]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/socket.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
socket: if SO_RCVBUFFORCE fails, fall back to SO_RCVBUF, to have at least a little...
[thirdparty/systemd.git] / src / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <mqueue.h>
31
32 #include "unit.h"
33 #include "socket.h"
34 #include "netinet/tcp.h"
35 #include "log.h"
36 #include "load-dropin.h"
37 #include "load-fragment.h"
38 #include "strv.h"
39 #include "unit-name.h"
40 #include "dbus-socket.h"
41 #include "missing.h"
42 #include "special.h"
43 #include "bus-errors.h"
44 #include "label.h"
45 #include "exit-status.h"
46 #include "def.h"
47
48 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
49 [SOCKET_DEAD] = UNIT_INACTIVE,
50 [SOCKET_START_PRE] = UNIT_ACTIVATING,
51 [SOCKET_START_POST] = UNIT_ACTIVATING,
52 [SOCKET_LISTENING] = UNIT_ACTIVE,
53 [SOCKET_RUNNING] = UNIT_ACTIVE,
54 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
55 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
56 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
57 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
58 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
59 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
60 [SOCKET_FAILED] = UNIT_FAILED
61 };
62
63 static void socket_init(Unit *u) {
64 Socket *s = SOCKET(u);
65
66 assert(u);
67 assert(u->load_state == UNIT_STUB);
68
69 s->backlog = SOMAXCONN;
70 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
71 s->directory_mode = 0755;
72 s->socket_mode = 0666;
73
74 s->max_connections = 64;
75
76 s->priority = -1;
77 s->ip_tos = -1;
78 s->ip_ttl = -1;
79 s->mark = -1;
80
81 exec_context_init(&s->exec_context);
82 s->exec_context.std_output = u->manager->default_std_output;
83 s->exec_context.std_error = u->manager->default_std_error;
84
85 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
86 }
87
88 static void socket_unwatch_control_pid(Socket *s) {
89 assert(s);
90
91 if (s->control_pid <= 0)
92 return;
93
94 unit_unwatch_pid(UNIT(s), s->control_pid);
95 s->control_pid = 0;
96 }
97
98 static void socket_done(Unit *u) {
99 Socket *s = SOCKET(u);
100 SocketPort *p;
101
102 assert(s);
103
104 while ((p = s->ports)) {
105 LIST_REMOVE(SocketPort, port, s->ports, p);
106
107 if (p->fd >= 0) {
108 unit_unwatch_fd(UNIT(s), &p->fd_watch);
109 close_nointr_nofail(p->fd);
110 }
111
112 free(p->path);
113 free(p);
114 }
115
116 exec_context_done(&s->exec_context);
117 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
118 s->control_command = NULL;
119
120 socket_unwatch_control_pid(s);
121
122 unit_ref_unset(&s->service);
123
124 free(s->tcp_congestion);
125 s->tcp_congestion = NULL;
126
127 free(s->bind_to_device);
128 s->bind_to_device = NULL;
129
130 unit_unwatch_timer(u, &s->timer_watch);
131 }
132
133 static int socket_instantiate_service(Socket *s) {
134 char *prefix, *name;
135 int r;
136 Unit *u;
137
138 assert(s);
139
140 /* This fills in s->service if it isn't filled in yet. For
141 * Accept=yes sockets we create the next connection service
142 * here. For Accept=no this is mostly a NOP since the service
143 * is figured out at load time anyway. */
144
145 if (UNIT_DEREF(s->service))
146 return 0;
147
148 assert(s->accept);
149
150 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
151 return -ENOMEM;
152
153 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
154 free(prefix);
155
156 if (r < 0)
157 return -ENOMEM;
158
159 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
160 free(name);
161
162 if (r < 0)
163 return r;
164
165 #ifdef HAVE_SYSV_COMPAT
166 if (SERVICE(u)->sysv_path) {
167 log_error("Using SysV services for socket activation is not supported. Refusing.");
168 return -ENOENT;
169 }
170 #endif
171
172 u->no_gc = true;
173 unit_ref_set(&s->service, u);
174
175 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
176 }
177
178 static bool have_non_accept_socket(Socket *s) {
179 SocketPort *p;
180
181 assert(s);
182
183 if (!s->accept)
184 return true;
185
186 LIST_FOREACH(port, p, s->ports) {
187
188 if (p->type != SOCKET_SOCKET)
189 return true;
190
191 if (!socket_address_can_accept(&p->address))
192 return true;
193 }
194
195 return false;
196 }
197
198 static int socket_verify(Socket *s) {
199 assert(s);
200
201 if (UNIT(s)->load_state != UNIT_LOADED)
202 return 0;
203
204 if (!s->ports) {
205 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
206 return -EINVAL;
207 }
208
209 if (s->accept && have_non_accept_socket(s)) {
210 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
211 return -EINVAL;
212 }
213
214 if (s->accept && s->max_connections <= 0) {
