0] == '\0') {
3690 /* New-style serialized job */
3691 r = unit_deserialize_job(u, f);
3692 if (r < 0)
3693 return r;
3694 } else /* Legacy for pre-44 */
3695 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3696 continue;
3697 } else if (streq(l, "state-change-timestamp")) {
3698 (void) deserialize_dual_timestamp(v, &u->state_change_timestamp);
3699 continue;
3700 } else if (streq(l, "inactive-exit-timestamp")) {
3701 (void) deserialize_dual_timestamp(v, &u->inactive_exit_timestamp);
3702 continue;
3703 } else if (streq(l, "active-enter-timestamp")) {
3704 (void) deserialize_dual_timestamp(v, &u->active_enter_timestamp);
3705 continue;
3706 } else if (streq(l, "active-exit-timestamp")) {
3707 (void) deserialize_dual_timestamp(v, &u->active_exit_timestamp);
3708 continue;
3709 } else if (streq(l, "inactive-enter-timestamp")) {
3710 (void) deserialize_dual_timestamp(v, &u->inactive_enter_timestamp);
3711 continue;
3712 } else if (streq(l, "condition-timestamp")) {
3713 (void) deserialize_dual_timestamp(v, &u->condition_timestamp);
3714 continue;
3715 } else if (streq(l, "assert-timestamp")) {
3716 (void) deserialize_dual_timestamp(v, &u->assert_timestamp);
3717 continue;
3718 } else if (streq(l, "condition-result")) {
3719
3720 r = parse_boolean(v);
3721 if (r < 0)
3722 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3723 else
3724 u->condition_result = r;
3725
3726 continue;
3727
3728 } else if (streq(l, "assert-result")) {
3729
3730 r = parse_boolean(v);
3731 if (r < 0)
3732 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3733 else
3734 u->assert_result = r;
3735
3736 continue;
3737
3738 } else if (streq(l, "transient")) {
3739
3740 r = parse_boolean(v);
3741 if (r < 0)
3742 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3743 else
3744 u->transient = r;
3745
3746 continue;
3747
3748 } else if (streq(l, "in-audit")) {
3749
3750 r = parse_boolean(v);
3751 if (r < 0)
3752 log_unit_debug(u, "Failed to parse in-audit bool %s, ignoring.", v);
3753 else
3754 u->in_audit = r;
3755
3756 continue;
3757
3758 } else if (streq(l, "exported-invocation-id")) {
3759
3760 r = parse_boolean(v);
3761 if (r < 0)
3762 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3763 else
3764 u->exported_invocation_id = r;
3765
3766 continue;
3767
3768 } else if (streq(l, "exported-log-level-max")) {
3769
3770 r = parse_boolean(v);
3771 if (r < 0)
3772 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3773 else
3774 u->exported_log_level_max = r;
3775
3776 continue;
3777
3778 } else if (streq(l, "exported-log-extra-fields")) {
3779
3780 r = parse_boolean(v);
3781 if (r < 0)
3782 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3783 else
3784 u->exported_log_extra_fields = r;
3785
3786 continue;
3787
3788 } else if (streq(l, "exported-log-rate-limit-interval")) {
3789
3790 r = parse_boolean(v);
3791 if (r < 0)
3792 log_unit_debug(u, "Failed to parse exported log rate limit interval %s, ignoring.", v);
3793 else
3794 u->exported_log_ratelimit_interval = r;
3795
3796 continue;
3797
3798 } else if (streq(l, "exported-log-rate-limit-burst")) {
3799
3800 r = parse_boolean(v);
3801 if (r < 0)
3802 log_unit_debug(u, "Failed to parse exported log rate limit burst %s, ignoring.", v);
3803 else
3804 u->exported_log_ratelimit_burst = r;
3805
3806 continue;
3807
3808 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3809
3810 r = safe_atou64(v, &u->cpu_usage_base);
3811 if (r < 0)
3812 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3813
3814 continue;
3815
3816 } else if (streq(l, "cpu-usage-last")) {
3817
3818 r = safe_atou64(v, &u->cpu_usage_last);
3819 if (r < 0)
3820 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3821
3822 continue;
3823
3824 } else if (streq(l, "oom-kill-last")) {
3825
3826 r = safe_atou64(v, &u->oom_kill_last);
3827 if (r < 0)
3828 log_unit_debug(u, "Failed to read OOM kill last %s, ignoring.", v);
3829
3830 continue;
3831
3832 } else if (streq(l, "cgroup")) {
3833
3834 r = unit_set_cgroup_path(u, v);
3835 if (r < 0)
3836 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3837
3838 (void) unit_watch_cgroup(u);
3839 (void) unit_watch_cgroup_memory(u);
3840
3841 continue;
3842 } else if (streq(l, "cgroup-realized")) {
3843 int b;
3844
3845 b = parse_boolean(v);
3846 if (b < 0)
3847 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3848 else
3849 u->cgroup_realized = b;
3850
3851 continue;
3852
3853 } else if (streq(l, "cgroup-realized-mask")) {
3854
3855 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3856 if (r < 0)
3857 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3858 continue;
3859
3860 } else if (streq(l, "cgroup-enabled-mask")) {
3861
3862 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3863 if (r < 0)
3864 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3865 continue;
3866
3867 } else if (streq(l, "cgroup-invalidated-mask")) {
3868
3869 r = cg_mask_from_string(v, &u->cgroup_invalidated_mask);
3870 if (r < 0)
3871 log_unit_debug(u, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v);
3872 continue;
3873
3874 } else if (streq(l, "ref-uid")) {
3875 uid_t uid;
3876
3877 r = parse_uid(v, &uid);
3878 if (r < 0)
3879 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3880 else
3881 unit_ref_uid_gid(u, uid, GID_INVALID);
3882
3883 continue;
3884
3885 } else if (streq(l, "ref-gid")) {
3886 gid_t gid;
3887
3888 r = parse_gid(v, &gid);
3889 if (r < 0)
3890 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3891 else
3892 unit_ref_uid_gid(u, UID_INVALID, gid);
3893
3894 continue;
3895
3896 } else if (streq(l, "ref")) {
3897
3898 r = strv_extend(&u->deserialized_refs, v);
3899 if (r < 0)
3900 return log_oom();
3901
3902 continue;
3903 } else if (streq(l, "invocation-id")) {
3904 sd_id128_t id;
3905
3906 r = sd_id128_from_string(v, &id);
3907 if (r < 0)
3908 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3909 else {
3910 r = unit_set_invocation_id(u, id);
3911 if (r < 0)
3912 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3913 }
3914
3915 continue;
3916 } else if (streq(l, "freezer-state")) {
3917 FreezerState s;
3918
3919 s = freezer_state_from_string(v);
3920 if (s < 0)
3921 log_unit_debug(u, "Failed to deserialize freezer-state '%s', ignoring.", v);
3922 else
3923 u->freezer_state = s;
3924
3925 continue;
3926 }
3927
3928 /* Check if this is an IP accounting metric serialization field */
3929 m = string_table_lookup(ip_accounting_metric_field, ELEMENTSOF(ip_accounting_metric_field), l);
3930 if (m >= 0) {
3931 uint64_t c;
3932
3933 r = safe_atou64(v, &c);
3934 if (r < 0)
3935 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3936 else
3937 u->ip_accounting_extra[m] = c;
3938 continue;
3939 }
3940
3941 m = string_table_lookup(io_accounting_metric_field_base, ELEMENTSOF(io_accounting_metric_field_base), l);
3942 if (m >= 0) {
3943 uint64_t c;
3944
3945 r = safe_atou64(v, &c);
3946 if (r < 0)
3947 log_unit_debug(u, "Failed to parse IO accounting base value %s, ignoring.", v);
3948 else
3949 u->io_accounting_base[m] = c;
3950 continue;
3951 }
3952
3953 m = string_table_lookup(io_accounting_metric_field_last, ELEMENTSOF(io_accounting_metric_field_last), l);
3954 if (m >= 0) {
3955 uint64_t c;
3956
3957 r = safe_atou64(v, &c);
3958 if (r < 0)
3959 log_unit_debug(u, "Failed to parse IO accounting last value %s, ignoring.", v);
3960 else
3961 u->io_accounting_last[m] = c;
3962 continue;
3963 }
3964
3965 if (unit_can_serialize(u)) {
3966 r = exec_runtime_deserialize_compat(u, l, v, fds);
3967 if (r < 0) {
3968 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3969 continue;
3970 }
3971
3972 /* Returns positive if key was handled by the call */
3973 if (r > 0)
3974 continue;
3975
3976 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3977 if (r < 0)
3978 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3979 }
3980 }
3981
3982 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3983 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3984 * before 228 where the base for timeouts was not persistent across reboots. */
