]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
fs-util: chase_symlinks(): support empty root
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <sys/prctl.h>
25 #include <sys/stat.h>
26 #include <unistd.h>
27
28 #include "sd-id128.h"
29 #include "sd-messages.h"
30
31 #include "alloc-util.h"
32 #include "bus-common-errors.h"
33 #include "bus-util.h"
34 #include "cgroup-util.h"
35 #include "dbus-unit.h"
36 #include "dbus.h"
37 #include "dropin.h"
38 #include "escape.h"
39 #include "execute.h"
40 #include "fd-util.h"
41 #include "fileio-label.h"
42 #include "format-util.h"
43 #include "fs-util.h"
44 #include "id128-util.h"
45 #include "io-util.h"
46 #include "load-dropin.h"
47 #include "load-fragment.h"
48 #include "log.h"
49 #include "macro.h"
50 #include "missing.h"
51 #include "mkdir.h"
52 #include "parse-util.h"
53 #include "path-util.h"
54 #include "process-util.h"
55 #include "set.h"
56 #include "signal-util.h"
57 #include "sparse-endian.h"
58 #include "special.h"
59 #include "specifier.h"
60 #include "stat-util.h"
61 #include "stdio-util.h"
62 #include "string-table.h"
63 #include "string-util.h"
64 #include "strv.h"
65 #include "umask-util.h"
66 #include "unit-name.h"
67 #include "unit.h"
68 #include "user-util.h"
69 #include "virt.h"
70
71 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
72 [UNIT_SERVICE] = &service_vtable,
73 [UNIT_SOCKET] = &socket_vtable,
74 [UNIT_TARGET] = &target_vtable,
75 [UNIT_DEVICE] = &device_vtable,
76 [UNIT_MOUNT] = &mount_vtable,
77 [UNIT_AUTOMOUNT] = &automount_vtable,
78 [UNIT_SWAP] = &swap_vtable,
79 [UNIT_TIMER] = &timer_vtable,
80 [UNIT_PATH] = &path_vtable,
81 [UNIT_SLICE] = &slice_vtable,
82 [UNIT_SCOPE] = &scope_vtable,
83 };
84
85 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
86
87 Unit *unit_new(Manager *m, size_t size) {
88 Unit *u;
89
90 assert(m);
91 assert(size >= sizeof(Unit));
92
93 u = malloc0(size);
94 if (!u)
95 return NULL;
96
97 u->names = set_new(&string_hash_ops);
98 if (!u->names)
99 return mfree(u);
100
101 u->manager = m;
102 u->type = _UNIT_TYPE_INVALID;
103 u->default_dependencies = true;
104 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
105 u->unit_file_preset = -1;
106 u->on_failure_job_mode = JOB_REPLACE;
107 u->cgroup_inotify_wd = -1;
108 u->job_timeout = USEC_INFINITY;
109 u->job_running_timeout = USEC_INFINITY;
110 u->ref_uid = UID_INVALID;
111 u->ref_gid = GID_INVALID;
112 u->cpu_usage_last = NSEC_INFINITY;
113 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
114
115 u->ip_accounting_ingress_map_fd = -1;
116 u->ip_accounting_egress_map_fd = -1;
117 u->ipv4_allow_map_fd = -1;
118 u->ipv6_allow_map_fd = -1;
119 u->ipv4_deny_map_fd = -1;
120 u->ipv6_deny_map_fd = -1;
121
122 u->last_section_private = -1;
123
124 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
125 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
126
127 return u;
128 }
129
130 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
131 Unit *u;
132 int r;
133
134 u = unit_new(m, size);
135 if (!u)
136 return -ENOMEM;
137
138 r = unit_add_name(u, name);
139 if (r < 0) {
140 unit_free(u);
141 return r;
142 }
143
144 *ret = u;
145 return r;
146 }
147
148 bool unit_has_name(Unit *u, const char *name) {
149 assert(u);
150 assert(name);
151
152 return set_contains(u->names, (char*) name);
153 }
154
155 static void unit_init(Unit *u) {
156 CGroupContext *cc;
157 ExecContext *ec;
158 KillContext *kc;
159
160 assert(u);
161 assert(u->manager);
162 assert(u->type >= 0);
163
164 cc = unit_get_cgroup_context(u);
165 if (cc) {
166 cgroup_context_init(cc);
167
168 /* Copy in the manager defaults into the cgroup
169 * context, _before_ the rest of the settings have
170 * been initialized */
171
172 cc->cpu_accounting = u->manager->default_cpu_accounting;
173 cc->io_accounting = u->manager->default_io_accounting;
174 cc->ip_accounting = u->manager->default_ip_accounting;
175 cc->blockio_accounting = u->manager->default_blockio_accounting;
176 cc->memory_accounting = u->manager->default_memory_accounting;
177 cc->tasks_accounting = u->manager->default_tasks_accounting;
178 cc->ip_accounting = u->manager->default_ip_accounting;
179
180 if (u->type != UNIT_SLICE)
181 cc->tasks_max = u->manager->default_tasks_max;
182 }
183
184 ec = unit_get_exec_context(u);
185 if (ec) {
186 exec_context_init(ec);
187
188 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
189 EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
190 }
191
192 kc = unit_get_kill_context(u);
193 if (kc)
194 kill_context_init(kc);
195
196 if (UNIT_VTABLE(u)->init)
197 UNIT_VTABLE(u)->init(u);
198 }
199
200 int unit_add_name(Unit *u, const char *text) {
201 _cleanup_free_ char *s = NULL, *i = NULL;
202 UnitType t;
203 int r;
204
205 assert(u);
206 assert(text);
207
208 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
209
210 if (!u->instance)
211 return -EINVAL;
212
213 r = unit_name_replace_instance(text, u->instance, &s);
214 if (r < 0)
215 return r;
216 } else {
217 s = strdup(text);
218 if (!s)
219 return -ENOMEM;
220 }
221
222 if (set_contains(u->names, s))
223 return 0;
224 if (hashmap_contains(u->manager->units, s))
225 return -EEXIST;
226
227 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
228 return -EINVAL;
229
230 t = unit_name_to_type(s);
231 if (t < 0)
232 return -EINVAL;
233
234 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
235 return -EINVAL;
236
237 r = unit_name_to_instance(s, &i);
238 if (r < 0)
239 return r;
240
241 if (i && !unit_type_may_template(t))
242 return -EINVAL;
243
244 /* Ensure that this unit is either instanced or not instanced,
245 * but not both. Note that we do allow names with different
246 * instance names however! */
247 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
248 return -EINVAL;
249
250 if (!unit_type_may_alias(t) && !set_isempty(u->names))
251 return -EEXIST;
252
253 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
254 return -E2BIG;
255
256 r = set_put(u->names, s);
257 if (r < 0)
258 return r;
259 assert(r > 0);
260
261 r = hashmap_put(u->manager->units, s, u);
262 if (r < 0) {
263 (void) set_remove(u->names, s);
264 return r;
265 }
266
267 if (u->type == _UNIT_TYPE_INVALID) {
268 u->type = t;
269 u->id = s;
270 u->instance = i;
271
272 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
273
274 unit_init(u);
275
276 i = NULL;
277 }
278
279 s = NULL;
280
281 unit_add_to_dbus_queue(u);
282 return 0;
283 }
284
285 int unit_choose_id(Unit *u, const char *name) {
286 _cleanup_free_ char *t = NULL;
287 char *s, *i;
288 int r;
289
290 assert(u);
291 assert(name);
292
293 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
294
295 if (!u->instance)
296 return -EINVAL;
297
298 r = unit_name_replace_instance(name, u->instance, &t);
299 if (r < 0)
300 return r;
301
302 name = t;
303 }
304
305 /* Selects one of the names of this unit as the id */
306 s = set_get(u->names, (char*) name);
307 if (!s)
308 return -ENOENT;
309
310 /* Determine the new instance from the new id */
311 r = unit_name_to_instance(s, &i);
312 if (r < 0)
313 return r;
314
315 u->id = s;
316
317 free(u->instance);
318 u->instance = i;
319
320 unit_add_to_dbus_queue(u);
321
322 return 0;
323 }
324
325 int unit_set_description(Unit *u, const char *description) {
326 int r;
327
328 assert(u);
329
330 r = free_and_strdup(&u->description, empty_to_null(description));
331 if (r < 0)
332 return r;
333 if (r > 0)
334 unit_add_to_dbus_queue(u);
335
336 return 0;
337 }
338
339 bool unit_check_gc(Unit *u) {
340 UnitActiveState state;
341 int r;
342
343 assert(u);
344
345 /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true, when the unit shall
346 * stay around, false if there's no reason to keep it loaded. */
347
348 if (u->job)
349 return true;
350
351 if (u->nop_job)
352 return true;
353
354 state = unit_active_state(u);
355
356 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
357 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
358 UNIT_VTABLE(u)->release_resources)
359 UNIT_VTABLE(u)->release_resources(u);
360
361 if (u->perpetual)
362 return true;
363
364 if (u->refs)
365 return true;
366
367 if (sd_bus_track_count(u->bus_track) > 0)
368 return true;
369
370 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
371 switch (u->collect_mode) {
372
373 case COLLECT_INACTIVE:
374 if (state != UNIT_INACTIVE)
375 return true;
376
377 break;
378
379 case COLLECT_INACTIVE_OR_FAILED:
380 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
381 return true;
382
383 break;
384
385 default:
386 assert_not_reached("Unknown garbage collection mode");
387 }
388
389 if (u->cgroup_path) {
390 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
391 * around. Units with active processes should never be collected. */
392
393 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
394 if (r < 0)
395 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
396 if (r <= 0)
397 return true;
398 }
399
400 if (UNIT_VTABLE(u)->check_gc)
401 if (UNIT_VTABLE(u)->check_gc(u))
402 return true;
403
404 return false;
405 }
406
407 void unit_add_to_load_queue(Unit *u) {
408 assert(u);
409 assert(u->type != _UNIT_TYPE_INVALID);
410
411 if (u->load_state != UNIT_STUB || u->in_load_queue)
412 return;
413
414 LIST_PREPEND(load_queue, u->manager->load_queue, u);
415 u->in_load_queue = true;
416 }
417
418 void unit_add_to_cleanup_queue(Unit *u) {
419 assert(u);
420
421 if (u->in_cleanup_queue)
422 return;
423
424 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
425 u->in_cleanup_queue = true;
426 }
427
428 void unit_add_to_gc_queue(Unit *u) {
429 assert(u);
430
431 if (u->in_gc_queue || u->in_cleanup_queue)
432 return;
433
434 if (unit_check_gc(u))
435 return;
436
437 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
438 u->in_gc_queue = true;
439 }
440
441 void unit_add_to_dbus_queue(Unit *u) {
442 assert(u);
443 assert(u->type != _UNIT_TYPE_INVALID);
444
445 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
446 return;
447
448 /* Shortcut things if nobody cares */
449 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
450 sd_bus_track_count(u->bus_track) <= 0 &&
451 set_isempty(u->manager->private_buses)) {
452 u->sent_dbus_new_signal = true;
453 return;
454 }
455
456 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
457 u->in_dbus_queue = true;
458 }
459
460 static void bidi_set_free(Unit *u, Hashmap *h) {
461 Unit *other;
462 Iterator i;
463 void *v;
464
465 assert(u);
466
467 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
468
469 HASHMAP_FOREACH_KEY(v, other, h, i) {
470 UnitDependency d;
471
472 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
473 hashmap_remove(other->dependencies[d], u);
474
475 unit_add_to_gc_queue(other);
476 }
477
478 hashmap_free(h);
479 }
480
481 static void unit_remove_transient(Unit *u) {
482 char **i;
483
484 assert(u);
485
486 if (!u->transient)
487 return;
488
489 if (u->fragment_path)
490 (void) unlink(u->fragment_path);
491
492 STRV_FOREACH(i, u->dropin_paths) {
493 _cleanup_free_ char *p = NULL, *pp = NULL;
494
495 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
496 if (!p)
497 continue;
498
499 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
500 if (!pp)
501 continue;
502
503 /* Only drop transient drop-ins */
504 if (!path_equal(u->manager->lookup_paths.transient, pp))
505 continue;
506
507 (void) unlink(*i);
508 (void) rmdir(p);
509 }
510 }
511
512 static void unit_free_requires_mounts_for(Unit *u) {
513 assert(u);
514
515 for (;;) {
516 _cleanup_free_ char *path;
517
518 path = hashmap_steal_first_key(u->requires_mounts_for);
519 if (!path)
520 break;
521 else {
522 char s[strlen(path) + 1];
523
524 PATH_FOREACH_PREFIX_MORE(s, path) {
525 char *y;
526 Set *x;
527
528 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
529 if (!x)
530 continue;
531
532 (void) set_remove(x, u);
533
534 if (set_isempty(x)) {
535 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
536 free(y);
537 set_free(x);
538 }
539 }
540 }
541 }
542
543 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
544 }
545
546 static void unit_done(Unit *u) {
547 ExecContext *ec;
548 CGroupContext *cc;
549
550 assert(u);
551
552 if (u->type < 0)
553 return;
554
555 if (UNIT_VTABLE(u)->done)
556 UNIT_VTABLE(u)->done(u);
557
558 ec = unit_get_exec_context(u);
559 if (ec)
560 exec_context_done(ec);
561
562 cc = unit_get_cgroup_context(u);
563 if (cc)
564 cgroup_context_done(cc);
565 }
566
567 void unit_free(Unit *u) {
568 UnitDependency d;
569 Iterator i;
570 char *t;
571
572 if (!u)
573 return;
574
575 u->transient_file = safe_fclose(u->transient_file);
576
577 if (!MANAGER_IS_RELOADING(u->manager))
578 unit_remove_transient(u);
579
580 bus_unit_send_removed_signal(u);
581
582 unit_done(u);
583
584 sd_bus_slot_unref(u->match_bus_slot);
585
586 sd_bus_track_unref(u->bus_track);
587 u->deserialized_refs = strv_free(u->deserialized_refs);
588
589 unit_free_requires_mounts_for(u);
590
591 SET_FOREACH(t, u->names, i)
592 hashmap_remove_value(u->manager->units, t, u);
593
594 if (!sd_id128_is_null(u->invocation_id))
595 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
596
597 if (u->job) {
598 Job *j = u->job;
599 job_uninstall(j);
600 job_free(j);
601 }
602
603 if (u->nop_job) {
604 Job *j = u->nop_job;
605 job_uninstall(j);
606 job_free(j);
607 }
608
609 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
610 bidi_set_free(u, u->dependencies[d]);
611
612 if (u->type != _UNIT_TYPE_INVALID)
613 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
614
615 if (u->in_load_queue)
616 LIST_REMOVE(load_queue, u->manager->load_queue, u);
617
618 if (u->in_dbus_queue)
619 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
620
621 if (u->in_cleanup_queue)
622 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
623
624 if (u->in_gc_queue)
625 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
626
627 if (u->in_cgroup_realize_queue)
628 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
629
630 if (u->in_cgroup_empty_queue)
631 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
632
633 unit_release_cgroup(u);
634
635 if (!MANAGER_IS_RELOADING(u->manager))
636 unit_unlink_state_files(u);
637
638 unit_unref_uid_gid(u, false);
639
640 (void) manager_update_failed_units(u->manager, u, false);
641 set_remove(u->manager->startup_units, u);
642
643 free(u->description);
644 strv_free(u->documentation);
645 free(u->fragment_path);
646 free(u->source_path);
647 strv_free(u->dropin_paths);
648 free(u->instance);
649
650 free(u->job_timeout_reboot_arg);
651
652 set_free_free(u->names);
653
654 unit_unwatch_all_pids(u);
655
656 condition_free_list(u->conditions);
657 condition_free_list(u->asserts);
658
659 free(u->reboot_arg);
660
661 unit_ref_unset(&u->slice);
662
663 while (u->refs)
664 unit_ref_unset(u->refs);
665
666 safe_close(u->ip_accounting_ingress_map_fd);
667 safe_close(u->ip_accounting_egress_map_fd);
668
669 safe_close(u->ipv4_allow_map_fd);
670 safe_close(u->ipv6_allow_map_fd);
671 safe_close(u->ipv4_deny_map_fd);
672 safe_close(u->ipv6_deny_map_fd);
673
674 bpf_program_unref(u->ip_bpf_ingress);
675 bpf_program_unref(u->ip_bpf_egress);
676
677 free(u);
678 }
679
680 UnitActiveState unit_active_state(Unit *u) {
681 assert(u);
682
683 if (u->load_state == UNIT_MERGED)
684 return unit_active_state(unit_follow_merge(u));
685
686 /* After a reload it might happen that a unit is not correctly
687 * loaded but still has a process around. That's why we won't
688 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
689
690 return UNIT_VTABLE(u)->active_state(u);
691 }
692
693 const char* unit_sub_state_to_string(Unit *u) {
694 assert(u);
695
696 return UNIT_VTABLE(u)->sub_state_to_string(u);
697 }
698
699 static int set_complete_move(Set **s, Set **other) {
700 assert(s);
701 assert(other);
702
703 if (!other)
704 return 0;
705
706 if (*s)
707 return set_move(*s, *other);
708 else {
709 *s = *other;
710 *other = NULL;
711 }
712
713 return 0;
714 }
715
716 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
717 assert(s);
718 assert(other);
719
720 if (!*other)
721 return 0;
722
723 if (*s)
724 return hashmap_move(*s, *other);
725 else {
726 *s = *other;
727 *other = NULL;
728 }
729
730 return 0;
731 }
732
733 static int merge_names(Unit *u, Unit *other) {
734 char *t;
735 Iterator i;
736 int r;
737
738 assert(u);
739 assert(other);
740
741 r = set_complete_move(&u->names, &other->names);
742 if (r < 0)
743 return r;
744
745 set_free_free(other->names);
746 other->names = NULL;
747 other->id = NULL;
748
749 SET_FOREACH(t, u->names, i)
750 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
751
752 return 0;
753 }
754
755 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
756 unsigned n_reserve;
757
758 assert(u);
759 assert(other);
760 assert(d < _UNIT_DEPENDENCY_MAX);
761
762 /*
763 * If u does not have this dependency set allocated, there is no need
764 * to reserve anything. In that case other's set will be transferred
765 * as a whole to u by complete_move().
