1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
9 #include "sd-messages.h"
11 #include "all-units.h"
12 #include "alloc-util.h"
13 #include "bpf-firewall.h"
14 #include "bpf-foreign.h"
15 #include "bpf-socket-bind.h"
16 #include "bus-common-errors.h"
18 #include "cgroup-setup.h"
19 #include "cgroup-util.h"
20 #include "core-varlink.h"
21 #include "dbus-unit.h"
27 #include "fileio-label.h"
29 #include "format-util.h"
30 #include "id128-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
38 #include "missing_audit.h"
40 #include "path-util.h"
41 #include "process-util.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
53 #include "terminal-util.h"
54 #include "tmpfile-util.h"
55 #include "umask-util.h"
56 #include "unit-name.h"
58 #include "user-util.h"
64 /* Thresholds for logging at INFO level about resource consumption */
65 #define MENTIONWORTHY_CPU_NSEC (1 * NSEC_PER_SEC)
66 #define MENTIONWORTHY_IO_BYTES (1024 * 1024ULL)
67 #define MENTIONWORTHY_IP_BYTES (0ULL)
69 /* Thresholds for logging at INFO level about resource consumption */
70 #define NOTICEWORTHY_CPU_NSEC (10*60 * NSEC_PER_SEC) /* 10 minutes */
71 #define NOTICEWORTHY_IO_BYTES (10 * 1024 * 1024ULL) /* 10 MB */
72 #define NOTICEWORTHY_IP_BYTES (128 * 1024 * 1024ULL) /* 128 MB */
74 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
75 [UNIT_SERVICE
] = &service_vtable
,
76 [UNIT_SOCKET
] = &socket_vtable
,
77 [UNIT_TARGET
] = &target_vtable
,
78 [UNIT_DEVICE
] = &device_vtable
,
79 [UNIT_MOUNT
] = &mount_vtable
,
80 [UNIT_AUTOMOUNT
] = &automount_vtable
,
81 [UNIT_SWAP
] = &swap_vtable
,
82 [UNIT_TIMER
] = &timer_vtable
,
83 [UNIT_PATH
] = &path_vtable
,
84 [UNIT_SLICE
] = &slice_vtable
,
85 [UNIT_SCOPE
] = &scope_vtable
,
88 Unit
* unit_new(Manager
*m
, size_t size
) {
92 assert(size
>= sizeof(Unit
));
99 u
->type
= _UNIT_TYPE_INVALID
;
100 u
->default_dependencies
= true;
101 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
102 u
->unit_file_preset
= -1;
103 u
->on_failure_job_mode
= JOB_REPLACE
;
104 u
->on_success_job_mode
= JOB_FAIL
;
105 u
->cgroup_control_inotify_wd
= -1;
106 u
->cgroup_memory_inotify_wd
= -1;
107 u
->job_timeout
= USEC_INFINITY
;
108 u
->job_running_timeout
= USEC_INFINITY
;
109 u
->ref_uid
= UID_INVALID
;
110 u
->ref_gid
= GID_INVALID
;
111 u
->cpu_usage_last
= NSEC_INFINITY
;
112 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
113 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
115 u
->ip_accounting_ingress_map_fd
= -1;
116 u
->ip_accounting_egress_map_fd
= -1;
117 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
118 u
->io_accounting_last
[i
] = UINT64_MAX
;
120 u
->ipv4_allow_map_fd
= -1;
121 u
->ipv6_allow_map_fd
= -1;
122 u
->ipv4_deny_map_fd
= -1;
123 u
->ipv6_deny_map_fd
= -1;
125 u
->last_section_private
= -1;
127 u
->start_ratelimit
= (RateLimit
) { m
->default_start_limit_interval
, m
->default_start_limit_burst
};
128 u
->auto_start_stop_ratelimit
= (RateLimit
) { 10 * USEC_PER_SEC
, 16 };
133 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
134 _cleanup_(unit_freep
) Unit
*u
= NULL
;
137 u
= unit_new(m
, size
);
141 r
= unit_add_name(u
, name
);
150 bool unit_has_name(const Unit
*u
, const char *name
) {
154 return streq_ptr(name
, u
->id
) ||
155 set_contains(u
->aliases
, name
);
158 static void unit_init(Unit
*u
) {
165 assert(u
->type
>= 0);
167 cc
= unit_get_cgroup_context(u
);
169 cgroup_context_init(cc
);
171 /* Copy in the manager defaults into the cgroup
172 * context, _before_ the rest of the settings have
173 * been initialized */
175 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
176 cc
->io_accounting
= u
->manager
->default_io_accounting
;
177 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
178 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
179 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
180 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
182 if (u
->type
!= UNIT_SLICE
)
183 cc
->tasks_max
= u
->manager
->default_tasks_max
;
186 ec
= unit_get_exec_context(u
);
188 exec_context_init(ec
);
190 if (u
->manager
->default_oom_score_adjust_set
) {
191 ec
->oom_score_adjust
= u
->manager
->default_oom_score_adjust
;
192 ec
->oom_score_adjust_set
= true;
195 if (MANAGER_IS_SYSTEM(u
->manager
))
196 ec
->keyring_mode
= EXEC_KEYRING_SHARED
;
198 ec
->keyring_mode
= EXEC_KEYRING_INHERIT
;
200 /* User manager might have its umask redefined by PAM or UMask=. In this
201 * case let the units it manages inherit this value by default. They can
202 * still tune this value through their own unit file */
203 (void) get_process_umask(getpid_cached(), &ec
->umask
);
207 kc
= unit_get_kill_context(u
);
209 kill_context_init(kc
);
211 if (UNIT_VTABLE(u
)->init
)
212 UNIT_VTABLE(u
)->init(u
);
215 static int unit_add_alias(Unit
*u
, char *donated_name
) {
218 /* Make sure that u->names is allocated. We may leave u->names
219 * empty if we fail later, but this is not a problem. */
220 r
= set_ensure_put(&u
->aliases
, &string_hash_ops
, donated_name
);
228 int unit_add_name(Unit
*u
, const char *text
) {
229 _cleanup_free_
char *name
= NULL
, *instance
= NULL
;
236 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
238 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
239 "instance is not set when adding name '%s': %m", text
);
241 r
= unit_name_replace_instance(text
, u
->instance
, &name
);
243 return log_unit_debug_errno(u
, r
,
244 "failed to build instance name from '%s': %m", text
);
251 if (unit_has_name(u
, name
))
254 if (hashmap_contains(u
->manager
->units
, name
))
255 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
256 "unit already exist when adding name '%s': %m", name
);
258 if (!unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
259 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
260 "name '%s' is invalid: %m", name
);
262 t
= unit_name_to_type(name
);
264 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
265 "failed to derive unit type from name '%s': %m", name
);
267 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
268 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
269 "unit type is illegal: u->type(%d) and t(%d) for name '%s': %m",
272 r
= unit_name_to_instance(name
, &instance
);
274 return log_unit_debug_errno(u
, r
, "failed to extract instance from name '%s': %m", name
);
276 if (instance
&& !unit_type_may_template(t
))
277 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
), "templates are not allowed for name '%s': %m", name
);
279 /* Ensure that this unit either has no instance, or that the instance matches. */
280 if (u
->type
!= _UNIT_TYPE_INVALID
&& !streq_ptr(u
->instance
, instance
))
281 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
282 "cannot add name %s, the instances don't match (\"%s\" != \"%s\").",
283 name
, instance
, u
->instance
);
285 if (u
->id
&& !unit_type_may_alias(t
))
286 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(EEXIST
),
287 "cannot add name %s, aliases are not allowed for %s units.",
288 name
, unit_type_to_string(t
));
290 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
291 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(E2BIG
), "cannot add name, manager has too many units: %m");
293 /* Add name to the global hashmap first, because that's easier to undo */
294 r
= hashmap_put(u
->manager
->units
, name
, u
);
296 return log_unit_debug_errno(u
, r
, "add unit to hashmap failed for name '%s': %m", text
);
299 r
= unit_add_alias(u
, name
); /* unit_add_alias() takes ownership of the name on success */
301 hashmap_remove(u
->manager
->units
, name
);
307 /* A new name, we don't need the set yet. */
308 assert(u
->type
== _UNIT_TYPE_INVALID
);
309 assert(!u
->instance
);
312 u
->id
= TAKE_PTR(name
);
313 u
->instance
= TAKE_PTR(instance
);
315 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
319 unit_add_to_dbus_queue(u
);
323 int unit_choose_id(Unit
*u
, const char *name
) {
324 _cleanup_free_
char *t
= NULL
;
331 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
335 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
342 if (streq_ptr(u
->id
, name
))
343 return 0; /* Nothing to do. */
345 /* Selects one of the aliases of this unit as the id */
346 s
= set_get(u
->aliases
, (char*) name
);
351 r
= set_remove_and_put(u
->aliases
, name
, u
->id
);
355 assert_se(set_remove(u
->aliases
, name
)); /* see set_get() above… */
357 u
->id
= s
; /* Old u->id is now stored in the set, and s is not stored anywhere */
358 unit_add_to_dbus_queue(u
);
363 int unit_set_description(Unit
*u
, const char *description
) {
368 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
372 unit_add_to_dbus_queue(u
);
377 bool unit_may_gc(Unit
*u
) {
378 UnitActiveState state
;
383 /* Checks whether the unit is ready to be unloaded for garbage collection.
384 * Returns true when the unit may be collected, and false if there's some
385 * reason to keep it loaded.
387 * References from other units are *not* checked here. Instead, this is done
388 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
397 state
= unit_active_state(u
);
399 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
400 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
401 UNIT_VTABLE(u
)->release_resources
)
402 UNIT_VTABLE(u
)->release_resources(u
);
407 if (sd_bus_track_count(u
->bus_track
) > 0)
410 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
411 switch (u
->collect_mode
) {
413 case COLLECT_INACTIVE
:
414 if (state
!= UNIT_INACTIVE
)
419 case COLLECT_INACTIVE_OR_FAILED
:
420 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
426 assert_not_reached();
429 if (u
->cgroup_path
) {
430 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
431 * around. Units with active processes should never be collected. */
433 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
435 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", empty_to_root(u
->cgroup_path
));
440 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
446 void unit_add_to_load_queue(Unit
*u
) {
448 assert(u
->type
!= _UNIT_TYPE_INVALID
);
450 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
453 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
454 u
->in_load_queue
= true;
457 void unit_add_to_cleanup_queue(Unit
*u
) {
460 if (u
->in_cleanup_queue
)
463 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
464 u
->in_cleanup_queue
= true;
467 void unit_add_to_gc_queue(Unit
*u
) {
470 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
476 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
477 u
->in_gc_queue
= true;
480 void unit_add_to_dbus_queue(Unit
*u
) {
482 assert(u
->type
!= _UNIT_TYPE_INVALID
);
484 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
487 /* Shortcut things if nobody cares */
488 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
489 sd_bus_track_count(u
->bus_track
) <= 0 &&
490 set_isempty(u
->manager
->private_buses
)) {
491 u
->sent_dbus_new_signal
= true;
495 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
496 u
->in_dbus_queue
= true;
499 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
502 if (u
->in_stop_when_unneeded_queue
)
505 if (!u
->stop_when_unneeded
)
508 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
511 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
512 u
->in_stop_when_unneeded_queue
= true;
515 void unit_submit_to_start_when_upheld_queue(Unit
*u
) {
518 if (u
->in_start_when_upheld_queue
)
521 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)))
524 if (!unit_has_dependency(u
, UNIT_ATOM_START_STEADILY
, NULL
))
527 LIST_PREPEND(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
528 u
->in_start_when_upheld_queue
= true;
531 void unit_submit_to_stop_when_bound_queue(Unit
*u
) {
534 if (u
->in_stop_when_bound_queue
)
537 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
540 if (!unit_has_dependency(u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
, NULL
))
543 LIST_PREPEND(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
544 u
->in_stop_when_bound_queue
= true;
547 static void unit_clear_dependencies(Unit
*u
) {
550 /* Removes all dependencies configured on u and their reverse dependencies. */
552 for (Hashmap
*deps
; (deps
= hashmap_steal_first(u
->dependencies
));) {
554 for (Unit
*other
; (other
= hashmap_steal_first_key(deps
));) {
557 HASHMAP_FOREACH(other_deps
, other
->dependencies
)
558 hashmap_remove(other_deps
, u
);
560 unit_add_to_gc_queue(other
);
566 u
->dependencies
= hashmap_free(u
->dependencies
);
569 static void unit_remove_transient(Unit
*u
) {
577 if (u
->fragment_path
)
578 (void) unlink(u
->fragment_path
);
580 STRV_FOREACH(i
, u
->dropin_paths
) {
581 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
583 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
587 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
591 /* Only drop transient drop-ins */
592 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
600 static void unit_free_requires_mounts_for(Unit
*u
) {
604 _cleanup_free_
char *path
= NULL
;
606 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
610 char s
[strlen(path
) + 1];
612 PATH_FOREACH_PREFIX_MORE(s
, path
) {
616 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
620 (void) set_remove(x
, u
);
622 if (set_isempty(x
)) {
623 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
631 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
634 static void unit_done(Unit
*u
) {
643 if (UNIT_VTABLE(u
)->done
)
644 UNIT_VTABLE(u
)->done(u
);
646 ec
= unit_get_exec_context(u
);
648 exec_context_done(ec
);
650 cc
= unit_get_cgroup_context(u
);
652 cgroup_context_done(cc
);
655 Unit
* unit_free(Unit
*u
) {
662 u
->transient_file
= safe_fclose(u
->transient_file
);
664 if (!MANAGER_IS_RELOADING(u
->manager
))
665 unit_remove_transient(u
);
667 bus_unit_send_removed_signal(u
);
671 unit_dequeue_rewatch_pids(u
);
673 sd_bus_slot_unref(u
->match_bus_slot
);
674 sd_bus_track_unref(u
->bus_track
);
675 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
676 u
->pending_freezer_message
= sd_bus_message_unref(u
->pending_freezer_message
);
678 unit_free_requires_mounts_for(u
);
680 SET_FOREACH(t
, u
->aliases
)
681 hashmap_remove_value(u
->manager
->units
, t
, u
);
683 hashmap_remove_value(u
->manager
->units
, u
->id
, u
);
685 if (!sd_id128_is_null(u
->invocation_id
))
686 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
700 /* A unit is being dropped from the tree, make sure our family is realized properly. Do this after we
701 * detach the unit from slice tree in order to eliminate its effect on controller masks. */
702 slice
= UNIT_GET_SLICE(u
);
703 unit_clear_dependencies(u
);
