]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
path-util: introduce path_simplify()
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/prctl.h>
12 #include <sys/stat.h>
13 #include <unistd.h>
14
15 #include "sd-id128.h"
16 #include "sd-messages.h"
17
18 #include "alloc-util.h"
19 #include "all-units.h"
20 #include "bus-common-errors.h"
21 #include "bus-util.h"
22 #include "cgroup-util.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "fs-util.h"
32 #include "id128-util.h"
33 #include "io-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "macro.h"
38 #include "missing.h"
39 #include "mkdir.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "process-util.h"
43 #include "set.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
46 #include "special.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
52 #include "strv.h"
53 #include "umask-util.h"
54 #include "unit-name.h"
55 #include "unit.h"
56 #include "user-util.h"
57 #include "virt.h"
58
59 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
60 [UNIT_SERVICE] = &service_vtable,
61 [UNIT_SOCKET] = &socket_vtable,
62 [UNIT_TARGET] = &target_vtable,
63 [UNIT_DEVICE] = &device_vtable,
64 [UNIT_MOUNT] = &mount_vtable,
65 [UNIT_AUTOMOUNT] = &automount_vtable,
66 [UNIT_SWAP] = &swap_vtable,
67 [UNIT_TIMER] = &timer_vtable,
68 [UNIT_PATH] = &path_vtable,
69 [UNIT_SLICE] = &slice_vtable,
70 [UNIT_SCOPE] = &scope_vtable,
71 };
72
73 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
74
75 Unit *unit_new(Manager *m, size_t size) {
76 Unit *u;
77
78 assert(m);
79 assert(size >= sizeof(Unit));
80
81 u = malloc0(size);
82 if (!u)
83 return NULL;
84
85 u->names = set_new(&string_hash_ops);
86 if (!u->names)
87 return mfree(u);
88
89 u->manager = m;
90 u->type = _UNIT_TYPE_INVALID;
91 u->default_dependencies = true;
92 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
93 u->unit_file_preset = -1;
94 u->on_failure_job_mode = JOB_REPLACE;
95 u->cgroup_inotify_wd = -1;
96 u->job_timeout = USEC_INFINITY;
97 u->job_running_timeout = USEC_INFINITY;
98 u->ref_uid = UID_INVALID;
99 u->ref_gid = GID_INVALID;
100 u->cpu_usage_last = NSEC_INFINITY;
101 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 static void bidi_set_free(Unit *u, Hashmap *h) {
447 Unit *other;
448 Iterator i;
449 void *v;
450
451 assert(u);
452
453 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
454
455 HASHMAP_FOREACH_KEY(v, other, h, i) {
456 UnitDependency d;
457
458 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
459 hashmap_remove(other->dependencies[d], u);
460
461 unit_add_to_gc_queue(other);
462 }
463
464 hashmap_free(h);
465 }
466
467 static void unit_remove_transient(Unit *u) {
468 char **i;
469
470 assert(u);
471
472 if (!u->transient)
473 return;
474
475 if (u->fragment_path)
476 (void) unlink(u->fragment_path);
477
478 STRV_FOREACH(i, u->dropin_paths) {
479 _cleanup_free_ char *p = NULL, *pp = NULL;
480
481 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
482 if (!p)
483 continue;
484
485 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
486 if (!pp)
487 continue;
488
489 /* Only drop transient drop-ins */
490 if (!path_equal(u->manager->lookup_paths.transient, pp))
491 continue;
492
493 (void) unlink(*i);
494 (void) rmdir(p);
495 }
496 }
497
498 static void unit_free_requires_mounts_for(Unit *u) {
499 assert(u);
500
501 for (;;) {
502 _cleanup_free_ char *path;
503
504 path = hashmap_steal_first_key(u->requires_mounts_for);
505 if (!path)
506 break;
507 else {
508 char s[strlen(path) + 1];
509
510 PATH_FOREACH_PREFIX_MORE(s, path) {
511 char *y;
512 Set *x;
513
514 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
515 if (!x)
516 continue;
517
518 (void) set_remove(x, u);
519
520 if (set_isempty(x)) {
521 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
522 free(y);
523 set_free(x);
524 }
525 }
526 }
527 }
528
529 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
530 }
531
532 static void unit_done(Unit *u) {
533 ExecContext *ec;
534 CGroupContext *cc;
535
536 assert(u);
537
538 if (u->type < 0)
539 return;
540
541 if (UNIT_VTABLE(u)->done)
542 UNIT_VTABLE(u)->done(u);
543
544 ec = unit_get_exec_context(u);
545 if (ec)
546 exec_context_done(ec);
547
548 cc = unit_get_cgroup_context(u);
549 if (cc)
550 cgroup_context_done(cc);
551 }
552
553 void unit_free(Unit *u) {
554 UnitDependency d;
555 Iterator i;
556 char *t;
557
558 if (!u)
559 return;
560
561 u->transient_file = safe_fclose(u->transient_file);
562
563 if (!MANAGER_IS_RELOADING(u->manager))
564 unit_remove_transient(u);
565
566 bus_unit_send_removed_signal(u);
567
568 unit_done(u);
569
570 sd_bus_slot_unref(u->match_bus_slot);
571
572 sd_bus_track_unref(u->bus_track);
573 u->deserialized_refs = strv_free(u->deserialized_refs);
574
575 unit_free_requires_mounts_for(u);
576
577 SET_FOREACH(t, u->names, i)
578 hashmap_remove_value(u->manager->units, t, u);
579
580 if (!sd_id128_is_null(u->invocation_id))
581 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
582
583 if (u->job) {
584 Job *j = u->job;
585 job_uninstall(j);
586 job_free(j);
587 }
588
589 if (u->nop_job) {
590 Job *j = u->nop_job;
591 job_uninstall(j);
592 job_free(j);
593 }
594
595 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
596 bidi_set_free(u, u->dependencies[d]);
597
598 if (u->on_console)
599 manager_unref_console(u->manager);
600
601 unit_release_cgroup(u);
602
603 if (!MANAGER_IS_RELOADING(u->manager))
604 unit_unlink_state_files(u);
605
606 unit_unref_uid_gid(u, false);
607
608 (void) manager_update_failed_units(u->manager, u, false);
609 set_remove(u->manager->startup_units, u);
610
611 unit_unwatch_all_pids(u);
612
613 unit_ref_unset(&u->slice);
614 while (u->refs_by_target)
615 unit_ref_unset(u->refs_by_target);
616
617 if (u->type != _UNIT_TYPE_INVALID)
618 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
619
620 if (u->in_load_queue)
621 LIST_REMOVE(load_queue, u->manager->load_queue, u);
622
623 if (u->in_dbus_queue)
624 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
625
626 if (u->in_gc_queue)
627 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
628
629 if (u->in_cgroup_realize_queue)
630 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
631
632 if (u->in_cgroup_empty_queue)
633 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
634
635 if (u->in_cleanup_queue)
636 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
637
638 if (u->in_target_deps_queue)
639 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
640
641 safe_close(u->ip_accounting_ingress_map_fd);
642 safe_close(u->ip_accounting_egress_map_fd);
643
644 safe_close(u->ipv4_allow_map_fd);
645 safe_close(u->ipv6_allow_map_fd);
646 safe_close(u->ipv4_deny_map_fd);
647 safe_close(u->ipv6_deny_map_fd);
648
649 bpf_program_unref(u->ip_bpf_ingress);
650 bpf_program_unref(u->ip_bpf_ingress_installed);
651 bpf_program_unref(u->ip_bpf_egress);
652 bpf_program_unref(u->ip_bpf_egress_installed);
653
654 condition_free_list(u->conditions);
655 condition_free_list(u->asserts);
656
657 free(u->description);
658 strv_free(u->documentation);
659 free(u->fragment_path);
660 free(u->source_path);
661 strv_free(u->dropin_paths);
662 free(u->instance);
663
664 free(u->job_timeout_reboot_arg);
665
666 set_free_free(u->names);
667
668 free(u->reboot_arg);
669
670 free(u);
671 }
672
673 UnitActiveState unit_active_state(Unit *u) {
674 assert(u);
675
676 if (u->load_state == UNIT_MERGED)
677 return unit_active_state(unit_follow_merge(u));
678
679 /* After a reload it might happen that a unit is not correctly
680 * loaded but still has a process around. That's why we won't
681 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
682
683 return UNIT_VTABLE(u)->active_state(u);
684 }
685
686 const char* unit_sub_state_to_string(Unit *u) {
687 assert(u);
688
689 return UNIT_VTABLE(u)->sub_state_to_string(u);
690 }
691
692 static int set_complete_move(Set **s, Set **other) {
693 assert(s);
694 assert(other);
695
696 if (!other)
697 return 0;
698
699 if (*s)
700 return set_move(*s, *other);
701 else
702 *s = TAKE_PTR(*other);
703
704 return 0;
705 }
706
707 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
708 assert(s);
709 assert(other);
710
711 if (!*other)
712 return 0;
713
714 if (*s)
715 return hashmap_move(*s, *other);
716 else
717 *s = TAKE_PTR(*other);
718
719 return 0;
720 }
721
722 static int merge_names(Unit *u, Unit *other) {
723 char *t;
724 Iterator i;
725 int r;
726
727 assert(u);
728 assert(other);
729
730 r = set_complete_move(&u->names, &other->names);
731 if (r < 0)
732 return r;
733
734 set_free_free(other->names);
735 other->names = NULL;
736 other->id = NULL;
737
738 SET_FOREACH(t, u->names, i)
739 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
740
741 return 0;
742 }
743
744 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
745 unsigned n_reserve;
746
747 assert(u);
748 assert(other);
749 assert(d < _UNIT_DEPENDENCY_MAX);
750
751 /*
752 * If u does not have this dependency set allocated, there is no need
753 * to reserve anything. In that case other's set will be transferred
754 * as a whole to u by complete_move().
755 */
756 if (!u->dependencies[d])
757 return 0;
758
759 /* merge_dependencies() will skip a u-on-u dependency */
760 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
761
762 return hashmap_reserve(u->dependencies[d], n_reserve);
763 }
764
765 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
766 Iterator i;
767 Unit *back;
768 void *v;
769 int r;
770
771 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
772
773 assert(u);
774 assert(other);
775 assert(d < _UNIT_DEPENDENCY_MAX);
776
777 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
778 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
779 UnitDependency k;
780
781 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
782 * pointers back, and let's fix them up, to instead point to 'u'. */
783
784 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
785 if (back == u) {
786 /* Do not add dependencies between u and itself. */
787 if (hashmap_remove(back->dependencies[k], other))
788 maybe_warn_about_dependency(u, other_id, k);
789 } else {
790 UnitDependencyInfo di_u, di_other, di_merged;
791
792 /* Let's drop this dependency between "back" and "other", and let's create it between
793 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
794 * and any such dependency which might already exist */
795
796 di_other.data = hashmap_get(back->dependencies[k], other);
797 if (!di_other.data)
798 continue; /* dependency isn't set, let's try the next one */
799
800 di_u.data = hashmap_get(back->dependencies[k], u);
801
802 di_merged = (UnitDependencyInfo) {
803 .origin_mask = di_u.origin_mask | di_other.origin_mask,
804 .destination_mask = di_u.destination_mask | di_other.destination_mask,
805 };
806
807 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
808 if (r < 0)
809 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
810 assert(r >= 0);
811
812 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
813 }
814 }
815
816 }
817
818 /* Also do not move dependencies on u to itself */
819 back = hashmap_remove(other->dependencies[d], u);
820 if (back)
821 maybe_warn_about_dependency(u, other_id, d);
822
823 /* The move cannot fail. The caller must have performed a reservation. */
824 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
825
826 other->dependencies[d] = hashmap_free(other->dependencies[d]);
827 }
828
829 int unit_merge(Unit *u, Unit *other) {
830 UnitDependency d;
831 const char *other_id = NULL;
832 int r;
833
834 assert(u);
835 assert(other);
836 assert(u->manager == other->manager);
837 assert(u->type != _UNIT_TYPE_INVALID);
838
839 other = unit_follow_merge(other);
840
841 if (other == u)
842 return 0;
843
844 if (u->type != other->type)
845 return -EINVAL;
846
847 if (!u->instance != !other->instance)
848 return -EINVAL;
849
850 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
851 return -EEXIST;
852
853 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
854 return -EEXIST;
855
856 if (other->job)
857 return -EEXIST;
858
859 if (other->nop_job)
860 return -EEXIST;
861
862 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
863 return -EEXIST;
864
865 if (other->id)
866 other_id = strdupa(other->id);
867
868 /* Make reservations to ensure merge_dependencies() won't fail */
869 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
870 r = reserve_dependencies(u, other, d);
871 /*
872 * We don't rollback reservations if we fail. We don't have
873 * a way to undo reservations. A reservation is not a leak.