766 */
767 if (!u->dependencies[d])
768 return 0;
769
770 /* merge_dependencies() will skip a u-on-u dependency */
771 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
772
773 return hashmap_reserve(u->dependencies[d], n_reserve);
774 }
775
776 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
777 Iterator i;
778 Unit *back;
779 void *v;
780 int r;
781
782 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
783
784 assert(u);
785 assert(other);
786 assert(d < _UNIT_DEPENDENCY_MAX);
787
788 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
789 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
790 UnitDependency k;
791
792 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
793 * pointers back, and let's fix them up, to instead point to 'u'. */
794
795 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
796 if (back == u) {
797 /* Do not add dependencies between u and itself. */
798 if (hashmap_remove(back->dependencies[k], other))
799 maybe_warn_about_dependency(u, other_id, k);
800 } else {
801 UnitDependencyInfo di_u, di_other, di_merged;
802
803 /* Let's drop this dependency between "back" and "other", and let's create it between
804 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
805 * and any such dependency which might already exist */
806
807 di_other.data = hashmap_get(back->dependencies[k], other);
808 if (!di_other.data)
809 continue; /* dependency isn't set, let's try the next one */
810
811 di_u.data = hashmap_get(back->dependencies[k], u);
812
813 di_merged = (UnitDependencyInfo) {
814 .origin_mask = di_u.origin_mask | di_other.origin_mask,
815 .destination_mask = di_u.destination_mask | di_other.destination_mask,
816 };
817
818 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
819 if (r < 0)
820 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
821 assert(r >= 0);
822
823 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
824 }
825 }
826
827 }
828
829 /* Also do not move dependencies on u to itself */
830 back = hashmap_remove(other->dependencies[d], u);
831 if (back)
832 maybe_warn_about_dependency(u, other_id, d);
833
834 /* The move cannot fail. The caller must have performed a reservation. */
835 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
836
837 other->dependencies[d] = hashmap_free(other->dependencies[d]);
838 }
839
840 int unit_merge(Unit *u, Unit *other) {
841 UnitDependency d;
842 const char *other_id = NULL;
843 int r;
844
845 assert(u);
846 assert(other);
847 assert(u->manager == other->manager);
848 assert(u->type != _UNIT_TYPE_INVALID);
849
850 other = unit_follow_merge(other);
851
852 if (other == u)
853 return 0;
854
855 if (u->type != other->type)
856 return -EINVAL;
857
858 if (!u->instance != !other->instance)
859 return -EINVAL;
860
861 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
862 return -EEXIST;
863
864 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
865 return -EEXIST;
866
867 if (other->job)
868 return -EEXIST;
869
870 if (other->nop_job)
871 return -EEXIST;
872
873 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
874 return -EEXIST;
875
876 if (other->id)
877 other_id = strdupa(other->id);
878
879 /* Make reservations to ensure merge_dependencies() won't fail */
880 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
881 r = reserve_dependencies(u, other, d);
882 /*
883 * We don't rollback reservations if we fail. We don't have
884 * a way to undo reservations. A reservation is not a leak.
885 */
886 if (r < 0)
887 return r;
888 }
889
890 /* Merge names */
891 r = merge_names(u, other);
892 if (r < 0)
893 return r;
894
895 /* Redirect all references */
896 while (other->refs)
897 unit_ref_set(other->refs, u);
898
899 /* Merge dependencies */
900 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
901 merge_dependencies(u, other, other_id, d);
902
903 other->load_state = UNIT_MERGED;
904 other->merged_into = u;
905
906 /* If there is still some data attached to the other node, we
907 * don't need it anymore, and can free it. */
908 if (other->load_state != UNIT_STUB)
909 if (UNIT_VTABLE(other)->done)
910 UNIT_VTABLE(other)->done(other);
911
912 unit_add_to_dbus_queue(u);
913 unit_add_to_cleanup_queue(other);
914
915 return 0;
916 }
917
918 int unit_merge_by_name(Unit *u, const char *name) {
919 _cleanup_free_ char *s = NULL;
920 Unit *other;
921 int r;
922
923 assert(u);
924 assert(name);
925
926 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
927 if (!u->instance)
928 return -EINVAL;
929
930 r = unit_name_replace_instance(name, u->instance, &s);
931 if (r < 0)
932 return r;
933
934 name = s;
935 }
936
937 other = manager_get_unit(u->manager, name);
938 if (other)
939 return unit_merge(u, other);
940
941 return unit_add_name(u, name);
942 }
943
944 Unit* unit_follow_merge(Unit *u) {
945 assert(u);
946
947 while (u->load_state == UNIT_MERGED)
948 assert_se(u = u->merged_into);
949
950 return u;
951 }
952
953 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
954 ExecDirectoryType dt;
955 char **dp;
956 int r;
957
958 assert(u);
959 assert(c);
960
961 if (c->working_directory) {
962 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
963 if (r < 0)
964 return r;
965 }
966
967 if (c->root_directory) {
968 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
969 if (r < 0)
970 return r;
971 }
972
973 if (c->root_image) {
974 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
975 if (r < 0)
976 return r;
977 }
978
979 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
980 if (!u->manager->prefix[dt])
981 continue;
982
983 STRV_FOREACH(dp, c->directories[dt].paths) {
984 _cleanup_free_ char *p;
985
986 p = strjoin(u->manager->prefix[dt], "/", *dp);
987 if (!p)
988 return -ENOMEM;
989
990 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
991 if (r < 0)
992 return r;
993 }
994 }
995
996 if (!MANAGER_IS_SYSTEM(u->manager))
997 return 0;
998
999 if (c->private_tmp) {
1000 const char *p;
1001
1002 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1003 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1004 if (r < 0)
1005 return r;
1006 }
1007
1008 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
1009 if (r < 0)
1010 return r;
1011 }
1012
1013 if (!IN_SET(c->std_output,
1014 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1015 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1016 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1017 !IN_SET(c->std_error,
1018 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1019 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1020 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1021 return 0;
1022
1023 /* If syslog or kernel logging is requested, make sure our own
1024 * logging daemon is run first. */
1025
1026 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1027 if (r < 0)
1028 return r;
1029
1030 return 0;
1031 }
1032
1033 const char *unit_description(Unit *u) {
1034 assert(u);
1035
1036 if (u->description)
1037 return u->description;
1038
1039 return strna(u->id);
1040 }
1041
1042 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1043 const struct {
1044 UnitDependencyMask mask;
1045 const char *name;
1046 } table[] = {
1047 { UNIT_DEPENDENCY_FILE, "file" },
1048 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1049 { UNIT_DEPENDENCY_DEFAULT, "default" },
1050 { UNIT_DEPENDENCY_UDEV, "udev" },
1051 { UNIT_DEPENDENCY_PATH, "path" },
1052 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1053 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1054 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1055 };
1056 size_t i;
1057
1058 assert(f);
1059 assert(kind);
1060 assert(space);
1061
1062 for (i = 0; i < ELEMENTSOF(table); i++) {
1063
1064 if (mask == 0)
1065 break;
1066
1067 if ((mask & table[i].mask) == table[i].mask) {
1068 if (*space)
1069 fputc(' ', f);
1070 else
1071 *space = true;
1072
1073 fputs(kind, f);
1074 fputs("-", f);
1075 fputs(table[i].name, f);
1076
1077 mask &= ~table[i].mask;
1078 }
1079 }
1080
1081 assert(mask == 0);
1082 }
1083
1084 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1085 char *t, **j;
1086 UnitDependency d;
1087 Iterator i;
1088 const char *prefix2;
1089 char
1090 timestamp0[FORMAT_TIMESTAMP_MAX],
1091 timestamp1[FORMAT_TIMESTAMP_MAX],
1092 timestamp2[FORMAT_TIMESTAMP_MAX],
1093 timestamp3[FORMAT_TIMESTAMP_MAX],
1094 timestamp4[FORMAT_TIMESTAMP_MAX],
1095 timespan[FORMAT_TIMESPAN_MAX];
1096 Unit *following;
1097 _cleanup_set_free_ Set *following_set = NULL;
1098 const char *n;
1099 CGroupMask m;
1100 int r;
1101
1102 assert(u);
1103 assert(u->type >= 0);
1104
1105 prefix = strempty(prefix);
1106 prefix2 = strjoina(prefix, "\t");
1107
1108 fprintf(f,
1109 "%s-> Unit %s:\n"
1110 "%s\tDescription: %s\n"
1111 "%s\tInstance: %s\n"
1112 "%s\tUnit Load State: %s\n"
1113 "%s\tUnit Active State: %s\n"
1114 "%s\tState Change Timestamp: %s\n"
1115 "%s\tInactive Exit Timestamp: %s\n"
1116 "%s\tActive Enter Timestamp: %s\n"
1117 "%s\tActive Exit Timestamp: %s\n"
1118 "%s\tInactive Enter Timestamp: %s\n"
1119 "%s\tGC Check Good: %s\n"
1120 "%s\tNeed Daemon Reload: %s\n"
1121 "%s\tTransient: %s\n"
1122 "%s\tPerpetual: %s\n"
1123 "%s\tGarbage Collection Mode: %s\n"
1124 "%s\tSlice: %s\n"
1125 "%s\tCGroup: %s\n"
1126 "%s\tCGroup realized: %s\n",
1127 prefix, u->id,
1128 prefix, unit_description(u),
1129 prefix, strna(u->instance),
1130 prefix, unit_load_state_to_string(u->load_state),
1131 prefix, unit_active_state_to_string(unit_active_state(u)),
1132 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1133 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1134 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1135 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1136 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1137 prefix, yes_no(unit_check_gc(u)),
1138 prefix, yes_no(unit_need_daemon_reload(u)),
1139 prefix, yes_no(u->transient),
1140 prefix, yes_no(u->perpetual),
1141 prefix, collect_mode_to_string(u->collect_mode),
1142 prefix, strna(unit_slice_name(u)),
1143 prefix, strna(u->cgroup_path),
1144 prefix, yes_no(u->cgroup_realized));
1145
1146 if (u->cgroup_realized_mask != 0) {
1147 _cleanup_free_ char *s = NULL;
1148 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1149 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1150 }
1151 if (u->cgroup_enabled_mask != 0) {
1152 _cleanup_free_ char *s = NULL;
1153 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1154 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1155 }
1156 m = unit_get_own_mask(u);
1157 if (m != 0) {
1158 _cleanup_free_ char *s = NULL;
1159 (void) cg_mask_to_string(m, &s);
1160 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1161 }
1162 m = unit_get_members_mask(u);
1163 if (m != 0) {
1164 _cleanup_free_ char *s = NULL;
1165 (void) cg_mask_to_string(m, &s);
1166 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1167 }
1168
1169 SET_FOREACH(t, u->names, i)
1170 fprintf(f, "%s\tName: %s\n", prefix, t);
1171
1172 if (!sd_id128_is_null(u->invocation_id))
1173 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1174 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1175
1176 STRV_FOREACH(j, u->documentation)
1177 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1178
1179 following = unit_following(u);
1180 if (following)
1181 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1182
1183 r = unit_following_set(u, &following_set);
1184 if (r >= 0) {
1185 Unit *other;
1186
1187 SET_FOREACH(other, following_set, i)
1188 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1189 }
1190
1191 if (u->fragment_path)
1192 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1193
1194 if (u->source_path)
1195 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1196
1197 STRV_FOREACH(j, u->dropin_paths)
1198 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1199
1200 if (u->failure_action != EMERGENCY_ACTION_NONE)
1201 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1202 if (u->success_action != EMERGENCY_ACTION_NONE)
1203 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1204
1205 if (u->job_timeout != USEC_INFINITY)
1206 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1207
1208 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1209 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1210
1211 if (u->job_timeout_reboot_arg)
1212 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1213
1214 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1215 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1216
1217 if (dual_timestamp_is_set(&u->condition_timestamp))
1218 fprintf(f,
1219 "%s\tCondition Timestamp: %s\n"
1220 "%s\tCondition Result: %s\n",
1221 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1222 prefix, yes_no(u->condition_result));
1223
1224 if (dual_timestamp_is_set(&u->assert_timestamp))
1225 fprintf(f,
1226 "%s\tAssert Timestamp: %s\n"
1227 "%s\tAssert Result: %s\n",
1228 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1229 prefix, yes_no(u->assert_result));
1230
1231 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1232 UnitDependencyInfo di;
1233 Unit *other;
1234
1235 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1236 bool space = false;
1237
1238 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1239
1240 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1241 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1242
1243 fputs(")\n", f);
1244 }
1245 }
1246
1247 if (!hashmap_isempty(u->requires_mounts_for)) {
1248 UnitDependencyInfo di;
1249 const char *path;
1250
1251 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1252 bool space = false;
1253
1254 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1255
1256 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1257 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1258
1259 fputs(")\n", f);
1260 }
1261 }
1262
1263 if (u->load_state == UNIT_LOADED) {
1264
1265 fprintf(f,
1266 "%s\tStopWhenUnneeded: %s\n"
1267 "%s\tRefuseManualStart: %s\n"
1268 "%s\tRefuseManualStop: %s\n"
1269 "%s\tDefaultDependencies: %s\n"
1270 "%s\tOnFailureJobMode: %s\n"
1271 "%s\tIgnoreOnIsolate: %s\n",
1272 prefix, yes_no(u->stop_when_unneeded),
1273 prefix, yes_no(u->refuse_manual_start),
1274 prefix, yes_no(u->refuse_manual_stop),
1275 prefix, yes_no(u->default_dependencies),
1276 prefix, job_mode_to_string(u->on_failure_job_mode),
1277 prefix, yes_no(u->ignore_on_isolate));
1278
1279 if (UNIT_VTABLE(u)->dump)
1280 UNIT_VTABLE(u)->dump(u, f, prefix2);
1281
1282 } else if (u->load_state == UNIT_MERGED)
1283 fprintf(f,
1284 "%s\tMerged into: %s\n",
1285 prefix, u->merged_into->id);
1286 else if (u->load_state == UNIT_ERROR)
1287 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1288
1289 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1290 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1291
1292 if (u->job)
1293 job_dump(u->job, f, prefix2);
1294
1295 if (u->nop_job)
1296 job_dump(u->nop_job, f, prefix2);
1297 }
1298
1299 /* Common implementation for multiple backends */
1300 int unit_load_fragment_and_dropin(Unit *u) {
1301 int r;
1302
1303 assert(u);
1304
1305 /* Load a .{service,socket,...} file */
1306 r = unit_load_fragment(u);
1307 if (r < 0)
1308 return r;
1309
1310 if (u->load_state == UNIT_STUB)
1311 return -ENOENT;
1312
1313 /* Load drop-in directory data. If u is an alias, we might be reloading the
1314 * target unit needlessly. But we cannot be sure which drops-ins have already
1315 * been loaded and which not, at least without doing complicated book-keeping,
1316 * so let's always reread all drop-ins. */
1317 return unit_load_dropin(unit_follow_merge(u));
1318 }
1319
1320 /* Common implementation for multiple backends */
1321 int unit_load_fragment_and_dropin_optional(Unit *u) {
1322 int r;
1323
1324 assert(u);
1325
1326 /* Same as unit_load_fragment_and_dropin(), but whether