705 unit_add_family_to_cgroup_realize_queue(slice
);
708 manager_unref_console(u
->manager
);
711 fdset_free(u
->initial_socket_bind_link_fds
);
713 bpf_link_free(u
->ipv4_socket_bind_link
);
714 bpf_link_free(u
->ipv6_socket_bind_link
);
717 unit_release_cgroup(u
);
719 if (!MANAGER_IS_RELOADING(u
->manager
))
720 unit_unlink_state_files(u
);
722 unit_unref_uid_gid(u
, false);
724 (void) manager_update_failed_units(u
->manager
, u
, false);
725 set_remove(u
->manager
->startup_units
, u
);
727 unit_unwatch_all_pids(u
);
729 while (u
->refs_by_target
)
730 unit_ref_unset(u
->refs_by_target
);
732 if (u
->type
!= _UNIT_TYPE_INVALID
)
733 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
735 if (u
->in_load_queue
)
736 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
738 if (u
->in_dbus_queue
)
739 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
741 if (u
->in_cleanup_queue
)
742 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
745 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
747 if (u
->in_cgroup_realize_queue
)
748 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
750 if (u
->in_cgroup_empty_queue
)
751 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
753 if (u
->in_cgroup_oom_queue
)
754 LIST_REMOVE(cgroup_oom_queue
, u
->manager
->cgroup_oom_queue
, u
);
756 if (u
->in_target_deps_queue
)
757 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
759 if (u
->in_stop_when_unneeded_queue
)
760 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
762 if (u
->in_start_when_upheld_queue
)
763 LIST_REMOVE(start_when_upheld_queue
, u
->manager
->start_when_upheld_queue
, u
);
765 if (u
->in_stop_when_bound_queue
)
766 LIST_REMOVE(stop_when_bound_queue
, u
->manager
->stop_when_bound_queue
, u
);
768 bpf_firewall_close(u
);
770 hashmap_free(u
->bpf_foreign_by_key
);
772 bpf_program_unref(u
->bpf_device_control_installed
);
775 bpf_link_free(u
->restrict_ifaces_ingress_bpf_link
);
776 bpf_link_free(u
->restrict_ifaces_egress_bpf_link
);
778 fdset_free(u
->initial_restric_ifaces_link_fds
);
780 condition_free_list(u
->conditions
);
781 condition_free_list(u
->asserts
);
783 free(u
->description
);
784 strv_free(u
->documentation
);
785 free(u
->fragment_path
);
786 free(u
->source_path
);
787 strv_free(u
->dropin_paths
);
790 free(u
->job_timeout_reboot_arg
);
793 set_free_free(u
->aliases
);
799 FreezerState
unit_freezer_state(Unit
*u
) {
802 return u
->freezer_state
;
805 int unit_freezer_state_kernel(Unit
*u
, FreezerState
*ret
) {
806 char *values
[1] = {};
811 r
= cg_get_keyed_attribute(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, "cgroup.events",
812 STRV_MAKE("frozen"), values
);
816 r
= _FREEZER_STATE_INVALID
;
819 if (streq(values
[0], "0"))
821 else if (streq(values
[0], "1"))
831 UnitActiveState
unit_active_state(Unit
*u
) {
834 if (u
->load_state
== UNIT_MERGED
)
835 return unit_active_state(unit_follow_merge(u
));
837 /* After a reload it might happen that a unit is not correctly
838 * loaded but still has a process around. That's why we won't
839 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
841 return UNIT_VTABLE(u
)->active_state(u
);
844 const char* unit_sub_state_to_string(Unit
*u
) {
847 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
850 static int unit_merge_names(Unit
*u
, Unit
*other
) {
857 r
= unit_add_alias(u
, other
->id
);
861 r
= set_move(u
->aliases
, other
->aliases
);
863 set_remove(u
->aliases
, other
->id
);
868 other
->aliases
= set_free_free(other
->aliases
);
870 SET_FOREACH(name
, u
->aliases
)
871 assert_se(hashmap_replace(u
->manager
->units
, name
, u
) == 0);
876 static int unit_reserve_dependencies(Unit
*u
, Unit
*other
) {
885 /* Let's reserve some space in the dependency hashmaps so that later on merging the units cannot
888 * First make some room in the per dependency type hashmaps. Using the summed size of both unit's
889 * hashmaps is an estimate that is likely too high since they probably use some of the same
890 * types. But it's never too low, and that's all we need. */
892 n_reserve
= MIN(hashmap_size(other
->dependencies
), LESS_BY((size_t) _UNIT_DEPENDENCY_MAX
, hashmap_size(u
->dependencies
)));
894 r
= hashmap_ensure_allocated(&u
->dependencies
, NULL
);
898 r
= hashmap_reserve(u
->dependencies
, n_reserve
);
903 /* Now, enlarge our per dependency type hashmaps by the number of entries in the same hashmap of the
904 * other unit's dependencies.
906 * NB: If u does not have a dependency set allocated for some dependency type, there is no need to
907 * reserve anything for. In that case other's set will be transferred as a whole to u by
908 * complete_move(). */
910 HASHMAP_FOREACH_KEY(deps
, d
, u
->dependencies
) {
913 other_deps
= hashmap_get(other
->dependencies
, d
);
915 r
= hashmap_reserve(deps
, hashmap_size(other_deps
));
923 static void unit_maybe_warn_about_dependency(
925 const char *other_id
,
926 UnitDependency dependency
) {
930 /* Only warn about some unit types */
931 if (!IN_SET(dependency
,
942 if (streq_ptr(u
->id
, other_id
))
943 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
945 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other_id
), u
->id
);
948 static int unit_per_dependency_type_hashmap_update(
951 UnitDependencyMask origin_mask
,
952 UnitDependencyMask destination_mask
) {
954 UnitDependencyInfo info
;
958 assert_cc(sizeof(void*) == sizeof(info
));
960 /* Acquire the UnitDependencyInfo entry for the Unit* we are interested in, and update it if it
961 * exists, or insert it anew if not. */
963 info
.data
= hashmap_get(per_type
, other
);
965 /* Entry already exists. Add in our mask. */
967 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
968 FLAGS_SET(destination_mask
, info
.destination_mask
))
971 info
.origin_mask
|= origin_mask
;
972 info
.destination_mask
|= destination_mask
;
974 r
= hashmap_update(per_type
, other
, info
.data
);
976 info
= (UnitDependencyInfo
) {
977 .origin_mask
= origin_mask
,
978 .destination_mask
= destination_mask
,
981 r
= hashmap_put(per_type
, other
, info
.data
);
990 static int unit_add_dependency_hashmap(
991 Hashmap
**dependencies
,
994 UnitDependencyMask origin_mask
,
995 UnitDependencyMask destination_mask
) {
1000 assert(dependencies
);
1002 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1003 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
1004 assert(origin_mask
> 0 || destination_mask
> 0);
1006 /* Ensure the top-level dependency hashmap exists that maps UnitDependency → Hashmap(Unit* →
1007 * UnitDependencyInfo) */
1008 r
= hashmap_ensure_allocated(dependencies
, NULL
);
1012 /* Acquire the inner hashmap, that maps Unit* → UnitDependencyInfo, for the specified dependency
1013 * type, and if it's missing allocate it and insert it. */
1014 per_type
= hashmap_get(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
));
1016 per_type
= hashmap_new(NULL
);
1020 r
= hashmap_put(*dependencies
, UNIT_DEPENDENCY_TO_PTR(d
), per_type
);
1022 hashmap_free(per_type
);
1027 return unit_per_dependency_type_hashmap_update(per_type
, other
, origin_mask
, destination_mask
);
1030 static void unit_merge_dependencies(
1043 _cleanup_(hashmap_freep
) Hashmap
*other_deps
= NULL
;
1044 UnitDependencyInfo di_back
;
1046 void *dt
; /* Actually of type UnitDependency, except that we don't bother casting it here,
1047 * since the hashmaps all want it as void pointer. */
1049 /* Let's focus on one dependency type at a time, that 'other' has defined. */
1050 other_deps
= hashmap_steal_first_key_and_value(other
->dependencies
, &dt
);
1054 /* Now iterate through all dependencies of this dependency type, of 'other'. We refer to the
1055 * referenced units as 'back'. */
1056 HASHMAP_FOREACH_KEY(di_back
.data
, back
, other_deps
) {
1061 /* This is a dependency pointing back to the unit we want to merge with?
1062 * Suppress it (but warn) */
1063 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1067 /* Now iterate through all deps of 'back', and fix the ones pointing to 'other' to
1068 * point to 'u' instead. */
1069 HASHMAP_FOREACH_KEY(back_deps
, back_dt
, back
->dependencies
) {
1070 UnitDependencyInfo di_move
;
1072 di_move
.data
= hashmap_remove(back_deps
, other
);
1076 assert_se(unit_per_dependency_type_hashmap_update(
1079 di_move
.origin_mask
,
1080 di_move
.destination_mask
) >= 0);
1084 /* Now all references towards 'other' of the current type 'dt' are corrected to point to
1085 * 'u'. Lets's now move the deps of type 'dt' from 'other' to 'u'. First, let's try to move
1086 * them per type wholesale. */
1087 r
= hashmap_put(u
->dependencies
, dt
, other_deps
);
1091 /* The target unit already has dependencies of this type, let's then merge this individually. */
1093 assert_se(deps
= hashmap_get(u
->dependencies
, dt
));
1096 UnitDependencyInfo di_move
;
1099 di_move
.data
= hashmap_steal_first_key_and_value(other_deps
, (void**) &back
);
1103 /* Would point back to us, ignore */
1104 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1108 assert_se(unit_per_dependency_type_hashmap_update(deps
, back
, di_move
.origin_mask
, di_move
.destination_mask
) >= 0);
1112 TAKE_PTR(other_deps
);
1114 if (hashmap_remove(other_deps
, u
))
1115 unit_maybe_warn_about_dependency(u
, other
->id
, UNIT_DEPENDENCY_FROM_PTR(dt
));
1119 other
->dependencies
= hashmap_free(other
->dependencies
);
1122 int unit_merge(Unit
*u
, Unit
*other
) {
1127 assert(u
->manager
== other
->manager
);
1128 assert(u
->type
!= _UNIT_TYPE_INVALID
);
1130 other
= unit_follow_merge(other
);
1135 if (u
->type
!= other
->type
)
1138 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
1141 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
1144 if (!streq_ptr(u
->instance
, other
->instance
))
1153 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1156 /* Make reservations to ensure merge_dependencies() won't fail. We don't rollback reservations if we
1157 * fail. We don't have a way to undo reservations. A reservation is not a leak. */
1158 r
= unit_reserve_dependencies(u
, other
);
1163 r
= unit_merge_names(u
, other
);
1167 /* Redirect all references */
1168 while (other
->refs_by_target
)
1169 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
1171 /* Merge dependencies */
1172 unit_merge_dependencies(u
, other
);
1174 other
->load_state
= UNIT_MERGED
;
1175 other
->merged_into
= u
;
1177 /* If there is still some data attached to the other node, we
1178 * don't need it anymore, and can free it. */
1179 if (other
->load_state
!= UNIT_STUB
)
1180 if (UNIT_VTABLE(other
)->done
)
1181 UNIT_VTABLE(other
)->done(other
);
1183 unit_add_to_dbus_queue(u
);
1184 unit_add_to_cleanup_queue(other
);
1189 int unit_merge_by_name(Unit
*u
, const char *name
) {
1190 _cleanup_free_
char *s
= NULL
;
1194 /* Either add name to u, or if a unit with name already exists, merge it with u.
1195 * If name is a template, do the same for name@instance, where instance is u's instance. */
1200 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
1204 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
1211 other
= manager_get_unit(u
->manager
, name
);
1213 return unit_merge(u
, other
);
1215 return unit_add_name(u
, name
);
1218 Unit
* unit_follow_merge(Unit
*u
) {
1221 while (u
->load_state
== UNIT_MERGED
)
1222 assert_se(u
= u
->merged_into
);
1227 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
1233 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
1234 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
1239 if (c
->root_directory
) {
1240 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1245 if (c
->root_image
) {
1246 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1251 for (ExecDirectoryType dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1252 if (!u
->manager
->prefix
[dt
])
1256 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1257 _cleanup_free_
char *p
= NULL
;
1259 p
= path_join(u
->manager
->prefix
[dt
], *dp
);
1263 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1269 if (!MANAGER_IS_SYSTEM(u
->manager
))
1272 /* For the following three directory types we need write access, and /var/ is possibly on the root
1273 * fs. Hence order after systemd-remount-fs.service, to ensure things are writable. */
1274 if (!strv_isempty(c
->directories
[EXEC_DIRECTORY_STATE
].paths
) ||
1275 !strv_isempty(c
->directories
[EXEC_DIRECTORY_CACHE
].paths
) ||
1276 !strv_isempty(c
->directories
[EXEC_DIRECTORY_LOGS
].paths
)) {
1277 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_REMOUNT_FS_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1282 if (c
->private_tmp
) {
1284 /* FIXME: for now we make a special case for /tmp and add a weak dependency on
1285 * tmp.mount so /tmp being masked is supported. However there's no reason to treat
1286 * /tmp specifically and masking other mount units should be handled more
1287 * gracefully too, see PR#16894. */
1288 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "tmp.mount", true, UNIT_DEPENDENCY_FILE
);
1292 r
= unit_require_mounts_for(u
, "/var/tmp", UNIT_DEPENDENCY_FILE
);
1296 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1301 if (c
->root_image
) {
1302 /* We need to wait for /dev/loopX to appear when doing RootImage=, hence let's add an
1303 * implicit dependency on udev */
1305 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_UDEVD_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1310 if (!IN_SET(c
->std_output
,
1311 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1312 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1313 !IN_SET(c
->std_error
,
1314 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1315 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
) &&
1319 /* If syslog or kernel logging is requested (or log namespacing is), make sure our own logging daemon
1322 if (c
->log_namespace
) {
1323 _cleanup_free_
char *socket_unit
= NULL
, *varlink_socket_unit
= NULL
;
1325 r
= unit_name_build_from_type("systemd-journald", c
->log_namespace
, UNIT_SOCKET
, &socket_unit
);
1329 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1333 r
= unit_name_build_from_type("systemd-journald-varlink", c
->log_namespace
, UNIT_SOCKET
, &varlink_socket_unit
);
1337 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, varlink_socket_unit
, true, UNIT_DEPENDENCY_FILE
);
1341 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1348 const char* unit_description(Unit
*u
) {
1352 return u
->description
;
1354 return strna(u
->id
);
1357 const char* unit_status_string(Unit
*u
, char **ret_combined_buffer
) {
1361 /* Return u->id, u->description, or "{u->id} - {u->description}".
1362 * Versions with u->description are only used if it is set.