874 */
875 if (r < 0)
876 return r;
877 }
878
879 /* Merge names */
880 r = merge_names(u, other);
881 if (r < 0)
882 return r;
883
884 /* Redirect all references */
885 while (other->refs_by_target)
886 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
887
888 /* Merge dependencies */
889 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
890 merge_dependencies(u, other, other_id, d);
891
892 other->load_state = UNIT_MERGED;
893 other->merged_into = u;
894
895 /* If there is still some data attached to the other node, we
896 * don't need it anymore, and can free it. */
897 if (other->load_state != UNIT_STUB)
898 if (UNIT_VTABLE(other)->done)
899 UNIT_VTABLE(other)->done(other);
900
901 unit_add_to_dbus_queue(u);
902 unit_add_to_cleanup_queue(other);
903
904 return 0;
905 }
906
907 int unit_merge_by_name(Unit *u, const char *name) {
908 _cleanup_free_ char *s = NULL;
909 Unit *other;
910 int r;
911
912 assert(u);
913 assert(name);
914
915 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
916 if (!u->instance)
917 return -EINVAL;
918
919 r = unit_name_replace_instance(name, u->instance, &s);
920 if (r < 0)
921 return r;
922
923 name = s;
924 }
925
926 other = manager_get_unit(u->manager, name);
927 if (other)
928 return unit_merge(u, other);
929
930 return unit_add_name(u, name);
931 }
932
933 Unit* unit_follow_merge(Unit *u) {
934 assert(u);
935
936 while (u->load_state == UNIT_MERGED)
937 assert_se(u = u->merged_into);
938
939 return u;
940 }
941
942 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
943 ExecDirectoryType dt;
944 char **dp;
945 int r;
946
947 assert(u);
948 assert(c);
949
950 if (c->working_directory) {
951 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
952 if (r < 0)
953 return r;
954 }
955
956 if (c->root_directory) {
957 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
958 if (r < 0)
959 return r;
960 }
961
962 if (c->root_image) {
963 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
964 if (r < 0)
965 return r;
966 }
967
968 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
969 if (!u->manager->prefix[dt])
970 continue;
971
972 STRV_FOREACH(dp, c->directories[dt].paths) {
973 _cleanup_free_ char *p;
974
975 p = strjoin(u->manager->prefix[dt], "/", *dp);
976 if (!p)
977 return -ENOMEM;
978
979 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
980 if (r < 0)
981 return r;
982 }
983 }
984
985 if (!MANAGER_IS_SYSTEM(u->manager))
986 return 0;
987
988 if (c->private_tmp) {
989 const char *p;
990
991 FOREACH_STRING(p, "/tmp", "/var/tmp") {
992 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
993 if (r < 0)
994 return r;
995 }
996
997 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
998 if (r < 0)
999 return r;
1000 }
1001
1002 if (!IN_SET(c->std_output,
1003 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1004 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1005 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1006 !IN_SET(c->std_error,
1007 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1008 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1009 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1010 return 0;
1011
1012 /* If syslog or kernel logging is requested, make sure our own
1013 * logging daemon is run first. */
1014
1015 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1016 if (r < 0)
1017 return r;
1018
1019 return 0;
1020 }
1021
1022 const char *unit_description(Unit *u) {
1023 assert(u);
1024
1025 if (u->description)
1026 return u->description;
1027
1028 return strna(u->id);
1029 }
1030
1031 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1032 const struct {
1033 UnitDependencyMask mask;
1034 const char *name;
1035 } table[] = {
1036 { UNIT_DEPENDENCY_FILE, "file" },
1037 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1038 { UNIT_DEPENDENCY_DEFAULT, "default" },
1039 { UNIT_DEPENDENCY_UDEV, "udev" },
1040 { UNIT_DEPENDENCY_PATH, "path" },
1041 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1042 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1043 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1044 };
1045 size_t i;
1046
1047 assert(f);
1048 assert(kind);
1049 assert(space);
1050
1051 for (i = 0; i < ELEMENTSOF(table); i++) {
1052
1053 if (mask == 0)
1054 break;
1055
1056 if ((mask & table[i].mask) == table[i].mask) {
1057 if (*space)
1058 fputc(' ', f);
1059 else
1060 *space = true;
1061
1062 fputs(kind, f);
1063 fputs("-", f);
1064 fputs(table[i].name, f);
1065
1066 mask &= ~table[i].mask;
1067 }
1068 }
1069
1070 assert(mask == 0);
1071 }
1072
1073 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1074 char *t, **j;
1075 UnitDependency d;
1076 Iterator i;
1077 const char *prefix2;
1078 char
1079 timestamp0[FORMAT_TIMESTAMP_MAX],
1080 timestamp1[FORMAT_TIMESTAMP_MAX],
1081 timestamp2[FORMAT_TIMESTAMP_MAX],
1082 timestamp3[FORMAT_TIMESTAMP_MAX],
1083 timestamp4[FORMAT_TIMESTAMP_MAX],
1084 timespan[FORMAT_TIMESPAN_MAX];
1085 Unit *following;
1086 _cleanup_set_free_ Set *following_set = NULL;
1087 const char *n;
1088 CGroupMask m;
1089 int r;
1090
1091 assert(u);
1092 assert(u->type >= 0);
1093
1094 prefix = strempty(prefix);
1095 prefix2 = strjoina(prefix, "\t");
1096
1097 fprintf(f,
1098 "%s-> Unit %s:\n"
1099 "%s\tDescription: %s\n"
1100 "%s\tInstance: %s\n"
1101 "%s\tUnit Load State: %s\n"
1102 "%s\tUnit Active State: %s\n"
1103 "%s\tState Change Timestamp: %s\n"
1104 "%s\tInactive Exit Timestamp: %s\n"
1105 "%s\tActive Enter Timestamp: %s\n"
1106 "%s\tActive Exit Timestamp: %s\n"
1107 "%s\tInactive Enter Timestamp: %s\n"
1108 "%s\tMay GC: %s\n"
1109 "%s\tNeed Daemon Reload: %s\n"
1110 "%s\tTransient: %s\n"
1111 "%s\tPerpetual: %s\n"
1112 "%s\tGarbage Collection Mode: %s\n"
1113 "%s\tSlice: %s\n"
1114 "%s\tCGroup: %s\n"
1115 "%s\tCGroup realized: %s\n",
1116 prefix, u->id,
1117 prefix, unit_description(u),
1118 prefix, strna(u->instance),
1119 prefix, unit_load_state_to_string(u->load_state),
1120 prefix, unit_active_state_to_string(unit_active_state(u)),
1121 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1122 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1123 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1124 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1125 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1126 prefix, yes_no(unit_may_gc(u)),
1127 prefix, yes_no(unit_need_daemon_reload(u)),
1128 prefix, yes_no(u->transient),
1129 prefix, yes_no(u->perpetual),
1130 prefix, collect_mode_to_string(u->collect_mode),
1131 prefix, strna(unit_slice_name(u)),
1132 prefix, strna(u->cgroup_path),
1133 prefix, yes_no(u->cgroup_realized));
1134
1135 if (u->cgroup_realized_mask != 0) {
1136 _cleanup_free_ char *s = NULL;
1137 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1138 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1139 }
1140 if (u->cgroup_enabled_mask != 0) {
1141 _cleanup_free_ char *s = NULL;
1142 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1143 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1144 }
1145 m = unit_get_own_mask(u);
1146 if (m != 0) {
1147 _cleanup_free_ char *s = NULL;
1148 (void) cg_mask_to_string(m, &s);
1149 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1150 }
1151 m = unit_get_members_mask(u);
1152 if (m != 0) {
1153 _cleanup_free_ char *s = NULL;
1154 (void) cg_mask_to_string(m, &s);
1155 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1156 }
1157
1158 SET_FOREACH(t, u->names, i)
1159 fprintf(f, "%s\tName: %s\n", prefix, t);
1160
1161 if (!sd_id128_is_null(u->invocation_id))
1162 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1163 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1164
1165 STRV_FOREACH(j, u->documentation)
1166 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1167
1168 following = unit_following(u);
1169 if (following)
1170 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1171
1172 r = unit_following_set(u, &following_set);
1173 if (r >= 0) {
1174 Unit *other;
1175
1176 SET_FOREACH(other, following_set, i)
1177 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1178 }
1179
1180 if (u->fragment_path)
1181 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1182
1183 if (u->source_path)
1184 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1185
1186 STRV_FOREACH(j, u->dropin_paths)
1187 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1188
1189 if (u->failure_action != EMERGENCY_ACTION_NONE)
1190 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1191 if (u->success_action != EMERGENCY_ACTION_NONE)
1192 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1193
1194 if (u->job_timeout != USEC_INFINITY)
1195 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1196
1197 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1198 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1199
1200 if (u->job_timeout_reboot_arg)
1201 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1202
1203 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1204 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1205
1206 if (dual_timestamp_is_set(&u->condition_timestamp))
1207 fprintf(f,
1208 "%s\tCondition Timestamp: %s\n"
1209 "%s\tCondition Result: %s\n",
1210 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1211 prefix, yes_no(u->condition_result));
1212
1213 if (dual_timestamp_is_set(&u->assert_timestamp))
1214 fprintf(f,
1215 "%s\tAssert Timestamp: %s\n"
1216 "%s\tAssert Result: %s\n",
1217 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1218 prefix, yes_no(u->assert_result));
1219
1220 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1221 UnitDependencyInfo di;
1222 Unit *other;
1223
1224 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1225 bool space = false;
1226
1227 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1228
1229 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1230 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1231
1232 fputs(")\n", f);
1233 }
1234 }
1235
1236 if (!hashmap_isempty(u->requires_mounts_for)) {
1237 UnitDependencyInfo di;
1238 const char *path;
1239
1240 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1241 bool space = false;
1242
1243 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1244
1245 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1246 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1247
1248 fputs(")\n", f);
1249 }
1250 }
1251
1252 if (u->load_state == UNIT_LOADED) {
1253
1254 fprintf(f,
1255 "%s\tStopWhenUnneeded: %s\n"
1256 "%s\tRefuseManualStart: %s\n"
1257 "%s\tRefuseManualStop: %s\n"
1258 "%s\tDefaultDependencies: %s\n"
1259 "%s\tOnFailureJobMode: %s\n"
1260 "%s\tIgnoreOnIsolate: %s\n",
1261 prefix, yes_no(u->stop_when_unneeded),
1262 prefix, yes_no(u->refuse_manual_start),
1263 prefix, yes_no(u->refuse_manual_stop),
1264 prefix, yes_no(u->default_dependencies),
1265 prefix, job_mode_to_string(u->on_failure_job_mode),
1266 prefix, yes_no(u->ignore_on_isolate));
1267
1268 if (UNIT_VTABLE(u)->dump)
1269 UNIT_VTABLE(u)->dump(u, f, prefix2);
1270
1271 } else if (u->load_state == UNIT_MERGED)
1272 fprintf(f,
1273 "%s\tMerged into: %s\n",
1274 prefix, u->merged_into->id);
1275 else if (u->load_state == UNIT_ERROR)
1276 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1277
1278 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1279 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1280
1281 if (u->job)
1282 job_dump(u->job, f, prefix2);
1283
1284 if (u->nop_job)
1285 job_dump(u->nop_job, f, prefix2);
1286 }
1287
1288 /* Common implementation for multiple backends */
1289 int unit_load_fragment_and_dropin(Unit *u) {
1290 int r;
1291
1292 assert(u);
1293
1294 /* Load a .{service,socket,...} file */
1295 r = unit_load_fragment(u);
1296 if (r < 0)
1297 return r;
1298
1299 if (u->load_state == UNIT_STUB)
1300 return -ENOENT;
1301
1302 /* Load drop-in directory data. If u is an alias, we might be reloading the
1303 * target unit needlessly. But we cannot be sure which drops-ins have already
1304 * been loaded and which not, at least without doing complicated book-keeping,
1305 * so let's always reread all drop-ins. */
1306 return unit_load_dropin(unit_follow_merge(u));
1307 }
1308
1309 /* Common implementation for multiple backends */
1310 int unit_load_fragment_and_dropin_optional(Unit *u) {
1311 int r;
1312
1313 assert(u);
1314
1315 /* Same as unit_load_fragment_and_dropin(), but whether
1316 * something can be loaded or not doesn't matter. */
1317
1318 /* Load a .service/.socket/.slice/… file */
1319 r = unit_load_fragment(u);
1320 if (r < 0)
1321 return r;
1322
1323 if (u->load_state == UNIT_STUB)
1324 u->load_state = UNIT_LOADED;
1325
1326 /* Load drop-in directory data */
1327 return unit_load_dropin(unit_follow_merge(u));
1328 }
1329
1330 void unit_add_to_target_deps_queue(Unit *u) {
1331 Manager *m = u->manager;
1332
1333 assert(u);
1334
1335 if (u->in_target_deps_queue)
1336 return;
1337
1338 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1339 u->in_target_deps_queue = true;
1340 }
1341
1342 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1343 assert(u);
1344 assert(target);
1345
1346 if (target->type != UNIT_TARGET)
1347 return 0;
1348
1349 /* Only add the dependency if both units are loaded, so that
1350 * that loop check below is reliable */
1351 if (u->load_state != UNIT_LOADED ||
1352 target->load_state != UNIT_LOADED)
1353 return 0;
1354
1355 /* If either side wants no automatic dependencies, then let's
1356 * skip this */
1357 if (!u->default_dependencies ||
1358 !target->default_dependencies)
1359 return 0;
1360
1361 /* Don't create loops */
1362 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1363 return 0;
1364
1365 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1366 }
1367
1368 static int unit_add_slice_dependencies(Unit *u) {
1369 UnitDependencyMask mask;
1370 assert(u);
1371
1372 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1373 return 0;
1374
1375 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1376 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1377 relationship). */
1378 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1379
1380 if (UNIT_ISSET(u->slice))
1381 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1382
1383 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1384 return 0;
1385
1386 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1387 }
1388
1389 static int unit_add_mount_dependencies(Unit *u) {
1390 UnitDependencyInfo di;
1391 const char *path;
1392 Iterator i;
1393 int r;
1394
1395 assert(u);
1396
1397 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1398 char prefix[strlen(path) + 1];
1399
1400 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1401 _cleanup_free_ char *p = NULL;
1402 Unit *m;
1403
1404 r = unit_name_from_path(prefix, ".mount", &p);
1405 if (r < 0)
1406 return r;
1407
1408 m = manager_get_unit(u->manager, p);
1409 if (!m) {
1410 /* Make sure to load the mount unit if
1411 * it exists. If so the dependencies
1412 * on this unit will be added later
1413 * during the loading of the mount
1414 * unit. */
1415 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1416 continue;
1417 }
1418 if (m == u)
1419 continue;
1420
1421 if (m->load_state != UNIT_LOADED)
1422 continue;
1423
1424 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1425 if (r < 0)
1426 return r;
1427
1428 if (m->fragment_path) {
1429 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1430 if (r < 0)
1431 return r;
1432 }
1433 }
1434 }
1435
1436 return 0;
1437 }
1438
1439 static int unit_add_startup_units(Unit *u) {
1440 CGroupContext *c;
1441 int r;
1442
1443 c = unit_get_cgroup_context(u);
1444 if (!c)
1445 return 0;
1446
1447 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1448 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1449 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1450 return 0;
1451
1452 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1453 if (r < 0)
1454 return r;
1455
1456 return set_put(u->manager->startup_units, u);
1457 }
1458
1459 int unit_load(Unit *u) {
1460 int r;
1461
1462 assert(u);
1463
1464 if (u->in_load_queue) {
1465 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1466 u->in_load_queue = false;
1467 }
1468
1469 if (u->type == _UNIT_TYPE_INVALID)
1470 return -EINVAL;
1471
1472 if (u->load_state != UNIT_STUB)
1473 return 0;
1474
1475 if (u->transient_file) {
1476 r = fflush_and_check(u->transient_file);
1477 if (r < 0)
1478 goto fail;
1479
1480 u->transient_file = safe_fclose(u->transient_file);
1481 u->fragment_mtime = now(CLOCK_REALTIME);
1482 }
1483
1484 if (UNIT_VTABLE(u)->load) {
1485 r = UNIT_VTABLE(u)->load(u);
1486 if (r < 0)
1487 goto fail;
1488 }
1489
1490 if (u->load_state == UNIT_STUB) {
1491 r = -ENOENT;
1492 goto fail;
1493 }
1494
1495 if (u->load_state == UNIT_LOADED) {
1496 unit_add_to_target_deps_queue(u);
1497
1498 r = unit_add_slice_dependencies(u);
1499 if (r < 0)
1500 goto fail;
1501
1502 r = unit_add_mount_dependencies(u);
1503 if (r < 0)