1327 * something can be loaded or not doesn't matter. */
1328
1329 /* Load a .service file */
1330 r = unit_load_fragment(u);
1331 if (r < 0)
1332 return r;
1333
1334 if (u->load_state == UNIT_STUB)
1335 u->load_state = UNIT_LOADED;
1336
1337 /* Load drop-in directory data */
1338 return unit_load_dropin(unit_follow_merge(u));
1339 }
1340
1341 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1342 assert(u);
1343 assert(target);
1344
1345 if (target->type != UNIT_TARGET)
1346 return 0;
1347
1348 /* Only add the dependency if both units are loaded, so that
1349 * that loop check below is reliable */
1350 if (u->load_state != UNIT_LOADED ||
1351 target->load_state != UNIT_LOADED)
1352 return 0;
1353
1354 /* If either side wants no automatic dependencies, then let's
1355 * skip this */
1356 if (!u->default_dependencies ||
1357 !target->default_dependencies)
1358 return 0;
1359
1360 /* Don't create loops */
1361 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1362 return 0;
1363
1364 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1365 }
1366
1367 static int unit_add_target_dependencies(Unit *u) {
1368
1369 static const UnitDependency deps[] = {
1370 UNIT_REQUIRED_BY,
1371 UNIT_REQUISITE_OF,
1372 UNIT_WANTED_BY,
1373 UNIT_BOUND_BY
1374 };
1375
1376 unsigned k;
1377 int r = 0;
1378
1379 assert(u);
1380
1381 for (k = 0; k < ELEMENTSOF(deps); k++) {
1382 Unit *target;
1383 Iterator i;
1384 void *v;
1385
1386 HASHMAP_FOREACH_KEY(v, target, u->dependencies[deps[k]], i) {
1387 r = unit_add_default_target_dependency(u, target);
1388 if (r < 0)
1389 return r;
1390 }
1391 }
1392
1393 return r;
1394 }
1395
1396 static int unit_add_slice_dependencies(Unit *u) {
1397 UnitDependencyMask mask;
1398 assert(u);
1399
1400 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1401 return 0;
1402
1403 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1404 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1405 relationship). */
1406 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1407
1408 if (UNIT_ISSET(u->slice))
1409 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1410
1411 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1412 return 0;
1413
1414 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1415 }
1416
1417 static int unit_add_mount_dependencies(Unit *u) {
1418 UnitDependencyInfo di;
1419 const char *path;
1420 Iterator i;
1421 int r;
1422
1423 assert(u);
1424
1425 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1426 char prefix[strlen(path) + 1];
1427
1428 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1429 _cleanup_free_ char *p = NULL;
1430 Unit *m;
1431
1432 r = unit_name_from_path(prefix, ".mount", &p);
1433 if (r < 0)
1434 return r;
1435
1436 m = manager_get_unit(u->manager, p);
1437 if (!m) {
1438 /* Make sure to load the mount unit if
1439 * it exists. If so the dependencies
1440 * on this unit will be added later
1441 * during the loading of the mount
1442 * unit. */
1443 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1444 continue;
1445 }
1446 if (m == u)
1447 continue;
1448
1449 if (m->load_state != UNIT_LOADED)
1450 continue;
1451
1452 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1453 if (r < 0)
1454 return r;
1455
1456 if (m->fragment_path) {
1457 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1458 if (r < 0)
1459 return r;
1460 }
1461 }
1462 }
1463
1464 return 0;
1465 }
1466
1467 static int unit_add_startup_units(Unit *u) {
1468 CGroupContext *c;
1469 int r;
1470
1471 c = unit_get_cgroup_context(u);
1472 if (!c)
1473 return 0;
1474
1475 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1476 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1477 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1478 return 0;
1479
1480 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1481 if (r < 0)
1482 return r;
1483
1484 return set_put(u->manager->startup_units, u);
1485 }
1486
1487 int unit_load(Unit *u) {
1488 int r;
1489
1490 assert(u);
1491
1492 if (u->in_load_queue) {
1493 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1494 u->in_load_queue = false;
1495 }
1496
1497 if (u->type == _UNIT_TYPE_INVALID)
1498 return -EINVAL;
1499
1500 if (u->load_state != UNIT_STUB)
1501 return 0;
1502
1503 if (u->transient_file) {
1504 r = fflush_and_check(u->transient_file);
1505 if (r < 0)
1506 goto fail;
1507
1508 u->transient_file = safe_fclose(u->transient_file);
1509 u->fragment_mtime = now(CLOCK_REALTIME);
1510 }
1511
1512 if (UNIT_VTABLE(u)->load) {
1513 r = UNIT_VTABLE(u)->load(u);
1514 if (r < 0)
1515 goto fail;
1516 }
1517
1518 if (u->load_state == UNIT_STUB) {
1519 r = -ENOENT;
1520 goto fail;
1521 }
1522
1523 if (u->load_state == UNIT_LOADED) {
1524
1525 r = unit_add_target_dependencies(u);
1526 if (r < 0)
1527 goto fail;
1528
1529 r = unit_add_slice_dependencies(u);
1530 if (r < 0)
1531 goto fail;
1532
1533 r = unit_add_mount_dependencies(u);
1534 if (r < 0)
1535 goto fail;
1536
1537 r = unit_add_startup_units(u);
1538 if (r < 0)
1539 goto fail;
1540
1541 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1542 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1543 r = -EINVAL;
1544 goto fail;
1545 }
1546
1547 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1548 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1549
1550 unit_update_cgroup_members_masks(u);
1551 }
1552
1553 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1554
1555 unit_add_to_dbus_queue(unit_follow_merge(u));
1556 unit_add_to_gc_queue(u);
1557
1558 return 0;
1559
1560 fail:
1561 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1562 u->load_error = r;
1563 unit_add_to_dbus_queue(u);
1564 unit_add_to_gc_queue(u);
1565
1566 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1567
1568 return r;
1569 }
1570
1571 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1572 Condition *c;
1573 int triggered = -1;
1574
1575 assert(u);
1576 assert(to_string);
1577
1578 /* If the condition list is empty, then it is true */
1579 if (!first)
1580 return true;
1581
1582 /* Otherwise, if all of the non-trigger conditions apply and
1583 * if any of the trigger conditions apply (unless there are
1584 * none) we return true */
1585 LIST_FOREACH(conditions, c, first) {
1586 int r;
1587
1588 r = condition_test(c);
1589 if (r < 0)
1590 log_unit_warning(u,
1591 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1592 to_string(c->type),
1593 c->trigger ? "|" : "",
1594 c->negate ? "!" : "",
1595 c->parameter);
1596 else
1597 log_unit_debug(u,
1598 "%s=%s%s%s %s.",
1599 to_string(c->type),
1600 c->trigger ? "|" : "",
1601 c->negate ? "!" : "",
1602 c->parameter,
1603 condition_result_to_string(c->result));
1604
1605 if (!c->trigger && r <= 0)
1606 return false;
1607
1608 if (c->trigger && triggered <= 0)
1609 triggered = r > 0;
1610 }
1611
1612 return triggered != 0;
1613 }
1614
1615 static bool unit_condition_test(Unit *u) {
1616 assert(u);
1617
1618 dual_timestamp_get(&u->condition_timestamp);
1619 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1620
1621 return u->condition_result;
1622 }
1623
1624 static bool unit_assert_test(Unit *u) {
1625 assert(u);
1626
1627 dual_timestamp_get(&u->assert_timestamp);
1628 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1629
1630 return u->assert_result;
1631 }
1632
1633 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1634 DISABLE_WARNING_FORMAT_NONLITERAL;
1635 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1636 REENABLE_WARNING;
1637 }
1638
1639 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1640 const char *format;
1641 const UnitStatusMessageFormats *format_table;
1642
1643 assert(u);
1644 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1645
1646 if (t != JOB_RELOAD) {
1647 format_table = &UNIT_VTABLE(u)->status_message_formats;
1648 if (format_table) {
1649 format = format_table->starting_stopping[t == JOB_STOP];
1650 if (format)
1651 return format;
1652 }
1653 }
1654
1655 /* Return generic strings */
1656 if (t == JOB_START)
1657 return "Starting %s.";
1658 else if (t == JOB_STOP)
1659 return "Stopping %s.";
1660 else
1661 return "Reloading %s.";
1662 }
1663
1664 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1665 const char *format;
1666
1667 assert(u);
1668
1669 /* Reload status messages have traditionally not been printed to console. */
1670 if (!IN_SET(t, JOB_START, JOB_STOP))
1671 return;
1672
1673 format = unit_get_status_message_format(u, t);
1674
1675 DISABLE_WARNING_FORMAT_NONLITERAL;
1676 unit_status_printf(u, "", format);
1677 REENABLE_WARNING;
1678 }
1679
1680 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1681 const char *format, *mid;
1682 char buf[LINE_MAX];
1683
1684 assert(u);
1685
1686 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1687 return;
1688
1689 if (log_on_console())
1690 return;
1691
1692 /* We log status messages for all units and all operations. */
1693
1694 format = unit_get_status_message_format(u, t);
1695
1696 DISABLE_WARNING_FORMAT_NONLITERAL;
1697 xsprintf(buf, format, unit_description(u));
1698 REENABLE_WARNING;
1699
1700 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1701 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1702 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1703
1704 /* Note that we deliberately use LOG_MESSAGE() instead of
1705 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1706 * closely what is written to screen using the status output,
1707 * which is supposed the highest level, friendliest output
1708 * possible, which means we should avoid the low-level unit
1709 * name. */
1710 log_struct(LOG_INFO,
1711 LOG_MESSAGE("%s", buf),
1712 LOG_UNIT_ID(u),
1713 LOG_UNIT_INVOCATION_ID(u),
1714 mid,
1715 NULL);
1716 }
1717
1718 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1719 assert(u);
1720 assert(t >= 0);
1721 assert(t < _JOB_TYPE_MAX);
1722
1723 unit_status_log_starting_stopping_reloading(u, t);
1724 unit_status_print_starting_stopping(u, t);
1725 }
1726
1727 int unit_start_limit_test(Unit *u) {
1728 assert(u);
1729
1730 if (ratelimit_test(&u->start_limit)) {
1731 u->start_limit_hit = false;
1732 return 0;
1733 }
1734
1735 log_unit_warning(u, "Start request repeated too quickly.");
1736 u->start_limit_hit = true;
1737
1738 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1739 }
1740
1741 bool unit_shall_confirm_spawn(Unit *u) {
1742 assert(u);
1743
1744 if (manager_is_confirm_spawn_disabled(u->manager))
1745 return false;
1746
1747 /* For some reasons units remaining in the same process group
1748 * as PID 1 fail to acquire the console even if it's not used
1749 * by any process. So skip the confirmation question for them. */
1750 return !unit_get_exec_context(u)->same_pgrp;
1751 }
1752
1753 static bool unit_verify_deps(Unit *u) {
1754 Unit *other;
1755 Iterator j;
1756 void *v;
1757
1758 assert(u);
1759
1760 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1761 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1762 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1763 * conjunction with After= as for them any such check would make things entirely racy. */
1764
1765 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1766
1767 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1768 continue;
1769
1770 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1771 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1772 return false;
1773 }
1774 }
1775
1776 return true;
1777 }
1778
1779 /* Errors:
1780 * -EBADR: This unit type does not support starting.
1781 * -EALREADY: Unit is already started.
1782 * -EAGAIN: An operation is already in progress. Retry later.
1783 * -ECANCELED: Too many requests for now.
1784 * -EPROTO: Assert failed
1785 * -EINVAL: Unit not loaded
1786 * -EOPNOTSUPP: Unit type not supported
1787 * -ENOLINK: The necessary dependencies are not fulfilled.
1788 */
1789 int unit_start(Unit *u) {
1790 UnitActiveState state;
1791 Unit *following;
1792
1793 assert(u);
1794
1795 /* If this is already started, then this will succeed. Note
1796 * that this will even succeed if this unit is not startable
1797 * by the user. This is relied on to detect when we need to
1798 * wait for units and when waiting is finished. */
1799 state = unit_active_state(u);
1800 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1801 return -EALREADY;
1802
1803 /* Units that aren't loaded cannot be started */
1804 if (u->load_state != UNIT_LOADED)
1805 return -EINVAL;
1806
1807 /* If the conditions failed, don't do anything at all. If we
1808 * already are activating this call might still be useful to
1809 * speed up activation in case there is some hold-off time,
1810 * but we don't want to recheck the condition in that case. */
1811 if (state != UNIT_ACTIVATING &&
1812 !unit_condition_test(u)) {
1813 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1814 return -EALREADY;
1815 }
1816
1817 /* If the asserts failed, fail the entire job */
1818 if (state != UNIT_ACTIVATING &&
1819 !unit_assert_test(u)) {
1820 log_unit_notice(u, "Starting requested but asserts failed.");
1821 return -EPROTO;
1822 }
1823
1824 /* Units of types that aren't supported cannot be
1825 * started. Note that we do this test only after the condition
1826 * checks, so that we rather return condition check errors
1827 * (which are usually not considered a true failure) than "not
1828 * supported" errors (which are considered a failure).
1829 */
1830 if (!unit_supported(u))
1831 return -EOPNOTSUPP;
1832
1833 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1834 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1835 * effect anymore, due to a reload or due to a failed condition. */
1836 if (!unit_verify_deps(u))
1837 return -ENOLINK;
1838
1839 /* Forward to the main object, if we aren't it. */
1840 following = unit_following(u);
1841 if (following) {
1842 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1843 return unit_start(following);
1844 }
1845
1846 /* If it is stopped, but we cannot start it, then fail */
1847 if (!UNIT_VTABLE(u)->start)
1848 return -EBADR;
1849
1850 /* We don't suppress calls to ->start() here when we are
1851 * already starting, to allow this request to be used as a
1852 * "hurry up" call, for example when the unit is in some "auto
1853 * restart" state where it waits for a holdoff timer to elapse
1854 * before it will start again. */
1855
1856 unit_add_to_dbus_queue(u);
1857
1858 return UNIT_VTABLE(u)->start(u);
1859 }
1860
1861 bool unit_can_start(Unit *u) {
1862 assert(u);
1863
1864 if (u->load_state != UNIT_LOADED)
1865 return false;
1866
1867 if (!unit_supported(u))
1868 return false;
1869
1870 return !!UNIT_VTABLE(u)->start;
1871 }
1872
1873 bool unit_can_isolate(Unit *u) {
1874 assert(u);
1875
1876 return unit_can_start(u) &&
1877 u->allow_isolate;
1878 }
1879
1880 /* Errors:
1881 * -EBADR: This unit type does not support stopping.
1882 * -EALREADY: Unit is already stopped.
1883 * -EAGAIN: An operation is already in progress. Retry later.
1884 */
1885 int unit_stop(Unit *u) {
1886 UnitActiveState state;
1887 Unit *following;
1888
1889 assert(u);
1890
1891 state = unit_active_state(u);
1892 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1893 return -EALREADY;
1894
1895 following = unit_following(u);
1896 if (following) {
1897 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1898 return unit_stop(following);
1899 }
1900
1901 if (!UNIT_VTABLE(u)->stop)
1902 return -EBADR;
1903
1904 unit_add_to_dbus_queue(u);
1905
1906 return UNIT_VTABLE(u)->stop(u);
1907 }
1908
1909 bool unit_can_stop(Unit *u) {
1910 assert(u);
1911
1912 if (!unit_supported(u))
1913 return false;
1914
1915 if (u->perpetual)
1916 return false;
1917
1918 return !!UNIT_VTABLE(u)->stop;
1919 }
1920
1921 /* Errors:
1922 * -EBADR: This unit type does not support reloading.
1923 * -ENOEXEC: Unit is not started.
1924 * -EAGAIN: An operation is already in progress. Retry later.