3985
3986 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3987 dual_timestamp_get(&u->state_change_timestamp);
3988
3989 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3990 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3991 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3992 unit_invalidate_cgroup_bpf(u);
3993
3994 return 0;
3995 }
3996
3997 int unit_deserialize_skip(FILE *f) {
3998 int r;
3999 assert(f);
4000
4001 /* Skip serialized data for this unit. We don't know what it is. */
4002
4003 for (;;) {
4004 _cleanup_free_ char *line = NULL;
4005 char *l;
4006
4007 r = read_line(f, LONG_LINE_MAX, &line);
4008 if (r < 0)
4009 return log_error_errno(r, "Failed to read serialization line: %m");
4010 if (r == 0)
4011 return 0;
4012
4013 l = strstrip(line);
4014
4015 /* End marker */
4016 if (isempty(l))
4017 return 1;
4018 }
4019 }
4020
4021 int unit_add_node_dependency(Unit *u, const char *what, UnitDependency dep, UnitDependencyMask mask) {
4022 _cleanup_free_ char *e = NULL;
4023 Unit *device;
4024 int r;
4025
4026 assert(u);
4027
4028 /* Adds in links to the device node that this unit is based on */
4029 if (isempty(what))
4030 return 0;
4031
4032 if (!is_device_path(what))
4033 return 0;
4034
4035 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
4036 if (!unit_type_supported(UNIT_DEVICE))
4037 return 0;
4038
4039 r = unit_name_from_path(what, ".device", &e);
4040 if (r < 0)
4041 return r;
4042
4043 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
4044 if (r < 0)
4045 return r;
4046
4047 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
4048 dep = UNIT_BINDS_TO;
4049
4050 return unit_add_two_dependencies(u, UNIT_AFTER,
4051 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
4052 device, true, mask);
4053 }
4054
4055 int unit_add_blockdev_dependency(Unit *u, const char *what, UnitDependencyMask mask) {
4056 _cleanup_free_ char *escaped = NULL, *target = NULL;
4057 int r;
4058
4059 assert(u);
4060
4061 if (isempty(what))
4062 return 0;
4063
4064 if (!path_startswith(what, "/dev/"))
4065 return 0;
4066
4067 /* If we don't support devices, then also don't bother with blockdev@.target */
4068 if (!unit_type_supported(UNIT_DEVICE))
4069 return 0;
4070
4071 r = unit_name_path_escape(what, &escaped);
4072 if (r < 0)
4073 return r;
4074
4075 r = unit_name_build("blockdev", escaped, ".target", &target);
4076 if (r < 0)
4077 return r;
4078
4079 return unit_add_dependency_by_name(u, UNIT_AFTER, target, true, mask);
4080 }
4081
4082 int unit_coldplug(Unit *u) {
4083 int r = 0, q;
4084 char **i;
4085 Job *uj;
4086
4087 assert(u);
4088
4089 /* Make sure we don't enter a loop, when coldplugging recursively. */
4090 if (u->coldplugged)
4091 return 0;
4092
4093 u->coldplugged = true;
4094
4095 STRV_FOREACH(i, u->deserialized_refs) {
4096 q = bus_unit_track_add_name(u, *i);
4097 if (q < 0 && r >= 0)
4098 r = q;
4099 }
4100 u->deserialized_refs = strv_free(u->deserialized_refs);
4101
4102 if (UNIT_VTABLE(u)->coldplug) {
4103 q = UNIT_VTABLE(u)->coldplug(u);
4104 if (q < 0 && r >= 0)
4105 r = q;
4106 }
4107
4108 uj = u->job ?: u->nop_job;
4109 if (uj) {
4110 q = job_coldplug(uj);
4111 if (q < 0 && r >= 0)
4112 r = q;
4113 }
4114
4115 return r;
4116 }
4117
4118 void unit_catchup(Unit *u) {
4119 assert(u);
4120
4121 if (UNIT_VTABLE(u)->catchup)
4122 UNIT_VTABLE(u)->catchup(u);
4123 }
4124
4125 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
4126 struct stat st;
4127
4128 if (!path)
4129 return false;
4130
4131 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
4132 * are never out-of-date. */
4133 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
4134 return false;
4135
4136 if (stat(path, &st) < 0)
4137 /* What, cannot access this anymore? */
4138 return true;
4139
4140 if (path_masked)
4141 /* For masked files check if they are still so */
4142 return !null_or_empty(&st);
4143 else
4144 /* For non-empty files check the mtime */
4145 return timespec_load(&st.st_mtim) > mtime;
4146
4147 return false;
4148 }
4149
4150 bool unit_need_daemon_reload(Unit *u) {
4151 _cleanup_strv_free_ char **t = NULL;
4152 char **path;
4153
4154 assert(u);
4155
4156 /* For unit files, we allow masking… */
4157 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
4158 u->load_state == UNIT_MASKED))
4159 return true;
4160
4161 /* Source paths should not be masked… */
4162 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
4163 return true;
4164
4165 if (u->load_state == UNIT_LOADED)
4166 (void) unit_find_dropin_paths(u, &t);
4167 if (!strv_equal(u->dropin_paths, t))
4168 return true;
4169
4170 /* … any drop-ins that are masked are simply omitted from the list. */
4171 STRV_FOREACH(path, u->dropin_paths)
4172 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
4173 return true;
4174
4175 return false;
4176 }
4177
4178 void unit_reset_failed(Unit *u) {
4179 assert(u);
4180
4181 if (UNIT_VTABLE(u)->reset_failed)
4182 UNIT_VTABLE(u)->reset_failed(u);
4183
4184 ratelimit_reset(&u->start_ratelimit);
4185 u->start_limit_hit = false;
4186 }
4187
4188 Unit *unit_following(Unit *u) {
4189 assert(u);
4190
4191 if (UNIT_VTABLE(u)->following)
4192 return UNIT_VTABLE(u)->following(u);
4193
4194 return NULL;
4195 }
4196
4197 bool unit_stop_pending(Unit *u) {
4198 assert(u);
4199
4200 /* This call does check the current state of the unit. It's
4201 * hence useful to be called from state change calls of the
4202 * unit itself, where the state isn't updated yet. This is
4203 * different from unit_inactive_or_pending() which checks both
4204 * the current state and for a queued job. */
4205
4206 return unit_has_job_type(u, JOB_STOP);
4207 }
4208
4209 bool unit_inactive_or_pending(Unit *u) {
4210 assert(u);
4211
4212 /* Returns true if the unit is inactive or going down */
4213
4214 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
4215 return true;
4216
4217 if (unit_stop_pending(u))
4218 return true;
4219
4220 return false;
4221 }
4222
4223 bool unit_active_or_pending(Unit *u) {
4224 assert(u);
4225
4226 /* Returns true if the unit is active or going up */
4227
4228 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
4229 return true;
4230
4231 if (u->job &&
4232 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
4233 return true;
4234
4235 return false;
4236 }
4237
4238 bool unit_will_restart_default(Unit *u) {
4239 assert(u);
4240
4241 return unit_has_job_type(u, JOB_START);
4242 }
4243
4244 bool unit_will_restart(Unit *u) {
4245 assert(u);
4246
4247 if (!UNIT_VTABLE(u)->will_restart)
4248 return false;
4249
4250 return UNIT_VTABLE(u)->will_restart(u);
4251 }
4252
4253 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
4254 assert(u);
4255 assert(w >= 0 && w < _KILL_WHO_MAX);
4256 assert(SIGNAL_VALID(signo));
4257
4258 if (!UNIT_VTABLE(u)->kill)
4259 return -EOPNOTSUPP;
4260
4261 return UNIT_VTABLE(u)->kill(u, w, signo, error);
4262 }
4263
4264 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
4265 _cleanup_set_free_ Set *pid_set = NULL;
4266 int r;
4267
4268 pid_set = set_new(NULL);
4269 if (!pid_set)
4270 return NULL;
4271
4272 /* Exclude the main/control pids from being killed via the cgroup */
4273 if (main_pid > 0) {
4274 r = set_put(pid_set, PID_TO_PTR(main_pid));
4275 if (r < 0)
4276 return NULL;
4277 }
4278
4279 if (control_pid > 0) {
4280 r = set_put(pid_set, PID_TO_PTR(control_pid));
4281 if (r < 0)
4282 return NULL;
4283 }
4284
4285 return TAKE_PTR(pid_set);
4286 }
4287
4288 int unit_kill_common(
4289 Unit *u,
4290 KillWho who,
4291 int signo,
4292 pid_t main_pid,
4293 pid_t control_pid,
4294 sd_bus_error *error) {
4295
4296 int r = 0;
4297 bool killed = false;
4298
4299 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
4300 if (main_pid < 0)
4301 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
4302 else if (main_pid == 0)
4303 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
4304 }
4305
4306 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
