]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #8368 from yuwata/nss-systemd-getpwent
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <sys/prctl.h>
25 #include <sys/stat.h>
26 #include <unistd.h>
27
28 #include "sd-id128.h"
29 #include "sd-messages.h"
30
31 #include "alloc-util.h"
32 #include "bus-common-errors.h"
33 #include "bus-util.h"
34 #include "cgroup-util.h"
35 #include "dbus-unit.h"
36 #include "dbus.h"
37 #include "dropin.h"
38 #include "escape.h"
39 #include "execute.h"
40 #include "fd-util.h"
41 #include "fileio-label.h"
42 #include "format-util.h"
43 #include "fs-util.h"
44 #include "id128-util.h"
45 #include "io-util.h"
46 #include "load-dropin.h"
47 #include "load-fragment.h"
48 #include "log.h"
49 #include "macro.h"
50 #include "missing.h"
51 #include "mkdir.h"
52 #include "parse-util.h"
53 #include "path-util.h"
54 #include "process-util.h"
55 #include "set.h"
56 #include "signal-util.h"
57 #include "sparse-endian.h"
58 #include "special.h"
59 #include "specifier.h"
60 #include "stat-util.h"
61 #include "stdio-util.h"
62 #include "string-table.h"
63 #include "string-util.h"
64 #include "strv.h"
65 #include "umask-util.h"
66 #include "unit-name.h"
67 #include "unit.h"
68 #include "user-util.h"
69 #include "virt.h"
70
71 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
72 [UNIT_SERVICE] = &service_vtable,
73 [UNIT_SOCKET] = &socket_vtable,
74 [UNIT_TARGET] = &target_vtable,
75 [UNIT_DEVICE] = &device_vtable,
76 [UNIT_MOUNT] = &mount_vtable,
77 [UNIT_AUTOMOUNT] = &automount_vtable,
78 [UNIT_SWAP] = &swap_vtable,
79 [UNIT_TIMER] = &timer_vtable,
80 [UNIT_PATH] = &path_vtable,
81 [UNIT_SLICE] = &slice_vtable,
82 [UNIT_SCOPE] = &scope_vtable,
83 };
84
85 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
86
87 Unit *unit_new(Manager *m, size_t size) {
88 Unit *u;
89
90 assert(m);
91 assert(size >= sizeof(Unit));
92
93 u = malloc0(size);
94 if (!u)
95 return NULL;
96
97 u->names = set_new(&string_hash_ops);
98 if (!u->names)
99 return mfree(u);
100
101 u->manager = m;
102 u->type = _UNIT_TYPE_INVALID;
103 u->default_dependencies = true;
104 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
105 u->unit_file_preset = -1;
106 u->on_failure_job_mode = JOB_REPLACE;
107 u->cgroup_inotify_wd = -1;
108 u->job_timeout = USEC_INFINITY;
109 u->job_running_timeout = USEC_INFINITY;
110 u->ref_uid = UID_INVALID;
111 u->ref_gid = GID_INVALID;
112 u->cpu_usage_last = NSEC_INFINITY;
113 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
114
115 u->ip_accounting_ingress_map_fd = -1;
116 u->ip_accounting_egress_map_fd = -1;
117 u->ipv4_allow_map_fd = -1;
118 u->ipv6_allow_map_fd = -1;
119 u->ipv4_deny_map_fd = -1;
120 u->ipv6_deny_map_fd = -1;
121
122 u->last_section_private = -1;
123
124 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
125 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
126
127 return u;
128 }
129
130 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
131 _cleanup_(unit_freep) Unit *u = NULL;
132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
139 if (r < 0)
140 return r;
141
142 *ret = u;
143 u = NULL;
144 return r;
145 }
146
147 bool unit_has_name(Unit *u, const char *name) {
148 assert(u);
149 assert(name);
150
151 return set_contains(u->names, (char*) name);
152 }
153
154 static void unit_init(Unit *u) {
155 CGroupContext *cc;
156 ExecContext *ec;
157 KillContext *kc;
158
159 assert(u);
160 assert(u->manager);
161 assert(u->type >= 0);
162
163 cc = unit_get_cgroup_context(u);
164 if (cc) {
165 cgroup_context_init(cc);
166
167 /* Copy in the manager defaults into the cgroup
168 * context, _before_ the rest of the settings have
169 * been initialized */
170
171 cc->cpu_accounting = u->manager->default_cpu_accounting;
172 cc->io_accounting = u->manager->default_io_accounting;
173 cc->ip_accounting = u->manager->default_ip_accounting;
174 cc->blockio_accounting = u->manager->default_blockio_accounting;
175 cc->memory_accounting = u->manager->default_memory_accounting;
176 cc->tasks_accounting = u->manager->default_tasks_accounting;
177 cc->ip_accounting = u->manager->default_ip_accounting;
178
179 if (u->type != UNIT_SLICE)
180 cc->tasks_max = u->manager->default_tasks_max;
181 }
182
183 ec = unit_get_exec_context(u);
184 if (ec) {
185 exec_context_init(ec);
186
187 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
188 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
189 }
190
191 kc = unit_get_kill_context(u);
192 if (kc)
193 kill_context_init(kc);
194
195 if (UNIT_VTABLE(u)->init)
196 UNIT_VTABLE(u)->init(u);
197 }
198
199 int unit_add_name(Unit *u, const char *text) {
200 _cleanup_free_ char *s = NULL, *i = NULL;
201 UnitType t;
202 int r;
203
204 assert(u);
205 assert(text);
206
207 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
208
209 if (!u->instance)
210 return -EINVAL;
211
212 r = unit_name_replace_instance(text, u->instance, &s);
213 if (r < 0)
214 return r;
215 } else {
216 s = strdup(text);
217 if (!s)
218 return -ENOMEM;
219 }
220
221 if (set_contains(u->names, s))
222 return 0;
223 if (hashmap_contains(u->manager->units, s))
224 return -EEXIST;
225
226 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
227 return -EINVAL;
228
229 t = unit_name_to_type(s);
230 if (t < 0)
231 return -EINVAL;
232
233 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
234 return -EINVAL;
235
236 r = unit_name_to_instance(s, &i);
237 if (r < 0)
238 return r;
239
240 if (i && !unit_type_may_template(t))
241 return -EINVAL;
242
243 /* Ensure that this unit is either instanced or not instanced,
244 * but not both. Note that we do allow names with different
245 * instance names however! */
246 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
247 return -EINVAL;
248
249 if (!unit_type_may_alias(t) && !set_isempty(u->names))
250 return -EEXIST;
251
252 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
253 return -E2BIG;
254
255 r = set_put(u->names, s);
256 if (r < 0)
257 return r;
258 assert(r > 0);
259
260 r = hashmap_put(u->manager->units, s, u);
261 if (r < 0) {
262 (void) set_remove(u->names, s);
263 return r;
264 }
265
266 if (u->type == _UNIT_TYPE_INVALID) {
267 u->type = t;
268 u->id = s;
269 u->instance = i;
270
271 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
272
273 unit_init(u);
274
275 i = NULL;
276 }
277
278 s = NULL;
279
280 unit_add_to_dbus_queue(u);
281 return 0;
282 }
283
284 int unit_choose_id(Unit *u, const char *name) {
285 _cleanup_free_ char *t = NULL;
286 char *s, *i;
287 int r;
288
289 assert(u);
290 assert(name);
291
292 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
293
294 if (!u->instance)
295 return -EINVAL;
296
297 r = unit_name_replace_instance(name, u->instance, &t);
298 if (r < 0)
299 return r;
300
301 name = t;
302 }
303
304 /* Selects one of the names of this unit as the id */
305 s = set_get(u->names, (char*) name);
306 if (!s)
307 return -ENOENT;
308
309 /* Determine the new instance from the new id */
310 r = unit_name_to_instance(s, &i);
311 if (r < 0)
312 return r;
313
314 u->id = s;
315
316 free(u->instance);
317 u->instance = i;
318
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 int unit_set_description(Unit *u, const char *description) {
325 int r;
326
327 assert(u);
328
329 r = free_and_strdup(&u->description, empty_to_null(description));
330 if (r < 0)
331 return r;
332 if (r > 0)
333 unit_add_to_dbus_queue(u);
334
335 return 0;
336 }
337
338 bool unit_may_gc(Unit *u) {
339 UnitActiveState state;
340 int r;
341
342 assert(u);
343
344 /* Checks whether the unit is ready to be unloaded for garbage collection.
345 * Returns true when the unit may be collected, and false if there's some
346 * reason to keep it loaded.
347 *
348 * References from other units are *not* checked here. Instead, this is done
349 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
350 */
351
352 if (u->job)
353 return false;
354
355 if (u->nop_job)
356 return false;
357
358 state = unit_active_state(u);
359
360 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
361 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
362 UNIT_VTABLE(u)->release_resources)
363 UNIT_VTABLE(u)->release_resources(u);
364
365 if (u->perpetual)
366 return false;
367
368 if (sd_bus_track_count(u->bus_track) > 0)
369 return false;
370
371 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
372 switch (u->collect_mode) {
373
374 case COLLECT_INACTIVE:
375 if (state != UNIT_INACTIVE)
376 return false;
377
378 break;
379
380 case COLLECT_INACTIVE_OR_FAILED:
381 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
382 return false;
383
384 break;
385
386 default:
387 assert_not_reached("Unknown garbage collection mode");
388 }
389
390 if (u->cgroup_path) {
391 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
392 * around. Units with active processes should never be collected. */
393
394 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
395 if (r < 0)
396 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
397 if (r <= 0)
398 return false;
399 }
400
401 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
402 return false;
403
404 return true;
405 }
406
407 void unit_add_to_load_queue(Unit *u) {
408 assert(u);
409 assert(u->type != _UNIT_TYPE_INVALID);
410
411 if (u->load_state != UNIT_STUB || u->in_load_queue)
412 return;
413
414 LIST_PREPEND(load_queue, u->manager->load_queue, u);
415 u->in_load_queue = true;
416 }
417
418 void unit_add_to_cleanup_queue(Unit *u) {
419 assert(u);
420
421 if (u->in_cleanup_queue)
422 return;
423
424 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
425 u->in_cleanup_queue = true;
426 }
427
428 void unit_add_to_gc_queue(Unit *u) {
429 assert(u);
430
431 if (u->in_gc_queue || u->in_cleanup_queue)
432 return;
433
434 if (!unit_may_gc(u))
435 return;
436
437 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
438 u->in_gc_queue = true;
439 }
440
441 void unit_add_to_dbus_queue(Unit *u) {
442 assert(u);
443 assert(u->type != _UNIT_TYPE_INVALID);
444
445 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
446 return;
447
448 /* Shortcut things if nobody cares */
449 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
450 sd_bus_track_count(u->bus_track) <= 0 &&
451 set_isempty(u->manager->private_buses)) {
452 u->sent_dbus_new_signal = true;
453 return;
454 }
455
456 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
457 u->in_dbus_queue = true;
458 }
459
460 static void bidi_set_free(Unit *u, Hashmap *h) {
461 Unit *other;
462 Iterator i;
463 void *v;
464
465 assert(u);
466
467 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
468
469 HASHMAP_FOREACH_KEY(v, other, h, i) {
470 UnitDependency d;
471
472 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
473 hashmap_remove(other->dependencies[d], u);
474
475 unit_add_to_gc_queue(other);
476 }
477
478 hashmap_free(h);
479 }
480
481 static void unit_remove_transient(Unit *u) {
482 char **i;
483
484 assert(u);
485
486 if (!u->transient)
487 return;
488
489 if (u->fragment_path)
490 (void) unlink(u->fragment_path);
491
492 STRV_FOREACH(i, u->dropin_paths) {
493 _cleanup_free_ char *p = NULL, *pp = NULL;
494
495 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
496 if (!p)
497 continue;
498
499 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
500 if (!pp)
501 continue;
502
503 /* Only drop transient drop-ins */
504 if (!path_equal(u->manager->lookup_paths.transient, pp))
505 continue;
506
507 (void) unlink(*i);
508 (void) rmdir(p);
509 }
510 }
511
512 static void unit_free_requires_mounts_for(Unit *u) {
513 assert(u);
514
515 for (;;) {
516 _cleanup_free_ char *path;
517
518 path = hashmap_steal_first_key(u->requires_mounts_for);
519 if (!path)
520 break;
521 else {
522 char s[strlen(path) + 1];
523
524 PATH_FOREACH_PREFIX_MORE(s, path) {
525 char *y;
526 Set *x;
527
528 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
529 if (!x)
530 continue;
531
532 (void) set_remove(x, u);
533
534 if (set_isempty(x)) {
535 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
536 free(y);
537 set_free(x);
538 }
539 }
540 }
541 }
542
543 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
544 }
545
546 static void unit_done(Unit *u) {
547 ExecContext *ec;
548 CGroupContext *cc;
549
550 assert(u);
551
552 if (u->type < 0)
553 return;
554
555 if (UNIT_VTABLE(u)->done)
556 UNIT_VTABLE(u)->done(u);
557
558 ec = unit_get_exec_context(u);
559 if (ec)
560 exec_context_done(ec);
561
562 cc = unit_get_cgroup_context(u);
563 if (cc)
564 cgroup_context_done(cc);
565 }
566
567 void unit_free(Unit *u) {
568 UnitDependency d;
569 Iterator i;
570 char *t;
571
572 if (!u)
573 return;
574
575 u->transient_file = safe_fclose(u->transient_file);
576
577 if (!MANAGER_IS_RELOADING(u->manager))
578 unit_remove_transient(u);
579
580 bus_unit_send_removed_signal(u);
581
582 unit_done(u);
583
584 sd_bus_slot_unref(u->match_bus_slot);
585
586 sd_bus_track_unref(u->bus_track);
587 u->deserialized_refs = strv_free(u->deserialized_refs);
588
589 unit_free_requires_mounts_for(u);
590
591 SET_FOREACH(t, u->names, i)
592 hashmap_remove_value(u->manager->units, t, u);
593
594 if (!sd_id128_is_null(u->invocation_id))
595 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
596
597 if (u->job) {
598 Job *j = u->job;
599 job_uninstall(j);
600 job_free(j);
601 }
602
603 if (u->nop_job) {
604 Job *j = u->nop_job;
605 job_uninstall(j);
606 job_free(j);
607 }
608
609 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
610 bidi_set_free(u, u->dependencies[d]);
611
612 if (u->on_console)
613 manager_unref_console(u->manager);
614
615 unit_release_cgroup(u);
616
617 if (!MANAGER_IS_RELOADING(u->manager))
618 unit_unlink_state_files(u);
619
620 unit_unref_uid_gid(u, false);
621
622 (void) manager_update_failed_units(u->manager, u, false);
623 set_remove(u->manager->startup_units, u);
624
625 unit_unwatch_all_pids(u);
626
627 unit_ref_unset(&u->slice);
628 while (u->refs_by_target)
629 unit_ref_unset(u->refs_by_target);
630
631 if (u->type != _UNIT_TYPE_INVALID)
632 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
633
634 if (u->in_load_queue)
635 LIST_REMOVE(load_queue, u->manager->load_queue, u);
636
637 if (u->in_dbus_queue)
638 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
639
640 if (u->in_gc_queue)
641 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
642
643 if (u->in_cgroup_realize_queue)
644 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
645
646 if (u->in_cgroup_empty_queue)
647 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
648
649 if (u->in_cleanup_queue)
650 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
651
652 safe_close(u->ip_accounting_ingress_map_fd);
653 safe_close(u->ip_accounting_egress_map_fd);
654
655 safe_close(u->ipv4_allow_map_fd);
656 safe_close(u->ipv6_allow_map_fd);
657 safe_close(u->ipv4_deny_map_fd);
658 safe_close(u->ipv6_deny_map_fd);
659
660 bpf_program_unref(u->ip_bpf_ingress);
661 bpf_program_unref(u->ip_bpf_ingress_installed);
662 bpf_program_unref(u->ip_bpf_egress);
663 bpf_program_unref(u->ip_bpf_egress_installed);
664
665 condition_free_list(u->conditions);
666 condition_free_list(u->asserts);
667
668 free(u->description);
669 strv_free(u->documentation);
670 free(u->fragment_path);
671 free(u->source_path);
672 strv_free(u->dropin_paths);
673 free(u->instance);
674
675 free(u->job_timeout_reboot_arg);
676
677 set_free_free(u->names);
678
679 free(u->reboot_arg);
680
681 free(u);
682 }
683
684 UnitActiveState unit_active_state(Unit *u) {
685 assert(u);
686
687 if (u->load_state == UNIT_MERGED)
688 return unit_active_state(unit_follow_merge(u));
689
690 /* After a reload it might happen that a unit is not correctly
691 * loaded but still has a process around. That's why we won't
692 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
693
694 return UNIT_VTABLE(u)->active_state(u);
695 }
696
697 const char* unit_sub_state_to_string(Unit *u) {
698 assert(u);
699
700 return UNIT_VTABLE(u)->sub_state_to_string(u);
701 }
702
703 static int set_complete_move(Set **s, Set **other) {
704 assert(s);
705 assert(other);
706
707 if (!other)
708 return 0;
709
710 if (*s)
711 return set_move(*s, *other);
712 else {
713 *s = *other;
714 *other = NULL;
715 }
716
717 return 0;
718 }
719
720 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
721 assert(s);
722 assert(other);
723
724 if (!*other)
725 return 0;
726
727 if (*s)
728 return hashmap_move(*s, *other);
729 else {
730 *s = *other;
731 *other = NULL;
732 }
733
734 return 0;
735 }
736
737 static int merge_names(Unit *u, Unit *other) {
738 char *t;
739 Iterator i;
740 int r;
741
742 assert(u);
743 assert(other);
744
745 r = set_complete_move(&u->names, &other->names);
746 if (r < 0)
747 return r;
748
749 set_free_free(other->names);
750 other->names = NULL;
751 other->id = NULL;
752
753 SET_FOREACH(t, u->names, i)
754 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
755
756 return 0;
757 }
758
759 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
760 unsigned n_reserve;
761
762 assert(u);
763 assert(other);
764 assert(d < _UNIT_DEPENDENCY_MAX);
765
766 /*
767 * If u does not have this dependency set allocated, there is no need
768 * to reserve anything. In that case other's set will be transferred
769 * as a whole to u by complete_move().