215 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
216 return -EINVAL;
217 }
218
219 if (s->accept && UNIT_DEREF(s->service)) {
220 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
221 return -EINVAL;
222 }
223
224 if (s->exec_context.pam_name && s->exec_context.kill_mode != KILL_CONTROL_GROUP) {
225 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
226 return -EINVAL;
227 }
228
229 return 0;
230 }
231
232 static bool socket_needs_mount(Socket *s, const char *prefix) {
233 SocketPort *p;
234
235 assert(s);
236
237 LIST_FOREACH(port, p, s->ports) {
238
239 if (p->type == SOCKET_SOCKET) {
240 if (socket_address_needs_mount(&p->address, prefix))
241 return true;
242 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
243 if (path_startswith(p->path, prefix))
244 return true;
245 }
246 }
247
248 return false;
249 }
250
251 int socket_add_one_mount_link(Socket *s, Mount *m) {
252 int r;
253
254 assert(s);
255 assert(m);
256
257 if (UNIT(s)->load_state != UNIT_LOADED ||
258 UNIT(m)->load_state != UNIT_LOADED)
259 return 0;
260
261 if (!socket_needs_mount(s, m->where))
262 return 0;
263
264 if ((r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true)) < 0)
265 return r;
266
267 return 0;
268 }
269
270 static int socket_add_mount_links(Socket *s) {
271 Unit *other;
272 int r;
273
274 assert(s);
275
276 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT])
277 if ((r = socket_add_one_mount_link(s, MOUNT(other))) < 0)
278 return r;
279
280 return 0;
281 }
282
283 static int socket_add_device_link(Socket *s) {
284 char *t;
285 int r;
286
287 assert(s);
288
289 if (!s->bind_to_device)
290 return 0;
291
292 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
293 return -ENOMEM;
294
295 r = unit_add_node_link(UNIT(s), t, false);
296 free(t);
297
298 return r;
299 }
300
301 static int socket_add_default_dependencies(Socket *s) {
302 int r;
303 assert(s);
304
305 if (UNIT(s)->manager->running_as == MANAGER_SYSTEM) {
306 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
307 return r;
308
309 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
310 return r;
311 }
312
313 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
314 }
315
316 static bool socket_has_exec(Socket *s) {
317 unsigned i;
318 assert(s);
319
320 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
321 if (s->exec_command[i])
322 return true;
323
324 return false;
325 }
326
327 static int socket_load(Unit *u) {
328 Socket *s = SOCKET(u);
329 int r;
330
331 assert(u);
332 assert(u->load_state == UNIT_STUB);
333
334 if ((r = unit_load_fragment_and_dropin(u)) < 0)
335 return r;
336
337 /* This is a new unit? Then let's add in some extras */
338 if (u->load_state == UNIT_LOADED) {
339
340 if (have_non_accept_socket(s)) {
341
342 if (!UNIT_DEREF(s->service)) {
343 Unit *x;
344
345 r = unit_load_related_unit(u, ".service", &x);
346 if (r < 0)
347 return r;
348
349 unit_ref_set(&s->service, x);
350 }
351
352 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
353 if (r < 0)
354 return r;
355 }
356
357 if ((r = socket_add_mount_links(s)) < 0)
358 return r;
359
360 if ((r = socket_add_device_link(s)) < 0)
361 return r;
362
363 if (socket_has_exec(s))
364 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
365 return r;
366
367 if ((r = unit_add_default_cgroups(u)) < 0)
368 return r;
369
370 if (UNIT(s)->default_dependencies)
371 if ((r = socket_add_default_dependencies(s)) < 0)
372 return r;
373 }
374
375 return socket_verify(s);
376 }
377
378 static const char* listen_lookup(int family, int type) {
379
380 if (family == AF_NETLINK)
381 return "ListenNetlink";
382
383 if (type == SOCK_STREAM)
384 return "ListenStream";
385 else if (type == SOCK_DGRAM)
386 return "ListenDatagram";
387 else if (type == SOCK_SEQPACKET)
388 return "ListenSequentialPacket";
389
390 assert_not_reached("Unknown socket type");
391 return NULL;
392 }
393
394 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
395
396 SocketExecCommand c;
397 Socket *s = SOCKET(u);
398 SocketPort *p;
399 const char *prefix2;
400 char *p2;
401
402 assert(s);
403 assert(f);
404
405 p2 = strappend(prefix, "\t");
406 prefix2 = p2 ? p2 : prefix;
407
408 fprintf(f,
409 "%sSocket State: %s\n"
410 "%sBindIPv6Only: %s\n"
411 "%sBacklog: %u\n"
412 "%sSocketMode: %04o\n"
413 "%sDirectoryMode: %04o\n"
414 "%sKeepAlive: %s\n"
415 "%sFreeBind: %s\n"
416 "%sTransparent: %s\n"
417 "%sBroadcast: %s\n"
418 "%sPassCrededentials: %s\n"
419 "%sTCPCongestion: %s\n",
420 prefix, socket_state_to_string(s->state),
421 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
422 prefix, s->backlog,
423 prefix, s->socket_mode,