4307 if (control_pid < 0)
4308 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
4309 else if (control_pid == 0)
4310 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
4311 }
4312
4313 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
4314 if (control_pid > 0) {
4315 if (kill(control_pid, signo) < 0)
4316 r = -errno;
4317 else
4318 killed = true;
4319 }
4320
4321 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
4322 if (main_pid > 0) {
4323 if (kill(main_pid, signo) < 0)
4324 r = -errno;
4325 else
4326 killed = true;
4327 }
4328
4329 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
4330 _cleanup_set_free_ Set *pid_set = NULL;
4331 int q;
4332
4333 /* Exclude the main/control pids from being killed via the cgroup */
4334 pid_set = unit_pid_set(main_pid, control_pid);
4335 if (!pid_set)
4336 return -ENOMEM;
4337
4338 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
4339 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
4340 r = q;
4341 else
4342 killed = true;
4343 }
4344
4345 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
4346 return -ESRCH;
4347
4348 return r;
4349 }
4350
4351 int unit_following_set(Unit *u, Set **s) {
4352 assert(u);
4353 assert(s);
4354
4355 if (UNIT_VTABLE(u)->following_set)
4356 return UNIT_VTABLE(u)->following_set(u, s);
4357
4358 *s = NULL;
4359 return 0;
4360 }
4361
4362 UnitFileState unit_get_unit_file_state(Unit *u) {
4363 int r;
4364
4365 assert(u);
4366
4367 if (u->unit_file_state < 0 && u->fragment_path) {
4368 r = unit_file_get_state(
4369 u->manager->unit_file_scope,
4370 NULL,
4371 u->id,
4372 &u->unit_file_state);
4373 if (r < 0)
4374 u->unit_file_state = UNIT_FILE_BAD;
4375 }
4376
4377 return u->unit_file_state;
4378 }
4379
4380 int unit_get_unit_file_preset(Unit *u) {
4381 assert(u);
4382
4383 if (u->unit_file_preset < 0 && u->fragment_path)
4384 u->unit_file_preset = unit_file_query_preset(
4385 u->manager->unit_file_scope,
4386 NULL,
4387 basename(u->fragment_path),
4388 NULL);
4389
4390 return u->unit_file_preset;
4391 }
4392
4393 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4394 assert(ref);
4395 assert(source);
4396 assert(target);
4397
4398 if (ref->target)
4399 unit_ref_unset(ref);
4400
4401 ref->source = source;
4402 ref->target = target;
4403 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4404 return target;
4405 }
4406
4407 void unit_ref_unset(UnitRef *ref) {
4408 assert(ref);
4409
4410 if (!ref->target)
4411 return;
4412
4413 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4414 * be unreferenced now. */
4415 unit_add_to_gc_queue(ref->target);
4416
4417 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4418 ref->source = ref->target = NULL;
4419 }
4420
4421 static int user_from_unit_name(Unit *u, char **ret) {
4422
4423 static const uint8_t hash_key[] = {
4424 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4425 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4426 };
4427
4428 _cleanup_free_ char *n = NULL;
4429 int r;
4430
4431 r = unit_name_to_prefix(u->id, &n);
4432 if (r < 0)
4433 return r;
4434
4435 if (valid_user_group_name(n, 0)) {
4436 *ret = TAKE_PTR(n);
4437 return 0;
4438 }
4439
4440 /* If we can't use the unit name as a user name, then let's hash it and use that */
4441 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4442 return -ENOMEM;
4443
4444 return 0;
4445 }
4446
4447 int unit_patch_contexts(Unit *u) {
4448 CGroupContext *cc;
4449 ExecContext *ec;
4450 unsigned i;
4451 int r;
4452
4453 assert(u);
4454
4455 /* Patch in the manager defaults into the exec and cgroup
4456 * contexts, _after_ the rest of the settings have been
4457 * initialized */
4458
4459 ec = unit_get_exec_context(u);
4460 if (ec) {
4461 /* This only copies in the ones that need memory */
4462 for (i = 0; i < _RLIMIT_MAX; i++)
4463 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4464 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4465 if (!ec->rlimit[i])
4466 return -ENOMEM;
4467 }
4468
4469 if (MANAGER_IS_USER(u->manager) &&
4470 !ec->working_directory) {
4471
4472 r = get_home_dir(&ec->working_directory);
4473 if (r < 0)
4474 return r;
4475
4476 /* Allow user services to run, even if the
4477 * home directory is missing */
4478 ec->working_directory_missing_ok = true;
4479 }
4480
4481 if (ec->private_devices)
4482 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4483
4484 if (ec->protect_kernel_modules)
4485 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4486
4487 if (ec->protect_kernel_logs)
4488 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYSLOG);
4489
4490 if (ec->protect_clock)
4491 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_SYS_TIME) | (UINT64_C(1) << CAP_WAKE_ALARM));
4492
4493 if (ec->dynamic_user) {
4494 if (!ec->user) {
4495 r = user_from_unit_name(u, &ec->user);
4496 if (r < 0)
4497 return r;
4498 }
4499
4500 if (!ec->group) {
4501 ec->group = strdup(ec->user);
4502 if (!ec->group)
4503 return -ENOMEM;
4504 }
4505
4506 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4507 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4508 * sandbox. */
4509
4510 ec->private_tmp = true;
4511 ec->remove_ipc = true;
4512 ec->protect_system = PROTECT_SYSTEM_STRICT;
4513 if (ec->protect_home == PROTECT_HOME_NO)
4514 ec->protect_home = PROTECT_HOME_READ_ONLY;
4515
4516 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4517 * them. */
4518 ec->no_new_privileges = true;
4519 ec->restrict_suid_sgid = true;
4520 }
4521 }
4522
4523 cc = unit_get_cgroup_context(u);
4524 if (cc && ec) {
4525
4526 if (ec->private_devices &&
4527 cc->device_policy == CGROUP_DEVICE_POLICY_AUTO)
4528 cc->device_policy = CGROUP_DEVICE_POLICY_CLOSED;
4529
4530 if (ec->root_image &&
4531 (cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
4532
4533 /* When RootImage= is specified, the following devices are touched. */
4534 r = cgroup_add_device_allow(cc, "/dev/loop-control", "rw");
4535 if (r < 0)
4536 return r;
4537
4538 r = cgroup_add_device_allow(cc, "block-loop", "rwm");
4539 if (r < 0)
4540 return r;
4541
4542 r = cgroup_add_device_allow(cc, "block-blkext", "rwm");
4543 if (r < 0)
4544 return r;
4545
4546 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices */
4547 r = unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_WANTS, "modprobe@loop.service", true, UNIT_DEPENDENCY_FILE);
4548 if (r < 0)
4549 return r;
4550 }
4551
4552 if (ec->protect_clock) {
4553 r = cgroup_add_device_allow(cc, "char-rtc", "r");
4554 if (r < 0)
4555 return r;
4556 }
4557 }
4558
4559 return 0;
4560 }
4561
4562 ExecContext *unit_get_exec_context(Unit *u) {
4563 size_t offset;
4564 assert(u);
4565
4566 if (u->type < 0)
4567 return NULL;
4568
4569 offset = UNIT_VTABLE(u)->exec_context_offset;
4570 if (offset <= 0)
4571 return NULL;
4572
4573 return (ExecContext*) ((uint8_t*) u + offset);
4574 }
4575
4576 KillContext *unit_get_kill_context(Unit *u) {
4577 size_t offset;
4578 assert(u);
4579
4580 if (u->type < 0)
4581 return NULL;
4582
4583 offset = UNIT_VTABLE(u)->kill_context_offset;
4584 if (offset <= 0)
4585 return NULL;
4586
4587 return (KillContext*) ((uint8_t*) u + offset);
4588 }
4589
4590 CGroupContext *unit_get_cgroup_context(Unit *u) {
4591 size_t offset;
4592
4593 if (u->type < 0)
4594 return NULL;
4595
4596 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4597 if (offset <= 0)
4598 return NULL;
4599
4600 return (CGroupContext*) ((uint8_t*) u + offset);
4601 }
4602
4603 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4604 size_t offset;
4605
4606 if (u->type < 0)
4607 return NULL;
4608
4609 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4610 if (offset <= 0)
4611 return NULL;
4612
4613 return *(ExecRuntime**) ((uint8_t*) u + offset);
4614 }
4615
4616 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4617 assert(u);
4618
4619 if (UNIT_WRITE_FLAGS_NOOP(flags))
4620 return NULL;
4621
4622 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4623 return u->manager->lookup_paths.transient;