770 */
771 if (!u->dependencies[d])
772 return 0;
773
774 /* merge_dependencies() will skip a u-on-u dependency */
775 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
776
777 return hashmap_reserve(u->dependencies[d], n_reserve);
778 }
779
780 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
781 Iterator i;
782 Unit *back;
783 void *v;
784 int r;
785
786 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
787
788 assert(u);
789 assert(other);
790 assert(d < _UNIT_DEPENDENCY_MAX);
791
792 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
793 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
794 UnitDependency k;
795
796 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
797 * pointers back, and let's fix them up, to instead point to 'u'. */
798
799 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
800 if (back == u) {
801 /* Do not add dependencies between u and itself. */
802 if (hashmap_remove(back->dependencies[k], other))
803 maybe_warn_about_dependency(u, other_id, k);
804 } else {
805 UnitDependencyInfo di_u, di_other, di_merged;
806
807 /* Let's drop this dependency between "back" and "other", and let's create it between
808 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
809 * and any such dependency which might already exist */
810
811 di_other.data = hashmap_get(back->dependencies[k], other);
812 if (!di_other.data)
813 continue; /* dependency isn't set, let's try the next one */
814
815 di_u.data = hashmap_get(back->dependencies[k], u);
816
817 di_merged = (UnitDependencyInfo) {
818 .origin_mask = di_u.origin_mask | di_other.origin_mask,
819 .destination_mask = di_u.destination_mask | di_other.destination_mask,
820 };
821
822 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
823 if (r < 0)
824 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
825 assert(r >= 0);
826
827 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
828 }
829 }
830
831 }
832
833 /* Also do not move dependencies on u to itself */
834 back = hashmap_remove(other->dependencies[d], u);
835 if (back)
836 maybe_warn_about_dependency(u, other_id, d);
837
838 /* The move cannot fail. The caller must have performed a reservation. */
839 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
840
841 other->dependencies[d] = hashmap_free(other->dependencies[d]);
842 }
843
844 int unit_merge(Unit *u, Unit *other) {
845 UnitDependency d;
846 const char *other_id = NULL;
847 int r;
848
849 assert(u);
850 assert(other);
851 assert(u->manager == other->manager);
852 assert(u->type != _UNIT_TYPE_INVALID);
853
854 other = unit_follow_merge(other);
855
856 if (other == u)
857 return 0;
858
859 if (u->type != other->type)
860 return -EINVAL;
861
862 if (!u->instance != !other->instance)
863 return -EINVAL;
864
865 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
866 return -EEXIST;
867
868 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
869 return -EEXIST;
870
871 if (other->job)
872 return -EEXIST;
873
874 if (other->nop_job)
875 return -EEXIST;
876
877 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
878 return -EEXIST;
879
880 if (other->id)
881 other_id = strdupa(other->id);
882
883 /* Make reservations to ensure merge_dependencies() won't fail */
884 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
885 r = reserve_dependencies(u, other, d);
886 /*
887 * We don't rollback reservations if we fail. We don't have
888 * a way to undo reservations. A reservation is not a leak.
889 */
890 if (r < 0)
891 return r;
892 }
893
894 /* Merge names */
895 r = merge_names(u, other);
896 if (r < 0)
897 return r;
898
899 /* Redirect all references */
900 while (other->refs_by_target)
901 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
902
903 /* Merge dependencies */
904 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
905 merge_dependencies(u, other, other_id, d);
906
907 other->load_state = UNIT_MERGED;
908 other->merged_into = u;
909
910 /* If there is still some data attached to the other node, we
911 * don't need it anymore, and can free it. */
912 if (other->load_state != UNIT_STUB)
913 if (UNIT_VTABLE(other)->done)
914 UNIT_VTABLE(other)->done(other);
915
916 unit_add_to_dbus_queue(u);
917 unit_add_to_cleanup_queue(other);
918
919 return 0;
920 }
921
922 int unit_merge_by_name(Unit *u, const char *name) {
923 _cleanup_free_ char *s = NULL;
924 Unit *other;
925 int r;
926
927 assert(u);
928 assert(name);
929
930 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
931 if (!u->instance)
932 return -EINVAL;
933
934 r = unit_name_replace_instance(name, u->instance, &s);
935 if (r < 0)
936 return r;
937
938 name = s;
939 }
940
941 other = manager_get_unit(u->manager, name);
942 if (other)
943 return unit_merge(u, other);
944
945 return unit_add_name(u, name);
946 }
947
948 Unit* unit_follow_merge(Unit *u) {
949 assert(u);
950
951 while (u->load_state == UNIT_MERGED)
952 assert_se(u = u->merged_into);
953
954 return u;
955 }
956
957 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
958 ExecDirectoryType dt;
959 char **dp;
960 int r;
961
962 assert(u);
963 assert(c);
964
965 if (c->working_directory) {
966 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
967 if (r < 0)
968 return r;
969 }
970
971 if (c->root_directory) {
972 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
973 if (r < 0)
974 return r;
975 }
976
977 if (c->root_image) {
978 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
979 if (r < 0)
980 return r;
981 }
982
983 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
984 if (!u->manager->prefix[dt])
985 continue;
986
987 STRV_FOREACH(dp, c->directories[dt].paths) {
988 _cleanup_free_ char *p;
989
990 p = strjoin(u->manager->prefix[dt], "/", *dp);
991 if (!p)
992 return -ENOMEM;
993
994 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
995 if (r < 0)
996 return r;
997 }
998 }
999
1000 if (!MANAGER_IS_SYSTEM(u->manager))
1001 return 0;
1002
1003 if (c->private_tmp) {
1004 const char *p;
1005
1006 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1007 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1008 if (r < 0)
1009 return r;
1010 }
1011
1012 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
1013 if (r < 0)
1014 return r;
1015 }
1016
1017 if (!IN_SET(c->std_output,
1018 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1019 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1020 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1021 !IN_SET(c->std_error,
1022 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1023 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1024 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1025 return 0;
1026
1027 /* If syslog or kernel logging is requested, make sure our own
1028 * logging daemon is run first. */
1029
1030 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1031 if (r < 0)
1032 return r;
1033
1034 return 0;
1035 }
1036
1037 const char *unit_description(Unit *u) {
1038 assert(u);
1039
1040 if (u->description)
1041 return u->description;
1042
1043 return strna(u->id);
1044 }
1045
1046 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1047 const struct {
1048 UnitDependencyMask mask;
1049 const char *name;
1050 } table[] = {
1051 { UNIT_DEPENDENCY_FILE, "file" },
1052 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1053 { UNIT_DEPENDENCY_DEFAULT, "default" },
1054 { UNIT_DEPENDENCY_UDEV, "udev" },
1055 { UNIT_DEPENDENCY_PATH, "path" },
1056 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1057 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1058 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1059 };
1060 size_t i;
1061
1062 assert(f);
1063 assert(kind);
1064 assert(space);
1065
1066 for (i = 0; i < ELEMENTSOF(table); i++) {
1067
1068 if (mask == 0)
1069 break;
1070
1071 if ((mask & table[i].mask) == table[i].mask) {
1072 if (*space)
1073 fputc(' ', f);
1074 else
1075 *space = true;
1076
1077 fputs(kind, f);
1078 fputs("-", f);
1079 fputs(table[i].name, f);
1080
1081 mask &= ~table[i].mask;
1082 }
1083 }
1084
1085 assert(mask == 0);
1086 }
1087
1088 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1089 char *t, **j;
1090 UnitDependency d;
1091 Iterator i;
1092 const char *prefix2;
1093 char
1094 timestamp0[FORMAT_TIMESTAMP_MAX],
1095 timestamp1[FORMAT_TIMESTAMP_MAX],
1096 timestamp2[FORMAT_TIMESTAMP_MAX],
1097 timestamp3[FORMAT_TIMESTAMP_MAX],
1098 timestamp4[FORMAT_TIMESTAMP_MAX],
1099 timespan[FORMAT_TIMESPAN_MAX];
1100 Unit *following;
1101 _cleanup_set_free_ Set *following_set = NULL;
1102 const char *n;
1103 CGroupMask m;
1104 int r;
1105
1106 assert(u);
1107 assert(u->type >= 0);
1108
1109 prefix = strempty(prefix);
1110 prefix2 = strjoina(prefix, "\t");
1111
1112 fprintf(f,
1113 "%s-> Unit %s:\n"
1114 "%s\tDescription: %s\n"
1115 "%s\tInstance: %s\n"
1116 "%s\tUnit Load State: %s\n"
1117 "%s\tUnit Active State: %s\n"
1118 "%s\tState Change Timestamp: %s\n"
1119 "%s\tInactive Exit Timestamp: %s\n"
1120 "%s\tActive Enter Timestamp: %s\n"
1121 "%s\tActive Exit Timestamp: %s\n"
1122 "%s\tInactive Enter Timestamp: %s\n"
1123 "%s\tMay GC: %s\n"
1124 "%s\tNeed Daemon Reload: %s\n"
1125 "%s\tTransient: %s\n"
1126 "%s\tPerpetual: %s\n"
1127 "%s\tGarbage Collection Mode: %s\n"
1128 "%s\tSlice: %s\n"
1129 "%s\tCGroup: %s\n"
1130 "%s\tCGroup realized: %s\n",
1131 prefix, u->id,
1132 prefix, unit_description(u),
1133 prefix, strna(u->instance),
1134 prefix, unit_load_state_to_string(u->load_state),
1135 prefix, unit_active_state_to_string(unit_active_state(u)),
1136 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1137 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1138 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1139 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1140 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1141 prefix, yes_no(unit_may_gc(u)),
1142 prefix, yes_no(unit_need_daemon_reload(u)),
1143 prefix, yes_no(u->transient),
1144 prefix, yes_no(u->perpetual),
1145 prefix, collect_mode_to_string(u->collect_mode),
1146 prefix, strna(unit_slice_name(u)),
1147 prefix, strna(u->cgroup_path),
1148 prefix, yes_no(u->cgroup_realized));
1149
1150 if (u->cgroup_realized_mask != 0) {
1151 _cleanup_free_ char *s = NULL;
1152 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1153 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1154 }
1155 if (u->cgroup_enabled_mask != 0) {
1156 _cleanup_free_ char *s = NULL;
1157 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1158 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1159 }
1160 m = unit_get_own_mask(u);
1161 if (m != 0) {
1162 _cleanup_free_ char *s = NULL;
1163 (void) cg_mask_to_string(m, &s);
1164 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1165 }
1166 m = unit_get_members_mask(u);
1167 if (m != 0) {
1168 _cleanup_free_ char *s = NULL;
1169 (void) cg_mask_to_string(m, &s);
1170 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1171 }
1172
1173 SET_FOREACH(t, u->names, i)
1174 fprintf(f, "%s\tName: %s\n", prefix, t);
1175
1176 if (!sd_id128_is_null(u->invocation_id))
1177 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1178 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1179
1180 STRV_FOREACH(j, u->documentation)
1181 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1182
1183 following = unit_following(u);
1184 if (following)
1185 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1186
1187 r = unit_following_set(u, &following_set);
1188 if (r >= 0) {
1189 Unit *other;
1190
1191 SET_FOREACH(other, following_set, i)
1192 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1193 }
1194
1195 if (u->fragment_path)
1196 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1197
1198 if (u->source_path)
1199 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1200
1201 STRV_FOREACH(j, u->dropin_paths)
1202 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1203
1204 if (u->failure_action != EMERGENCY_ACTION_NONE)
1205 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1206 if (u->success_action != EMERGENCY_ACTION_NONE)
1207 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1208
1209 if (u->job_timeout != USEC_INFINITY)
1210 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1211
1212 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1213 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1214
1215 if (u->job_timeout_reboot_arg)
1216 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1217
1218 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1219 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1220
1221 if (dual_timestamp_is_set(&u->condition_timestamp))
1222 fprintf(f,
1223 "%s\tCondition Timestamp: %s\n"
1224 "%s\tCondition Result: %s\n",
1225 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1226 prefix, yes_no(u->condition_result));
1227
1228 if (dual_timestamp_is_set(&u->assert_timestamp))
1229 fprintf(f,
1230 "%s\tAssert Timestamp: %s\n"
1231 "%s\tAssert Result: %s\n",
1232 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1233 prefix, yes_no(u->assert_result));
1234
1235 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1236 UnitDependencyInfo di;
1237 Unit *other;
1238
1239 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1240 bool space = false;
1241
1242 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1243
1244 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1245 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1246
1247 fputs(")\n", f);
1248 }
1249 }
1250
1251 if (!hashmap_isempty(u->requires_mounts_for)) {
1252 UnitDependencyInfo di;
1253 const char *path;
1254
1255 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1256 bool space = false;
1257
1258 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1259
1260 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1261 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1262
1263 fputs(")\n", f);
1264 }
1265 }
1266
1267 if (u->load_state == UNIT_LOADED) {
1268
1269 fprintf(f,
1270 "%s\tStopWhenUnneeded: %s\n"
1271 "%s\tRefuseManualStart: %s\n"
1272 "%s\tRefuseManualStop: %s\n"
1273 "%s\tDefaultDependencies: %s\n"
1274 "%s\tOnFailureJobMode: %s\n"
1275 "%s\tIgnoreOnIsolate: %s\n",
1276 prefix, yes_no(u->stop_when_unneeded),
1277 prefix, yes_no(u->refuse_manual_start),
1278 prefix, yes_no(u->refuse_manual_stop),
1279 prefix, yes_no(u->default_dependencies),
1280 prefix, job_mode_to_string(u->on_failure_job_mode),
1281 prefix, yes_no(u->ignore_on_isolate));
1282
1283 if (UNIT_VTABLE(u)->dump)
1284 UNIT_VTABLE(u)->dump(u, f, prefix2);
1285
1286 } else if (u->load_state == UNIT_MERGED)
1287 fprintf(f,
1288 "%s\tMerged into: %s\n",
1289 prefix, u->merged_into->id);
1290 else if (u->load_state == UNIT_ERROR)
1291 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1292
1293 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1294 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1295
1296 if (u->job)
1297 job_dump(u->job, f, prefix2);
1298
1299 if (u->nop_job)
1300 job_dump(u->nop_job, f, prefix2);
1301 }
1302
1303 /* Common implementation for multiple backends */
1304 int unit_load_fragment_and_dropin(Unit *u) {
1305 int r;
1306
1307 assert(u);
1308
1309 /* Load a .{service,socket,...} file */
1310 r = unit_load_fragment(u);
1311 if (r < 0)
1312 return r;
1313
1314 if (u->load_state == UNIT_STUB)
1315 return -ENOENT;
1316
1317 /* Load drop-in directory data. If u is an alias, we might be reloading the
1318 * target unit needlessly. But we cannot be sure which drops-ins have already
1319 * been loaded and which not, at least without doing complicated book-keeping,
1320 * so let's always reread all drop-ins. */
1321 return unit_load_dropin(unit_follow_merge(u));
1322 }
1323
1324 /* Common implementation for multiple backends */
1325 int unit_load_fragment_and_dropin_optional(Unit *u) {
1326 int r;
1327
1328 assert(u);
1329
1330 /* Same as unit_load_fragment_and_dropin(), but whether