1925 */
1926 int unit_reload(Unit *u) {
1927 UnitActiveState state;
1928 Unit *following;
1929
1930 assert(u);
1931
1932 if (u->load_state != UNIT_LOADED)
1933 return -EINVAL;
1934
1935 if (!unit_can_reload(u))
1936 return -EBADR;
1937
1938 state = unit_active_state(u);
1939 if (state == UNIT_RELOADING)
1940 return -EALREADY;
1941
1942 if (state != UNIT_ACTIVE) {
1943 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1944 return -ENOEXEC;
1945 }
1946
1947 following = unit_following(u);
1948 if (following) {
1949 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1950 return unit_reload(following);
1951 }
1952
1953 unit_add_to_dbus_queue(u);
1954
1955 if (!UNIT_VTABLE(u)->reload) {
1956 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1957 unit_notify(u, unit_active_state(u), unit_active_state(u), true);
1958 return 0;
1959 }
1960
1961 return UNIT_VTABLE(u)->reload(u);
1962 }
1963
1964 bool unit_can_reload(Unit *u) {
1965 assert(u);
1966
1967 if (UNIT_VTABLE(u)->can_reload)
1968 return UNIT_VTABLE(u)->can_reload(u);
1969
1970 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1971 return true;
1972
1973 return UNIT_VTABLE(u)->reload;
1974 }
1975
1976 static void unit_check_unneeded(Unit *u) {
1977
1978 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1979
1980 static const UnitDependency needed_dependencies[] = {
1981 UNIT_REQUIRED_BY,
1982 UNIT_REQUISITE_OF,
1983 UNIT_WANTED_BY,
1984 UNIT_BOUND_BY,
1985 };
1986
1987 unsigned j;
1988 int r;
1989
1990 assert(u);
1991
1992 /* If this service shall be shut down when unneeded then do
1993 * so. */
1994
1995 if (!u->stop_when_unneeded)
1996 return;
1997
1998 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1999 return;
2000
2001 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
2002 Unit *other;
2003 Iterator i;
2004 void *v;
2005
2006 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
2007 if (unit_active_or_pending(other) || unit_will_restart(other))
2008 return;
2009 }
2010
2011 /* If stopping a unit fails continuously we might enter a stop
2012 * loop here, hence stop acting on the service being
2013 * unnecessary after a while. */
2014 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2015 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
2016 return;
2017 }
2018
2019 log_unit_info(u, "Unit not needed anymore. Stopping.");
2020
2021 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
2022 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2023 if (r < 0)
2024 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2025 }
2026
2027 static void unit_check_binds_to(Unit *u) {
2028 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2029 bool stop = false;
2030 Unit *other;
2031 Iterator i;
2032 void *v;
2033 int r;
2034
2035 assert(u);
2036
2037 if (u->job)
2038 return;
2039
2040 if (unit_active_state(u) != UNIT_ACTIVE)
2041 return;
2042
2043 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2044 if (other->job)
2045 continue;
2046
2047 if (!other->coldplugged)
2048 /* We might yet create a job for the other unit… */
2049 continue;
2050
2051 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2052 continue;
2053
2054 stop = true;
2055 break;
2056 }
2057
2058 if (!stop)
2059 return;
2060
2061 /* If stopping a unit fails continuously we might enter a stop
2062 * loop here, hence stop acting on the service being
2063 * unnecessary after a while. */
2064 if (!ratelimit_test(&u->auto_stop_ratelimit)) {
2065 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2066 return;
2067 }
2068
2069 assert(other);
2070 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2071
2072 /* A unit we need to run is gone. Sniff. Let's stop this. */
2073 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2074 if (r < 0)
2075 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2076 }
2077
2078 static void retroactively_start_dependencies(Unit *u) {
2079 Iterator i;
2080 Unit *other;
2081 void *v;
2082
2083 assert(u);
2084 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2085
2086 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2087 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2088 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2089 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2090
2091 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2092 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2093 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2094 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2095
2096 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2097 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2098 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2099 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2100
2101 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2102 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2103 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2104
2105 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2106 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2107 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2108 }
2109
2110 static void retroactively_stop_dependencies(Unit *u) {
2111 Unit *other;
2112 Iterator i;
2113 void *v;
2114
2115 assert(u);
2116 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2117
2118 /* Pull down units which are bound to us recursively if enabled */
2119 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2120 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2121 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2122 }
2123
2124 static void check_unneeded_dependencies(Unit *u) {
2125 Unit *other;
2126 Iterator i;
2127 void *v;
2128
2129 assert(u);
2130 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2131
2132 /* Garbage collect services that might not be needed anymore, if enabled */
2133 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2134 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2135 unit_check_unneeded(other);
2136 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2137 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2138 unit_check_unneeded(other);
2139 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2140 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2141 unit_check_unneeded(other);
2142 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2143 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2144 unit_check_unneeded(other);
2145 }
2146
2147 void unit_start_on_failure(Unit *u) {
2148 Unit *other;
2149 Iterator i;
2150 void *v;
2151
2152 assert(u);
2153
2154 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2155 return;
2156
2157 log_unit_info(u, "Triggering OnFailure= dependencies.");
2158
2159 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2160 int r;
2161
2162 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
2163 if (r < 0)
2164 log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
2165 }
2166 }
2167
2168 void unit_trigger_notify(Unit *u) {
2169 Unit *other;
2170 Iterator i;
2171 void *v;
2172
2173 assert(u);
2174
2175 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2176 if (UNIT_VTABLE(other)->trigger_notify)
2177 UNIT_VTABLE(other)->trigger_notify(other, u);
2178 }
2179
2180 static int unit_log_resources(Unit *u) {
2181
2182 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2183 size_t n_message_parts = 0, n_iovec = 0;
2184 char* message_parts[3 + 1], *t;
2185 nsec_t nsec = NSEC_INFINITY;
2186 CGroupIPAccountingMetric m;
2187 size_t i;
2188 int r;
2189 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2190 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2191 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2192 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2193 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2194 };
2195
2196 assert(u);
2197
2198 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2199 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2200 * information and the complete data in structured fields. */
2201
2202 (void) unit_get_cpu_usage(u, &nsec);
2203 if (nsec != NSEC_INFINITY) {
2204 char buf[FORMAT_TIMESPAN_MAX] = "";
2205
2206 /* Format the CPU time for inclusion in the structured log message */
2207 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2208 r = log_oom();
2209 goto finish;
2210 }
2211 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2212
2213 /* Format the CPU time for inclusion in the human language message string */
2214 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2215 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2216 if (!t) {
2217 r = log_oom();
2218 goto finish;
2219 }
2220
2221 message_parts[n_message_parts++] = t;
2222 }
2223
2224 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2225 char buf[FORMAT_BYTES_MAX] = "";
2226 uint64_t value = UINT64_MAX;
2227
2228 assert(ip_fields[m]);
2229
2230 (void) unit_get_ip_accounting(u, m, &value);
2231 if (value == UINT64_MAX)
2232 continue;
2233
2234 /* Format IP accounting data for inclusion in the structured log message */
2235 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2236 r = log_oom();
2237 goto finish;
2238 }
2239 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2240
2241 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2242 * bytes counters (and not for the packets counters) */
2243 if (m == CGROUP_IP_INGRESS_BYTES)
2244 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2245 format_bytes(buf, sizeof(buf), value),
2246 " IP traffic");
2247 else if (m == CGROUP_IP_EGRESS_BYTES)
2248 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2249 format_bytes(buf, sizeof(buf), value),
2250 " IP traffic");
2251 else
2252 continue;
2253 if (!t) {
2254 r = log_oom();
2255 goto finish;
2256 }
2257
2258 message_parts[n_message_parts++] = t;
2259 }
2260
2261 /* Is there any accounting data available at all? */
2262 if (n_iovec == 0) {
2263 r = 0;
2264 goto finish;
2265 }
2266
2267 if (n_message_parts == 0)
2268 t = strjoina("MESSAGE=", u->id, ": Completed");
2269 else {
2270 _cleanup_free_ char *joined;
2271
2272 message_parts[n_message_parts] = NULL;
2273
2274 joined = strv_join(message_parts, ", ");
2275 if (!joined) {
2276 r = log_oom();
2277 goto finish;
2278 }
2279
2280 t = strjoina("MESSAGE=", u->id, ": ", joined);
2281 }
2282
2283 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2284 * and hence don't increase n_iovec for them */
2285 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2286 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2287
2288 t = strjoina(u->manager->unit_log_field, u->id);
2289 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2290
2291 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2292 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2293
2294 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2295 r = 0;
2296
2297 finish:
2298 for (i = 0; i < n_message_parts; i++)
2299 free(message_parts[i]);
2300
2301 for (i = 0; i < n_iovec; i++)
2302 free(iovec[i].iov_base);
2303
2304 return r;
2305
2306 }
2307
2308 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2309 Manager *m;
2310 bool unexpected;
2311
2312 assert(u);
2313 assert(os < _UNIT_ACTIVE_STATE_MAX);
2314 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2315
2316 /* Note that this is called for all low-level state changes,
2317 * even if they might map to the same high-level
2318 * UnitActiveState! That means that ns == os is an expected
2319 * behavior here. For example: if a mount point is remounted
2320 * this function will be called too! */
2321
2322 m = u->manager;
2323
2324 /* Update timestamps for state changes */
2325 if (!MANAGER_IS_RELOADING(m)) {
2326 dual_timestamp_get(&u->state_change_timestamp);
2327
2328 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2329 u->inactive_exit_timestamp = u->state_change_timestamp;
2330 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2331 u->inactive_enter_timestamp = u->state_change_timestamp;
2332
2333 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2334 u->active_enter_timestamp = u->state_change_timestamp;
2335 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2336 u->active_exit_timestamp = u->state_change_timestamp;
2337 }
2338
2339 /* Keep track of failed units */
2340 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2341
2342 /* Make sure the cgroup and state files are always removed when we become inactive */
2343 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2344 unit_prune_cgroup(u);
2345 unit_unlink_state_files(u);
2346 }
2347
2348 /* Note that this doesn't apply to RemainAfterExit services exiting
2349 * successfully, since there's no change of state in that case. Which is
2350 * why it is handled in service_set_state() */
2351 if (UNIT_IS_INACTIVE_OR_FAILED(os) != UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2352 ExecContext *ec;
2353
2354 ec = unit_get_exec_context(u);
2355 if (ec && exec_context_may_touch_console(ec)) {
2356 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2357 m->n_on_console--;
2358
2359 if (m->n_on_console == 0)
2360 /* unset no_console_output flag, since the console is free */
2361 m->no_console_output = false;
2362 } else
2363 m->n_on_console++;
2364 }
2365 }
2366
2367 if (u->job) {
2368 unexpected = false;
2369
2370 if (u->job->state == JOB_WAITING)
2371
2372 /* So we reached a different state for this
2373 * job. Let's see if we can run it now if it
2374 * failed previously due to EAGAIN. */
2375 job_add_to_run_queue(u->job);
2376
2377 /* Let's check whether this state change constitutes a
2378 * finished job, or maybe contradicts a running job and
2379 * hence needs to invalidate jobs. */
2380
2381 switch (u->job->type) {
2382
2383 case JOB_START:
2384 case JOB_VERIFY_ACTIVE:
2385
2386 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2387 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2388 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2389 unexpected = true;
2390
2391 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2392 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2393 }
2394
2395 break;
2396
2397 case JOB_RELOAD:
2398 case JOB_RELOAD_OR_START:
2399 case JOB_TRY_RELOAD:
2400
2401 if (u->job->state == JOB_RUNNING) {
2402 if (ns == UNIT_ACTIVE)
2403 job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2404 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2405 unexpected = true;
2406
2407 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2408 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2409 }
2410 }
2411
2412 break;
2413
2414 case JOB_STOP:
2415 case JOB_RESTART:
2416 case JOB_TRY_RESTART:
2417
2418 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2419 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2420 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2421 unexpected = true;
2422 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2423 }
2424
2425 break;
2426
2427 default:
2428 assert_not_reached("Job type unknown");
2429 }
2430
2431 } else
2432 unexpected = true;
2433
2434 if (!MANAGER_IS_RELOADING(m)) {
2435
2436 /* If this state change happened without being
2437 * requested by a job, then let's retroactively start
2438 * or stop dependencies. We skip that step when
2439 * deserializing, since we don't want to create any
2440 * additional jobs just because something is already
2441 * activated. */
2442
2443 if (unexpected) {
2444 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2445 retroactively_start_dependencies(u);
2446 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2447 retroactively_stop_dependencies(u);
2448 }
2449
2450 /* stop unneeded units regardless if going down was expected or not */
2451 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2452 check_unneeded_dependencies(u);
2453
2454 if (ns != os && ns == UNIT_FAILED) {
2455 log_unit_debug(u, "Unit entered failed state.");
2456 unit_start_on_failure(u);
2457 }
2458 }
2459
2460 /* Some names are special */
2461 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2462