1363 * The last option is used if configured and the caller provided the 'ret_combined_buffer'
1366 * Note that *ret_combined_buffer may be set to NULL. */
1368 if (!u
->description
||
1369 u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
||
1370 (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& !ret_combined_buffer
) ||
1371 streq(u
->description
, u
->id
)) {
1373 if (ret_combined_buffer
)
1374 *ret_combined_buffer
= NULL
;
1378 if (ret_combined_buffer
) {
1379 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
) {
1380 *ret_combined_buffer
= strjoin(u
->id
, " - ", u
->description
);
1381 if (*ret_combined_buffer
)
1382 return *ret_combined_buffer
;
1383 log_oom(); /* Fall back to ->description */
1385 *ret_combined_buffer
= NULL
;
1388 return u
->description
;
1391 /* Common implementation for multiple backends */
1392 int unit_load_fragment_and_dropin(Unit
*u
, bool fragment_required
) {
1397 /* Load a .{service,socket,...} file */
1398 r
= unit_load_fragment(u
);
1402 if (u
->load_state
== UNIT_STUB
) {
1403 if (fragment_required
)
1406 u
->load_state
= UNIT_LOADED
;
1409 /* Load drop-in directory data. If u is an alias, we might be reloading the
1410 * target unit needlessly. But we cannot be sure which drops-ins have already
1411 * been loaded and which not, at least without doing complicated book-keeping,
1412 * so let's always reread all drop-ins. */
1413 r
= unit_load_dropin(unit_follow_merge(u
));
1417 if (u
->source_path
) {
1420 if (stat(u
->source_path
, &st
) >= 0)
1421 u
->source_mtime
= timespec_load(&st
.st_mtim
);
1423 u
->source_mtime
= 0;
1429 void unit_add_to_target_deps_queue(Unit
*u
) {
1430 Manager
*m
= u
->manager
;
1434 if (u
->in_target_deps_queue
)
1437 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1438 u
->in_target_deps_queue
= true;
1441 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1445 if (target
->type
!= UNIT_TARGET
)
1448 /* Only add the dependency if both units are loaded, so that
1449 * that loop check below is reliable */
1450 if (u
->load_state
!= UNIT_LOADED
||
1451 target
->load_state
!= UNIT_LOADED
)
1454 /* If either side wants no automatic dependencies, then let's
1456 if (!u
->default_dependencies
||
1457 !target
->default_dependencies
)
1460 /* Don't create loops */
1461 if (unit_has_dependency(target
, UNIT_ATOM_BEFORE
, u
))
1464 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1467 static int unit_add_slice_dependencies(Unit
*u
) {
1471 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1474 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1475 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1477 UnitDependencyMask mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1479 slice
= UNIT_GET_SLICE(u
);
1481 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, slice
, true, mask
);
1483 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1486 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1489 static int unit_add_mount_dependencies(Unit
*u
) {
1490 UnitDependencyInfo di
;
1496 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
) {
1497 char prefix
[strlen(path
) + 1];
1499 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1500 _cleanup_free_
char *p
= NULL
;
1503 r
= unit_name_from_path(prefix
, ".mount", &p
);
1504 if (IN_SET(r
, -EINVAL
, -ENAMETOOLONG
))
1505 continue; /* If the path cannot be converted to a mount unit name, then it's
1506 * not manageable as a unit by systemd, and hence we don't need a
1507 * dependency on it. Let's thus silently ignore the issue. */
1511 m
= manager_get_unit(u
->manager
, p
);
1513 /* Make sure to load the mount unit if it exists. If so the dependencies on
1514 * this unit will be added later during the loading of the mount unit. */
1515 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1521 if (m
->load_state
!= UNIT_LOADED
)
1524 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1528 if (m
->fragment_path
) {
1529 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1539 static int unit_add_oomd_dependencies(Unit
*u
) {
1546 if (!u
->default_dependencies
)
1549 c
= unit_get_cgroup_context(u
);
1553 wants_oomd
= (c
->moom_swap
== MANAGED_OOM_KILL
|| c
->moom_mem_pressure
== MANAGED_OOM_KILL
);
1557 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, "systemd-oomd.service", true, UNIT_DEPENDENCY_FILE
);
1564 static int unit_add_startup_units(Unit
*u
) {
1565 if (!unit_has_startup_cgroup_constraints(u
))
1568 return set_ensure_put(&u
->manager
->startup_units
, NULL
, u
);
1571 static int unit_validate_on_failure_job_mode(
1573 const char *job_mode_setting
,
1575 const char *dependency_name
,
1576 UnitDependencyAtom atom
) {
1578 Unit
*other
, *found
= NULL
;
1580 if (job_mode
!= JOB_ISOLATE
)
1583 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
1586 else if (found
!= other
)
1587 return log_unit_error_errno(
1588 u
, SYNTHETIC_ERRNO(ENOEXEC
),
1589 "More than one %s dependencies specified but %sisolate set. Refusing.",
1590 dependency_name
, job_mode_setting
);
1596 int unit_load(Unit
*u
) {
1601 if (u
->in_load_queue
) {
1602 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1603 u
->in_load_queue
= false;
1606 if (u
->type
== _UNIT_TYPE_INVALID
)
1609 if (u
->load_state
!= UNIT_STUB
)
1612 if (u
->transient_file
) {
1613 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1614 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1616 r
= fflush_and_check(u
->transient_file
);
1620 u
->transient_file
= safe_fclose(u
->transient_file
);
1621 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1624 r
= UNIT_VTABLE(u
)->load(u
);
1628 assert(u
->load_state
!= UNIT_STUB
);
1630 if (u
->load_state
== UNIT_LOADED
) {
1631 unit_add_to_target_deps_queue(u
);
1633 r
= unit_add_slice_dependencies(u
);
1637 r
= unit_add_mount_dependencies(u
);
1641 r
= unit_add_oomd_dependencies(u
);
1645 r
= unit_add_startup_units(u
);
1649 r
= unit_validate_on_failure_job_mode(u
, "OnSuccessJobMode=", u
->on_success_job_mode
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
);
1653 r
= unit_validate_on_failure_job_mode(u
, "OnFailureJobMode=", u
->on_failure_job_mode
, "OnFailure=", UNIT_ATOM_ON_FAILURE
);
1657 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1658 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1660 /* We finished loading, let's ensure our parents recalculate the members mask */
1661 unit_invalidate_cgroup_members_masks(u
);
1664 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1666 unit_add_to_dbus_queue(unit_follow_merge(u
));
1667 unit_add_to_gc_queue(u
);
1668 (void) manager_varlink_send_managed_oom_update(u
);
1673 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code
1674 * should hence return ENOEXEC to ensure units are placed in this state after loading. */
1676 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1677 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1681 /* Record the timestamp on the cache, so that if the cache gets updated between now and the next time
1682 * an attempt is made to load this unit, we know we need to check again. */
1683 if (u
->load_state
== UNIT_NOT_FOUND
)
1684 u
->fragment_not_found_timestamp_hash
= u
->manager
->unit_cache_timestamp_hash
;
1686 unit_add_to_dbus_queue(u
);
1687 unit_add_to_gc_queue(u
);
1689 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1693 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1698 if (u
&& !unit_log_level_test(u
, level
))
1699 return -ERRNO_VALUE(error
);
1701 va_start(ap
, format
);
1703 r
= log_object_internalv(level
, error
, file
, line
, func
,
1704 u
->manager
->unit_log_field
,
1706 u
->manager
->invocation_log_field
,
1707 u
->invocation_id_string
,
1710 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1716 static bool unit_test_condition(Unit
*u
) {
1717 _cleanup_strv_free_
char **env
= NULL
;
1722 dual_timestamp_get(&u
->condition_timestamp
);
1724 r
= manager_get_effective_environment(u
->manager
, &env
);
1726 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1727 u
->condition_result
= true;
1729 u
->condition_result
= condition_test_list(
1732 condition_type_to_string
,
1736 unit_add_to_dbus_queue(u
);
1737 return u
->condition_result
;
1740 static bool unit_test_assert(Unit
*u
) {
1741 _cleanup_strv_free_
char **env
= NULL
;
1746 dual_timestamp_get(&u
->assert_timestamp
);
1748 r
= manager_get_effective_environment(u
->manager
, &env
);
1750 log_unit_error_errno(u
, r
, "Failed to determine effective environment: %m");
1751 u
->assert_result
= CONDITION_ERROR
;
1753 u
->assert_result
= condition_test_list(
1756 assert_type_to_string
,
1760 unit_add_to_dbus_queue(u
);
1761 return u
->assert_result
;
1764 void unit_status_printf(Unit
*u
, StatusType status_type
, const char *status
, const char *format
, const char *ident
) {
1765 if (log_get_show_color()) {
1766 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_COMBINED
&& strchr(ident
, ' '))
1767 ident
= strjoina(ANSI_HIGHLIGHT
, u
->id
, ANSI_NORMAL
, " - ", u
->description
);
1769 ident
= strjoina(ANSI_HIGHLIGHT
, ident
, ANSI_NORMAL
);
1772 DISABLE_WARNING_FORMAT_NONLITERAL
;
1773 manager_status_printf(u
->manager
, status_type
, status
, format
, ident
);
1777 int unit_test_start_limit(Unit
*u
) {
1782 if (ratelimit_below(&u
->start_ratelimit
)) {
1783 u
->start_limit_hit
= false;
1787 log_unit_warning(u
, "Start request repeated too quickly.");
1788 u
->start_limit_hit
= true;
1790 reason
= strjoina("unit ", u
->id
, " failed");
1792 emergency_action(u
->manager
, u
->start_limit_action
,
1793 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1794 u
->reboot_arg
, -1, reason
);
1799 bool unit_shall_confirm_spawn(Unit
*u
) {
1802 if (manager_is_confirm_spawn_disabled(u
->manager
))
1805 /* For some reasons units remaining in the same process group
1806 * as PID 1 fail to acquire the console even if it's not used
1807 * by any process. So skip the confirmation question for them. */
1808 return !unit_get_exec_context(u
)->same_pgrp
;
1811 static bool unit_verify_deps(Unit
*u
) {
1816 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined
1817 * with After=. We do not check Requires= or Requisite= here as they only should have an effect on
1818 * the job processing, but do not have any effect afterwards. We don't check BindsTo= dependencies
1819 * that are not used in conjunction with After= as for them any such check would make things entirely
1822 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
1824 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
))
1827 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1828 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1836 /* Errors that aren't really errors:
1837 * -EALREADY: Unit is already started.
1838 * -ECOMM: Condition failed
1839 * -EAGAIN: An operation is already in progress. Retry later.
1841 * Errors that are real errors:
1842 * -EBADR: This unit type does not support starting.
1843 * -ECANCELED: Start limit hit, too many requests for now
1844 * -EPROTO: Assert failed
1845 * -EINVAL: Unit not loaded
1846 * -EOPNOTSUPP: Unit type not supported
1847 * -ENOLINK: The necessary dependencies are not fulfilled.
1848 * -ESTALE: This unit has been started before and can't be started a second time
1849 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1851 int unit_start(Unit
*u
) {
1852 UnitActiveState state
;
1857 /* Check start rate limiting early so that failure conditions don't cause us to enter a busy loop. */
1858 if (UNIT_VTABLE(u
)->test_start_limit
) {
1859 int r
= UNIT_VTABLE(u
)->test_start_limit(u
);
1864 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1865 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1866 * waiting is finished. */
1867 state
= unit_active_state(u
);
1868 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1870 if (state
== UNIT_MAINTENANCE
)
1873 /* Units that aren't loaded cannot be started */
1874 if (u
->load_state
!= UNIT_LOADED
)
1877 /* Refuse starting scope units more than once */
1878 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1881 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1882 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1883 * recheck the condition in that case. */
1884 if (state
!= UNIT_ACTIVATING
&&
1885 !unit_test_condition(u
))
1886 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1888 /* If the asserts failed, fail the entire job */
1889 if (state
!= UNIT_ACTIVATING
&&
1890 !unit_test_assert(u
))
1891 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1893 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1894 * condition checks, so that we rather return condition check errors (which are usually not
1895 * considered a true failure) than "not supported" errors (which are considered a failure).
1897 if (!unit_type_supported(u
->type
))
1900 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1901 * should have taken care of this already, but let's check this here again. After all, our
1902 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1903 if (!unit_verify_deps(u
))
1906 /* Forward to the main object, if we aren't it. */
1907 following
= unit_following(u
);
1909 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1910 return unit_start(following
);
1913 /* If it is stopped, but we cannot start it, then fail */
1914 if (!UNIT_VTABLE(u
)->start
)
1917 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1918 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1919 * waits for a holdoff timer to elapse before it will start again. */
1921 unit_add_to_dbus_queue(u
);
1922 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1924 return UNIT_VTABLE(u
)->start(u
);
1927 bool unit_can_start(Unit
*u
) {
1930 if (u
->load_state
!= UNIT_LOADED
)
1933 if (!unit_type_supported(u
->type
))
1936 /* Scope units may be started only once */
1937 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1940 return !!UNIT_VTABLE(u
)->start
;
1943 bool unit_can_isolate(Unit
*u
) {
1946 return unit_can_start(u
) &&
1951 * -EBADR: This unit type does not support stopping.
1952 * -EALREADY: Unit is already stopped.
1953 * -EAGAIN: An operation is already in progress. Retry later.
1955 int unit_stop(Unit
*u
) {
1956 UnitActiveState state
;
1961 state
= unit_active_state(u
);
1962 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1965 following
= unit_following(u
);
1967 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1968 return unit_stop(following
);
1971 if (!UNIT_VTABLE(u
)->stop
)
1974 unit_add_to_dbus_queue(u
);
1975 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
1977 return UNIT_VTABLE(u
)->stop(u
);
1980 bool unit_can_stop(Unit
*u
) {
1983 /* Note: if we return true here, it does not mean that the unit may be successfully stopped.
1984 * Extrinsic units follow external state and they may stop following external state changes
1985 * (hence we return true here), but an attempt to do this through the manager will fail. */
1987 if (!unit_type_supported(u
->type
))
1993 return !!UNIT_VTABLE(u
)->stop
;
1997 * -EBADR: This unit type does not support reloading.
1998 * -ENOEXEC: Unit is not started.
1999 * -EAGAIN: An operation is already in progress. Retry later.