1331 * something can be loaded or not doesn't matter. */
1332
1333 /* Load a .service file */
1334 r = unit_load_fragment(u);
1335 if (r < 0)
1336 return r;
1337
1338 if (u->load_state == UNIT_STUB)
1339 u->load_state = UNIT_LOADED;
1340
1341 /* Load drop-in directory data */
1342 return unit_load_dropin(unit_follow_merge(u));
1343 }
1344
1345 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1346 assert(u);
1347 assert(target);
1348
1349 if (target->type != UNIT_TARGET)
1350 return 0;
1351
1352 /* Only add the dependency if both units are loaded, so that
1353 * that loop check below is reliable */
1354 if (u->load_state != UNIT_LOADED ||
1355 target->load_state != UNIT_LOADED)
1356 return 0;
1357
1358 /* If either side wants no automatic dependencies, then let's
1359 * skip this */
1360 if (!u->default_dependencies ||
1361 !target->default_dependencies)
1362 return 0;
1363
1364 /* Don't create loops */
1365 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1366 return 0;
1367
1368 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1369 }
1370
1371 static int unit_add_target_dependencies(Unit *u) {
1372
1373 static const UnitDependency deps[] = {
1374 UNIT_REQUIRED_BY,
1375 UNIT_REQUISITE_OF,
1376 UNIT_WANTED_BY,
1377 UNIT_BOUND_BY
1378 };
1379
1380 unsigned k;
1381 int r = 0;
1382
1383 assert(u);
1384
1385 for (k = 0; k < ELEMENTSOF(deps); k++) {
1386 Unit *target;
1387 Iterator i;
1388 void *v;
1389
1390 HASHMAP_FOREACH_KEY(v, target, u->dependencies[deps[k]], i) {
1391 r = unit_add_default_target_dependency(u, target);
1392 if (r < 0)
1393 return r;
1394 }
1395 }
1396
1397 return r;
1398 }
1399
1400 static int unit_add_slice_dependencies(Unit *u) {
1401 UnitDependencyMask mask;
1402 assert(u);
1403
1404 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1405 return 0;
1406
1407 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1408 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1409 relationship). */
1410 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1411
1412 if (UNIT_ISSET(u->slice))
1413 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1414
1415 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1416 return 0;
1417
1418 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1419 }
1420
1421 static int unit_add_mount_dependencies(Unit *u) {
1422 UnitDependencyInfo di;
1423 const char *path;
1424 Iterator i;
1425 int r;
1426
1427 assert(u);
1428
1429 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1430 char prefix[strlen(path) + 1];
1431
1432 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1433 _cleanup_free_ char *p = NULL;
1434 Unit *m;
1435
1436 r = unit_name_from_path(prefix, ".mount", &p);
1437 if (r < 0)
1438 return r;
1439
1440 m = manager_get_unit(u->manager, p);
1441 if (!m) {
1442 /* Make sure to load the mount unit if
1443 * it exists. If so the dependencies
1444 * on this unit will be added later
1445 * during the loading of the mount
1446 * unit. */
1447 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1448 continue;
1449 }
1450 if (m == u)
1451 continue;
1452
1453 if (m->load_state != UNIT_LOADED)
1454 continue;
1455
1456 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1457 if (r < 0)
1458 return r;
1459
1460 if (m->fragment_path) {
1461 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1462 if (r < 0)
1463 return r;
1464 }
1465 }
1466 }
1467
1468 return 0;
1469 }
1470
1471 static int unit_add_startup_units(Unit *u) {
1472 CGroupContext *c;
1473 int r;
1474
1475 c = unit_get_cgroup_context(u);
1476 if (!c)
1477 return 0;
1478
1479 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1480 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1481 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1482 return 0;
1483
1484 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1485 if (r < 0)
1486 return r;
1487
1488 return set_put(u->manager->startup_units, u);
1489 }
1490
1491 int unit_load(Unit *u) {
1492 int r;
1493
1494 assert(u);
1495
1496 if (u->in_load_queue) {
1497 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1498 u->in_load_queue = false;
1499 }
1500
1501 if (u->type == _UNIT_TYPE_INVALID)
1502 return -EINVAL;
1503
1504 if (u->load_state != UNIT_STUB)
1505 return 0;
1506
1507 if (u->transient_file) {
1508 r = fflush_and_check(u->transient_file);
1509 if (r < 0)
1510 goto fail;
1511
1512 u->transient_file = safe_fclose(u->transient_file);
1513 u->fragment_mtime = now(CLOCK_REALTIME);
1514 }
1515
1516 if (UNIT_VTABLE(u)->load) {
1517 r = UNIT_VTABLE(u)->load(u);
1518 if (r < 0)
1519 goto fail;
1520 }
1521
1522 if (u->load_state == UNIT_STUB) {
1523 r = -ENOENT;
1524 goto fail;
1525 }
1526
1527 if (u->load_state == UNIT_LOADED) {
1528
1529 r = unit_add_target_dependencies(u);
1530 if (r < 0)
1531 goto fail;
1532
1533 r = unit_add_slice_dependencies(u);
1534 if (r < 0)
1535 goto fail;
1536
1537 r = unit_add_mount_dependencies(u);
1538 if (r < 0)
1539 goto fail;
1540
1541 r = unit_add_startup_units(u);
1542 if (r < 0)
1543 goto fail;
1544
1545 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1546 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1547 r = -EINVAL;
1548 goto fail;
1549 }
1550
1551 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1552 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1553
1554 unit_update_cgroup_members_masks(u);
1555 }
1556
1557 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1558
1559 unit_add_to_dbus_queue(unit_follow_merge(u));
1560 unit_add_to_gc_queue(u);
1561
1562 return 0;
1563
1564 fail:
1565 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1566 u->load_error = r;
1567 unit_add_to_dbus_queue(u);
1568 unit_add_to_gc_queue(u);
1569
1570 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1571
1572 return r;
1573 }
1574
1575 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1576 Condition *c;
1577 int triggered = -1;
1578
1579 assert(u);
1580 assert(to_string);
1581
1582 /* If the condition list is empty, then it is true */
1583 if (!first)
1584 return true;
1585
1586 /* Otherwise, if all of the non-trigger conditions apply and
1587 * if any of the trigger conditions apply (unless there are
1588 * none) we return true */
1589 LIST_FOREACH(conditions, c, first) {
1590 int r;
1591
1592 r = condition_test(c);
1593 if (r < 0)
1594 log_unit_warning(u,
1595 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1596 to_string(c->type),
1597 c->trigger ? "|" : "",
1598 c->negate ? "!" : "",
1599 c->parameter);
1600 else
1601 log_unit_debug(u,
1602 "%s=%s%s%s %s.",
1603 to_string(c->type),
1604 c->trigger ? "|" : "",
1605 c->negate ? "!" : "",
1606 c->parameter,
1607 condition_result_to_string(c->result));
1608
1609 if (!c->trigger && r <= 0)
1610 return false;
1611
1612 if (c->trigger && triggered <= 0)
1613 triggered = r > 0;
1614 }
1615
1616 return triggered != 0;
1617 }
1618
1619 static bool unit_condition_test(Unit *u) {
1620 assert(u);
1621
1622 dual_timestamp_get(&u->condition_timestamp);
1623 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1624
1625 return u->condition_result;
1626 }
1627
1628 static bool unit_assert_test(Unit *u) {
1629 assert(u);
1630
1631 dual_timestamp_get(&u->assert_timestamp);
1632 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1633
1634 return u->assert_result;
1635 }
1636
1637 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1638 DISABLE_WARNING_FORMAT_NONLITERAL;
1639 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1640 REENABLE_WARNING;
1641 }
1642
1643 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1644 const char *format;
1645 const UnitStatusMessageFormats *format_table;
1646
1647 assert(u);
1648 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1649
1650 if (t != JOB_RELOAD) {
1651 format_table = &UNIT_VTABLE(u)->status_message_formats;
1652 if (format_table) {
1653 format = format_table->starting_stopping[t == JOB_STOP];
1654 if (format)
1655 return format;
1656 }
1657 }
1658
1659 /* Return generic strings */
1660 if (t == JOB_START)
1661 return "Starting %s.";
1662 else if (t == JOB_STOP)
1663 return "Stopping %s.";
1664 else
1665 return "Reloading %s.";
1666 }
1667
1668 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1669 const char *format;
1670
1671 assert(u);
1672
1673 /* Reload status messages have traditionally not been printed to console. */
1674 if (!IN_SET(t, JOB_START, JOB_STOP))
1675 return;
1676
1677 format = unit_get_status_message_format(u, t);
1678
1679 DISABLE_WARNING_FORMAT_NONLITERAL;
1680 unit_status_printf(u, "", format);
1681 REENABLE_WARNING;
1682 }
1683
1684 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1685 const char *format, *mid;
1686 char buf[LINE_MAX];
1687
1688 assert(u);
1689
1690 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1691 return;
1692
1693 if (log_on_console())
1694 return;
1695
1696 /* We log status messages for all units and all operations. */
1697
1698 format = unit_get_status_message_format(u, t);
1699
1700 DISABLE_WARNING_FORMAT_NONLITERAL;
1701 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1702 REENABLE_WARNING;
1703
1704 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1705 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1706 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1707
1708 /* Note that we deliberately use LOG_MESSAGE() instead of
1709 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1710 * closely what is written to screen using the status output,
1711 * which is supposed the highest level, friendliest output
1712 * possible, which means we should avoid the low-level unit
1713 * name. */
1714 log_struct(LOG_INFO,
1715 LOG_MESSAGE("%s", buf),
1716 LOG_UNIT_ID(u),
1717 LOG_UNIT_INVOCATION_ID(u),
1718 mid,
1719 NULL);
1720 }
1721
1722 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1723 assert(u);
1724 assert(t >= 0);
1725 assert(t < _JOB_TYPE_MAX);
1726
1727 unit_status_log_starting_stopping_reloading(u, t);
1728 unit_status_print_starting_stopping(u, t);
1729 }
1730
1731 int unit_start_limit_test(Unit *u) {
1732 assert(u);
1733
1734 if (ratelimit_test(&u->start_limit)) {
1735 u->start_limit_hit = false;
1736 return 0;
1737 }
1738
1739 log_unit_warning(u, "Start request repeated too quickly.");
1740 u->start_limit_hit = true;
1741
1742 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1743 }
1744
1745 bool unit_shall_confirm_spawn(Unit *u) {
1746 assert(u);
1747
1748 if (manager_is_confirm_spawn_disabled(u->manager))
1749 return false;
1750
1751 /* For some reasons units remaining in the same process group
1752 * as PID 1 fail to acquire the console even if it's not used
1753 * by any process. So skip the confirmation question for them. */
1754 return !unit_get_exec_context(u)->same_pgrp;
1755 }
1756
1757 static bool unit_verify_deps(Unit *u) {
1758 Unit *other;
1759 Iterator j;
1760 void *v;
1761
1762 assert(u);
1763
1764 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1765 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1766 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1767 * conjunction with After= as for them any such check would make things entirely racy. */
1768
1769 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1770
1771 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1772 continue;
1773
1774 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1775 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1776 return false;
1777 }
1778 }
1779
1780 return true;
1781 }
1782
1783 /* Errors:
1784 * -EBADR: This unit type does not support starting.
1785 * -EALREADY: Unit is already started.
1786 * -EAGAIN: An operation is already in progress. Retry later.
1787 * -ECANCELED: Too many requests for now.
1788 * -EPROTO: Assert failed
1789 * -EINVAL: Unit not loaded
1790 * -EOPNOTSUPP: Unit type not supported
1791 * -ENOLINK: The necessary dependencies are not fulfilled.
1792 */
1793 int unit_start(Unit *u) {
1794 UnitActiveState state;
1795 Unit *following;
1796
1797 assert(u);
1798
1799 /* If this is already started, then this will succeed. Note
1800 * that this will even succeed if this unit is not startable
1801 * by the user. This is relied on to detect when we need to
1802 * wait for units and when waiting is finished. */
1803 state = unit_active_state(u);
1804 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1805 return -EALREADY;
1806
1807 /* Units that aren't loaded cannot be started */
1808 if (u->load_state != UNIT_LOADED)
1809 return -EINVAL;
1810
1811 /* If the conditions failed, don't do anything at all. If we
1812 * already are activating this call might still be useful to
1813 * speed up activation in case there is some hold-off time,
1814 * but we don't want to recheck the condition in that case. */
1815 if (state != UNIT_ACTIVATING &&
1816 !unit_condition_test(u)) {
1817 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1818 return -EALREADY;
1819 }
1820
1821 /* If the asserts failed, fail the entire job */
1822 if (state != UNIT_ACTIVATING &&
1823 !unit_assert_test(u)) {
1824 log_unit_notice(u, "Starting requested but asserts failed.");
1825 return -EPROTO;
1826 }
1827
1828 /* Units of types that aren't supported cannot be
1829 * started. Note that we do this test only after the condition
1830 * checks, so that we rather return condition check errors
1831 * (which are usually not considered a true failure) than "not
1832 * supported" errors (which are considered a failure).
1833 */
1834 if (!unit_supported(u))
1835 return -EOPNOTSUPP;
1836
1837 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1838 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1839 * effect anymore, due to a reload or due to a failed condition. */
1840 if (!unit_verify_deps(u))
1841 return -ENOLINK;
1842
1843 /* Forward to the main object, if we aren't it. */
1844 following = unit_following(u);
1845 if (following) {
1846 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1847 return unit_start(following);
1848 }
1849
1850 /* If it is stopped, but we cannot start it, then fail */
1851 if (!UNIT_VTABLE(u)->start)
1852 return -EBADR;
1853
1854 /* We don't suppress calls to ->start() here when we are
1855 * already starting, to allow this request to be used as a
1856 * "hurry up" call, for example when the unit is in some "auto
1857 * restart" state where it waits for a holdoff timer to elapse
1858 * before it will start again. */
1859
1860 unit_add_to_dbus_queue(u);
1861
1862 return UNIT_VTABLE(u)->start(u);
1863 }
1864
1865 bool unit_can_start(Unit *u) {
1866 assert(u);
1867
1868 if (u->load_state != UNIT_LOADED)
1869 return false;
1870
1871 if (!unit_supported(u))
1872 return false;
1873
1874 return !!UNIT_VTABLE(u)->start;
1875 }
1876
1877 bool unit_can_isolate(Unit *u) {
1878 assert(u);
1879
1880 return unit_can_start(u) &&
1881 u->allow_isolate;
1882 }
1883
1884 /* Errors:
1885 * -EBADR: This unit type does not support stopping.
1886 * -EALREADY: Unit is already stopped.
1887 * -EAGAIN: An operation is already in progress. Retry later.
1888 */
1889 int unit_stop(Unit *u) {
1890 UnitActiveState state;
1891 Unit *following;
1892
1893 assert(u);
1894
1895 state = unit_active_state(u);
1896 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1897 return -EALREADY;
1898
1899 following = unit_following(u);
1900 if (following) {
1901 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1902 return unit_stop(following);
1903 }
1904
1905 if (!UNIT_VTABLE(u)->stop)
1906 return -EBADR;
1907
1908 unit_add_to_dbus_queue(u);
1909
1910 return UNIT_VTABLE(u)->stop(u);
1911 }
1912
1913 bool unit_can_stop(Unit *u) {
1914 assert(u);
1915
1916 if (!unit_supported(u))
1917 return false;
1918
1919 if (u->perpetual)
1920 return false;
1921
1922 return !!UNIT_VTABLE(u)->stop;
1923 }
1924
1925 /* Errors:
1926 * -EBADR: This unit type does not support reloading.
1927 * -ENOEXEC: Unit is not started.
1928 * -EAGAIN: An operation is already in progress. Retry later.
