1 /* SPDX-License-Identifier: LGPL-2.1+ */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bus-common-errors.h"
16 #include "cgroup-setup.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
24 #include "fileio-label.h"
26 #include "format-util.h"
28 #include "id128-util.h"
31 #include "load-dropin.h"
32 #include "load-fragment.h"
35 #include "missing_audit.h"
37 #include "parse-util.h"
38 #include "path-util.h"
39 #include "process-util.h"
41 #include "serialize.h"
43 #include "signal-util.h"
44 #include "sparse-endian.h"
46 #include "specifier.h"
47 #include "stat-util.h"
48 #include "stdio-util.h"
49 #include "string-table.h"
50 #include "string-util.h"
52 #include "terminal-util.h"
53 #include "tmpfile-util.h"
54 #include "umask-util.h"
55 #include "unit-name.h"
57 #include "user-util.h"
60 /* Thresholds for logging at INFO level about resource consumption */
61 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
62 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
63 #define MENTIONWORTHY_IP_BYTES (0ULL)
65 /* Thresholds for logging at INFO level about resource consumption */
66 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
67 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
68 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
70 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
71 [UNIT_SERVICE
] = &service_vtable
,
72 [UNIT_SOCKET
] = &socket_vtable
,
73 [UNIT_TARGET
] = &target_vtable
,
74 [UNIT_DEVICE
] = &device_vtable
,
75 [UNIT_MOUNT
] = &mount_vtable
,
76 [UNIT_AUTOMOUNT
] = &automount_vtable
,
77 [UNIT_SWAP
] = &swap_vtable
,
78 [UNIT_TIMER
] = &timer_vtable
,
79 [UNIT_PATH
] = &path_vtable
,
80 [UNIT_SLICE
] = &slice_vtable
,
81 [UNIT_SCOPE
] = &scope_vtable
,
84 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
);
86 Unit
*unit_new(Manager
*m
, size_t size
) {
90 assert(size
>= sizeof(Unit
));
97 u
->type
= _UNIT_TYPE_INVALID
;
98 u
->default_dependencies
= true;
99 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
100 u
->unit_file_preset
= -1;
101 u
->on_failure_job_mode
= JOB_REPLACE
;
102 u
->cgroup_control_inotify_wd
= -1;
103 u
->cgroup_memory_inotify_wd
= -1;
104 u
->job_timeout
= USEC_INFINITY
;
105 u
->job_running_timeout
= USEC_INFINITY
;
106 u
->ref_uid
= UID_INVALID
;
107 u
->ref_gid
= GID_INVALID
;
108 u
->cpu_usage_last
= NSEC_INFINITY
;
109 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
110 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
112 u
->ip_accounting_ingress_map_fd
= -1;
113 u
->ip_accounting_egress_map_fd
= -1;
114 u
->ipv4_allow_map_fd
= -1;
115 u
->ipv6_allow_map_fd
= -1;
116 u
->ipv4_deny_map_fd
= -1;
117 u
->ipv6_deny_map_fd
= -1;
119 u
->last_section_private
= -1;
121 u
->start_ratelimit
= (RateLimit
) { m
->default_start_limit_interval
, m
->default_start_limit_burst
};
122 u
->auto_stop_ratelimit
= (RateLimit
) { 10 * USEC_PER_SEC
, 16 };
124 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
125 u
->io_accounting_last
[i
] = UINT64_MAX
;
130 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
131 _cleanup_(unit_freep
) Unit
*u
= NULL
;
134 u
= unit_new(m
, size
);
138 r
= unit_add_name(u
, name
);
147 bool unit_has_name(const Unit
*u
, const char *name
) {
151 return streq_ptr(name
, u
->id
) ||
152 set_contains(u
->aliases
, name
);
155 static void unit_init(Unit
*u
) {
162 assert(u
->type
>= 0);
164 cc
= unit_get_cgroup_context(u
);
166 cgroup_context_init(cc
);
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
172 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
173 cc
->io_accounting
= u
->manager
->default_io_accounting
;
174 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
175 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
176 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
177 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
179 if (u
->type
!= UNIT_SLICE
)
180 cc
->tasks_max
= u
->manager
->default_tasks_max
;
183 ec
= unit_get_exec_context(u
);
185 exec_context_init(ec
);
187 if (MANAGER_IS_SYSTEM(u
->manager
))
188 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
190 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
192 /* User manager might have its umask redefined by PAM or UMask=. In this
193 * case let the units it manages inherit this value by default. They can
194 * still tune this value through their own unit file */
195 (void) get_process_umask(getpid_cached(), &ec
->umask
);
199 kc
= unit_get_kill_context(u
);
201 kill_context_init(kc
);
203 if (UNIT_VTABLE(u
)->init
)
204 UNIT_VTABLE(u
)->init(u
);
207 static int unit_add_alias(Unit
*u
, char *donated_name
) {
210 /* Make sure that u->names is allocated. We may leave u->names
211 * empty if we fail later, but this is not a problem. */
212 r
= set_ensure_allocated(&u
->aliases
, &string_hash_ops
);
216 r
= set_put(u
->aliases
, donated_name
);
224 int unit_add_name(Unit
*u
, const char *text
) {
225 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
232 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
234 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
235 "instance is not set when adding name '%s': %m", text
);
237 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
239 return log_unit_debug_errno(u
, r
,
240 "failed to build instance name from '%s': %m", text
);
247 if (unit_has_name(u
, name
))
250 if (hashmap_contains(u
->manager
->units
, name
))
251 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
252 "unit already exist when adding name '%s': %m", name
);
254 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
255 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
256 "name '%s' is invalid: %m", name
);
258 t
= unit_name_to_type(name
);
260 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
261 "failed to to derive unit type from name '%s': %m", name
);
263 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
264 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
265 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
268 r
= unit_name_to_instance(name
, &instance
);
270 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
272 if (instance
&& !unit_type_may_template(t
))
273 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
275 /* Ensure that this unit either has no instance, or that the instance matches. */
276 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
277 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
278 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
279 name
, instance
, u
->instance
);
281 if (u
->id
&& !unit_type_may_alias(t
))
282 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
283 "cannot add name %s, aliases are not allowed for %s units.",
284 name
, unit_type_to_string(t
));
286 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
287 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
289 /* Add name to the global hashmap first, because that's easier to undo */
290 r
= hashmap_put(u
->manager
->units
, name
, u
);
292 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
295 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
297 hashmap_remove(u
->manager
->units
, name
);
303 /* A new name, we don't need the set yet. */
304 assert(u
->type
== _UNIT_TYPE_INVALID
);
305 assert(!u
->instance
);
308 u
->id
= TAKE_PTR(name
);
309 u
->instance
= TAKE_PTR(instance
);
311 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
315 unit_add_to_dbus_queue(u
);
319 int unit_choose_id(Unit
*u
, const char *name
) {
320 _cleanup_free_
char *t
= NULL
;
327 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
331 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
338 if (streq_ptr(u
->id
, name
))
339 return 0; /* Nothing to do. */
341 /* Selects one of the aliases of this unit as the id */
342 s
= set_get(u
->aliases
, (char*) name
);
347 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
351 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
353 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
354 unit_add_to_dbus_queue(u
);
359 int unit_set_description(Unit
*u
, const char *description
) {
364 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
368 unit_add_to_dbus_queue(u
);
373 bool unit_may_gc(Unit
*u
) {
374 UnitActiveState state
;
379 /* Checks whether the unit is ready to be unloaded for garbage collection.
380 * Returns true when the unit may be collected, and false if there's some
381 * reason to keep it loaded.
383 * References from other units are *not* checked here. Instead, this is done
384 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
393 state
= unit_active_state(u
);
395 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
396 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
397 UNIT_VTABLE(u
)->release_resources
)
398 UNIT_VTABLE(u
)->release_resources(u
);
403 if (sd_bus_track_count(u
->bus_track
) > 0)
406 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
407 switch (u
->collect_mode
) {
409 case COLLECT_INACTIVE
:
410 if (state
!= UNIT_INACTIVE
)
415 case COLLECT_INACTIVE_OR_FAILED
:
416 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
422 assert_not_reached("Unknown garbage collection mode");
425 if (u
->cgroup_path
) {
426 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
427 * around. Units with active processes should never be collected. */
429 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
431 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", u
->cgroup_path
);
436 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
442 void unit_add_to_load_queue(Unit
*u
) {
444 assert(u
->type
!= _UNIT_TYPE_INVALID
);
446 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
449 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
450 u
->in_load_queue
= true;
453 void unit_add_to_cleanup_queue(Unit
*u
) {
456 if (u
->in_cleanup_queue
)
459 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
460 u
->in_cleanup_queue
= true;
463 void unit_add_to_gc_queue(Unit
*u
) {
466 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
472 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
473 u
->in_gc_queue
= true;
476 void unit_add_to_dbus_queue(Unit
*u
) {
478 assert(u
->type
!= _UNIT_TYPE_INVALID
);
480 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
483 /* Shortcut things if nobody cares */
484 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
485 sd_bus_track_count(u
->bus_track
) <= 0 &&
486 set_isempty(u
->manager
->private_buses
)) {
487 u
->sent_dbus_new_signal
= true;
491 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
492 u
->in_dbus_queue
= true;
495 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
498 if (u
->in_stop_when_unneeded_queue
)
501 if (!u
->stop_when_unneeded
)
504 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
507 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
508 u
->in_stop_when_unneeded_queue
= true;
511 static void bidi_set_free(Unit
*u
, Hashmap
*h
) {
518 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
520 HASHMAP_FOREACH_KEY(v
, other
, h
, i
) {
521 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
522 hashmap_remove(other
->dependencies
[d
], u
);
524 unit_add_to_gc_queue(other
);
530 static void unit_remove_transient(Unit
*u
) {
538 if (u
->fragment_path
)
539 (void) unlink(u
->fragment_path
);
541 STRV_FOREACH(i
, u
->dropin_paths
) {
542 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
544 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
548 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
552 /* Only drop transient drop-ins */
553 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
561 static void unit_free_requires_mounts_for(Unit
*u
) {
565 _cleanup_free_
char *path
;
567 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
571 char s
[strlen(path
) + 1];
573 PATH_FOREACH_PREFIX_MORE(s
, path
) {
577 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
581 (void) set_remove(x
, u
);
583 if (set_isempty(x
)) {
584 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
592 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
595 static void unit_done(Unit
*u
) {
604 if (UNIT_VTABLE(u
)->done
)
605 UNIT_VTABLE(u
)->done(u
);
607 ec
= unit_get_exec_context(u
);
609 exec_context_done(ec
);
611 cc
= unit_get_cgroup_context(u
);
613 cgroup_context_done(cc
);
616 void unit_free(Unit
*u
) {
623 if (UNIT_ISSET(u
->slice
)) {
624 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
625 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u
->slice
));
627 /* And make sure the parent is realized again, updating cgroup memberships */
628 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u
->slice
));
631 u
->transient_file
= safe_fclose(u
->transient_file
);
633 if (!MANAGER_IS_RELOADING(u
->manager
))
634 unit_remove_transient(u
);
636 bus_unit_send_removed_signal(u
);
640 unit_dequeue_rewatch_pids(u
);
642 sd_bus_slot_unref(u
->match_bus_slot
);
643 sd_bus_track_unref(u
->bus_track
);
644 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
645 u
->pending_freezer_message
= sd_bus_message_unref(u
->pending_freezer_message
);
647 unit_free_requires_mounts_for(u
);
649 SET_FOREACH(t
, u
->aliases
, i
)
650 hashmap_remove_value(u
->manager
->units
, t
, u
);
652 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
654 if (!sd_id128_is_null(u
->invocation_id
))
655 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
669 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
670 bidi_set_free(u
, u
->dependencies
[d
]);
673 manager_unref_console(u
->manager
);
675 unit_release_cgroup(u
);
677 if (!MANAGER_IS_RELOADING(u
->manager
))
678 unit_unlink_state_files(u
);
680 unit_unref_uid_gid(u
, false);
682 (void) manager_update_failed_units(u
->manager
, u
, false);
683 set_remove(u
->manager
->startup_units
, u
);
685 unit_unwatch_all_pids(u
);
687 unit_ref_unset(&u
->slice
);
688 while (u
->refs_by_target
)
689 unit_ref_unset(u
->refs_by_target
);
691 if (u
->type
!= _UNIT_TYPE_INVALID
)
692 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
694 if (u
->in_load_queue
)
695 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
697 if (u
->in_dbus_queue
)
698 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
701 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
703 if (u
->in_cgroup_realize_queue
)
704 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
706 if (u
->in_cgroup_empty_queue
)
707 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
709 if (u
->in_cleanup_queue
)
710 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
712 if (u
->in_target_deps_queue
)
713 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
715 if (u
->in_stop_when_unneeded_queue
)
716 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
718 safe_close(u
->ip_accounting_ingress_map_fd
);
719 safe_close(u
->ip_accounting_egress_map_fd
);
721 safe_close(u
->ipv4_allow_map_fd
);
722 safe_close(u
->ipv6_allow_map_fd
);
723 safe_close(u
->ipv4_deny_map_fd
);
724 safe_close(u
->ipv6_deny_map_fd
);
726 bpf_program_unref(u
->ip_bpf_ingress
);
727 bpf_program_unref(u
->ip_bpf_ingress_installed
);
728 bpf_program_unref(u
->ip_bpf_egress
);
729 bpf_program_unref(u
->ip_bpf_egress_installed
);
731 set_free(u
->ip_bpf_custom_ingress
);
732 set_free(u
->ip_bpf_custom_egress
);
733 set_free(u
->ip_bpf_custom_ingress_installed
);
734 set_free(u
->ip_bpf_custom_egress_installed
);
736 bpf_program_unref(u
->bpf_device_control_installed
);
738 condition_free_list(u
->conditions
);
739 condition_free_list(u
->asserts
);
741 free(u
->description
);
742 strv_free(u
->documentation
);
743 free(u
->fragment_path
);
744 free(u
->source_path
);
745 strv_free(u
->dropin_paths
);
748 free(u
->job_timeout_reboot_arg
);
751 set_free_free(u
->aliases
);
757 FreezerState
unit_freezer_state(Unit
*u
) {
760 return u
->freezer_state
;
763 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
764 char *values
[1] = {};
769 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
770 STRV_MAKE("frozen"), values
);
774 r
= _FREEZER_STATE_INVALID
;
777 if (streq(values
[0], "0"))
779 else if (streq(values
[0], "1"))
789 UnitActiveState
unit_active_state(Unit
*u
) {
792 if (u
->load_state
== UNIT_MERGED
)
793 return unit_active_state(unit_follow_merge(u
));
795 /* After a reload it might happen that a unit is not correctly
796 * loaded but still has a process around. That's why we won't
797 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
799 return UNIT_VTABLE(u
)->active_state(u
);
802 const char* unit_sub_state_to_string(Unit
*u
) {
805 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
808 static int hashmap_complete_move(Hashmap
**s
, Hashmap
**other
) {
816 return hashmap_move(*s
, *other
);
818 *s
= TAKE_PTR(*other
);
823 static int merge_names(Unit
*u
, Unit
*other
) {
831 r
= unit_add_alias(u
, other
->id
);
835 r
= set_move(u
->aliases
, other
->aliases
);
837 set_remove(u
->aliases
, other
->id
);
842 other
->aliases
= set_free_free(other
->aliases
);
844 SET_FOREACH(name
, u
->aliases
, i
)
845 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
850 static int reserve_dependencies(Unit
*u
, Unit
*other
, UnitDependency d
) {
855 assert(d
< _UNIT_DEPENDENCY_MAX
);
858 * If u does not have this dependency set allocated, there is no need
859 * to reserve anything. In that case other's set will be transferred
860 * as a whole to u by complete_move().