2001 int unit_reload(Unit
*u
) {
2002 UnitActiveState state
;
2007 if (u
->load_state
!= UNIT_LOADED
)
2010 if (!unit_can_reload(u
))
2013 state
= unit_active_state(u
);
2014 if (state
== UNIT_RELOADING
)
2017 if (state
!= UNIT_ACTIVE
)
2018 return log_unit_warning_errno(u
, SYNTHETIC_ERRNO(ENOEXEC
), "Unit cannot be reloaded because it is inactive.");
2020 following
= unit_following(u
);
2022 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
2023 return unit_reload(following
);
2026 unit_add_to_dbus_queue(u
);
2028 if (!UNIT_VTABLE(u
)->reload
) {
2029 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
2030 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
2034 unit_cgroup_freezer_action(u
, FREEZER_THAW
);
2036 return UNIT_VTABLE(u
)->reload(u
);
2039 bool unit_can_reload(Unit
*u
) {
2042 if (UNIT_VTABLE(u
)->can_reload
)
2043 return UNIT_VTABLE(u
)->can_reload(u
);
2045 if (unit_has_dependency(u
, UNIT_ATOM_PROPAGATES_RELOAD_TO
, NULL
))
2048 return UNIT_VTABLE(u
)->reload
;
2051 bool unit_is_unneeded(Unit
*u
) {
2055 if (!u
->stop_when_unneeded
)
2058 /* Don't clean up while the unit is transitioning or is even inactive. */
2059 if (unit_active_state(u
) != UNIT_ACTIVE
)
2064 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_PINS_STOP_WHEN_UNNEEDED
) {
2065 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2066 * restart, then don't clean this one up. */
2071 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2074 if (unit_will_restart(other
))
2081 bool unit_is_upheld_by_active(Unit
*u
, Unit
**ret_culprit
) {
2086 /* Checks if the unit needs to be started because it currently is not running, but some other unit
2087 * that is active declared an Uphold= dependencies on it */
2089 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u
)) || u
->job
) {
2091 *ret_culprit
= NULL
;
2095 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_START_STEADILY
) {
2099 if (UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
2101 *ret_culprit
= other
;
2107 *ret_culprit
= NULL
;
2111 bool unit_is_bound_by_inactive(Unit
*u
, Unit
**ret_culprit
) {
2116 /* Checks whether this unit is bound to another unit that is inactive, i.e. whether we should stop
2117 * because the other unit is down. */
2119 if (unit_active_state(u
) != UNIT_ACTIVE
|| u
->job
) {
2120 /* Don't clean up while the unit is transitioning or is even inactive. */
2122 *ret_culprit
= NULL
;
2126 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_CANNOT_BE_ACTIVE_WITHOUT
) {
2130 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
))) {
2132 *ret_culprit
= other
;
2139 *ret_culprit
= NULL
;
2143 static void check_unneeded_dependencies(Unit
*u
) {
2147 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2149 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_STOP_WHEN_UNNEEDED_QUEUE
)
2150 unit_submit_to_stop_when_unneeded_queue(other
);
2153 static void check_uphold_dependencies(Unit
*u
) {
2157 /* Add all units this unit depends on to the queue that processes Uphold= behaviour. */
2159 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_START_WHEN_UPHELD_QUEUE
)
2160 unit_submit_to_start_when_upheld_queue(other
);
2163 static void check_bound_by_dependencies(Unit
*u
) {
2167 /* Add all units this unit depends on to the queue that processes BindsTo= stop behaviour. */
2169 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_ADD_CANNOT_BE_ACTIVE_WITHOUT_QUEUE
)
2170 unit_submit_to_stop_when_bound_queue(other
);
2173 static void retroactively_start_dependencies(Unit
*u
) {
2177 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2179 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_REPLACE
) /* Requires= + BindsTo= */
2180 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2181 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2182 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2184 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_START_FAIL
) /* Wants= */
2185 if (!unit_has_dependency(u
, UNIT_ATOM_AFTER
, other
) &&
2186 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2187 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2189 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_START
) /* Conflicts= (and inverse) */
2190 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2191 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2194 static void retroactively_stop_dependencies(Unit
*u
) {
2198 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2200 /* Pull down units which are bound to us recursively if enabled */
2201 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_RETROACTIVE_STOP_ON_STOP
) /* BoundBy= */
2202 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2203 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2206 void unit_start_on_failure(
2208 const char *dependency_name
,
2209 UnitDependencyAtom atom
,
2212 bool logged
= false;
2217 assert(dependency_name
);
2218 assert(IN_SET(atom
, UNIT_ATOM_ON_SUCCESS
, UNIT_ATOM_ON_FAILURE
));
2220 /* Act on OnFailure= and OnSuccess= dependencies */
2222 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
2223 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2226 log_unit_info(u
, "Triggering %s dependencies.", dependency_name
);
2230 r
= manager_add_job(u
->manager
, JOB_START
, other
, job_mode
, NULL
, &error
, NULL
);
2232 log_unit_warning_errno(
2233 u
, r
, "Failed to enqueue %s job, ignoring: %s",
2234 dependency_name
, bus_error_message(&error
, r
));
2238 log_unit_debug(u
, "Triggering %s dependencies done.", dependency_name
);
2241 void unit_trigger_notify(Unit
*u
) {
2246 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_TRIGGERED_BY
)
2247 if (UNIT_VTABLE(other
)->trigger_notify
)
2248 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2251 static int raise_level(int log_level
, bool condition_info
, bool condition_notice
) {
2252 if (condition_notice
&& log_level
> LOG_NOTICE
)
2254 if (condition_info
&& log_level
> LOG_INFO
)
2259 static int unit_log_resources(Unit
*u
) {
2260 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2261 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2262 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2263 int log_level
= LOG_DEBUG
; /* May be raised if resources consumed over a threshold */
2264 size_t n_message_parts
= 0, n_iovec
= 0;
2265 char* message_parts
[1 + 2 + 2 + 1], *t
;
2266 nsec_t nsec
= NSEC_INFINITY
;
2268 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2269 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2270 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2271 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2272 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2274 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2275 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2276 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2277 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2278 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2283 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2284 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2285 * information and the complete data in structured fields. */
2287 (void) unit_get_cpu_usage(u
, &nsec
);
2288 if (nsec
!= NSEC_INFINITY
) {
2289 /* Format the CPU time for inclusion in the structured log message */
2290 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2294 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2296 /* Format the CPU time for inclusion in the human language message string */
2297 t
= strjoin("consumed ", FORMAT_TIMESPAN(nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
), " CPU time");
2303 message_parts
[n_message_parts
++] = t
;
2305 log_level
= raise_level(log_level
,
2306 nsec
> NOTICEWORTHY_CPU_NSEC
,
2307 nsec
> MENTIONWORTHY_CPU_NSEC
);
2310 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2311 uint64_t value
= UINT64_MAX
;
2313 assert(io_fields
[k
]);
2315 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2316 if (value
== UINT64_MAX
)
2319 have_io_accounting
= true;
2323 /* Format IO accounting data for inclusion in the structured log message */
2324 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2328 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2330 /* Format the IO accounting data for inclusion in the human language message string, but only
2331 * for the bytes counters (and not for the operations counters) */
2332 if (k
== CGROUP_IO_READ_BYTES
) {
2334 rr
= strjoin("read ", strna(FORMAT_BYTES(value
)), " from disk");
2339 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2341 wr
= strjoin("written ", strna(FORMAT_BYTES(value
)), " to disk");
2348 if (IN_SET(k
, CGROUP_IO_READ_BYTES
, CGROUP_IO_WRITE_BYTES
))
2349 log_level
= raise_level(log_level
,
2350 value
> MENTIONWORTHY_IO_BYTES
,
2351 value
> NOTICEWORTHY_IO_BYTES
);
2354 if (have_io_accounting
) {
2357 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2359 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2364 k
= strdup("no IO");
2370 message_parts
[n_message_parts
++] = k
;
2374 for (CGroupIPAccountingMetric m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2375 uint64_t value
= UINT64_MAX
;
2377 assert(ip_fields
[m
]);
2379 (void) unit_get_ip_accounting(u
, m
, &value
);
2380 if (value
== UINT64_MAX
)
2383 have_ip_accounting
= true;
2387 /* Format IP accounting data for inclusion in the structured log message */
2388 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2392 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2394 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2395 * bytes counters (and not for the packets counters) */
2396 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2398 igress
= strjoin("received ", strna(FORMAT_BYTES(value
)), " IP traffic");
2403 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2405 egress
= strjoin("sent ", strna(FORMAT_BYTES(value
)), " IP traffic");
2412 if (IN_SET(m
, CGROUP_IP_INGRESS_BYTES
, CGROUP_IP_EGRESS_BYTES
))
2413 log_level
= raise_level(log_level
,
2414 value
> MENTIONWORTHY_IP_BYTES
,
2415 value
> NOTICEWORTHY_IP_BYTES
);
2418 /* This check is here because it is the earliest point following all possible log_level assignments. If
2419 * log_level is assigned anywhere after this point, move this check. */
2420 if (!unit_log_level_test(u
, log_level
)) {
2425 if (have_ip_accounting
) {
2428 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2430 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2435 k
= strdup("no IP traffic");
2441 message_parts
[n_message_parts
++] = k
;
2445 /* Is there any accounting data available at all? */
2451 if (n_message_parts
== 0)
2452 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2454 _cleanup_free_
char *joined
= NULL
;
2456 message_parts
[n_message_parts
] = NULL
;
2458 joined
= strv_join(message_parts
, ", ");
2464 joined
[0] = ascii_toupper(joined
[0]);
2465 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2468 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2469 * and hence don't increase n_iovec for them */
2470 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2471 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2473 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2474 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2476 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2477 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2479 log_unit_struct_iovec(u
, log_level
, iovec
, n_iovec
+ 4);
2483 for (size_t i
= 0; i
< n_message_parts
; i
++)
2484 free(message_parts
[i
]);
2486 for (size_t i
= 0; i
< n_iovec
; i
++)
2487 free(iovec
[i
].iov_base
);
2493 static void unit_update_on_console(Unit
*u
) {
2498 b
= unit_needs_console(u
);
2499 if (u
->on_console
== b
)
2504 manager_ref_console(u
->manager
);
2506 manager_unref_console(u
->manager
);
2509 static void unit_emit_audit_start(Unit
*u
) {
2512 if (u
->type
!= UNIT_SERVICE
)
2515 /* Write audit record if we have just finished starting up */
2516 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2520 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2523 if (u
->type
!= UNIT_SERVICE
)
2527 /* Write audit record if we have just finished shutting down */
2528 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2529 u
->in_audit
= false;
2531 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2532 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2534 if (state
== UNIT_INACTIVE
)
2535 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2539 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2540 bool unexpected
= false;
2545 if (j
->state
== JOB_WAITING
)
2547 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2549 job_add_to_run_queue(j
);
2551 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2552 * hence needs to invalidate jobs. */
2557 case JOB_VERIFY_ACTIVE
:
2559 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2560 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2561 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2564 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2565 if (ns
== UNIT_FAILED
)
2566 result
= JOB_FAILED
;
2570 job_finish_and_invalidate(j
, result
, true, false);
2577 case JOB_RELOAD_OR_START
:
2578 case JOB_TRY_RELOAD
:
2580 if (j
->state
== JOB_RUNNING
) {
2581 if (ns
== UNIT_ACTIVE
)
2582 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2583 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2586 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2587 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2595 case JOB_TRY_RESTART
:
2597 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2598 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2599 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2601 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2607 assert_not_reached();
2613 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2618 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2619 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2621 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2622 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2623 * remounted this function will be called too! */
2627 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2628 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2629 unit_add_to_dbus_queue(u
);
2631 /* Update systemd-oomd on the property/state change */
2633 /* Always send an update if the unit is going into an inactive state so systemd-oomd knows to stop
2635 * Also send an update whenever the unit goes active; this is to handle a case where an override file
2636 * sets one of the ManagedOOM*= properties to "kill", then later removes it. systemd-oomd needs to
2637 * know to stop monitoring when the unit changes from "kill" -> "auto" on daemon-reload, but we don't
2638 * have the information on the property. Thus, indiscriminately send an update. */
2639 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) || UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2640 (void) manager_varlink_send_managed_oom_update(u
);
2643 /* Update timestamps for state changes */
2644 if (!MANAGER_IS_RELOADING(m
)) {
2645 dual_timestamp_get(&u
->state_change_timestamp
);
2647 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2648 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2649 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2650 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2652 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2653 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2654 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2655 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2658 /* Keep track of failed units */
2659 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2661 /* Make sure the cgroup and state files are always removed when we become inactive */
2662 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2663 SET_FLAG(u
->markers
,
2664 (1u << UNIT_MARKER_NEEDS_RELOAD
)|(1u << UNIT_MARKER_NEEDS_RESTART
),
2666 unit_prune_cgroup(u
);
2667 unit_unlink_state_files(u
);
2668 } else if (ns
!= os
&& ns
== UNIT_RELOADING
)
2669 SET_FLAG(u
->markers
, 1u << UNIT_MARKER_NEEDS_RELOAD
, false);
2671 unit_update_on_console(u
);
2673 if (!MANAGER_IS_RELOADING(m
)) {
2676 /* Let's propagate state changes to the job */
2678 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2682 /* If this state change happened without being requested by a job, then let's retroactively start or
2683 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2684 * additional jobs just because something is already activated. */
2687 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2688 retroactively_start_dependencies(u
);
2689 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2690 retroactively_stop_dependencies(u
);
2693 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2694 log_unit_debug(u
, "Unit entered failed state.");
2696 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2697 unit_start_on_failure(u
, "OnFailure=", UNIT_ATOM_ON_FAILURE
, u
->on_failure_job_mode
);
2700 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2701 /* This unit just finished starting up */
2703 unit_emit_audit_start(u
);
2704 manager_send_unit_plymouth(m
, u
);
2707 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2708 /* This unit just stopped/failed. */
2710 unit_emit_audit_stop(u
, ns
);
2711 unit_log_resources(u
);
2714 if (ns
== UNIT_INACTIVE
&& !IN_SET(os
, UNIT_FAILED
, UNIT_INACTIVE
, UNIT_MAINTENANCE
) &&
2715 !(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2716 unit_start_on_failure(u
, "OnSuccess=", UNIT_ATOM_ON_SUCCESS
, u
->on_success_job_mode
);
2719 manager_recheck_journal(m
);
2720 manager_recheck_dbus(m
);
2722 unit_trigger_notify(u
);
2724 if (!MANAGER_IS_RELOADING(m
)) {