1929 */
1930 int unit_reload(Unit *u) {
1931 UnitActiveState state;
1932 Unit *following;
1933
1934 assert(u);
1935
1936 if (u->load_state != UNIT_LOADED)
1937 return -EINVAL;
1938
1939 if (!unit_can_reload(u))
1940 return -EBADR;
1941
1942 state = unit_active_state(u);
1943 if (state == UNIT_RELOADING)
1944 return -EALREADY;
1945
1946 if (state != UNIT_ACTIVE) {
1947 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1948 return -ENOEXEC;
1949 }
1950
1951 following = unit_following(u);
1952 if (following) {
1953 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1954 return unit_reload(following);
1955 }
1956
1957 unit_add_to_dbus_queue(u);
1958
1959 if (!UNIT_VTABLE(u)->reload) {
1960 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1961 unit_notify(u, unit_active_state(u), unit_active_state(u), true);
1962 return 0;
1963 }
1964
1965 return UNIT_VTABLE(u)->reload(u);
1966 }
1967
1968 bool unit_can_reload(Unit *u) {
1969 assert(u);
1970
1971 if (UNIT_VTABLE(u)->can_reload)
1972 return UNIT_VTABLE(u)->can_reload(u);
1973
1974 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1975 return true;
1976
1977 return UNIT_VTABLE(u)->reload;
1978 }
1979
1980 static void unit_check_unneeded(Unit *u) {
1981
1982 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1983
1984 static const UnitDependency needed_dependencies[] = {
1985 UNIT_REQUIRED_BY,
1986 UNIT_REQUISITE_OF,
1987 UNIT_WANTED_BY,
1988 UNIT_BOUND_BY,
1989 };
1990
1991 unsigned j;
1992 int r;
1993
1994 assert(u);
1995
1996 /* If this service shall be shut down when unneeded then do
1997 * so. */
1998
1999 if (!u->stop_when_unneeded)
2000 return;
2001
2002 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
2003 return;
2004
2005 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
2006 Unit *other;
2007 Iterator i;
2008 void *v;
2009
2010 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
2011 if (unit_active_or_pending(other) || unit_will_restart(other))
2012 return;
2013 }
2014
2015 /* If stopping a unit fails continuously we might enter a stop
2016 * loop here, hence stop acting on the service being
2017 * unnecessary after a while. */
2018 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2019 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
2020 return;
2021 }
2022
2023 log_unit_info(u, "Unit not needed anymore. Stopping.");
2024
2025 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2026 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2027 if (r < 0)
2028 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2029 }
2030
2031 static void unit_check_binds_to(Unit *u) {
2032 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2033 bool stop = false;
2034 Unit *other;
2035 Iterator i;
2036 void *v;
2037 int r;
2038
2039 assert(u);
2040
2041 if (u->job)
2042 return;
2043
2044 if (unit_active_state(u) != UNIT_ACTIVE)
2045 return;
2046
2047 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2048 if (other->job)
2049 continue;
2050
2051 if (!other->coldplugged)
2052 /* We might yet create a job for the other unit… */
2053 continue;
2054
2055 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2056 continue;
2057
2058 stop = true;
2059 break;
2060 }
2061
2062 if (!stop)
2063 return;
2064
2065 /* If stopping a unit fails continuously we might enter a stop
2066 * loop here, hence stop acting on the service being
2067 * unnecessary after a while. */
2068 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2069 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2070 return;
2071 }
2072
2073 assert(other);
2074 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2075
2076 /* A unit we need to run is gone. Sniff. Let's stop this. */
2077 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2078 if (r < 0)
2079 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2080 }
2081
2082 static void retroactively_start_dependencies(Unit *u) {
2083 Iterator i;
2084 Unit *other;
2085 void *v;
2086
2087 assert(u);
2088 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2089
2090 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2091 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2092 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2093 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2094
2095 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2096 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2097 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2098 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2099
2100 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2101 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2102 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2103 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2104
2105 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2106 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2107 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2108
2109 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2110 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2111 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2112 }
2113
2114 static void retroactively_stop_dependencies(Unit *u) {
2115 Unit *other;
2116 Iterator i;
2117 void *v;
2118
2119 assert(u);
2120 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2121
2122 /* Pull down units which are bound to us recursively if enabled */
2123 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2124 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2125 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2126 }
2127
2128 static void check_unneeded_dependencies(Unit *u) {
2129 Unit *other;
2130 Iterator i;
2131 void *v;
2132
2133 assert(u);
2134 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2135
2136 /* Garbage collect services that might not be needed anymore, if enabled */
2137 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2138 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2139 unit_check_unneeded(other);
2140 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2141 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2142 unit_check_unneeded(other);
2143 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2144 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2145 unit_check_unneeded(other);
2146 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2147 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2148 unit_check_unneeded(other);
2149 }
2150
2151 void unit_start_on_failure(Unit *u) {
2152 Unit *other;
2153 Iterator i;
2154 void *v;
2155
2156 assert(u);
2157
2158 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2159 return;
2160
2161 log_unit_info(u, "Triggering OnFailure= dependencies.");
2162
2163 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2164 int r;
2165
2166 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
2167 if (r < 0)
2168 log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
2169 }
2170 }
2171
2172 void unit_trigger_notify(Unit *u) {
2173 Unit *other;
2174 Iterator i;
2175 void *v;
2176
2177 assert(u);
2178
2179 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2180 if (UNIT_VTABLE(other)->trigger_notify)
2181 UNIT_VTABLE(other)->trigger_notify(other, u);
2182 }
2183
2184 static int unit_log_resources(Unit *u) {
2185
2186 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2187 size_t n_message_parts = 0, n_iovec = 0;
2188 char* message_parts[3 + 1], *t;
2189 nsec_t nsec = NSEC_INFINITY;
2190 CGroupIPAccountingMetric m;
2191 size_t i;
2192 int r;
2193 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2194 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2195 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2196 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2197 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2198 };
2199
2200 assert(u);
2201
2202 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2203 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2204 * information and the complete data in structured fields. */
2205
2206 (void) unit_get_cpu_usage(u, &nsec);
2207 if (nsec != NSEC_INFINITY) {
2208 char buf[FORMAT_TIMESPAN_MAX] = "";
2209
2210 /* Format the CPU time for inclusion in the structured log message */
2211 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2212 r = log_oom();
2213 goto finish;
2214 }
2215 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2216
2217 /* Format the CPU time for inclusion in the human language message string */
2218 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2219 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2220 if (!t) {
2221 r = log_oom();
2222 goto finish;
2223 }
2224
2225 message_parts[n_message_parts++] = t;
2226 }
2227
2228 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2229 char buf[FORMAT_BYTES_MAX] = "";
2230 uint64_t value = UINT64_MAX;
2231
2232 assert(ip_fields[m]);
2233
2234 (void) unit_get_ip_accounting(u, m, &value);
2235 if (value == UINT64_MAX)
2236 continue;
2237
2238 /* Format IP accounting data for inclusion in the structured log message */
2239 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2240 r = log_oom();
2241 goto finish;
2242 }
2243 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2244
2245 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2246 * bytes counters (and not for the packets counters) */
2247 if (m == CGROUP_IP_INGRESS_BYTES)
2248 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2249 format_bytes(buf, sizeof(buf), value),
2250 " IP traffic");
2251 else if (m == CGROUP_IP_EGRESS_BYTES)
2252 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2253 format_bytes(buf, sizeof(buf), value),
2254 " IP traffic");
2255 else
2256 continue;
2257 if (!t) {
2258 r = log_oom();
2259 goto finish;
2260 }
2261
2262 message_parts[n_message_parts++] = t;
2263 }
2264
2265 /* Is there any accounting data available at all? */
2266 if (n_iovec == 0) {
2267 r = 0;
2268 goto finish;
2269 }
2270
2271 if (n_message_parts == 0)
2272 t = strjoina("MESSAGE=", u->id, ": Completed");
2273 else {
2274 _cleanup_free_ char *joined;
2275
2276 message_parts[n_message_parts] = NULL;
2277
2278 joined = strv_join(message_parts, ", ");
2279 if (!joined) {
2280 r = log_oom();
2281 goto finish;
2282 }
2283
2284 t = strjoina("MESSAGE=", u->id, ": ", joined);
2285 }
2286
2287 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2288 * and hence don't increase n_iovec for them */
2289 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2290 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2291
2292 t = strjoina(u->manager->unit_log_field, u->id);
2293 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2294
2295 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2296 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2297
2298 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2299 r = 0;
2300
2301 finish:
2302 for (i = 0; i < n_message_parts; i++)
2303 free(message_parts[i]);
2304
2305 for (i = 0; i < n_iovec; i++)
2306 free(iovec[i].iov_base);
2307
2308 return r;
2309
2310 }
2311
2312 static void unit_update_on_console(Unit *u) {
2313 bool b;
2314
2315 assert(u);
2316
2317 b = unit_needs_console(u);
2318 if (u->on_console == b)
2319 return;
2320
2321 u->on_console = b;
2322 if (b)
2323 manager_ref_console(u->manager);
2324 else
2325 manager_unref_console(u->manager);
2326
2327 }
2328
2329 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2330 bool unexpected;
2331 Manager *m;
2332
2333 assert(u);
2334 assert(os < _UNIT_ACTIVE_STATE_MAX);
2335 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2336
2337 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2338 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2339 * remounted this function will be called too! */
2340
2341 m = u->manager;
2342
2343 /* Update timestamps for state changes */
2344 if (!MANAGER_IS_RELOADING(m)) {
2345 dual_timestamp_get(&u->state_change_timestamp);
2346
2347 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2348 u->inactive_exit_timestamp = u->state_change_timestamp;
2349 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2350 u->inactive_enter_timestamp = u->state_change_timestamp;
2351
2352 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2353 u->active_enter_timestamp = u->state_change_timestamp;
2354 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2355 u->active_exit_timestamp = u->state_change_timestamp;
2356 }
2357
2358 /* Keep track of failed units */
2359 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2360
2361 /* Make sure the cgroup and state files are always removed when we become inactive */
2362 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2363 unit_prune_cgroup(u);
2364 unit_unlink_state_files(u);
2365 }
2366
2367 unit_update_on_console(u);
2368
2369 if (u->job) {
2370 unexpected = false;
2371
2372 if (u->job->state == JOB_WAITING)
2373
2374 /* So we reached a different state for this
2375 * job. Let's see if we can run it now if it
2376 * failed previously due to EAGAIN. */
2377 job_add_to_run_queue(u->job);
2378
2379 /* Let's check whether this state change constitutes a
2380 * finished job, or maybe contradicts a running job and
2381 * hence needs to invalidate jobs. */
2382
2383 switch (u->job->type) {
2384
2385 case JOB_START:
2386 case JOB_VERIFY_ACTIVE:
2387
2388 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2389 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2390 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2391 unexpected = true;
2392
2393 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2394 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2395 }
2396
2397 break;
2398
2399 case JOB_RELOAD:
2400 case JOB_RELOAD_OR_START:
2401 case JOB_TRY_RELOAD:
2402
2403 if (u->job->state == JOB_RUNNING) {
2404 if (ns == UNIT_ACTIVE)
2405 job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2406 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2407 unexpected = true;
2408
2409 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2410 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2411 }
2412 }
2413
2414 break;
2415
2416 case JOB_STOP:
2417 case JOB_RESTART:
2418 case JOB_TRY_RESTART:
2419
2420 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2421 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2422 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2423 unexpected = true;
2424 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2425 }
2426
2427 break;
2428
2429 default:
2430 assert_not_reached("Job type unknown");
2431 }
2432
2433 } else
2434 unexpected = true;
2435
2436 if (!MANAGER_IS_RELOADING(m)) {
2437
2438 /* If this state change happened without being
2439 * requested by a job, then let's retroactively start
2440 * or stop dependencies. We skip that step when
2441 * deserializing, since we don't want to create any
2442 * additional jobs just because something is already
2443 * activated. */
2444
2445 if (unexpected) {
2446 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2447 retroactively_start_dependencies(u);
2448 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2449 retroactively_stop_dependencies(u);
2450 }
2451
2452 /* stop unneeded units regardless if going down was expected or not */
2453 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2454 check_unneeded_dependencies(u);
2455
2456 if (ns != os && ns == UNIT_FAILED) {
2457 log_unit_debug(u, "Unit entered failed state.");
2458 unit_start_on_failure(u);
2459 }
2460 }
2461
2462 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2463
2464 if (u->type == UNIT_SERVICE &&
2465 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2466 !MANAGER_IS_RELOADING(m)) {
2467 /* Write audit record if we have just finished starting up */
2468 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2469 u->in_audit = true;
2470 }
2471
2472 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2473 manager_send_unit_plymouth(m, u);
2474
2475 } else {
2476
2477 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2478 !UNIT_IS_INACTIVE_OR_FAILED(os)
2479 && !MANAGER_IS_RELOADING(m)) {
2480
2481 /* This unit just stopped/failed. */
2482 if (u->type == UNIT_SERVICE) {