862 if (!u
->dependencies
[d
])
865 /* merge_dependencies() will skip a u-on-u dependency */
866 n_reserve
= hashmap_size(other
->dependencies
[d
]) - !!hashmap_get(other
->dependencies
[d
], u
);
868 return hashmap_reserve(u
->dependencies
[d
], n_reserve
);
871 static void merge_dependencies(Unit
*u
, Unit
*other
, const char *other_id
, UnitDependency d
) {
877 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
881 assert(d
< _UNIT_DEPENDENCY_MAX
);
883 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
884 HASHMAP_FOREACH_KEY(v
, back
, other
->dependencies
[d
], i
)
886 /* Let's now iterate through the dependencies of that dependencies of the other units,
887 * looking for pointers back, and let's fix them up, to instead point to 'u'. */
888 for (UnitDependency k
= 0; k
< _UNIT_DEPENDENCY_MAX
; k
++)
890 /* Do not add dependencies between u and itself. */
891 if (hashmap_remove(back
->dependencies
[k
], other
))
892 maybe_warn_about_dependency(u
, other_id
, k
);
894 UnitDependencyInfo di_u
, di_other
;
896 /* Let's drop this dependency between "back" and "other", and let's create it between
897 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
898 * and any such dependency which might already exist */
900 di_other
.data
= hashmap_get(back
->dependencies
[k
], other
);
902 continue; /* dependency isn't set, let's try the next one */
904 di_u
.data
= hashmap_get(back
->dependencies
[k
], u
);
906 UnitDependencyInfo di_merged
= {
907 .origin_mask
= di_u
.origin_mask
| di_other
.origin_mask
,
908 .destination_mask
= di_u
.destination_mask
| di_other
.destination_mask
,
911 r
= hashmap_remove_and_replace(back
->dependencies
[k
], other
, u
, di_merged
.data
);
913 log_warning_errno(r
, "Failed to remove/replace: back=%s other=%s u=%s: %m", back
->id
, other_id
, u
->id
);
916 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
919 /* Also do not move dependencies on u to itself */
920 back
= hashmap_remove(other
->dependencies
[d
], u
);
922 maybe_warn_about_dependency(u
, other_id
, d
);
924 /* The move cannot fail. The caller must have performed a reservation. */
925 assert_se(hashmap_complete_move(&u
->dependencies
[d
], &other
->dependencies
[d
]) == 0);
927 other
->dependencies
[d
] = hashmap_free(other
->dependencies
[d
]);
930 int unit_merge(Unit
*u
, Unit
*other
) {
931 const char *other_id
= NULL
;
936 assert(u
->manager
== other
->manager
);
937 assert(u
->type
!= _UNIT_TYPE_INVALID
);
939 other
= unit_follow_merge(other
);
944 if (u
->type
!= other
->type
)
947 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
950 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
953 if (!streq_ptr(u
->instance
, other
->instance
))
962 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
966 other_id
= strdupa(other
->id
);
968 /* Make reservations to ensure merge_dependencies() won't fail */
969 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
970 r
= reserve_dependencies(u
, other
, d
);
972 * We don't rollback reservations if we fail. We don't have
973 * a way to undo reservations. A reservation is not a leak.
980 r
= merge_names(u
, other
);
984 /* Redirect all references */
985 while (other
->refs_by_target
)
986 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
988 /* Merge dependencies */
989 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
990 merge_dependencies(u
, other
, other_id
, d
);
992 other
->load_state
= UNIT_MERGED
;
993 other
->merged_into
= u
;
995 /* If there is still some data attached to the other node, we
996 * don't need it anymore, and can free it. */
997 if (other
->load_state
!= UNIT_STUB
)
998 if (UNIT_VTABLE(other
)->done
)
999 UNIT_VTABLE(other
)->done(other
);
1001 unit_add_to_dbus_queue(u
);
1002 unit_add_to_cleanup_queue(other
);
1007 int unit_merge_by_name(Unit
*u
, const char *name
) {
1008 _cleanup_free_
char *s
= NULL
;
1012 /* Either add name to u, or if a unit with name already exists, merge it with u.
1013 * If name is a template, do the same for name@instance, where instance is u's instance. */
1018 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1022 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1029 other
= manager_get_unit(u
->manager
, name
);
1031 return unit_merge(u
, other
);
1033 return unit_add_name(u
, name
);
1036 Unit
* unit_follow_merge(Unit
*u
) {
1039 while (u
->load_state
== UNIT_MERGED
)
1040 assert_se(u
= u
->merged_into
);
1045 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1046 ExecDirectoryType dt
;
1053 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1054 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1059 if (c
->root_directory
) {
1060 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1065 if (c
->root_image
) {
1066 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1071 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1072 if (!u
->manager
->prefix
[dt
])
1075 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1076 _cleanup_free_
char *p
;
1078 p
= path_join(u
->manager
->prefix
[dt
], *dp
);
1082 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1088 if (!MANAGER_IS_SYSTEM(u
->manager
))
1091 /* For the following three directory types we need write access, and /var/ is possibly on the root
1092 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1093 if (!strv_isempty(c
->directories
[EXEC_DIRECTORY_STATE
].paths
) ||
1094 !strv_isempty(c
->directories
[EXEC_DIRECTORY_CACHE
].paths
) ||
1095 !strv_isempty(c
->directories
[EXEC_DIRECTORY_LOGS
].paths
)) {
1096 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1101 if (c
->private_tmp
) {
1104 FOREACH_STRING(p
, "/tmp", "/var/tmp") {
1105 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1110 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1115 if (c
->root_image
) {
1116 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1117 * implicit dependency on udev */
1119 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1124 if (!IN_SET(c
->std_output
,
1125 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1126 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1127 !IN_SET(c
->std_error
,
1128 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1129 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1133 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1136 if (c
->log_namespace
) {
1137 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1139 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1143 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1147 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1151 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1155 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1162 const char *unit_description(Unit
*u
) {
1166 return u
->description
;
1168 return strna(u
->id
);
1171 const char *unit_status_string(Unit
*u
) {
1174 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
&& u
->id
)
1177 return unit_description(u
);
1180 static void print_unit_dependency_mask(FILE *f
, const char *kind
, UnitDependencyMask mask
, bool *space
) {
1182 UnitDependencyMask mask
;
1185 { UNIT_DEPENDENCY_FILE
, "file" },
1186 { UNIT_DEPENDENCY_IMPLICIT
, "implicit" },
1187 { UNIT_DEPENDENCY_DEFAULT
, "default" },
1188 { UNIT_DEPENDENCY_UDEV
, "udev" },
1189 { UNIT_DEPENDENCY_PATH
, "path" },
1190 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT
, "mountinfo-implicit" },
1191 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
, "mountinfo-default" },
1192 { UNIT_DEPENDENCY_PROC_SWAP
, "proc-swap" },
1200 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
1205 if (FLAGS_SET(mask
, table
[i
].mask
)) {
1213 fputs(table
[i
].name
, f
);
1215 mask
&= ~table
[i
].mask
;
1222 void unit_dump(Unit
*u
, FILE *f
, const char *prefix
) {
1225 const char *prefix2
;
1226 char timestamp
[5][FORMAT_TIMESTAMP_MAX
], timespan
[FORMAT_TIMESPAN_MAX
];
1228 _cleanup_set_free_ Set
*following_set
= NULL
;
1234 assert(u
->type
>= 0);
1236 prefix
= strempty(prefix
);
1237 prefix2
= strjoina(prefix
, "\t");
1243 SET_FOREACH(t
, u
->aliases
, i
)
1244 fprintf(f
, "%s\tAlias: %s\n", prefix
, t
);
1247 "%s\tDescription: %s\n"
1248 "%s\tInstance: %s\n"
1249 "%s\tUnit Load State: %s\n"
1250 "%s\tUnit Active State: %s\n"
1251 "%s\tState Change Timestamp: %s\n"
1252 "%s\tInactive Exit Timestamp: %s\n"
1253 "%s\tActive Enter Timestamp: %s\n"
1254 "%s\tActive Exit Timestamp: %s\n"
1255 "%s\tInactive Enter Timestamp: %s\n"
1257 "%s\tNeed Daemon Reload: %s\n"
1258 "%s\tTransient: %s\n"
1259 "%s\tPerpetual: %s\n"
1260 "%s\tGarbage Collection Mode: %s\n"
1263 "%s\tCGroup realized: %s\n",
1264 prefix
, unit_description(u
),
1265 prefix
, strna(u
->instance
),
1266 prefix
, unit_load_state_to_string(u
->load_state
),
1267 prefix
, unit_active_state_to_string(unit_active_state(u
)),
1268 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->state_change_timestamp
.realtime
)),
1269 prefix
, strna(format_timestamp(timestamp
[1], sizeof(timestamp
[1]), u
->inactive_exit_timestamp
.realtime
)),
1270 prefix
, strna(format_timestamp(timestamp
[2], sizeof(timestamp
[2]), u
->active_enter_timestamp
.realtime
)),
1271 prefix
, strna(format_timestamp(timestamp
[3], sizeof(timestamp
[3]), u
->active_exit_timestamp
.realtime
)),
1272 prefix
, strna(format_timestamp(timestamp
[4], sizeof(timestamp
[4]), u
->inactive_enter_timestamp
.realtime
)),
1273 prefix
, yes_no(unit_may_gc(u
)),
1274 prefix
, yes_no(unit_need_daemon_reload(u
)),
1275 prefix
, yes_no(u
->transient
),
1276 prefix
, yes_no(u
->perpetual
),
1277 prefix
, collect_mode_to_string(u
->collect_mode
),
1278 prefix
, strna(unit_slice_name(u
)),
1279 prefix
, strna(u
->cgroup_path
),
1280 prefix
, yes_no(u
->cgroup_realized
));
1282 if (u
->cgroup_realized_mask
!= 0) {
1283 _cleanup_free_
char *s
= NULL
;
1284 (void) cg_mask_to_string(u
->cgroup_realized_mask
, &s
);
1285 fprintf(f
, "%s\tCGroup realized mask: %s\n", prefix
, strnull(s
));
1288 if (u
->cgroup_enabled_mask
!= 0) {
1289 _cleanup_free_
char *s
= NULL
;
1290 (void) cg_mask_to_string(u
->cgroup_enabled_mask
, &s
);
1291 fprintf(f
, "%s\tCGroup enabled mask: %s\n", prefix
, strnull(s
));
1294 m
= unit_get_own_mask(u
);
1296 _cleanup_free_
char *s
= NULL
;
1297 (void) cg_mask_to_string(m
, &s
);
1298 fprintf(f
, "%s\tCGroup own mask: %s\n", prefix
, strnull(s
));
1301 m
= unit_get_members_mask(u
);
1303 _cleanup_free_
char *s
= NULL
;
1304 (void) cg_mask_to_string(m
, &s
);
1305 fprintf(f
, "%s\tCGroup members mask: %s\n", prefix
, strnull(s
));
1308 m
= unit_get_delegate_mask(u
);
1310 _cleanup_free_
char *s
= NULL
;
1311 (void) cg_mask_to_string(m
, &s
);
1312 fprintf(f
, "%s\tCGroup delegate mask: %s\n", prefix
, strnull(s
));
1315 if (!sd_id128_is_null(u
->invocation_id
))
1316 fprintf(f
, "%s\tInvocation ID: " SD_ID128_FORMAT_STR
"\n",
1317 prefix
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
1319 STRV_FOREACH(j
, u
->documentation
)
1320 fprintf(f
, "%s\tDocumentation: %s\n", prefix
, *j
);
1322 following
= unit_following(u
);
1324 fprintf(f
, "%s\tFollowing: %s\n", prefix
, following
->id
);
1326 r
= unit_following_set(u
, &following_set
);
1330 SET_FOREACH(other
, following_set
, i
)
1331 fprintf(f
, "%s\tFollowing Set Member: %s\n", prefix
, other
->id
);
1334 if (u
->fragment_path
)
1335 fprintf(f
, "%s\tFragment Path: %s\n", prefix
, u
->fragment_path
);
1338 fprintf(f
, "%s\tSource Path: %s\n", prefix
, u
->source_path
);
1340 STRV_FOREACH(j
, u
->dropin_paths
)
1341 fprintf(f
, "%s\tDropIn Path: %s\n", prefix
, *j
);
1343 if (u
->failure_action
!= EMERGENCY_ACTION_NONE
)
1344 fprintf(f
, "%s\tFailure Action: %s\n", prefix
, emergency_action_to_string(u
->failure_action
));
1345 if (u
->failure_action_exit_status
>= 0)
1346 fprintf(f
, "%s\tFailure Action Exit Status: %i\n", prefix
, u
->failure_action_exit_status
);
1347 if (u
->success_action
!= EMERGENCY_ACTION_NONE
)
1348 fprintf(f
, "%s\tSuccess Action: %s\n", prefix
, emergency_action_to_string(u
->success_action
));
1349 if (u
->success_action_exit_status
>= 0)
1350 fprintf(f
, "%s\tSuccess Action Exit Status: %i\n", prefix
, u
->success_action_exit_status
);
1352 if (u
->job_timeout
!= USEC_INFINITY
)
1353 fprintf(f
, "%s\tJob Timeout: %s\n", prefix
, format_timespan(timespan
, sizeof(timespan
), u
->job_timeout
, 0));
1355 if (u
->job_timeout_action
!= EMERGENCY_ACTION_NONE
)
1356 fprintf(f
, "%s\tJob Timeout Action: %s\n", prefix
, emergency_action_to_string(u
->job_timeout_action
));
1358 if (u
->job_timeout_reboot_arg
)
1359 fprintf(f
, "%s\tJob Timeout Reboot Argument: %s\n", prefix
, u
->job_timeout_reboot_arg
);
1361 condition_dump_list(u
->conditions
, f
, prefix
, condition_type_to_string
);
1362 condition_dump_list(u
->asserts
, f
, prefix
, assert_type_to_string
);
1364 if (dual_timestamp_is_set(&u
->condition_timestamp
))
1366 "%s\tCondition Timestamp: %s\n"
1367 "%s\tCondition Result: %s\n",
1368 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->condition_timestamp
.realtime
)),
1369 prefix
, yes_no(u
->condition_result
));
1371 if (dual_timestamp_is_set(&u
->assert_timestamp
))
1373 "%s\tAssert Timestamp: %s\n"
1374 "%s\tAssert Result: %s\n",
1375 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->assert_timestamp
.realtime
)),
1376 prefix
, yes_no(u
->assert_result
));
1378 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
1379 UnitDependencyInfo di
;
1382 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
1385 fprintf(f
, "%s\t%s: %s (", prefix
, unit_dependency_to_string(d
), other
->id
);