2463 if (unit_has_name(u, SPECIAL_DBUS_SERVICE))
2464 /* The bus might have just become available,
2465 * hence try to connect to it, if we aren't
2466 * yet connected. */
2467 bus_init(m, true);
2468
2469 if (u->type == UNIT_SERVICE &&
2470 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2471 !MANAGER_IS_RELOADING(m)) {
2472 /* Write audit record if we have just finished starting up */
2473 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2474 u->in_audit = true;
2475 }
2476
2477 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2478 manager_send_unit_plymouth(m, u);
2479
2480 } else {
2481 /* We don't care about D-Bus going down here, since we'll get an asynchronous notification for it
2482 * anyway. */
2483
2484 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2485 !UNIT_IS_INACTIVE_OR_FAILED(os)
2486 && !MANAGER_IS_RELOADING(m)) {
2487
2488 /* This unit just stopped/failed. */
2489 if (u->type == UNIT_SERVICE) {
2490
2491 /* Hmm, if there was no start record written
2492 * write it now, so that we always have a nice
2493 * pair */
2494 if (!u->in_audit) {
2495 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2496
2497 if (ns == UNIT_INACTIVE)
2498 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2499 } else
2500 /* Write audit record if we have just finished shutting down */
2501 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2502
2503 u->in_audit = false;
2504 }
2505
2506 /* Write a log message about consumed resources */
2507 unit_log_resources(u);
2508 }
2509 }
2510
2511 manager_recheck_journal(m);
2512 unit_trigger_notify(u);
2513
2514 if (!MANAGER_IS_RELOADING(u->manager)) {
2515 /* Maybe we finished startup and are now ready for
2516 * being stopped because unneeded? */
2517 unit_check_unneeded(u);
2518
2519 /* Maybe we finished startup, but something we needed
2520 * has vanished? Let's die then. (This happens when
2521 * something BindsTo= to a Type=oneshot unit, as these
2522 * units go directly from starting to inactive,
2523 * without ever entering started.) */
2524 unit_check_binds_to(u);
2525
2526 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2527 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2528 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2529 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2530 }
2531
2532 unit_add_to_dbus_queue(u);
2533 unit_add_to_gc_queue(u);
2534 }
2535
2536 int unit_watch_pid(Unit *u, pid_t pid) {
2537 int q, r;
2538
2539 assert(u);
2540 assert(pid >= 1);
2541
2542 /* Watch a specific PID. We only support one or two units
2543 * watching each PID for now, not more. */
2544
2545 r = set_ensure_allocated(&u->pids, NULL);
2546 if (r < 0)
2547 return r;
2548
2549 r = hashmap_ensure_allocated(&u->manager->watch_pids1, NULL);
2550 if (r < 0)
2551 return r;
2552
2553 r = hashmap_put(u->manager->watch_pids1, PID_TO_PTR(pid), u);
2554 if (r == -EEXIST) {
2555 r = hashmap_ensure_allocated(&u->manager->watch_pids2, NULL);
2556 if (r < 0)
2557 return r;
2558
2559 r = hashmap_put(u->manager->watch_pids2, PID_TO_PTR(pid), u);
2560 }
2561
2562 q = set_put(u->pids, PID_TO_PTR(pid));
2563 if (q < 0)
2564 return q;
2565
2566 return r;
2567 }
2568
2569 void unit_unwatch_pid(Unit *u, pid_t pid) {
2570 assert(u);
2571 assert(pid >= 1);
2572
2573 (void) hashmap_remove_value(u->manager->watch_pids1, PID_TO_PTR(pid), u);
2574 (void) hashmap_remove_value(u->manager->watch_pids2, PID_TO_PTR(pid), u);
2575 (void) set_remove(u->pids, PID_TO_PTR(pid));
2576 }
2577
2578 void unit_unwatch_all_pids(Unit *u) {
2579 assert(u);
2580
2581 while (!set_isempty(u->pids))
2582 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2583
2584 u->pids = set_free(u->pids);
2585 }
2586
2587 void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
2588 Iterator i;
2589 void *e;
2590
2591 assert(u);
2592
2593 /* Cleans dead PIDs from our list */
2594
2595 SET_FOREACH(e, u->pids, i) {
2596 pid_t pid = PTR_TO_PID(e);
2597
2598 if (pid == except1 || pid == except2)
2599 continue;
2600
2601 if (!pid_is_unwaited(pid))
2602 unit_unwatch_pid(u, pid);
2603 }
2604 }
2605
2606 bool unit_job_is_applicable(Unit *u, JobType j) {
2607 assert(u);
2608 assert(j >= 0 && j < _JOB_TYPE_MAX);
2609
2610 switch (j) {
2611
2612 case JOB_VERIFY_ACTIVE:
2613 case JOB_START:
2614 case JOB_NOP:
2615 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2616 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2617 * jobs for it. */
2618 return true;
2619
2620 case JOB_STOP:
2621 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2622 * external events), hence it makes no sense to permit enqueing such a request either. */
2623 return !u->perpetual;
2624
2625 case JOB_RESTART:
2626 case JOB_TRY_RESTART:
2627 return unit_can_stop(u) && unit_can_start(u);
2628
2629 case JOB_RELOAD:
2630 case JOB_TRY_RELOAD:
2631 return unit_can_reload(u);
2632
2633 case JOB_RELOAD_OR_START:
2634 return unit_can_reload(u) && unit_can_start(u);
2635
2636 default:
2637 assert_not_reached("Invalid job type");
2638 }
2639 }
2640
2641 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2642 assert(u);
2643
2644 /* Only warn about some unit types */
2645 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2646 return;
2647
2648 if (streq_ptr(u->id, other))
2649 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2650 else
2651 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2652 }
2653
2654 static int unit_add_dependency_hashmap(
2655 Hashmap **h,
2656 Unit *other,
2657 UnitDependencyMask origin_mask,
2658 UnitDependencyMask destination_mask) {
2659
2660 UnitDependencyInfo info;
2661 int r;
2662
2663 assert(h);
2664 assert(other);
2665 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2666 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2667 assert(origin_mask > 0 || destination_mask > 0);
2668
2669 r = hashmap_ensure_allocated(h, NULL);
2670 if (r < 0)
2671 return r;
2672
2673 assert_cc(sizeof(void*) == sizeof(info));
2674
2675 info.data = hashmap_get(*h, other);
2676 if (info.data) {
2677 /* Entry already exists. Add in our mask. */
2678
2679 if ((info.origin_mask & origin_mask) == info.origin_mask &&
2680 (info.destination_mask & destination_mask) == info.destination_mask)
2681 return 0; /* NOP */
2682
2683 info.origin_mask |= origin_mask;
2684 info.destination_mask |= destination_mask;
2685
2686 r = hashmap_update(*h, other, info.data);
2687 } else {
2688 info = (UnitDependencyInfo) {
2689 .origin_mask = origin_mask,
2690 .destination_mask = destination_mask,
2691 };
2692
2693 r = hashmap_put(*h, other, info.data);
2694 }
2695 if (r < 0)
2696 return r;
2697
2698 return 1;
2699 }
2700
2701 int unit_add_dependency(
2702 Unit *u,
2703 UnitDependency d,
2704 Unit *other,
2705 bool add_reference,
2706 UnitDependencyMask mask) {
2707
2708 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2709 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2710 [UNIT_WANTS] = UNIT_WANTED_BY,
2711 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2712 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2713 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2714 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2715 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2716 [UNIT_WANTED_BY] = UNIT_WANTS,
2717 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2718 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2719 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2720 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2721 [UNIT_BEFORE] = UNIT_AFTER,
2722 [UNIT_AFTER] = UNIT_BEFORE,
2723 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2724 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2725 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2726 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2727 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2728 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2729 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2730 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2731 };
2732 Unit *original_u = u, *original_other = other;
2733 int r;
2734
2735 assert(u);
2736 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2737 assert(other);
2738
2739 u = unit_follow_merge(u);
2740 other = unit_follow_merge(other);
2741
2742 /* We won't allow dependencies on ourselves. We will not
2743 * consider them an error however. */
2744 if (u == other) {
2745 maybe_warn_about_dependency(original_u, original_other->id, d);
2746 return 0;
2747 }
2748
2749 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2750 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2751 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2752 return 0;
2753 }
2754
2755 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2756 if (r < 0)
2757 return r;
2758
2759 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2760 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2761 if (r < 0)
2762 return r;
2763 }
2764
2765 if (add_reference) {
2766 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2767 if (r < 0)
2768 return r;
2769
2770 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2771 if (r < 0)
2772 return r;
2773 }
2774
2775 unit_add_to_dbus_queue(u);
2776 return 0;
2777 }
2778
2779 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2780 int r;
2781
2782 assert(u);
2783
2784 r = unit_add_dependency(u, d, other, add_reference, mask);
2785 if (r < 0)
2786 return r;
2787
2788 return unit_add_dependency(u, e, other, add_reference, mask);
2789 }
2790
2791 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2792 int r;
2793
2794 assert(u);
2795 assert(name || path);
2796 assert(buf);
2797 assert(ret);
2798
2799 if (!name)
2800 name = basename(path);
2801
2802 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2803 *buf = NULL;
2804 *ret = name;
2805 return 0;
2806 }
2807
2808 if (u->instance)
2809 r = unit_name_replace_instance(name, u->instance, buf);
2810 else {
2811 _cleanup_free_ char *i = NULL;
2812
2813 r = unit_name_to_prefix(u->id, &i);
2814 if (r < 0)
2815 return r;
2816
2817 r = unit_name_replace_instance(name, i, buf);
2818 }
2819 if (r < 0)
2820 return r;
2821
2822 *ret = *buf;
2823 return 0;
2824 }
2825
2826 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2827 _cleanup_free_ char *buf = NULL;
2828 Unit *other;
2829 int r;
2830
2831 assert(u);
2832 assert(name || path);
2833
2834 r = resolve_template(u, name, path, &buf, &name);
2835 if (r < 0)
2836 return r;
2837
2838 r = manager_load_unit(u->manager, name, path, NULL, &other);
2839 if (r < 0)
2840 return r;
2841
2842 return unit_add_dependency(u, d, other, add_reference, mask);
2843 }
2844
2845 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2846 _cleanup_free_ char *buf = NULL;
2847 Unit *other;
2848 int r;
2849
2850 assert(u);
2851 assert(name || path);
2852
2853 r = resolve_template(u, name, path, &buf, &name);
2854 if (r < 0)
2855 return r;
2856
2857 r = manager_load_unit(u->manager, name, path, NULL, &other);
2858 if (r < 0)
2859 return r;
2860
2861 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2862 }
2863
2864 int set_unit_path(const char *p) {
2865 /* This is mostly for debug purposes */
2866 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2867 return -errno;
2868
2869 return 0;
2870 }
2871
2872 char *unit_dbus_path(Unit *u) {
2873 assert(u);
2874
2875 if (!u->id)
2876 return NULL;
2877
2878 return unit_dbus_path_from_name(u->id);
2879 }
2880
2881 char *unit_dbus_path_invocation_id(Unit *u) {
2882 assert(u);
2883
2884 if (sd_id128_is_null(u->invocation_id))
2885 return NULL;
2886
2887 return unit_dbus_path_from_name(u->invocation_id_string);
2888 }
2889
2890 int unit_set_slice(Unit *u, Unit *slice) {
2891 assert(u);
2892 assert(slice);
2893
2894 /* Sets the unit slice if it has not been set before. Is extra
2895 * careful, to only allow this for units that actually have a
2896 * cgroup context. Also, we don't allow to set this for slices
2897 * (since the parent slice is derived from the name). Make
2898 * sure the unit we set is actually a slice. */
2899
2900 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2901 return -EOPNOTSUPP;
2902
2903 if (u->type == UNIT_SLICE)
2904 return -EINVAL;
2905
2906 if (unit_active_state(u) != UNIT_INACTIVE)
2907 return -EBUSY;
2908
2909 if (slice->type != UNIT_SLICE)
2910 return -EINVAL;
2911
2912 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
2913 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
2914 return -EPERM;
2915
2916 if (UNIT_DEREF(u->slice) == slice)
2917 return 0;
2918
2919 /* Disallow slice changes if @u is already bound to cgroups */
2920 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
2921 return -EBUSY;
2922
2923 unit_ref_unset(&u->slice);
2924 unit_ref_set(&u->slice, slice);
2925 return 1;
2926 }
2927
2928 int unit_set_default_slice(Unit *u) {
2929 _cleanup_free_ char *b = NULL;
2930 const char *slice_name;
2931 Unit *slice;
2932 int r;
2933
2934 assert(u);
2935
2936 if (UNIT_ISSET(u->slice))
2937 return 0;
2938
2939 if (u->instance) {
2940 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
2941
2942 /* Implicitly place all instantiated units in their
2943 * own per-template slice */
2944
2945 r = unit_name_to_prefix(u->id, &prefix);
2946 if (r < 0)
2947 return r;
2948
2949 /* The prefix is already escaped, but it might include
2950 * "-" which has a special meaning for slice units,
2951 * hence escape it here extra. */
2952 escaped = unit_name_escape(prefix);
2953 if (!escaped)
2954 return -ENOMEM;
2955
2956 if (MANAGER_IS_SYSTEM(u->manager))
2957 b = strjoin("system-", escaped, ".slice");
2958 else
2959 b = strappend(escaped, ".slice");
2960 if (!b)
2961 return -ENOMEM;
2962
2963 slice_name = b;
2964 } else
2965 slice_name =
2966 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
2967 ? SPECIAL_SYSTEM_SLICE
2968 : SPECIAL_ROOT_SLICE;
2969
2970 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
2971 if (r < 0)
2972 return r;
2973
2974 return unit_set_slice(u, slice);
2975 }
2976
2977 const char *unit_slice_name(Unit *u) {
2978 assert(u);
2979
2980 if (!UNIT_ISSET(u->slice))
2981 return NULL;
2982
2983 return UNIT_DEREF(u->slice)->id;
2984 }
2985
2986 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
2987 _cleanup_free_ char *t = NULL;
2988 int r;
2989
2990 assert(u);
2991 assert(type);
2992 assert(_found);
2993
2994 r = unit_name_change_suffix(u->id, type, &t);
2995 if (r < 0)
2996 return r;
2997 if (unit_has_name(u, t))
2998 return -EINVAL;
2999
3000 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3001 assert(r < 0 || *_found != u);
3002 return r;
3003 }
3004
3005 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3006 const char *name, *old_owner, *new_owner;
3007 Unit *u = userdata;
3008 int r;
3009
3010 assert(message);
3011 assert(u);
3012
3013 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3014 if (r < 0) {
3015 bus_log_parse_error(r);
3016 return 0;
3017 }
3018
3019 old_owner = empty_to_null(old_owner);
3020 new_owner = empty_to_null(new_owner);
3021
3022 if (UNIT_VTABLE(u)->bus_name_owner_change)
3023 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3024
3025 return 0;
3026 }
3027
3028 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3029 const char *match;
3030
3031 assert(u);
3032 assert(bus);
3033 assert(name);
3034
3035 if (u->match_bus_slot)
3036 return -EBUSY;
3037
3038 match = strjoina("type='signal',"
3039 "sender='org.freedesktop.DBus',"
3040 "path='/org/freedesktop/DBus',"
3041 "interface='org.freedesktop.DBus',"
3042 "member='NameOwnerChanged',"
3043 "arg0='", name, "'");
3044
3045 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3046 }
3047
3048 int unit_watch_bus_name(Unit *u, const char *name) {
3049 int r;
3050
3051 assert(u);
3052 assert(name);
3053
3054 /* Watch a specific name on the bus. We only support one unit
3055 * watching each name for now. */
3056
3057 if (u->manager->api_bus) {
3058 /* If the bus is already available, install the match directly.