1504 goto fail;
1505
1506 r = unit_add_startup_units(u);
1507 if (r < 0)
1508 goto fail;
1509
1510 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1511 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1512 r = -EINVAL;
1513 goto fail;
1514 }
1515
1516 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1517 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1518
1519 unit_update_cgroup_members_masks(u);
1520 }
1521
1522 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1523
1524 unit_add_to_dbus_queue(unit_follow_merge(u));
1525 unit_add_to_gc_queue(u);
1526
1527 return 0;
1528
1529 fail:
1530 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1531 u->load_error = r;
1532 unit_add_to_dbus_queue(u);
1533 unit_add_to_gc_queue(u);
1534
1535 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1536
1537 return r;
1538 }
1539
1540 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1541 Condition *c;
1542 int triggered = -1;
1543
1544 assert(u);
1545 assert(to_string);
1546
1547 /* If the condition list is empty, then it is true */
1548 if (!first)
1549 return true;
1550
1551 /* Otherwise, if all of the non-trigger conditions apply and
1552 * if any of the trigger conditions apply (unless there are
1553 * none) we return true */
1554 LIST_FOREACH(conditions, c, first) {
1555 int r;
1556
1557 r = condition_test(c);
1558 if (r < 0)
1559 log_unit_warning(u,
1560 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1561 to_string(c->type),
1562 c->trigger ? "|" : "",
1563 c->negate ? "!" : "",
1564 c->parameter);
1565 else
1566 log_unit_debug(u,
1567 "%s=%s%s%s %s.",
1568 to_string(c->type),
1569 c->trigger ? "|" : "",
1570 c->negate ? "!" : "",
1571 c->parameter,
1572 condition_result_to_string(c->result));
1573
1574 if (!c->trigger && r <= 0)
1575 return false;
1576
1577 if (c->trigger && triggered <= 0)
1578 triggered = r > 0;
1579 }
1580
1581 return triggered != 0;
1582 }
1583
1584 static bool unit_condition_test(Unit *u) {
1585 assert(u);
1586
1587 dual_timestamp_get(&u->condition_timestamp);
1588 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1589
1590 return u->condition_result;
1591 }
1592
1593 static bool unit_assert_test(Unit *u) {
1594 assert(u);
1595
1596 dual_timestamp_get(&u->assert_timestamp);
1597 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1598
1599 return u->assert_result;
1600 }
1601
1602 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1603 DISABLE_WARNING_FORMAT_NONLITERAL;
1604 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1605 REENABLE_WARNING;
1606 }
1607
1608 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1609 const char *format;
1610 const UnitStatusMessageFormats *format_table;
1611
1612 assert(u);
1613 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1614
1615 if (t != JOB_RELOAD) {
1616 format_table = &UNIT_VTABLE(u)->status_message_formats;
1617 if (format_table) {
1618 format = format_table->starting_stopping[t == JOB_STOP];
1619 if (format)
1620 return format;
1621 }
1622 }
1623
1624 /* Return generic strings */
1625 if (t == JOB_START)
1626 return "Starting %s.";
1627 else if (t == JOB_STOP)
1628 return "Stopping %s.";
1629 else
1630 return "Reloading %s.";
1631 }
1632
1633 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1634 const char *format;
1635
1636 assert(u);
1637
1638 /* Reload status messages have traditionally not been printed to console. */
1639 if (!IN_SET(t, JOB_START, JOB_STOP))
1640 return;
1641
1642 format = unit_get_status_message_format(u, t);
1643
1644 DISABLE_WARNING_FORMAT_NONLITERAL;
1645 unit_status_printf(u, "", format);
1646 REENABLE_WARNING;
1647 }
1648
1649 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1650 const char *format, *mid;
1651 char buf[LINE_MAX];
1652
1653 assert(u);
1654
1655 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1656 return;
1657
1658 if (log_on_console())
1659 return;
1660
1661 /* We log status messages for all units and all operations. */
1662
1663 format = unit_get_status_message_format(u, t);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1667 REENABLE_WARNING;
1668
1669 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1670 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1671 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1672
1673 /* Note that we deliberately use LOG_MESSAGE() instead of
1674 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1675 * closely what is written to screen using the status output,
1676 * which is supposed the highest level, friendliest output
1677 * possible, which means we should avoid the low-level unit
1678 * name. */
1679 log_struct(LOG_INFO,
1680 LOG_MESSAGE("%s", buf),
1681 LOG_UNIT_ID(u),
1682 LOG_UNIT_INVOCATION_ID(u),
1683 mid,
1684 NULL);
1685 }
1686
1687 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1688 assert(u);
1689 assert(t >= 0);
1690 assert(t < _JOB_TYPE_MAX);
1691
1692 unit_status_log_starting_stopping_reloading(u, t);
1693 unit_status_print_starting_stopping(u, t);
1694 }
1695
1696 int unit_start_limit_test(Unit *u) {
1697 assert(u);
1698
1699 if (ratelimit_below(&u->start_limit)) {
1700 u->start_limit_hit = false;
1701 return 0;
1702 }
1703
1704 log_unit_warning(u, "Start request repeated too quickly.");
1705 u->start_limit_hit = true;
1706
1707 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1708 }
1709
1710 bool unit_shall_confirm_spawn(Unit *u) {
1711 assert(u);
1712
1713 if (manager_is_confirm_spawn_disabled(u->manager))
1714 return false;
1715
1716 /* For some reasons units remaining in the same process group
1717 * as PID 1 fail to acquire the console even if it's not used
1718 * by any process. So skip the confirmation question for them. */
1719 return !unit_get_exec_context(u)->same_pgrp;
1720 }
1721
1722 static bool unit_verify_deps(Unit *u) {
1723 Unit *other;
1724 Iterator j;
1725 void *v;
1726
1727 assert(u);
1728
1729 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1730 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1731 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1732 * conjunction with After= as for them any such check would make things entirely racy. */
1733
1734 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1735
1736 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1737 continue;
1738
1739 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1740 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1741 return false;
1742 }
1743 }
1744
1745 return true;
1746 }
1747
1748 /* Errors:
1749 * -EBADR: This unit type does not support starting.
1750 * -EALREADY: Unit is already started.
1751 * -EAGAIN: An operation is already in progress. Retry later.
1752 * -ECANCELED: Too many requests for now.
1753 * -EPROTO: Assert failed
1754 * -EINVAL: Unit not loaded
1755 * -EOPNOTSUPP: Unit type not supported
1756 * -ENOLINK: The necessary dependencies are not fulfilled.
1757 * -ESTALE: This unit has been started before and can't be started a second time
1758 */
1759 int unit_start(Unit *u) {
1760 UnitActiveState state;
1761 Unit *following;
1762
1763 assert(u);
1764
1765 /* If this is already started, then this will succeed. Note
1766 * that this will even succeed if this unit is not startable
1767 * by the user. This is relied on to detect when we need to
1768 * wait for units and when waiting is finished. */
1769 state = unit_active_state(u);
1770 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1771 return -EALREADY;
1772
1773 /* Units that aren't loaded cannot be started */
1774 if (u->load_state != UNIT_LOADED)
1775 return -EINVAL;
1776
1777 /* Refuse starting scope units more than once */
1778 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1779 return -ESTALE;
1780
1781 /* If the conditions failed, don't do anything at all. If we
1782 * already are activating this call might still be useful to
1783 * speed up activation in case there is some hold-off time,
1784 * but we don't want to recheck the condition in that case. */
1785 if (state != UNIT_ACTIVATING &&
1786 !unit_condition_test(u)) {
1787 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1788 return -EALREADY;
1789 }
1790
1791 /* If the asserts failed, fail the entire job */
1792 if (state != UNIT_ACTIVATING &&
1793 !unit_assert_test(u)) {
1794 log_unit_notice(u, "Starting requested but asserts failed.");
1795 return -EPROTO;
1796 }
1797
1798 /* Units of types that aren't supported cannot be
1799 * started. Note that we do this test only after the condition
1800 * checks, so that we rather return condition check errors
1801 * (which are usually not considered a true failure) than "not
1802 * supported" errors (which are considered a failure).
1803 */
1804 if (!unit_supported(u))
1805 return -EOPNOTSUPP;
1806
1807 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1808 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1809 * effect anymore, due to a reload or due to a failed condition. */
1810 if (!unit_verify_deps(u))
1811 return -ENOLINK;
1812
1813 /* Forward to the main object, if we aren't it. */
1814 following = unit_following(u);
1815 if (following) {
1816 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1817 return unit_start(following);
1818 }
1819
1820 /* If it is stopped, but we cannot start it, then fail */
1821 if (!UNIT_VTABLE(u)->start)
1822 return -EBADR;
1823
1824 /* We don't suppress calls to ->start() here when we are
1825 * already starting, to allow this request to be used as a
1826 * "hurry up" call, for example when the unit is in some "auto
1827 * restart" state where it waits for a holdoff timer to elapse
1828 * before it will start again. */
1829
1830 unit_add_to_dbus_queue(u);
1831
1832 return UNIT_VTABLE(u)->start(u);
1833 }
1834
1835 bool unit_can_start(Unit *u) {
1836 assert(u);
1837
1838 if (u->load_state != UNIT_LOADED)
1839 return false;
1840
1841 if (!unit_supported(u))
1842 return false;
1843
1844 /* Scope units may be started only once */
1845 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1846 return false;
1847
1848 return !!UNIT_VTABLE(u)->start;
1849 }
1850
1851 bool unit_can_isolate(Unit *u) {
1852 assert(u);
1853
1854 return unit_can_start(u) &&
1855 u->allow_isolate;
1856 }
1857
1858 /* Errors:
1859 * -EBADR: This unit type does not support stopping.
1860 * -EALREADY: Unit is already stopped.
1861 * -EAGAIN: An operation is already in progress. Retry later.
1862 */
1863 int unit_stop(Unit *u) {
1864 UnitActiveState state;
1865 Unit *following;
1866
1867 assert(u);
1868
1869 state = unit_active_state(u);
1870 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1871 return -EALREADY;
1872
1873 following = unit_following(u);
1874 if (following) {
1875 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1876 return unit_stop(following);
1877 }
1878
1879 if (!UNIT_VTABLE(u)->stop)
1880 return -EBADR;
1881
1882 unit_add_to_dbus_queue(u);
1883
1884 return UNIT_VTABLE(u)->stop(u);
1885 }
1886
1887 bool unit_can_stop(Unit *u) {
1888 assert(u);
1889
1890 if (!unit_supported(u))
1891 return false;
1892
1893 if (u->perpetual)
1894 return false;
1895
1896 return !!UNIT_VTABLE(u)->stop;
1897 }
1898
1899 /* Errors:
1900 * -EBADR: This unit type does not support reloading.
1901 * -ENOEXEC: Unit is not started.
1902 * -EAGAIN: An operation is already in progress. Retry later.
1903 */
1904 int unit_reload(Unit *u) {
1905 UnitActiveState state;
1906 Unit *following;
1907
1908 assert(u);
1909
1910 if (u->load_state != UNIT_LOADED)
1911 return -EINVAL;
1912
1913 if (!unit_can_reload(u))
1914 return -EBADR;
1915
1916 state = unit_active_state(u);
1917 if (state == UNIT_RELOADING)
1918 return -EALREADY;
1919
1920 if (state != UNIT_ACTIVE) {
1921 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1922 return -ENOEXEC;
1923 }
1924
1925 following = unit_following(u);
1926 if (following) {
1927 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1928 return unit_reload(following);
1929 }
1930
1931 unit_add_to_dbus_queue(u);
1932
1933 if (!UNIT_VTABLE(u)->reload) {
1934 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1935 unit_notify(u, unit_active_state(u), unit_active_state(u), true);
1936 return 0;
1937 }
1938
1939 return UNIT_VTABLE(u)->reload(u);
1940 }
1941
1942 bool unit_can_reload(Unit *u) {
1943 assert(u);
1944
1945 if (UNIT_VTABLE(u)->can_reload)
1946 return UNIT_VTABLE(u)->can_reload(u);
1947
1948 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1949 return true;
1950
1951 return UNIT_VTABLE(u)->reload;
1952 }
1953
1954 static void unit_check_unneeded(Unit *u) {
1955
1956 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1957
1958 static const UnitDependency needed_dependencies[] = {
1959 UNIT_REQUIRED_BY,
1960 UNIT_REQUISITE_OF,
1961 UNIT_WANTED_BY,
1962 UNIT_BOUND_BY,
1963 };
1964
1965 unsigned j;
1966 int r;
1967
1968 assert(u);
1969
1970 /* If this service shall be shut down when unneeded then do
1971 * so. */
1972
1973 if (!u->stop_when_unneeded)
1974 return;
1975
1976 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1977 return;
1978
1979 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1980 Unit *other;
1981 Iterator i;
1982 void *v;
1983
1984 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1985 if (unit_active_or_pending(other) || unit_will_restart(other))
1986 return;
1987 }
1988
1989 /* If stopping a unit fails continuously we might enter a stop
1990 * loop here, hence stop acting on the service being
1991 * unnecessary after a while. */
1992 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1993 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1994 return;
1995 }
1996
1997 log_unit_info(u, "Unit not needed anymore. Stopping.");
1998
1999 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2000 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2001 if (r < 0)
2002 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2003 }
2004
2005 static void unit_check_binds_to(Unit *u) {
2006 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2007 bool stop = false;
2008 Unit *other;
2009 Iterator i;
2010 void *v;
2011 int r;
2012
2013 assert(u);
2014
2015 if (u->job)
2016 return;
2017
2018 if (unit_active_state(u) != UNIT_ACTIVE)
2019 return;
2020
2021 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2022 if (other->job)
2023 continue;
2024
2025 if (!other->coldplugged)
2026 /* We might yet create a job for the other unit… */
2027 continue;
2028
2029 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2030 continue;
2031
2032 stop = true;
2033 break;
2034 }
2035
2036 if (!stop)
2037 return;
2038
2039 /* If stopping a unit fails continuously we might enter a stop
2040 * loop here, hence stop acting on the service being
2041 * unnecessary after a while. */
2042 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2043 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2044 return;
2045 }
2046
2047 assert(other);
2048 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2049
2050 /* A unit we need to run is gone. Sniff. Let's stop this. */
2051 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2052 if (r < 0)
2053 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2054 }
2055
2056 static void retroactively_start_dependencies(Unit *u) {
2057 Iterator i;
2058 Unit *other;
2059 void *v;
2060
2061 assert(u);
2062 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2063
2064 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2065 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2066 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2067 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2068
2069 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2070 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2071 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2072 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2073
2074 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2075 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2076 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2077 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2078
2079 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2080 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2081 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2082
2083 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2084 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2085 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2086 }
2087
2088 static void retroactively_stop_dependencies(Unit *u) {
2089 Unit *other;
2090 Iterator i;
2091 void *v;
2092
2093 assert(u);
2094 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2095
2096 /* Pull down units which are bound to us recursively if enabled */
2097 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2098 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2099 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2100 }
2101
2102 static void check_unneeded_dependencies(Unit *u) {
2103 Unit *other;
2104 Iterator i;
2105 void *v;
2106
2107 assert(u);
2108 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2109