4624
4625 if (flags & UNIT_PERSISTENT)
4626 return u->manager->lookup_paths.persistent_control;
4627
4628 if (flags & UNIT_RUNTIME)
4629 return u->manager->lookup_paths.runtime_control;
4630
4631 return NULL;
4632 }
4633
4634 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4635 char *ret = NULL;
4636
4637 if (!s)
4638 return NULL;
4639
4640 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4641 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4642 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4643 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4644 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4645 * allocations. */
4646
4647 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4648 ret = specifier_escape(s);
4649 if (!ret)
4650 return NULL;
4651
4652 s = ret;
4653 }
4654
4655 if (flags & UNIT_ESCAPE_C) {
4656 char *a;
4657
4658 a = cescape(s);
4659 free(ret);
4660 if (!a)
4661 return NULL;
4662
4663 ret = a;
4664 }
4665
4666 if (buf) {
4667 *buf = ret;
4668 return ret ?: (char*) s;
4669 }
4670
4671 return ret ?: strdup(s);
4672 }
4673
4674 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4675 _cleanup_free_ char *result = NULL;
4676 size_t n = 0, allocated = 0;
4677 char **i;
4678
4679 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4680 * way suitable for ExecStart= stanzas */
4681
4682 STRV_FOREACH(i, l) {
4683 _cleanup_free_ char *buf = NULL;
4684 const char *p;
4685 size_t a;
4686 char *q;
4687
4688 p = unit_escape_setting(*i, flags, &buf);
4689 if (!p)
4690 return NULL;
4691
4692 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4693 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4694 return NULL;
4695
4696 q = result + n;
4697 if (n > 0)
4698 *(q++) = ' ';
4699
4700 *(q++) = '"';
4701 q = stpcpy(q, p);
4702 *(q++) = '"';
4703
4704 n += a;
4705 }
4706
4707 if (!GREEDY_REALLOC(result, allocated, n + 1))
4708 return NULL;
4709
4710 result[n] = 0;
4711
4712 return TAKE_PTR(result);
4713 }
4714
4715 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4716 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4717 const char *dir, *wrapped;
4718 int r;
4719
4720 assert(u);
4721 assert(name);
4722 assert(data);
4723
4724 if (UNIT_WRITE_FLAGS_NOOP(flags))
4725 return 0;
4726
4727 data = unit_escape_setting(data, flags, &escaped);
4728 if (!data)
4729 return -ENOMEM;
4730
4731 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4732 * previous section header is the same */
4733
4734 if (flags & UNIT_PRIVATE) {
4735 if (!UNIT_VTABLE(u)->private_section)
4736 return -EINVAL;
4737
4738 if (!u->transient_file || u->last_section_private < 0)
4739 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4740 else if (u->last_section_private == 0)
4741 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4742 } else {
4743 if (!u->transient_file || u->last_section_private < 0)
4744 data = strjoina("[Unit]\n", data);
4745 else if (u->last_section_private > 0)
4746 data = strjoina("\n[Unit]\n", data);
4747 }
4748
4749 if (u->transient_file) {
4750 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4751 * write to the transient unit file. */
4752 fputs(data, u->transient_file);
4753
4754 if (!endswith(data, "\n"))
4755 fputc('\n', u->transient_file);
4756
4757 /* Remember which section we wrote this entry to */
4758 u->last_section_private = !!(flags & UNIT_PRIVATE);
4759 return 0;
4760 }
4761
4762 dir = unit_drop_in_dir(u, flags);
4763 if (!dir)
4764 return -EINVAL;
4765
4766 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4767 "# or an equivalent operation. Do not edit.\n",
4768 data,
4769 "\n");
4770
4771 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4772 if (r < 0)
4773 return r;
4774
4775 (void) mkdir_p_label(p, 0755);
4776
4777 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4778 * recreate the cache after every drop-in we write. */
4779 if (u->manager->unit_path_cache) {
4780 r = set_put_strdup(&u->manager->unit_path_cache, p);
4781 if (r < 0)
4782 return r;
4783 }
4784
4785 r = write_string_file_atomic_label(q, wrapped);
4786 if (r < 0)
4787 return r;
4788
4789 r = strv_push(&u->dropin_paths, q);
4790 if (r < 0)
4791 return r;
4792 q = NULL;
4793
4794 strv_uniq(u->dropin_paths);
4795
4796 u->dropin_mtime = now(CLOCK_REALTIME);
4797
4798 return 0;
4799 }
4800
4801 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4802 _cleanup_free_ char *p = NULL;
4803 va_list ap;
4804 int r;
4805
4806 assert(u);
4807 assert(name);
4808 assert(format);
4809
4810 if (UNIT_WRITE_FLAGS_NOOP(flags))
4811 return 0;
4812
4813 va_start(ap, format);
4814 r = vasprintf(&p, format, ap);
4815 va_end(ap);
4816
4817 if (r < 0)
4818 return -ENOMEM;
4819
4820 return unit_write_setting(u, flags, name, p);
4821 }
4822
4823 int unit_make_transient(Unit *u) {
4824 _cleanup_free_ char *path = NULL;
4825 FILE *f;
4826
4827 assert(u);
4828
4829 if (!UNIT_VTABLE(u)->can_transient)
4830 return -EOPNOTSUPP;
4831
4832 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4833
4834 path = path_join(u->manager->lookup_paths.transient, u->id);
4835 if (!path)
4836 return -ENOMEM;
4837
4838 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4839 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4840
4841 RUN_WITH_UMASK(0022) {
4842 f = fopen(path, "we");
4843 if (!f)
4844 return -errno;
4845 }
4846
4847 safe_fclose(u->transient_file);
4848 u->transient_file = f;
4849
4850 free_and_replace(u->fragment_path, path);
4851
4852 u->source_path = mfree(u->source_path);
4853 u->dropin_paths = strv_free(u->dropin_paths);
4854 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4855
4856 u->load_state = UNIT_STUB;
4857 u->load_error = 0;
4858 u->transient = true;
4859
4860 unit_add_to_dbus_queue(u);
4861 unit_add_to_gc_queue(u);
4862
4863 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4864 u->transient_file);
4865
4866 return 0;
4867 }
4868
4869 static int log_kill(pid_t pid, int sig, void *userdata) {
4870 _cleanup_free_ char *comm = NULL;
4871
4872 (void) get_process_comm(pid, &comm);
4873
4874 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4875 only, like for example systemd's own PAM stub process. */
4876 if (comm && comm[0] == '(')
4877 return 0;
4878
4879 log_unit_notice(userdata,
4880 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4881 pid,
4882 strna(comm),
4883 signal_to_string(sig));
4884
4885 return 1;
4886 }
4887
4888 static int operation_to_signal(const KillContext *c, KillOperation k, bool *noteworthy) {
4889 assert(c);
4890
4891 switch (k) {
4892
4893 case KILL_TERMINATE:
4894 case KILL_TERMINATE_AND_LOG:
4895 *noteworthy = false;
4896 return c->kill_signal;
4897
4898 case KILL_RESTART:
4899 *noteworthy = false;
4900 return restart_kill_signal(c);
4901
4902 case KILL_KILL:
4903 *noteworthy = true;
4904 return c->final_kill_signal;
4905
4906 case KILL_WATCHDOG:
4907 *noteworthy = true;
4908 return c->watchdog_signal;
4909
4910 default:
4911 assert_not_reached("KillOperation unknown");
4912 }
4913 }
4914
4915 int unit_kill_context(
4916 Unit *u,
4917 KillContext *c,
4918 KillOperation k,
4919 pid_t main_pid,
4920 pid_t control_pid,
4921 bool main_pid_alien) {
4922
4923 bool wait_for_exit = false, send_sighup;
4924 cg_kill_log_func_t log_func = NULL;
4925 int sig, r;
4926
4927 assert(u);
4928 assert(c);
4929
4930 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4931 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4932
4933 if (c->kill_mode == KILL_NONE)
4934 return 0;
4935
4936 bool noteworthy;
4937 sig = operation_to_signal(c, k, &noteworthy);
4938 if (noteworthy)
4939 log_func = log_kill;
4940
4941 send_sighup =
4942 c->send_sighup &&
4943 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4944 sig != SIGHUP;
4945
4946 if (main_pid > 0) {
4947 if (log_func)
4948 log_func(main_pid, sig, u);
4949
4950 r = kill_and_sigcont(main_pid, sig);
4951 if (r < 0 && r != -ESRCH) {
4952 _cleanup_free_ char *comm = NULL;
4953 (void) get_process_comm(main_pid, &comm);
4954