2483
2484 /* Hmm, if there was no start record written
2485 * write it now, so that we always have a nice
2486 * pair */
2487 if (!u->in_audit) {
2488 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2489
2490 if (ns == UNIT_INACTIVE)
2491 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2492 } else
2493 /* Write audit record if we have just finished shutting down */
2494 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2495
2496 u->in_audit = false;
2497 }
2498
2499 /* Write a log message about consumed resources */
2500 unit_log_resources(u);
2501 }
2502 }
2503
2504 manager_recheck_journal(m);
2505 manager_recheck_dbus(m);
2506
2507 unit_trigger_notify(u);
2508
2509 if (!MANAGER_IS_RELOADING(u->manager)) {
2510 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2511 unit_check_unneeded(u);
2512
2513 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2514 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2515 * without ever entering started.) */
2516 unit_check_binds_to(u);
2517
2518 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2519 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2520 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2521 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2522 }
2523
2524 unit_add_to_dbus_queue(u);
2525 unit_add_to_gc_queue(u);
2526 }
2527
2528 int unit_watch_pid(Unit *u, pid_t pid) {
2529 int r;
2530
2531 assert(u);
2532 assert(pid_is_valid(pid));
2533
2534 /* Watch a specific PID */
2535
2536 r = set_ensure_allocated(&u->pids, NULL);
2537 if (r < 0)
2538 return r;
2539
2540 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2541 if (r < 0)
2542 return r;
2543
2544 /* First try, let's add the unit keyed by "pid". */
2545 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2546 if (r == -EEXIST) {
2547 Unit **array;
2548 bool found = false;
2549 size_t n = 0;
2550
2551 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2552 * to an array of Units rather than just a Unit), lists us already. */
2553
2554 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2555 if (array)
2556 for (; array[n]; n++)
2557 if (array[n] == u)
2558 found = true;
2559
2560 if (found) /* Found it already? if so, do nothing */
2561 r = 0;
2562 else {
2563 Unit **new_array;
2564
2565 /* Allocate a new array */
2566 new_array = new(Unit*, n + 2);
2567 if (!new_array)
2568 return -ENOMEM;
2569
2570 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2571 new_array[n] = u;
2572 new_array[n+1] = NULL;
2573
2574 /* Add or replace the old array */
2575 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2576 if (r < 0) {
2577 free(new_array);
2578 return r;
2579 }
2580
2581 free(array);
2582 }
2583 } else if (r < 0)
2584 return r;
2585
2586 r = set_put(u->pids, PID_TO_PTR(pid));
2587 if (r < 0)
2588 return r;
2589
2590 return 0;
2591 }
2592
2593 void unit_unwatch_pid(Unit *u, pid_t pid) {
2594 Unit **array;
2595
2596 assert(u);
2597 assert(pid_is_valid(pid));
2598
2599 /* First let's drop the unit in case it's keyed as "pid". */
2600 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2601
2602 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2603 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2604 if (array) {
2605 size_t n, m = 0;
2606
2607 /* Let's iterate through the array, dropping our own entry */
2608 for (n = 0; array[n]; n++)
2609 if (array[n] != u)
2610 array[m++] = array[n];
2611 array[m] = NULL;
2612
2613 if (m == 0) {
2614 /* The array is now empty, remove the entire entry */
2615 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2616 free(array);
2617 }
2618 }
2619
2620 (void) set_remove(u->pids, PID_TO_PTR(pid));
2621 }
2622
2623 void unit_unwatch_all_pids(Unit *u) {
2624 assert(u);
2625
2626 while (!set_isempty(u->pids))
2627 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2628
2629 u->pids = set_free(u->pids);
2630 }
2631
2632 void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
2633 Iterator i;
2634 void *e;
2635
2636 assert(u);
2637
2638 /* Cleans dead PIDs from our list */
2639
2640 SET_FOREACH(e, u->pids, i) {
2641 pid_t pid = PTR_TO_PID(e);
2642
2643 if (pid == except1 || pid == except2)
2644 continue;
2645
2646 if (!pid_is_unwaited(pid))
2647 unit_unwatch_pid(u, pid);
2648 }
2649 }
2650
2651 bool unit_job_is_applicable(Unit *u, JobType j) {
2652 assert(u);
2653 assert(j >= 0 && j < _JOB_TYPE_MAX);
2654
2655 switch (j) {
2656
2657 case JOB_VERIFY_ACTIVE:
2658 case JOB_START:
2659 case JOB_NOP:
2660 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2661 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2662 * jobs for it. */
2663 return true;
2664
2665 case JOB_STOP:
2666 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2667 * external events), hence it makes no sense to permit enqueing such a request either. */
2668 return !u->perpetual;
2669
2670 case JOB_RESTART:
2671 case JOB_TRY_RESTART:
2672 return unit_can_stop(u) && unit_can_start(u);
2673
2674 case JOB_RELOAD:
2675 case JOB_TRY_RELOAD:
2676 return unit_can_reload(u);
2677
2678 case JOB_RELOAD_OR_START:
2679 return unit_can_reload(u) && unit_can_start(u);
2680
2681 default:
2682 assert_not_reached("Invalid job type");
2683 }
2684 }
2685
2686 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2687 assert(u);
2688
2689 /* Only warn about some unit types */
2690 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2691 return;
2692
2693 if (streq_ptr(u->id, other))
2694 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2695 else
2696 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2697 }
2698
2699 static int unit_add_dependency_hashmap(
2700 Hashmap **h,
2701 Unit *other,
2702 UnitDependencyMask origin_mask,
2703 UnitDependencyMask destination_mask) {
2704
2705 UnitDependencyInfo info;
2706 int r;
2707
2708 assert(h);
2709 assert(other);
2710 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2711 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2712 assert(origin_mask > 0 || destination_mask > 0);
2713
2714 r = hashmap_ensure_allocated(h, NULL);
2715 if (r < 0)
2716 return r;
2717
2718 assert_cc(sizeof(void*) == sizeof(info));
2719
2720 info.data = hashmap_get(*h, other);
2721 if (info.data) {
2722 /* Entry already exists. Add in our mask. */
2723
2724 if ((info.origin_mask & origin_mask) == info.origin_mask &&
2725 (info.destination_mask & destination_mask) == info.destination_mask)
2726 return 0; /* NOP */
2727
2728 info.origin_mask |= origin_mask;
2729 info.destination_mask |= destination_mask;
2730
2731 r = hashmap_update(*h, other, info.data);
2732 } else {
2733 info = (UnitDependencyInfo) {
2734 .origin_mask = origin_mask,
2735 .destination_mask = destination_mask,
2736 };
2737
2738 r = hashmap_put(*h, other, info.data);
2739 }
2740 if (r < 0)
2741 return r;
2742
2743 return 1;
2744 }
2745
2746 int unit_add_dependency(
2747 Unit *u,
2748 UnitDependency d,
2749 Unit *other,
2750 bool add_reference,
2751 UnitDependencyMask mask) {
2752
2753 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2754 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2755 [UNIT_WANTS] = UNIT_WANTED_BY,
2756 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2757 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2758 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2759 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2760 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2761 [UNIT_WANTED_BY] = UNIT_WANTS,
2762 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2763 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2764 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2765 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2766 [UNIT_BEFORE] = UNIT_AFTER,
2767 [UNIT_AFTER] = UNIT_BEFORE,
2768 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2769 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2770 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2771 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2772 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2773 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2774 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2775 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2776 };
2777 Unit *original_u = u, *original_other = other;
2778 int r;
2779
2780 assert(u);
2781 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2782 assert(other);
2783
2784 u = unit_follow_merge(u);
2785 other = unit_follow_merge(other);
2786
2787 /* We won't allow dependencies on ourselves. We will not
2788 * consider them an error however. */
2789 if (u == other) {
2790 maybe_warn_about_dependency(original_u, original_other->id, d);
2791 return 0;
2792 }
2793
2794 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2795 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2796 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2797 return 0;
2798 }
2799
2800 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2801 if (r < 0)
2802 return r;
2803
2804 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2805 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2806 if (r < 0)
2807 return r;
2808 }
2809
2810 if (add_reference) {
2811 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2812 if (r < 0)
2813 return r;
2814
2815 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2816 if (r < 0)
2817 return r;
2818 }
2819
2820 unit_add_to_dbus_queue(u);
2821 return 0;
2822 }
2823
2824 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2825 int r;
2826
2827 assert(u);
2828
2829 r = unit_add_dependency(u, d, other, add_reference, mask);
2830 if (r < 0)
2831 return r;
2832
2833 return unit_add_dependency(u, e, other, add_reference, mask);
2834 }
2835
2836 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2837 int r;
2838
2839 assert(u);
2840 assert(name || path);
2841 assert(buf);
2842 assert(ret);
2843
2844 if (!name)
2845 name = basename(path);
2846
2847 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2848 *buf = NULL;
2849 *ret = name;
2850 return 0;
2851 }
2852
2853 if (u->instance)
2854 r = unit_name_replace_instance(name, u->instance, buf);
2855 else {
2856 _cleanup_free_ char *i = NULL;
2857
2858 r = unit_name_to_prefix(u->id, &i);
2859 if (r < 0)
2860 return r;
2861
2862 r = unit_name_replace_instance(name, i, buf);
2863 }
2864 if (r < 0)
2865 return r;
2866
2867 *ret = *buf;
2868 return 0;
2869 }
2870
2871 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2872 _cleanup_free_ char *buf = NULL;
2873 Unit *other;
2874 int r;
2875
2876 assert(u);
2877 assert(name || path);
2878
2879 r = resolve_template(u, name, path, &buf, &name);
2880 if (r < 0)
2881 return r;
2882
2883 r = manager_load_unit(u->manager, name, path, NULL, &other);
2884 if (r < 0)
2885 return r;
2886
2887 return unit_add_dependency(u, d, other, add_reference, mask);
2888 }
2889
2890 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2891 _cleanup_free_ char *buf = NULL;
2892 Unit *other;
2893 int r;
2894
2895 assert(u);
2896 assert(name || path);
2897
2898 r = resolve_template(u, name, path, &buf, &name);
2899 if (r < 0)
2900 return r;
2901
2902 r = manager_load_unit(u->manager, name, path, NULL, &other);
2903 if (r < 0)
2904 return r;
2905
2906 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2907 }
2908
2909 int set_unit_path(const char *p) {
2910 /* This is mostly for debug purposes */
2911 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2912 return -errno;
2913
2914 return 0;
2915 }
2916
2917 char *unit_dbus_path(Unit *u) {
2918 assert(u);
2919
2920 if (!u->id)
2921 return NULL;
2922
2923 return unit_dbus_path_from_name(u->id);
2924 }
2925
2926 char *unit_dbus_path_invocation_id(Unit *u) {
2927 assert(u);
2928
2929 if (sd_id128_is_null(u->invocation_id))
2930 return NULL;
2931
2932 return unit_dbus_path_from_name(u->invocation_id_string);
2933 }
2934
2935 int unit_set_slice(Unit *u, Unit *slice) {
2936 assert(u);
2937 assert(slice);
2938
2939 /* Sets the unit slice if it has not been set before. Is extra
2940 * careful, to only allow this for units that actually have a
2941 * cgroup context. Also, we don't allow to set this for slices
2942 * (since the parent slice is derived from the name). Make
2943 * sure the unit we set is actually a slice. */
2944
2945 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2946 return -EOPNOTSUPP;
2947
2948 if (u->type == UNIT_SLICE)
2949 return -EINVAL;
2950
2951 if (unit_active_state(u) != UNIT_INACTIVE)
2952 return -EBUSY;
2953
2954 if (slice->type != UNIT_SLICE)
2955 return -EINVAL;
2956
2957 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
2958 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
2959 return -EPERM;
2960
2961 if (UNIT_DEREF(u->slice) == slice)
2962 return 0;
2963
2964 /* Disallow slice changes if @u is already bound to cgroups */
2965 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
2966 return -EBUSY;
2967
2968 unit_ref_set(&u->slice, u, slice);
2969 return 1;
2970 }
2971
2972 int unit_set_default_slice(Unit *u) {
2973 _cleanup_free_ char *b = NULL;
2974 const char *slice_name;
2975 Unit *slice;
2976 int r;
2977
2978 assert(u);
2979
2980 if (UNIT_ISSET(u->slice))
2981 return 0;
2982
2983 if (u->instance) {
2984 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
2985
2986 /* Implicitly place all instantiated units in their
2987 * own per-template slice */
2988
2989 r = unit_name_to_prefix(u->id, &prefix);
2990 if (r < 0)
2991 return r;
2992
2993 /* The prefix is already escaped, but it might include
2994 * "-" which has a special meaning for slice units,
2995 * hence escape it here extra. */
2996 escaped = unit_name_escape(prefix);
2997 if (!escaped)
2998 return -ENOMEM;
2999
3000 if (MANAGER_IS_SYSTEM(u->manager))
3001 b = strjoin("system-", escaped, ".slice");
3002 else
3003 b = strappend(escaped, ".slice");
3004 if (!b)
3005 return -ENOMEM;
3006
3007 slice_name = b;
3008 } else
3009 slice_name =
3010 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3011 ? SPECIAL_SYSTEM_SLICE
3012 : SPECIAL_ROOT_SLICE;
3013
3014 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3015 if (r < 0)
3016 return r;
3017
3018 return unit_set_slice(u, slice);
3019 }
3020
3021 const char *unit_slice_name(Unit *u) {
3022 assert(u);
3023
3024 if (!UNIT_ISSET(u->slice))
3025 return NULL;
3026
3027 return UNIT_DEREF(u->slice)->id;
3028 }
3029
3030 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3031 _cleanup_free_ char *t = NULL;
3032 int r;
3033
3034 assert(u);
3035 assert(type);
3036 assert(_found);
3037
3038 r = unit_name_change_suffix(u->id, type, &t);
3039 if (r < 0)
3040 return r;
3041 if (unit_has_name(u, t))
3042 return -EINVAL;
3043
3044 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3045 assert(r < 0 || *_found != u);
3046 return r;
3047 }
3048
3049 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3050 const char *name, *old_owner, *new_owner;
3051 Unit *u = userdata;
3052 int r;
3053
3054 assert(message);
3055 assert(u);
3056
3057 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3058 if (r < 0) {
3059 bus_log_parse_error(r);
3060 return 0;
3061 }
3062
3063 old_owner = empty_to_null(old_owner);
3064 new_owner = empty_to_null(new_owner);
3065
3066 if (UNIT_VTABLE(u)->bus_name_owner_change)
3067 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3068
3069 return 0;
3070 }
3071
3072 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3073 const char *match;
3074
3075 assert(u);
3076 assert(bus);
3077 assert(name);
3078
3079 if (u->match_bus_slot)
3080 return -EBUSY;
3081
3082 match = strjoina("type='signal',"
3083 "sender='org.freedesktop.DBus',"
3084 "path='/org/freedesktop/DBus',"
3085 "interface='org.freedesktop.DBus',"
3086 "member='NameOwnerChanged',"
3087 "arg0='", name, "'");
3088
3089 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3090 }
3091
3092 int unit_watch_bus_name(Unit *u, const char *name) {
3093 int r;
3094
3095 assert(u);
3096 assert(name);
3097
3098 /* Watch a specific name on the bus. We only support one unit
3099 * watching each name for now. */
3100
3101 if (u->manager->api_bus) {
3102 /* If the bus is already available, install the match directly.