2110 /* Garbage collect services that might not be needed anymore, if enabled */
2111 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2112 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2113 unit_check_unneeded(other);
2114 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2115 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2116 unit_check_unneeded(other);
2117 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2118 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2119 unit_check_unneeded(other);
2120 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2121 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2122 unit_check_unneeded(other);
2123 }
2124
2125 void unit_start_on_failure(Unit *u) {
2126 Unit *other;
2127 Iterator i;
2128 void *v;
2129
2130 assert(u);
2131
2132 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2133 return;
2134
2135 log_unit_info(u, "Triggering OnFailure= dependencies.");
2136
2137 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2138 int r;
2139
2140 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
2141 if (r < 0)
2142 log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
2143 }
2144 }
2145
2146 void unit_trigger_notify(Unit *u) {
2147 Unit *other;
2148 Iterator i;
2149 void *v;
2150
2151 assert(u);
2152
2153 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2154 if (UNIT_VTABLE(other)->trigger_notify)
2155 UNIT_VTABLE(other)->trigger_notify(other, u);
2156 }
2157
2158 static int unit_log_resources(Unit *u) {
2159
2160 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2161 size_t n_message_parts = 0, n_iovec = 0;
2162 char* message_parts[3 + 1], *t;
2163 nsec_t nsec = NSEC_INFINITY;
2164 CGroupIPAccountingMetric m;
2165 size_t i;
2166 int r;
2167 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2168 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2169 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2170 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2171 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2172 };
2173
2174 assert(u);
2175
2176 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2177 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2178 * information and the complete data in structured fields. */
2179
2180 (void) unit_get_cpu_usage(u, &nsec);
2181 if (nsec != NSEC_INFINITY) {
2182 char buf[FORMAT_TIMESPAN_MAX] = "";
2183
2184 /* Format the CPU time for inclusion in the structured log message */
2185 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2186 r = log_oom();
2187 goto finish;
2188 }
2189 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2190
2191 /* Format the CPU time for inclusion in the human language message string */
2192 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2193 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2194 if (!t) {
2195 r = log_oom();
2196 goto finish;
2197 }
2198
2199 message_parts[n_message_parts++] = t;
2200 }
2201
2202 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2203 char buf[FORMAT_BYTES_MAX] = "";
2204 uint64_t value = UINT64_MAX;
2205
2206 assert(ip_fields[m]);
2207
2208 (void) unit_get_ip_accounting(u, m, &value);
2209 if (value == UINT64_MAX)
2210 continue;
2211
2212 /* Format IP accounting data for inclusion in the structured log message */
2213 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2214 r = log_oom();
2215 goto finish;
2216 }
2217 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2218
2219 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2220 * bytes counters (and not for the packets counters) */
2221 if (m == CGROUP_IP_INGRESS_BYTES)
2222 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2223 format_bytes(buf, sizeof(buf), value),
2224 " IP traffic");
2225 else if (m == CGROUP_IP_EGRESS_BYTES)
2226 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2227 format_bytes(buf, sizeof(buf), value),
2228 " IP traffic");
2229 else
2230 continue;
2231 if (!t) {
2232 r = log_oom();
2233 goto finish;
2234 }
2235
2236 message_parts[n_message_parts++] = t;
2237 }
2238
2239 /* Is there any accounting data available at all? */
2240 if (n_iovec == 0) {
2241 r = 0;
2242 goto finish;
2243 }
2244
2245 if (n_message_parts == 0)
2246 t = strjoina("MESSAGE=", u->id, ": Completed");
2247 else {
2248 _cleanup_free_ char *joined;
2249
2250 message_parts[n_message_parts] = NULL;
2251
2252 joined = strv_join(message_parts, ", ");
2253 if (!joined) {
2254 r = log_oom();
2255 goto finish;
2256 }
2257
2258 t = strjoina("MESSAGE=", u->id, ": ", joined);
2259 }
2260
2261 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2262 * and hence don't increase n_iovec for them */
2263 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2264 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2265
2266 t = strjoina(u->manager->unit_log_field, u->id);
2267 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2268
2269 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2270 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2271
2272 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2273 r = 0;
2274
2275 finish:
2276 for (i = 0; i < n_message_parts; i++)
2277 free(message_parts[i]);
2278
2279 for (i = 0; i < n_iovec; i++)
2280 free(iovec[i].iov_base);
2281
2282 return r;
2283
2284 }
2285
2286 static void unit_update_on_console(Unit *u) {
2287 bool b;
2288
2289 assert(u);
2290
2291 b = unit_needs_console(u);
2292 if (u->on_console == b)
2293 return;
2294
2295 u->on_console = b;
2296 if (b)
2297 manager_ref_console(u->manager);
2298 else
2299 manager_unref_console(u->manager);
2300
2301 }
2302
2303 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2304 bool unexpected;
2305 Manager *m;
2306
2307 assert(u);
2308 assert(os < _UNIT_ACTIVE_STATE_MAX);
2309 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2310
2311 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2312 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2313 * remounted this function will be called too! */
2314
2315 m = u->manager;
2316
2317 /* Update timestamps for state changes */
2318 if (!MANAGER_IS_RELOADING(m)) {
2319 dual_timestamp_get(&u->state_change_timestamp);
2320
2321 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2322 u->inactive_exit_timestamp = u->state_change_timestamp;
2323 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2324 u->inactive_enter_timestamp = u->state_change_timestamp;
2325
2326 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2327 u->active_enter_timestamp = u->state_change_timestamp;
2328 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2329 u->active_exit_timestamp = u->state_change_timestamp;
2330 }
2331
2332 /* Keep track of failed units */
2333 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2334
2335 /* Make sure the cgroup and state files are always removed when we become inactive */
2336 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2337 unit_prune_cgroup(u);
2338 unit_unlink_state_files(u);
2339 }
2340
2341 unit_update_on_console(u);
2342
2343 if (u->job) {
2344 unexpected = false;
2345
2346 if (u->job->state == JOB_WAITING)
2347
2348 /* So we reached a different state for this
2349 * job. Let's see if we can run it now if it
2350 * failed previously due to EAGAIN. */
2351 job_add_to_run_queue(u->job);
2352
2353 /* Let's check whether this state change constitutes a
2354 * finished job, or maybe contradicts a running job and
2355 * hence needs to invalidate jobs. */
2356
2357 switch (u->job->type) {
2358
2359 case JOB_START:
2360 case JOB_VERIFY_ACTIVE:
2361
2362 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2363 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2364 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2365 unexpected = true;
2366
2367 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2368 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2369 }
2370
2371 break;
2372
2373 case JOB_RELOAD:
2374 case JOB_RELOAD_OR_START:
2375 case JOB_TRY_RELOAD:
2376
2377 if (u->job->state == JOB_RUNNING) {
2378 if (ns == UNIT_ACTIVE)
2379 job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2380 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2381 unexpected = true;
2382
2383 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2384 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2385 }
2386 }
2387
2388 break;
2389
2390 case JOB_STOP:
2391 case JOB_RESTART:
2392 case JOB_TRY_RESTART:
2393
2394 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2395 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2396 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2397 unexpected = true;
2398 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2399 }
2400
2401 break;
2402
2403 default:
2404 assert_not_reached("Job type unknown");
2405 }
2406
2407 } else
2408 unexpected = true;
2409
2410 if (!MANAGER_IS_RELOADING(m)) {
2411
2412 /* If this state change happened without being
2413 * requested by a job, then let's retroactively start
2414 * or stop dependencies. We skip that step when
2415 * deserializing, since we don't want to create any
2416 * additional jobs just because something is already
2417 * activated. */
2418
2419 if (unexpected) {
2420 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2421 retroactively_start_dependencies(u);
2422 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2423 retroactively_stop_dependencies(u);
2424 }
2425
2426 /* stop unneeded units regardless if going down was expected or not */
2427 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2428 check_unneeded_dependencies(u);
2429
2430 if (ns != os && ns == UNIT_FAILED) {
2431 log_unit_debug(u, "Unit entered failed state.");
2432 unit_start_on_failure(u);
2433 }
2434 }
2435
2436 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2437
2438 if (u->type == UNIT_SERVICE &&
2439 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2440 !MANAGER_IS_RELOADING(m)) {
2441 /* Write audit record if we have just finished starting up */
2442 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2443 u->in_audit = true;
2444 }
2445
2446 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2447 manager_send_unit_plymouth(m, u);
2448
2449 } else {
2450
2451 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2452 !UNIT_IS_INACTIVE_OR_FAILED(os)
2453 && !MANAGER_IS_RELOADING(m)) {
2454
2455 /* This unit just stopped/failed. */
2456 if (u->type == UNIT_SERVICE) {
2457
2458 /* Hmm, if there was no start record written
2459 * write it now, so that we always have a nice
2460 * pair */
2461 if (!u->in_audit) {
2462 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2463
2464 if (ns == UNIT_INACTIVE)
2465 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2466 } else
2467 /* Write audit record if we have just finished shutting down */
2468 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2469
2470 u->in_audit = false;
2471 }
2472
2473 /* Write a log message about consumed resources */
2474 unit_log_resources(u);
2475 }
2476 }
2477
2478 manager_recheck_journal(m);
2479 manager_recheck_dbus(m);
2480
2481 unit_trigger_notify(u);
2482
2483 if (!MANAGER_IS_RELOADING(u->manager)) {
2484 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2485 unit_check_unneeded(u);
2486
2487 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2488 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2489 * without ever entering started.) */
2490 unit_check_binds_to(u);
2491
2492 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2493 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2494 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2495 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2496 }
2497
2498 unit_add_to_dbus_queue(u);
2499 unit_add_to_gc_queue(u);
2500 }
2501
2502 int unit_watch_pid(Unit *u, pid_t pid) {
2503 int r;
2504
2505 assert(u);
2506 assert(pid_is_valid(pid));
2507
2508 /* Watch a specific PID */
2509
2510 r = set_ensure_allocated(&u->pids, NULL);
2511 if (r < 0)
2512 return r;
2513
2514 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2515 if (r < 0)
2516 return r;
2517
2518 /* First try, let's add the unit keyed by "pid". */
2519 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2520 if (r == -EEXIST) {
2521 Unit **array;
2522 bool found = false;
2523 size_t n = 0;
2524
2525 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2526 * to an array of Units rather than just a Unit), lists us already. */
2527
2528 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2529 if (array)
2530 for (; array[n]; n++)
2531 if (array[n] == u)
2532 found = true;
2533
2534 if (found) /* Found it already? if so, do nothing */
2535 r = 0;
2536 else {
2537 Unit **new_array;
2538
2539 /* Allocate a new array */
2540 new_array = new(Unit*, n + 2);
2541 if (!new_array)
2542 return -ENOMEM;
2543
2544 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2545 new_array[n] = u;
2546 new_array[n+1] = NULL;
2547
2548 /* Add or replace the old array */
2549 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2550 if (r < 0) {
2551 free(new_array);
2552 return r;
2553 }
2554
2555 free(array);
2556 }
2557 } else if (r < 0)
2558 return r;
2559
2560 r = set_put(u->pids, PID_TO_PTR(pid));
2561 if (r < 0)
2562 return r;
2563
2564 return 0;
2565 }
2566
2567 void unit_unwatch_pid(Unit *u, pid_t pid) {
2568 Unit **array;
2569
2570 assert(u);
2571 assert(pid_is_valid(pid));
2572
2573 /* First let's drop the unit in case it's keyed as "pid". */
2574 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2575
2576 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2577 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2578 if (array) {
2579 size_t n, m = 0;
2580
2581 /* Let's iterate through the array, dropping our own entry */
2582 for (n = 0; array[n]; n++)
2583 if (array[n] != u)
2584 array[m++] = array[n];
2585 array[m] = NULL;
2586
2587 if (m == 0) {
2588 /* The array is now empty, remove the entire entry */
2589 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2590 free(array);
2591 }
2592 }
2593
2594 (void) set_remove(u->pids, PID_TO_PTR(pid));
2595 }
2596
2597 void unit_unwatch_all_pids(Unit *u) {
2598 assert(u);
2599
2600 while (!set_isempty(u->pids))
2601 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2602
2603 u->pids = set_free(u->pids);
2604 }
2605
2606 void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
2607 Iterator i;
2608 void *e;
2609
2610 assert(u);
2611
2612 /* Cleans dead PIDs from our list */
2613
2614 SET_FOREACH(e, u->pids, i) {
2615 pid_t pid = PTR_TO_PID(e);
2616
2617 if (pid == except1 || pid == except2)
2618 continue;
2619
2620 if (!pid_is_unwaited(pid))
2621 unit_unwatch_pid(u, pid);
2622 }
2623 }
2624
2625 bool unit_job_is_applicable(Unit *u, JobType j) {
2626 assert(u);
2627 assert(j >= 0 && j < _JOB_TYPE_MAX);
2628
2629 switch (j) {
2630
2631 case JOB_VERIFY_ACTIVE:
2632 case JOB_START:
2633 case JOB_NOP:
2634 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2635 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2636 * jobs for it. */
2637 return true;
2638
2639 case JOB_STOP:
2640 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2641 * external events), hence it makes no sense to permit enqueing such a request either. */
2642 return !u->perpetual;
2643
2644 case JOB_RESTART:
2645 case JOB_TRY_RESTART:
2646 return unit_can_stop(u) && unit_can_start(u);
2647
2648 case JOB_RELOAD:
2649 case JOB_TRY_RELOAD:
2650 return unit_can_reload(u);
2651
2652 case JOB_RELOAD_OR_START:
2653 return unit_can_reload(u) && unit_can_start(u);
2654
2655 default:
2656 assert_not_reached("Invalid job type");
2657 }
2658 }
2659
2660 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2661 assert(u);
2662
2663 /* Only warn about some unit types */
2664 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2665 return;
2666
2667 if (streq_ptr(u->id, other))
2668 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2669 else
2670 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2671 }
2672
2673 static int unit_add_dependency_hashmap(
2674 Hashmap **h,
2675 Unit *other,
2676 UnitDependencyMask origin_mask,
2677 UnitDependencyMask destination_mask) {
2678
2679 UnitDependencyInfo info;
2680 int r;
2681
2682 assert(h);
2683 assert(other);
2684 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2685 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2686 assert(origin_mask > 0 || destination_mask > 0);
2687
2688 r = hashmap_ensure_allocated(h, NULL);
2689 if (r < 0)
2690 return r;
2691
2692 assert_cc(sizeof(void*) == sizeof(info));
2693
2694 info.data = hashmap_get(*h, other);
2695 if (info.data) {
2696 /* Entry already exists. Add in our mask. */
2697
2698 if ((info.origin_mask & origin_mask) == info.origin_mask &&
2699 (info.destination_mask & destination_mask) == info.destination_mask)
2700 return 0; /* NOP */
2701
2702 info.origin_mask |= origin_mask;
2703 info.destination_mask |= destination_mask;
2704
2705 r = hashmap_update(*h, other, info.data);
2706 } else {
2707 info = (UnitDependencyInfo) {