2725 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2726 reason
= strjoina("unit ", u
->id
, " failed");
2727 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2728 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2729 reason
= strjoina("unit ", u
->id
, " succeeded");
2730 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2734 /* And now, add the unit or depending units to various queues that will act on the new situation if
2735 * needed. These queues generally check for continuous state changes rather than events (like most of
2736 * the state propagation above), and do work deferred instead of instantly, since they typically
2737 * don't want to run during reloading, and usually involve checking combined state of multiple units
2740 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2741 /* Stop unneeded units and bound-by units regardless if going down was expected or not */
2742 check_unneeded_dependencies(u
);
2743 check_bound_by_dependencies(u
);
2745 /* Maybe someone wants us to remain up? */
2746 unit_submit_to_start_when_upheld_queue(u
);
2748 /* Maybe the unit should be GC'ed now? */
2749 unit_add_to_gc_queue(u
);
2752 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
)) {
2753 /* Start uphold units regardless if going up was expected or not */
2754 check_uphold_dependencies(u
);
2756 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2757 unit_submit_to_stop_when_unneeded_queue(u
);
2759 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens
2760 * when something BindsTo= to a Type=oneshot unit, as these units go directly from starting to
2761 * inactive, without ever entering started.) */
2762 unit_submit_to_stop_when_bound_queue(u
);
2766 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2770 assert(pid_is_valid(pid
));
2772 /* Watch a specific PID */
2774 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2775 * opportunity to remove any stalled references to this PID as they can be created
2776 * easily (when watching a process which is not our direct child). */
2778 manager_unwatch_pid(u
->manager
, pid
);
2780 r
= set_ensure_allocated(&u
->pids
, NULL
);
2784 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2788 /* First try, let's add the unit keyed by "pid". */
2789 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2795 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2796 * to an array of Units rather than just a Unit), lists us already. */
2798 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2800 for (; array
[n
]; n
++)
2804 if (found
) /* Found it already? if so, do nothing */
2809 /* Allocate a new array */
2810 new_array
= new(Unit
*, n
+ 2);
2814 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2816 new_array
[n
+1] = NULL
;
2818 /* Add or replace the old array */
2819 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2830 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2837 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2841 assert(pid_is_valid(pid
));
2843 /* First let's drop the unit in case it's keyed as "pid". */
2844 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2846 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2847 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2849 /* Let's iterate through the array, dropping our own entry */
2852 for (size_t n
= 0; array
[n
]; n
++)
2854 array
[m
++] = array
[n
];
2858 /* The array is now empty, remove the entire entry */
2859 assert_se(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2864 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2867 void unit_unwatch_all_pids(Unit
*u
) {
2870 while (!set_isempty(u
->pids
))
2871 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2873 u
->pids
= set_free(u
->pids
);
2876 static void unit_tidy_watch_pids(Unit
*u
) {
2877 pid_t except1
, except2
;
2882 /* Cleans dead PIDs from our list */
2884 except1
= unit_main_pid(u
);
2885 except2
= unit_control_pid(u
);
2887 SET_FOREACH(e
, u
->pids
) {
2888 pid_t pid
= PTR_TO_PID(e
);
2890 if (pid
== except1
|| pid
== except2
)
2893 if (!pid_is_unwaited(pid
))
2894 unit_unwatch_pid(u
, pid
);
2898 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2904 unit_tidy_watch_pids(u
);
2905 unit_watch_all_pids(u
);
2907 /* If the PID set is empty now, then let's finish this off. */
2908 unit_synthesize_cgroup_empty_event(u
);
2913 int unit_enqueue_rewatch_pids(Unit
*u
) {
2918 if (!u
->cgroup_path
)
2921 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2924 if (r
> 0) /* On unified we can use proper notifications */
2927 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2928 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2929 * involves issuing kill(pid, 0) on all processes we watch. */
2931 if (!u
->rewatch_pids_event_source
) {
2932 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2934 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2936 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2938 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2940 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: %m");
2942 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2944 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2947 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2949 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2954 void unit_dequeue_rewatch_pids(Unit
*u
) {
2958 if (!u
->rewatch_pids_event_source
)
2961 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2963 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2965 u
->rewatch_pids_event_source
= sd_event_source_disable_unref(u
->rewatch_pids_event_source
);
2968 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2970 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2974 case JOB_VERIFY_ACTIVE
:
2977 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2978 * startable by us but may appear due to external events, and it thus makes sense to permit enqueuing
2983 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2984 * external events), hence it makes no sense to permit enqueuing such a request either. */
2985 return !u
->perpetual
;
2988 case JOB_TRY_RESTART
:
2989 return unit_can_stop(u
) && unit_can_start(u
);
2992 case JOB_TRY_RELOAD
:
2993 return unit_can_reload(u
);
2995 case JOB_RELOAD_OR_START
:
2996 return unit_can_reload(u
) && unit_can_start(u
);
2999 assert_not_reached();
3003 int unit_add_dependency(
3008 UnitDependencyMask mask
) {
3010 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
3011 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
3012 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
3013 [UNIT_WANTS
] = UNIT_WANTED_BY
,
3014 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
3015 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
3016 [UNIT_UPHOLDS
] = UNIT_UPHELD_BY
,
3017 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
3018 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
3019 [UNIT_WANTED_BY
] = UNIT_WANTS
,
3020 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
3021 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
3022 [UNIT_UPHELD_BY
] = UNIT_UPHOLDS
,
3023 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
3024 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
3025 [UNIT_BEFORE
] = UNIT_AFTER
,
3026 [UNIT_AFTER
] = UNIT_BEFORE
,
3027 [UNIT_ON_SUCCESS
] = UNIT_ON_SUCCESS_OF
,
3028 [UNIT_ON_SUCCESS_OF
] = UNIT_ON_SUCCESS
,
3029 [UNIT_ON_FAILURE
] = UNIT_ON_FAILURE_OF
,
3030 [UNIT_ON_FAILURE_OF
] = UNIT_ON_FAILURE
,
3031 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
3032 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
3033 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
3034 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
3035 [UNIT_PROPAGATES_STOP_TO
] = UNIT_STOP_PROPAGATED_FROM
,
3036 [UNIT_STOP_PROPAGATED_FROM
] = UNIT_PROPAGATES_STOP_TO
,
3037 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
, /* symmetric! 👓 */
3038 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
3039 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
3040 [UNIT_IN_SLICE
] = UNIT_SLICE_OF
,
3041 [UNIT_SLICE_OF
] = UNIT_IN_SLICE
,
3043 Unit
*original_u
= u
, *original_other
= other
;
3044 UnitDependencyAtom a
;
3047 /* Helper to know whether sending a notification is necessary or not: if the dependency is already
3048 * there, no need to notify! */
3052 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
3055 u
= unit_follow_merge(u
);
3056 other
= unit_follow_merge(other
);
3057 a
= unit_dependency_to_atom(d
);
3060 /* We won't allow dependencies on ourselves. We will not consider them an error however. */
3062 unit_maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
3066 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3069 /* Note that ordering a device unit after a unit is permitted since it allows to start its job
3070 * running timeout at a specific time. */
3071 if (FLAGS_SET(a
, UNIT_ATOM_BEFORE
) && other
->type
== UNIT_DEVICE
) {
3072 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
3076 if (FLAGS_SET(a
, UNIT_ATOM_ON_FAILURE
) && !UNIT_VTABLE(u
)->can_fail
) {
3077 log_unit_warning(u
, "Requested dependency OnFailure=%s ignored (%s units cannot fail).", other
->id
, unit_type_to_string(u
->type
));
3081 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERS
) && !UNIT_VTABLE(u
)->can_trigger
)
3082 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3083 "Requested dependency Triggers=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(u
->type
));
3084 if (FLAGS_SET(a
, UNIT_ATOM_TRIGGERED_BY
) && !UNIT_VTABLE(other
)->can_trigger
)
3085 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3086 "Requested dependency TriggeredBy=%s refused (%s units cannot trigger other units).", other
->id
, unit_type_to_string(other
->type
));
3088 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && other
->type
!= UNIT_SLICE
)
3089 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3090 "Requested dependency Slice=%s refused (%s is not a slice unit).", other
->id
, other
->id
);
3091 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && u
->type
!= UNIT_SLICE
)
3092 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3093 "Requested dependency SliceOf=%s refused (%s is not a slice unit).", other
->id
, u
->id
);
3095 if (FLAGS_SET(a
, UNIT_ATOM_IN_SLICE
) && !UNIT_HAS_CGROUP_CONTEXT(u
))
3096 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3097 "Requested dependency Slice=%s refused (%s is not a cgroup unit).", other
->id
, u
->id
);
3099 if (FLAGS_SET(a
, UNIT_ATOM_SLICE_OF
) && !UNIT_HAS_CGROUP_CONTEXT(other
))
3100 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(EINVAL
),
3101 "Requested dependency SliceOf=%s refused (%s is not a cgroup unit).", other
->id
, other
->id
);
3103 r
= unit_add_dependency_hashmap(&u
->dependencies
, d
, other
, mask
, 0);
3108 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
3109 r
= unit_add_dependency_hashmap(&other
->dependencies
, inverse_table
[d
], u
, 0, mask
);
3116 if (add_reference
) {
3117 r
= unit_add_dependency_hashmap(&u
->dependencies
, UNIT_REFERENCES
, other
, mask
, 0);
3123 r
= unit_add_dependency_hashmap(&other
->dependencies
, UNIT_REFERENCED_BY
, u
, 0, mask
);
3131 unit_add_to_dbus_queue(u
);
3136 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
3141 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3145 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
3148 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
3156 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3163 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3165 _cleanup_free_
char *i
= NULL
;
3167 r
= unit_name_to_prefix(u
->id
, &i
);
3171 r
= unit_name_replace_instance(name
, i
, buf
);
3180 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3181 _cleanup_free_
char *buf
= NULL
;
3188 r
= resolve_template(u
, name
, &buf
, &name
);
3192 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3195 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3199 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3202 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3203 _cleanup_free_
char *buf
= NULL
;
3210 r
= resolve_template(u
, name
, &buf
, &name
);
3214 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3217 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3221 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3224 int set_unit_path(const char *p
) {
3225 /* This is mostly for debug purposes */
3226 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
3232 char *unit_dbus_path(Unit
*u
) {
3238 return unit_dbus_path_from_name(u
->id
);
3241 char *unit_dbus_path_invocation_id(Unit
*u
) {
3244 if (sd_id128_is_null(u
->invocation_id
))
3247 return unit_dbus_path_from_name(u
->invocation_id_string
);
3250 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
3255 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
3257 if (sd_id128_equal(u
->invocation_id
, id
))
3260 if (!sd_id128_is_null(u
->invocation_id
))
3261 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3263 if (sd_id128_is_null(id
)) {
3268 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
3272 u
->invocation_id
= id
;
3273 sd_id128_to_string(id
, u
->invocation_id_string
);
3275 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
3282 u
->invocation_id
= SD_ID128_NULL
;
3283 u
->invocation_id_string
[0] = 0;
3287 int unit_set_slice(Unit
*u
, Unit
*slice
, UnitDependencyMask mask
) {
3293 /* Sets the unit slice if it has not been set before. Is extra careful, to only allow this for units
3294 * that actually have a cgroup context. Also, we don't allow to set this for slices (since the parent
3295 * slice is derived from the name). Make sure the unit we set is actually a slice. */
3297 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3300 if (u
->type
== UNIT_SLICE
)
3303 if (unit_active_state(u
) != UNIT_INACTIVE
)
3306 if (slice
->type
!= UNIT_SLICE
)
3309 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3310 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3313 if (UNIT_GET_SLICE(u
) == slice
)
3316 /* Disallow slice changes if @u is already bound to cgroups */
3317 if (UNIT_GET_SLICE(u
) && u
->cgroup_realized
)
3320 r
= unit_add_dependency(u
, UNIT_IN_SLICE
, slice
, true, mask
);
3327 int unit_set_default_slice(Unit
*u
) {
3328 const char *slice_name
;
3334 if (u
->manager
&& FLAGS_SET(u
->manager
->test_run_flags
, MANAGER_TEST_RUN_IGNORE_DEPENDENCIES
))
3337 if (UNIT_GET_SLICE(u
))
3341 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3343 /* Implicitly place all instantiated units in their
3344 * own per-template slice */
3346 r
= unit_name_to_prefix(u
->id
, &prefix
);
3350 /* The prefix is already escaped, but it might include
3351 * "-" which has a special meaning for slice units,
3352 * hence escape it here extra. */
3353 escaped
= unit_name_escape(prefix
);
3357 if (MANAGER_IS_SYSTEM(u
->manager
))
3358 slice_name
= strjoina("system-", escaped
, ".slice");
3360 slice_name
= strjoina("app-", escaped
, ".slice");
3362 } else if (unit_is_extrinsic(u
))
3363 /* Keep all extrinsic units (e.g. perpetual units and swap and mount units in user mode) in
3364 * the root slice. They don't really belong in one of the subslices. */
3365 slice_name
= SPECIAL_ROOT_SLICE
;
3367 else if (MANAGER_IS_SYSTEM(u
->manager
))
3368 slice_name
= SPECIAL_SYSTEM_SLICE
;
3370 slice_name
= SPECIAL_APP_SLICE
;
3372 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3376 return unit_set_slice(u
, slice
, UNIT_DEPENDENCY_FILE
);
3379 const char *unit_slice_name(Unit
*u
) {
3383 slice
= UNIT_GET_SLICE(u
);
3390 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3391 _cleanup_free_
char *t
= NULL
;
3398 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3401 if (unit_has_name(u
, t
))
3404 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3405 assert(r
< 0 || *_found
!= u
);
3409 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3410 const char *new_owner
;
3417 r
= sd_bus_message_read(message
, "sss", NULL
, NULL
, &new_owner
);
3419 bus_log_parse_error(r
);
3423 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3424 UNIT_VTABLE(u
)->bus_name_owner_change(u
, empty_to_null(new_owner
));
3429 static int get_name_owner_handler(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3430 const sd_bus_error
*e
;
3431 const char *new_owner
;
3438 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3440 e
= sd_bus_message_get_error(message
);
3442 if (!sd_bus_error_has_name(e
, "org.freedesktop.DBus.Error.NameHasNoOwner"))
3443 log_unit_error(u
, "Unexpected error response from GetNameOwner(): %s", e
->message
);
3447 r
= sd_bus_message_read(message
, "s", &new_owner
);
3449 return bus_log_parse_error(r
);
3451 assert(!isempty(new_owner
));
3454 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3455 UNIT_VTABLE(u
)->bus_name_owner_change(u
, new_owner
);
3460 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3468 if (u
->match_bus_slot
|| u
->get_name_owner_slot
)
3471 match
= strjoina("type='signal',"
3472 "sender='org.freedesktop.DBus',"
3473 "path='/org/freedesktop/DBus',"
3474 "interface='org.freedesktop.DBus',"
3475 "member='NameOwnerChanged',"
3476 "arg0='", name
, "'");
3478 r
= sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3482 r
= sd_bus_call_method_async(
3484 &u
->get_name_owner_slot
,
3485 "org.freedesktop.DBus",
3486 "/org/freedesktop/DBus",
3487 "org.freedesktop.DBus",
3489 get_name_owner_handler
,
3493 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3497 log_unit_debug(u
, "Watching D-Bus name '%s'.", name
);
3501 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3507 /* Watch a specific name on the bus. We only support one unit
3508 * watching each name for now. */
3510 if (u
->manager
->api_bus
) {
3511 /* If the bus is already available, install the match directly.