1387 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1388 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1394 if (!hashmap_isempty(u
->requires_mounts_for
)) {
1395 UnitDependencyInfo di
;
1398 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1401 fprintf(f
, "%s\tRequiresMountsFor: %s (", prefix
, path
);
1403 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1404 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1410 if (u
->load_state
== UNIT_LOADED
) {
1413 "%s\tStopWhenUnneeded: %s\n"
1414 "%s\tRefuseManualStart: %s\n"
1415 "%s\tRefuseManualStop: %s\n"
1416 "%s\tDefaultDependencies: %s\n"
1417 "%s\tOnFailureJobMode: %s\n"
1418 "%s\tIgnoreOnIsolate: %s\n",
1419 prefix
, yes_no(u
->stop_when_unneeded
),
1420 prefix
, yes_no(u
->refuse_manual_start
),
1421 prefix
, yes_no(u
->refuse_manual_stop
),
1422 prefix
, yes_no(u
->default_dependencies
),
1423 prefix
, job_mode_to_string(u
->on_failure_job_mode
),
1424 prefix
, yes_no(u
->ignore_on_isolate
));
1426 if (UNIT_VTABLE(u
)->dump
)
1427 UNIT_VTABLE(u
)->dump(u
, f
, prefix2
);
1429 } else if (u
->load_state
== UNIT_MERGED
)
1431 "%s\tMerged into: %s\n",
1432 prefix
, u
->merged_into
->id
);
1433 else if (u
->load_state
== UNIT_ERROR
)
1434 fprintf(f
, "%s\tLoad Error Code: %s\n", prefix
, strerror_safe(u
->load_error
));
1436 for (n
= sd_bus_track_first(u
->bus_track
); n
; n
= sd_bus_track_next(u
->bus_track
))
1437 fprintf(f
, "%s\tBus Ref: %s\n", prefix
, n
);
1440 job_dump(u
->job
, f
, prefix2
);
1443 job_dump(u
->nop_job
, f
, prefix2
);
1446 /* Common implementation for multiple backends */
1447 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1452 /* Load a .{service,socket,...} file */
1453 r
= unit_load_fragment(u
);
1457 if (u
->load_state
== UNIT_STUB
) {
1458 if (fragment_required
)
1461 u
->load_state
= UNIT_LOADED
;
1464 /* Load drop-in directory data. If u is an alias, we might be reloading the
1465 * target unit needlessly. But we cannot be sure which drops-ins have already
1466 * been loaded and which not, at least without doing complicated book-keeping,
1467 * so let's always reread all drop-ins. */
1468 r
= unit_load_dropin(unit_follow_merge(u
));
1472 if (u
->source_path
) {
1475 if (stat(u
->source_path
, &st
) >= 0)
1476 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1478 u
->source_mtime
= 0;
1484 void unit_add_to_target_deps_queue(Unit
*u
) {
1485 Manager
*m
= u
->manager
;
1489 if (u
->in_target_deps_queue
)
1492 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1493 u
->in_target_deps_queue
= true;
1496 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1500 if (target
->type
!= UNIT_TARGET
)
1503 /* Only add the dependency if both units are loaded, so that
1504 * that loop check below is reliable */
1505 if (u
->load_state
!= UNIT_LOADED
||
1506 target
->load_state
!= UNIT_LOADED
)
1509 /* If either side wants no automatic dependencies, then let's
1511 if (!u
->default_dependencies
||
1512 !target
->default_dependencies
)
1515 /* Don't create loops */
1516 if (hashmap_get(target
->dependencies
[UNIT_BEFORE
], u
))
1519 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1522 static int unit_add_slice_dependencies(Unit
*u
) {
1525 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1528 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1529 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1531 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1533 if (UNIT_ISSET(u
->slice
))
1534 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, UNIT_DEREF(u
->slice
), true, mask
);
1536 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1539 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1542 static int unit_add_mount_dependencies(Unit
*u
) {
1543 UnitDependencyInfo di
;
1550 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1551 char prefix
[strlen(path
) + 1];
1553 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1554 _cleanup_free_
char *p
= NULL
;
1557 r
= unit_name_from_path(prefix
, ".mount", &p
);
1561 m
= manager_get_unit(u
->manager
, p
);
1563 /* Make sure to load the mount unit if
1564 * it exists. If so the dependencies
1565 * on this unit will be added later
1566 * during the loading of the mount
1568 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1574 if (m
->load_state
!= UNIT_LOADED
)
1577 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1581 if (m
->fragment_path
) {
1582 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1592 static int unit_add_startup_units(Unit
*u
) {
1596 c
= unit_get_cgroup_context(u
);
1600 if (c
->startup_cpu_shares
== CGROUP_CPU_SHARES_INVALID
&&
1601 c
->startup_io_weight
== CGROUP_WEIGHT_INVALID
&&
1602 c
->startup_blockio_weight
== CGROUP_BLKIO_WEIGHT_INVALID
)
1605 r
= set_ensure_allocated(&u
->manager
->startup_units
, NULL
);
1609 return set_put(u
->manager
->startup_units
, u
);
1612 int unit_load(Unit
*u
) {
1617 if (u
->in_load_queue
) {
1618 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1619 u
->in_load_queue
= false;
1622 if (u
->type
== _UNIT_TYPE_INVALID
)
1625 if (u
->load_state
!= UNIT_STUB
)
1628 if (u
->transient_file
) {
1629 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1630 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1632 r
= fflush_and_check(u
->transient_file
);
1636 u
->transient_file
= safe_fclose(u
->transient_file
);
1637 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1640 r
= UNIT_VTABLE(u
)->load(u
);
1644 assert(u
->load_state
!= UNIT_STUB
);
1646 if (u
->load_state
== UNIT_LOADED
) {
1647 unit_add_to_target_deps_queue(u
);
1649 r
= unit_add_slice_dependencies(u
);
1653 r
= unit_add_mount_dependencies(u
);
1657 r
= unit_add_startup_units(u
);
1661 if (u
->on_failure_job_mode
== JOB_ISOLATE
&& hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) > 1) {
1662 log_unit_error(u
, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1667 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1668 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1670 /* We finished loading, let's ensure our parents recalculate the members mask */
1671 unit_invalidate_cgroup_members_masks(u
);
1674 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1676 unit_add_to_dbus_queue(unit_follow_merge(u
));
1677 unit_add_to_gc_queue(u
);
1682 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1683 * return ENOEXEC to ensure units are placed in this state after loading */
1685 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1686 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1690 unit_add_to_dbus_queue(u
);
1691 unit_add_to_gc_queue(u
);
1693 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1697 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1702 va_start(ap
, format
);
1704 r
= log_object_internalv(level
, error
, file
, line
, func
,
1705 u
->manager
->unit_log_field
,
1707 u
->manager
->invocation_log_field
,
1708 u
->invocation_id_string
,
1711 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1717 static bool unit_test_condition(Unit
*u
) {
1718 _cleanup_strv_free_
char **env
= NULL
;
1723 dual_timestamp_get(&u
->condition_timestamp
);
1725 r
= manager_get_effective_environment(u
->manager
, &env
);
1727 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1728 u
->condition_result
= CONDITION_ERROR
;
1730 u
->condition_result
= condition_test_list(
1733 condition_type_to_string
,
1737 unit_add_to_dbus_queue(u
);
1738 return u
->condition_result
;
1741 static bool unit_test_assert(Unit
*u
) {
1742 _cleanup_strv_free_
char **env
= NULL
;
1747 dual_timestamp_get(&u
->assert_timestamp
);
1749 r
= manager_get_effective_environment(u
->manager
, &env
);
1751 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1752 u
->assert_result
= CONDITION_ERROR
;
1754 u
->assert_result
= condition_test_list(
1757 assert_type_to_string
,
1761 unit_add_to_dbus_queue(u
);
1762 return u
->assert_result
;
1765 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *unit_status_msg_format
) {
1768 d
= unit_status_string(u
);
1769 if (log_get_show_color())
1770 d
= strjoina(ANSI_HIGHLIGHT
, d
, ANSI_NORMAL
);
1772 DISABLE_WARNING_FORMAT_NONLITERAL
;
1773 manager_status_printf(u
->manager
, status_type
, status
, unit_status_msg_format
, d
);
1777 int unit_test_start_limit(Unit
*u
) {
1782 if (ratelimit_below(&u
->start_ratelimit
)) {
1783 u
->start_limit_hit
= false;
1787 log_unit_warning(u
, "Start request repeated too quickly.");
1788 u
->start_limit_hit
= true;
1790 reason
= strjoina("unit ", u
->id
, " failed");
1792 emergency_action(u
->manager
, u
->start_limit_action
,
1793 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1794 u
->reboot_arg
, -1, reason
);
1799 bool unit_shall_confirm_spawn(Unit
*u
) {
1802 if (manager_is_confirm_spawn_disabled(u
->manager
))
1805 /* For some reasons units remaining in the same process group
1806 * as PID 1 fail to acquire the console even if it's not used
1807 * by any process. So skip the confirmation question for them. */
1808 return !unit_get_exec_context(u
)->same_pgrp
;
1811 static bool unit_verify_deps(Unit
*u
) {
1818 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1819 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1820 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1821 * conjunction with After= as for them any such check would make things entirely racy. */
1823 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], j
) {
1825 if (!hashmap_contains(u
->dependencies
[UNIT_AFTER
], other
))
1828 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1829 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1837 /* Errors that aren't really errors:
1838 * -EALREADY: Unit is already started.
1839 * -ECOMM: Condition failed
1840 * -EAGAIN: An operation is already in progress. Retry later.
1842 * Errors that are real errors:
1843 * -EBADR: This unit type does not support starting.
1844 * -ECANCELED: Start limit hit, too many requests for now
1845 * -EPROTO: Assert failed
1846 * -EINVAL: Unit not loaded
1847 * -EOPNOTSUPP: Unit type not supported
1848 * -ENOLINK: The necessary dependencies are not fulfilled.
1849 * -ESTALE: This unit has been started before and can't be started a second time
1850 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1852 int unit_start(Unit
*u
) {
1853 UnitActiveState state
;
1858 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1859 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1860 * waiting is finished. */
1861 state
= unit_active_state(u
);
1862 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1864 if (state
== UNIT_MAINTENANCE
)
1867 /* Units that aren't loaded cannot be started */
1868 if (u
->load_state
!= UNIT_LOADED
)
1871 /* Refuse starting scope units more than once */
1872 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1875 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1876 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1877 * recheck the condition in that case. */
1878 if (state
!= UNIT_ACTIVATING
&&
1879 !unit_test_condition(u
))
1880 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1882 /* If the asserts failed, fail the entire job */
1883 if (state
!= UNIT_ACTIVATING
&&
1884 !unit_test_assert(u
))
1885 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1887 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1888 * condition checks, so that we rather return condition check errors (which are usually not
1889 * considered a true failure) than "not supported" errors (which are considered a failure).
1891 if (!unit_type_supported(u
->type
))
1894 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1895 * should have taken care of this already, but let's check this here again. After all, our
1896 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1897 if (!unit_verify_deps(u
))
1900 /* Forward to the main object, if we aren't it. */
1901 following
= unit_following(u
);
1903 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1904 return unit_start(following
);
1907 /* If it is stopped, but we cannot start it, then fail */
1908 if (!UNIT_VTABLE(u
)->start
)
1911 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1912 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1913 * waits for a holdoff timer to elapse before it will start again. */
1915 unit_add_to_dbus_queue(u
);
1916 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1918 return UNIT_VTABLE(u
)->start(u
);
1921 bool unit_can_start(Unit
*u
) {
1924 if (u
->load_state
!= UNIT_LOADED
)
1927 if (!unit_type_supported(u
->type
))
1930 /* Scope units may be started only once */
1931 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1934 return !!UNIT_VTABLE(u
)->start
;
1937 bool unit_can_isolate(Unit
*u
) {
1940 return unit_can_start(u
) &&
1945 * -EBADR: This unit type does not support stopping.
1946 * -EALREADY: Unit is already stopped.
1947 * -EAGAIN: An operation is already in progress. Retry later.
1949 int unit_stop(Unit
*u
) {
1950 UnitActiveState state
;
1955 state
= unit_active_state(u
);
1956 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1959 following
= unit_following(u
);
1961 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1962 return unit_stop(following
);
1965 if (!UNIT_VTABLE(u
)->stop
)
1968 unit_add_to_dbus_queue(u
);
1969 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1971 return UNIT_VTABLE(u
)->stop(u
);
1974 bool unit_can_stop(Unit
*u
) {
1977 if (!unit_type_supported(u
->type
))
1983 return !!UNIT_VTABLE(u
)->stop
;
1987 * -EBADR: This unit type does not support reloading.
1988 * -ENOEXEC: Unit is not started.
1989 * -EAGAIN: An operation is already in progress. Retry later.