2708 .origin_mask = origin_mask,
2709 .destination_mask = destination_mask,
2710 };
2711
2712 r = hashmap_put(*h, other, info.data);
2713 }
2714 if (r < 0)
2715 return r;
2716
2717 return 1;
2718 }
2719
2720 int unit_add_dependency(
2721 Unit *u,
2722 UnitDependency d,
2723 Unit *other,
2724 bool add_reference,
2725 UnitDependencyMask mask) {
2726
2727 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2728 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2729 [UNIT_WANTS] = UNIT_WANTED_BY,
2730 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2731 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2732 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2733 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2734 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2735 [UNIT_WANTED_BY] = UNIT_WANTS,
2736 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2737 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2738 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2739 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2740 [UNIT_BEFORE] = UNIT_AFTER,
2741 [UNIT_AFTER] = UNIT_BEFORE,
2742 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2743 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2744 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2745 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2746 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2747 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2748 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2749 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2750 };
2751 Unit *original_u = u, *original_other = other;
2752 int r;
2753
2754 assert(u);
2755 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2756 assert(other);
2757
2758 u = unit_follow_merge(u);
2759 other = unit_follow_merge(other);
2760
2761 /* We won't allow dependencies on ourselves. We will not
2762 * consider them an error however. */
2763 if (u == other) {
2764 maybe_warn_about_dependency(original_u, original_other->id, d);
2765 return 0;
2766 }
2767
2768 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2769 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2770 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2771 return 0;
2772 }
2773
2774 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2775 if (r < 0)
2776 return r;
2777
2778 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2779 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2780 if (r < 0)
2781 return r;
2782 }
2783
2784 if (add_reference) {
2785 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2786 if (r < 0)
2787 return r;
2788
2789 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2790 if (r < 0)
2791 return r;
2792 }
2793
2794 unit_add_to_dbus_queue(u);
2795 return 0;
2796 }
2797
2798 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2799 int r;
2800
2801 assert(u);
2802
2803 r = unit_add_dependency(u, d, other, add_reference, mask);
2804 if (r < 0)
2805 return r;
2806
2807 return unit_add_dependency(u, e, other, add_reference, mask);
2808 }
2809
2810 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2811 int r;
2812
2813 assert(u);
2814 assert(name || path);
2815 assert(buf);
2816 assert(ret);
2817
2818 if (!name)
2819 name = basename(path);
2820
2821 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2822 *buf = NULL;
2823 *ret = name;
2824 return 0;
2825 }
2826
2827 if (u->instance)
2828 r = unit_name_replace_instance(name, u->instance, buf);
2829 else {
2830 _cleanup_free_ char *i = NULL;
2831
2832 r = unit_name_to_prefix(u->id, &i);
2833 if (r < 0)
2834 return r;
2835
2836 r = unit_name_replace_instance(name, i, buf);
2837 }
2838 if (r < 0)
2839 return r;
2840
2841 *ret = *buf;
2842 return 0;
2843 }
2844
2845 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2846 _cleanup_free_ char *buf = NULL;
2847 Unit *other;
2848 int r;
2849
2850 assert(u);
2851 assert(name || path);
2852
2853 r = resolve_template(u, name, path, &buf, &name);
2854 if (r < 0)
2855 return r;
2856
2857 r = manager_load_unit(u->manager, name, path, NULL, &other);
2858 if (r < 0)
2859 return r;
2860
2861 return unit_add_dependency(u, d, other, add_reference, mask);
2862 }
2863
2864 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2865 _cleanup_free_ char *buf = NULL;
2866 Unit *other;
2867 int r;
2868
2869 assert(u);
2870 assert(name || path);
2871
2872 r = resolve_template(u, name, path, &buf, &name);
2873 if (r < 0)
2874 return r;
2875
2876 r = manager_load_unit(u->manager, name, path, NULL, &other);
2877 if (r < 0)
2878 return r;
2879
2880 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2881 }
2882
2883 int set_unit_path(const char *p) {
2884 /* This is mostly for debug purposes */
2885 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2886 return -errno;
2887
2888 return 0;
2889 }
2890
2891 char *unit_dbus_path(Unit *u) {
2892 assert(u);
2893
2894 if (!u->id)
2895 return NULL;
2896
2897 return unit_dbus_path_from_name(u->id);
2898 }
2899
2900 char *unit_dbus_path_invocation_id(Unit *u) {
2901 assert(u);
2902
2903 if (sd_id128_is_null(u->invocation_id))
2904 return NULL;
2905
2906 return unit_dbus_path_from_name(u->invocation_id_string);
2907 }
2908
2909 int unit_set_slice(Unit *u, Unit *slice) {
2910 assert(u);
2911 assert(slice);
2912
2913 /* Sets the unit slice if it has not been set before. Is extra
2914 * careful, to only allow this for units that actually have a
2915 * cgroup context. Also, we don't allow to set this for slices
2916 * (since the parent slice is derived from the name). Make
2917 * sure the unit we set is actually a slice. */
2918
2919 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2920 return -EOPNOTSUPP;
2921
2922 if (u->type == UNIT_SLICE)
2923 return -EINVAL;
2924
2925 if (unit_active_state(u) != UNIT_INACTIVE)
2926 return -EBUSY;
2927
2928 if (slice->type != UNIT_SLICE)
2929 return -EINVAL;
2930
2931 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
2932 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
2933 return -EPERM;
2934
2935 if (UNIT_DEREF(u->slice) == slice)
2936 return 0;
2937
2938 /* Disallow slice changes if @u is already bound to cgroups */
2939 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
2940 return -EBUSY;
2941
2942 unit_ref_set(&u->slice, u, slice);
2943 return 1;
2944 }
2945
2946 int unit_set_default_slice(Unit *u) {
2947 _cleanup_free_ char *b = NULL;
2948 const char *slice_name;
2949 Unit *slice;
2950 int r;
2951
2952 assert(u);
2953
2954 if (UNIT_ISSET(u->slice))
2955 return 0;
2956
2957 if (u->instance) {
2958 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
2959
2960 /* Implicitly place all instantiated units in their
2961 * own per-template slice */
2962
2963 r = unit_name_to_prefix(u->id, &prefix);
2964 if (r < 0)
2965 return r;
2966
2967 /* The prefix is already escaped, but it might include
2968 * "-" which has a special meaning for slice units,
2969 * hence escape it here extra. */
2970 escaped = unit_name_escape(prefix);
2971 if (!escaped)
2972 return -ENOMEM;
2973
2974 if (MANAGER_IS_SYSTEM(u->manager))
2975 b = strjoin("system-", escaped, ".slice");
2976 else
2977 b = strappend(escaped, ".slice");
2978 if (!b)
2979 return -ENOMEM;
2980
2981 slice_name = b;
2982 } else
2983 slice_name =
2984 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
2985 ? SPECIAL_SYSTEM_SLICE
2986 : SPECIAL_ROOT_SLICE;
2987
2988 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
2989 if (r < 0)
2990 return r;
2991
2992 return unit_set_slice(u, slice);
2993 }
2994
2995 const char *unit_slice_name(Unit *u) {
2996 assert(u);
2997
2998 if (!UNIT_ISSET(u->slice))
2999 return NULL;
3000
3001 return UNIT_DEREF(u->slice)->id;
3002 }
3003
3004 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3005 _cleanup_free_ char *t = NULL;
3006 int r;
3007
3008 assert(u);
3009 assert(type);
3010 assert(_found);
3011
3012 r = unit_name_change_suffix(u->id, type, &t);
3013 if (r < 0)
3014 return r;
3015 if (unit_has_name(u, t))
3016 return -EINVAL;
3017
3018 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3019 assert(r < 0 || *_found != u);
3020 return r;
3021 }
3022
3023 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3024 const char *name, *old_owner, *new_owner;
3025 Unit *u = userdata;
3026 int r;
3027
3028 assert(message);
3029 assert(u);
3030
3031 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3032 if (r < 0) {
3033 bus_log_parse_error(r);
3034 return 0;
3035 }
3036
3037 old_owner = empty_to_null(old_owner);
3038 new_owner = empty_to_null(new_owner);
3039
3040 if (UNIT_VTABLE(u)->bus_name_owner_change)
3041 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3042
3043 return 0;
3044 }
3045
3046 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3047 const char *match;
3048
3049 assert(u);
3050 assert(bus);
3051 assert(name);
3052
3053 if (u->match_bus_slot)
3054 return -EBUSY;
3055
3056 match = strjoina("type='signal',"
3057 "sender='org.freedesktop.DBus',"
3058 "path='/org/freedesktop/DBus',"
3059 "interface='org.freedesktop.DBus',"
3060 "member='NameOwnerChanged',"
3061 "arg0='", name, "'");
3062
3063 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3064 }
3065
3066 int unit_watch_bus_name(Unit *u, const char *name) {
3067 int r;
3068
3069 assert(u);
3070 assert(name);
3071
3072 /* Watch a specific name on the bus. We only support one unit
3073 * watching each name for now. */
3074
3075 if (u->manager->api_bus) {
3076 /* If the bus is already available, install the match directly.
3077 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3078 r = unit_install_bus_match(u, u->manager->api_bus, name);
3079 if (r < 0)
3080 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3081 }
3082
3083 r = hashmap_put(u->manager->watch_bus, name, u);
3084 if (r < 0) {
3085 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3086 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3087 }
3088
3089 return 0;
3090 }
3091
3092 void unit_unwatch_bus_name(Unit *u, const char *name) {
3093 assert(u);
3094 assert(name);
3095
3096 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3097 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3098 }
3099
3100 bool unit_can_serialize(Unit *u) {
3101 assert(u);
3102
3103 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3104 }
3105
3106 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3107 _cleanup_free_ char *s = NULL;
3108 int r = 0;
3109
3110 assert(f);
3111 assert(key);
3112
3113 if (mask != 0) {
3114 r = cg_mask_to_string(mask, &s);
3115 if (r >= 0) {
3116 fputs(key, f);
3117 fputc('=', f);
3118 fputs(s, f);
3119 fputc('\n', f);
3120 }
3121 }
3122 return r;
3123 }
3124
3125 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3126 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3127 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3128 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3129 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3130 };
3131
3132 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3133 CGroupIPAccountingMetric m;
3134 int r;
3135
3136 assert(u);
3137 assert(f);
3138 assert(fds);
3139
3140 if (unit_can_serialize(u)) {
3141 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3142 if (r < 0)
3143 return r;
3144 }
3145
3146 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3147
3148 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3149 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3150 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3151 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3152
3153 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3154 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3155
3156 if (dual_timestamp_is_set(&u->condition_timestamp))
3157 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3158
3159 if (dual_timestamp_is_set(&u->assert_timestamp))
3160 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3161
3162 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3163
3164 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3165 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3166 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3167
3168 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3169 if (u->cpu_usage_last != NSEC_INFINITY)
3170 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3171
3172 if (u->cgroup_path)
3173 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3174 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3175 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3176 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3177 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3178
3179 if (uid_is_valid(u->ref_uid))
3180 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3181 if (gid_is_valid(u->ref_gid))
3182 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3183
3184 if (!sd_id128_is_null(u->invocation_id))
3185 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3186
3187 bus_track_serialize(u->bus_track, f, "ref");
3188
3189 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3190 uint64_t v;
3191
3192 r = unit_get_ip_accounting(u, m, &v);
3193 if (r >= 0)
3194 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3195 }
3196
3197 if (serialize_jobs) {
3198 if (u->job) {
3199 fprintf(f, "job\n");
3200 job_serialize(u->job, f);
3201 }
3202
3203 if (u->nop_job) {
3204 fprintf(f, "job\n");
3205 job_serialize(u->nop_job, f);
3206 }
3207 }
3208
3209 /* End marker */
3210 fputc('\n', f);
3211 return 0;
3212 }
3213
3214 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3215 assert(u);
3216 assert(f);
3217 assert(key);
3218
3219 if (!value)
3220 return 0;
3221
3222 fputs(key, f);
3223 fputc('=', f);
3224 fputs(value, f);
3225 fputc('\n', f);
3226
3227 return 1;
3228 }
3229
3230 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3231 _cleanup_free_ char *c = NULL;
3232
3233 assert(u);
3234 assert(f);
3235 assert(key);
3236
3237 if (!value)
3238 return 0;
3239
3240 c = cescape(value);
3241 if (!c)
3242 return -ENOMEM;
3243
3244 fputs(key, f);
3245 fputc('=', f);
3246 fputs(c, f);
3247 fputc('\n', f);
3248
3249 return 1;
3250 }
3251
3252 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3253 int copy;
3254
3255 assert(u);
3256 assert(f);
3257 assert(key);
3258
3259 if (fd < 0)
3260 return 0;
3261
3262 copy = fdset_put_dup(fds, fd);
3263 if (copy < 0)
3264 return copy;
3265
3266 fprintf(f, "%s=%i\n", key, copy);
3267 return 1;
3268 }
3269
3270 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3271 va_list ap;
3272
3273 assert(u);
3274 assert(f);
3275 assert(key);
3276 assert(format);
3277
3278 fputs(key, f);
3279 fputc('=', f);
3280
3281 va_start(ap, format);
3282 vfprintf(f, format, ap);
3283 va_end(ap);
3284
3285 fputc('\n', f);
3286 }
3287
3288 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3289 int r;
3290
3291 assert(u);
3292 assert(f);
3293 assert(fds);
3294
3295 for (;;) {
3296 char line[LINE_MAX], *l, *v;
3297 CGroupIPAccountingMetric m;
3298 size_t k;
3299
3300 if (!fgets(line, sizeof(line), f)) {
3301 if (feof(f))
3302 return 0;
3303 return -errno;
3304 }
3305
3306 char_array_0(line);
3307 l = strstrip(line);
3308
3309 /* End marker */
3310 if (isempty(l))
3311 break;
3312
3313 k = strcspn(l, "=");
3314
3315 if (l[k] == '=') {
3316 l[k] = 0;
3317 v = l+k+1;
3318 } else
3319 v = l+k;
3320
3321 if (streq(l, "job")) {
3322 if (v[0] == '\0') {
3323 /* new-style serialized job */
3324 Job *j;
3325
3326 j = job_new_raw(u);
3327 if (!j)
3328 return log_oom();
3329
3330 r = job_deserialize(j, f);
3331 if (r < 0) {
3332 job_free(j);
3333 return r;
3334 }
3335
3336 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3337 if (r < 0) {
3338 job_free(j);
3339 return r;
3340 }
3341
3342 r = job_install_deserialized(j);
3343 if (r < 0) {
3344 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3345 job_free(j);
3346 return r;
3347 }
3348 } else /* legacy for pre-44 */
3349 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3350 continue;
3351 } else if (streq(l, "state-change-timestamp")) {
3352 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3353 continue;
3354 } else if (streq(l, "inactive-exit-timestamp")) {
3355 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3356 continue;
3357 } else if (streq(l, "active-enter-timestamp")) {
3358 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3359 continue;
3360 } else if (streq(l, "active-exit-timestamp")) {
3361 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3362 continue;
3363 } else if (streq(l, "inactive-enter-timestamp")) {
3364 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3365 continue;
3366 } else if (streq(l, "condition-timestamp")) {
3367 dual_timestamp_deserialize(v, &u->condition_timestamp);
3368 continue;
3369 } else if (streq(l, "assert-timestamp")) {
3370 dual_timestamp_deserialize(v, &u->assert_timestamp);
3371 continue;
3372 } else if (streq(l, "condition-result")) {
3373
3374 r = parse_boolean(v);
3375 if (r < 0)