424 prefix, s->directory_mode,
425 prefix, yes_no(s->keep_alive),
426 prefix, yes_no(s->free_bind),
427 prefix, yes_no(s->transparent),
428 prefix, yes_no(s->broadcast),
429 prefix, yes_no(s->pass_cred),
430 prefix, strna(s->tcp_congestion));
431
432 if (s->control_pid > 0)
433 fprintf(f,
434 "%sControl PID: %lu\n",
435 prefix, (unsigned long) s->control_pid);
436
437 if (s->bind_to_device)
438 fprintf(f,
439 "%sBindToDevice: %s\n",
440 prefix, s->bind_to_device);
441
442 if (s->accept)
443 fprintf(f,
444 "%sAccepted: %u\n"
445 "%sNConnections: %u\n"
446 "%sMaxConnections: %u\n",
447 prefix, s->n_accepted,
448 prefix, s->n_connections,
449 prefix, s->max_connections);
450
451 if (s->priority >= 0)
452 fprintf(f,
453 "%sPriority: %i\n",
454 prefix, s->priority);
455
456 if (s->receive_buffer > 0)
457 fprintf(f,
458 "%sReceiveBuffer: %zu\n",
459 prefix, s->receive_buffer);
460
461 if (s->send_buffer > 0)
462 fprintf(f,
463 "%sSendBuffer: %zu\n",
464 prefix, s->send_buffer);
465
466 if (s->ip_tos >= 0)
467 fprintf(f,
468 "%sIPTOS: %i\n",
469 prefix, s->ip_tos);
470
471 if (s->ip_ttl >= 0)
472 fprintf(f,
473 "%sIPTTL: %i\n",
474 prefix, s->ip_ttl);
475
476 if (s->pipe_size > 0)
477 fprintf(f,
478 "%sPipeSize: %zu\n",
479 prefix, s->pipe_size);
480
481 if (s->mark >= 0)
482 fprintf(f,
483 "%sMark: %i\n",
484 prefix, s->mark);
485
486 if (s->mq_maxmsg > 0)
487 fprintf(f,
488 "%sMessageQueueMaxMessages: %li\n",
489 prefix, s->mq_maxmsg);
490
491 if (s->mq_msgsize > 0)
492 fprintf(f,
493 "%sMessageQueueMessageSize: %li\n",
494 prefix, s->mq_msgsize);
495
496 LIST_FOREACH(port, p, s->ports) {
497
498 if (p->type == SOCKET_SOCKET) {
499 const char *t;
500 int r;
501 char *k = NULL;
502
503 if ((r = socket_address_print(&p->address, &k)) < 0)
504 t = strerror(-r);
505 else
506 t = k;
507
508 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
509 free(k);
510 } else if (p->type == SOCKET_SPECIAL)
511 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
512 else if (p->type == SOCKET_MQUEUE)
513 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
514 else
515 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
516 }
517
518 exec_context_dump(&s->exec_context, f, prefix);
519
520 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
521 if (!s->exec_command[c])
522 continue;
523
524 fprintf(f, "%s-> %s:\n",
525 prefix, socket_exec_command_to_string(c));
526
527 exec_command_dump_list(s->exec_command[c], f, prefix2);
528 }
529
530 free(p2);
531 }
532
533 static int instance_from_socket(int fd, unsigned nr, char **instance) {
534 socklen_t l;
535 char *r;
536 union {
537 struct sockaddr sa;
538 struct sockaddr_un un;
539 struct sockaddr_in in;
540 struct sockaddr_in6 in6;
541 struct sockaddr_storage storage;
542 } local, remote;
543
544 assert(fd >= 0);
545 assert(instance);
546
547 l = sizeof(local);
548 if (getsockname(fd, &local.sa, &l) < 0)
549 return -errno;
550
551 l = sizeof(remote);
552 if (getpeername(fd, &remote.sa, &l) < 0)
553 return -errno;
554
555 switch (local.sa.sa_family) {
556
557 case AF_INET: {
558 uint32_t
559 a = ntohl(local.in.sin_addr.s_addr),
560 b = ntohl(remote.in.sin_addr.s_addr);
561
562 if (asprintf(&r,
563 "%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
564 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
565 ntohs(local.in.sin_port),
566 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
567 ntohs(remote.in.sin_port)) < 0)
568 return -ENOMEM;
569
570 break;
571 }
572
573 case AF_INET6: {
574 static const char ipv4_prefix[] = {
575 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
576 };
577
578 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
579 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
580 const uint8_t
581 *a = local.in6.sin6_addr.s6_addr+12,
582 *b = remote.in6.sin6_addr.s6_addr+12;
583
584 if (asprintf(&r,
585 "%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
586 a[0], a[1], a[2], a[3],
587 ntohs(local.in6.sin6_port),
588 b[0], b[1], b[2], b[3],
589 ntohs(remote.in6.sin6_port)) < 0)
590 return -ENOMEM;
591 } else {
592 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
593
594 if (asprintf(&r,
595 "%s:%u-%s:%u",
596 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
597 ntohs(local.in6.sin6_port),
598 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
599 ntohs(remote.in6.sin6_port)) < 0)
600 return -ENOMEM;
601 }
602
603 break;
604 }
605
606 case AF_UNIX: {
607 struct ucred ucred;
608
609 l = sizeof(ucred);
610 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
611 return -errno;
612
613 if (asprintf(&r,
614 "%u-%lu-%lu",
615 nr,
616 (unsigned long) ucred.pid,
617 (unsigned long) ucred.uid) < 0)