1991 int unit_reload(Unit
*u
) {
1992 UnitActiveState state
;
1997 if (u
->load_state
!= UNIT_LOADED
)
2000 if (!unit_can_reload(u
))
2003 state
= unit_active_state(u
);
2004 if (state
== UNIT_RELOADING
)
2007 if (state
!= UNIT_ACTIVE
) {
2008 log_unit_warning(u
, "Unit cannot be reloaded because it is inactive.");
2012 following
= unit_following(u
);
2014 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2015 return unit_reload(following
);
2018 unit_add_to_dbus_queue(u
);
2020 if (!UNIT_VTABLE(u
)->reload
) {
2021 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2022 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
2026 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2028 return UNIT_VTABLE(u
)->reload(u
);
2031 bool unit_can_reload(Unit
*u
) {
2034 if (UNIT_VTABLE(u
)->can_reload
)
2035 return UNIT_VTABLE(u
)->can_reload(u
);
2037 if (!hashmap_isempty(u
->dependencies
[UNIT_PROPAGATES_RELOAD_TO
]))
2040 return UNIT_VTABLE(u
)->reload
;
2043 bool unit_is_unneeded(Unit
*u
) {
2044 static const UnitDependency deps
[] = {
2054 if (!u
->stop_when_unneeded
)
2057 /* Don't clean up while the unit is transitioning or is even inactive. */
2058 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
2063 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2068 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2069 * restart, then don't clean this one up. */
2071 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
) {
2075 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2078 if (unit_will_restart(other
))
2086 static void check_unneeded_dependencies(Unit
*u
) {
2088 static const UnitDependency deps
[] = {
2098 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2100 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2105 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
)
2106 unit_submit_to_stop_when_unneeded_queue(other
);
2110 static void unit_check_binds_to(Unit
*u
) {
2111 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2123 if (unit_active_state(u
) != UNIT_ACTIVE
)
2126 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
) {
2130 if (!other
->coldplugged
)
2131 /* We might yet create a job for the other unit… */
2134 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2144 /* If stopping a unit fails continuously we might enter a stop
2145 * loop here, hence stop acting on the service being
2146 * unnecessary after a while. */
2147 if (!ratelimit_below(&u
->auto_stop_ratelimit
)) {
2148 log_unit_warning(u
, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other
->id
);
2153 log_unit_info(u
, "Unit is bound to inactive unit %s. Stopping, too.", other
->id
);
2155 /* A unit we need to run is gone. Sniff. Let's stop this. */
2156 r
= manager_add_job(u
->manager
, JOB_STOP
, u
, JOB_FAIL
, NULL
, &error
, NULL
);
2158 log_unit_warning_errno(u
, r
, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error
, r
));
2161 static void retroactively_start_dependencies(Unit
*u
) {
2167 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2169 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REQUIRES
], i
)
2170 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2171 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2172 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2174 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
)
2175 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2176 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2177 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2179 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_WANTS
], i
)
2180 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2181 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2182 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2184 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTS
], i
)
2185 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2186 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2188 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTED_BY
], i
)
2189 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2190 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2193 static void retroactively_stop_dependencies(Unit
*u
) {
2199 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2201 /* Pull down units which are bound to us recursively if enabled */
2202 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BOUND_BY
], i
)
2203 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2204 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2207 void unit_start_on_failure(Unit
*u
) {
2215 if (hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) <= 0)
2218 log_unit_info(u
, "Triggering OnFailure= dependencies.");
2220 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_ON_FAILURE
], i
) {
2221 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2223 r
= manager_add_job(u
->manager
, JOB_START
, other
, u
->on_failure_job_mode
, NULL
, &error
, NULL
);
2225 log_unit_warning_errno(u
, r
, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error
, r
));
2229 void unit_trigger_notify(Unit
*u
) {
2236 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_TRIGGERED_BY
], i
)
2237 if (UNIT_VTABLE(other
)->trigger_notify
)
2238 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2241 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2242 if (condition_notice
&& log_level
> LOG_NOTICE
)
2244 if (condition_info
&& log_level
> LOG_INFO
)
2249 static int unit_log_resources(Unit
*u
) {
2250 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2251 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2252 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2253 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2254 size_t n_message_parts
= 0, n_iovec
= 0;
2255 char* message_parts
[1 + 2 + 2 + 1], *t
;
2256 nsec_t nsec
= NSEC_INFINITY
;
2257 CGroupIPAccountingMetric m
;
2260 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2261 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2262 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2263 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2264 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2266 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2267 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2268 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2269 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2270 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2275 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2276 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2277 * information and the complete data in structured fields. */
2279 (void) unit_get_cpu_usage(u
, &nsec
);
2280 if (nsec
!= NSEC_INFINITY
) {
2281 char buf
[FORMAT_TIMESPAN_MAX
] = "";
2283 /* Format the CPU time for inclusion in the structured log message */
2284 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2288 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2290 /* Format the CPU time for inclusion in the human language message string */
2291 format_timespan(buf
, sizeof(buf
), nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
);
2292 t
= strjoin("consumed ", buf
, " CPU time");
2298 message_parts
[n_message_parts
++] = t
;
2300 log_level
= raise_level(log_level
,
2301 nsec
> NOTICEWORTHY_CPU_NSEC
,
2302 nsec
> MENTIONWORTHY_CPU_NSEC
);
2305 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2306 char buf
[FORMAT_BYTES_MAX
] = "";
2307 uint64_t value
= UINT64_MAX
;
2309 assert(io_fields
[k
]);
2311 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2312 if (value
== UINT64_MAX
)
2315 have_io_accounting
= true;
2319 /* Format IO accounting data for inclusion in the structured log message */
2320 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2324 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2326 /* Format the IO accounting data for inclusion in the human language message string, but only
2327 * for the bytes counters (and not for the operations counters) */
2328 if (k
== CGROUP_IO_READ_BYTES
) {
2330 rr
= strjoin("read ", format_bytes(buf
, sizeof(buf
), value
), " from disk");
2335 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2337 wr
= strjoin("written ", format_bytes(buf
, sizeof(buf
), value
), " to disk");
2344 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2345 log_level
= raise_level(log_level
,
2346 value
> MENTIONWORTHY_IO_BYTES
,
2347 value
> NOTICEWORTHY_IO_BYTES
);
2350 if (have_io_accounting
) {
2353 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2355 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2360 k
= strdup("no IO");
2366 message_parts
[n_message_parts
++] = k
;
2370 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2371 char buf
[FORMAT_BYTES_MAX
] = "";
2372 uint64_t value
= UINT64_MAX
;
2374 assert(ip_fields
[m
]);
2376 (void) unit_get_ip_accounting(u
, m
, &value
);
2377 if (value
== UINT64_MAX
)
2380 have_ip_accounting
= true;
2384 /* Format IP accounting data for inclusion in the structured log message */
2385 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2389 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2391 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2392 * bytes counters (and not for the packets counters) */
2393 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2395 igress
= strjoin("received ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2400 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2402 egress
= strjoin("sent ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2409 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2410 log_level
= raise_level(log_level
,
2411 value
> MENTIONWORTHY_IP_BYTES
,
2412 value
> NOTICEWORTHY_IP_BYTES
);
2415 if (have_ip_accounting
) {
2418 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2420 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2425 k
= strdup("no IP traffic");
2431 message_parts
[n_message_parts
++] = k
;
2435 /* Is there any accounting data available at all? */
2441 if (n_message_parts
== 0)
2442 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2444 _cleanup_free_
char *joined
;
2446 message_parts
[n_message_parts
] = NULL
;
2448 joined
= strv_join(message_parts
, ", ");
2454 joined
[0] = ascii_toupper(joined
[0]);
2455 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2458 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2459 * and hence don't increase n_iovec for them */
2460 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2461 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2463 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2464 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2466 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2467 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2469 log_struct_iovec(log_level
, iovec
, n_iovec
+ 4);
2473 for (i
= 0; i
< n_message_parts
; i
++)
2474 free(message_parts
[i
]);
2476 for (i
= 0; i
< n_iovec
; i
++)
2477 free(iovec
[i
].iov_base
);
2483 static void unit_update_on_console(Unit
*u
) {
2488 b
= unit_needs_console(u
);
2489 if (u
->on_console
== b
)
2494 manager_ref_console(u
->manager
);
2496 manager_unref_console(u
->manager
);
2499 static void unit_emit_audit_start(Unit
*u
) {
2502 if (u
->type
!= UNIT_SERVICE
)
2505 /* Write audit record if we have just finished starting up */
2506 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2510 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2513 if (u
->type
!= UNIT_SERVICE
)
2517 /* Write audit record if we have just finished shutting down */
2518 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2519 u
->in_audit
= false;
2521 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2522 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2524 if (state
== UNIT_INACTIVE
)
2525 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2529 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2530 bool unexpected
= false;
2535 if (j
->state
== JOB_WAITING
)
2537 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2539 job_add_to_run_queue(j
);
2541 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2542 * hence needs to invalidate jobs. */
2547 case JOB_VERIFY_ACTIVE
:
2549 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2550 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2551 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2554 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2555 if (ns
== UNIT_FAILED
)
2556 result
= JOB_FAILED
;
2557 else if (FLAGS_SET(flags
, UNIT_NOTIFY_SKIP_CONDITION
))
2558 result
= JOB_SKIPPED
;
2562 job_finish_and_invalidate(j
, result
, true, false);
2569 case JOB_RELOAD_OR_START
:
2570 case JOB_TRY_RELOAD
:
2572 if (j
->state
== JOB_RUNNING
) {
2573 if (ns
== UNIT_ACTIVE
)
2574 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2575 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2578 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2579 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2587 case JOB_TRY_RESTART
:
2589 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2590 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2591 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2593 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2599 assert_not_reached("Job type unknown");
2605 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2610 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2611 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2613 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2614 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2615 * remounted this function will be called too! */
2619 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2620 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2621 unit_add_to_dbus_queue(u
);
2623 /* Update timestamps for state changes */
2624 if (!MANAGER_IS_RELOADING(m
)) {
2625 dual_timestamp_get(&u
->state_change_timestamp
);
2627 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2628 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2629 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2630 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2632 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2633 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2634 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2635 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2638 /* Keep track of failed units */
2639 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2641 /* Make sure the cgroup and state files are always removed when we become inactive */
2642 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2643 unit_prune_cgroup(u
);
2644 unit_unlink_state_files(u
);
2647 unit_update_on_console(u
);
2649 if (!MANAGER_IS_RELOADING(m
)) {
2652 /* Let's propagate state changes to the job */
2654 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2658 /* If this state change happened without being requested by a job, then let's retroactively start or
2659 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2660 * additional jobs just because something is already activated. */
2663 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2664 retroactively_start_dependencies(u
);
2665 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2666 retroactively_stop_dependencies(u
);
2669 /* stop unneeded units regardless if going down was expected or not */
2670 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2671 check_unneeded_dependencies(u
);
2673 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2674 log_unit_debug(u
, "Unit entered failed state.");
2676 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2677 unit_start_on_failure(u
);
2680 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2681 /* This unit just finished starting up */
2683 unit_emit_audit_start(u
);
2684 manager_send_unit_plymouth(m
, u
);
2687 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2688 /* This unit just stopped/failed. */
2690 unit_emit_audit_stop(u
, ns
);
2691 unit_log_resources(u
);
2695 manager_recheck_journal(m
);
2696 manager_recheck_dbus(m
);
2698 unit_trigger_notify(u
);
2700 if (!MANAGER_IS_RELOADING(m
)) {
2701 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2702 unit_submit_to_stop_when_unneeded_queue(u
);
2704 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2705 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2706 * without ever entering started.) */
2707 unit_check_binds_to(u
);
2709 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2710 reason
= strjoina("unit ", u
->id
, " failed");
2711 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2712 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2713 reason
= strjoina("unit ", u
->id
, " succeeded");
2714 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2718 unit_add_to_gc_queue(u
);
2721 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2725 assert(pid_is_valid(pid
));
2727 /* Watch a specific PID */
2729 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2730 * opportunity to remove any stalled references to this PID as they can be created
2731 * easily (when watching a process which is not our direct child). */
2733 manager_unwatch_pid(u
->manager
, pid
);
2735 r
= set_ensure_allocated(&u
->pids
, NULL
);
2739 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2743 /* First try, let's add the unit keyed by "pid". */