3059 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3060 r = unit_install_bus_match(u, u->manager->api_bus, name);
3061 if (r < 0)
3062 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3063 }
3064
3065 r = hashmap_put(u->manager->watch_bus, name, u);
3066 if (r < 0) {
3067 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3068 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3069 }
3070
3071 return 0;
3072 }
3073
3074 void unit_unwatch_bus_name(Unit *u, const char *name) {
3075 assert(u);
3076 assert(name);
3077
3078 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3079 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3080 }
3081
3082 bool unit_can_serialize(Unit *u) {
3083 assert(u);
3084
3085 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3086 }
3087
3088 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3089 _cleanup_free_ char *s = NULL;
3090 int r = 0;
3091
3092 assert(f);
3093 assert(key);
3094
3095 if (mask != 0) {
3096 r = cg_mask_to_string(mask, &s);
3097 if (r >= 0) {
3098 fputs(key, f);
3099 fputc('=', f);
3100 fputs(s, f);
3101 fputc('\n', f);
3102 }
3103 }
3104 return r;
3105 }
3106
3107 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3108 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3109 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3110 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3111 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3112 };
3113
3114 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3115 CGroupIPAccountingMetric m;
3116 int r;
3117
3118 assert(u);
3119 assert(f);
3120 assert(fds);
3121
3122 if (unit_can_serialize(u)) {
3123 ExecRuntime *rt;
3124
3125 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3126 if (r < 0)
3127 return r;
3128
3129 rt = unit_get_exec_runtime(u);
3130 if (rt) {
3131 r = exec_runtime_serialize(u, rt, f, fds);
3132 if (r < 0)
3133 return r;
3134 }
3135 }
3136
3137 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3138
3139 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3140 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3141 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3142 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3143
3144 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3145 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3146
3147 if (dual_timestamp_is_set(&u->condition_timestamp))
3148 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3149
3150 if (dual_timestamp_is_set(&u->assert_timestamp))
3151 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3152
3153 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3154
3155 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3156 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3157 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3158
3159 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3160 if (u->cpu_usage_last != NSEC_INFINITY)
3161 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3162
3163 if (u->cgroup_path)
3164 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3165 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3166 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3167 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3168 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3169
3170 if (uid_is_valid(u->ref_uid))
3171 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3172 if (gid_is_valid(u->ref_gid))
3173 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3174
3175 if (!sd_id128_is_null(u->invocation_id))
3176 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3177
3178 bus_track_serialize(u->bus_track, f, "ref");
3179
3180 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3181 uint64_t v;
3182
3183 r = unit_get_ip_accounting(u, m, &v);
3184 if (r >= 0)
3185 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3186 }
3187
3188 if (serialize_jobs) {
3189 if (u->job) {
3190 fprintf(f, "job\n");
3191 job_serialize(u->job, f);
3192 }
3193
3194 if (u->nop_job) {
3195 fprintf(f, "job\n");
3196 job_serialize(u->nop_job, f);
3197 }
3198 }
3199
3200 /* End marker */
3201 fputc('\n', f);
3202 return 0;
3203 }
3204
3205 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3206 assert(u);
3207 assert(f);
3208 assert(key);
3209
3210 if (!value)
3211 return 0;
3212
3213 fputs(key, f);
3214 fputc('=', f);
3215 fputs(value, f);
3216 fputc('\n', f);
3217
3218 return 1;
3219 }
3220
3221 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3222 _cleanup_free_ char *c = NULL;
3223
3224 assert(u);
3225 assert(f);
3226 assert(key);
3227
3228 if (!value)
3229 return 0;
3230
3231 c = cescape(value);
3232 if (!c)
3233 return -ENOMEM;
3234
3235 fputs(key, f);
3236 fputc('=', f);
3237 fputs(c, f);
3238 fputc('\n', f);
3239
3240 return 1;
3241 }
3242
3243 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3244 int copy;
3245
3246 assert(u);
3247 assert(f);
3248 assert(key);
3249
3250 if (fd < 0)
3251 return 0;
3252
3253 copy = fdset_put_dup(fds, fd);
3254 if (copy < 0)
3255 return copy;
3256
3257 fprintf(f, "%s=%i\n", key, copy);
3258 return 1;
3259 }
3260
3261 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3262 va_list ap;
3263
3264 assert(u);
3265 assert(f);
3266 assert(key);
3267 assert(format);
3268
3269 fputs(key, f);
3270 fputc('=', f);
3271
3272 va_start(ap, format);
3273 vfprintf(f, format, ap);
3274 va_end(ap);
3275
3276 fputc('\n', f);
3277 }
3278
3279 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3280 ExecRuntime **rt = NULL;
3281 size_t offset;
3282 int r;
3283
3284 assert(u);
3285 assert(f);
3286 assert(fds);
3287
3288 offset = UNIT_VTABLE(u)->exec_runtime_offset;
3289 if (offset > 0)
3290 rt = (ExecRuntime**) ((uint8_t*) u + offset);
3291
3292 for (;;) {
3293 char line[LINE_MAX], *l, *v;
3294 CGroupIPAccountingMetric m;
3295 size_t k;
3296
3297 if (!fgets(line, sizeof(line), f)) {
3298 if (feof(f))
3299 return 0;
3300 return -errno;
3301 }
3302
3303 char_array_0(line);
3304 l = strstrip(line);
3305
3306 /* End marker */
3307 if (isempty(l))
3308 break;
3309
3310 k = strcspn(l, "=");
3311
3312 if (l[k] == '=') {
3313 l[k] = 0;
3314 v = l+k+1;
3315 } else
3316 v = l+k;
3317
3318 if (streq(l, "job")) {
3319 if (v[0] == '\0') {
3320 /* new-style serialized job */
3321 Job *j;
3322
3323 j = job_new_raw(u);
3324 if (!j)
3325 return log_oom();
3326
3327 r = job_deserialize(j, f);
3328 if (r < 0) {
3329 job_free(j);
3330 return r;
3331 }
3332
3333 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3334 if (r < 0) {
3335 job_free(j);
3336 return r;
3337 }
3338
3339 r = job_install_deserialized(j);
3340 if (r < 0) {
3341 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3342 job_free(j);
3343 return r;
3344 }
3345 } else /* legacy for pre-44 */
3346 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3347 continue;
3348 } else if (streq(l, "state-change-timestamp")) {
3349 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3350 continue;
3351 } else if (streq(l, "inactive-exit-timestamp")) {
3352 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3353 continue;
3354 } else if (streq(l, "active-enter-timestamp")) {
3355 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3356 continue;
3357 } else if (streq(l, "active-exit-timestamp")) {
3358 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3359 continue;
3360 } else if (streq(l, "inactive-enter-timestamp")) {
3361 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3362 continue;
3363 } else if (streq(l, "condition-timestamp")) {
3364 dual_timestamp_deserialize(v, &u->condition_timestamp);
3365 continue;
3366 } else if (streq(l, "assert-timestamp")) {
3367 dual_timestamp_deserialize(v, &u->assert_timestamp);
3368 continue;
3369 } else if (streq(l, "condition-result")) {
3370
3371 r = parse_boolean(v);
3372 if (r < 0)
3373 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3374 else
3375 u->condition_result = r;
3376
3377 continue;
3378
3379 } else if (streq(l, "assert-result")) {
3380
3381 r = parse_boolean(v);
3382 if (r < 0)
3383 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3384 else
3385 u->assert_result = r;
3386
3387 continue;
3388
3389 } else if (streq(l, "transient")) {
3390
3391 r = parse_boolean(v);
3392 if (r < 0)
3393 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3394 else
3395 u->transient = r;
3396
3397 continue;
3398
3399 } else if (streq(l, "exported-invocation-id")) {
3400
3401 r = parse_boolean(v);
3402 if (r < 0)
3403 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3404 else
3405 u->exported_invocation_id = r;
3406
3407 continue;
3408
3409 } else if (streq(l, "exported-log-level-max")) {
3410
3411 r = parse_boolean(v);
3412 if (r < 0)
3413 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3414 else
3415 u->exported_log_level_max = r;
3416
3417 continue;
3418
3419 } else if (streq(l, "exported-log-extra-fields")) {
3420
3421 r = parse_boolean(v);
3422 if (r < 0)
3423 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3424 else
3425 u->exported_log_extra_fields = r;
3426
3427 continue;
3428
3429 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3430
3431 r = safe_atou64(v, &u->cpu_usage_base);
3432 if (r < 0)
3433 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3434
3435 continue;
3436
3437 } else if (streq(l, "cpu-usage-last")) {
3438
3439 r = safe_atou64(v, &u->cpu_usage_last);
3440 if (r < 0)
3441 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3442
3443 continue;
3444
3445 } else if (streq(l, "cgroup")) {
3446
3447 r = unit_set_cgroup_path(u, v);
3448 if (r < 0)
3449 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3450
3451 (void) unit_watch_cgroup(u);
3452
3453 continue;
3454 } else if (streq(l, "cgroup-realized")) {
3455 int b;
3456
3457 b = parse_boolean(v);
3458 if (b < 0)
3459 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3460 else
3461 u->cgroup_realized = b;
3462
3463 continue;
3464
3465 } else if (streq(l, "cgroup-realized-mask")) {
3466
3467 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3468 if (r < 0)
3469 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3470 continue;
3471
3472 } else if (streq(l, "cgroup-enabled-mask")) {
3473
3474 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3475 if (r < 0)
3476 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3477 continue;
3478
3479 } else if (streq(l, "cgroup-bpf-realized")) {
3480 int i;
3481
3482 r = safe_atoi(v, &i);
3483 if (r < 0)
3484 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3485 else
3486 u->cgroup_bpf_state =
3487 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3488 i > 0 ? UNIT_CGROUP_BPF_ON :
3489 UNIT_CGROUP_BPF_OFF;
3490
3491 continue;
3492
3493 } else if (streq(l, "ref-uid")) {
3494 uid_t uid;
3495
3496 r = parse_uid(v, &uid);
3497 if (r < 0)
3498 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3499 else
3500 unit_ref_uid_gid(u, uid, GID_INVALID);
3501
3502 continue;
3503
3504 } else if (streq(l, "ref-gid")) {
3505 gid_t gid;
3506
3507 r = parse_gid(v, &gid);
3508 if (r < 0)
3509 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3510 else
3511 unit_ref_uid_gid(u, UID_INVALID, gid);
3512
3513 } else if (streq(l, "ref")) {
3514
3515 r = strv_extend(&u->deserialized_refs, v);
3516 if (r < 0)
3517 log_oom();
3518
3519 continue;
3520 } else if (streq(l, "invocation-id")) {
3521 sd_id128_t id;
3522
3523 r = sd_id128_from_string(v, &id);
3524 if (r < 0)
3525 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3526 else {
3527 r = unit_set_invocation_id(u, id);
3528 if (r < 0)
3529 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3530 }
3531
3532 continue;
3533 }
3534
3535 /* Check if this is an IP accounting metric serialization field */
3536 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3537 if (streq(l, ip_accounting_metric_field[m]))
3538 break;
3539 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3540 uint64_t c;
3541
3542 r = safe_atou64(v, &c);
3543 if (r < 0)
3544 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3545 else
3546 u->ip_accounting_extra[m] = c;
3547 continue;
3548 }
3549
3550 if (unit_can_serialize(u)) {
3551 if (rt) {
3552 r = exec_runtime_deserialize_item(u, rt, l, v, fds);
3553 if (r < 0) {
3554 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3555 continue;
3556 }
3557
3558 /* Returns positive if key was handled by the call */
3559 if (r > 0)
3560 continue;
3561 }
3562
3563 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3564 if (r < 0)
3565 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3566 }
3567 }
3568
3569 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3570 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3571 * before 228 where the base for timeouts was not persistent across reboots. */
3572
3573 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3574 dual_timestamp_get(&u->state_change_timestamp);
3575
3576 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3577 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3578 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3579 unit_invalidate_cgroup_bpf(u);
3580
3581 return 0;
3582 }
3583
3584 void unit_deserialize_skip(FILE *f) {
3585 assert(f);
3586
3587 /* Skip serialized data for this unit. We don't know what it is. */
3588
3589 for (;;) {
3590 char line[LINE_MAX], *l;
3591
3592 if (!fgets(line, sizeof line, f))
3593 return;
3594
3595 char_array_0(line);
3596 l = strstrip(line);
3597
3598 /* End marker */
3599 if (isempty(l))
3600 return;
3601 }
3602 }
3603
3604
3605 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3606 Unit *device;
3607 _cleanup_free_ char *e = NULL;
3608 int r;
3609
3610 assert(u);
3611
3612 /* Adds in links to the device node that this unit is based on */
3613 if (isempty(what))
3614 return 0;
3615
3616 if (!is_device_path(what))
3617 return 0;
3618
3619 /* When device units aren't supported (such as in a
3620 * container), don't create dependencies on them. */
3621 if (!unit_type_supported(UNIT_DEVICE))
3622 return 0;
3623
3624 r = unit_name_from_path(what, ".device", &e);
3625 if (r < 0)
3626 return r;
3627
3628 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3629 if (r < 0)
3630 return r;
3631
3632 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3633 dep = UNIT_BINDS_TO;
3634
3635 r = unit_add_two_dependencies(u, UNIT_AFTER,
3636 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3637 device, true, mask);
3638 if (r < 0)
3639 return r;
3640
3641 if (wants) {
3642 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3643 if (r < 0)
3644 return r;
3645 }
3646
3647 return 0;
3648 }
3649
3650 int unit_coldplug(Unit *u) {
3651 int r = 0, q;
3652 char **i;
3653
3654 assert(u);
3655
3656 /* Make sure we don't enter a loop, when coldplugging
3657 * recursively. */
3658 if (u->coldplugged)
3659 return 0;
3660
3661 u->coldplugged = true;
3662
3663 STRV_FOREACH(i, u->deserialized_refs) {
3664 q = bus_unit_track_add_name(u, *i);
3665 if (q < 0 && r >= 0)
3666 r = q;
3667 }
3668 u->deserialized_refs = strv_free(u->deserialized_refs);
3669
3670 if (UNIT_VTABLE(u)->coldplug) {
3671 q = UNIT_VTABLE(u)->coldplug(u);
3672 if (q < 0 && r >= 0)
3673 r = q;
3674 }
3675
3676 if (u->job) {
3677 q = job_coldplug(u->job);
3678 if (q < 0 && r >= 0)
3679 r = q;
3680 }
3681
3682 return r;
3683 }
3684
3685 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3686 struct stat st;
3687
3688 if (!path)
3689 return false;
3690
3691 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3692 * are never out-of-date. */
3693 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3694 return false;
3695
3696 if (stat(path, &st) < 0)
3697 /* What, cannot access this anymore? */
3698 return true;
3699
3700 if (path_masked)
3701 /* For masked files check if they are still so */
3702 return !null_or_empty(&st);
3703 else
3704 /* For non-empty files check the mtime */
3705 return timespec_load(&st.st_mtim) > mtime;
3706
3707 return false;
3708 }
3709
3710 bool unit_need_daemon_reload(Unit *u) {
3711 _cleanup_strv_free_ char **t = NULL;
3712 char **path;
3713
3714 assert(u);
3715
3716 /* For unit files, we allow masking… */
3717 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3718 u->load_state == UNIT_MASKED))
3719 return true;
3720
3721 /* Source paths should not be masked… */
3722 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3723 return true;
3724
3725 if (u->load_state == UNIT_LOADED)
3726 (void) unit_find_dropin_paths(u, &t);
3727 if (!strv_equal(u->dropin_paths, t))
3728 return true;
3729
3730 /* … any drop-ins that are masked are simply omitted from the list. */
3731 STRV_FOREACH(path, u->dropin_paths)
3732 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3733 return true;
3734
3735 return false;
3736 }
3737
3738 void unit_reset_failed(Unit *u) {
3739 assert(u);
3740
3741 if (UNIT_VTABLE(u)->reset_failed)
3742 UNIT_VTABLE(u)->reset_failed(u);
3743
3744 RATELIMIT_RESET(u->start_limit);
3745 u->start_limit_hit = false;
3746 }
3747
3748 Unit *unit_following(Unit *u) {
3749 assert(u);
3750
3751 if (UNIT_VTABLE(u)->following)
3752 return UNIT_VTABLE(u)->following(u);
3753
3754 return NULL;
3755 }
3756
3757 bool unit_stop_pending(Unit *u) {
3758 assert(u);
3759
3760 /* This call does check the current state of the unit. It's
3761 * hence useful to be called from state change calls of the
3762 * unit itself, where the state isn't updated yet. This is
3763 * different from unit_inactive_or_pending() which checks both
3764 * the current state and for a queued job. */
3765
3766 return u->job && u->job->type == JOB_STOP;
3767 }
3768
3769 bool unit_inactive_or_pending(Unit *u) {
3770 assert(u);
3771
3772 /* Returns true if the unit is inactive or going down */
3773
3774 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3775 return true;
3776
3777 if (unit_stop_pending(u))
3778 return true;
3779
3780 return false;
3781 }
3782
3783 bool unit_active_or_pending(Unit *u) {
3784 assert(u);
3785
3786 /* Returns true if the unit is active or going up */
3787
3788 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3789 return true;
3790
3791 if (u->job &&
3792 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3793 return true;
3794
3795 return false;
3796 }
3797
3798 bool unit_will_restart(Unit *u) {
3799 assert(u);
3800
3801 if (!UNIT_VTABLE(u)->will_restart)
3802 return false;
3803
3804 return UNIT_VTABLE(u)->will_restart(u);
3805 }
3806
3807 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3808 assert(u);
3809 assert(w >= 0 && w < _KILL_WHO_MAX);
3810 assert(SIGNAL_VALID(signo));
3811
3812 if (!UNIT_VTABLE(u)->kill)
3813 return -EOPNOTSUPP;
3814
3815 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3816 }
3817
3818 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3819 Set *pid_set;
3820 int r;
3821
3822 pid_set = set_new(NULL);
3823 if (!pid_set)
3824 return NULL;
3825
3826 /* Exclude the main/control pids from being killed via the cgroup */
3827 if (main_pid > 0) {
3828 r = set_put(pid_set, PID_TO_PTR(main_pid));
3829 if (r < 0)
3830 goto fail;
3831 }
3832
3833 if (control_pid > 0) {
3834 r = set_put(pid_set, PID_TO_PTR(control_pid));
3835 if (r < 0)
3836 goto fail;
3837 }
3838
3839 return pid_set;
3840
3841 fail:
3842 set_free(pid_set);
3843 return NULL;
3844 }
3845
3846 int unit_kill_common(
3847 Unit *u,
3848 KillWho who,
3849 int signo,
3850 pid_t main_pid,
3851 pid_t control_pid,
3852 sd_bus_error *error) {
3853
3854 int r = 0;
3855 bool killed = false;
3856
3857 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3858 if (main_pid < 0)
3859 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3860 else if (main_pid == 0)
3861 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3862 }
3863
3864 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3865 if (control_pid < 0)
3866 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3867 else if (control_pid == 0)
3868 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3869 }
3870
3871 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3872 if (control_pid > 0) {
3873 if (kill(control_pid, signo) < 0)
3874 r = -errno;
3875 else
3876 killed = true;
3877 }
3878
3879 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3880 if (main_pid > 0) {
3881 if (kill(main_pid, signo) < 0)
3882 r = -errno;
3883 else
3884 killed = true;
3885 }
3886
3887 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3888 _cleanup_set_free_ Set *pid_set = NULL;
3889 int q;
3890
3891 /* Exclude the main/control pids from being killed via the cgroup */
3892 pid_set = unit_pid_set(main_pid, control_pid);
3893 if (!pid_set)
3894 return -ENOMEM;
3895
3896 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3897 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3898 r = q;
3899 else
3900 killed = true;
3901 }
3902
3903 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3904 return -ESRCH;
3905
3906 return r;
3907 }
3908
3909 int unit_following_set(Unit *u, Set **s) {
3910 assert(u);