618 return -ENOMEM;
619
620 break;
621 }
622
623 default:
624 assert_not_reached("Unhandled socket type.");
625 }
626
627 *instance = r;
628 return 0;
629 }
630
631 static void socket_close_fds(Socket *s) {
632 SocketPort *p;
633
634 assert(s);
635
636 LIST_FOREACH(port, p, s->ports) {
637 if (p->fd < 0)
638 continue;
639
640 unit_unwatch_fd(UNIT(s), &p->fd_watch);
641 close_nointr_nofail(p->fd);
642
643 /* One little note: we should never delete any sockets
644 * in the file system here! After all some other
645 * process we spawned might still have a reference of
646 * this fd and wants to continue to use it. Therefore
647 * we delete sockets in the file system before we
648 * create a new one, not after we stopped using
649 * one! */
650
651 p->fd = -1;
652 }
653 }
654
655 static void socket_apply_socket_options(Socket *s, int fd) {
656 assert(s);
657 assert(fd >= 0);
658
659 if (s->keep_alive) {
660 int b = s->keep_alive;
661 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
662 log_warning("SO_KEEPALIVE failed: %m");
663 }
664
665 if (s->broadcast) {
666 int one = 1;
667 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
668 log_warning("SO_BROADCAST failed: %m");
669 }
670
671 if (s->pass_cred) {
672 int one = 1;
673 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
674 log_warning("SO_PASSCRED failed: %m");
675 }
676
677 if (s->priority >= 0)
678 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
679 log_warning("SO_PRIORITY failed: %m");
680
681 if (s->receive_buffer > 0) {
682 int value = (int) s->receive_buffer;
683
684 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
685
686 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
687 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
688 log_warning("SO_RCVBUF failed: %m");
689 }
690
691 if (s->send_buffer > 0) {
692 int value = (int) s->send_buffer;
693 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
694 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
695 log_warning("SO_SNDBUF failed: %m");
696 }
697
698 if (s->mark >= 0)
699 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
700 log_warning("SO_MARK failed: %m");
701
702 if (s->ip_tos >= 0)
703 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
704 log_warning("IP_TOS failed: %m");
705
706 if (s->ip_ttl >= 0) {
707 int r, x;
708
709 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
710
711 if (socket_ipv6_is_supported())
712 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
713 else {
714 x = -1;
715 errno = EAFNOSUPPORT;
716 }
717
718 if (r < 0 && x < 0)
719 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
720 }
721
722 if (s->tcp_congestion)
723 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
724 log_warning("TCP_CONGESTION failed: %m");
725 }
726
727 static void socket_apply_fifo_options(Socket *s, int fd) {
728 assert(s);
729 assert(fd >= 0);
730
731 if (s->pipe_size > 0)
732 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
733 log_warning("F_SETPIPE_SZ: %m");
734 }
735
736 static int fifo_address_create(
737 const char *path,
738 mode_t directory_mode,
739 mode_t socket_mode,
740 int *_fd) {
741
742 int fd = -1, r = 0;
743 struct stat st;
744 mode_t old_mask;
745
746 assert(path);
747 assert(_fd);
748
749 mkdir_parents(path, directory_mode);
750
751 if ((r = label_fifofile_set(path)) < 0)
752 goto fail;
753
754 /* Enforce the right access mode for the fifo */
755 old_mask = umask(~ socket_mode);
756
757 /* Include the original umask in our mask */
758 umask(~socket_mode | old_mask);
759
760 r = mkfifo(path, socket_mode);
761 umask(old_mask);
762
763 if (r < 0 && errno != EEXIST) {
764 r = -errno;
765 goto fail;
766 }
767
768 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
769 r = -errno;
770 goto fail;
771 }
772
773 label_file_clear();
774
775 if (fstat(fd, &st) < 0) {
776 r = -errno;
777 goto fail;
778 }
779
780 if (!S_ISFIFO(st.st_mode) ||
781 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
782 st.st_uid != getuid() ||
783 st.st_gid != getgid()) {
784
785 r = -EEXIST;
786 goto fail;
787 }
788
789 *_fd = fd;
790 return 0;
791
792 fail:
793 label_file_clear();
794
795 if (fd >= 0)
796 close_nointr_nofail(fd);
797
798 return r;
799 }
800
801 static int special_address_create(
802 const char *path,
803 int *_fd) {
804
805 int fd = -1, r = 0;
806 struct stat st;
807
808 assert(path);
809 assert(_fd);
810
811 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
812 r = -errno;
813 goto fail;
814 }
815
816 if (fstat(fd, &st) < 0) {
817 r = -errno;
818 goto fail;
819 }
820
821 /* Check whether this is a /proc, /sys or /dev file or char device */