2744 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2750 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2751 * to an array of Units rather than just a Unit), lists us already. */
2753 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2755 for (; array
[n
]; n
++)
2759 if (found
) /* Found it already? if so, do nothing */
2764 /* Allocate a new array */
2765 new_array
= new(Unit
*, n
+ 2);
2769 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2771 new_array
[n
+1] = NULL
;
2773 /* Add or replace the old array */
2774 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2785 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2792 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2796 assert(pid_is_valid(pid
));
2798 /* First let's drop the unit in case it's keyed as "pid". */
2799 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2801 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2802 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2806 /* Let's iterate through the array, dropping our own entry */
2807 for (n
= 0; array
[n
]; n
++)
2809 array
[m
++] = array
[n
];
2813 /* The array is now empty, remove the entire entry */
2814 assert_se(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2819 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2822 void unit_unwatch_all_pids(Unit
*u
) {
2825 while (!set_isempty(u
->pids
))
2826 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2828 u
->pids
= set_free(u
->pids
);
2831 static void unit_tidy_watch_pids(Unit
*u
) {
2832 pid_t except1
, except2
;
2838 /* Cleans dead PIDs from our list */
2840 except1
= unit_main_pid(u
);
2841 except2
= unit_control_pid(u
);
2843 SET_FOREACH(e
, u
->pids
, i
) {
2844 pid_t pid
= PTR_TO_PID(e
);
2846 if (pid
== except1
|| pid
== except2
)
2849 if (!pid_is_unwaited(pid
))
2850 unit_unwatch_pid(u
, pid
);
2854 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2860 unit_tidy_watch_pids(u
);
2861 unit_watch_all_pids(u
);
2863 /* If the PID set is empty now, then let's finish this off. */
2864 unit_synthesize_cgroup_empty_event(u
);
2869 int unit_enqueue_rewatch_pids(Unit
*u
) {
2874 if (!u
->cgroup_path
)
2877 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2880 if (r
> 0) /* On unified we can use proper notifications */
2883 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2884 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2885 * involves issuing kill(pid, 0) on all processes we watch. */
2887 if (!u
->rewatch_pids_event_source
) {
2888 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2890 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2892 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2894 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2896 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2898 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2900 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2903 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2905 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2910 void unit_dequeue_rewatch_pids(Unit
*u
) {
2914 if (!u
->rewatch_pids_event_source
)
2917 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2919 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2921 u
->rewatch_pids_event_source
= sd_event_source_unref(u
->rewatch_pids_event_source
);
2924 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2926 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2930 case JOB_VERIFY_ACTIVE
:
2933 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2934 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2939 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2940 * external events), hence it makes no sense to permit enqueuing such a request either. */
2941 return !u
->perpetual
;
2944 case JOB_TRY_RESTART
:
2945 return unit_can_stop(u
) && unit_can_start(u
);
2948 case JOB_TRY_RELOAD
:
2949 return unit_can_reload(u
);
2951 case JOB_RELOAD_OR_START
:
2952 return unit_can_reload(u
) && unit_can_start(u
);
2955 assert_not_reached("Invalid job type");
2959 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
) {
2962 /* Only warn about some unit types */
2963 if (!IN_SET(dependency
, UNIT_CONFLICTS
, UNIT_CONFLICTED_BY
, UNIT_BEFORE
, UNIT_AFTER
, UNIT_ON_FAILURE
, UNIT_TRIGGERS
, UNIT_TRIGGERED_BY
))
2966 if (streq_ptr(u
->id
, other
))
2967 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
2969 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other
), u
->id
);
2972 static int unit_add_dependency_hashmap(
2975 UnitDependencyMask origin_mask
,
2976 UnitDependencyMask destination_mask
) {
2978 UnitDependencyInfo info
;
2983 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2984 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2985 assert(origin_mask
> 0 || destination_mask
> 0);
2987 r
= hashmap_ensure_allocated(h
, NULL
);
2991 assert_cc(sizeof(void*) == sizeof(info
));
2993 info
.data
= hashmap_get(*h
, other
);
2995 /* Entry already exists. Add in our mask. */
2997 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
2998 FLAGS_SET(destination_mask
, info
.destination_mask
))
3001 info
.origin_mask
|= origin_mask
;
3002 info
.destination_mask
|= destination_mask
;
3004 r
= hashmap_update(*h
, other
, info
.data
);
3006 info
= (UnitDependencyInfo
) {
3007 .origin_mask
= origin_mask
,
3008 .destination_mask
= destination_mask
,
3011 r
= hashmap_put(*h
, other
, info
.data
);
3019 int unit_add_dependency(
3024 UnitDependencyMask mask
) {
3026 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3027 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3028 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3029 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3030 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3031 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3032 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3033 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3034 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3035 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3036 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3037 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3038 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3039 [UNIT_BEFORE
] = UNIT_AFTER
,
3040 [UNIT_AFTER
] = UNIT_BEFORE
,
3041 [UNIT_ON_FAILURE
] = _UNIT_DEPENDENCY_INVALID
,
3042 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3043 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3044 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3045 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3046 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3047 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3048 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
,
3050 Unit
*original_u
= u
, *original_other
= other
;
3054 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3057 u
= unit_follow_merge(u
);
3058 other
= unit_follow_merge(other
);
3060 /* We won't allow dependencies on ourselves. We will not
3061 * consider them an error however. */
3063 maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
3067 /* Note that ordering a device unit after a unit is permitted since it
3068 * allows to start its job running timeout at a specific time. */
3069 if (d
== UNIT_BEFORE
&& other
->type
== UNIT_DEVICE
) {
3070 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3074 if (d
== UNIT_ON_FAILURE
&& !UNIT_VTABLE(u
)->can_fail
) {
3075 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3079 if (d
== UNIT_TRIGGERS
&& !UNIT_VTABLE(u
)->can_trigger
)
3080 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3081 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3082 if (d
== UNIT_TRIGGERED_BY
&& !UNIT_VTABLE(other
)->can_trigger
)
3083 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3084 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3086 r
= unit_add_dependency_hashmap(u
->dependencies
+ d
, other
, mask
, 0);
3090 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
3091 r
= unit_add_dependency_hashmap(other
->dependencies
+ inverse_table
[d
], u
, 0, mask
);
3096 if (add_reference
) {
3097 r
= unit_add_dependency_hashmap(u
->dependencies
+ UNIT_REFERENCES
, other
, mask
, 0);
3101 r
= unit_add_dependency_hashmap(other
->dependencies
+ UNIT_REFERENCED_BY
, u
, 0, mask
);
3106 unit_add_to_dbus_queue(u
);
3110 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3115 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3119 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3122 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3130 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3137 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3139 _cleanup_free_
char *i
= NULL
;
3141 r
= unit_name_to_prefix(u
->id
, &i
);
3145 r
= unit_name_replace_instance(name
, i
, buf
);
3154 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3155 _cleanup_free_
char *buf
= NULL
;
3162 r
= resolve_template(u
, name
, &buf
, &name
);
3166 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3170 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3173 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3174 _cleanup_free_
char *buf
= NULL
;
3181 r
= resolve_template(u
, name
, &buf
, &name
);
3185 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3189 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3192 int set_unit_path(const char *p
) {
3193 /* This is mostly for debug purposes */
3194 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
3200 char *unit_dbus_path(Unit
*u
) {
3206 return unit_dbus_path_from_name(u
->id
);
3209 char *unit_dbus_path_invocation_id(Unit
*u
) {
3212 if (sd_id128_is_null(u
->invocation_id
))
3215 return unit_dbus_path_from_name(u
->invocation_id_string
);
3218 static int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3223 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3225 if (sd_id128_equal(u
->invocation_id
, id
))
3228 if (!sd_id128_is_null(u
->invocation_id
))
3229 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3231 if (sd_id128_is_null(id
)) {
3236 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3240 u
->invocation_id
= id
;
3241 sd_id128_to_string(id
, u
->invocation_id_string
);
3243 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3250 u
->invocation_id
= SD_ID128_NULL
;
3251 u
->invocation_id_string
[0] = 0;
3255 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3259 /* Sets the unit slice if it has not been set before. Is extra
3260 * careful, to only allow this for units that actually have a
3261 * cgroup context. Also, we don't allow to set this for slices
3262 * (since the parent slice is derived from the name). Make
3263 * sure the unit we set is actually a slice. */
3265 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3268 if (u
->type
== UNIT_SLICE
)
3271 if (unit_active_state(u
) != UNIT_INACTIVE
)
3274 if (slice
->type
!= UNIT_SLICE
)
3277 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3278 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3281 if (UNIT_DEREF(u
->slice
) == slice
)
3284 /* Disallow slice changes if @u is already bound to cgroups */
3285 if (UNIT_ISSET(u
->slice
) && u
->cgroup_realized
)
3288 unit_ref_set(&u
->slice
, u
, slice
);
3292 int unit_set_default_slice(Unit
*u
) {
3293 const char *slice_name
;
3299 if (UNIT_ISSET(u
->slice
))
3303 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3305 /* Implicitly place all instantiated units in their
3306 * own per-template slice */
3308 r
= unit_name_to_prefix(u
->id
, &prefix
);
3312 /* The prefix is already escaped, but it might include
3313 * "-" which has a special meaning for slice units,
3314 * hence escape it here extra. */
3315 escaped
= unit_name_escape(prefix
);
3319 if (MANAGER_IS_SYSTEM(u
->manager
))
3320 slice_name
= strjoina("system-", escaped
, ".slice");
3322 slice_name
= strjoina(escaped
, ".slice");
3325 MANAGER_IS_SYSTEM(u
->manager
) && !unit_has_name(u
, SPECIAL_INIT_SCOPE
)
3326 ? SPECIAL_SYSTEM_SLICE
3327 : SPECIAL_ROOT_SLICE
;
3329 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3333 return unit_set_slice(u
, slice
);
3336 const char *unit_slice_name(Unit
*u
) {
3339 if (!UNIT_ISSET(u
->slice
))
3342 return UNIT_DEREF(u
->slice
)->id
;
3345 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3346 _cleanup_free_
char *t
= NULL
;
3353 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3356 if (unit_has_name(u
, t
))
3359 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3360 assert(r
< 0 || *_found
!= u
);
3364 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3365 const char *new_owner
;
3372 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3374 bus_log_parse_error(r
);
3378 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3379 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3384 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3385 const sd_bus_error
*e
;
3386 const char *new_owner
;
3393 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3395 e
= sd_bus_message_get_error(message
);
3397 if (!sd_bus_error_has_name(e
, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3398 log_unit_error(u
, "Unexpected error response from GetNameOwner(): %s", e
->message
);
3402 r
= sd_bus_message_read(message
, "s", &new_owner
);
3404 return bus_log_parse_error(r
);
3406 assert(!isempty(new_owner
));
3409 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3410 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3415 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3423 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3426 match
= strjoina("type='signal',"
3427 "sender='org.freedesktop.DBus',"
3428 "path='/org/freedesktop/DBus',"
3429 "interface='org.freedesktop.DBus',"
3430 "member='NameOwnerChanged',"
3431 "arg0='", name
, "'");
3433 r
= sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3437 r
= sd_bus_call_method_async(
3439 &u
->get_name_owner_slot
,
3440 "org.freedesktop.DBus",
3441 "/org/freedesktop/DBus",
3442 "org.freedesktop.DBus",
3444 get_name_owner_handler
,
3448 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3452 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3456 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3462 /* Watch a specific name on the bus. We only support one unit
3463 * watching each name for now. */
3465 if (u
->manager
->api_bus
) {
3466 /* If the bus is already available, install the match directly.
3467 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3468 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3470 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3473 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3475 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3476 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3477 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3483 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3487 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3488 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3489 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3492 bool unit_can_serialize(Unit
*u
) {
3495 return UNIT_VTABLE(u
)->serialize
&& UNIT_VTABLE(u
)->deserialize_item
;
3498 static int serialize_cgroup_mask(FILE *f
, const char *key
, CGroupMask mask
) {
3499 _cleanup_free_
char *s
= NULL
;
3508 r
= cg_mask_to_string(mask
, &s
);
3510 return log_error_errno(r
, "Failed to format cgroup mask: %m");
3512 return serialize_item(f
, key
, s
);
3515 static const char *const ip_accounting_metric_field
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
3516 [CGROUP_IP_INGRESS_BYTES
] = "ip-accounting-ingress-bytes",
3517 [CGROUP_IP_INGRESS_PACKETS
] = "ip-accounting-ingress-packets",
3518 [CGROUP_IP_EGRESS_BYTES
] = "ip-accounting-egress-bytes",
3519 [CGROUP_IP_EGRESS_PACKETS
] = "ip-accounting-egress-packets",
3522 static const char *const io_accounting_metric_field_base
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3523 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-base",
3524 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-base",
3525 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-base",
3526 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-base",
3529 static const char *const io_accounting_metric_field_last
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3530 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-last",
3531 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-last",
3532 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-last",
3533 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-last",
3536 int unit_serialize(Unit
*u
, FILE *f
, FDSet
*fds
, bool serialize_jobs
) {
3537 CGroupIPAccountingMetric m
;
3544 if (unit_can_serialize(u
)) {
3545 r
= UNIT_VTABLE(u
)->serialize(u
, f
, fds
);
3550 (void) serialize_dual_timestamp(f
, "state-change-timestamp", &u
->state_change_timestamp
);
3552 (void) serialize_dual_timestamp(f
, "inactive-exit-timestamp", &u
->inactive_exit_timestamp
);
3553 (void) serialize_dual_timestamp(f
, "active-enter-timestamp", &u
->active_enter_timestamp
);
3554 (void) serialize_dual_timestamp(f
, "active-exit-timestamp", &u
->active_exit_timestamp
);
3555 (void) serialize_dual_timestamp(f
, "inactive-enter-timestamp", &u