4955 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4956 } else {
4957 if (!main_pid_alien)
4958 wait_for_exit = true;
4959
4960 if (r != -ESRCH && send_sighup)
4961 (void) kill(main_pid, SIGHUP);
4962 }
4963 }
4964
4965 if (control_pid > 0) {
4966 if (log_func)
4967 log_func(control_pid, sig, u);
4968
4969 r = kill_and_sigcont(control_pid, sig);
4970 if (r < 0 && r != -ESRCH) {
4971 _cleanup_free_ char *comm = NULL;
4972 (void) get_process_comm(control_pid, &comm);
4973
4974 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4975 } else {
4976 wait_for_exit = true;
4977
4978 if (r != -ESRCH && send_sighup)
4979 (void) kill(control_pid, SIGHUP);
4980 }
4981 }
4982
4983 if (u->cgroup_path &&
4984 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4985 _cleanup_set_free_ Set *pid_set = NULL;
4986
4987 /* Exclude the main/control pids from being killed via the cgroup */
4988 pid_set = unit_pid_set(main_pid, control_pid);
4989 if (!pid_set)
4990 return -ENOMEM;
4991
4992 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4993 sig,
4994 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4995 pid_set,
4996 log_func, u);
4997 if (r < 0) {
4998 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4999 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
5000
5001 } else if (r > 0) {
5002
5003 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
5004 * we are running in a container or if this is a delegation unit, simply because cgroup
5005 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
5006 * of containers it can be confused easily by left-over directories in the cgroup — which
5007 * however should not exist in non-delegated units. On the unified hierarchy that's different,
5008 * there we get proper events. Hence rely on them. */
5009
5010 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
5011 (detect_container() == 0 && !unit_cgroup_delegate(u)))
5012 wait_for_exit = true;
5013
5014 if (send_sighup) {
5015 set_free(pid_set);
5016
5017 pid_set = unit_pid_set(main_pid, control_pid);
5018 if (!pid_set)
5019 return -ENOMEM;
5020
5021 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
5022 SIGHUP,
5023 CGROUP_IGNORE_SELF,
5024 pid_set,
5025 NULL, NULL);
5026 }
5027 }
5028 }
5029
5030 return wait_for_exit;
5031 }
5032
5033 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
5034 _cleanup_free_ char *p = NULL;
5035 UnitDependencyInfo di;
5036 int r;
5037
5038 assert(u);
5039 assert(path);
5040
5041 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
5042 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
5043 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
5044 * determine which units to make themselves a dependency of. */
5045
5046 if (!path_is_absolute(path))
5047 return -EINVAL;
5048
5049 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
5050 if (r < 0)
5051 return r;
5052
5053 p = strdup(path);
5054 if (!p)
5055 return -ENOMEM;
5056
5057 path = path_simplify(p, true);
5058
5059 if (!path_is_normalized(path))
5060 return -EPERM;
5061
5062 if (hashmap_contains(u->requires_mounts_for, path))
5063 return 0;
5064
5065 di = (UnitDependencyInfo) {
5066 .origin_mask = mask
5067 };
5068
5069 r = hashmap_put(u->requires_mounts_for, path, di.data);
5070 if (r < 0)
5071 return r;
5072 p = NULL;
5073
5074 char prefix[strlen(path) + 1];
5075 PATH_FOREACH_PREFIX_MORE(prefix, path) {
5076 Set *x;
5077
5078 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
5079 if (!x) {
5080 _cleanup_free_ char *q = NULL;
5081
5082 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
5083 if (r < 0)
5084 return r;
5085
5086 q = strdup(prefix);
5087 if (!q)
5088 return -ENOMEM;
5089
5090 x = set_new(NULL);
5091 if (!x)
5092 return -ENOMEM;
5093
5094 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
5095 if (r < 0) {
5096 set_free(x);
5097 return r;
5098 }
5099 q = NULL;
5100 }
5101
5102 r = set_put(x, u);
5103 if (r < 0)
5104 return r;
5105 }
5106
5107 return 0;
5108 }
5109
5110 int unit_setup_exec_runtime(Unit *u) {
5111 ExecRuntime **rt;
5112 size_t offset;
5113 Unit *other;
5114 Iterator i;
5115 void *v;
5116 int r;
5117
5118 offset = UNIT_VTABLE(u)->exec_runtime_offset;
5119 assert(offset > 0);
5120
5121 /* Check if there already is an ExecRuntime for this unit? */
5122 rt = (ExecRuntime**) ((uint8_t*) u + offset);
5123 if (*rt)
5124 return 0;
5125
5126 /* Try to get it from somebody else */
5127 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
5128 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
5129 if (r == 1)
5130 return 1;
5131 }
5132
5133 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
5134 }
5135
5136 int unit_setup_dynamic_creds(Unit *u) {
5137 ExecContext *ec;
5138 DynamicCreds *dcreds;
5139 size_t offset;
5140
5141 assert(u);
5142
5143 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
5144 assert(offset > 0);
5145 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
5146
5147 ec = unit_get_exec_context(u);
5148 assert(ec);
5149
5150 if (!ec->dynamic_user)
5151 return 0;
5152
5153 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
5154 }
5155
5156 bool unit_type_supported(UnitType t) {
5157 if (_unlikely_(t < 0))
5158 return false;
5159 if (_unlikely_(t >= _UNIT_TYPE_MAX))
5160 return false;
5161
5162 if (!unit_vtable[t]->supported)
5163 return true;
5164
5165 return unit_vtable[t]->supported();
5166 }
5167
5168 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
5169 int r;
5170
5171 assert(u);
5172 assert(where);
5173
5174 r = dir_is_empty(where);
5175 if (r > 0 || r == -ENOTDIR)
5176 return;
5177 if (r < 0) {
5178 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
5179 return;
5180 }
5181
5182 log_struct(LOG_NOTICE,
5183 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5184 LOG_UNIT_ID(u),
5185 LOG_UNIT_INVOCATION_ID(u),
5186 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
5187 "WHERE=%s", where);
5188 }
5189
5190 int unit_fail_if_noncanonical(Unit *u, const char* where) {
5191 _cleanup_free_ char *canonical_where = NULL;
5192 int r;
5193
5194 assert(u);
5195 assert(where);
5196
5197 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where, NULL);
5198 if (r < 0) {
5199 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
5200 return 0;
5201 }
5202
5203 /* We will happily ignore a trailing slash (or any redundant slashes) */
5204 if (path_equal(where, canonical_where))
5205 return 0;
5206
5207 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5208 log_struct(LOG_ERR,
5209 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
5210 LOG_UNIT_ID(u),
5211 LOG_UNIT_INVOCATION_ID(u),
5212 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
5213 "WHERE=%s", where);
5214
5215 return -ELOOP;
5216 }
5217
5218 bool unit_is_pristine(Unit *u) {
5219 assert(u);
5220
5221 /* Check if the unit already exists or is already around,
5222 * in a number of different ways. Note that to cater for unit
5223 * types such as slice, we are generally fine with units that
5224 * are marked UNIT_LOADED even though nothing was actually
5225 * loaded, as those unit types don't require a file on disk. */
5226
5227 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
5228 u->fragment_path ||
5229 u->source_path ||
5230 !strv_isempty(u->dropin_paths) ||
5231 u->job ||
5232 u->merged_into);
5233 }
5234
5235 pid_t unit_control_pid(Unit *u) {
5236 assert(u);
5237
5238 if (UNIT_VTABLE(u)->control_pid)
5239 return UNIT_VTABLE(u)->control_pid(u);
5240
5241 return 0;
5242 }
5243
5244 pid_t unit_main_pid(Unit *u) {
5245 assert(u);
5246
5247 if (UNIT_VTABLE(u)->main_pid)
5248 return UNIT_VTABLE(u)->main_pid(u);
5249
5250 return 0;
5251 }
5252
5253 static void unit_unref_uid_internal(
5254 Unit *u,
5255 uid_t *ref_uid,
5256 bool destroy_now,
5257 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
5258
5259 assert(u);
5260 assert(ref_uid);
5261 assert(_manager_unref_uid);
5262
5263 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5264 * gid_t are actually the same time, with the same validity rules.