3911 assert(s);
3912
3913 if (UNIT_VTABLE(u)->following_set)
3914 return UNIT_VTABLE(u)->following_set(u, s);
3915
3916 *s = NULL;
3917 return 0;
3918 }
3919
3920 UnitFileState unit_get_unit_file_state(Unit *u) {
3921 int r;
3922
3923 assert(u);
3924
3925 if (u->unit_file_state < 0 && u->fragment_path) {
3926 r = unit_file_get_state(
3927 u->manager->unit_file_scope,
3928 NULL,
3929 basename(u->fragment_path),
3930 &u->unit_file_state);
3931 if (r < 0)
3932 u->unit_file_state = UNIT_FILE_BAD;
3933 }
3934
3935 return u->unit_file_state;
3936 }
3937
3938 int unit_get_unit_file_preset(Unit *u) {
3939 assert(u);
3940
3941 if (u->unit_file_preset < 0 && u->fragment_path)
3942 u->unit_file_preset = unit_file_query_preset(
3943 u->manager->unit_file_scope,
3944 NULL,
3945 basename(u->fragment_path));
3946
3947 return u->unit_file_preset;
3948 }
3949
3950 Unit* unit_ref_set(UnitRef *ref, Unit *u) {
3951 assert(ref);
3952 assert(u);
3953
3954 if (ref->unit)
3955 unit_ref_unset(ref);
3956
3957 ref->unit = u;
3958 LIST_PREPEND(refs, u->refs, ref);
3959 return u;
3960 }
3961
3962 void unit_ref_unset(UnitRef *ref) {
3963 assert(ref);
3964
3965 if (!ref->unit)
3966 return;
3967
3968 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3969 * be unreferenced now. */
3970 unit_add_to_gc_queue(ref->unit);
3971
3972 LIST_REMOVE(refs, ref->unit->refs, ref);
3973 ref->unit = NULL;
3974 }
3975
3976 static int user_from_unit_name(Unit *u, char **ret) {
3977
3978 static const uint8_t hash_key[] = {
3979 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3980 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3981 };
3982
3983 _cleanup_free_ char *n = NULL;
3984 int r;
3985
3986 r = unit_name_to_prefix(u->id, &n);
3987 if (r < 0)
3988 return r;
3989
3990 if (valid_user_group_name(n)) {
3991 *ret = n;
3992 n = NULL;
3993 return 0;
3994 }
3995
3996 /* If we can't use the unit name as a user name, then let's hash it and use that */
3997 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3998 return -ENOMEM;
3999
4000 return 0;
4001 }
4002
4003 int unit_patch_contexts(Unit *u) {
4004 CGroupContext *cc;
4005 ExecContext *ec;
4006 unsigned i;
4007 int r;
4008
4009 assert(u);
4010
4011 /* Patch in the manager defaults into the exec and cgroup
4012 * contexts, _after_ the rest of the settings have been
4013 * initialized */
4014
4015 ec = unit_get_exec_context(u);
4016 if (ec) {
4017 /* This only copies in the ones that need memory */
4018 for (i = 0; i < _RLIMIT_MAX; i++)
4019 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4020 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4021 if (!ec->rlimit[i])
4022 return -ENOMEM;
4023 }
4024
4025 if (MANAGER_IS_USER(u->manager) &&
4026 !ec->working_directory) {
4027
4028 r = get_home_dir(&ec->working_directory);
4029 if (r < 0)
4030 return r;
4031
4032 /* Allow user services to run, even if the
4033 * home directory is missing */
4034 ec->working_directory_missing_ok = true;
4035 }
4036
4037 if (ec->private_devices)
4038 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4039
4040 if (ec->protect_kernel_modules)
4041 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4042
4043 if (ec->dynamic_user) {
4044 if (!ec->user) {
4045 r = user_from_unit_name(u, &ec->user);
4046 if (r < 0)
4047 return r;
4048 }
4049
4050 if (!ec->group) {
4051 ec->group = strdup(ec->user);
4052 if (!ec->group)
4053 return -ENOMEM;
4054 }
4055
4056 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4057 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4058
4059 ec->private_tmp = true;
4060 ec->remove_ipc = true;
4061 ec->protect_system = PROTECT_SYSTEM_STRICT;
4062 if (ec->protect_home == PROTECT_HOME_NO)
4063 ec->protect_home = PROTECT_HOME_READ_ONLY;
4064 }
4065 }
4066
4067 cc = unit_get_cgroup_context(u);
4068 if (cc) {
4069
4070 if (ec &&
4071 ec->private_devices &&
4072 cc->device_policy == CGROUP_AUTO)
4073 cc->device_policy = CGROUP_CLOSED;
4074 }
4075
4076 return 0;
4077 }
4078
4079 ExecContext *unit_get_exec_context(Unit *u) {
4080 size_t offset;
4081 assert(u);
4082
4083 if (u->type < 0)
4084 return NULL;
4085
4086 offset = UNIT_VTABLE(u)->exec_context_offset;
4087 if (offset <= 0)
4088 return NULL;
4089
4090 return (ExecContext*) ((uint8_t*) u + offset);
4091 }
4092
4093 KillContext *unit_get_kill_context(Unit *u) {
4094 size_t offset;
4095 assert(u);
4096
4097 if (u->type < 0)
4098 return NULL;
4099
4100 offset = UNIT_VTABLE(u)->kill_context_offset;
4101 if (offset <= 0)
4102 return NULL;
4103
4104 return (KillContext*) ((uint8_t*) u + offset);
4105 }
4106
4107 CGroupContext *unit_get_cgroup_context(Unit *u) {
4108 size_t offset;
4109
4110 if (u->type < 0)
4111 return NULL;
4112
4113 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4114 if (offset <= 0)
4115 return NULL;
4116
4117 return (CGroupContext*) ((uint8_t*) u + offset);
4118 }
4119
4120 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4121 size_t offset;
4122
4123 if (u->type < 0)
4124 return NULL;
4125
4126 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4127 if (offset <= 0)
4128 return NULL;
4129
4130 return *(ExecRuntime**) ((uint8_t*) u + offset);
4131 }
4132
4133 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4134 assert(u);
4135
4136 if (UNIT_WRITE_FLAGS_NOOP(flags))
4137 return NULL;
4138
4139 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4140 return u->manager->lookup_paths.transient;
4141
4142 if (flags & UNIT_PERSISTENT)
4143 return u->manager->lookup_paths.persistent_control;
4144
4145 if (flags & UNIT_RUNTIME)
4146 return u->manager->lookup_paths.runtime_control;
4147
4148 return NULL;
4149 }
4150
4151 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4152 char *ret = NULL;
4153
4154 if (!s)
4155 return NULL;
4156
4157 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4158 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4159 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4160 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4161 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4162 * allocations. */
4163
4164 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4165 ret = specifier_escape(s);
4166 if (!ret)
4167 return NULL;
4168
4169 s = ret;
4170 }
4171
4172 if (flags & UNIT_ESCAPE_C) {
4173 char *a;
4174
4175 a = cescape(s);
4176 free(ret);
4177 if (!a)
4178 return NULL;
4179
4180 ret = a;
4181 }
4182
4183 if (buf) {
4184 *buf = ret;
4185 return ret ?: (char*) s;
4186 }
4187
4188 return ret ?: strdup(s);
4189 }
4190
4191 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4192 _cleanup_free_ char *result = NULL;
4193 size_t n = 0, allocated = 0;
4194 char **i, *ret;
4195
4196 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4197 * way suitable for ExecStart= stanzas */
4198
4199 STRV_FOREACH(i, l) {
4200 _cleanup_free_ char *buf = NULL;
4201 const char *p;
4202 size_t a;
4203 char *q;
4204
4205 p = unit_escape_setting(*i, flags, &buf);
4206 if (!p)
4207 return NULL;
4208
4209 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4210 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4211 return NULL;
4212
4213 q = result + n;
4214 if (n > 0)
4215 *(q++) = ' ';
4216
4217 *(q++) = '"';
4218 q = stpcpy(q, p);
4219 *(q++) = '"';
4220
4221 n += a;
4222 }
4223
4224 if (!GREEDY_REALLOC(result, allocated, n + 1))
4225 return NULL;
4226
4227 result[n] = 0;
4228
4229 ret = result;
4230 result = NULL;
4231
4232 return ret;
4233 }
4234
4235 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4236 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4237 const char *dir, *wrapped;
4238 int r;
4239
4240 assert(u);
4241 assert(name);
4242 assert(data);
4243
4244 if (UNIT_WRITE_FLAGS_NOOP(flags))
4245 return 0;
4246
4247 data = unit_escape_setting(data, flags, &escaped);
4248 if (!data)
4249 return -ENOMEM;
4250
4251 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4252 * previous section header is the same */
4253
4254 if (flags & UNIT_PRIVATE) {
4255 if (!UNIT_VTABLE(u)->private_section)
4256 return -EINVAL;
4257
4258 if (!u->transient_file || u->last_section_private < 0)
4259 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4260 else if (u->last_section_private == 0)
4261 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4262 } else {
4263 if (!u->transient_file || u->last_section_private < 0)
4264 data = strjoina("[Unit]\n", data);
4265 else if (u->last_section_private > 0)
4266 data = strjoina("\n[Unit]\n", data);
4267 }
4268
4269 if (u->transient_file) {
4270 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4271 * write to the transient unit file. */
4272 fputs(data, u->transient_file);
4273
4274 if (!endswith(data, "\n"))
4275 fputc('\n', u->transient_file);
4276
4277 /* Remember which section we wrote this entry to */
4278 u->last_section_private = !!(flags & UNIT_PRIVATE);
4279 return 0;
4280 }
4281
4282 dir = unit_drop_in_dir(u, flags);
4283 if (!dir)
4284 return -EINVAL;
4285
4286 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4287 "# or an equivalent operation. Do not edit.\n",
4288 data,
4289 "\n");
4290
4291 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4292 if (r < 0)
4293 return r;
4294
4295 (void) mkdir_p_label(p, 0755);
4296 r = write_string_file_atomic_label(q, wrapped);
4297 if (r < 0)
4298 return r;
4299
4300 r = strv_push(&u->dropin_paths, q);
4301 if (r < 0)
4302 return r;
4303 q = NULL;
4304
4305 strv_uniq(u->dropin_paths);
4306
4307 u->dropin_mtime = now(CLOCK_REALTIME);
4308
4309 return 0;
4310 }
4311
4312 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4313 _cleanup_free_ char *p = NULL;
4314 va_list ap;
4315 int r;
4316
4317 assert(u);
4318 assert(name);
4319 assert(format);
4320
4321 if (UNIT_WRITE_FLAGS_NOOP(flags))
4322 return 0;
4323
4324 va_start(ap, format);
4325 r = vasprintf(&p, format, ap);
4326 va_end(ap);
4327
4328 if (r < 0)
4329 return -ENOMEM;
4330
4331 return unit_write_setting(u, flags, name, p);
4332 }
4333
4334 int unit_make_transient(Unit *u) {
4335 _cleanup_free_ char *path = NULL;
4336 FILE *f;
4337
4338 assert(u);
4339
4340 if (!UNIT_VTABLE(u)->can_transient)
4341 return -EOPNOTSUPP;
4342
4343 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4344
4345 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4346 if (!path)
4347 return -ENOMEM;
4348
4349 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4350 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4351
4352 RUN_WITH_UMASK(0022) {
4353 f = fopen(path, "we");
4354 if (!f)
4355 return -errno;
4356 }
4357
4358 safe_fclose(u->transient_file);
4359 u->transient_file = f;
4360
4361 free_and_replace(u->fragment_path, path);
4362
4363 u->source_path = mfree(u->source_path);
4364 u->dropin_paths = strv_free(u->dropin_paths);
4365 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4366
4367 u->load_state = UNIT_STUB;
4368 u->load_error = 0;
4369 u->transient = true;
4370
4371 unit_add_to_dbus_queue(u);
4372 unit_add_to_gc_queue(u);
4373
4374 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4375 u->transient_file);
4376
4377 return 0;
4378 }
4379
4380 static void log_kill(pid_t pid, int sig, void *userdata) {
4381 _cleanup_free_ char *comm = NULL;
4382
4383 (void) get_process_comm(pid, &comm);
4384
4385 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4386 only, like for example systemd's own PAM stub process. */
4387 if (comm && comm[0] == '(')
4388 return;
4389
4390 log_unit_notice(userdata,
4391 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4392 pid,
4393 strna(comm),
4394 signal_to_string(sig));
4395 }
4396
4397 static int operation_to_signal(KillContext *c, KillOperation k) {
4398 assert(c);
4399
4400 switch (k) {
4401
4402 case KILL_TERMINATE:
4403 case KILL_TERMINATE_AND_LOG:
4404 return c->kill_signal;
4405
4406 case KILL_KILL:
4407 return SIGKILL;
4408
4409 case KILL_ABORT:
4410 return SIGABRT;
4411
4412 default:
4413 assert_not_reached("KillOperation unknown");
4414 }
4415 }
4416
4417 int unit_kill_context(
4418 Unit *u,
4419 KillContext *c,
4420 KillOperation k,
4421 pid_t main_pid,
4422 pid_t control_pid,
4423 bool main_pid_alien) {
4424
4425 bool wait_for_exit = false, send_sighup;
4426 cg_kill_log_func_t log_func = NULL;
4427 int sig, r;
4428
4429 assert(u);
4430 assert(c);
4431
4432 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4433 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4434
4435 if (c->kill_mode == KILL_NONE)
4436 return 0;
4437
4438 sig = operation_to_signal(c, k);
4439
4440 send_sighup =
4441 c->send_sighup &&
4442 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4443 sig != SIGHUP;
4444
4445 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4446 log_func = log_kill;
4447
4448 if (main_pid > 0) {
4449 if (log_func)
4450 log_func(main_pid, sig, u);
4451
4452 r = kill_and_sigcont(main_pid, sig);
4453 if (r < 0 && r != -ESRCH) {
4454 _cleanup_free_ char *comm = NULL;
4455 (void) get_process_comm(main_pid, &comm);
4456
4457 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4458 } else {
4459 if (!main_pid_alien)
4460 wait_for_exit = true;
4461
4462 if (r != -ESRCH && send_sighup)
4463 (void) kill(main_pid, SIGHUP);
4464 }
4465 }
4466
4467 if (control_pid > 0) {
4468 if (log_func)
4469 log_func(control_pid, sig, u);
4470
4471 r = kill_and_sigcont(control_pid, sig);
4472 if (r < 0 && r != -ESRCH) {
4473 _cleanup_free_ char *comm = NULL;
4474 (void) get_process_comm(control_pid, &comm);
4475
4476 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4477 } else {
4478 wait_for_exit = true;
4479
4480 if (r != -ESRCH && send_sighup)
4481 (void) kill(control_pid, SIGHUP);
4482 }
4483 }
4484
4485 if (u->cgroup_path &&
4486 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4487 _cleanup_set_free_ Set *pid_set = NULL;
4488
4489 /* Exclude the main/control pids from being killed via the cgroup */
4490 pid_set = unit_pid_set(main_pid, control_pid);
4491 if (!pid_set)
4492 return -ENOMEM;
4493
4494 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4495 sig,
4496 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4497 pid_set,
4498 log_func, u);
4499 if (r < 0) {
4500 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4501 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4502
4503 } else if (r > 0) {
4504
4505 /* FIXME: For now, on the legacy hierarchy, we
4506 * will not wait for the cgroup members to die
4507 * if we are running in a container or if this
4508 * is a delegation unit, simply because cgroup
4509 * notification is unreliable in these
4510 * cases. It doesn't work at all in
4511 * containers, and outside of containers it
4512 * can be confused easily by left-over
4513 * directories in the cgroup — which however
4514 * should not exist in non-delegated units. On
4515 * the unified hierarchy that's different,
4516 * there we get proper events. Hence rely on
4517 * them. */
4518
4519 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4520 (detect_container() == 0 && !UNIT_CGROUP_BOOL(u, delegate)))
4521 wait_for_exit = true;
4522
4523 if (send_sighup) {
4524 set_free(pid_set);
4525
4526 pid_set = unit_pid_set(main_pid, control_pid);
4527 if (!pid_set)
4528 return -ENOMEM;
4529
4530 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4531 SIGHUP,
4532 CGROUP_IGNORE_SELF,
4533 pid_set,
4534 NULL, NULL);
4535 }
4536 }
4537 }
4538
4539 return wait_for_exit;
4540 }
4541
4542 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4543 char prefix[strlen(path) + 1], *p;
4544 UnitDependencyInfo di;
4545 int r;
4546
4547 assert(u);
4548 assert(path);
4549
4550 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4551 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4552 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4553 * determine which units to make themselves a dependency of. */
4554
4555 if (!path_is_absolute(path))
4556 return -EINVAL;
4557
4558 r = hashmap_ensure_allocated(&u->requires_mounts_for, &string_hash_ops);
4559 if (r < 0)
4560 return r;
4561
4562 p = strdup(path);
4563 if (!p)
4564 return -ENOMEM;
4565
4566 path_kill_slashes(p);
4567
4568 if (!path_is_normalized(p)) {
4569 free(p);
4570 return -EPERM;
4571 }
4572
4573 if (hashmap_contains(u->requires_mounts_for, p)) {
4574 free(p);
4575 return 0;
4576 }
4577
4578 di = (UnitDependencyInfo) {
4579 .origin_mask = mask
4580 };
4581
4582 r = hashmap_put(u->requires_mounts_for, p, di.data);
4583 if (r < 0) {
4584 free(p);
4585 return r;
4586 }
4587
4588 PATH_FOREACH_PREFIX_MORE(prefix, p) {
4589 Set *x;
4590
4591 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4592 if (!x) {
4593 char *q;
4594
4595 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &string_hash_ops);
4596 if (r < 0)
4597 return r;
4598
4599 q = strdup(prefix);
4600 if (!q)
4601 return -ENOMEM;
4602
4603 x = set_new(NULL);
4604 if (!x) {
4605 free(q);
4606 return -ENOMEM;
4607 }
4608
4609 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4610 if (r < 0) {
4611 free(q);
4612 set_free(x);
4613 return r;
4614 }
4615 }
4616
4617 r = set_put(x, u);
4618 if (r < 0)
4619 return r;
4620 }
4621
4622 return 0;
4623 }
4624
4625 int unit_setup_exec_runtime(Unit *u) {
4626 ExecRuntime **rt;
4627 size_t offset;
4628 Unit *other;
4629 Iterator i;
4630 void *v;
4631
4632 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4633 assert(offset > 0);
4634
4635 /* Check if there already is an ExecRuntime for this unit? */
4636 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4637 if (*rt)
4638 return 0;
4639
4640 /* Try to get it from somebody else */
4641 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4642
4643 *rt = unit_get_exec_runtime(other);
4644 if (*rt) {
4645 exec_runtime_ref(*rt);
4646 return 0;
4647 }
4648 }
4649
4650 return exec_runtime_make(rt, unit_get_exec_context(u), u->id);
4651 }
4652
4653 int unit_setup_dynamic_creds(Unit *u) {
4654 ExecContext *ec;
4655 DynamicCreds *dcreds;
4656 size_t offset;
4657
4658 assert(u);
4659
4660 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4661 assert(offset > 0);
4662 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4663
4664 ec = unit_get_exec_context(u);
4665 assert(ec);
4666
4667 if (!ec->dynamic_user)
4668 return 0;
4669
4670 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4671 }
4672
4673 bool unit_type_supported(UnitType t) {
4674 if (_unlikely_(t < 0))
4675 return false;
4676 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4677 return false;
4678
4679 if (!unit_vtable[t]->supported)
4680 return true;
4681
4682 return unit_vtable[t]->supported();
4683 }
4684
4685 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4686 int r;
4687
4688 assert(u);
4689 assert(where);
4690
4691 r = dir_is_empty(where);
4692 if (r > 0)
4693 return;
4694 if (r < 0) {
4695 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4696 return;
4697 }
4698
4699 log_struct(LOG_NOTICE,
4700 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4701 LOG_UNIT_ID(u),
4702 LOG_UNIT_INVOCATION_ID(u),
4703 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4704 "WHERE=%s", where,
4705 NULL);
4706 }
4707
4708 int unit_fail_if_symlink(Unit *u, const char* where) {
4709 int r;
4710
4711 assert(u);
4712 assert(where);
4713
4714 r = is_symlink(where);
4715 if (r < 0) {
4716 log_unit_debug_errno(u, r, "Failed to check symlink %s, ignoring: %m", where);
4717 return 0;
4718 }
4719 if (r == 0)
4720 return 0;
4721
4722 log_struct(LOG_ERR,
4723 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4724 LOG_UNIT_ID(u),
4725 LOG_UNIT_INVOCATION_ID(u),
4726 LOG_UNIT_MESSAGE(u, "Mount on symlink %s not allowed.", where),
4727 "WHERE=%s", where,
4728 NULL);
4729
4730 return -ELOOP;
4731 }
4732
4733 bool unit_is_pristine(Unit *u) {
4734 assert(u);
4735
4736 /* Check if the unit already exists or is already around,
4737 * in a number of different ways. Note that to cater for unit
4738 * types such as slice, we are generally fine with units that
4739 * are marked UNIT_LOADED even though nothing was
4740 * actually loaded, as those unit types don't require a file
4741 * on disk to validly load. */
4742
4743 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4744 u->fragment_path ||
4745 u->source_path ||
4746 !strv_isempty(u->dropin_paths) ||
4747 u->job ||
4748 u->merged_into);
4749 }
4750
4751 pid_t unit_control_pid(Unit *u) {
4752 assert(u);
4753
4754 if (UNIT_VTABLE(u)->control_pid)
4755 return UNIT_VTABLE(u)->control_pid(u);
4756
4757 return 0;
4758 }
4759
4760 pid_t unit_main_pid(Unit *u) {
4761 assert(u);
4762
4763 if (UNIT_VTABLE(u)->main_pid)
4764 return UNIT_VTABLE(u)->main_pid(u);
4765
4766 return 0;
4767 }
4768
4769 static void unit_unref_uid_internal(
4770 Unit *u,
4771 uid_t *ref_uid,
4772 bool destroy_now,
4773 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4774
4775 assert(u);
4776 assert(ref_uid);
4777 assert(_manager_unref_uid);
4778
4779 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4780 * gid_t are actually the same time, with the same validity rules.