->inactive_enter_timestamp
);
3557 (void) serialize_dual_timestamp(f
, "condition-timestamp", &u
->condition_timestamp
);
3558 (void) serialize_dual_timestamp(f
, "assert-timestamp", &u
->assert_timestamp
);
3560 if (dual_timestamp_is_set(&u
->condition_timestamp
))
3561 (void) serialize_bool(f
, "condition-result", u
->condition_result
);
3563 if (dual_timestamp_is_set(&u
->assert_timestamp
))
3564 (void) serialize_bool(f
, "assert-result", u
->assert_result
);
3566 (void) serialize_bool(f
, "transient", u
->transient
);
3567 (void) serialize_bool(f
, "in-audit", u
->in_audit
);
3569 (void) serialize_bool(f
, "exported-invocation-id", u
->exported_invocation_id
);
3570 (void) serialize_bool(f
, "exported-log-level-max", u
->exported_log_level_max
);
3571 (void) serialize_bool(f
, "exported-log-extra-fields", u
->exported_log_extra_fields
);
3572 (void) serialize_bool(f
, "exported-log-rate-limit-interval", u
->exported_log_ratelimit_interval
);
3573 (void) serialize_bool(f
, "exported-log-rate-limit-burst", u
->exported_log_ratelimit_burst
);
3575 (void) serialize_item_format(f
, "cpu-usage-base", "%" PRIu64
, u
->cpu_usage_base
);
3576 if (u
->cpu_usage_last
!= NSEC_INFINITY
)
3577 (void) serialize_item_format(f
, "cpu-usage-last", "%" PRIu64
, u
->cpu_usage_last
);
3579 if (u
->oom_kill_last
> 0)
3580 (void) serialize_item_format(f
, "oom-kill-last", "%" PRIu64
, u
->oom_kill_last
);
3582 for (CGroupIOAccountingMetric im
= 0; im
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; im
++) {
3583 (void) serialize_item_format(f
, io_accounting_metric_field_base
[im
], "%" PRIu64
, u
->io_accounting_base
[im
]);
3585 if (u
->io_accounting_last
[im
] != UINT64_MAX
)
3586 (void) serialize_item_format(f
, io_accounting_metric_field_last
[im
], "%" PRIu64
, u
->io_accounting_last
[im
]);
3590 (void) serialize_item(f
, "cgroup", u
->cgroup_path
);
3592 (void) serialize_bool(f
, "cgroup-realized", u
->cgroup_realized
);
3593 (void) serialize_cgroup_mask(f
, "cgroup-realized-mask", u
->cgroup_realized_mask
);
3594 (void) serialize_cgroup_mask(f
, "cgroup-enabled-mask", u
->cgroup_enabled_mask
);
3595 (void) serialize_cgroup_mask(f
, "cgroup-invalidated-mask", u
->cgroup_invalidated_mask
);
3597 if (uid_is_valid(u
->ref_uid
))
3598 (void) serialize_item_format(f
, "ref-uid", UID_FMT
, u
->ref_uid
);
3599 if (gid_is_valid(u
->ref_gid
))
3600 (void) serialize_item_format(f
, "ref-gid", GID_FMT
, u
->ref_gid
);
3602 if (!sd_id128_is_null(u
->invocation_id
))
3603 (void) serialize_item_format(f
, "invocation-id", SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
3605 (void) serialize_item_format(f
, "freezer-state", "%s", freezer_state_to_string(unit_freezer_state(u
)));
3607 bus_track_serialize(u
->bus_track
, f
, "ref");
3609 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
3612 r
= unit_get_ip_accounting(u
, m
, &v
);
3614 (void) serialize_item_format(f
, ip_accounting_metric_field
[m
], "%" PRIu64
, v
);
3617 if (serialize_jobs
) {
3620 job_serialize(u
->job
, f
);
3625 job_serialize(u
->nop_job
, f
);
3634 static int unit_deserialize_job(Unit
*u
, FILE *f
) {
3635 _cleanup_(job_freep
) Job
*j
= NULL
;
3645 r
= job_deserialize(j
, f
);
3649 r
= job_install_deserialized(j
);
3657 int unit_deserialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
3665 _cleanup_free_
char *line
= NULL
;
3670 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3672 return log_error_errno(r
, "Failed to read serialization line: %m");
3673 if (r
== 0) /* eof */
3677 if (isempty(l
)) /* End marker */
3680 k
= strcspn(l
, "=");
3688 if (streq(l
, "job")) {
3690 /* New-style serialized job */
3691 r
= unit_deserialize_job(u
, f
);
3694 } else /* Legacy for pre-44 */
3695 log_unit_warning(u
, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v
);
3697 } else if (streq(l
, "state-change-timestamp")) {
3698 (void) deserialize_dual_timestamp(v
, &u
->state_change_timestamp
);
3700 } else if (streq(l
, "inactive-exit-timestamp")) {
3701 (void) deserialize_dual_timestamp(v
, &u
->inactive_exit_timestamp
);
3703 } else if (streq(l
, "active-enter-timestamp")) {
3704 (void) deserialize_dual_timestamp(v
, &u
->active_enter_timestamp
);
3706 } else if (streq(l
, "active-exit-timestamp")) {
3707 (void) deserialize_dual_timestamp(v
, &u
->active_exit_timestamp
);
3709 } else if (streq(l
, "inactive-enter-timestamp")) {
3710 (void) deserialize_dual_timestamp(v
, &u
->inactive_enter_timestamp
);
3712 } else if (streq(l
, "condition-timestamp")) {
3713 (void) deserialize_dual_timestamp(v
, &u
->condition_timestamp
);
3715 } else if (streq(l
, "assert-timestamp")) {
3716 (void) deserialize_dual_timestamp(v
, &u
->assert_timestamp
);
3718 } else if (streq(l
, "condition-result")) {
3720 r
= parse_boolean(v
);
3722 log_unit_debug(u
, "Failed to parse condition result value %s, ignoring.", v
);
3724 u
->condition_result
= r
;
3728 } else if (streq(l
, "assert-result")) {
3730 r
= parse_boolean(v
);
3732 log_unit_debug(u
, "Failed to parse assert result value %s, ignoring.", v
);
3734 u
->assert_result
= r
;
3738 } else if (streq(l
, "transient")) {
3740 r
= parse_boolean(v
);
3742 log_unit_debug(u
, "Failed to parse transient bool %s, ignoring.", v
);
3748 } else if (streq(l
, "in-audit")) {
3750 r
= parse_boolean(v
);
3752 log_unit_debug(u
, "Failed to parse in-audit bool %s, ignoring.", v
);
3758 } else if (streq(l
, "exported-invocation-id")) {
3760 r
= parse_boolean(v
);
3762 log_unit_debug(u
, "Failed to parse exported invocation ID bool %s, ignoring.", v
);
3764 u
->exported_invocation_id
= r
;
3768 } else if (streq(l
, "exported-log-level-max")) {
3770 r
= parse_boolean(v
);
3772 log_unit_debug(u
, "Failed to parse exported log level max bool %s, ignoring.", v
);
3774 u
->exported_log_level_max
= r
;
3778 } else if (streq(l
, "exported-log-extra-fields")) {
3780 r
= parse_boolean(v
);
3782 log_unit_debug(u
, "Failed to parse exported log extra fields bool %s, ignoring.", v
);
3784 u
->exported_log_extra_fields
= r
;
3788 } else if (streq(l
, "exported-log-rate-limit-interval")) {
3790 r
= parse_boolean(v
);
3792 log_unit_debug(u
, "Failed to parse exported log rate limit interval %s, ignoring.", v
);
3794 u
->exported_log_ratelimit_interval
= r
;
3798 } else if (streq(l
, "exported-log-rate-limit-burst")) {
3800 r
= parse_boolean(v
);
3802 log_unit_debug(u
, "Failed to parse exported log rate limit burst %s, ignoring.", v
);
3804 u
->exported_log_ratelimit_burst
= r
;
3808 } else if (STR_IN_SET(l
, "cpu-usage-base", "cpuacct-usage-base")) {
3810 r
= safe_atou64(v
, &u
->cpu_usage_base
);
3812 log_unit_debug(u
, "Failed to parse CPU usage base %s, ignoring.", v
);
3816 } else if (streq(l
, "cpu-usage-last")) {
3818 r
= safe_atou64(v
, &u
->cpu_usage_last
);
3820 log_unit_debug(u
, "Failed to read CPU usage last %s, ignoring.", v
);
3824 } else if (streq(l
, "oom-kill-last")) {
3826 r
= safe_atou64(v
, &u
->oom_kill_last
);
3828 log_unit_debug(u
, "Failed to read OOM kill last %s, ignoring.", v
);
3832 } else if (streq(l
, "cgroup")) {
3834 r
= unit_set_cgroup_path(u
, v
);
3836 log_unit_debug_errno(u
, r
, "Failed to set cgroup path %s, ignoring: %m", v
);
3838 (void) unit_watch_cgroup(u
);
3839 (void) unit_watch_cgroup_memory(u
);
3842 } else if (streq(l
, "cgroup-realized")) {
3845 b
= parse_boolean(v
);
3847 log_unit_debug(u
, "Failed to parse cgroup-realized bool %s, ignoring.", v
);
3849 u
->cgroup_realized
= b
;
3853 } else if (streq(l
, "cgroup-realized-mask")) {
3855 r
= cg_mask_from_string(v
, &u
->cgroup_realized_mask
);
3857 log_unit_debug(u
, "Failed to parse cgroup-realized-mask %s, ignoring.", v
);
3860 } else if (streq(l
, "cgroup-enabled-mask")) {
3862 r
= cg_mask_from_string(v
, &u
->cgroup_enabled_mask
);
3864 log_unit_debug(u
, "Failed to parse cgroup-enabled-mask %s, ignoring.", v
);
3867 } else if (streq(l
, "cgroup-invalidated-mask")) {
3869 r
= cg_mask_from_string(v
, &u
->cgroup_invalidated_mask
);
3871 log_unit_debug(u
, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v
);
3874 } else if (streq(l
, "ref-uid")) {
3877 r
= parse_uid(v
, &uid
);
3879 log_unit_debug(u
, "Failed to parse referenced UID %s, ignoring.", v
);
3881 unit_ref_uid_gid(u
, uid
, GID_INVALID
);
3885 } else if (streq(l
, "ref-gid")) {
3888 r
= parse_gid(v
, &gid
);
3890 log_unit_debug(u
, "Failed to parse referenced GID %s, ignoring.", v
);
3892 unit_ref_uid_gid(u
, UID_INVALID
, gid
);
3896 } else if (streq(l
, "ref")) {
3898 r
= strv_extend(&u
->deserialized_refs
, v
);
3903 } else if (streq(l
, "invocation-id")) {
3906 r
= sd_id128_from_string(v
, &id
);
3908 log_unit_debug(u
, "Failed to parse invocation id %s, ignoring.", v
);
3910 r
= unit_set_invocation_id(u
, id
);
3912 log_unit_warning_errno(u
, r
, "Failed to set invocation ID for unit: %m");
3916 } else if (streq(l
, "freezer-state")) {
3919 s
= freezer_state_from_string(v
);
3921 log_unit_debug(u
, "Failed to deserialize freezer-state '%s', ignoring.", v
);
3923 u
->freezer_state
= s
;
3928 /* Check if this is an IP accounting metric serialization field */
3929 m
= string_table_lookup(ip_accounting_metric_field
, ELEMENTSOF(ip_accounting_metric_field
), l
);
3933 r
= safe_atou64(v
, &c
);
3935 log_unit_debug(u
, "Failed to parse IP accounting value %s, ignoring.", v
);
3937 u
->ip_accounting_extra
[m
] = c
;
3941 m
= string_table_lookup(io_accounting_metric_field_base
, ELEMENTSOF(io_accounting_metric_field_base
), l
);
3945 r
= safe_atou64(v
, &c
);
3947 log_unit_debug(u
, "Failed to parse IO accounting base value %s, ignoring.", v
);
3949 u
->io_accounting_base
[m
] = c
;
3953 m
= string_table_lookup(io_accounting_metric_field_last
, ELEMENTSOF(io_accounting_metric_field_last
), l
);
3957 r
= safe_atou64(v
, &c
);
3959 log_unit_debug(u
, "Failed to parse IO accounting last value %s, ignoring.", v
);
3961 u
->io_accounting_last
[m
] = c
;
3965 if (unit_can_serialize(u
)) {
3966 r
= exec_runtime_deserialize_compat(u
, l
, v
, fds
);
3968 log_unit_warning(u
, "Failed to deserialize runtime parameter '%s', ignoring.", l
);
3972 /* Returns positive if key was handled by the call */
3976 r
= UNIT_VTABLE(u
)->deserialize_item(u
, l
, v
, fds
);
3978 log_unit_warning(u
, "Failed to deserialize unit parameter '%s', ignoring.", l
);
3982 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3983 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3984 * before 228 where the base for timeouts was not persistent across reboots. */
3986 if (!dual_timestamp_is_set(&u
->state_change_timestamp
))
3987 dual_timestamp_get(&u
->state_change_timestamp
);
3989 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3990 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3991 unit_invalidate_cgroup(u
, _CGROUP_MASK_ALL
);
3992 unit_invalidate_cgroup_bpf(u
);
3997 int unit_deserialize_skip(FILE *f
) {
4001 /* Skip serialized data for this unit. We don't know what it is. */
4004 _cleanup_free_
char *line
= NULL
;
4007 r
= read_line(f
, LONG_LINE_MAX
, &line
);
4009 return log_error_errno(r
, "Failed to read serialization line: %m");
4021 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
4022 _cleanup_free_
char *e
= NULL
;
4028 /* Adds in links to the device node that this unit is based on */
4032 if (!is_device_path(what
))
4035 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
4036 if (!unit_type_supported(UNIT_DEVICE
))
4039 r
= unit_name_from_path(what
, ".device", &e
);
4043 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
4047 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
4048 dep
= UNIT_BINDS_TO
;
4050 return unit_add_two_dependencies(u
, UNIT_AFTER
,
4051 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
4052 device
, true, mask
);
4055 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
4056 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
4064 if (!path_startswith(what
, "/dev/"))
4067 /* If we don't support devices, then also don't bother with blockdev@.target */
4068 if (!unit_type_supported(UNIT_DEVICE
))
4071 r
= unit_name_path_escape(what
, &escaped
);
4075 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
4079 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
4082 int unit_coldplug(Unit
*u
) {
4089 /* Make sure we don't enter a loop, when coldplugging recursively. */
4093 u
->coldplugged
= true;
4095 STRV_FOREACH(i
, u
->deserialized_refs
) {
4096 q
= bus_unit_track_add_name(u
, *i
);
4097 if (q
< 0 && r
>= 0)
4100 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
4102 if (UNIT_VTABLE(u
)->coldplug
) {
4103 q
= UNIT_VTABLE(u
)->coldplug(u
);
4104 if (q
< 0 && r
>= 0)
4108 uj
= u
->job
?: u
->nop_job
;
4110 q
= job_coldplug(uj
);
4111 if (q
< 0 && r
>= 0)
4118 void unit_catchup(Unit
*u
) {
4121 if (UNIT_VTABLE(u
)->catchup
)
4122 UNIT_VTABLE(u
)->catchup(u
);
4125 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
4131 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
4132 * are never out-of-date. */
4133 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
4136 if (stat(path
, &st
) < 0)
4137 /* What, cannot access this anymore? */
4141 /* For masked files check if they are still so */
4142 return !null_or_empty(&st
);
4144 /* For non-empty files check the mtime */
4145 return timespec_load(&st
.st_mtim
) > mtime
;
4150 bool unit_need_daemon_reload(Unit
*u
) {
4151 _cleanup_strv_free_
char **t
= NULL
;
4156 /* For unit files, we allow masking… */
4157 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
4158 u
->load_state
== UNIT_MASKED
))
4161 /* Source paths should not be masked… */
4162 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
4165 if (u
->load_state
== UNIT_LOADED
)
4166 (void) unit_find_dropin_paths(u
, &t
);
4167 if (!strv_equal(u
->dropin_paths
, t
))
4170 /* … any drop-ins that are masked are simply omitted from the list. */
4171 STRV_FOREACH(path
, u
->dropin_paths
)
4172 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
4178 void unit_reset_failed(Unit
*u
) {
4181 if (UNIT_VTABLE(u
)->reset_failed
)
4182 UNIT_VTABLE(u
)->reset_failed(u
);
4184 ratelimit_reset(&u
->start_ratelimit
);
4185 u
->start_limit_hit
= false;
4188 Unit
*unit_following(Unit
*u
) {
4191 if (UNIT_VTABLE(u
)->following
)
4192 return UNIT_VTABLE(u
)->following(u
);
4197 bool unit_stop_pending(Unit
*u
) {
4200 /* This call does check the current state of the unit. It's
4201 * hence useful to be called from state change calls of the
4202 * unit itself, where the state isn't updated yet. This is
4203 * different from unit_inactive_or_pending() which checks both
4204 * the current state and for a queued job. */
4206 return unit_has_job_type(u
, JOB_STOP
);
4209 bool unit_inactive_or_pending(Unit
*u
) {
4212 /* Returns true if the unit is inactive or going down */
4214 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
4217 if (unit_stop_pending(u
))
4223 bool unit_active_or_pending(Unit
*u
) {
4226 /* Returns true if the unit is active or going up */
4228 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
4232 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
4238 bool unit_will_restart_default(Unit
*u
) {
4241 return unit_has_job_type(u
, JOB_START
);
4244 bool unit_will_restart(Unit
*u
) {
4247 if (!UNIT_VTABLE(u
)->will_restart
)
4250 return UNIT_VTABLE(u
)->will_restart(u
);
4253 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
4255 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
4256 assert(SIGNAL_VALID(signo
));
4258 if (!UNIT_VTABLE(u
)->kill
)
4261 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
4264 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
4265 _cleanup_set_free_ Set
*pid_set
= NULL
;
4268 pid_set
= set_new(NULL
);
4272 /* Exclude the main/control pids from being killed via the cgroup */
4274 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
4279 if (control_pid
> 0) {
4280 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
4285 return TAKE_PTR(pid_set
);
4288 int unit_kill_common(
4294 sd_bus_error
*error
) {
4297 bool killed
= false;
4299 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
4301 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
4302 else if (main_pid
== 0)
4303 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
4306 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
4307 if (control_pid
< 0)
4308 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
4309 else if (control_pid
== 0)
4310 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
4313 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4314 if (control_pid
> 0) {
4315 if (kill(control_pid
, signo
) < 0)
4321 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4323 if (kill(main_pid
, signo
) < 0)
4329 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
4330 _cleanup_set_free_ Set
*pid_set
= NULL
;
4333 /* Exclude the main/control pids from being killed via the cgroup */
4334 pid_set
= unit_pid_set(main_pid
, control_pid
);
4338 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, NULL
, NULL
);
4339 if (q
< 0 && !IN_SET(q
, -EAGAIN
, -ESRCH
, -ENOENT
))
4345 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
))
4351 int unit_following_set(Unit
*u
, Set
**s
) {
4355 if (UNIT_VTABLE(u
)->following_set
)
4356 return UNIT_VTABLE(u
)->following_set(u
, s
);
4362 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
4367 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