5265 *
5266 * Drops a reference to UID/GID from a unit. */
5267
5268 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5269 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5270
5271 if (!uid_is_valid(*ref_uid))
5272 return;
5273
5274 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
5275 *ref_uid = UID_INVALID;
5276 }
5277
5278 static void unit_unref_uid(Unit *u, bool destroy_now) {
5279 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
5280 }
5281
5282 static void unit_unref_gid(Unit *u, bool destroy_now) {
5283 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
5284 }
5285
5286 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5287 assert(u);
5288
5289 unit_unref_uid(u, destroy_now);
5290 unit_unref_gid(u, destroy_now);
5291 }
5292
5293 static int unit_ref_uid_internal(
5294 Unit *u,
5295 uid_t *ref_uid,
5296 uid_t uid,
5297 bool clean_ipc,
5298 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
5299
5300 int r;
5301
5302 assert(u);
5303 assert(ref_uid);
5304 assert(uid_is_valid(uid));
5305 assert(_manager_ref_uid);
5306
5307 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5308 * are actually the same type, and have the same validity rules.
5309 *
5310 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5311 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5312 * drops to zero. */
5313
5314 assert_cc(sizeof(uid_t) == sizeof(gid_t));
5315 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
5316
5317 if (*ref_uid == uid)
5318 return 0;
5319
5320 if (uid_is_valid(*ref_uid)) /* Already set? */
5321 return -EBUSY;
5322
5323 r = _manager_ref_uid(u->manager, uid, clean_ipc);
5324 if (r < 0)
5325 return r;
5326
5327 *ref_uid = uid;
5328 return 1;
5329 }
5330
5331 static int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
5332 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
5333 }
5334
5335 static int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
5336 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
5337 }
5338
5339 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
5340 int r = 0, q = 0;
5341
5342 assert(u);
5343
5344 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5345
5346 if (uid_is_valid(uid)) {
5347 r = unit_ref_uid(u, uid, clean_ipc);
5348 if (r < 0)
5349 return r;
5350 }
5351
5352 if (gid_is_valid(gid)) {
5353 q = unit_ref_gid(u, gid, clean_ipc);
5354 if (q < 0) {
5355 if (r > 0)
5356 unit_unref_uid(u, false);
5357
5358 return q;
5359 }
5360 }
5361
5362 return r > 0 || q > 0;
5363 }
5364
5365 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
5366 ExecContext *c;
5367 int r;
5368
5369 assert(u);
5370
5371 c = unit_get_exec_context(u);
5372
5373 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
5374 if (r < 0)
5375 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5376
5377 return r;
5378 }
5379
5380 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5381 int r;
5382
5383 assert(u);
5384
5385 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5386 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5387 * objects when no service references the UID/GID anymore. */
5388
5389 r = unit_ref_uid_gid(u, uid, gid);
5390 if (r > 0)
5391 unit_add_to_dbus_queue(u);
5392 }
5393
5394 int unit_acquire_invocation_id(Unit *u) {
5395 sd_id128_t id;
5396 int r;
5397
5398 assert(u);
5399
5400 r = sd_id128_randomize(&id);
5401 if (r < 0)
5402 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5403
5404 r = unit_set_invocation_id(u, id);
5405 if (r < 0)
5406 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5407
5408 unit_add_to_dbus_queue(u);
5409 return 0;
5410 }
5411
5412 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5413 int r;
5414
5415 assert(u);
5416 assert(p);
5417
5418 /* Copy parameters from manager */
5419 r = manager_get_effective_environment(u->manager, &p->environment);
5420 if (r < 0)
5421 return r;
5422
5423 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5424 p->cgroup_supported = u->manager->cgroup_supported;
5425 p->prefix = u->manager->prefix;
5426 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5427
5428 /* Copy parameters from unit */
5429 p->cgroup_path = u->cgroup_path;
5430 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5431
5432 return 0;
5433 }
5434
5435 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5436 int r;
5437
5438 assert(u);
5439 assert(ret);
5440
5441 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5442 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5443
5444 (void) unit_realize_cgroup(u);
5445
5446 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5447 if (r != 0)
5448 return r;
5449
5450 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5451 (void) ignore_signals(SIGPIPE, -1);
5452
5453 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5454
5455 if (u->cgroup_path) {
5456 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5457 if (r < 0) {
5458 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5459 _exit(EXIT_CGROUP);
5460 }
5461 }
5462
5463 return 0;
5464 }
5465
5466 int unit_fork_and_watch_rm_rf(Unit *u, char **paths, pid_t *ret_pid) {
5467 pid_t pid;
5468 int r;
5469
5470 assert(u);
5471 assert(ret_pid);
5472
5473 r = unit_fork_helper_process(u, "(sd-rmrf)", &pid);
5474 if (r < 0)
5475 return r;
5476 if (r == 0) {
5477 int ret = EXIT_SUCCESS;
5478 char **i;
5479
5480 STRV_FOREACH(i, paths) {
5481 r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
5482 if (r < 0) {
5483 log_error_errno(r, "Failed to remove '%s': %m", *i);
5484 ret = EXIT_FAILURE;
5485 }
5486 }
5487
5488 _exit(ret);
5489 }
5490
5491 r = unit_watch_pid(u, pid, true);
5492 if (r < 0)
5493 return r;
5494
5495 *ret_pid = pid;
5496 return 0;
5497 }
5498
5499 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5500 assert(u);
5501 assert(d >= 0);
5502 assert(d < _UNIT_DEPENDENCY_MAX);
5503 assert(other);
5504
5505 if (di.origin_mask == 0 && di.destination_mask == 0) {
5506 /* No bit set anymore, let's drop the whole entry */
5507 assert_se(hashmap_remove(u->dependencies[d], other));
5508 log_unit_debug(u, "lost dependency %s=%s", unit_dependency_to_string(d), other->id);
5509 } else
5510 /* Mask was reduced, let's update the entry */
5511 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5512 }
5513
5514 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5515 assert(u);
5516
5517 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5518
5519 if (mask == 0)
5520 return;
5521
5522 for (UnitDependency d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5523 bool done;
5524
5525 do {
5526 UnitDependencyInfo di;
5527 Unit *other;
5528 Iterator i;
5529
5530 done = true;
5531
5532 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5533 if ((di.origin_mask & ~mask) == di.origin_mask)
5534 continue;
5535 di.origin_mask &= ~mask;
5536 unit_update_dependency_mask(u, d, other, di);
5537
5538 /* We updated the dependency from our unit to the other unit now. But most dependencies
5539 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5540 * all dependency types on the other unit and delete all those which point to us and
5541 * have the right mask set. */
5542
5543 for (UnitDependency q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5544 UnitDependencyInfo dj;
5545
5546 dj.data = hashmap_get(other->dependencies[q], u);
5547 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5548 continue;
5549 dj.destination_mask &= ~mask;
5550
5551 unit_update_dependency_mask(other, q, u, dj);
5552 }
5553
5554 unit_add_to_gc_queue(other);
5555
5556 done = false;
5557 break;
5558 }
5559
5560 } while (!done);
5561 }
5562 }
5563
5564 static int unit_get_invocation_path(Unit *u, char **ret) {
5565 char *p;
5566 int r;
5567
5568 assert(u);
5569 assert(ret);
5570
5571 if (MANAGER_IS_SYSTEM(u->manager))
5572 p = strjoin("/run/systemd/units/invocation:", u->id);
5573 else {
5574 _cleanup_free_ char *user_path = NULL;
5575 r = xdg_user_runtime_dir(&user_path, "/systemd/units/invocation:");
5576 if (r < 0)
5577 return r;
5578 p = strjoin(user_path, u->id);
5579 }
5580
5581 if (!p)
5582 return -ENOMEM;
5583
5584 *ret = p;
5585 return 0;
5586 }
5587
5588 static int unit_export_invocation_id(Unit *u) {
5589 _cleanup_free_ char *p = NULL;
5590 int r;
5591
5592 assert(u);
5593
5594 if (u->exported_invocation_id)
5595 return 0;
5596
5597 if (sd_id128_is_null(u->invocation_id))
5598 return 0;
5599
5600 r = unit_get_invocation_path(u, &p);
5601 if (r < 0)