3512 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3513 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3515 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3518 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3520 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3521 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3522 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3528 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3532 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3533 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3534 u
->get_name_owner_slot
= sd_bus_slot_unref(u
->get_name_owner_slot
);
3537 int unit_add_node_dependency(Unit
*u
, const char *what
, UnitDependency dep
, UnitDependencyMask mask
) {
3538 _cleanup_free_
char *e
= NULL
;
3544 /* Adds in links to the device node that this unit is based on */
3548 if (!is_device_path(what
))
3551 /* When device units aren't supported (such as in a container), don't create dependencies on them. */
3552 if (!unit_type_supported(UNIT_DEVICE
))
3555 r
= unit_name_from_path(what
, ".device", &e
);
3559 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3563 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3564 dep
= UNIT_BINDS_TO
;
3566 return unit_add_two_dependencies(u
, UNIT_AFTER
,
3567 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3568 device
, true, mask
);
3571 int unit_add_blockdev_dependency(Unit
*u
, const char *what
, UnitDependencyMask mask
) {
3572 _cleanup_free_
char *escaped
= NULL
, *target
= NULL
;
3580 if (!path_startswith(what
, "/dev/"))
3583 /* If we don't support devices, then also don't bother with blockdev@.target */
3584 if (!unit_type_supported(UNIT_DEVICE
))
3587 r
= unit_name_path_escape(what
, &escaped
);
3591 r
= unit_name_build("blockdev", escaped
, ".target", &target
);
3595 return unit_add_dependency_by_name(u
, UNIT_AFTER
, target
, true, mask
);
3598 int unit_coldplug(Unit
*u
) {
3604 /* Make sure we don't enter a loop, when coldplugging recursively. */
3608 u
->coldplugged
= true;
3610 STRV_FOREACH(i
, u
->deserialized_refs
) {
3611 q
= bus_unit_track_add_name(u
, *i
);
3612 if (q
< 0 && r
>= 0)
3615 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3617 if (UNIT_VTABLE(u
)->coldplug
) {
3618 q
= UNIT_VTABLE(u
)->coldplug(u
);
3619 if (q
< 0 && r
>= 0)
3624 q
= job_coldplug(u
->job
);
3625 if (q
< 0 && r
>= 0)
3629 q
= job_coldplug(u
->nop_job
);
3630 if (q
< 0 && r
>= 0)
3637 void unit_catchup(Unit
*u
) {
3640 if (UNIT_VTABLE(u
)->catchup
)
3641 UNIT_VTABLE(u
)->catchup(u
);
3643 unit_cgroup_catchup(u
);
3646 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3652 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3653 * are never out-of-date. */
3654 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3657 if (stat(path
, &st
) < 0)
3658 /* What, cannot access this anymore? */
3662 /* For masked files check if they are still so */
3663 return !null_or_empty(&st
);
3665 /* For non-empty files check the mtime */
3666 return timespec_load(&st
.st_mtim
) > mtime
;
3671 bool unit_need_daemon_reload(Unit
*u
) {
3672 _cleanup_strv_free_
char **t
= NULL
;
3677 /* For unit files, we allow masking… */
3678 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3679 u
->load_state
== UNIT_MASKED
))
3682 /* Source paths should not be masked… */
3683 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3686 if (u
->load_state
== UNIT_LOADED
)
3687 (void) unit_find_dropin_paths(u
, &t
);
3688 if (!strv_equal(u
->dropin_paths
, t
))
3691 /* … any drop-ins that are masked are simply omitted from the list. */
3692 STRV_FOREACH(path
, u
->dropin_paths
)
3693 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3699 void unit_reset_failed(Unit
*u
) {
3702 if (UNIT_VTABLE(u
)->reset_failed
)
3703 UNIT_VTABLE(u
)->reset_failed(u
);
3705 ratelimit_reset(&u
->start_ratelimit
);
3706 u
->start_limit_hit
= false;
3709 Unit
*unit_following(Unit
*u
) {
3712 if (UNIT_VTABLE(u
)->following
)
3713 return UNIT_VTABLE(u
)->following(u
);
3718 bool unit_stop_pending(Unit
*u
) {
3721 /* This call does check the current state of the unit. It's
3722 * hence useful to be called from state change calls of the
3723 * unit itself, where the state isn't updated yet. This is
3724 * different from unit_inactive_or_pending() which checks both
3725 * the current state and for a queued job. */
3727 return unit_has_job_type(u
, JOB_STOP
);
3730 bool unit_inactive_or_pending(Unit
*u
) {
3733 /* Returns true if the unit is inactive or going down */
3735 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3738 if (unit_stop_pending(u
))
3744 bool unit_active_or_pending(Unit
*u
) {
3747 /* Returns true if the unit is active or going up */
3749 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3753 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3759 bool unit_will_restart_default(Unit
*u
) {
3762 return unit_has_job_type(u
, JOB_START
);
3765 bool unit_will_restart(Unit
*u
) {
3768 if (!UNIT_VTABLE(u
)->will_restart
)
3771 return UNIT_VTABLE(u
)->will_restart(u
);
3774 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3776 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3777 assert(SIGNAL_VALID(signo
));
3779 if (!UNIT_VTABLE(u
)->kill
)
3782 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
3785 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
3786 _cleanup_set_free_ Set
*pid_set
= NULL
;
3789 pid_set
= set_new(NULL
);
3793 /* Exclude the main/control pids from being killed via the cgroup */
3795 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
3800 if (control_pid
> 0) {
3801 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
3806 return TAKE_PTR(pid_set
);
3809 static int kill_common_log(pid_t pid
, int signo
, void *userdata
) {
3810 _cleanup_free_
char *comm
= NULL
;
3815 (void) get_process_comm(pid
, &comm
);
3816 log_unit_info(u
, "Sending signal SIG%s to process " PID_FMT
" (%s) on client request.",
3817 signal_to_string(signo
), pid
, strna(comm
));
3822 int unit_kill_common(
3828 sd_bus_error
*error
) {
3831 bool killed
= false;
3833 /* This is the common implementation for explicit user-requested killing of unit processes, shared by
3834 * various unit types. Do not confuse with unit_kill_context(), which is what we use when we want to
3835 * stop a service ourselves. */
3837 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
3839 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
3841 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
3844 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
3845 if (control_pid
< 0)
3846 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
3847 if (control_pid
== 0)
3848 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
3851 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3852 if (control_pid
> 0) {
3853 _cleanup_free_
char *comm
= NULL
;
3854 (void) get_process_comm(control_pid
, &comm
);
3856 if (kill(control_pid
, signo
) < 0) {
3857 /* Report this failure both to the logs and to the client */
3858 sd_bus_error_set_errnof(
3860 "Failed to send signal SIG%s to control process " PID_FMT
" (%s): %m",
3861 signal_to_string(signo
), control_pid
, strna(comm
));
3862 r
= log_unit_warning_errno(
3864 "Failed to send signal SIG%s to control process " PID_FMT
" (%s) on client request: %m",
3865 signal_to_string(signo
), control_pid
, strna(comm
));
3867 log_unit_info(u
, "Sent signal SIG%s to control process " PID_FMT
" (%s) on client request.",
3868 signal_to_string(signo
), control_pid
, strna(comm
));
3873 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3875 _cleanup_free_
char *comm
= NULL
;
3876 (void) get_process_comm(main_pid
, &comm
);
3878 if (kill(main_pid
, signo
) < 0) {
3880 sd_bus_error_set_errnof(
3882 "Failed to send signal SIG%s to main process " PID_FMT
" (%s): %m",
3883 signal_to_string(signo
), main_pid
, strna(comm
));
3885 r
= log_unit_warning_errno(
3887 "Failed to send signal SIG%s to main process " PID_FMT
" (%s) on client request: %m",
3888 signal_to_string(signo
), main_pid
, strna(comm
));
3890 log_unit_info(u
, "Sent signal SIG%s to main process " PID_FMT
" (%s) on client request.",
3891 signal_to_string(signo
), main_pid
, strna(comm
));
3896 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
3897 _cleanup_set_free_ Set
*pid_set
= NULL
;
3900 /* Exclude the main/control pids from being killed via the cgroup */
3901 pid_set
= unit_pid_set(main_pid
, control_pid
);
3905 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, kill_common_log
, u
);
3907 if (!IN_SET(q
, -ESRCH
, -ENOENT
)) {
3909 sd_bus_error_set_errnof(
3911 "Failed to send signal SIG%s to auxiliary processes: %m",
3912 signal_to_string(signo
));
3914 r
= log_unit_warning_errno(
3916 "Failed to send signal SIG%s to auxiliary processes on client request: %m",
3917 signal_to_string(signo
));
3923 /* If the "fail" versions of the operation are requested, then complain if the set of processes we killed is empty */
3924 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
, KILL_MAIN_FAIL
))
3925 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No matching processes to kill");
3930 int unit_following_set(Unit
*u
, Set
**s
) {
3934 if (UNIT_VTABLE(u
)->following_set
)
3935 return UNIT_VTABLE(u
)->following_set(u
, s
);
3941 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
3946 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
3947 r
= unit_file_get_state(
3948 u
->manager
->unit_file_scope
,
3951 &u
->unit_file_state
);
3953 u
->unit_file_state
= UNIT_FILE_BAD
;
3956 return u
->unit_file_state
;
3959 int unit_get_unit_file_preset(Unit
*u
) {
3962 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
3963 u
->unit_file_preset
= unit_file_query_preset(
3964 u
->manager
->unit_file_scope
,
3966 basename(u
->fragment_path
),
3969 return u
->unit_file_preset
;
3972 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
3978 unit_ref_unset(ref
);
3980 ref
->source
= source
;
3981 ref
->target
= target
;
3982 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
3986 void unit_ref_unset(UnitRef
*ref
) {
3992 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3993 * be unreferenced now. */
3994 unit_add_to_gc_queue(ref
->target
);
3996 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
3997 ref
->source
= ref
->target
= NULL
;
4000 static int user_from_unit_name(Unit
*u
, char **ret
) {
4002 static const uint8_t hash_key
[] = {
4003 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4004 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4007 _cleanup_free_
char *n
= NULL
;
4010 r
= unit_name_to_prefix(u
->id
, &n
);
4014 if (valid_user_group_name(n
, 0)) {
4019 /* If we can't use the unit name as a user name, then let's hash it and use that */
4020 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4026 int unit_patch_contexts(Unit
*u
) {
4033 /* Patch in the manager defaults into the exec and cgroup
4034 * contexts, _after_ the rest of the settings have been
4037 ec
= unit_get_exec_context(u
);
4039 /* This only copies in the ones that need memory */
4040 for (unsigned i
= 0; i
< _RLIMIT_MAX
; i
++)
4041 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4042 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4047 if (MANAGER_IS_USER(u
->manager
) &&
4048 !ec
->working_directory
) {
4050 r
= get_home_dir(&ec
->working_directory
);
4054 /* Allow user services to run, even if the
4055 * home directory is missing */
4056 ec
->working_directory_missing_ok
= true;
4059 if (ec
->private_devices
)
4060 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4062 if (ec
->protect_kernel_modules
)
4063 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4065 if (ec
->protect_kernel_logs
)
4066 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYSLOG
);
4068 if (ec
->protect_clock
)
4069 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_SYS_TIME
) | (UINT64_C(1) << CAP_WAKE_ALARM
));
4071 if (ec
->dynamic_user
) {
4073 r
= user_from_unit_name(u
, &ec
->user
);
4079 ec
->group
= strdup(ec
->user
);
4084 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4085 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4088 ec
->private_tmp
= true;
4089 ec
->remove_ipc
= true;
4090 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4091 if (ec
->protect_home
== PROTECT_HOME_NO
)
4092 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4094 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4096 ec
->no_new_privileges
= true;
4097 ec
->restrict_suid_sgid
= true;
4101 cc
= unit_get_cgroup_context(u
);
4104 if (ec
->private_devices
&&
4105 cc
->device_policy
== CGROUP_DEVICE_POLICY_AUTO
)
4106 cc
->device_policy
= CGROUP_DEVICE_POLICY_CLOSED
;
4108 if ((ec
->root_image
|| !LIST_IS_EMPTY(ec
->mount_images
)) &&
4109 (cc
->device_policy
!= CGROUP_DEVICE_POLICY_AUTO
|| cc
->device_allow
)) {
4112 /* When RootImage= or MountImages= is specified, the following devices are touched. */
4113 FOREACH_STRING(p
, "/dev/loop-control", "/dev/mapper/control") {
4114 r
= cgroup_add_device_allow(cc
, p
, "rw");
4118 FOREACH_STRING(p
, "block-loop", "block-blkext", "block-device-mapper") {
4119 r
= cgroup_add_device_allow(cc
, p
, "rwm");
4124 /* Make sure "block-loop" can be resolved, i.e. make sure "loop" shows up in /proc/devices.