4368 r
= unit_file_get_state(
4369 u
->manager
->unit_file_scope
,
4372 &u
->unit_file_state
);
4374 u
->unit_file_state
= UNIT_FILE_BAD
;
4377 return u
->unit_file_state
;
4380 int unit_get_unit_file_preset(Unit
*u
) {
4383 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
4384 u
->unit_file_preset
= unit_file_query_preset(
4385 u
->manager
->unit_file_scope
,
4387 basename(u
->fragment_path
),
4390 return u
->unit_file_preset
;
4393 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4399 unit_ref_unset(ref
);
4401 ref
->source
= source
;
4402 ref
->target
= target
;
4403 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4407 void unit_ref_unset(UnitRef
*ref
) {
4413 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4414 * be unreferenced now. */
4415 unit_add_to_gc_queue(ref
->target
);
4417 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4418 ref
->source
= ref
->target
= NULL
;
4421 static int user_from_unit_name(Unit
*u
, char **ret
) {
4423 static const uint8_t hash_key
[] = {
4424 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4425 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4428 _cleanup_free_
char *n
= NULL
;
4431 r
= unit_name_to_prefix(u
->id
, &n
);
4435 if (valid_user_group_name(n
, 0)) {
4440 /* If we can't use the unit name as a user name, then let's hash it and use that */
4441 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4447 int unit_patch_contexts(Unit
*u
) {
4455 /* Patch in the manager defaults into the exec and cgroup
4456 * contexts, _after_ the rest of the settings have been
4459 ec
= unit_get_exec_context(u
);
4461 /* This only copies in the ones that need memory */
4462 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
4463 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4464 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4469 if (MANAGER_IS_USER(u
->manager
) &&
4470 !ec
->working_directory
) {
4472 r
= get_home_dir(&ec
->working_directory
);
4476 /* Allow user services to run, even if the
4477 * home directory is missing */
4478 ec
->working_directory_missing_ok
= true;
4481 if (ec
->private_devices
)
4482 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4484 if (ec
->protect_kernel_modules
)
4485 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4487 if (ec
->protect_kernel_logs
)
4488 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4490 if (ec
->protect_clock
)
4491 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4493 if (ec
->dynamic_user
) {
4495 r
= user_from_unit_name(u
, &ec
->user
);
4501 ec
->group
= strdup(ec
->user
);
4506 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4507 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4510 ec
->private_tmp
= true;
4511 ec
->remove_ipc
= true;
4512 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4513 if (ec
->protect_home
== PROTECT_HOME_NO
)
4514 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4516 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4518 ec
->no_new_privileges
= true;
4519 ec
->restrict_suid_sgid
= true;
4523 cc
= unit_get_cgroup_context(u
);
4526 if (ec
->private_devices
&&
4527 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4528 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4530 if (ec
->root_image
&&
4531 (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
)) {
4533 /* When RootImage= is specified, the following devices are touched. */
4534 r
= cgroup_add_device_allow(cc
, "/dev/loop-control", "rw");
4538 r
= cgroup_add_device_allow(cc
, "block-loop", "rwm");
4542 r
= cgroup_add_device_allow(cc
, "block-blkext", "rwm");
4546 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices */
4547 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "modprobe@loop.service", true, UNIT_DEPENDENCY_FILE
);
4552 if (ec
->protect_clock
) {
4553 r
= cgroup_add_device_allow(cc
, "char-rtc", "r");
4562 ExecContext
*unit_get_exec_context(Unit
*u
) {
4569 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4573 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4576 KillContext
*unit_get_kill_context(Unit
*u
) {
4583 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4587 return (KillContext
*) ((uint8_t*) u
+ offset
);
4590 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4596 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4600 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4603 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4609 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4613 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4616 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4619 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4622 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4623 return u
->manager
->lookup_paths
.transient
;
4625 if (flags
& UNIT_PERSISTENT
)
4626 return u
->manager
->lookup_paths
.persistent_control
;
4628 if (flags
& UNIT_RUNTIME
)
4629 return u
->manager
->lookup_paths
.runtime_control
;
4634 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4640 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4641 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4642 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4643 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4644 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4647 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4648 ret
= specifier_escape(s
);
4655 if (flags
& UNIT_ESCAPE_C
) {
4668 return ret
?: (char*) s
;
4671 return ret
?: strdup(s
);
4674 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4675 _cleanup_free_
char *result
= NULL
;
4676 size_t n
= 0, allocated
= 0;
4679 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4680 * way suitable for ExecStart= stanzas */
4682 STRV_FOREACH(i
, l
) {
4683 _cleanup_free_
char *buf
= NULL
;
4688 p
= unit_escape_setting(*i
, flags
, &buf
);
4692 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4693 if (!GREEDY_REALLOC(result
, allocated
, n
+ a
+ 1))
4707 if (!GREEDY_REALLOC(result
, allocated
, n
+ 1))
4712 return TAKE_PTR(result
);
4715 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4716 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4717 const char *dir
, *wrapped
;
4724 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4727 data
= unit_escape_setting(data
, flags
, &escaped
);
4731 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4732 * previous section header is the same */
4734 if (flags
& UNIT_PRIVATE
) {
4735 if (!UNIT_VTABLE(u
)->private_section
)
4738 if (!u
->transient_file
|| u
->last_section_private
< 0)
4739 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4740 else if (u
->last_section_private
== 0)
4741 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4743 if (!u
->transient_file
|| u
->last_section_private
< 0)
4744 data
= strjoina("[Unit]\n", data
);
4745 else if (u
->last_section_private
> 0)
4746 data
= strjoina("\n[Unit]\n", data
);
4749 if (u
->transient_file
) {
4750 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4751 * write to the transient unit file. */
4752 fputs(data
, u
->transient_file
);
4754 if (!endswith(data
, "\n"))
4755 fputc('\n', u
->transient_file
);
4757 /* Remember which section we wrote this entry to */
4758 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4762 dir
= unit_drop_in_dir(u
, flags
);
4766 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4767 "# or an equivalent operation. Do not edit.\n",
4771 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4775 (void) mkdir_p_label(p
, 0755);
4777 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4778 * recreate the cache after every drop-in we write. */
4779 if (u
->manager
->unit_path_cache
) {
4780 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4785 r
= write_string_file_atomic_label(q
, wrapped
);
4789 r
= strv_push(&u
->dropin_paths
, q
);
4794 strv_uniq(u
->dropin_paths
);
4796 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4801 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4802 _cleanup_free_
char *p
= NULL
;
4810 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4813 va_start(ap
, format
);
4814 r
= vasprintf(&p
, format
, ap
);
4820 return unit_write_setting(u
, flags
, name
, p
);
4823 int unit_make_transient(Unit
*u
) {
4824 _cleanup_free_
char *path
= NULL
;
4829 if (!UNIT_VTABLE(u
)->can_transient
)
4832 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4834 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4838 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4839 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4841 RUN_WITH_UMASK(0022) {
4842 f
= fopen(path
, "we");
4847 safe_fclose(u
->transient_file
);
4848 u
->transient_file
= f
;
4850 free_and_replace(u
->fragment_path
, path
);
4852 u
->source_path
= mfree(u
->source_path
);
4853 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4854 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4856 u
->load_state
= UNIT_STUB
;
4858 u
->transient
= true;
4860 unit_add_to_dbus_queue(u
);
4861 unit_add_to_gc_queue(u
);
4863 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4869 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4870 _cleanup_free_
char *comm
= NULL
;
4872 (void) get_process_comm(pid
, &comm
);
4874 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4875 only, like for example systemd's own PAM stub process. */
4876 if (comm
&& comm
[0] == '(')
4879 log_unit_notice(userdata
,
4880 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4883 signal_to_string(sig
));
4888 static int operation_to_signal(const KillContext
*c
, KillOperation k
, bool *noteworthy
) {
4893 case KILL_TERMINATE
:
4894 case KILL_TERMINATE_AND_LOG
:
4895 *noteworthy
= false;
4896 return c
->kill_signal
;
4899 *noteworthy
= false;
4900 return restart_kill_signal(c
);
4904 return c
->final_kill_signal
;
4908 return c
->watchdog_signal
;
4911 assert_not_reached("KillOperation unknown");
4915 int unit_kill_context(
4921 bool main_pid_alien
) {
4923 bool wait_for_exit
= false, send_sighup
;
4924 cg_kill_log_func_t log_func
= NULL
;
4930 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4931 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4933 if (c
->kill_mode
== KILL_NONE
)
4937 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4939 log_func
= log_kill
;
4943 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4948 log_func(main_pid
, sig
, u
);
4950 r
= kill_and_sigcont(main_pid
, sig
);
4951 if (r
< 0 && r
!= -ESRCH
) {
4952 _cleanup_free_
char *comm
= NULL
;
4953 (void) get_process_comm(main_pid
, &comm
);
4955 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4957 if (!main_pid_alien
)
4958 wait_for_exit
= true;
4960 if (r
!= -ESRCH
&& send_sighup
)
4961 (void) kill(main_pid
, SIGHUP
);
4965 if (control_pid
> 0) {
4967 log_func(control_pid
, sig
, u
);
4969 r
= kill_and_sigcont(control_pid
, sig
);
4970 if (r
< 0 && r
!= -ESRCH
) {
4971 _cleanup_free_
char *comm
= NULL
;
4972 (void) get_process_comm(control_pid
, &comm
);
4974 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4976 wait_for_exit
= true;
4978 if (r
!= -ESRCH
&& send_sighup
)
4979 (void) kill(control_pid
, SIGHUP
);
4983 if (u
->cgroup_path
&&
4984 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4985 _cleanup_set_free_ Set
*pid_set
= NULL
;
4987 /* Exclude the main/control pids from being killed via the cgroup */
4988 pid_set
= unit_pid_set(main_pid
, control_pid
);
4992 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4994 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4998 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4999 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", u
->cgroup_path
);
5003 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
5004 * we are running in a container or if this is a delegation unit, simply because cgroup
5005 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
5006 * of containers it can be confused easily by left-over directories in the cgroup — which
5007 * however should not exist in non-delegated units. On the unified hierarchy that's different,
5008 * there we get proper events. Hence rely on them. */
5010 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
5011 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
5012 wait_for_exit
= true;
5017 pid_set
= unit_pid_set(main_pid
, control_pid
);
5021 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
5030 return wait_for_exit
;
5033 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
5034 _cleanup_free_
char *p
= NULL
;
5035 UnitDependencyInfo di
;
5041 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
5042 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
5043 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
5044 * determine which units to make themselves a dependency of. */
5046 if (!path_is_absolute(path
))
5049 r
= hashmap_ensure_allocated(&u
->requires_mounts_for
, &path_hash_ops
);
5057 path
= path_simplify(p
, true);
5059 if (!path_is_normalized(path
))
5062 if (hashmap_contains(u
->requires_mounts_for
, path
))
5065 di
= (UnitDependencyInfo
) {
5069 r
= hashmap_put(u
->requires_mounts_for
, path
, di
.data
);
5074 char prefix
[strlen(path
) + 1];
5075 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
5078 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
5080 _cleanup_free_
char *q
= NULL
;
5082 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
5094 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
5110 int unit_setup_exec_runtime(Unit
*u
) {
5118 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
5121 /* Check if there already is an ExecRuntime for this unit? */
5122 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
5126 /* Try to get it from somebody else */
5127 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_JOINS_NAMESPACE_OF
], i
) {
5128 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
5133 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
5136 int unit_setup_dynamic_creds(Unit
*u
) {
5138 DynamicCreds
*dcreds
;
5143 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
5145 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
5147 ec
= unit_get_exec_context(u
);
5150 if (!ec
->dynamic_user
)
5153 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
5156 bool unit_type_supported(UnitType t
) {
5157 if (_unlikely_(t
< 0))
5159 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
5162 if (!unit_vtable
[t
]->supported
)
5165 return unit_vtable
[t
]->supported();
5168 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
5174 r
= dir_is_empty(where
);
5175 if (r
> 0 || r
== -ENOTDIR
)
5178 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
5182 log_struct(LOG_NOTICE
,
5183 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5185 LOG_UNIT_INVOCATION_ID(u
),
5186 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
5190 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
5191 _cleanup_free_
char *canonical_where
= NULL
;
5197 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
5199 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
5203 /* We will happily ignore a trailing slash (or any redundant slashes) */
5204 if (path_equal(where
, canonical_where
))
5207 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
5209 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
5211 LOG_UNIT_INVOCATION_ID(u
),
5212 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
5218 bool unit_is_pristine(Unit
*u
) {
5221 /* Check if the unit already exists or is already around,
5222 * in a number of different ways. Note that to cater for unit
5223 * types such as slice, we are generally fine with units that
5224 * are marked UNIT_LOADED even though nothing was actually
5225 * loaded, as those unit types don't require a file on disk. */
5227 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
5230 !strv_isempty(u
->dropin_paths
) ||
5235 pid_t
unit_control_pid(Unit
*u
) {
5238 if (UNIT_VTABLE(u
)->control_pid
)
5239 return UNIT_VTABLE(u
)->control_pid(u
);
5244 pid_t
unit_main_pid(Unit
*u
) {
5247 if (UNIT_VTABLE(u
)->main_pid
)
5248 return UNIT_VTABLE(u
)->main_pid(u
);
5253 static void unit_unref_uid_internal(
5257 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
5261 assert(_manager_unref_uid
);
5263 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
5264 * gid_t are actually the same time, with the same validity rules.
5266 * Drops a reference to UID/GID from a unit. */
5268 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5269 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5271 if (!uid_is_valid(*ref_uid
))
5274 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
5275 *ref_uid
= UID_INVALID
;
5278 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
5279 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
5282 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
5283 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
5286 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
5289 unit_unref_uid(u
, destroy_now
);
5290 unit_unref_gid(u
, destroy_now
);
5293 static int unit_ref_uid_internal(
5298 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
5304 assert(uid_is_valid(uid
));
5305 assert(_manager_ref_uid
);
5307 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5308 * are actually the same type, and have the same validity rules.