3376 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3377 else
3378 u->condition_result = r;
3379
3380 continue;
3381
3382 } else if (streq(l, "assert-result")) {
3383
3384 r = parse_boolean(v);
3385 if (r < 0)
3386 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3387 else
3388 u->assert_result = r;
3389
3390 continue;
3391
3392 } else if (streq(l, "transient")) {
3393
3394 r = parse_boolean(v);
3395 if (r < 0)
3396 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3397 else
3398 u->transient = r;
3399
3400 continue;
3401
3402 } else if (streq(l, "exported-invocation-id")) {
3403
3404 r = parse_boolean(v);
3405 if (r < 0)
3406 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3407 else
3408 u->exported_invocation_id = r;
3409
3410 continue;
3411
3412 } else if (streq(l, "exported-log-level-max")) {
3413
3414 r = parse_boolean(v);
3415 if (r < 0)
3416 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3417 else
3418 u->exported_log_level_max = r;
3419
3420 continue;
3421
3422 } else if (streq(l, "exported-log-extra-fields")) {
3423
3424 r = parse_boolean(v);
3425 if (r < 0)
3426 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3427 else
3428 u->exported_log_extra_fields = r;
3429
3430 continue;
3431
3432 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3433
3434 r = safe_atou64(v, &u->cpu_usage_base);
3435 if (r < 0)
3436 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3437
3438 continue;
3439
3440 } else if (streq(l, "cpu-usage-last")) {
3441
3442 r = safe_atou64(v, &u->cpu_usage_last);
3443 if (r < 0)
3444 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3445
3446 continue;
3447
3448 } else if (streq(l, "cgroup")) {
3449
3450 r = unit_set_cgroup_path(u, v);
3451 if (r < 0)
3452 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3453
3454 (void) unit_watch_cgroup(u);
3455
3456 continue;
3457 } else if (streq(l, "cgroup-realized")) {
3458 int b;
3459
3460 b = parse_boolean(v);
3461 if (b < 0)
3462 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3463 else
3464 u->cgroup_realized = b;
3465
3466 continue;
3467
3468 } else if (streq(l, "cgroup-realized-mask")) {
3469
3470 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3471 if (r < 0)
3472 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3473 continue;
3474
3475 } else if (streq(l, "cgroup-enabled-mask")) {
3476
3477 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3478 if (r < 0)
3479 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3480 continue;
3481
3482 } else if (streq(l, "cgroup-bpf-realized")) {
3483 int i;
3484
3485 r = safe_atoi(v, &i);
3486 if (r < 0)
3487 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3488 else
3489 u->cgroup_bpf_state =
3490 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3491 i > 0 ? UNIT_CGROUP_BPF_ON :
3492 UNIT_CGROUP_BPF_OFF;
3493
3494 continue;
3495
3496 } else if (streq(l, "ref-uid")) {
3497 uid_t uid;
3498
3499 r = parse_uid(v, &uid);
3500 if (r < 0)
3501 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3502 else
3503 unit_ref_uid_gid(u, uid, GID_INVALID);
3504
3505 continue;
3506
3507 } else if (streq(l, "ref-gid")) {
3508 gid_t gid;
3509
3510 r = parse_gid(v, &gid);
3511 if (r < 0)
3512 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3513 else
3514 unit_ref_uid_gid(u, UID_INVALID, gid);
3515
3516 } else if (streq(l, "ref")) {
3517
3518 r = strv_extend(&u->deserialized_refs, v);
3519 if (r < 0)
3520 log_oom();
3521
3522 continue;
3523 } else if (streq(l, "invocation-id")) {
3524 sd_id128_t id;
3525
3526 r = sd_id128_from_string(v, &id);
3527 if (r < 0)
3528 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3529 else {
3530 r = unit_set_invocation_id(u, id);
3531 if (r < 0)
3532 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3533 }
3534
3535 continue;
3536 }
3537
3538 /* Check if this is an IP accounting metric serialization field */
3539 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3540 if (streq(l, ip_accounting_metric_field[m]))
3541 break;
3542 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3543 uint64_t c;
3544
3545 r = safe_atou64(v, &c);
3546 if (r < 0)
3547 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3548 else
3549 u->ip_accounting_extra[m] = c;
3550 continue;
3551 }
3552
3553 if (unit_can_serialize(u)) {
3554 r = exec_runtime_deserialize_compat(u, l, v, fds);
3555 if (r < 0) {
3556 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3557 continue;
3558 }
3559
3560 /* Returns positive if key was handled by the call */
3561 if (r > 0)
3562 continue;
3563
3564 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3565 if (r < 0)
3566 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3567 }
3568 }
3569
3570 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3571 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3572 * before 228 where the base for timeouts was not persistent across reboots. */
3573
3574 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3575 dual_timestamp_get(&u->state_change_timestamp);
3576
3577 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3578 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3579 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3580 unit_invalidate_cgroup_bpf(u);
3581
3582 return 0;
3583 }
3584
3585 void unit_deserialize_skip(FILE *f) {
3586 assert(f);
3587
3588 /* Skip serialized data for this unit. We don't know what it is. */
3589
3590 for (;;) {
3591 char line[LINE_MAX], *l;
3592
3593 if (!fgets(line, sizeof line, f))
3594 return;
3595
3596 char_array_0(line);
3597 l = strstrip(line);
3598
3599 /* End marker */
3600 if (isempty(l))
3601 return;
3602 }
3603 }
3604
3605 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3606 Unit *device;
3607 _cleanup_free_ char *e = NULL;
3608 int r;
3609
3610 assert(u);
3611
3612 /* Adds in links to the device node that this unit is based on */
3613 if (isempty(what))
3614 return 0;
3615
3616 if (!is_device_path(what))
3617 return 0;
3618
3619 /* When device units aren't supported (such as in a
3620 * container), don't create dependencies on them. */
3621 if (!unit_type_supported(UNIT_DEVICE))
3622 return 0;
3623
3624 r = unit_name_from_path(what, ".device", &e);
3625 if (r < 0)
3626 return r;
3627
3628 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3629 if (r < 0)
3630 return r;
3631
3632 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3633 dep = UNIT_BINDS_TO;
3634
3635 r = unit_add_two_dependencies(u, UNIT_AFTER,
3636 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3637 device, true, mask);
3638 if (r < 0)
3639 return r;
3640
3641 if (wants) {
3642 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3643 if (r < 0)
3644 return r;
3645 }
3646
3647 return 0;
3648 }
3649
3650 int unit_coldplug(Unit *u) {
3651 int r = 0, q;
3652 char **i;
3653
3654 assert(u);
3655
3656 /* Make sure we don't enter a loop, when coldplugging
3657 * recursively. */
3658 if (u->coldplugged)
3659 return 0;
3660
3661 u->coldplugged = true;
3662
3663 STRV_FOREACH(i, u->deserialized_refs) {
3664 q = bus_unit_track_add_name(u, *i);
3665 if (q < 0 && r >= 0)
3666 r = q;
3667 }
3668 u->deserialized_refs = strv_free(u->deserialized_refs);
3669
3670 if (UNIT_VTABLE(u)->coldplug) {
3671 q = UNIT_VTABLE(u)->coldplug(u);
3672 if (q < 0 && r >= 0)
3673 r = q;
3674 }
3675
3676 if (u->job) {
3677 q = job_coldplug(u->job);
3678 if (q < 0 && r >= 0)
3679 r = q;
3680 }
3681
3682 return r;
3683 }
3684
3685 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3686 struct stat st;
3687
3688 if (!path)
3689 return false;
3690
3691 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3692 * are never out-of-date. */
3693 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3694 return false;
3695
3696 if (stat(path, &st) < 0)
3697 /* What, cannot access this anymore? */
3698 return true;
3699
3700 if (path_masked)
3701 /* For masked files check if they are still so */
3702 return !null_or_empty(&st);
3703 else
3704 /* For non-empty files check the mtime */
3705 return timespec_load(&st.st_mtim) > mtime;
3706
3707 return false;
3708 }
3709
3710 bool unit_need_daemon_reload(Unit *u) {
3711 _cleanup_strv_free_ char **t = NULL;
3712 char **path;
3713
3714 assert(u);
3715
3716 /* For unit files, we allow masking… */
3717 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3718 u->load_state == UNIT_MASKED))
3719 return true;
3720
3721 /* Source paths should not be masked… */
3722 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3723 return true;
3724
3725 if (u->load_state == UNIT_LOADED)
3726 (void) unit_find_dropin_paths(u, &t);
3727 if (!strv_equal(u->dropin_paths, t))
3728 return true;
3729
3730 /* … any drop-ins that are masked are simply omitted from the list. */
3731 STRV_FOREACH(path, u->dropin_paths)
3732 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3733 return true;
3734
3735 return false;
3736 }
3737
3738 void unit_reset_failed(Unit *u) {
3739 assert(u);
3740
3741 if (UNIT_VTABLE(u)->reset_failed)
3742 UNIT_VTABLE(u)->reset_failed(u);
3743
3744 RATELIMIT_RESET(u->start_limit);
3745 u->start_limit_hit = false;
3746 }
3747
3748 Unit *unit_following(Unit *u) {
3749 assert(u);
3750
3751 if (UNIT_VTABLE(u)->following)
3752 return UNIT_VTABLE(u)->following(u);
3753
3754 return NULL;
3755 }
3756
3757 bool unit_stop_pending(Unit *u) {
3758 assert(u);
3759
3760 /* This call does check the current state of the unit. It's
3761 * hence useful to be called from state change calls of the
3762 * unit itself, where the state isn't updated yet. This is
3763 * different from unit_inactive_or_pending() which checks both
3764 * the current state and for a queued job. */
3765
3766 return u->job && u->job->type == JOB_STOP;
3767 }
3768
3769 bool unit_inactive_or_pending(Unit *u) {
3770 assert(u);
3771
3772 /* Returns true if the unit is inactive or going down */
3773
3774 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3775 return true;
3776
3777 if (unit_stop_pending(u))
3778 return true;
3779
3780 return false;
3781 }
3782
3783 bool unit_active_or_pending(Unit *u) {
3784 assert(u);
3785
3786 /* Returns true if the unit is active or going up */
3787
3788 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3789 return true;
3790
3791 if (u->job &&
3792 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3793 return true;
3794
3795 return false;
3796 }
3797
3798 bool unit_will_restart(Unit *u) {
3799 assert(u);
3800
3801 if (!UNIT_VTABLE(u)->will_restart)
3802 return false;
3803
3804 return UNIT_VTABLE(u)->will_restart(u);
3805 }
3806
3807 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3808 assert(u);
3809 assert(w >= 0 && w < _KILL_WHO_MAX);
3810 assert(SIGNAL_VALID(signo));
3811
3812 if (!UNIT_VTABLE(u)->kill)
3813 return -EOPNOTSUPP;
3814
3815 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3816 }
3817
3818 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3819 _cleanup_set_free_ Set *pid_set = NULL;
3820 int r;
3821
3822 pid_set = set_new(NULL);
3823 if (!pid_set)
3824 return NULL;
3825
3826 /* Exclude the main/control pids from being killed via the cgroup */
3827 if (main_pid > 0) {
3828 r = set_put(pid_set, PID_TO_PTR(main_pid));
3829 if (r < 0)
3830 return NULL;
3831 }
3832
3833 if (control_pid > 0) {
3834 r = set_put(pid_set, PID_TO_PTR(control_pid));
3835 if (r < 0)
3836 return NULL;
3837 }
3838
3839 return TAKE_PTR(pid_set);
3840 }
3841
3842 int unit_kill_common(
3843 Unit *u,
3844 KillWho who,
3845 int signo,
3846 pid_t main_pid,
3847 pid_t control_pid,
3848 sd_bus_error *error) {
3849
3850 int r = 0;
3851 bool killed = false;
3852
3853 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3854 if (main_pid < 0)
3855 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3856 else if (main_pid == 0)
3857 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3858 }
3859
3860 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3861 if (control_pid < 0)
3862 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3863 else if (control_pid == 0)
3864 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3865 }
3866
3867 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3868 if (control_pid > 0) {
3869 if (kill(control_pid, signo) < 0)
3870 r = -errno;
3871 else
3872 killed = true;
3873 }
3874
3875 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3876 if (main_pid > 0) {
3877 if (kill(main_pid, signo) < 0)
3878 r = -errno;
3879 else
3880 killed = true;
3881 }
3882
3883 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3884 _cleanup_set_free_ Set *pid_set = NULL;
3885 int q;
3886
3887 /* Exclude the main/control pids from being killed via the cgroup */
3888 pid_set = unit_pid_set(main_pid, control_pid);
3889 if (!pid_set)
3890 return -ENOMEM;
3891
3892 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3893 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3894 r = q;
3895 else
3896 killed = true;
3897 }
3898
3899 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3900 return -ESRCH;
3901
3902 return r;
3903 }
3904
3905 int unit_following_set(Unit *u, Set **s) {
3906 assert(u);
3907 assert(s);
3908
3909 if (UNIT_VTABLE(u)->following_set)
3910 return UNIT_VTABLE(u)->following_set(u, s);
3911
3912 *s = NULL;
3913 return 0;
3914 }
3915
3916 UnitFileState unit_get_unit_file_state(Unit *u) {
3917 int r;
3918
3919 assert(u);
3920
3921 if (u->unit_file_state < 0 && u->fragment_path) {
3922 r = unit_file_get_state(
3923 u->manager->unit_file_scope,
3924 NULL,
3925 u->id,
3926 &u->unit_file_state);
3927 if (r < 0)
3928 u->unit_file_state = UNIT_FILE_BAD;
3929 }
3930
3931 return u->unit_file_state;
3932 }
3933
3934 int unit_get_unit_file_preset(Unit *u) {
3935 assert(u);
3936
3937 if (u->unit_file_preset < 0 && u->fragment_path)
3938 u->unit_file_preset = unit_file_query_preset(
3939 u->manager->unit_file_scope,
3940 NULL,
3941 basename(u->fragment_path));
3942
3943 return u->unit_file_preset;
3944 }
3945
3946 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
3947 assert(ref);
3948 assert(source);
3949 assert(target);
3950
3951 if (ref->target)
3952 unit_ref_unset(ref);
3953
3954 ref->source = source;
3955 ref->target = target;
3956 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3957 return target;
3958 }
3959
3960 void unit_ref_unset(UnitRef *ref) {
3961 assert(ref);
3962
3963 if (!ref->target)
3964 return;
3965
3966 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3967 * be unreferenced now. */
3968 unit_add_to_gc_queue(ref->target);
3969
3970 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3971 ref->source = ref->target = NULL;
3972 }
3973
3974 static int user_from_unit_name(Unit *u, char **ret) {
3975
3976 static const uint8_t hash_key[] = {
3977 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3978 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3979 };
3980
3981 _cleanup_free_ char *n = NULL;
3982 int r;
3983
3984 r = unit_name_to_prefix(u->id, &n);
3985 if (r < 0)
3986 return r;
3987
3988 if (valid_user_group_name(n)) {
3989 *ret = TAKE_PTR(n);
3990 return 0;
3991 }
3992
3993 /* If we can't use the unit name as a user name, then let's hash it and use that */
3994 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3995 return -ENOMEM;
3996
3997 return 0;
3998 }
3999
4000 int unit_patch_contexts(Unit *u) {
4001 CGroupContext *cc;
4002 ExecContext *ec;
4003 unsigned i;
4004 int r;
4005
4006 assert(u);
4007
4008 /* Patch in the manager defaults into the exec and cgroup
4009 * contexts, _after_ the rest of the settings have been
4010 * initialized */
4011
4012 ec = unit_get_exec_context(u);
4013 if (ec) {
4014 /* This only copies in the ones that need memory */
4015 for (i = 0; i < _RLIMIT_MAX; i++)
4016 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4017 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4018 if (!ec->rlimit[i])
4019 return -ENOMEM;
4020 }
4021
4022 if (MANAGER_IS_USER(u->manager) &&
4023 !ec->working_directory) {
4024
4025 r = get_home_dir(&ec->working_directory);
4026 if (r < 0)
4027 return r;
4028
4029 /* Allow user services to run, even if the
4030 * home directory is missing */
4031 ec->working_directory_missing_ok = true;
4032 }
4033
4034 if (ec->private_devices)
4035 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4036
4037 if (ec->protect_kernel_modules)
4038 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4039
4040 if (ec->dynamic_user) {
4041 if (!ec->user) {
4042 r = user_from_unit_name(u, &ec->user);
4043 if (r < 0)
4044 return r;
4045 }
4046
4047 if (!ec->group) {
4048 ec->group = strdup(ec->user);
4049 if (!ec->group)
4050 return -ENOMEM;
4051 }
4052
4053 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4054 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4055
4056 ec->private_tmp = true;
4057 ec->remove_ipc = true;
4058 ec->protect_system = PROTECT_SYSTEM_STRICT;
4059 if (ec->protect_home == PROTECT_HOME_NO)
4060 ec->protect_home = PROTECT_HOME_READ_ONLY;
4061 }
4062 }
4063
4064 cc = unit_get_cgroup_context(u);
4065 if (cc) {
4066
4067 if (ec &&
4068 ec->private_devices &&