4781 *
4782 * Drops a reference to UID/GID from a unit. */
4783
4784 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4785 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4786
4787 if (!uid_is_valid(*ref_uid))
4788 return;
4789
4790 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4791 *ref_uid = UID_INVALID;
4792 }
4793
4794 void unit_unref_uid(Unit *u, bool destroy_now) {
4795 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4796 }
4797
4798 void unit_unref_gid(Unit *u, bool destroy_now) {
4799 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4800 }
4801
4802 static int unit_ref_uid_internal(
4803 Unit *u,
4804 uid_t *ref_uid,
4805 uid_t uid,
4806 bool clean_ipc,
4807 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4808
4809 int r;
4810
4811 assert(u);
4812 assert(ref_uid);
4813 assert(uid_is_valid(uid));
4814 assert(_manager_ref_uid);
4815
4816 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4817 * are actually the same type, and have the same validity rules.
4818 *
4819 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4820 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4821 * drops to zero. */
4822
4823 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4824 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4825
4826 if (*ref_uid == uid)
4827 return 0;
4828
4829 if (uid_is_valid(*ref_uid)) /* Already set? */
4830 return -EBUSY;
4831
4832 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4833 if (r < 0)
4834 return r;
4835
4836 *ref_uid = uid;
4837 return 1;
4838 }
4839
4840 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4841 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4842 }
4843
4844 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4845 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4846 }
4847
4848 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4849 int r = 0, q = 0;
4850
4851 assert(u);
4852
4853 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4854
4855 if (uid_is_valid(uid)) {
4856 r = unit_ref_uid(u, uid, clean_ipc);
4857 if (r < 0)
4858 return r;
4859 }
4860
4861 if (gid_is_valid(gid)) {
4862 q = unit_ref_gid(u, gid, clean_ipc);
4863 if (q < 0) {
4864 if (r > 0)
4865 unit_unref_uid(u, false);
4866
4867 return q;
4868 }
4869 }
4870
4871 return r > 0 || q > 0;
4872 }
4873
4874 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4875 ExecContext *c;
4876 int r;
4877
4878 assert(u);
4879
4880 c = unit_get_exec_context(u);
4881
4882 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4883 if (r < 0)
4884 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4885
4886 return r;
4887 }
4888
4889 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4890 assert(u);
4891
4892 unit_unref_uid(u, destroy_now);
4893 unit_unref_gid(u, destroy_now);
4894 }
4895
4896 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4897 int r;
4898
4899 assert(u);
4900
4901 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4902 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4903 * objects when no service references the UID/GID anymore. */
4904
4905 r = unit_ref_uid_gid(u, uid, gid);
4906 if (r > 0)
4907 bus_unit_send_change_signal(u);
4908 }
4909
4910 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4911 int r;
4912
4913 assert(u);
4914
4915 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4916
4917 if (sd_id128_equal(u->invocation_id, id))
4918 return 0;
4919
4920 if (!sd_id128_is_null(u->invocation_id))
4921 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4922
4923 if (sd_id128_is_null(id)) {
4924 r = 0;
4925 goto reset;
4926 }
4927
4928 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4929 if (r < 0)
4930 goto reset;
4931
4932 u->invocation_id = id;
4933 sd_id128_to_string(id, u->invocation_id_string);
4934
4935 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4936 if (r < 0)
4937 goto reset;
4938
4939 return 0;
4940
4941 reset:
4942 u->invocation_id = SD_ID128_NULL;
4943 u->invocation_id_string[0] = 0;
4944 return r;
4945 }
4946
4947 int unit_acquire_invocation_id(Unit *u) {
4948 sd_id128_t id;
4949 int r;
4950
4951 assert(u);
4952
4953 r = sd_id128_randomize(&id);
4954 if (r < 0)
4955 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4956
4957 r = unit_set_invocation_id(u, id);
4958 if (r < 0)
4959 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4960
4961 return 0;
4962 }
4963
4964 void unit_set_exec_params(Unit *u, ExecParameters *p) {
4965 assert(u);
4966 assert(p);
4967
4968 p->cgroup_path = u->cgroup_path;
4969 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, UNIT_CGROUP_BOOL(u, delegate));
4970 }
4971
4972 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
4973 int r;
4974
4975 assert(u);
4976 assert(ret);
4977
4978 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4979 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4980
4981 (void) unit_realize_cgroup(u);
4982
4983 r = safe_fork(name, FORK_REOPEN_LOG, ret);
4984 if (r != 0)
4985 return r;
4986
4987 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
4988 (void) ignore_signals(SIGPIPE, -1);
4989
4990 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
4991
4992 if (u->cgroup_path) {
4993 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
4994 if (r < 0) {
4995 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
4996 _exit(EXIT_CGROUP);
4997 }
4998 }
4999
5000 return 0;
5001 }
5002
5003 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5004 assert(u);
5005 assert(d >= 0);
5006 assert(d < _UNIT_DEPENDENCY_MAX);
5007 assert(other);
5008
5009 if (di.origin_mask == 0 && di.destination_mask == 0) {
5010 /* No bit set anymore, let's drop the whole entry */
5011 assert_se(hashmap_remove(u->dependencies[d], other));
5012 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5013 } else
5014 /* Mask was reduced, let's update the entry */
5015 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5016 }
5017
5018 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5019 UnitDependency d;
5020
5021 assert(u);
5022
5023 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5024
5025 if (mask == 0)
5026 return;
5027
5028 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5029 bool done;
5030
5031 do {
5032 UnitDependencyInfo di;
5033 Unit *other;
5034 Iterator i;
5035
5036 done = true;
5037
5038 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5039 UnitDependency q;
5040
5041 if ((di.origin_mask & ~mask) == di.origin_mask)
5042 continue;
5043 di.origin_mask &= ~mask;
5044 unit_update_dependency_mask(u, d, other, di);
5045
5046 /* We updated the dependency from our unit to the other unit now. But most dependencies
5047 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5048 * all dependency types on the other unit and delete all those which point to us and
5049 * have the right mask set. */
5050
5051 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5052 UnitDependencyInfo dj;
5053
5054 dj.data = hashmap_get(other->dependencies[q], u);
5055 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5056 continue;
5057 dj.destination_mask &= ~mask;
5058
5059 unit_update_dependency_mask(other, q, u, dj);
5060 }
5061
5062 unit_add_to_gc_queue(other);
5063
5064 done = false;
5065 break;
5066 }
5067
5068 } while (!done);
5069 }
5070 }
5071
5072 static int unit_export_invocation_id(Unit *u) {
5073 const char *p;
5074 int r;
5075
5076 assert(u);
5077
5078 if (u->exported_invocation_id)
5079 return 0;
5080
5081 if (sd_id128_is_null(u->invocation_id))
5082 return 0;
5083
5084 p = strjoina("/run/systemd/units/invocation:", u->id);
5085 r = symlink_atomic(u->invocation_id_string, p);
5086 if (r < 0)
5087 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5088
5089 u->exported_invocation_id = true;
5090 return 0;
5091 }
5092
5093 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5094 const char *p;
5095 char buf[2];
5096 int r;
5097
5098 assert(u);
5099 assert(c);
5100
5101 if (u->exported_log_level_max)
5102 return 0;
5103
5104 if (c->log_level_max < 0)
5105 return 0;
5106
5107 assert(c->log_level_max <= 7);
5108
5109 buf[0] = '0' + c->log_level_max;
5110 buf[1] = 0;
5111
5112 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5113 r = symlink_atomic(buf, p);
5114 if (r < 0)
5115 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5116
5117 u->exported_log_level_max = true;
5118 return 0;
5119 }
5120
5121 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5122 _cleanup_close_ int fd = -1;
5123 struct iovec *iovec;
5124 const char *p;
5125 char *pattern;
5126 le64_t *sizes;
5127 ssize_t n;
5128 size_t i;
5129 int r;
5130
5131 if (u->exported_log_extra_fields)
5132 return 0;
5133
5134 if (c->n_log_extra_fields <= 0)
5135 return 0;
5136
5137 sizes = newa(le64_t, c->n_log_extra_fields);
5138 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5139
5140 for (i = 0; i < c->n_log_extra_fields; i++) {
5141 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5142
5143 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5144 iovec[i*2+1] = c->log_extra_fields[i];
5145 }
5146
5147 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5148 pattern = strjoina(p, ".XXXXXX");
5149
5150 fd = mkostemp_safe(pattern);
5151 if (fd < 0)
5152 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5153
5154 n = writev(fd, iovec, c->n_log_extra_fields*2);
5155 if (n < 0) {
5156 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5157 goto fail;
5158 }
5159
5160 (void) fchmod(fd, 0644);
5161
5162 if (rename(pattern, p) < 0) {
5163 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5164 goto fail;
5165 }
5166
5167 u->exported_log_extra_fields = true;
5168 return 0;
5169
5170 fail:
5171 (void) unlink(pattern);
5172 return r;
5173 }
5174
5175 void unit_export_state_files(Unit *u) {
5176 const ExecContext *c;
5177
5178 assert(u);
5179
5180 if (!u->id)
5181 return;
5182
5183 if (!MANAGER_IS_SYSTEM(u->manager))
5184 return;
5185
5186 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5187 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5188 * the IPC system itself and PID 1 also log to the journal.
5189 *
5190 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5191 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5192 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5193 * namespace at least.
5194 *
5195 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5196 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5197 * them with one. */
5198
5199 (void) unit_export_invocation_id(u);
5200
5201 c = unit_get_exec_context(u);
5202 if (c) {
5203 (void) unit_export_log_level_max(u, c);
5204 (void) unit_export_log_extra_fields(u, c);
5205 }
5206 }
5207
5208 void unit_unlink_state_files(Unit *u) {
5209 const char *p;
5210
5211 assert(u);
5212
5213 if (!u->id)
5214 return;
5215
5216 if (!MANAGER_IS_SYSTEM(u->manager))
5217 return;
5218
5219 /* Undoes the effect of unit_export_state() */
5220
5221 if (u->exported_invocation_id) {
5222 p = strjoina("/run/systemd/units/invocation:", u->id);
5223 (void) unlink(p);
5224
5225 u->exported_invocation_id = false;
5226 }
5227
5228 if (u->exported_log_level_max) {
5229 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5230 (void) unlink(p);
5231
5232 u->exported_log_level_max = false;
5233 }
5234
5235 if (u->exported_log_extra_fields) {
5236 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5237 (void) unlink(p);
5238
5239 u->exported_log_extra_fields = false;
5240 }
5241 }
5242
5243 int unit_prepare_exec(Unit *u) {
5244 int r;
5245
5246 assert(u);
5247
5248 /* Prepares everything so that we can fork of a process for this unit */
5249
5250 (void) unit_realize_cgroup(u);
5251
5252 if (u->reset_accounting) {
5253 (void) unit_reset_cpu_accounting(u);
5254 (void) unit_reset_ip_accounting(u);
5255 u->reset_accounting = false;
5256 }
5257
5258 unit_export_state_files(u);
5259
5260 r = unit_setup_exec_runtime(u);
5261 if (r < 0)
5262 return r;
5263
5264 r = unit_setup_dynamic_creds(u);
5265 if (r < 0)
5266 return r;
5267
5268 return 0;
5269 }
5270
5271 static void log_leftover(pid_t pid, int sig, void *userdata) {
5272 _cleanup_free_ char *comm = NULL;
5273
5274 (void) get_process_comm(pid, &comm);
5275
5276 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5277 return;
5278
5279 log_unit_warning(userdata,
5280 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5281 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5282 pid, strna(comm));
5283 }
5284
5285 void unit_warn_leftover_processes(Unit *u) {
5286 assert(u);
5287
5288 (void) unit_pick_cgroup_path(u);
5289
5290 if (!u->cgroup_path)
5291 return;
5292
5293 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5294 }
5295
5296 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5297 [COLLECT_INACTIVE] = "inactive",
5298 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5299 };
5300
5301 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.