5310 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5311 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5314 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5315 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5317 if (*ref_uid
== uid
)
5320 if (uid_is_valid(*ref_uid
)) /* Already set? */
5323 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
5331 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
5332 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
5335 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
5336 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
5339 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
5344 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5346 if (uid_is_valid(uid
)) {
5347 r
= unit_ref_uid(u
, uid
, clean_ipc
);
5352 if (gid_is_valid(gid
)) {
5353 q
= unit_ref_gid(u
, gid
, clean_ipc
);
5356 unit_unref_uid(u
, false);
5362 return r
> 0 || q
> 0;
5365 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
5371 c
= unit_get_exec_context(u
);
5373 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
5375 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5380 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
5385 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5386 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5387 * objects when no service references the UID/GID anymore. */
5389 r
= unit_ref_uid_gid(u
, uid
, gid
);
5391 unit_add_to_dbus_queue(u
);
5394 int unit_acquire_invocation_id(Unit
*u
) {
5400 r
= sd_id128_randomize(&id
);
5402 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5404 r
= unit_set_invocation_id(u
, id
);
5406 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5408 unit_add_to_dbus_queue(u
);
5412 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5418 /* Copy parameters from manager */
5419 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5423 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5424 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5425 p
->prefix
= u
->manager
->prefix
;
5426 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5428 /* Copy parameters from unit */
5429 p
->cgroup_path
= u
->cgroup_path
;
5430 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5435 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5441 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5442 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5444 (void) unit_realize_cgroup(u
);
5446 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5450 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
5451 (void) ignore_signals(SIGPIPE
, -1);
5453 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5455 if (u
->cgroup_path
) {
5456 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5458 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", u
->cgroup_path
);
5466 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, pid_t
*ret_pid
) {
5473 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5477 int ret
= EXIT_SUCCESS
;
5480 STRV_FOREACH(i
, paths
) {
5481 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5483 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5491 r
= unit_watch_pid(u
, pid
, true);
5499 static void unit_update_dependency_mask(Unit
*u
, UnitDependency d
, Unit
*other
, UnitDependencyInfo di
) {
5502 assert(d
< _UNIT_DEPENDENCY_MAX
);
5505 if (di
.origin_mask
== 0 && di
.destination_mask
== 0) {
5506 /* No bit set anymore, let's drop the whole entry */
5507 assert_se(hashmap_remove(u
->dependencies
[d
], other
));
5508 log_unit_debug(u
, "lost dependency %s=%s", unit_dependency_to_string(d
), other
->id
);
5510 /* Mask was reduced, let's update the entry */
5511 assert_se(hashmap_update(u
->dependencies
[d
], other
, di
.data
) == 0);
5514 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5517 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5522 for (UnitDependency d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
5526 UnitDependencyInfo di
;
5532 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
5533 if ((di
.origin_mask
& ~mask
) == di
.origin_mask
)
5535 di
.origin_mask
&= ~mask
;
5536 unit_update_dependency_mask(u
, d
, other
, di
);
5538 /* We updated the dependency from our unit to the other unit now. But most dependencies
5539 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5540 * all dependency types on the other unit and delete all those which point to us and
5541 * have the right mask set. */
5543 for (UnitDependency q
= 0; q
< _UNIT_DEPENDENCY_MAX
; q
++) {
5544 UnitDependencyInfo dj
;
5546 dj
.data
= hashmap_get(other
->dependencies
[q
], u
);
5547 if ((dj
.destination_mask
& ~mask
) == dj
.destination_mask
)
5549 dj
.destination_mask
&= ~mask
;
5551 unit_update_dependency_mask(other
, q
, u
, dj
);
5554 unit_add_to_gc_queue(other
);
5564 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5571 if (MANAGER_IS_SYSTEM(u
->manager
))
5572 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5574 _cleanup_free_
char *user_path
= NULL
;
5575 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5578 p
= strjoin(user_path
, u
->id
);
5588 static int unit_export_invocation_id(Unit
*u
) {
5589 _cleanup_free_
char *p
= NULL
;
5594 if (u
->exported_invocation_id
)
5597 if (sd_id128_is_null(u
->invocation_id
))
5600 r
= unit_get_invocation_path(u
, &p
);
5602 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5604 r
= symlink_atomic(u
->invocation_id_string
, p
);
5606 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5608 u
->exported_invocation_id
= true;
5612 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5620 if (u
->exported_log_level_max
)
5623 if (c
->log_level_max
< 0)
5626 assert(c
->log_level_max
<= 7);
5628 buf
[0] = '0' + c
->log_level_max
;
5631 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5632 r
= symlink_atomic(buf
, p
);
5634 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5636 u
->exported_log_level_max
= true;
5640 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5641 _cleanup_close_
int fd
= -1;
5642 struct iovec
*iovec
;
5650 if (u
->exported_log_extra_fields
)
5653 if (c
->n_log_extra_fields
<= 0)
5656 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5657 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5659 for (i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5660 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5662 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5663 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5666 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5667 pattern
= strjoina(p
, ".XXXXXX");
5669 fd
= mkostemp_safe(pattern
);
5671 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5673 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5675 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5679 (void) fchmod(fd
, 0644);
5681 if (rename(pattern
, p
) < 0) {
5682 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5686 u
->exported_log_extra_fields
= true;
5690 (void) unlink(pattern
);
5694 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5695 _cleanup_free_
char *buf
= NULL
;
5702 if (u
->exported_log_ratelimit_interval
)
5705 if (c
->log_ratelimit_interval_usec
== 0)
5708 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5710 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5713 r
= symlink_atomic(buf
, p
);
5715 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5717 u
->exported_log_ratelimit_interval
= true;
5721 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5722 _cleanup_free_
char *buf
= NULL
;
5729 if (u
->exported_log_ratelimit_burst
)
5732 if (c
->log_ratelimit_burst
== 0)
5735 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5737 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5740 r
= symlink_atomic(buf
, p
);
5742 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5744 u
->exported_log_ratelimit_burst
= true;
5748 void unit_export_state_files(Unit
*u
) {
5749 const ExecContext
*c
;
5756 if (MANAGER_IS_TEST_RUN(u
->manager
))
5759 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5760 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5761 * the IPC system itself and PID 1 also log to the journal.
5763 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5764 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5765 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5766 * namespace at least.
5768 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5769 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5772 (void) unit_export_invocation_id(u
);
5774 if (!MANAGER_IS_SYSTEM(u
->manager
))
5777 c
= unit_get_exec_context(u
);
5779 (void) unit_export_log_level_max(u
, c
);
5780 (void) unit_export_log_extra_fields(u
, c
);
5781 (void) unit_export_log_ratelimit_interval(u
, c
);
5782 (void) unit_export_log_ratelimit_burst(u
, c
);
5786 void unit_unlink_state_files(Unit
*u
) {
5794 /* Undoes the effect of unit_export_state() */
5796 if (u
->exported_invocation_id
) {
5797 _cleanup_free_
char *invocation_path
= NULL
;
5798 int r
= unit_get_invocation_path(u
, &invocation_path
);
5800 (void) unlink(invocation_path
);
5801 u
->exported_invocation_id
= false;
5805 if (!MANAGER_IS_SYSTEM(u
->manager
))
5808 if (u
->exported_log_level_max
) {
5809 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5812 u
->exported_log_level_max
= false;
5815 if (u
->exported_log_extra_fields
) {
5816 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5819 u
->exported_log_extra_fields
= false;
5822 if (u
->exported_log_ratelimit_interval
) {
5823 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5826 u
->exported_log_ratelimit_interval
= false;
5829 if (u
->exported_log_ratelimit_burst
) {
5830 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5833 u
->exported_log_ratelimit_burst
= false;
5837 int unit_prepare_exec(Unit
*u
) {
5842 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5843 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5844 r
= bpf_firewall_load_custom(u
);
5848 /* Prepares everything so that we can fork of a process for this unit */
5850 (void) unit_realize_cgroup(u
);
5852 if (u
->reset_accounting
) {
5853 (void) unit_reset_accounting(u
);
5854 u
->reset_accounting
= false;
5857 unit_export_state_files(u
);
5859 r
= unit_setup_exec_runtime(u
);
5863 r
= unit_setup_dynamic_creds(u
);
5870 static bool ignore_leftover_process(const char *comm
) {
5871 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5874 int unit_log_leftover_process_start(pid_t pid
, int sig
, void *userdata
) {
5875 _cleanup_free_
char *comm
= NULL
;
5877 (void) get_process_comm(pid
, &comm
);
5879 if (ignore_leftover_process(comm
))
5882 /* During start we print a warning */
5884 log_unit_warning(userdata
,
5885 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5886 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5892 int unit_log_leftover_process_stop(pid_t pid
, int sig
, void *userdata
) {
5893 _cleanup_free_
char *comm
= NULL
;
5895 (void) get_process_comm(pid
, &comm
);
5897 if (ignore_leftover_process(comm
))
5900 /* During stop we only print an informational message */
5902 log_unit_info(userdata
,
5903 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5909 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5912 (void) unit_pick_cgroup_path(u
);
5914 if (!u
->cgroup_path
)
5917 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_func
, u
);
5920 bool unit_needs_console(Unit
*u
) {
5922 UnitActiveState state
;
5926 state
= unit_active_state(u
);
5928 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5931 if (UNIT_VTABLE(u
)->needs_console
)
5932 return UNIT_VTABLE(u
)->needs_console(u
);
5934 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5935 ec
= unit_get_exec_context(u
);
5939 return exec_context_may_touch_console(ec
);
5942 const char *unit_label_path(const Unit
*u
) {
5947 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5948 * when validating access checks. */
5950 p
= u
->source_path
?: u
->fragment_path
;
5954 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5955 if (path_equal(p
, "/dev/null"))
5961 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5966 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5967 * and not a kernel thread either */
5969 /* First, a simple range check */
5970 if (!pid_is_valid(pid
))
5971 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5973 /* Some extra safety check */
5974 if (pid
== 1 || pid
== getpid_cached())
5975 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5977 /* Don't even begin to bother with kernel threads */
5978 r
= is_kernel_thread(pid
);
5980 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5982 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5984 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5989 void unit_log_success(Unit
*u
) {
5992 log_struct(LOG_INFO
,
5993 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5995 LOG_UNIT_INVOCATION_ID(u
),
5996 LOG_UNIT_MESSAGE(u
, "Succeeded."));
5999 void unit_log_failure(Unit
*u
, const char *result
) {
6003 log_struct(LOG_WARNING
,
6004 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
6006 LOG_UNIT_INVOCATION_ID(u
),
6007 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
6008 "UNIT_RESULT=%s", result
);
6011 void unit_log_skip(Unit
*u
, const char *result
) {
6015 log_struct(LOG_INFO
,
6016 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
6018 LOG_UNIT_INVOCATION_ID(u
),
6019 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
6020 "UNIT_RESULT=%s", result
);
6023 void unit_log_process_exit(
6026 const char *command
,
6036 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
6037 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
6038 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
6042 else if (code
== CLD_EXITED
)
6045 level
= LOG_WARNING
;
6048 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
6049 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s",
6051 sigchld_code_to_string(code
), status
,
6052 strna(code
== CLD_EXITED
6053 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
6054 : signal_to_string(status
))),
6055 "EXIT_CODE=%s", sigchld_code_to_string(code
),
6056 "EXIT_STATUS=%i", status
,
6057 "COMMAND=%s", strna(command
),
6059 LOG_UNIT_INVOCATION_ID(u
));
6062 int unit_exit_status(Unit
*u
) {
6065 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
6066 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
6067 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
6068 * service process has exited abnormally (signal/coredump). */
6070 if (!UNIT_VTABLE(u
)->exit_status
)
6073 return UNIT_VTABLE(u
)->exit_status(u
);
6076 int unit_failure_action_exit_status(Unit
*u
) {
6081 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
6083 if (u
->failure_action_exit_status
>= 0)
6084 return u
->failure_action_exit_status
;
6086 r
= unit_exit_status(u
);
6087 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6093 int unit_success_action_exit_status(Unit
*u
) {
6098 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
6100 if (u
->success_action_exit_status
>= 0)
6101 return u
->success_action_exit_status
;
6103 r
= unit_exit_status(u
);
6104 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
6110 int unit_test_trigger_loaded(Unit
*u
) {
6113 /* Tests whether the unit to trigger is loaded */
6115 trigger
= UNIT_TRIGGER(u
);
6117 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6118 "Refusing to start, no unit to trigger.");
6119 if (trigger
->load_state
!= UNIT_LOADED
)
6120 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
6121 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
6126 void unit_destroy_runtime_directory(Unit
*u
, const ExecContext
*context
) {
6127 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
||
6128 (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
&& !unit_will_restart(u
)))
6129 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
6132 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
6133 UnitActiveState state
;
6137 /* Special return values:
6139 * -EOPNOTSUPP → cleaning not supported for this unit type
6140 * -EUNATCH → cleaning not defined for this resource type
6141 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
6142 * a job queued or similar
6145 if (!UNIT_VTABLE(u
)->clean
)
6151 if (u
->load_state
!= UNIT_LOADED
)
6157 state
= unit_active_state(u
);
6158 if (!IN_SET(state
, UNIT_INACTIVE
))
6161 return UNIT_VTABLE(u
)->clean(u
, mask
);
6164 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
6167 if (!UNIT_VTABLE(u
)->clean
||
6168 u
->load_state
!= UNIT_LOADED
) {
6173 /* When the clean() method is set, can_clean() really should be set too */
6174 assert(UNIT_VTABLE(u
)->can_clean
);
6176 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
6179 bool unit_can_freeze(Unit
*u
) {
6182 if (UNIT_VTABLE(u
)->can_freeze
)
6183 return UNIT_VTABLE(u
)->can_freeze(u
);
6185 return UNIT_VTABLE(u
)->freeze
;
6188 void unit_frozen(Unit
*u
) {
6191 u
->freezer_state
= FREEZER_FROZEN
;
6193 bus_unit_send_pending_freezer_message(u
);
6196 void unit_thawed(Unit
*u
) {
6199 u
->freezer_state
= FREEZER_RUNNING
;
6201 bus_unit_send_pending_freezer_message(u
);
6204 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
6206 int (*method
)(Unit
*);
6210 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
6212 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
6213 if (!method
|| !cg_freezer_supported())
6219 if (u
->load_state
!= UNIT_LOADED
)
6222 s
= unit_active_state(u
);
6223 if (s
!= UNIT_ACTIVE
)
6226 if (IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
))
6236 int unit_freeze(Unit
*u
) {
6237 return unit_freezer_action(u
, FREEZER_FREEZE
);
6240 int unit_thaw(Unit
*u
) {
6241 return unit_freezer_action(u
, FREEZER_THAW
);
6244 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
6245 int unit_freeze_vtable_common(Unit
*u
) {
6246 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
6249 int unit_thaw_vtable_common(Unit
*u
) {
6250 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
6253 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
6254 [COLLECT_INACTIVE
] = "inactive",
6255 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
6258 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);