5602 return log_unit_debug_errno(u, r, "Failed to get invocation path: %m");
5603
5604 r = symlink_atomic(u->invocation_id_string, p);
5605 if (r < 0)
5606 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5607
5608 u->exported_invocation_id = true;
5609 return 0;
5610 }
5611
5612 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5613 const char *p;
5614 char buf[2];
5615 int r;
5616
5617 assert(u);
5618 assert(c);
5619
5620 if (u->exported_log_level_max)
5621 return 0;
5622
5623 if (c->log_level_max < 0)
5624 return 0;
5625
5626 assert(c->log_level_max <= 7);
5627
5628 buf[0] = '0' + c->log_level_max;
5629 buf[1] = 0;
5630
5631 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5632 r = symlink_atomic(buf, p);
5633 if (r < 0)
5634 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5635
5636 u->exported_log_level_max = true;
5637 return 0;
5638 }
5639
5640 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5641 _cleanup_close_ int fd = -1;
5642 struct iovec *iovec;
5643 const char *p;
5644 char *pattern;
5645 le64_t *sizes;
5646 ssize_t n;
5647 size_t i;
5648 int r;
5649
5650 if (u->exported_log_extra_fields)
5651 return 0;
5652
5653 if (c->n_log_extra_fields <= 0)
5654 return 0;
5655
5656 sizes = newa(le64_t, c->n_log_extra_fields);
5657 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5658
5659 for (i = 0; i < c->n_log_extra_fields; i++) {
5660 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5661
5662 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5663 iovec[i*2+1] = c->log_extra_fields[i];
5664 }
5665
5666 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5667 pattern = strjoina(p, ".XXXXXX");
5668
5669 fd = mkostemp_safe(pattern);
5670 if (fd < 0)
5671 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5672
5673 n = writev(fd, iovec, c->n_log_extra_fields*2);
5674 if (n < 0) {
5675 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5676 goto fail;
5677 }
5678
5679 (void) fchmod(fd, 0644);
5680
5681 if (rename(pattern, p) < 0) {
5682 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5683 goto fail;
5684 }
5685
5686 u->exported_log_extra_fields = true;
5687 return 0;
5688
5689 fail:
5690 (void) unlink(pattern);
5691 return r;
5692 }
5693
5694 static int unit_export_log_ratelimit_interval(Unit *u, const ExecContext *c) {
5695 _cleanup_free_ char *buf = NULL;
5696 const char *p;
5697 int r;
5698
5699 assert(u);
5700 assert(c);
5701
5702 if (u->exported_log_ratelimit_interval)
5703 return 0;
5704
5705 if (c->log_ratelimit_interval_usec == 0)
5706 return 0;
5707
5708 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5709
5710 if (asprintf(&buf, "%" PRIu64, c->log_ratelimit_interval_usec) < 0)
5711 return log_oom();
5712
5713 r = symlink_atomic(buf, p);
5714 if (r < 0)
5715 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5716
5717 u->exported_log_ratelimit_interval = true;
5718 return 0;
5719 }
5720
5721 static int unit_export_log_ratelimit_burst(Unit *u, const ExecContext *c) {
5722 _cleanup_free_ char *buf = NULL;
5723 const char *p;
5724 int r;
5725
5726 assert(u);
5727 assert(c);
5728
5729 if (u->exported_log_ratelimit_burst)
5730 return 0;
5731
5732 if (c->log_ratelimit_burst == 0)
5733 return 0;
5734
5735 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5736
5737 if (asprintf(&buf, "%u", c->log_ratelimit_burst) < 0)
5738 return log_oom();
5739
5740 r = symlink_atomic(buf, p);
5741 if (r < 0)
5742 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5743
5744 u->exported_log_ratelimit_burst = true;
5745 return 0;
5746 }
5747
5748 void unit_export_state_files(Unit *u) {
5749 const ExecContext *c;
5750
5751 assert(u);
5752
5753 if (!u->id)
5754 return;
5755
5756 if (MANAGER_IS_TEST_RUN(u->manager))
5757 return;
5758
5759 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5760 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5761 * the IPC system itself and PID 1 also log to the journal.
5762 *
5763 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5764 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5765 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5766 * namespace at least.
5767 *
5768 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5769 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5770 * them with one. */
5771
5772 (void) unit_export_invocation_id(u);
5773
5774 if (!MANAGER_IS_SYSTEM(u->manager))
5775 return;
5776
5777 c = unit_get_exec_context(u);
5778 if (c) {
5779 (void) unit_export_log_level_max(u, c);
5780 (void) unit_export_log_extra_fields(u, c);
5781 (void) unit_export_log_ratelimit_interval(u, c);
5782 (void) unit_export_log_ratelimit_burst(u, c);
5783 }
5784 }
5785
5786 void unit_unlink_state_files(Unit *u) {
5787 const char *p;
5788
5789 assert(u);
5790
5791 if (!u->id)
5792 return;
5793
5794 /* Undoes the effect of unit_export_state() */
5795
5796 if (u->exported_invocation_id) {
5797 _cleanup_free_ char *invocation_path = NULL;
5798 int r = unit_get_invocation_path(u, &invocation_path);
5799 if (r >= 0) {
5800 (void) unlink(invocation_path);
5801 u->exported_invocation_id = false;
5802 }
5803 }
5804
5805 if (!MANAGER_IS_SYSTEM(u->manager))
5806 return;
5807
5808 if (u->exported_log_level_max) {
5809 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5810 (void) unlink(p);
5811
5812 u->exported_log_level_max = false;
5813 }
5814
5815 if (u->exported_log_extra_fields) {
5816 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5817 (void) unlink(p);
5818
5819 u->exported_log_extra_fields = false;
5820 }
5821
5822 if (u->exported_log_ratelimit_interval) {
5823 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5824 (void) unlink(p);
5825
5826 u->exported_log_ratelimit_interval = false;
5827 }
5828
5829 if (u->exported_log_ratelimit_burst) {
5830 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5831 (void) unlink(p);
5832
5833 u->exported_log_ratelimit_burst = false;
5834 }
5835 }
5836
5837 int unit_prepare_exec(Unit *u) {
5838 int r;
5839
5840 assert(u);
5841
5842 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5843 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5844 r = bpf_firewall_load_custom(u);
5845 if (r < 0)
5846 return r;
5847
5848 /* Prepares everything so that we can fork of a process for this unit */
5849
5850 (void) unit_realize_cgroup(u);
5851
5852 if (u->reset_accounting) {
5853 (void) unit_reset_accounting(u);
5854 u->reset_accounting = false;
5855 }
5856
5857 unit_export_state_files(u);
5858
5859 r = unit_setup_exec_runtime(u);
5860 if (r < 0)
5861 return r;
5862
5863 r = unit_setup_dynamic_creds(u);
5864 if (r < 0)
5865 return r;
5866
5867 return 0;
5868 }
5869
5870 static bool ignore_leftover_process(const char *comm) {
5871 return comm && comm[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5872 }
5873
5874 int unit_log_leftover_process_start(pid_t pid, int sig, void *userdata) {
5875 _cleanup_free_ char *comm = NULL;
5876
5877 (void) get_process_comm(pid, &comm);
5878
5879 if (ignore_leftover_process(comm))
5880 return 0;
5881
5882 /* During start we print a warning */
5883
5884 log_unit_warning(userdata,
5885 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5886 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5887 pid, strna(comm));
5888
5889 return 1;
5890 }
5891
5892 int unit_log_leftover_process_stop(pid_t pid, int sig, void *userdata) {
5893 _cleanup_free_ char *comm = NULL;
5894
5895 (void) get_process_comm(pid, &comm);
5896
5897 if (ignore_leftover_process(comm))
5898 return 0;
5899
5900 /* During stop we only print an informational message */
5901
5902 log_unit_info(userdata,
5903 "Unit process " PID_FMT " (%s) remains running after unit stopped.",
5904 pid, strna(comm));
5905
5906 return 1;
5907 }
5908
5909 int unit_warn_leftover_processes(Unit *u, cg_kill_log_func_t log_func) {
5910 assert(u);
5911
5912 (void) unit_pick_cgroup_path(u);
5913
5914 if (!u->cgroup_path)
5915 return 0;
5916
5917 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_func, u);
5918 }
5919
5920 bool unit_needs_console(Unit *u) {
5921 ExecContext *ec;
5922 UnitActiveState state;
5923
5924 assert(u);
5925
5926 state = unit_active_state(u);
5927
5928 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5929 return false;
5930
5931 if (UNIT_VTABLE(u)->needs_console)
5932 return UNIT_VTABLE(u)->needs_console(u);
5933
5934 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5935 ec = unit_get_exec_context(u);
5936 if (!ec)
5937 return false;
5938