3103 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3104 r = unit_install_bus_match(u, u->manager->api_bus, name);
3105 if (r < 0)
3106 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3107 }
3108
3109 r = hashmap_put(u->manager->watch_bus, name, u);
3110 if (r < 0) {
3111 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3112 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3113 }
3114
3115 return 0;
3116 }
3117
3118 void unit_unwatch_bus_name(Unit *u, const char *name) {
3119 assert(u);
3120 assert(name);
3121
3122 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3123 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3124 }
3125
3126 bool unit_can_serialize(Unit *u) {
3127 assert(u);
3128
3129 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3130 }
3131
3132 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3133 _cleanup_free_ char *s = NULL;
3134 int r = 0;
3135
3136 assert(f);
3137 assert(key);
3138
3139 if (mask != 0) {
3140 r = cg_mask_to_string(mask, &s);
3141 if (r >= 0) {
3142 fputs(key, f);
3143 fputc('=', f);
3144 fputs(s, f);
3145 fputc('\n', f);
3146 }
3147 }
3148 return r;
3149 }
3150
3151 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3152 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3153 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3154 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3155 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3156 };
3157
3158 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3159 CGroupIPAccountingMetric m;
3160 int r;
3161
3162 assert(u);
3163 assert(f);
3164 assert(fds);
3165
3166 if (unit_can_serialize(u)) {
3167 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3168 if (r < 0)
3169 return r;
3170 }
3171
3172 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3173
3174 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3175 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3176 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3177 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3178
3179 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3180 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3181
3182 if (dual_timestamp_is_set(&u->condition_timestamp))
3183 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3184
3185 if (dual_timestamp_is_set(&u->assert_timestamp))
3186 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3187
3188 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3189
3190 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3191 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3192 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3193
3194 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3195 if (u->cpu_usage_last != NSEC_INFINITY)
3196 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3197
3198 if (u->cgroup_path)
3199 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3200 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3201 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3202 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3203 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3204
3205 if (uid_is_valid(u->ref_uid))
3206 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3207 if (gid_is_valid(u->ref_gid))
3208 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3209
3210 if (!sd_id128_is_null(u->invocation_id))
3211 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3212
3213 bus_track_serialize(u->bus_track, f, "ref");
3214
3215 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3216 uint64_t v;
3217
3218 r = unit_get_ip_accounting(u, m, &v);
3219 if (r >= 0)
3220 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3221 }
3222
3223 if (serialize_jobs) {
3224 if (u->job) {
3225 fprintf(f, "job\n");
3226 job_serialize(u->job, f);
3227 }
3228
3229 if (u->nop_job) {
3230 fprintf(f, "job\n");
3231 job_serialize(u->nop_job, f);
3232 }
3233 }
3234
3235 /* End marker */
3236 fputc('\n', f);
3237 return 0;
3238 }
3239
3240 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3241 assert(u);
3242 assert(f);
3243 assert(key);
3244
3245 if (!value)
3246 return 0;
3247
3248 fputs(key, f);
3249 fputc('=', f);
3250 fputs(value, f);
3251 fputc('\n', f);
3252
3253 return 1;
3254 }
3255
3256 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3257 _cleanup_free_ char *c = NULL;
3258
3259 assert(u);
3260 assert(f);
3261 assert(key);
3262
3263 if (!value)
3264 return 0;
3265
3266 c = cescape(value);
3267 if (!c)
3268 return -ENOMEM;
3269
3270 fputs(key, f);
3271 fputc('=', f);
3272 fputs(c, f);
3273 fputc('\n', f);
3274
3275 return 1;
3276 }
3277
3278 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3279 int copy;
3280
3281 assert(u);
3282 assert(f);
3283 assert(key);
3284
3285 if (fd < 0)
3286 return 0;
3287
3288 copy = fdset_put_dup(fds, fd);
3289 if (copy < 0)
3290 return copy;
3291
3292 fprintf(f, "%s=%i\n", key, copy);
3293 return 1;
3294 }
3295
3296 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3297 va_list ap;
3298
3299 assert(u);
3300 assert(f);
3301 assert(key);
3302 assert(format);
3303
3304 fputs(key, f);
3305 fputc('=', f);
3306
3307 va_start(ap, format);
3308 vfprintf(f, format, ap);
3309 va_end(ap);
3310
3311 fputc('\n', f);
3312 }
3313
3314 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3315 int r;
3316
3317 assert(u);
3318 assert(f);
3319 assert(fds);
3320
3321 for (;;) {
3322 char line[LINE_MAX], *l, *v;
3323 CGroupIPAccountingMetric m;
3324 size_t k;
3325
3326 if (!fgets(line, sizeof(line), f)) {
3327 if (feof(f))
3328 return 0;
3329 return -errno;
3330 }
3331
3332 char_array_0(line);
3333 l = strstrip(line);
3334
3335 /* End marker */
3336 if (isempty(l))
3337 break;
3338
3339 k = strcspn(l, "=");
3340
3341 if (l[k] == '=') {
3342 l[k] = 0;
3343 v = l+k+1;
3344 } else
3345 v = l+k;
3346
3347 if (streq(l, "job")) {
3348 if (v[0] == '\0') {
3349 /* new-style serialized job */
3350 Job *j;
3351
3352 j = job_new_raw(u);
3353 if (!j)
3354 return log_oom();
3355
3356 r = job_deserialize(j, f);
3357 if (r < 0) {
3358 job_free(j);
3359 return r;
3360 }
3361
3362 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3363 if (r < 0) {
3364 job_free(j);
3365 return r;
3366 }
3367
3368 r = job_install_deserialized(j);
3369 if (r < 0) {
3370 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3371 job_free(j);
3372 return r;
3373 }
3374 } else /* legacy for pre-44 */
3375 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3376 continue;
3377 } else if (streq(l, "state-change-timestamp")) {
3378 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3379 continue;
3380 } else if (streq(l, "inactive-exit-timestamp")) {
3381 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3382 continue;
3383 } else if (streq(l, "active-enter-timestamp")) {
3384 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3385 continue;
3386 } else if (streq(l, "active-exit-timestamp")) {
3387 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3388 continue;
3389 } else if (streq(l, "inactive-enter-timestamp")) {
3390 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3391 continue;
3392 } else if (streq(l, "condition-timestamp")) {
3393 dual_timestamp_deserialize(v, &u->condition_timestamp);
3394 continue;
3395 } else if (streq(l, "assert-timestamp")) {
3396 dual_timestamp_deserialize(v, &u->assert_timestamp);
3397 continue;
3398 } else if (streq(l, "condition-result")) {
3399
3400 r = parse_boolean(v);
3401 if (r < 0)
3402 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3403 else
3404 u->condition_result = r;
3405
3406 continue;
3407
3408 } else if (streq(l, "assert-result")) {
3409
3410 r = parse_boolean(v);
3411 if (r < 0)
3412 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3413 else
3414 u->assert_result = r;
3415
3416 continue;
3417
3418 } else if (streq(l, "transient")) {
3419
3420 r = parse_boolean(v);
3421 if (r < 0)
3422 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3423 else
3424 u->transient = r;
3425
3426 continue;
3427
3428 } else if (streq(l, "exported-invocation-id")) {
3429
3430 r = parse_boolean(v);
3431 if (r < 0)
3432 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3433 else
3434 u->exported_invocation_id = r;
3435
3436 continue;
3437
3438 } else if (streq(l, "exported-log-level-max")) {
3439
3440 r = parse_boolean(v);
3441 if (r < 0)
3442 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3443 else
3444 u->exported_log_level_max = r;
3445
3446 continue;
3447
3448 } else if (streq(l, "exported-log-extra-fields")) {
3449
3450 r = parse_boolean(v);
3451 if (r < 0)
3452 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3453 else
3454 u->exported_log_extra_fields = r;
3455
3456 continue;
3457
3458 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3459
3460 r = safe_atou64(v, &u->cpu_usage_base);
3461 if (r < 0)
3462 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3463
3464 continue;
3465
3466 } else if (streq(l, "cpu-usage-last")) {
3467
3468 r = safe_atou64(v, &u->cpu_usage_last);
3469 if (r < 0)
3470 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3471
3472 continue;
3473
3474 } else if (streq(l, "cgroup")) {
3475
3476 r = unit_set_cgroup_path(u, v);
3477 if (r < 0)
3478 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3479
3480 (void) unit_watch_cgroup(u);
3481
3482 continue;
3483 } else if (streq(l, "cgroup-realized")) {
3484 int b;
3485
3486 b = parse_boolean(v);
3487 if (b < 0)
3488 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3489 else
3490 u->cgroup_realized = b;
3491
3492 continue;
3493
3494 } else if (streq(l, "cgroup-realized-mask")) {
3495
3496 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3497 if (r < 0)
3498 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3499 continue;
3500
3501 } else if (streq(l, "cgroup-enabled-mask")) {
3502
3503 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3504 if (r < 0)
3505 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3506 continue;
3507
3508 } else if (streq(l, "cgroup-bpf-realized")) {
3509 int i;
3510
3511 r = safe_atoi(v, &i);
3512 if (r < 0)
3513 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3514 else
3515 u->cgroup_bpf_state =
3516 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3517 i > 0 ? UNIT_CGROUP_BPF_ON :
3518 UNIT_CGROUP_BPF_OFF;
3519
3520 continue;
3521
3522 } else if (streq(l, "ref-uid")) {
3523 uid_t uid;
3524
3525 r = parse_uid(v, &uid);
3526 if (r < 0)
3527 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3528 else
3529 unit_ref_uid_gid(u, uid, GID_INVALID);
3530
3531 continue;
3532
3533 } else if (streq(l, "ref-gid")) {
3534 gid_t gid;
3535
3536 r = parse_gid(v, &gid);
3537 if (r < 0)
3538 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3539 else
3540 unit_ref_uid_gid(u, UID_INVALID, gid);
3541
3542 } else if (streq(l, "ref")) {
3543
3544 r = strv_extend(&u->deserialized_refs, v);
3545 if (r < 0)
3546 log_oom();
3547
3548 continue;
3549 } else if (streq(l, "invocation-id")) {
3550 sd_id128_t id;
3551
3552 r = sd_id128_from_string(v, &id);
3553 if (r < 0)
3554 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3555 else {
3556 r = unit_set_invocation_id(u, id);
3557 if (r < 0)
3558 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3559 }
3560
3561 continue;
3562 }
3563
3564 /* Check if this is an IP accounting metric serialization field */
3565 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3566 if (streq(l, ip_accounting_metric_field[m]))
3567 break;
3568 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3569 uint64_t c;
3570
3571 r = safe_atou64(v, &c);
3572 if (r < 0)
3573 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3574 else
3575 u->ip_accounting_extra[m] = c;
3576 continue;
3577 }
3578
3579 if (unit_can_serialize(u)) {
3580 r = exec_runtime_deserialize_compat(u, l, v, fds);
3581 if (r < 0) {
3582 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3583 continue;
3584 }
3585
3586 /* Returns positive if key was handled by the call */
3587 if (r > 0)
3588 continue;
3589
3590 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3591 if (r < 0)
3592 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3593 }
3594 }
3595
3596 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3597 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3598 * before 228 where the base for timeouts was not persistent across reboots. */
3599
3600 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3601 dual_timestamp_get(&u->state_change_timestamp);
3602
3603 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3604 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3605 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3606 unit_invalidate_cgroup_bpf(u);
3607
3608 return 0;
3609 }
3610
3611 void unit_deserialize_skip(FILE *f) {
3612 assert(f);
3613
3614 /* Skip serialized data for this unit. We don't know what it is. */
3615
3616 for (;;) {
3617 char line[LINE_MAX], *l;
3618
3619 if (!fgets(line, sizeof line, f))
3620 return;
3621
3622 char_array_0(line);
3623 l = strstrip(line);
3624
3625 /* End marker */
3626 if (isempty(l))
3627 return;
3628 }
3629 }
3630
3631
3632 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3633 Unit *device;
3634 _cleanup_free_ char *e = NULL;
3635 int r;
3636
3637 assert(u);
3638
3639 /* Adds in links to the device node that this unit is based on */
3640 if (isempty(what))
3641 return 0;
3642
3643 if (!is_device_path(what))
3644 return 0;
3645
3646 /* When device units aren't supported (such as in a
3647 * container), don't create dependencies on them. */
3648 if (!unit_type_supported(UNIT_DEVICE))
3649 return 0;
3650
3651 r = unit_name_from_path(what, ".device", &e);
3652 if (r < 0)
3653 return r;
3654
3655 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3656 if (r < 0)
3657 return r;
3658
3659 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3660 dep = UNIT_BINDS_TO;
3661
3662 r = unit_add_two_dependencies(u, UNIT_AFTER,
3663 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3664 device, true, mask);
3665 if (r < 0)
3666 return r;
3667
3668 if (wants) {
3669 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3670 if (r < 0)
3671 return r;
3672 }
3673
3674 return 0;
3675 }
3676
3677 int unit_coldplug(Unit *u) {
3678 int r = 0, q;
3679 char **i;
3680
3681 assert(u);
3682
3683 /* Make sure we don't enter a loop, when coldplugging
3684 * recursively. */
3685 if (u->coldplugged)
3686 return 0;
3687
3688 u->coldplugged = true;
3689
3690 STRV_FOREACH(i, u->deserialized_refs) {
3691 q = bus_unit_track_add_name(u, *i);
3692 if (q < 0 && r >= 0)
3693 r = q;
3694 }
3695 u->deserialized_refs = strv_free(u->deserialized_refs);
3696
3697 if (UNIT_VTABLE(u)->coldplug) {
3698 q = UNIT_VTABLE(u)->coldplug(u);
3699 if (q < 0 && r >= 0)
3700 r = q;
3701 }
3702
3703 if (u->job) {
3704 q = job_coldplug(u->job);
3705 if (q < 0 && r >= 0)
3706 r = q;
3707 }
3708
3709 return r;
3710 }
3711
3712 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3713 struct stat st;
3714
3715 if (!path)
3716 return false;
3717
3718 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3719 * are never out-of-date. */
3720 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3721 return false;
3722
3723 if (stat(path, &st) < 0)
3724 /* What, cannot access this anymore? */
3725 return true;
3726
3727 if (path_masked)
3728 /* For masked files check if they are still so */
3729 return !null_or_empty(&st);
3730 else
3731 /* For non-empty files check the mtime */
3732 return timespec_load(&st.st_mtim) > mtime;
3733
3734 return false;
3735 }
3736
3737 bool unit_need_daemon_reload(Unit *u) {
3738 _cleanup_strv_free_ char **t = NULL;
3739 char **path;
3740
3741 assert(u);
3742
3743 /* For unit files, we allow masking… */
3744 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3745 u->load_state == UNIT_MASKED))
3746 return true;
3747
3748 /* Source paths should not be masked… */
3749 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3750 return true;
3751
3752 if (u->load_state == UNIT_LOADED)
3753 (void) unit_find_dropin_paths(u, &t);
3754 if (!strv_equal(u->dropin_paths, t))
3755 return true;
3756
3757 /* … any drop-ins that are masked are simply omitted from the list. */
3758 STRV_FOREACH(path, u->dropin_paths)
3759 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3760 return true;
3761
3762 return false;
3763 }
3764
3765 void unit_reset_failed(Unit *u) {
3766 assert(u);
3767
3768 if (UNIT_VTABLE(u)->reset_failed)
3769 UNIT_VTABLE(u)->reset_failed(u);
3770
3771 RATELIMIT_RESET(u->start_limit);
3772 u->start_limit_hit = false;
3773 }
3774
3775 Unit *unit_following(Unit *u) {
3776 assert(u);
3777
3778 if (UNIT_VTABLE(u)->following)
3779 return UNIT_VTABLE(u)->following(u);
3780
3781 return NULL;
3782 }
3783
3784 bool unit_stop_pending(Unit *u) {
3785 assert(u);
3786
3787 /* This call does check the current state of the unit. It's
3788 * hence useful to be called from state change calls of the
3789 * unit itself, where the state isn't updated yet. This is
3790 * different from unit_inactive_or_pending() which checks both
3791 * the current state and for a queued job. */
3792
3793 return u->job && u->job->type == JOB_STOP;
3794 }
3795
3796 bool unit_inactive_or_pending(Unit *u) {
3797 assert(u);
3798
3799 /* Returns true if the unit is inactive or going down */
3800
3801 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3802 return true;
3803
3804 if (unit_stop_pending(u))
3805 return true;
3806
3807 return false;
3808 }
3809
3810 bool unit_active_or_pending(Unit *u) {
3811 assert(u);
3812
3813 /* Returns true if the unit is active or going up */
3814
3815 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3816 return true;
3817
3818 if (u->job &&
3819 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3820 return true;
3821
3822 return false;
3823 }
3824
3825 bool unit_will_restart(Unit *u) {
3826 assert(u);
3827
3828 if (!UNIT_VTABLE(u)->will_restart)
3829 return false;
3830
3831 return UNIT_VTABLE(u)->will_restart(u);
3832 }
3833
3834 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3835 assert(u);
3836 assert(w >= 0 && w < _KILL_WHO_MAX);
3837 assert(SIGNAL_VALID(signo));
3838
3839 if (!UNIT_VTABLE(u)->kill)
3840 return -EOPNOTSUPP;
3841
3842 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3843 }
3844
3845 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3846 Set *pid_set;
3847 int r;
3848
3849 pid_set = set_new(NULL);
3850 if (!pid_set)
3851 return NULL;
3852
3853 /* Exclude the main/control pids from being killed via the cgroup */
3854 if (main_pid > 0) {
3855 r = set_put(pid_set, PID_TO_PTR(main_pid));
3856 if (r < 0)
3857 goto fail;
3858 }
3859
3860 if (control_pid > 0) {
3861 r = set_put(pid_set, PID_TO_PTR(control_pid));
3862 if (r < 0)
3863 goto fail;
3864 }
3865
3866 return pid_set;
3867
3868 fail:
3869 set_free(pid_set);
3870 return NULL;
3871 }
3872
3873 int unit_kill_common(
3874 Unit *u,
3875 KillWho who,
3876 int signo,
3877 pid_t main_pid,
3878 pid_t control_pid,
3879 sd_bus_error *error) {
3880
3881 int r = 0;
3882 bool killed = false;
3883
3884 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3885 if (main_pid < 0)
3886 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3887 else if (main_pid == 0)
3888 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3889 }
3890
3891 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3892 if (control_pid < 0)
3893 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3894 else if (control_pid == 0)
3895 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3896 }
3897
3898 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3899 if (control_pid > 0) {
3900 if (kill(control_pid, signo) < 0)
3901 r = -errno;
3902 else
3903 killed = true;
3904 }
3905
3906 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3907 if (main_pid > 0) {
3908 if (kill(main_pid, signo) < 0)
3909 r = -errno;
3910 else
3911 killed = true;
3912 }
3913
3914 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3915 _cleanup_set_free_ Set *pid_set = NULL;
3916 int q;
3917
3918 /* Exclude the main/control pids from being killed via the cgroup */
3919 pid_set = unit_pid_set(main_pid, control_pid);
3920 if (!pid_set)
3921 return -ENOMEM;
3922
3923 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3924 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3925 r = q;
3926 else
3927 killed = true;
3928 }
3929
3930 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3931 return -ESRCH;
3932
3933 return r;
3934 }
3935
3936 int unit_following_set(Unit *u, Set **s) {
3937 assert(u);
3938 assert(s);
3939
3940 if (UNIT_VTABLE(u)->following_set)
3941 return UNIT_VTABLE(u)->following_set(u, s);
3942
3943 *s = NULL;
3944 return 0;
3945 }
3946
3947 UnitFileState unit_get_unit_file_state(Unit *u) {
3948 int r;
3949
3950 assert(u);
3951