4125 * Same for mapper and verity. */
4126 FOREACH_STRING(p
, "modprobe@loop.service", "modprobe@dm_mod.service", "modprobe@dm_verity.service") {
4127 r
= unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_WANTS
, p
, true, UNIT_DEPENDENCY_FILE
);
4133 if (ec
->protect_clock
) {
4134 r
= cgroup_add_device_allow(cc
, "char-rtc", "r");
4143 ExecContext
*unit_get_exec_context(const Unit
*u
) {
4150 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4154 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4157 KillContext
*unit_get_kill_context(Unit
*u
) {
4164 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4168 return (KillContext
*) ((uint8_t*) u
+ offset
);
4171 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4177 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4181 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4184 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4190 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4194 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4197 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4200 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4203 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4204 return u
->manager
->lookup_paths
.transient
;
4206 if (flags
& UNIT_PERSISTENT
)
4207 return u
->manager
->lookup_paths
.persistent_control
;
4209 if (flags
& UNIT_RUNTIME
)
4210 return u
->manager
->lookup_paths
.runtime_control
;
4215 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4221 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4222 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4223 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4224 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4225 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4228 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4229 ret
= specifier_escape(s
);
4236 if (flags
& UNIT_ESCAPE_C
) {
4249 return ret
?: (char*) s
;
4252 return ret
?: strdup(s
);
4255 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4256 _cleanup_free_
char *result
= NULL
;
4260 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4261 * way suitable for ExecStart= stanzas */
4263 STRV_FOREACH(i
, l
) {
4264 _cleanup_free_
char *buf
= NULL
;
4269 p
= unit_escape_setting(*i
, flags
, &buf
);
4273 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4274 if (!GREEDY_REALLOC(result
, n
+ a
+ 1))
4288 if (!GREEDY_REALLOC(result
, n
+ 1))
4293 return TAKE_PTR(result
);
4296 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4297 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4298 const char *dir
, *wrapped
;
4305 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4308 data
= unit_escape_setting(data
, flags
, &escaped
);
4312 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4313 * previous section header is the same */
4315 if (flags
& UNIT_PRIVATE
) {
4316 if (!UNIT_VTABLE(u
)->private_section
)
4319 if (!u
->transient_file
|| u
->last_section_private
< 0)
4320 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4321 else if (u
->last_section_private
== 0)
4322 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4324 if (!u
->transient_file
|| u
->last_section_private
< 0)
4325 data
= strjoina("[Unit]\n", data
);
4326 else if (u
->last_section_private
> 0)
4327 data
= strjoina("\n[Unit]\n", data
);
4330 if (u
->transient_file
) {
4331 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4332 * write to the transient unit file. */
4333 fputs(data
, u
->transient_file
);
4335 if (!endswith(data
, "\n"))
4336 fputc('\n', u
->transient_file
);
4338 /* Remember which section we wrote this entry to */
4339 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4343 dir
= unit_drop_in_dir(u
, flags
);
4347 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4348 "# or an equivalent operation. Do not edit.\n",
4352 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4356 (void) mkdir_p_label(p
, 0755);
4358 /* Make sure the drop-in dir is registered in our path cache. This way we don't need to stupidly
4359 * recreate the cache after every drop-in we write. */
4360 if (u
->manager
->unit_path_cache
) {
4361 r
= set_put_strdup(&u
->manager
->unit_path_cache
, p
);
4366 r
= write_string_file_atomic_label(q
, wrapped
);
4370 r
= strv_push(&u
->dropin_paths
, q
);
4375 strv_uniq(u
->dropin_paths
);
4377 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4382 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4383 _cleanup_free_
char *p
= NULL
;
4391 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4394 va_start(ap
, format
);
4395 r
= vasprintf(&p
, format
, ap
);
4401 return unit_write_setting(u
, flags
, name
, p
);
4404 int unit_make_transient(Unit
*u
) {
4405 _cleanup_free_
char *path
= NULL
;
4410 if (!UNIT_VTABLE(u
)->can_transient
)
4413 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4415 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4419 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4420 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4422 RUN_WITH_UMASK(0022) {
4423 f
= fopen(path
, "we");
4428 safe_fclose(u
->transient_file
);
4429 u
->transient_file
= f
;
4431 free_and_replace(u
->fragment_path
, path
);
4433 u
->source_path
= mfree(u
->source_path
);
4434 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4435 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4437 u
->load_state
= UNIT_STUB
;
4439 u
->transient
= true;
4441 unit_add_to_dbus_queue(u
);
4442 unit_add_to_gc_queue(u
);
4444 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4450 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4451 _cleanup_free_
char *comm
= NULL
;
4453 (void) get_process_comm(pid
, &comm
);
4455 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4456 only, like for example systemd's own PAM stub process. */
4457 if (comm
&& comm
[0] == '(')
4460 log_unit_notice(userdata
,
4461 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4464 signal_to_string(sig
));
4469 static int operation_to_signal(const KillContext
*c
, KillOperation k
, bool *noteworthy
) {
4474 case KILL_TERMINATE
:
4475 case KILL_TERMINATE_AND_LOG
:
4476 *noteworthy
= false;
4477 return c
->kill_signal
;
4480 *noteworthy
= false;
4481 return restart_kill_signal(c
);
4485 return c
->final_kill_signal
;
4489 return c
->watchdog_signal
;
4492 assert_not_reached();
4496 int unit_kill_context(
4502 bool main_pid_alien
) {
4504 bool wait_for_exit
= false, send_sighup
;
4505 cg_kill_log_func_t log_func
= NULL
;
4511 /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0
4512 * if we killed something worth waiting for, 0 otherwise. Do not confuse with unit_kill_common()
4513 * which is used for user-requested killing of unit processes. */
4515 if (c
->kill_mode
== KILL_NONE
)
4519 sig
= operation_to_signal(c
, k
, ¬eworthy
);
4521 log_func
= log_kill
;
4525 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4530 log_func(main_pid
, sig
, u
);
4532 r
= kill_and_sigcont(main_pid
, sig
);
4533 if (r
< 0 && r
!= -ESRCH
) {
4534 _cleanup_free_
char *comm
= NULL
;
4535 (void) get_process_comm(main_pid
, &comm
);
4537 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4539 if (!main_pid_alien
)
4540 wait_for_exit
= true;
4542 if (r
!= -ESRCH
&& send_sighup
)
4543 (void) kill(main_pid
, SIGHUP
);
4547 if (control_pid
> 0) {
4549 log_func(control_pid
, sig
, u
);
4551 r
= kill_and_sigcont(control_pid
, sig
);
4552 if (r
< 0 && r
!= -ESRCH
) {
4553 _cleanup_free_
char *comm
= NULL
;
4554 (void) get_process_comm(control_pid
, &comm
);
4556 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4558 wait_for_exit
= true;
4560 if (r
!= -ESRCH
&& send_sighup
)
4561 (void) kill(control_pid
, SIGHUP
);
4565 if (u
->cgroup_path
&&
4566 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4567 _cleanup_set_free_ Set
*pid_set
= NULL
;
4569 /* Exclude the main/control pids from being killed via the cgroup */
4570 pid_set
= unit_pid_set(main_pid
, control_pid
);
4574 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4576 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4580 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4581 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", empty_to_root(u
->cgroup_path
));
4585 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4586 * we are running in a container or if this is a delegation unit, simply because cgroup
4587 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4588 * of containers it can be confused easily by left-over directories in the cgroup — which
4589 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4590 * there we get proper events. Hence rely on them. */
4592 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4593 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4594 wait_for_exit
= true;
4599 pid_set
= unit_pid_set(main_pid
, control_pid
);
4603 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4612 return wait_for_exit
;
4615 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4621 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these
4622 * paths in the unit (from the path to the UnitDependencyInfo structure indicating how to the
4623 * dependency came to be). However, we build a prefix table for all possible prefixes so that new
4624 * appearing mount units can easily determine which units to make themselves a dependency of. */
4626 if (!path_is_absolute(path
))
4629 if (hashmap_contains(u
->requires_mounts_for
, path
)) /* Exit quickly if the path is already covered. */
4632 _cleanup_free_
char *p
= strdup(path
);
4636 /* Use the canonical form of the path as the stored key. We call path_is_normalized()
4637 * only after simplification, since path_is_normalized() rejects paths with '.'.
4638 * path_is_normalized() also verifies that the path fits in PATH_MAX. */
4639 path
= path_simplify(p
);
4641 if (!path_is_normalized(path
))
4644 UnitDependencyInfo di
= {
4648 r
= hashmap_ensure_put(&u
->requires_mounts_for
, &path_hash_ops
, p
, di
.data
);
4652 TAKE_PTR(p
); /* path remains a valid pointer to the string stored in the hashmap */
4654 char prefix
[strlen(path
) + 1];
4655 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4658 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4660 _cleanup_free_
char *q
= NULL
;
4662 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4674 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4690 int unit_setup_exec_runtime(Unit
*u
) {
4696 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4699 /* Check if there already is an ExecRuntime for this unit? */
4700 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4704 /* Try to get it from somebody else */
4705 UNIT_FOREACH_DEPENDENCY(other
, u
, UNIT_ATOM_JOINS_NAMESPACE_OF
) {
4706 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4711 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4714 int unit_setup_dynamic_creds(Unit
*u
) {
4716 DynamicCreds
*dcreds
;
4721 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4723 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4725 ec
= unit_get_exec_context(u
);
4728 if (!ec
->dynamic_user
)
4731 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4734 bool unit_type_supported(UnitType t
) {
4735 if (_unlikely_(t
< 0))
4737 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4740 if (!unit_vtable
[t
]->supported
)
4743 return unit_vtable
[t
]->supported();
4746 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4752 if (!unit_log_level_test(u
, LOG_NOTICE
))
4755 r
= dir_is_empty(where
);
4756 if (r
> 0 || r
== -ENOTDIR
)
4759 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4763 log_unit_struct(u
, LOG_NOTICE
,
4764 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4765 LOG_UNIT_INVOCATION_ID(u
),
4766 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4770 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4771 _cleanup_free_
char *canonical_where
= NULL
;
4777 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
, NULL
);
4779 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4783 /* We will happily ignore a trailing slash (or any redundant slashes) */
4784 if (path_equal(where
, canonical_where
))
4787 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4788 log_unit_struct(u
, LOG_ERR
,
4789 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4790 LOG_UNIT_INVOCATION_ID(u
),
4791 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4797 bool unit_is_pristine(Unit
*u
) {
4800 /* Check if the unit already exists or is already around,
4801 * in a number of different ways. Note that to cater for unit
4802 * types such as slice, we are generally fine with units that
4803 * are marked UNIT_LOADED even though nothing was actually
4804 * loaded, as those unit types don't require a file on disk. */
4806 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4809 !strv_isempty(u
->dropin_paths
) ||
4814 pid_t
unit_control_pid(Unit
*u
) {
4817 if (UNIT_VTABLE(u
)->control_pid
)
4818 return UNIT_VTABLE(u
)->control_pid(u
);
4823 pid_t
unit_main_pid(Unit
*u
) {
4826 if (UNIT_VTABLE(u
)->main_pid
)
4827 return UNIT_VTABLE(u
)->main_pid(u
);
4832 static void unit_unref_uid_internal(
4836 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4840 assert(_manager_unref_uid
);
4842 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4843 * gid_t are actually the same time, with the same validity rules.
4845 * Drops a reference to UID/GID from a unit. */
4847 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4848 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4850 if (!uid_is_valid(*ref_uid
))
4853 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4854 *ref_uid
= UID_INVALID
;
4857 static void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4858 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4861 static void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4862 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4865 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
4868 unit_unref_uid(u
, destroy_now
);
4869 unit_unref_gid(u
, destroy_now
);
4872 static int unit_ref_uid_internal(
4877 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
4883 assert(uid_is_valid(uid
));
4884 assert(_manager_ref_uid
);
4886 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4887 * are actually the same type, and have the same validity rules.
4889 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4890 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4893 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4894 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4896 if (*ref_uid
== uid
)
4899 if (uid_is_valid(*ref_uid
)) /* Already set? */
4902 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
4910 static int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
4911 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
4914 static int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
4915 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
4918 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
4923 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4925 if (uid_is_valid(uid
)) {
4926 r
= unit_ref_uid(u
, uid
, clean_ipc
);
4931 if (gid_is_valid(gid
)) {
4932 q
= unit_ref_gid(u
, gid
, clean_ipc
);
4935 unit_unref_uid(u
, false);
4941 return r
> 0 || q
> 0;
4944 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
4950 c
= unit_get_exec_context(u
);
4952 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
4954 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4959 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
4964 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4965 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4966 * objects when no service references the UID/GID anymore. */
4968 r
= unit_ref_uid_gid(u
, uid
, gid
);
4970 unit_add_to_dbus_queue(u
);
4973 int unit_acquire_invocation_id(Unit
*u
) {
4979 r
= sd_id128_randomize(&id
);
4981 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
4983 r
= unit_set_invocation_id(u
, id
);
4985 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
4987 unit_add_to_dbus_queue(u
);
4991 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
4997 /* Copy parameters from manager */
4998 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5002 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5003 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5004 p
->prefix
= u
->manager
->prefix
;
5005 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5007 /* Copy parameters from unit */
5008 p
->cgroup_path
= u
->cgroup_path
;
5009 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5011 p
->received_credentials
= u
->manager
->received_credentials
;
5016 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5022 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5023 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5025 (void) unit_realize_cgroup(u
);
5027 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5031 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
);
5032 (void) ignore_signals(SIGPIPE
);
5034 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5036 if (u
->cgroup_path
) {
5037 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5039 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", empty_to_root(u
->cgroup_path
));
5047 int unit_fork_and_watch_rm_rf(Unit
*u
, char **paths
, pid_t
*ret_pid
) {
5054 r
= unit_fork_helper_process(u
, "(sd-rmrf)", &pid
);
5058 int ret
= EXIT_SUCCESS
;
5061 STRV_FOREACH(i
, paths
) {
5062 r
= rm_rf(*i
, REMOVE_ROOT
|REMOVE_PHYSICAL
|REMOVE_MISSING_OK
);
5064 log_error_errno(r
, "Failed to remove '%s': %m", *i
);
5072 r
= unit_watch_pid(u
, pid
, true);
5080 static void unit_update_dependency_mask(Hashmap
*deps
, Unit
*other
, UnitDependencyInfo di
) {
5084 if (di
.origin_mask
== 0 && di
.destination_mask
== 0)
5085 /* No bit set anymore, let's drop the whole entry */
5086 assert_se(hashmap_remove(deps
, other
));
5088 /* Mask was reduced, let's update the entry */
5089 assert_se(hashmap_update(deps
, other
, di
.data
) == 0);
5092 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5096 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5101 HASHMAP_FOREACH(deps
, u
->dependencies
) {
5105 UnitDependencyInfo di
;
5110 HASHMAP_FOREACH_KEY(di
.data
, other
, deps
) {
5111 Hashmap
*other_deps
;
5113 if (FLAGS_SET(~mask
, di
.origin_mask
))
5116 di
.origin_mask
&= ~mask
;
5117 unit_update_dependency_mask(deps
, other
, di
);
5119 /* We updated the dependency from our unit to the other unit now. But most
5120 * dependencies imply a reverse dependency. Hence, let's delete that one
5121 * too. For that we go through all dependency types on the other unit and
5122 * delete all those which point to us and have the right mask set. */
5124 HASHMAP_FOREACH(other_deps
, other
->dependencies
) {
5125 UnitDependencyInfo dj
;
5127 dj
.data
= hashmap_get(other_deps
, u
);
5128 if (FLAGS_SET(~mask
, dj
.destination_mask
))
5131 dj
.destination_mask
&= ~mask
;
5132 unit_update_dependency_mask(other_deps
, u
, dj
);
5135 unit_add_to_gc_queue(other
);
5145 static int unit_get_invocation_path(Unit
*u
, char **ret
) {
5152 if (MANAGER_IS_SYSTEM(u
->manager
))
5153 p
= strjoin("/run/systemd/units/invocation:", u
->id
);
5155 _cleanup_free_
char *user_path
= NULL
;
5156 r
= xdg_user_runtime_dir(&user_path
, "/systemd/units/invocation:");
5159 p
= strjoin(user_path
, u
->id
);
5169 static int unit_export_invocation_id(Unit
*u
) {
5170 _cleanup_free_
char *p
= NULL
;
5175 if (u
->exported_invocation_id
)
5178 if (sd_id128_is_null(u
->invocation_id
))
5181 r
= unit_get_invocation_path(u
, &p
);
5183 return log_unit_debug_errno(u
, r
, "Failed to get invocation path: %m");
5185 r
= symlink_atomic_label(u
->invocation_id_string
, p
);
5187 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5189 u
->exported_invocation_id
= true;
5193 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5201 if (u
->exported_log_level_max
)
5204 if (c
->log_level_max
< 0)
5207 assert(c
->log_level_max
<= 7);
5209 buf
[0] = '0' + c
->log_level_max
;
5212 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5213 r
= symlink_atomic(buf
, p
);
5215 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5217 u
->exported_log_level_max
= true;
5221 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5222 _cleanup_close_
int fd
= -1;
5223 struct iovec
*iovec
;
5230 if (u
->exported_log_extra_fields
)
5233 if (c
->n_log_extra_fields
<= 0)
5236 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5237 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5239 for (size_t i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5240 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5242 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5243 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5246 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5247 pattern
= strjoina(p
, ".XXXXXX");
5249 fd
= mkostemp_safe(pattern
);
5251 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5253 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5255 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5259 (void) fchmod(fd
, 0644);
5261 if (rename(pattern
, p
) < 0) {
5262 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5266 u
->exported_log_extra_fields
= true;
5270 (void) unlink(pattern
);
5274 static int unit_export_log_ratelimit_interval(Unit
*u
, const ExecContext
*c
) {
5275 _cleanup_free_
char *buf
= NULL
;
5282 if (u
->exported_log_ratelimit_interval
)
5285 if (c
->log_ratelimit_interval_usec
== 0)
5288 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5290 if (asprintf(&buf
, "%" PRIu64
, c
->log_ratelimit_interval_usec
) < 0)
5293 r
= symlink_atomic(buf
, p
);
5295 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5297 u
->exported_log_ratelimit_interval
= true;
5301 static int unit_export_log_ratelimit_burst(Unit
*u
, const ExecContext
*c
) {
5302 _cleanup_free_
char *buf
= NULL
;
5309 if (u
->exported_log_ratelimit_burst
)
5312 if (c
->log_ratelimit_burst
== 0)
5315 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5317 if (asprintf(&buf
, "%u", c
->log_ratelimit_burst
) < 0)
5320 r
= symlink_atomic(buf
, p
);
5322 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5324 u
->exported_log_ratelimit_burst
= true;
5328 void unit_export_state_files(Unit
*u
) {
5329 const ExecContext
*c
;
5336 if (MANAGER_IS_TEST_RUN(u
->manager
))
5339 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5340 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5341 * the IPC system itself and PID 1 also log to the journal.