5939 return exec_context_may_touch_console(ec);
5940 }
5941
5942 const char *unit_label_path(const Unit *u) {
5943 const char *p;
5944
5945 assert(u);
5946
5947 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5948 * when validating access checks. */
5949
5950 p = u->source_path ?: u->fragment_path;
5951 if (!p)
5952 return NULL;
5953
5954 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5955 if (path_equal(p, "/dev/null"))
5956 return NULL;
5957
5958 return p;
5959 }
5960
5961 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5962 int r;
5963
5964 assert(u);
5965
5966 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5967 * and not a kernel thread either */
5968
5969 /* First, a simple range check */
5970 if (!pid_is_valid(pid))
5971 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5972
5973 /* Some extra safety check */
5974 if (pid == 1 || pid == getpid_cached())
5975 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5976
5977 /* Don't even begin to bother with kernel threads */
5978 r = is_kernel_thread(pid);
5979 if (r == -ESRCH)
5980 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5981 if (r < 0)
5982 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5983 if (r > 0)
5984 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5985
5986 return 0;
5987 }
5988
5989 void unit_log_success(Unit *u) {
5990 assert(u);
5991
5992 log_struct(LOG_INFO,
5993 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5994 LOG_UNIT_ID(u),
5995 LOG_UNIT_INVOCATION_ID(u),
5996 LOG_UNIT_MESSAGE(u, "Succeeded."));
5997 }
5998
5999 void unit_log_failure(Unit *u, const char *result) {
6000 assert(u);
6001 assert(result);
6002
6003 log_struct(LOG_WARNING,
6004 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
6005 LOG_UNIT_ID(u),
6006 LOG_UNIT_INVOCATION_ID(u),
6007 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
6008 "UNIT_RESULT=%s", result);
6009 }
6010
6011 void unit_log_skip(Unit *u, const char *result) {
6012 assert(u);
6013 assert(result);
6014
6015 log_struct(LOG_INFO,
6016 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR,
6017 LOG_UNIT_ID(u),
6018 LOG_UNIT_INVOCATION_ID(u),
6019 LOG_UNIT_MESSAGE(u, "Skipped due to '%s'.", result),
6020 "UNIT_RESULT=%s", result);
6021 }
6022
6023 void unit_log_process_exit(
6024 Unit *u,
6025 const char *kind,
6026 const char *command,
6027 bool success,
6028 int code,
6029 int status) {
6030
6031 int level;
6032
6033 assert(u);
6034 assert(kind);
6035
6036 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6037 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6038 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6039 * WARNING. */
6040 if (success)
6041 level = LOG_DEBUG;
6042 else if (code == CLD_EXITED)
6043 level = LOG_NOTICE;
6044 else
6045 level = LOG_WARNING;
6046
6047 log_struct(level,
6048 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
6049 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
6050 kind,
6051 sigchld_code_to_string(code), status,
6052 strna(code == CLD_EXITED
6053 ? exit_status_to_string(status, EXIT_STATUS_FULL)
6054 : signal_to_string(status))),
6055 "EXIT_CODE=%s", sigchld_code_to_string(code),
6056 "EXIT_STATUS=%i", status,
6057 "COMMAND=%s", strna(command),
6058 LOG_UNIT_ID(u),
6059 LOG_UNIT_INVOCATION_ID(u));
6060 }
6061
6062 int unit_exit_status(Unit *u) {
6063 assert(u);
6064
6065 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6066 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6067 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6068 * service process has exited abnormally (signal/coredump). */
6069
6070 if (!UNIT_VTABLE(u)->exit_status)
6071 return -EOPNOTSUPP;
6072
6073 return UNIT_VTABLE(u)->exit_status(u);
6074 }
6075
6076 int unit_failure_action_exit_status(Unit *u) {
6077 int r;
6078
6079 assert(u);
6080
6081 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6082
6083 if (u->failure_action_exit_status >= 0)
6084 return u->failure_action_exit_status;
6085
6086 r = unit_exit_status(u);
6087 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6088 return 255;
6089
6090 return r;
6091 }
6092
6093 int unit_success_action_exit_status(Unit *u) {
6094 int r;
6095
6096 assert(u);
6097
6098 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6099
6100 if (u->success_action_exit_status >= 0)
6101 return u->success_action_exit_status;
6102
6103 r = unit_exit_status(u);
6104 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
6105 return 255;
6106
6107 return r;
6108 }
6109
6110 int unit_test_trigger_loaded(Unit *u) {
6111 Unit *trigger;
6112
6113 /* Tests whether the unit to trigger is loaded */
6114
6115 trigger = UNIT_TRIGGER(u);
6116 if (!trigger)
6117 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6118 "Refusing to start, no unit to trigger.");
6119 if (trigger->load_state != UNIT_LOADED)
6120 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
6121 "Refusing to start, unit %s to trigger not loaded.", trigger->id);
6122
6123 return 0;
6124 }
6125
6126 void unit_destroy_runtime_directory(Unit *u, const ExecContext *context) {
6127 if (context->runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
6128 (context->runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !unit_will_restart(u)))
6129 exec_context_destroy_runtime_directory(context, u->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
6130 }
6131
6132 int unit_clean(Unit *u, ExecCleanMask mask) {
6133 UnitActiveState state;
6134
6135 assert(u);
6136
6137 /* Special return values:
6138 *
6139 * -EOPNOTSUPP → cleaning not supported for this unit type
6140 * -EUNATCH → cleaning not defined for this resource type
6141 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6142 * a job queued or similar
6143 */
6144
6145 if (!UNIT_VTABLE(u)->clean)
6146 return -EOPNOTSUPP;
6147
6148 if (mask == 0)
6149 return -EUNATCH;
6150
6151 if (u->load_state != UNIT_LOADED)
6152 return -EBUSY;
6153
6154 if (u->job)
6155 return -EBUSY;
6156
6157 state = unit_active_state(u);
6158 if (!IN_SET(state, UNIT_INACTIVE))
6159 return -EBUSY;
6160
6161 return UNIT_VTABLE(u)->clean(u, mask);
6162 }
6163
6164 int unit_can_clean(Unit *u, ExecCleanMask *ret) {
6165 assert(u);
6166
6167 if (!UNIT_VTABLE(u)->clean ||
6168 u->load_state != UNIT_LOADED) {
6169 *ret = 0;
6170 return 0;
6171 }
6172
6173 /* When the clean() method is set, can_clean() really should be set too */
6174 assert(UNIT_VTABLE(u)->can_clean);
6175
6176 return UNIT_VTABLE(u)->can_clean(u, ret);
6177 }
6178
6179 bool unit_can_freeze(Unit *u) {
6180 assert(u);
6181
6182 if (UNIT_VTABLE(u)->can_freeze)
6183 return UNIT_VTABLE(u)->can_freeze(u);
6184
6185 return UNIT_VTABLE(u)->freeze;
6186 }
6187
6188 void unit_frozen(Unit *u) {
6189 assert(u);
6190
6191 u->freezer_state = FREEZER_FROZEN;
6192
6193 bus_unit_send_pending_freezer_message(u);
6194 }
6195
6196 void unit_thawed(Unit *u) {
6197 assert(u);
6198
6199 u->freezer_state = FREEZER_RUNNING;
6200
6201 bus_unit_send_pending_freezer_message(u);
6202 }
6203
6204 static int unit_freezer_action(Unit *u, FreezerAction action) {
6205 UnitActiveState s;
6206 int (*method)(Unit*);
6207 int r;
6208
6209 assert(u);
6210 assert(IN_SET(action, FREEZER_FREEZE, FREEZER_THAW));
6211
6212 method = action == FREEZER_FREEZE ? UNIT_VTABLE(u)->freeze : UNIT_VTABLE(u)->thaw;
6213 if (!method || !cg_freezer_supported())
6214 return -EOPNOTSUPP;
6215
6216 if (u->job)
6217 return -EBUSY;
6218
6219 if (u->load_state != UNIT_LOADED)
6220 return -EHOSTDOWN;
6221
6222 s = unit_active_state(u);
6223 if (s != UNIT_ACTIVE)
6224 return -EHOSTDOWN;
6225
6226 if (IN_SET(u->freezer_state, FREEZER_FREEZING, FREEZER_THAWING))
6227 return -EALREADY;
6228
6229 r = method(u);
6230 if (r <= 0)
6231 return r;
6232
6233 return 1;
6234 }
6235
6236 int unit_freeze(Unit *u) {
6237 return unit_freezer_action(u, FREEZER_FREEZE);
6238 }
6239
6240 int unit_thaw(Unit *u) {
6241 return unit_freezer_action(u, FREEZER_THAW);
6242 }
6243
6244 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6245 int unit_freeze_vtable_common(Unit *u) {
6246 return unit_cgroup_freezer_action(u, FREEZER_FREEZE);
6247 }
6248
6249 int unit_thaw_vtable_common(Unit *u) {
6250 return unit_cgroup_freezer_action(u, FREEZER_THAW);
6251 }
6252
6253 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
6254 [COLLECT_INACTIVE] = "inactive",
6255 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
6256 };
6257
6258 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.