822 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
823 r = -EEXIST;
824 goto fail;
825 }
826
827 *_fd = fd;
828 return 0;
829
830 fail:
831 if (fd >= 0)
832 close_nointr_nofail(fd);
833
834 return r;
835 }
836
837 static int mq_address_create(
838 const char *path,
839 mode_t mq_mode,
840 long maxmsg,
841 long msgsize,
842 int *_fd) {
843
844 int fd = -1, r = 0;
845 struct stat st;
846 mode_t old_mask;
847 struct mq_attr _attr, *attr = NULL;
848
849 assert(path);
850 assert(_fd);
851
852 if (maxmsg > 0 && msgsize > 0) {
853 zero(_attr);
854 _attr.mq_flags = O_NONBLOCK;
855 _attr.mq_maxmsg = maxmsg;
856 _attr.mq_msgsize = msgsize;
857 attr = &_attr;
858 }
859
860 /* Enforce the right access mode for the mq */
861 old_mask = umask(~ mq_mode);
862
863 /* Include the original umask in our mask */
864 umask(~mq_mode | old_mask);
865
866 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
867 umask(old_mask);
868
869 if (fd < 0) {
870 r = -errno;
871 goto fail;
872 }
873
874 if (fstat(fd, &st) < 0) {
875 r = -errno;
876 goto fail;
877 }
878
879 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
880 st.st_uid != getuid() ||
881 st.st_gid != getgid()) {
882
883 r = -EEXIST;
884 goto fail;
885 }
886
887 *_fd = fd;
888 return 0;
889
890 fail:
891 if (fd >= 0)
892 close_nointr_nofail(fd);
893
894 return r;
895 }
896
897 static int socket_open_fds(Socket *s) {
898 SocketPort *p;
899 int r;
900 char *label = NULL;
901 bool know_label = false;
902
903 assert(s);
904
905 LIST_FOREACH(port, p, s->ports) {
906
907 if (p->fd >= 0)
908 continue;
909
910 if (p->type == SOCKET_SOCKET) {
911
912 if (!know_label) {
913
914 if ((r = socket_instantiate_service(s)) < 0)
915 return r;
916
917 if (UNIT_DEREF(s->service) &&
918 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
919 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
920
921 if (r < 0) {
922 if (r != -EPERM)
923 return r;
924 }
925 }
926
927 know_label = true;
928 }
929
930 if ((r = socket_address_listen(
931 &p->address,
932 s->backlog,
933 s->bind_ipv6_only,
934 s->bind_to_device,
935 s->free_bind,
936 s->transparent,
937 s->directory_mode,
938 s->socket_mode,
939 label,
940 &p->fd)) < 0)
941 goto rollback;
942
943 socket_apply_socket_options(s, p->fd);
944
945 } else if (p->type == SOCKET_SPECIAL) {
946
947 if ((r = special_address_create(
948 p->path,
949 &p->fd)) < 0)
950 goto rollback;
951
952 } else if (p->type == SOCKET_FIFO) {
953
954 if ((r = fifo_address_create(
955 p->path,
956 s->directory_mode,
957 s->socket_mode,
958 &p->fd)) < 0)
959 goto rollback;
960
961 socket_apply_fifo_options(s, p->fd);
962 } else if (p->type == SOCKET_MQUEUE) {
963
964 if ((r = mq_address_create(
965 p->path,
966 s->socket_mode,
967 s->mq_maxmsg,
968 s->mq_msgsize,
969 &p->fd)) < 0)
970 goto rollback;
971 } else
972 assert_not_reached("Unknown port type");
973 }
974
975 label_free(label);
976 return 0;
977
978 rollback:
979 socket_close_fds(s);
980 label_free(label);
981 return r;
982 }
983
984 static void socket_unwatch_fds(Socket *s) {
985 SocketPort *p;
986
987 assert(s);
988
989 LIST_FOREACH(port, p, s->ports) {
990 if (p->fd < 0)
991 continue;
992
993 unit_unwatch_fd(UNIT(s), &p->fd_watch);
994 }
995 }
996
997 static int socket_watch_fds(Socket *s) {
998 SocketPort *p;
999 int r;
1000
1001 assert(s);
1002
1003 LIST_FOREACH(port, p, s->ports) {
1004 if (p->fd < 0)
1005 continue;
1006
1007 p->fd_watch.socket_accept =
1008 s->accept &&
1009 p->type == SOCKET_SOCKET &&
1010 socket_address_can_accept(&p->address);
1011
1012 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
1013 goto fail;
1014 }
1015
1016 return 0;
1017
1018 fail:
1019 socket_unwatch_fds(s);
1020 return r;
1021 }
1022
1023 static void socket_set_state(Socket *s, SocketState state) {
1024 SocketState old_state;
1025 assert(s);
1026
1027 old_state = s->state;
1028 s->state = state;
1029
1030 if (state != SOCKET_START_PRE &&
1031 state != SOCKET_START_POST &&
1032 state != SOCKET_STOP_PRE &&
1033 state != SOCKET_STOP_PRE_SIGTERM &&
1034 state != SOCKET_STOP_PRE_SIGKILL &&
1035 state != SOCKET_STOP_POST &&
1036 state != SOCKET_FINAL_SIGTERM &&
1037 state != SOCKET_FINAL_SIGKILL) {
1038 unit_unwatch_timer(UNIT(s), &s->timer_watch);
1039 socket_unwatch_control_pid(s);
1040 s->control_command = NULL;
1041 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1042 }
1043
1044 if (state != SOCKET_LISTENING)
1045 socket_unwatch_fds(s);
1046
1047 if (state != SOCKET_START_POST &&
1048 state != SOCKET_LISTENING &&
1049 state != SOCKET_RUNNING &&
1050 state != SOCKET_STOP_PRE &&
1051 state != SOCKET_STOP_PRE_SIGTERM &&
1052 state != SOCKET_STOP_PRE_SIGKILL)
1053 socket_close_fds(s);
1054