4069 cc->device_policy == CGROUP_AUTO)
4070 cc->device_policy = CGROUP_CLOSED;
4071 }
4072
4073 return 0;
4074 }
4075
4076 ExecContext *unit_get_exec_context(Unit *u) {
4077 size_t offset;
4078 assert(u);
4079
4080 if (u->type < 0)
4081 return NULL;
4082
4083 offset = UNIT_VTABLE(u)->exec_context_offset;
4084 if (offset <= 0)
4085 return NULL;
4086
4087 return (ExecContext*) ((uint8_t*) u + offset);
4088 }
4089
4090 KillContext *unit_get_kill_context(Unit *u) {
4091 size_t offset;
4092 assert(u);
4093
4094 if (u->type < 0)
4095 return NULL;
4096
4097 offset = UNIT_VTABLE(u)->kill_context_offset;
4098 if (offset <= 0)
4099 return NULL;
4100
4101 return (KillContext*) ((uint8_t*) u + offset);
4102 }
4103
4104 CGroupContext *unit_get_cgroup_context(Unit *u) {
4105 size_t offset;
4106
4107 if (u->type < 0)
4108 return NULL;
4109
4110 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4111 if (offset <= 0)
4112 return NULL;
4113
4114 return (CGroupContext*) ((uint8_t*) u + offset);
4115 }
4116
4117 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4118 size_t offset;
4119
4120 if (u->type < 0)
4121 return NULL;
4122
4123 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4124 if (offset <= 0)
4125 return NULL;
4126
4127 return *(ExecRuntime**) ((uint8_t*) u + offset);
4128 }
4129
4130 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4131 assert(u);
4132
4133 if (UNIT_WRITE_FLAGS_NOOP(flags))
4134 return NULL;
4135
4136 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4137 return u->manager->lookup_paths.transient;
4138
4139 if (flags & UNIT_PERSISTENT)
4140 return u->manager->lookup_paths.persistent_control;
4141
4142 if (flags & UNIT_RUNTIME)
4143 return u->manager->lookup_paths.runtime_control;
4144
4145 return NULL;
4146 }
4147
4148 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4149 char *ret = NULL;
4150
4151 if (!s)
4152 return NULL;
4153
4154 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4155 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4156 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4157 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4158 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4159 * allocations. */
4160
4161 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4162 ret = specifier_escape(s);
4163 if (!ret)
4164 return NULL;
4165
4166 s = ret;
4167 }
4168
4169 if (flags & UNIT_ESCAPE_C) {
4170 char *a;
4171
4172 a = cescape(s);
4173 free(ret);
4174 if (!a)
4175 return NULL;
4176
4177 ret = a;
4178 }
4179
4180 if (buf) {
4181 *buf = ret;
4182 return ret ?: (char*) s;
4183 }
4184
4185 return ret ?: strdup(s);
4186 }
4187
4188 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4189 _cleanup_free_ char *result = NULL;
4190 size_t n = 0, allocated = 0;
4191 char **i;
4192
4193 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4194 * way suitable for ExecStart= stanzas */
4195
4196 STRV_FOREACH(i, l) {
4197 _cleanup_free_ char *buf = NULL;
4198 const char *p;
4199 size_t a;
4200 char *q;
4201
4202 p = unit_escape_setting(*i, flags, &buf);
4203 if (!p)
4204 return NULL;
4205
4206 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4207 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4208 return NULL;
4209
4210 q = result + n;
4211 if (n > 0)
4212 *(q++) = ' ';
4213
4214 *(q++) = '"';
4215 q = stpcpy(q, p);
4216 *(q++) = '"';
4217
4218 n += a;
4219 }
4220
4221 if (!GREEDY_REALLOC(result, allocated, n + 1))
4222 return NULL;
4223
4224 result[n] = 0;
4225
4226 return TAKE_PTR(result);
4227 }
4228
4229 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4230 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4231 const char *dir, *wrapped;
4232 int r;
4233
4234 assert(u);
4235 assert(name);
4236 assert(data);
4237
4238 if (UNIT_WRITE_FLAGS_NOOP(flags))
4239 return 0;
4240
4241 data = unit_escape_setting(data, flags, &escaped);
4242 if (!data)
4243 return -ENOMEM;
4244
4245 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4246 * previous section header is the same */
4247
4248 if (flags & UNIT_PRIVATE) {
4249 if (!UNIT_VTABLE(u)->private_section)
4250 return -EINVAL;
4251
4252 if (!u->transient_file || u->last_section_private < 0)
4253 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4254 else if (u->last_section_private == 0)
4255 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4256 } else {
4257 if (!u->transient_file || u->last_section_private < 0)
4258 data = strjoina("[Unit]\n", data);
4259 else if (u->last_section_private > 0)
4260 data = strjoina("\n[Unit]\n", data);
4261 }
4262
4263 if (u->transient_file) {
4264 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4265 * write to the transient unit file. */
4266 fputs(data, u->transient_file);
4267
4268 if (!endswith(data, "\n"))
4269 fputc('\n', u->transient_file);
4270
4271 /* Remember which section we wrote this entry to */
4272 u->last_section_private = !!(flags & UNIT_PRIVATE);
4273 return 0;
4274 }
4275
4276 dir = unit_drop_in_dir(u, flags);
4277 if (!dir)
4278 return -EINVAL;
4279
4280 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4281 "# or an equivalent operation. Do not edit.\n",
4282 data,
4283 "\n");
4284
4285 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4286 if (r < 0)
4287 return r;
4288
4289 (void) mkdir_p_label(p, 0755);
4290 r = write_string_file_atomic_label(q, wrapped);
4291 if (r < 0)
4292 return r;
4293
4294 r = strv_push(&u->dropin_paths, q);
4295 if (r < 0)
4296 return r;
4297 q = NULL;
4298
4299 strv_uniq(u->dropin_paths);
4300
4301 u->dropin_mtime = now(CLOCK_REALTIME);
4302
4303 return 0;
4304 }
4305
4306 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4307 _cleanup_free_ char *p = NULL;
4308 va_list ap;
4309 int r;
4310
4311 assert(u);
4312 assert(name);
4313 assert(format);
4314
4315 if (UNIT_WRITE_FLAGS_NOOP(flags))
4316 return 0;
4317
4318 va_start(ap, format);
4319 r = vasprintf(&p, format, ap);
4320 va_end(ap);
4321
4322 if (r < 0)
4323 return -ENOMEM;
4324
4325 return unit_write_setting(u, flags, name, p);
4326 }
4327
4328 int unit_make_transient(Unit *u) {
4329 _cleanup_free_ char *path = NULL;
4330 FILE *f;
4331
4332 assert(u);
4333
4334 if (!UNIT_VTABLE(u)->can_transient)
4335 return -EOPNOTSUPP;
4336
4337 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4338
4339 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4340 if (!path)
4341 return -ENOMEM;
4342
4343 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4344 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4345
4346 RUN_WITH_UMASK(0022) {
4347 f = fopen(path, "we");
4348 if (!f)
4349 return -errno;
4350 }
4351
4352 safe_fclose(u->transient_file);
4353 u->transient_file = f;
4354
4355 free_and_replace(u->fragment_path, path);
4356
4357 u->source_path = mfree(u->source_path);
4358 u->dropin_paths = strv_free(u->dropin_paths);
4359 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4360
4361 u->load_state = UNIT_STUB;
4362 u->load_error = 0;
4363 u->transient = true;
4364
4365 unit_add_to_dbus_queue(u);
4366 unit_add_to_gc_queue(u);
4367
4368 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4369 u->transient_file);
4370
4371 return 0;
4372 }
4373
4374 static void log_kill(pid_t pid, int sig, void *userdata) {
4375 _cleanup_free_ char *comm = NULL;
4376
4377 (void) get_process_comm(pid, &comm);
4378
4379 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4380 only, like for example systemd's own PAM stub process. */
4381 if (comm && comm[0] == '(')
4382 return;
4383
4384 log_unit_notice(userdata,
4385 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4386 pid,
4387 strna(comm),
4388 signal_to_string(sig));
4389 }
4390
4391 static int operation_to_signal(KillContext *c, KillOperation k) {
4392 assert(c);
4393
4394 switch (k) {
4395
4396 case KILL_TERMINATE:
4397 case KILL_TERMINATE_AND_LOG:
4398 return c->kill_signal;
4399
4400 case KILL_KILL:
4401 return SIGKILL;
4402
4403 case KILL_ABORT:
4404 return SIGABRT;
4405
4406 default:
4407 assert_not_reached("KillOperation unknown");
4408 }
4409 }
4410
4411 int unit_kill_context(
4412 Unit *u,
4413 KillContext *c,
4414 KillOperation k,
4415 pid_t main_pid,
4416 pid_t control_pid,
4417 bool main_pid_alien) {
4418
4419 bool wait_for_exit = false, send_sighup;
4420 cg_kill_log_func_t log_func = NULL;
4421 int sig, r;
4422
4423 assert(u);
4424 assert(c);
4425
4426 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4427 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4428
4429 if (c->kill_mode == KILL_NONE)
4430 return 0;
4431
4432 sig = operation_to_signal(c, k);
4433
4434 send_sighup =
4435 c->send_sighup &&
4436 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4437 sig != SIGHUP;
4438
4439 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4440 log_func = log_kill;
4441
4442 if (main_pid > 0) {
4443 if (log_func)
4444 log_func(main_pid, sig, u);
4445
4446 r = kill_and_sigcont(main_pid, sig);
4447 if (r < 0 && r != -ESRCH) {
4448 _cleanup_free_ char *comm = NULL;
4449 (void) get_process_comm(main_pid, &comm);
4450
4451 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4452 } else {
4453 if (!main_pid_alien)
4454 wait_for_exit = true;
4455
4456 if (r != -ESRCH && send_sighup)
4457 (void) kill(main_pid, SIGHUP);
4458 }
4459 }
4460
4461 if (control_pid > 0) {
4462 if (log_func)
4463 log_func(control_pid, sig, u);
4464
4465 r = kill_and_sigcont(control_pid, sig);
4466 if (r < 0 && r != -ESRCH) {
4467 _cleanup_free_ char *comm = NULL;
4468 (void) get_process_comm(control_pid, &comm);
4469
4470 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4471 } else {
4472 wait_for_exit = true;
4473
4474 if (r != -ESRCH && send_sighup)
4475 (void) kill(control_pid, SIGHUP);
4476 }
4477 }
4478
4479 if (u->cgroup_path &&
4480 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4481 _cleanup_set_free_ Set *pid_set = NULL;
4482
4483 /* Exclude the main/control pids from being killed via the cgroup */
4484 pid_set = unit_pid_set(main_pid, control_pid);
4485 if (!pid_set)
4486 return -ENOMEM;
4487
4488 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4489 sig,
4490 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4491 pid_set,
4492 log_func, u);
4493 if (r < 0) {
4494 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4495 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4496
4497 } else if (r > 0) {
4498
4499 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4500 * we are running in a container or if this is a delegation unit, simply because cgroup
4501 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4502 * of containers it can be confused easily by left-over directories in the cgroup — which
4503 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4504 * there we get proper events. Hence rely on them. */
4505
4506 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4507 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4508 wait_for_exit = true;
4509
4510 if (send_sighup) {
4511 set_free(pid_set);
4512
4513 pid_set = unit_pid_set(main_pid, control_pid);
4514 if (!pid_set)
4515 return -ENOMEM;
4516
4517 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4518 SIGHUP,
4519 CGROUP_IGNORE_SELF,
4520 pid_set,
4521 NULL, NULL);
4522 }
4523 }
4524 }
4525
4526 return wait_for_exit;
4527 }
4528
4529 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4530 _cleanup_free_ char *p = NULL;
4531 char *prefix;
4532 UnitDependencyInfo di;
4533 int r;
4534
4535 assert(u);
4536 assert(path);
4537
4538 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4539 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4540 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4541 * determine which units to make themselves a dependency of. */
4542
4543 if (!path_is_absolute(path))
4544 return -EINVAL;
4545
4546 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4547 if (r < 0)
4548 return r;
4549
4550 p = strdup(path);
4551 if (!p)
4552 return -ENOMEM;
4553
4554 path = path_simplify(p, false);
4555
4556 if (!path_is_normalized(path))
4557 return -EPERM;
4558
4559 if (hashmap_contains(u->requires_mounts_for, path))
4560 return 0;
4561
4562 di = (UnitDependencyInfo) {
4563 .origin_mask = mask
4564 };
4565
4566 r = hashmap_put(u->requires_mounts_for, path, di.data);
4567 if (r < 0)
4568 return r;
4569 p = NULL;
4570
4571 prefix = alloca(strlen(path) + 1);
4572 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4573 Set *x;
4574
4575 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4576 if (!x) {
4577 _cleanup_free_ char *q = NULL;
4578
4579 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4580 if (r < 0)
4581 return r;
4582
4583 q = strdup(prefix);
4584 if (!q)
4585 return -ENOMEM;
4586
4587 x = set_new(NULL);
4588 if (!x)
4589 return -ENOMEM;
4590
4591 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4592 if (r < 0) {
4593 set_free(x);
4594 return r;
4595 }
4596 q = NULL;
4597 }
4598
4599 r = set_put(x, u);
4600 if (r < 0)
4601 return r;
4602 }
4603
4604 return 0;
4605 }
4606
4607 int unit_setup_exec_runtime(Unit *u) {
4608 ExecRuntime **rt;
4609 size_t offset;
4610 Unit *other;
4611 Iterator i;
4612 void *v;
4613 int r;
4614
4615 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4616 assert(offset > 0);
4617
4618 /* Check if there already is an ExecRuntime for this unit? */
4619 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4620 if (*rt)
4621 return 0;
4622
4623 /* Try to get it from somebody else */
4624 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4625 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4626 if (r == 1)
4627 return 1;
4628 }
4629
4630 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4631 }
4632
4633 int unit_setup_dynamic_creds(Unit *u) {
4634 ExecContext *ec;
4635 DynamicCreds *dcreds;
4636 size_t offset;
4637
4638 assert(u);
4639
4640 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4641 assert(offset > 0);
4642 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4643
4644 ec = unit_get_exec_context(u);
4645 assert(ec);
4646
4647 if (!ec->dynamic_user)
4648 return 0;
4649
4650 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4651 }
4652
4653 bool unit_type_supported(UnitType t) {
4654 if (_unlikely_(t < 0))
4655 return false;
4656 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4657 return false;
4658
4659 if (!unit_vtable[t]->supported)
4660 return true;
4661
4662 return unit_vtable[t]->supported();
4663 }
4664
4665 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4666 int r;
4667
4668 assert(u);
4669 assert(where);
4670
4671 r = dir_is_empty(where);
4672 if (r > 0 || r == -ENOTDIR)
4673 return;
4674 if (r < 0) {
4675 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4676 return;
4677 }
4678
4679 log_struct(LOG_NOTICE,
4680 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4681 LOG_UNIT_ID(u),
4682 LOG_UNIT_INVOCATION_ID(u),
4683 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4684 "WHERE=%s", where,
4685 NULL);
4686 }
4687
4688 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4689 _cleanup_free_ char *canonical_where;
4690 int r;
4691
4692 assert(u);
4693 assert(where);
4694
4695 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4696 if (r < 0) {
4697 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4698 return 0;
4699 }
4700
4701 /* We will happily ignore a trailing slash (or any redundant slashes) */
4702 if (path_equal(where, canonical_where))
4703 return 0;
4704
4705 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4706 log_struct(LOG_ERR,
4707 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4708 LOG_UNIT_ID(u),
4709 LOG_UNIT_INVOCATION_ID(u),
4710 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4711 "WHERE=%s", where,
4712 NULL);
4713
4714 return -ELOOP;
4715 }
4716
4717 bool unit_is_pristine(Unit *u) {
4718 assert(u);
4719
4720 /* Check if the unit already exists or is already around,
4721 * in a number of different ways. Note that to cater for unit
4722 * types such as slice, we are generally fine with units that
4723 * are marked UNIT_LOADED even though nothing was actually
4724 * loaded, as those unit types don't require a file on disk. */
4725
4726 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4727 u->fragment_path ||
4728 u->source_path ||
4729 !strv_isempty(u->dropin_paths) ||
4730 u->job ||
4731 u->merged_into);
4732 }
4733
4734 pid_t unit_control_pid(Unit *u) {
4735 assert(u);
4736
4737 if (UNIT_VTABLE(u)->control_pid)
4738 return UNIT_VTABLE(u)->control_pid(u);
4739
4740 return 0;
4741 }
4742
4743 pid_t unit_main_pid(Unit *u) {
4744 assert(u);
4745
4746 if (UNIT_VTABLE(u)->main_pid)
4747 return UNIT_VTABLE(u)->main_pid(u);
4748
4749 return 0;
4750 }
4751
4752 static void unit_unref_uid_internal(
4753 Unit *u,
4754 uid_t *ref_uid,
4755 bool destroy_now,
4756 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4757
4758 assert(u);
4759 assert(ref_uid);
4760 assert(_manager_unref_uid);
4761
4762 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4763 * gid_t are actually the same time, with the same validity rules.