3952 if (u->unit_file_state < 0 && u->fragment_path) {
3953 r = unit_file_get_state(
3954 u->manager->unit_file_scope,
3955 NULL,
3956 u->id,
3957 &u->unit_file_state);
3958 if (r < 0)
3959 u->unit_file_state = UNIT_FILE_BAD;
3960 }
3961
3962 return u->unit_file_state;
3963 }
3964
3965 int unit_get_unit_file_preset(Unit *u) {
3966 assert(u);
3967
3968 if (u->unit_file_preset < 0 && u->fragment_path)
3969 u->unit_file_preset = unit_file_query_preset(
3970 u->manager->unit_file_scope,
3971 NULL,
3972 basename(u->fragment_path));
3973
3974 return u->unit_file_preset;
3975 }
3976
3977 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
3978 assert(ref);
3979 assert(source);
3980 assert(target);
3981
3982 if (ref->target)
3983 unit_ref_unset(ref);
3984
3985 ref->source = source;
3986 ref->target = target;
3987 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3988 return target;
3989 }
3990
3991 void unit_ref_unset(UnitRef *ref) {
3992 assert(ref);
3993
3994 if (!ref->target)
3995 return;
3996
3997 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3998 * be unreferenced now. */
3999 unit_add_to_gc_queue(ref->target);
4000
4001 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4002 ref->source = ref->target = NULL;
4003 }
4004
4005 static int user_from_unit_name(Unit *u, char **ret) {
4006
4007 static const uint8_t hash_key[] = {
4008 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4009 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4010 };
4011
4012 _cleanup_free_ char *n = NULL;
4013 int r;
4014
4015 r = unit_name_to_prefix(u->id, &n);
4016 if (r < 0)
4017 return r;
4018
4019 if (valid_user_group_name(n)) {
4020 *ret = n;
4021 n = NULL;
4022 return 0;
4023 }
4024
4025 /* If we can't use the unit name as a user name, then let's hash it and use that */
4026 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4027 return -ENOMEM;
4028
4029 return 0;
4030 }
4031
4032 int unit_patch_contexts(Unit *u) {
4033 CGroupContext *cc;
4034 ExecContext *ec;
4035 unsigned i;
4036 int r;
4037
4038 assert(u);
4039
4040 /* Patch in the manager defaults into the exec and cgroup
4041 * contexts, _after_ the rest of the settings have been
4042 * initialized */
4043
4044 ec = unit_get_exec_context(u);
4045 if (ec) {
4046 /* This only copies in the ones that need memory */
4047 for (i = 0; i < _RLIMIT_MAX; i++)
4048 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4049 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4050 if (!ec->rlimit[i])
4051 return -ENOMEM;
4052 }
4053
4054 if (MANAGER_IS_USER(u->manager) &&
4055 !ec->working_directory) {
4056
4057 r = get_home_dir(&ec->working_directory);
4058 if (r < 0)
4059 return r;
4060
4061 /* Allow user services to run, even if the
4062 * home directory is missing */
4063 ec->working_directory_missing_ok = true;
4064 }
4065
4066 if (ec->private_devices)
4067 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4068
4069 if (ec->protect_kernel_modules)
4070 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4071
4072 if (ec->dynamic_user) {
4073 if (!ec->user) {
4074 r = user_from_unit_name(u, &ec->user);
4075 if (r < 0)
4076 return r;
4077 }
4078
4079 if (!ec->group) {
4080 ec->group = strdup(ec->user);
4081 if (!ec->group)
4082 return -ENOMEM;
4083 }
4084
4085 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4086 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4087
4088 ec->private_tmp = true;
4089 ec->remove_ipc = true;
4090 ec->protect_system = PROTECT_SYSTEM_STRICT;
4091 if (ec->protect_home == PROTECT_HOME_NO)
4092 ec->protect_home = PROTECT_HOME_READ_ONLY;
4093 }
4094 }
4095
4096 cc = unit_get_cgroup_context(u);
4097 if (cc) {
4098
4099 if (ec &&
4100 ec->private_devices &&
4101 cc->device_policy == CGROUP_AUTO)
4102 cc->device_policy = CGROUP_CLOSED;
4103 }
4104
4105 return 0;
4106 }
4107
4108 ExecContext *unit_get_exec_context(Unit *u) {
4109 size_t offset;
4110 assert(u);
4111
4112 if (u->type < 0)
4113 return NULL;
4114
4115 offset = UNIT_VTABLE(u)->exec_context_offset;
4116 if (offset <= 0)
4117 return NULL;
4118
4119 return (ExecContext*) ((uint8_t*) u + offset);
4120 }
4121
4122 KillContext *unit_get_kill_context(Unit *u) {
4123 size_t offset;
4124 assert(u);
4125
4126 if (u->type < 0)
4127 return NULL;
4128
4129 offset = UNIT_VTABLE(u)->kill_context_offset;
4130 if (offset <= 0)
4131 return NULL;
4132
4133 return (KillContext*) ((uint8_t*) u + offset);
4134 }
4135
4136 CGroupContext *unit_get_cgroup_context(Unit *u) {
4137 size_t offset;
4138
4139 if (u->type < 0)
4140 return NULL;
4141
4142 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4143 if (offset <= 0)
4144 return NULL;
4145
4146 return (CGroupContext*) ((uint8_t*) u + offset);
4147 }
4148
4149 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4150 size_t offset;
4151
4152 if (u->type < 0)
4153 return NULL;
4154
4155 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4156 if (offset <= 0)
4157 return NULL;
4158
4159 return *(ExecRuntime**) ((uint8_t*) u + offset);
4160 }
4161
4162 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4163 assert(u);
4164
4165 if (UNIT_WRITE_FLAGS_NOOP(flags))
4166 return NULL;
4167
4168 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4169 return u->manager->lookup_paths.transient;
4170
4171 if (flags & UNIT_PERSISTENT)
4172 return u->manager->lookup_paths.persistent_control;
4173
4174 if (flags & UNIT_RUNTIME)
4175 return u->manager->lookup_paths.runtime_control;
4176
4177 return NULL;
4178 }
4179
4180 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4181 char *ret = NULL;
4182
4183 if (!s)
4184 return NULL;
4185
4186 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4187 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4188 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4189 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4190 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4191 * allocations. */
4192
4193 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4194 ret = specifier_escape(s);
4195 if (!ret)
4196 return NULL;
4197
4198 s = ret;
4199 }
4200
4201 if (flags & UNIT_ESCAPE_C) {
4202 char *a;
4203
4204 a = cescape(s);
4205 free(ret);
4206 if (!a)
4207 return NULL;
4208
4209 ret = a;
4210 }
4211
4212 if (buf) {
4213 *buf = ret;
4214 return ret ?: (char*) s;
4215 }
4216
4217 return ret ?: strdup(s);
4218 }
4219
4220 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4221 _cleanup_free_ char *result = NULL;
4222 size_t n = 0, allocated = 0;
4223 char **i, *ret;
4224
4225 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4226 * way suitable for ExecStart= stanzas */
4227
4228 STRV_FOREACH(i, l) {
4229 _cleanup_free_ char *buf = NULL;
4230 const char *p;
4231 size_t a;
4232 char *q;
4233
4234 p = unit_escape_setting(*i, flags, &buf);
4235 if (!p)
4236 return NULL;
4237
4238 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4239 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4240 return NULL;
4241
4242 q = result + n;
4243 if (n > 0)
4244 *(q++) = ' ';
4245
4246 *(q++) = '"';
4247 q = stpcpy(q, p);
4248 *(q++) = '"';
4249
4250 n += a;
4251 }
4252
4253 if (!GREEDY_REALLOC(result, allocated, n + 1))
4254 return NULL;
4255
4256 result[n] = 0;
4257
4258 ret = result;
4259 result = NULL;
4260
4261 return ret;
4262 }
4263
4264 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4265 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4266 const char *dir, *wrapped;
4267 int r;
4268
4269 assert(u);
4270 assert(name);
4271 assert(data);
4272
4273 if (UNIT_WRITE_FLAGS_NOOP(flags))
4274 return 0;
4275
4276 data = unit_escape_setting(data, flags, &escaped);
4277 if (!data)
4278 return -ENOMEM;
4279
4280 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4281 * previous section header is the same */
4282
4283 if (flags & UNIT_PRIVATE) {
4284 if (!UNIT_VTABLE(u)->private_section)
4285 return -EINVAL;
4286
4287 if (!u->transient_file || u->last_section_private < 0)
4288 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4289 else if (u->last_section_private == 0)
4290 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4291 } else {
4292 if (!u->transient_file || u->last_section_private < 0)
4293 data = strjoina("[Unit]\n", data);
4294 else if (u->last_section_private > 0)
4295 data = strjoina("\n[Unit]\n", data);
4296 }
4297
4298 if (u->transient_file) {
4299 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4300 * write to the transient unit file. */
4301 fputs(data, u->transient_file);
4302
4303 if (!endswith(data, "\n"))
4304 fputc('\n', u->transient_file);
4305
4306 /* Remember which section we wrote this entry to */
4307 u->last_section_private = !!(flags & UNIT_PRIVATE);
4308 return 0;
4309 }
4310
4311 dir = unit_drop_in_dir(u, flags);
4312 if (!dir)
4313 return -EINVAL;
4314
4315 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4316 "# or an equivalent operation. Do not edit.\n",
4317 data,
4318 "\n");
4319
4320 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4321 if (r < 0)
4322 return r;
4323
4324 (void) mkdir_p_label(p, 0755);
4325 r = write_string_file_atomic_label(q, wrapped);
4326 if (r < 0)
4327 return r;
4328
4329 r = strv_push(&u->dropin_paths, q);
4330 if (r < 0)
4331 return r;
4332 q = NULL;
4333
4334 strv_uniq(u->dropin_paths);
4335
4336 u->dropin_mtime = now(CLOCK_REALTIME);
4337
4338 return 0;
4339 }
4340
4341 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4342 _cleanup_free_ char *p = NULL;
4343 va_list ap;
4344 int r;
4345
4346 assert(u);
4347 assert(name);
4348 assert(format);
4349
4350 if (UNIT_WRITE_FLAGS_NOOP(flags))
4351 return 0;
4352
4353 va_start(ap, format);
4354 r = vasprintf(&p, format, ap);
4355 va_end(ap);
4356
4357 if (r < 0)
4358 return -ENOMEM;
4359
4360 return unit_write_setting(u, flags, name, p);
4361 }
4362
4363 int unit_make_transient(Unit *u) {
4364 _cleanup_free_ char *path = NULL;
4365 FILE *f;
4366
4367 assert(u);
4368
4369 if (!UNIT_VTABLE(u)->can_transient)
4370 return -EOPNOTSUPP;
4371
4372 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4373
4374 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4375 if (!path)
4376 return -ENOMEM;
4377
4378 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4379 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4380
4381 RUN_WITH_UMASK(0022) {
4382 f = fopen(path, "we");
4383 if (!f)
4384 return -errno;
4385 }
4386
4387 safe_fclose(u->transient_file);
4388 u->transient_file = f;
4389
4390 free_and_replace(u->fragment_path, path);
4391
4392 u->source_path = mfree(u->source_path);
4393 u->dropin_paths = strv_free(u->dropin_paths);
4394 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4395
4396 u->load_state = UNIT_STUB;
4397 u->load_error = 0;
4398 u->transient = true;
4399
4400 unit_add_to_dbus_queue(u);
4401 unit_add_to_gc_queue(u);
4402
4403 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4404 u->transient_file);
4405
4406 return 0;
4407 }
4408
4409 static void log_kill(pid_t pid, int sig, void *userdata) {
4410 _cleanup_free_ char *comm = NULL;
4411
4412 (void) get_process_comm(pid, &comm);
4413
4414 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4415 only, like for example systemd's own PAM stub process. */
4416 if (comm && comm[0] == '(')
4417 return;
4418
4419 log_unit_notice(userdata,
4420 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4421 pid,
4422 strna(comm),
4423 signal_to_string(sig));
4424 }
4425
4426 static int operation_to_signal(KillContext *c, KillOperation k) {
4427 assert(c);
4428
4429 switch (k) {
4430
4431 case KILL_TERMINATE:
4432 case KILL_TERMINATE_AND_LOG:
4433 return c->kill_signal;
4434
4435 case KILL_KILL:
4436 return SIGKILL;
4437
4438 case KILL_ABORT:
4439 return SIGABRT;
4440
4441 default:
4442 assert_not_reached("KillOperation unknown");
4443 }
4444 }
4445
4446 int unit_kill_context(
4447 Unit *u,
4448 KillContext *c,
4449 KillOperation k,
4450 pid_t main_pid,
4451 pid_t control_pid,
4452 bool main_pid_alien) {
4453
4454 bool wait_for_exit = false, send_sighup;
4455 cg_kill_log_func_t log_func = NULL;
4456 int sig, r;
4457
4458 assert(u);
4459 assert(c);
4460
4461 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4462 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4463
4464 if (c->kill_mode == KILL_NONE)
4465 return 0;
4466
4467 sig = operation_to_signal(c, k);
4468
4469 send_sighup =
4470 c->send_sighup &&
4471 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4472 sig != SIGHUP;
4473
4474 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4475 log_func = log_kill;
4476
4477 if (main_pid > 0) {
4478 if (log_func)
4479 log_func(main_pid, sig, u);
4480
4481 r = kill_and_sigcont(main_pid, sig);
4482 if (r < 0 && r != -ESRCH) {
4483 _cleanup_free_ char *comm = NULL;
4484 (void) get_process_comm(main_pid, &comm);
4485
4486 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4487 } else {
4488 if (!main_pid_alien)
4489 wait_for_exit = true;
4490
4491 if (r != -ESRCH && send_sighup)
4492 (void) kill(main_pid, SIGHUP);
4493 }
4494 }
4495
4496 if (control_pid > 0) {
4497 if (log_func)
4498 log_func(control_pid, sig, u);
4499
4500 r = kill_and_sigcont(control_pid, sig);
4501 if (r < 0 && r != -ESRCH) {
4502 _cleanup_free_ char *comm = NULL;
4503 (void) get_process_comm(control_pid, &comm);
4504
4505 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4506 } else {
4507 wait_for_exit = true;
4508
4509 if (r != -ESRCH && send_sighup)
4510 (void) kill(control_pid, SIGHUP);
4511 }
4512 }
4513
4514 if (u->cgroup_path &&
4515 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4516 _cleanup_set_free_ Set *pid_set = NULL;
4517
4518 /* Exclude the main/control pids from being killed via the cgroup */
4519 pid_set = unit_pid_set(main_pid, control_pid);
4520 if (!pid_set)
4521 return -ENOMEM;
4522
4523 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4524 sig,
4525 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4526 pid_set,
4527 log_func, u);
4528 if (r < 0) {
4529 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4530 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4531
4532 } else if (r > 0) {
4533
4534 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4535 * we are running in a container or if this is a delegation unit, simply because cgroup
4536 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4537 * of containers it can be confused easily by left-over directories in the cgroup — which
4538 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4539 * there we get proper events. Hence rely on them. */
4540
4541 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4542 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4543 wait_for_exit = true;
4544
4545 if (send_sighup) {
4546 set_free(pid_set);
4547
4548 pid_set = unit_pid_set(main_pid, control_pid);
4549 if (!pid_set)
4550 return -ENOMEM;
4551
4552 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4553 SIGHUP,
4554 CGROUP_IGNORE_SELF,
4555 pid_set,
4556 NULL, NULL);
4557 }
4558 }
4559 }
4560
4561 return wait_for_exit;
4562 }
4563
4564 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4565 _cleanup_free_ char *p = NULL;
4566 char *prefix;
4567 UnitDependencyInfo di;
4568 int r;
4569
4570 assert(u);
4571 assert(path);
4572
4573 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4574 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4575 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4576 * determine which units to make themselves a dependency of. */
4577
4578 if (!path_is_absolute(path))
4579 return -EINVAL;
4580
4581 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4582 if (r < 0)
4583 return r;
4584
4585 p = strdup(path);
4586 if (!p)
4587 return -ENOMEM;
4588
4589 path = path_kill_slashes(p);
4590
4591 if (!path_is_normalized(path))
4592 return -EPERM;
4593
4594 if (hashmap_contains(u->requires_mounts_for, path))
4595 return 0;
4596
4597 di = (UnitDependencyInfo) {
4598 .origin_mask = mask
4599 };
4600
4601 r = hashmap_put(u->requires_mounts_for, path, di.data);
4602 if (r < 0)
4603 return r;
4604 p = NULL;
4605
4606 prefix = alloca(strlen(path) + 1);
4607 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4608 Set *x;
4609
4610 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4611 if (!x) {
4612 _cleanup_free_ char *q = NULL;
4613
4614 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4615 if (r < 0)
4616 return r;
4617
4618 q = strdup(prefix);
4619 if (!q)
4620 return -ENOMEM;
4621
4622 x = set_new(NULL);
4623 if (!x)
4624 return -ENOMEM;
4625
4626 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4627 if (r < 0) {
4628 set_free(x);
4629 return r;
4630 }
4631 q = NULL;
4632 }
4633
4634 r = set_put(x, u);
4635 if (r < 0)
4636 return r;
4637 }
4638
4639 return 0;
4640 }
4641
4642 int unit_setup_exec_runtime(Unit *u) {
4643 ExecRuntime **rt;
4644 size_t offset;
4645 Unit *other;
4646 Iterator i;
4647 void *v;
4648 int r;
4649
4650 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4651 assert(offset > 0);
4652
4653 /* Check if there already is an ExecRuntime for this unit? */
4654 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4655 if (*rt)
4656 return 0;
4657
4658 /* Try to get it from somebody else */
4659 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4660 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4661 if (r == 1)
4662 return 1;
4663 }
4664
4665 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4666 }
4667
4668 int unit_setup_dynamic_creds(Unit *u) {
4669 ExecContext *ec;
4670 DynamicCreds *dcreds;
4671 size_t offset;
4672
4673 assert(u);
4674
4675 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4676 assert(offset > 0);
4677 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4678
4679 ec = unit_get_exec_context(u);
4680 assert(ec);
4681
4682 if (!ec->dynamic_user)
4683 return 0;
4684
4685 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4686 }
4687
4688 bool unit_type_supported(UnitType t) {
4689 if (_unlikely_(t < 0))
4690 return false;
4691 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4692 return false;
4693
4694 if (!unit_vtable[t]->supported)
4695 return true;
4696
4697 return unit_vtable[t]->supported();
4698 }
4699
4700 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4701 int r;
4702
4703 assert(u);
4704 assert(where);
4705
4706 r = dir_is_empty(where);
4707 if (r > 0 || r == -ENOTDIR)
4708 return;
4709 if (r < 0) {
4710 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4711 return;
4712 }
4713
4714 log_struct(LOG_NOTICE,
4715 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4716 LOG_UNIT_ID(u),
4717 LOG_UNIT_INVOCATION_ID(u),
4718 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4719 "WHERE=%s", where,
4720 NULL);
4721 }
4722
4723 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4724 _cleanup_free_ char *canonical_where;
4725 int r;
4726
4727 assert(u);
4728 assert(where);
4729
4730 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4731 if (r < 0) {
4732 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4733 return 0;
4734 }
4735
4736 /* We will happily ignore a trailing slash (or any redundant slashes) */
4737 if (path_equal(where, canonical_where))
4738 return 0;
4739
4740 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4741 log_struct(LOG_ERR,
4742 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4743 LOG_UNIT_ID(u),
4744 LOG_UNIT_INVOCATION_ID(u),
4745 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4746 "WHERE=%s", where,
4747 NULL);
4748
4749 return -ELOOP;
4750 }
4751
4752 bool unit_is_pristine(Unit *u) {
4753 assert(u);
4754
4755 /* Check if the unit already exists or is already around,
4756 * in a number of different ways. Note that to cater for unit
4757 * types such as slice, we are generally fine with units that
4758 * are marked UNIT_LOADED even though nothing was
4759 * actually loaded, as those unit types don't require a file
4760 * on disk to validly load. */
4761
4762 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4763 u->fragment_path ||
4764 u->source_path ||
4765 !strv_isempty(u->dropin_paths) ||
4766 u->job ||
4767 u->merged_into);
4768 }
4769
4770 pid_t unit_control_pid(Unit *u) {
4771 assert(u);
4772
4773 if (UNIT_VTABLE(u)->control_pid)
4774 return UNIT_VTABLE(u)->control_pid(u);
4775
4776 return 0;
4777 }
4778
4779 pid_t unit_main_pid(Unit *u) {
4780 assert(u);
4781
4782 if (UNIT_VTABLE(u)->main_pid)
4783 return UNIT_VTABLE(u)->main_pid(u);
4784
4785 return 0;
4786 }
4787
4788 static void unit_unref_uid_internal(
4789 Unit *u,
4790 uid_t *ref_uid,
4791 bool destroy_now,
4792 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4793
4794 assert(u);
4795 assert(ref_uid);
4796 assert(_manager_unref_uid);
4797
4798 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4799 * gid_t are actually the same time, with the same validity rules.