1055 if (state != old_state)
1056 log_debug("%s changed %s -> %s",
1057 UNIT(s)->id,
1058 socket_state_to_string(old_state),
1059 socket_state_to_string(state));
1060
1061 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1062 }
1063
1064 static int socket_coldplug(Unit *u) {
1065 Socket *s = SOCKET(u);
1066 int r;
1067
1068 assert(s);
1069 assert(s->state == SOCKET_DEAD);
1070
1071 if (s->deserialized_state != s->state) {
1072
1073 if (s->deserialized_state == SOCKET_START_PRE ||
1074 s->deserialized_state == SOCKET_START_POST ||
1075 s->deserialized_state == SOCKET_STOP_PRE ||
1076 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1077 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1078 s->deserialized_state == SOCKET_STOP_POST ||
1079 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1080 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1081
1082 if (s->control_pid <= 0)
1083 return -EBADMSG;
1084
1085 if ((r = unit_watch_pid(UNIT(s), s->control_pid)) < 0)
1086 return r;
1087
1088 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1089 return r;
1090 }
1091
1092 if (s->deserialized_state == SOCKET_START_POST ||
1093 s->deserialized_state == SOCKET_LISTENING ||
1094 s->deserialized_state == SOCKET_RUNNING ||
1095 s->deserialized_state == SOCKET_STOP_PRE ||
1096 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1097 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1098 if ((r = socket_open_fds(s)) < 0)
1099 return r;
1100
1101 if (s->deserialized_state == SOCKET_LISTENING)
1102 if ((r = socket_watch_fds(s)) < 0)
1103 return r;
1104
1105 socket_set_state(s, s->deserialized_state);
1106 }
1107
1108 return 0;
1109 }
1110
1111 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1112 pid_t pid;
1113 int r;
1114 char **argv;
1115
1116 assert(s);
1117 assert(c);
1118 assert(_pid);
1119
1120 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1121 goto fail;
1122
1123 if (!(argv = unit_full_printf_strv(UNIT(s), c->argv))) {
1124 r = -ENOMEM;
1125 goto fail;
1126 }
1127
1128 r = exec_spawn(c,
1129 argv,
1130 &s->exec_context,
1131 NULL, 0,
1132 UNIT(s)->manager->environment,
1133 true,
1134 true,
1135 true,
1136 UNIT(s)->manager->confirm_spawn,
1137 UNIT(s)->cgroup_bondings,
1138 UNIT(s)->cgroup_attributes,
1139 &pid);
1140
1141 strv_free(argv);
1142 if (r < 0)
1143 goto fail;
1144
1145 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
1146 /* FIXME: we need to do something here */
1147 goto fail;
1148
1149 *_pid = pid;
1150
1151 return 0;
1152
1153 fail:
1154 unit_unwatch_timer(UNIT(s), &s->timer_watch);
1155
1156 return r;
1157 }
1158
1159 static void socket_enter_dead(Socket *s, bool success) {
1160 assert(s);
1161
1162 if (!success)
1163 s->failure = true;
1164
1165 socket_set_state(s, s->failure ? SOCKET_FAILED : SOCKET_DEAD);
1166 }
1167
1168 static void socket_enter_signal(Socket *s, SocketState state, bool success);
1169
1170 static void socket_enter_stop_post(Socket *s, bool success) {
1171 int r;
1172 assert(s);
1173
1174 if (!success)
1175 s->failure = true;
1176
1177 socket_unwatch_control_pid(s);
1178
1179 s->control_command_id = SOCKET_EXEC_STOP_POST;
1180
1181 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1182 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1183 goto fail;
1184
1185 socket_set_state(s, SOCKET_STOP_POST);
1186 } else
1187 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, true);
1188
1189 return;
1190
1191 fail:
1192 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
1193 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, false);
1194 }
1195
1196 static void socket_enter_signal(Socket *s, SocketState state, bool success) {
1197 int r;
1198 Set *pid_set = NULL;
1199 bool wait_for_exit = false;
1200
1201 assert(s);
1202
1203 if (!success)
1204 s->failure = true;
1205
1206 if (s->exec_context.kill_mode != KILL_NONE) {
1207 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->exec_context.kill_signal : SIGKILL;
1208
1209 if (s->control_pid > 0) {
1210 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
1211
1212 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1213 else
1214 wait_for_exit = true;
1215 }
1216
1217 if (s->exec_context.kill_mode == KILL_CONTROL_GROUP) {
1218
1219 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1220 r = -ENOMEM;
1221 goto fail;
1222 }
1223
1224 /* Exclude the control pid from being killed via the cgroup */
1225 if (s->control_pid > 0)
1226 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1227 goto fail;
1228
1229 if ((r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, pid_set)) < 0) {