5343 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5344 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5345 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5346 * namespace at least.
5348 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5349 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5352 (void) unit_export_invocation_id(u
);
5354 if (!MANAGER_IS_SYSTEM(u
->manager
))
5357 c
= unit_get_exec_context(u
);
5359 (void) unit_export_log_level_max(u
, c
);
5360 (void) unit_export_log_extra_fields(u
, c
);
5361 (void) unit_export_log_ratelimit_interval(u
, c
);
5362 (void) unit_export_log_ratelimit_burst(u
, c
);
5366 void unit_unlink_state_files(Unit
*u
) {
5374 /* Undoes the effect of unit_export_state() */
5376 if (u
->exported_invocation_id
) {
5377 _cleanup_free_
char *invocation_path
= NULL
;
5378 int r
= unit_get_invocation_path(u
, &invocation_path
);
5380 (void) unlink(invocation_path
);
5381 u
->exported_invocation_id
= false;
5385 if (!MANAGER_IS_SYSTEM(u
->manager
))
5388 if (u
->exported_log_level_max
) {
5389 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5392 u
->exported_log_level_max
= false;
5395 if (u
->exported_log_extra_fields
) {
5396 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5399 u
->exported_log_extra_fields
= false;
5402 if (u
->exported_log_ratelimit_interval
) {
5403 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5406 u
->exported_log_ratelimit_interval
= false;
5409 if (u
->exported_log_ratelimit_burst
) {
5410 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5413 u
->exported_log_ratelimit_burst
= false;
5417 int unit_prepare_exec(Unit
*u
) {
5422 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5423 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5424 r
= bpf_firewall_load_custom(u
);
5428 /* Prepares everything so that we can fork of a process for this unit */
5430 (void) unit_realize_cgroup(u
);
5432 if (u
->reset_accounting
) {
5433 (void) unit_reset_accounting(u
);
5434 u
->reset_accounting
= false;
5437 unit_export_state_files(u
);
5439 r
= unit_setup_exec_runtime(u
);
5443 r
= unit_setup_dynamic_creds(u
);
5450 static bool ignore_leftover_process(const char *comm
) {
5451 return comm
&& comm
[0] == '('; /* Most likely our own helper process (PAM?), ignore */
5454 int unit_log_leftover_process_start(pid_t pid
, int sig
, void *userdata
) {
5455 _cleanup_free_
char *comm
= NULL
;
5457 (void) get_process_comm(pid
, &comm
);
5459 if (ignore_leftover_process(comm
))
5462 /* During start we print a warning */
5464 log_unit_warning(userdata
,
5465 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5466 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5472 int unit_log_leftover_process_stop(pid_t pid
, int sig
, void *userdata
) {
5473 _cleanup_free_
char *comm
= NULL
;
5475 (void) get_process_comm(pid
, &comm
);
5477 if (ignore_leftover_process(comm
))
5480 /* During stop we only print an informational message */
5482 log_unit_info(userdata
,
5483 "Unit process " PID_FMT
" (%s) remains running after unit stopped.",
5489 int unit_warn_leftover_processes(Unit
*u
, cg_kill_log_func_t log_func
) {
5492 (void) unit_pick_cgroup_path(u
);
5494 if (!u
->cgroup_path
)
5497 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_func
, u
);
5500 bool unit_needs_console(Unit
*u
) {
5502 UnitActiveState state
;
5506 state
= unit_active_state(u
);
5508 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5511 if (UNIT_VTABLE(u
)->needs_console
)
5512 return UNIT_VTABLE(u
)->needs_console(u
);
5514 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5515 ec
= unit_get_exec_context(u
);
5519 return exec_context_may_touch_console(ec
);
5522 const char *unit_label_path(const Unit
*u
) {
5527 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5528 * when validating access checks. */
5530 if (IN_SET(u
->load_state
, UNIT_MASKED
, UNIT_NOT_FOUND
, UNIT_MERGED
))
5531 return NULL
; /* Shortcut things if we know there is no real, relevant unit file around */
5533 p
= u
->source_path
?: u
->fragment_path
;
5537 if (IN_SET(u
->load_state
, UNIT_LOADED
, UNIT_BAD_SETTING
, UNIT_ERROR
))
5538 return p
; /* Shortcut things, if we successfully loaded at least some stuff from the unit file */
5540 /* Not loaded yet, we need to go to disk */
5541 assert(u
->load_state
== UNIT_STUB
);
5543 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5544 if (null_or_empty_path(p
) > 0)
5550 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5555 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5556 * and not a kernel thread either */
5558 /* First, a simple range check */
5559 if (!pid_is_valid(pid
))
5560 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5562 /* Some extra safety check */
5563 if (pid
== 1 || pid
== getpid_cached())
5564 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5566 /* Don't even begin to bother with kernel threads */
5567 r
= is_kernel_thread(pid
);
5569 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5571 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5573 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5578 void unit_log_success(Unit
*u
) {
5581 /* Let's show message "Deactivated successfully" in debug mode (when manager is user) rather than in info mode.
5582 * This message has low information value for regular users and it might be a bit overwhelming on a system with
5583 * a lot of devices. */
5585 MANAGER_IS_USER(u
->manager
) ? LOG_DEBUG
: LOG_INFO
,
5586 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5587 LOG_UNIT_INVOCATION_ID(u
),
5588 LOG_UNIT_MESSAGE(u
, "Deactivated successfully."));
5591 void unit_log_failure(Unit
*u
, const char *result
) {
5595 log_unit_struct(u
, LOG_WARNING
,
5596 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5597 LOG_UNIT_INVOCATION_ID(u
),
5598 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5599 "UNIT_RESULT=%s", result
);
5602 void unit_log_skip(Unit
*u
, const char *result
) {
5606 log_unit_struct(u
, LOG_INFO
,
5607 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
5608 LOG_UNIT_INVOCATION_ID(u
),
5609 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
5610 "UNIT_RESULT=%s", result
);
5613 void unit_log_process_exit(
5616 const char *command
,
5626 /* If this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
5627 * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
5628 * that the service already logged the reason at a higher log level on its own. Otherwise, make it a
5632 else if (code
== CLD_EXITED
)
5635 level
= LOG_WARNING
;
5637 log_unit_struct(u
, level
,
5638 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5639 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s%s",
5641 sigchld_code_to_string(code
), status
,
5642 strna(code
== CLD_EXITED
5643 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5644 : signal_to_string(status
)),
5645 success
? " (success)" : ""),
5646 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5647 "EXIT_STATUS=%i", status
,
5648 "COMMAND=%s", strna(command
),
5649 LOG_UNIT_INVOCATION_ID(u
));
5652 int unit_exit_status(Unit
*u
) {
5655 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5656 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5657 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5658 * service process has exited abnormally (signal/coredump). */
5660 if (!UNIT_VTABLE(u
)->exit_status
)
5663 return UNIT_VTABLE(u
)->exit_status(u
);
5666 int unit_failure_action_exit_status(Unit
*u
) {
5671 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5673 if (u
->failure_action_exit_status
>= 0)
5674 return u
->failure_action_exit_status
;
5676 r
= unit_exit_status(u
);
5677 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5683 int unit_success_action_exit_status(Unit
*u
) {
5688 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5690 if (u
->success_action_exit_status
>= 0)
5691 return u
->success_action_exit_status
;
5693 r
= unit_exit_status(u
);
5694 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5700 int unit_test_trigger_loaded(Unit
*u
) {
5703 /* Tests whether the unit to trigger is loaded */
5705 trigger
= UNIT_TRIGGER(u
);
5707 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5708 "Refusing to start, no unit to trigger.");
5709 if (trigger
->load_state
!= UNIT_LOADED
)
5710 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
),
5711 "Refusing to start, unit %s to trigger not loaded.", trigger
->id
);
5716 void unit_destroy_runtime_data(Unit
*u
, const ExecContext
*context
) {
5720 if (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_NO
||
5721 (context
->runtime_directory_preserve_mode
== EXEC_PRESERVE_RESTART
&& !unit_will_restart(u
)))
5722 exec_context_destroy_runtime_directory(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
5724 exec_context_destroy_credentials(context
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
], u
->id
);
5727 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
5728 UnitActiveState state
;
5732 /* Special return values:
5734 * -EOPNOTSUPP → cleaning not supported for this unit type
5735 * -EUNATCH → cleaning not defined for this resource type
5736 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5737 * a job queued or similar
5740 if (!UNIT_VTABLE(u
)->clean
)
5746 if (u
->load_state
!= UNIT_LOADED
)
5752 state
= unit_active_state(u
);
5753 if (!IN_SET(state
, UNIT_INACTIVE
))
5756 return UNIT_VTABLE(u
)->clean(u
, mask
);
5759 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
5762 if (!UNIT_VTABLE(u
)->clean
||
5763 u
->load_state
!= UNIT_LOADED
) {
5768 /* When the clean() method is set, can_clean() really should be set too */
5769 assert(UNIT_VTABLE(u
)->can_clean
);
5771 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
5774 bool unit_can_freeze(Unit
*u
) {
5777 if (UNIT_VTABLE(u
)->can_freeze
)
5778 return UNIT_VTABLE(u
)->can_freeze(u
);
5780 return UNIT_VTABLE(u
)->freeze
;
5783 void unit_frozen(Unit
*u
) {
5786 u
->freezer_state
= FREEZER_FROZEN
;
5788 bus_unit_send_pending_freezer_message(u
);
5791 void unit_thawed(Unit
*u
) {
5794 u
->freezer_state
= FREEZER_RUNNING
;
5796 bus_unit_send_pending_freezer_message(u
);
5799 static int unit_freezer_action(Unit
*u
, FreezerAction action
) {
5801 int (*method
)(Unit
*);
5805 assert(IN_SET(action
, FREEZER_FREEZE
, FREEZER_THAW
));
5807 method
= action
== FREEZER_FREEZE
? UNIT_VTABLE(u
)->freeze
: UNIT_VTABLE(u
)->thaw
;
5808 if (!method
|| !cg_freezer_supported())
5814 if (u
->load_state
!= UNIT_LOADED
)
5817 s
= unit_active_state(u
);
5818 if (s
!= UNIT_ACTIVE
)
5821 if (IN_SET(u
->freezer_state
, FREEZER_FREEZING
, FREEZER_THAWING
))
5831 int unit_freeze(Unit
*u
) {
5832 return unit_freezer_action(u
, FREEZER_FREEZE
);
5835 int unit_thaw(Unit
*u
) {
5836 return unit_freezer_action(u
, FREEZER_THAW
);
5839 /* Wrappers around low-level cgroup freezer operations common for service and scope units */
5840 int unit_freeze_vtable_common(Unit
*u
) {
5841 return unit_cgroup_freezer_action(u
, FREEZER_FREEZE
);
5844 int unit_thaw_vtable_common(Unit
*u
) {
5845 return unit_cgroup_freezer_action(u
, FREEZER_THAW
);
5848 Condition
*unit_find_failed_condition(Unit
*u
) {
5849 Condition
*c
, *failed_trigger
= NULL
;
5850 bool has_succeeded_trigger
= false;
5852 if (u
->condition_result
)
5855 LIST_FOREACH(conditions
, c
, u
->conditions
)
5857 if (c
->result
== CONDITION_SUCCEEDED
)
5858 has_succeeded_trigger
= true;
5859 else if (!failed_trigger
)
5861 } else if (c
->result
!= CONDITION_SUCCEEDED
)
5864 return failed_trigger
&& !has_succeeded_trigger
? failed_trigger
: NULL
;
5867 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5868 [COLLECT_INACTIVE
] = "inactive",
5869 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5872 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);
5874 Unit
* unit_has_dependency(const Unit
*u
, UnitDependencyAtom atom
, Unit
*other
) {
5879 /* Checks if the unit has a dependency on 'other' with the specified dependency atom. If 'other' is
5880 * NULL checks if the unit has *any* dependency of that atom. Returns 'other' if found (or if 'other'
5881 * is NULL the first entry found), or NULL if not found. */
5883 UNIT_FOREACH_DEPENDENCY(i
, u
, atom
)
5884 if (!other
|| other
== i
)
5890 int unit_get_dependency_array(const Unit
*u
, UnitDependencyAtom atom
, Unit
***ret_array
) {
5891 _cleanup_free_ Unit
**array
= NULL
;
5898 /* Gets a list of units matching a specific atom as array. This is useful when iterating through
5899 * dependencies while modifying them: the array is an "atomic snapshot" of sorts, that can be read
5900 * while the dependency table is continuously updated. */
5902 UNIT_FOREACH_DEPENDENCY(other
, u
, atom
) {
5903 if (!GREEDY_REALLOC(array
, n
+ 1))
5909 *ret_array
= TAKE_PTR(array
);
5911 assert(n
<= INT_MAX
);