4800 *
4801 * Drops a reference to UID/GID from a unit. */
4802
4803 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4804 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4805
4806 if (!uid_is_valid(*ref_uid))
4807 return;
4808
4809 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4810 *ref_uid = UID_INVALID;
4811 }
4812
4813 void unit_unref_uid(Unit *u, bool destroy_now) {
4814 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4815 }
4816
4817 void unit_unref_gid(Unit *u, bool destroy_now) {
4818 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4819 }
4820
4821 static int unit_ref_uid_internal(
4822 Unit *u,
4823 uid_t *ref_uid,
4824 uid_t uid,
4825 bool clean_ipc,
4826 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4827
4828 int r;
4829
4830 assert(u);
4831 assert(ref_uid);
4832 assert(uid_is_valid(uid));
4833 assert(_manager_ref_uid);
4834
4835 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4836 * are actually the same type, and have the same validity rules.
4837 *
4838 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4839 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4840 * drops to zero. */
4841
4842 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4843 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4844
4845 if (*ref_uid == uid)
4846 return 0;
4847
4848 if (uid_is_valid(*ref_uid)) /* Already set? */
4849 return -EBUSY;
4850
4851 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4852 if (r < 0)
4853 return r;
4854
4855 *ref_uid = uid;
4856 return 1;
4857 }
4858
4859 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4860 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4861 }
4862
4863 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4864 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4865 }
4866
4867 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4868 int r = 0, q = 0;
4869
4870 assert(u);
4871
4872 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4873
4874 if (uid_is_valid(uid)) {
4875 r = unit_ref_uid(u, uid, clean_ipc);
4876 if (r < 0)
4877 return r;
4878 }
4879
4880 if (gid_is_valid(gid)) {
4881 q = unit_ref_gid(u, gid, clean_ipc);
4882 if (q < 0) {
4883 if (r > 0)
4884 unit_unref_uid(u, false);
4885
4886 return q;
4887 }
4888 }
4889
4890 return r > 0 || q > 0;
4891 }
4892
4893 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4894 ExecContext *c;
4895 int r;
4896
4897 assert(u);
4898
4899 c = unit_get_exec_context(u);
4900
4901 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4902 if (r < 0)
4903 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4904
4905 return r;
4906 }
4907
4908 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4909 assert(u);
4910
4911 unit_unref_uid(u, destroy_now);
4912 unit_unref_gid(u, destroy_now);
4913 }
4914
4915 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4916 int r;
4917
4918 assert(u);
4919
4920 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4921 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4922 * objects when no service references the UID/GID anymore. */
4923
4924 r = unit_ref_uid_gid(u, uid, gid);
4925 if (r > 0)
4926 bus_unit_send_change_signal(u);
4927 }
4928
4929 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4930 int r;
4931
4932 assert(u);
4933
4934 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4935
4936 if (sd_id128_equal(u->invocation_id, id))
4937 return 0;
4938
4939 if (!sd_id128_is_null(u->invocation_id))
4940 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4941
4942 if (sd_id128_is_null(id)) {
4943 r = 0;
4944 goto reset;
4945 }
4946
4947 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4948 if (r < 0)
4949 goto reset;
4950
4951 u->invocation_id = id;
4952 sd_id128_to_string(id, u->invocation_id_string);
4953
4954 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4955 if (r < 0)
4956 goto reset;
4957
4958 return 0;
4959
4960 reset:
4961 u->invocation_id = SD_ID128_NULL;
4962 u->invocation_id_string[0] = 0;
4963 return r;
4964 }
4965
4966 int unit_acquire_invocation_id(Unit *u) {
4967 sd_id128_t id;
4968 int r;
4969
4970 assert(u);
4971
4972 r = sd_id128_randomize(&id);
4973 if (r < 0)
4974 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4975
4976 r = unit_set_invocation_id(u, id);
4977 if (r < 0)
4978 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4979
4980 return 0;
4981 }
4982
4983 void unit_set_exec_params(Unit *u, ExecParameters *p) {
4984 assert(u);
4985 assert(p);
4986
4987 /* Copy parameters from manager */
4988 p->environment = u->manager->environment;
4989 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
4990 p->cgroup_supported = u->manager->cgroup_supported;
4991 p->prefix = u->manager->prefix;
4992 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
4993
4994 /* Copy paramaters from unit */
4995 p->cgroup_path = u->cgroup_path;
4996 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
4997 }
4998
4999 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5000 int r;
5001
5002 assert(u);
5003 assert(ret);
5004
5005 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5006 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5007
5008 (void) unit_realize_cgroup(u);
5009
5010 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5011 if (r != 0)
5012 return r;
5013
5014 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5015 (void) ignore_signals(SIGPIPE, -1);
5016
5017 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5018
5019 if (u->cgroup_path) {
5020 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5021 if (r < 0) {
5022 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5023 _exit(EXIT_CGROUP);
5024 }
5025 }
5026
5027 return 0;
5028 }
5029
5030 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5031 assert(u);
5032 assert(d >= 0);
5033 assert(d < _UNIT_DEPENDENCY_MAX);
5034 assert(other);
5035
5036 if (di.origin_mask == 0 && di.destination_mask == 0) {
5037 /* No bit set anymore, let's drop the whole entry */
5038 assert_se(hashmap_remove(u->dependencies[d], other));
5039 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5040 } else
5041 /* Mask was reduced, let's update the entry */
5042 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5043 }
5044
5045 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5046 UnitDependency d;
5047
5048 assert(u);
5049
5050 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5051
5052 if (mask == 0)
5053 return;
5054
5055 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5056 bool done;
5057
5058 do {
5059 UnitDependencyInfo di;
5060 Unit *other;
5061 Iterator i;
5062
5063 done = true;
5064
5065 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5066 UnitDependency q;
5067
5068 if ((di.origin_mask & ~mask) == di.origin_mask)
5069 continue;
5070 di.origin_mask &= ~mask;
5071 unit_update_dependency_mask(u, d, other, di);
5072
5073 /* We updated the dependency from our unit to the other unit now. But most dependencies
5074 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5075 * all dependency types on the other unit and delete all those which point to us and
5076 * have the right mask set. */
5077
5078 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5079 UnitDependencyInfo dj;
5080
5081 dj.data = hashmap_get(other->dependencies[q], u);
5082 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5083 continue;
5084 dj.destination_mask &= ~mask;
5085
5086 unit_update_dependency_mask(other, q, u, dj);
5087 }
5088
5089 unit_add_to_gc_queue(other);
5090
5091 done = false;
5092 break;
5093 }
5094
5095 } while (!done);
5096 }
5097 }
5098
5099 static int unit_export_invocation_id(Unit *u) {
5100 const char *p;
5101 int r;
5102
5103 assert(u);
5104
5105 if (u->exported_invocation_id)
5106 return 0;
5107
5108 if (sd_id128_is_null(u->invocation_id))
5109 return 0;
5110
5111 p = strjoina("/run/systemd/units/invocation:", u->id);
5112 r = symlink_atomic(u->invocation_id_string, p);
5113 if (r < 0)
5114 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5115
5116 u->exported_invocation_id = true;
5117 return 0;
5118 }
5119
5120 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5121 const char *p;
5122 char buf[2];
5123 int r;
5124
5125 assert(u);
5126 assert(c);
5127
5128 if (u->exported_log_level_max)
5129 return 0;
5130
5131 if (c->log_level_max < 0)
5132 return 0;
5133
5134 assert(c->log_level_max <= 7);
5135
5136 buf[0] = '0' + c->log_level_max;
5137 buf[1] = 0;
5138
5139 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5140 r = symlink_atomic(buf, p);
5141 if (r < 0)
5142 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5143
5144 u->exported_log_level_max = true;
5145 return 0;
5146 }
5147
5148 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5149 _cleanup_close_ int fd = -1;
5150 struct iovec *iovec;
5151 const char *p;
5152 char *pattern;
5153 le64_t *sizes;
5154 ssize_t n;
5155 size_t i;
5156 int r;
5157
5158 if (u->exported_log_extra_fields)
5159 return 0;
5160
5161 if (c->n_log_extra_fields <= 0)
5162 return 0;
5163
5164 sizes = newa(le64_t, c->n_log_extra_fields);
5165 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5166
5167 for (i = 0; i < c->n_log_extra_fields; i++) {
5168 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5169
5170 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5171 iovec[i*2+1] = c->log_extra_fields[i];
5172 }
5173
5174 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5175 pattern = strjoina(p, ".XXXXXX");
5176
5177 fd = mkostemp_safe(pattern);
5178 if (fd < 0)
5179 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5180
5181 n = writev(fd, iovec, c->n_log_extra_fields*2);
5182 if (n < 0) {
5183 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5184 goto fail;
5185 }
5186
5187 (void) fchmod(fd, 0644);
5188
5189 if (rename(pattern, p) < 0) {
5190 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5191 goto fail;
5192 }
5193
5194 u->exported_log_extra_fields = true;
5195 return 0;
5196
5197 fail:
5198 (void) unlink(pattern);
5199 return r;
5200 }
5201
5202 void unit_export_state_files(Unit *u) {
5203 const ExecContext *c;
5204
5205 assert(u);
5206
5207 if (!u->id)
5208 return;
5209
5210 if (!MANAGER_IS_SYSTEM(u->manager))
5211 return;
5212
5213 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5214 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5215 * the IPC system itself and PID 1 also log to the journal.
5216 *
5217 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5218 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5219 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5220 * namespace at least.
5221 *
5222 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5223 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5224 * them with one. */
5225
5226 (void) unit_export_invocation_id(u);
5227
5228 c = unit_get_exec_context(u);
5229 if (c) {
5230 (void) unit_export_log_level_max(u, c);
5231 (void) unit_export_log_extra_fields(u, c);
5232 }
5233 }
5234
5235 void unit_unlink_state_files(Unit *u) {
5236 const char *p;
5237
5238 assert(u);
5239
5240 if (!u->id)
5241 return;
5242
5243 if (!MANAGER_IS_SYSTEM(u->manager))
5244 return;
5245
5246 /* Undoes the effect of unit_export_state() */
5247
5248 if (u->exported_invocation_id) {
5249 p = strjoina("/run/systemd/units/invocation:", u->id);
5250 (void) unlink(p);
5251
5252 u->exported_invocation_id = false;
5253 }
5254
5255 if (u->exported_log_level_max) {
5256 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5257 (void) unlink(p);
5258
5259 u->exported_log_level_max = false;
5260 }
5261
5262 if (u->exported_log_extra_fields) {
5263 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5264 (void) unlink(p);
5265
5266 u->exported_log_extra_fields = false;
5267 }
5268 }
5269
5270 int unit_prepare_exec(Unit *u) {
5271 int r;
5272
5273 assert(u);
5274
5275 /* Prepares everything so that we can fork of a process for this unit */
5276
5277 (void) unit_realize_cgroup(u);
5278
5279 if (u->reset_accounting) {
5280 (void) unit_reset_cpu_accounting(u);
5281 (void) unit_reset_ip_accounting(u);
5282 u->reset_accounting = false;
5283 }
5284
5285 unit_export_state_files(u);
5286
5287 r = unit_setup_exec_runtime(u);
5288 if (r < 0)
5289 return r;
5290
5291 r = unit_setup_dynamic_creds(u);
5292 if (r < 0)
5293 return r;
5294
5295 return 0;
5296 }
5297
5298 static void log_leftover(pid_t pid, int sig, void *userdata) {
5299 _cleanup_free_ char *comm = NULL;
5300
5301 (void) get_process_comm(pid, &comm);
5302
5303 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5304 return;
5305
5306 log_unit_warning(userdata,
5307 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5308 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5309 pid, strna(comm));
5310 }
5311
5312 void unit_warn_leftover_processes(Unit *u) {
5313 assert(u);
5314
5315 (void) unit_pick_cgroup_path(u);
5316
5317 if (!u->cgroup_path)
5318 return;
5319
5320 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5321 }
5322
5323 bool unit_needs_console(Unit *u) {
5324 ExecContext *ec;
5325 UnitActiveState state;
5326
5327 assert(u);
5328
5329 state = unit_active_state(u);
5330
5331 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5332 return false;
5333
5334 if (UNIT_VTABLE(u)->needs_console)
5335 return UNIT_VTABLE(u)->needs_console(u);
5336
5337 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5338 ec = unit_get_exec_context(u);
5339 if (!ec)
5340 return false;
5341
5342 return exec_context_may_touch_console(ec);
5343 }
5344
5345 const char *unit_label_path(Unit *u) {
5346 const char *p;
5347
5348 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5349 * when validating access checks. */
5350
5351 p = u->source_path ?: u->fragment_path;
5352 if (!p)
5353 return NULL;
5354
5355 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5356 if (path_equal(p, "/dev/null"))
5357 return NULL;
5358
5359 return p;
5360 }
5361
5362 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5363 int r;
5364
5365 assert(u);
5366
5367 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5368 * and not a kernel thread either */
5369
5370 /* First, a simple range check */
5371 if (!pid_is_valid(pid))
5372 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5373
5374 /* Some extra safety check */
5375 if (pid == 1 || pid == getpid_cached())
5376 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5377
5378 /* Don't even begin to bother with kernel threads */
5379 r = is_kernel_thread(pid);
5380 if (r == -ESRCH)
5381 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5382 if (r < 0)
5383 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5384 if (r > 0)
5385 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5386
5387 return 0;
5388 }
5389
5390 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5391 [COLLECT_INACTIVE] = "inactive",
5392 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5393 };
5394
5395 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.