1230 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1231 log_warning("Failed to kill control group: %s", strerror(-r));
1232 } else if (r > 0)
1233 wait_for_exit = true;
1234
1235 set_free(pid_set);
1236 pid_set = NULL;
1237 }
1238 }
1239
1240 if (wait_for_exit) {
1241 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1242 goto fail;
1243
1244 socket_set_state(s, state);
1245 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1246 socket_enter_stop_post(s, true);
1247 else
1248 socket_enter_dead(s, true);
1249
1250 return;
1251
1252 fail:
1253 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1254
1255 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1256 socket_enter_stop_post(s, false);
1257 else
1258 socket_enter_dead(s, false);
1259
1260 if (pid_set)
1261 set_free(pid_set);
1262 }
1263
1264 static void socket_enter_stop_pre(Socket *s, bool success) {
1265 int r;
1266 assert(s);
1267
1268 if (!success)
1269 s->failure = true;
1270
1271 socket_unwatch_control_pid(s);
1272
1273 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1274
1275 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1276 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1277 goto fail;
1278
1279 socket_set_state(s, SOCKET_STOP_PRE);
1280 } else
1281 socket_enter_stop_post(s, true);
1282
1283 return;
1284
1285 fail:
1286 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1287 socket_enter_stop_post(s, false);
1288 }
1289
1290 static void socket_enter_listening(Socket *s) {
1291 int r;
1292 assert(s);
1293
1294 if ((r = socket_watch_fds(s)) < 0) {
1295 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1296 goto fail;
1297 }
1298
1299 socket_set_state(s, SOCKET_LISTENING);
1300 return;
1301
1302 fail:
1303 socket_enter_stop_pre(s, false);
1304 }
1305
1306 static void socket_enter_start_post(Socket *s) {
1307 int r;
1308 assert(s);
1309
1310 if ((r = socket_open_fds(s)) < 0) {
1311 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1312 goto fail;
1313 }
1314
1315 socket_unwatch_control_pid(s);
1316
1317 s->control_command_id = SOCKET_EXEC_START_POST;
1318
1319 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1320 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0) {
1321 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1322 goto fail;
1323 }
1324
1325 socket_set_state(s, SOCKET_START_POST);
1326 } else
1327 socket_enter_listening(s);
1328
1329 return;
1330
1331 fail:
1332 socket_enter_stop_pre(s, false);
1333 }
1334
1335 static void socket_enter_start_pre(Socket *s) {
1336 int r;
1337 assert(s);
1338
1339 socket_unwatch_control_pid(s);
1340
1341 s->control_command_id = SOCKET_EXEC_START_PRE;
1342
1343 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1344 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1345 goto fail;
1346
1347 socket_set_state(s, SOCKET_START_PRE);
1348 } else
1349 socket_enter_start_post(s);
1350
1351 return;
1352
1353 fail:
1354 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1355 socket_enter_dead(s, false);
1356 }
1357
1358 static void socket_enter_running(Socket *s, int cfd) {
1359 int r;
1360 DBusError error;
1361
1362 assert(s);
1363 dbus_error_init(&error);
1364
1365 /* We don't take connections anymore if we are supposed to
1366 * shut down anyway */
1367 if (unit_pending_inactive(UNIT(s))) {
1368 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1369
1370 if (cfd >= 0)
1371 close_nointr_nofail(cfd);
1372 else {
1373 /* Flush all sockets by closing and reopening them */
1374 socket_close_fds(s);
1375
1376 r = socket_watch_fds(s);
1377 if (r < 0) {
1378 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1379 socket_enter_stop_pre(s, false);
1380 }
1381 }
1382
1383 return;
1384 }
1385
1386 if (cfd < 0) {
1387 Iterator i;
1388 Unit *u;
1389 bool pending = false;
1390
1391 /* If there's already a start pending don't bother to
1392 * do anything */
1393 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1394 if (unit_pending_active(u)) {
1395 pending = true;
1396 break;
1397 }
1398
1399 if (!pending) {
1400 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1401 if (r < 0)
1402 goto fail;
1403 }
1404
1405 socket_set_state(s, SOCKET_RUNNING);
1406 } else {
1407 char *prefix, *instance = NULL, *name;
1408 Service *service;
1409
1410 if (s->n_connections >= s->max_connections) {
1411 log_warning("Too many incoming connections (%u)", s->n_connections);
1412 close_nointr_nofail(cfd);
1413 return;
1414 }
1415
1416 r = socket_instantiate_service(s);
1417 if (r < 0)
1418 goto fail;
1419
1420 r = instance_from_socket(cfd, s->n_accepted, &instance);
1421 if (r < 0) {
1422 if (r != -ENOTCONN)
1423 goto fail;
1424
1425 /* ENOTCONN is legitimate if TCP RST was received.