4764 *
4765 * Drops a reference to UID/GID from a unit. */
4766
4767 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4768 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4769
4770 if (!uid_is_valid(*ref_uid))
4771 return;
4772
4773 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4774 *ref_uid = UID_INVALID;
4775 }
4776
4777 void unit_unref_uid(Unit *u, bool destroy_now) {
4778 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4779 }
4780
4781 void unit_unref_gid(Unit *u, bool destroy_now) {
4782 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4783 }
4784
4785 static int unit_ref_uid_internal(
4786 Unit *u,
4787 uid_t *ref_uid,
4788 uid_t uid,
4789 bool clean_ipc,
4790 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4791
4792 int r;
4793
4794 assert(u);
4795 assert(ref_uid);
4796 assert(uid_is_valid(uid));
4797 assert(_manager_ref_uid);
4798
4799 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4800 * are actually the same type, and have the same validity rules.
4801 *
4802 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4803 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4804 * drops to zero. */
4805
4806 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4807 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4808
4809 if (*ref_uid == uid)
4810 return 0;
4811
4812 if (uid_is_valid(*ref_uid)) /* Already set? */
4813 return -EBUSY;
4814
4815 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4816 if (r < 0)
4817 return r;
4818
4819 *ref_uid = uid;
4820 return 1;
4821 }
4822
4823 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4824 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4825 }
4826
4827 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4828 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4829 }
4830
4831 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4832 int r = 0, q = 0;
4833
4834 assert(u);
4835
4836 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4837
4838 if (uid_is_valid(uid)) {
4839 r = unit_ref_uid(u, uid, clean_ipc);
4840 if (r < 0)
4841 return r;
4842 }
4843
4844 if (gid_is_valid(gid)) {
4845 q = unit_ref_gid(u, gid, clean_ipc);
4846 if (q < 0) {
4847 if (r > 0)
4848 unit_unref_uid(u, false);
4849
4850 return q;
4851 }
4852 }
4853
4854 return r > 0 || q > 0;
4855 }
4856
4857 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4858 ExecContext *c;
4859 int r;
4860
4861 assert(u);
4862
4863 c = unit_get_exec_context(u);
4864
4865 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4866 if (r < 0)
4867 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4868
4869 return r;
4870 }
4871
4872 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4873 assert(u);
4874
4875 unit_unref_uid(u, destroy_now);
4876 unit_unref_gid(u, destroy_now);
4877 }
4878
4879 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4880 int r;
4881
4882 assert(u);
4883
4884 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4885 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4886 * objects when no service references the UID/GID anymore. */
4887
4888 r = unit_ref_uid_gid(u, uid, gid);
4889 if (r > 0)
4890 bus_unit_send_change_signal(u);
4891 }
4892
4893 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4894 int r;
4895
4896 assert(u);
4897
4898 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4899
4900 if (sd_id128_equal(u->invocation_id, id))
4901 return 0;
4902
4903 if (!sd_id128_is_null(u->invocation_id))
4904 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4905
4906 if (sd_id128_is_null(id)) {
4907 r = 0;
4908 goto reset;
4909 }
4910
4911 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4912 if (r < 0)
4913 goto reset;
4914
4915 u->invocation_id = id;
4916 sd_id128_to_string(id, u->invocation_id_string);
4917
4918 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4919 if (r < 0)
4920 goto reset;
4921
4922 return 0;
4923
4924 reset:
4925 u->invocation_id = SD_ID128_NULL;
4926 u->invocation_id_string[0] = 0;
4927 return r;
4928 }
4929
4930 int unit_acquire_invocation_id(Unit *u) {
4931 sd_id128_t id;
4932 int r;
4933
4934 assert(u);
4935
4936 r = sd_id128_randomize(&id);
4937 if (r < 0)
4938 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4939
4940 r = unit_set_invocation_id(u, id);
4941 if (r < 0)
4942 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4943
4944 return 0;
4945 }
4946
4947 void unit_set_exec_params(Unit *u, ExecParameters *p) {
4948 assert(u);
4949 assert(p);
4950
4951 /* Copy parameters from manager */
4952 p->environment = u->manager->environment;
4953 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
4954 p->cgroup_supported = u->manager->cgroup_supported;
4955 p->prefix = u->manager->prefix;
4956 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
4957
4958 /* Copy paramaters from unit */
4959 p->cgroup_path = u->cgroup_path;
4960 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
4961 }
4962
4963 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
4964 int r;
4965
4966 assert(u);
4967 assert(ret);
4968
4969 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4970 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4971
4972 (void) unit_realize_cgroup(u);
4973
4974 r = safe_fork(name, FORK_REOPEN_LOG, ret);
4975 if (r != 0)
4976 return r;
4977
4978 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
4979 (void) ignore_signals(SIGPIPE, -1);
4980
4981 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
4982
4983 if (u->cgroup_path) {
4984 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
4985 if (r < 0) {
4986 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
4987 _exit(EXIT_CGROUP);
4988 }
4989 }
4990
4991 return 0;
4992 }
4993
4994 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
4995 assert(u);
4996 assert(d >= 0);
4997 assert(d < _UNIT_DEPENDENCY_MAX);
4998 assert(other);
4999
5000 if (di.origin_mask == 0 && di.destination_mask == 0) {
5001 /* No bit set anymore, let's drop the whole entry */
5002 assert_se(hashmap_remove(u->dependencies[d], other));
5003 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5004 } else
5005 /* Mask was reduced, let's update the entry */
5006 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5007 }
5008
5009 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5010 UnitDependency d;
5011
5012 assert(u);
5013
5014 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5015
5016 if (mask == 0)
5017 return;
5018
5019 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5020 bool done;
5021
5022 do {
5023 UnitDependencyInfo di;
5024 Unit *other;
5025 Iterator i;
5026
5027 done = true;
5028
5029 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5030 UnitDependency q;
5031
5032 if ((di.origin_mask & ~mask) == di.origin_mask)
5033 continue;
5034 di.origin_mask &= ~mask;
5035 unit_update_dependency_mask(u, d, other, di);
5036
5037 /* We updated the dependency from our unit to the other unit now. But most dependencies
5038 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5039 * all dependency types on the other unit and delete all those which point to us and
5040 * have the right mask set. */
5041
5042 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5043 UnitDependencyInfo dj;
5044
5045 dj.data = hashmap_get(other->dependencies[q], u);
5046 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5047 continue;
5048 dj.destination_mask &= ~mask;
5049
5050 unit_update_dependency_mask(other, q, u, dj);
5051 }
5052
5053 unit_add_to_gc_queue(other);
5054
5055 done = false;
5056 break;
5057 }
5058
5059 } while (!done);
5060 }
5061 }
5062
5063 static int unit_export_invocation_id(Unit *u) {
5064 const char *p;
5065 int r;
5066
5067 assert(u);
5068
5069 if (u->exported_invocation_id)
5070 return 0;
5071
5072 if (sd_id128_is_null(u->invocation_id))
5073 return 0;
5074
5075 p = strjoina("/run/systemd/units/invocation:", u->id);
5076 r = symlink_atomic(u->invocation_id_string, p);
5077 if (r < 0)
5078 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5079
5080 u->exported_invocation_id = true;
5081 return 0;
5082 }
5083
5084 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5085 const char *p;
5086 char buf[2];
5087 int r;
5088
5089 assert(u);
5090 assert(c);
5091
5092 if (u->exported_log_level_max)
5093 return 0;
5094
5095 if (c->log_level_max < 0)
5096 return 0;
5097
5098 assert(c->log_level_max <= 7);
5099
5100 buf[0] = '0' + c->log_level_max;
5101 buf[1] = 0;
5102
5103 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5104 r = symlink_atomic(buf, p);
5105 if (r < 0)
5106 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5107
5108 u->exported_log_level_max = true;
5109 return 0;
5110 }
5111
5112 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5113 _cleanup_close_ int fd = -1;
5114 struct iovec *iovec;
5115 const char *p;
5116 char *pattern;
5117 le64_t *sizes;
5118 ssize_t n;
5119 size_t i;
5120 int r;
5121
5122 if (u->exported_log_extra_fields)
5123 return 0;
5124
5125 if (c->n_log_extra_fields <= 0)
5126 return 0;
5127
5128 sizes = newa(le64_t, c->n_log_extra_fields);
5129 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5130
5131 for (i = 0; i < c->n_log_extra_fields; i++) {
5132 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5133
5134 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5135 iovec[i*2+1] = c->log_extra_fields[i];
5136 }
5137
5138 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5139 pattern = strjoina(p, ".XXXXXX");
5140
5141 fd = mkostemp_safe(pattern);
5142 if (fd < 0)
5143 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5144
5145 n = writev(fd, iovec, c->n_log_extra_fields*2);
5146 if (n < 0) {
5147 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5148 goto fail;
5149 }
5150
5151 (void) fchmod(fd, 0644);
5152
5153 if (rename(pattern, p) < 0) {
5154 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5155 goto fail;
5156 }
5157
5158 u->exported_log_extra_fields = true;
5159 return 0;
5160
5161 fail:
5162 (void) unlink(pattern);
5163 return r;
5164 }
5165
5166 void unit_export_state_files(Unit *u) {
5167 const ExecContext *c;
5168
5169 assert(u);
5170
5171 if (!u->id)
5172 return;
5173
5174 if (!MANAGER_IS_SYSTEM(u->manager))
5175 return;
5176
5177 if (u->manager->test_run_flags != 0)
5178 return;
5179
5180 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5181 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5182 * the IPC system itself and PID 1 also log to the journal.
5183 *
5184 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5185 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5186 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5187 * namespace at least.
5188 *
5189 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5190 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5191 * them with one. */
5192
5193 (void) unit_export_invocation_id(u);
5194
5195 c = unit_get_exec_context(u);
5196 if (c) {
5197 (void) unit_export_log_level_max(u, c);
5198 (void) unit_export_log_extra_fields(u, c);
5199 }
5200 }
5201
5202 void unit_unlink_state_files(Unit *u) {
5203 const char *p;
5204
5205 assert(u);
5206
5207 if (!u->id)
5208 return;
5209
5210 if (!MANAGER_IS_SYSTEM(u->manager))
5211 return;
5212
5213 /* Undoes the effect of unit_export_state() */
5214
5215 if (u->exported_invocation_id) {
5216 p = strjoina("/run/systemd/units/invocation:", u->id);
5217 (void) unlink(p);
5218
5219 u->exported_invocation_id = false;
5220 }
5221
5222 if (u->exported_log_level_max) {
5223 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5224 (void) unlink(p);
5225
5226 u->exported_log_level_max = false;
5227 }
5228
5229 if (u->exported_log_extra_fields) {
5230 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5231 (void) unlink(p);
5232
5233 u->exported_log_extra_fields = false;
5234 }
5235 }
5236
5237 int unit_prepare_exec(Unit *u) {
5238 int r;
5239
5240 assert(u);
5241
5242 /* Prepares everything so that we can fork of a process for this unit */
5243
5244 (void) unit_realize_cgroup(u);
5245
5246 if (u->reset_accounting) {
5247 (void) unit_reset_cpu_accounting(u);
5248 (void) unit_reset_ip_accounting(u);
5249 u->reset_accounting = false;
5250 }
5251
5252 unit_export_state_files(u);
5253
5254 r = unit_setup_exec_runtime(u);
5255 if (r < 0)
5256 return r;
5257
5258 r = unit_setup_dynamic_creds(u);
5259 if (r < 0)
5260 return r;
5261
5262 return 0;
5263 }
5264
5265 static void log_leftover(pid_t pid, int sig, void *userdata) {
5266 _cleanup_free_ char *comm = NULL;
5267
5268 (void) get_process_comm(pid, &comm);
5269
5270 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5271 return;
5272
5273 log_unit_warning(userdata,
5274 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5275 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5276 pid, strna(comm));
5277 }
5278
5279 void unit_warn_leftover_processes(Unit *u) {
5280 assert(u);
5281
5282 (void) unit_pick_cgroup_path(u);
5283
5284 if (!u->cgroup_path)
5285 return;
5286
5287 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5288 }
5289
5290 bool unit_needs_console(Unit *u) {
5291 ExecContext *ec;
5292 UnitActiveState state;
5293
5294 assert(u);
5295
5296 state = unit_active_state(u);
5297
5298 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5299 return false;
5300
5301 if (UNIT_VTABLE(u)->needs_console)
5302 return UNIT_VTABLE(u)->needs_console(u);
5303
5304 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5305 ec = unit_get_exec_context(u);
5306 if (!ec)
5307 return false;
5308
5309 return exec_context_may_touch_console(ec);
5310 }
5311
5312 const char *unit_label_path(Unit *u) {
5313 const char *p;
5314
5315 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5316 * when validating access checks. */
5317
5318 p = u->source_path ?: u->fragment_path;
5319 if (!p)
5320 return NULL;
5321
5322 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5323 if (path_equal(p, "/dev/null"))
5324 return NULL;
5325
5326 return p;
5327 }
5328
5329 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5330 int r;
5331
5332 assert(u);
5333
5334 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5335 * and not a kernel thread either */
5336
5337 /* First, a simple range check */
5338 if (!pid_is_valid(pid))
5339 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5340
5341 /* Some extra safety check */
5342 if (pid == 1 || pid == getpid_cached())
5343 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5344
5345 /* Don't even begin to bother with kernel threads */
5346 r = is_kernel_thread(pid);
5347 if (r == -ESRCH)
5348 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5349 if (r < 0)
5350 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5351 if (r > 0)
5352 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5353
5354 return 0;
5355 }
5356
5357 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5358 [COLLECT_INACTIVE] = "inactive",
5359 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5360 };
5361
5362 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.