1426 * This connection is over, but the socket unit lives on. */
1427 close_nointr_nofail(cfd);
1428 return;
1429 }
1430
1431 prefix = unit_name_to_prefix(UNIT(s)->id);
1432 if (!prefix) {
1433 free(instance);
1434 r = -ENOMEM;
1435 goto fail;
1436 }
1437
1438 name = unit_name_build(prefix, instance, ".service");
1439 free(prefix);
1440 free(instance);
1441
1442 if (!name) {
1443 r = -ENOMEM;
1444 goto fail;
1445 }
1446
1447 r = unit_add_name(UNIT_DEREF(s->service), name);
1448 if (r < 0) {
1449 free(name);
1450 goto fail;
1451 }
1452
1453 service = SERVICE(UNIT_DEREF(s->service));
1454 unit_ref_unset(&s->service);
1455 s->n_accepted ++;
1456
1457 UNIT(service)->no_gc = false;
1458
1459 unit_choose_id(UNIT(service), name);
1460 free(name);
1461
1462 r = service_set_socket_fd(service, cfd, s);
1463 if (r < 0)
1464 goto fail;
1465
1466 cfd = -1;
1467 s->n_connections ++;
1468
1469 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1470 if (r < 0)
1471 goto fail;
1472
1473 /* Notify clients about changed counters */
1474 unit_add_to_dbus_queue(UNIT(s));
1475 }
1476
1477 return;
1478
1479 fail:
1480 log_warning("%s failed to queue socket startup job: %s", UNIT(s)->id, bus_error(&error, r));
1481 socket_enter_stop_pre(s, false);
1482
1483 if (cfd >= 0)
1484 close_nointr_nofail(cfd);
1485
1486 dbus_error_free(&error);
1487 }
1488
1489 static void socket_run_next(Socket *s, bool success) {
1490 int r;
1491
1492 assert(s);
1493 assert(s->control_command);
1494 assert(s->control_command->command_next);
1495
1496 if (!success)
1497 s->failure = true;
1498
1499 socket_unwatch_control_pid(s);
1500
1501 s->control_command = s->control_command->command_next;
1502
1503 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1504 goto fail;
1505
1506 return;
1507
1508 fail:
1509 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1510
1511 if (s->state == SOCKET_START_POST)
1512 socket_enter_stop_pre(s, false);
1513 else if (s->state == SOCKET_STOP_POST)
1514 socket_enter_dead(s, false);
1515 else
1516 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, false);
1517 }
1518
1519 static int socket_start(Unit *u) {
1520 Socket *s = SOCKET(u);
1521
1522 assert(s);
1523
1524 /* We cannot fulfill this request right now, try again later
1525 * please! */
1526 if (s->state == SOCKET_STOP_PRE ||
1527 s->state == SOCKET_STOP_PRE_SIGKILL ||
1528 s->state == SOCKET_STOP_PRE_SIGTERM ||
1529 s->state == SOCKET_STOP_POST ||
1530 s->state == SOCKET_FINAL_SIGTERM ||
1531 s->state == SOCKET_FINAL_SIGKILL)
1532 return -EAGAIN;
1533
1534 if (s->state == SOCKET_START_PRE ||
1535 s->state == SOCKET_START_POST)
1536 return 0;
1537
1538 /* Cannot run this without the service being around */
1539 if (UNIT_DEREF(s->service)) {
1540 Service *service;
1541
1542 service = SERVICE(UNIT_DEREF(s->service));
1543
1544 if (UNIT(service)->load_state != UNIT_LOADED) {
1545 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
1546 return -ENOENT;
1547 }
1548
1549 /* If the service is already active we cannot start the
1550 * socket */
1551 if (service->state != SERVICE_DEAD &&
1552 service->state != SERVICE_FAILED &&
1553 service->state != SERVICE_AUTO_RESTART) {
1554 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
1555 return -EBUSY;
1556 }
1557
1558 #ifdef HAVE_SYSV_COMPAT
1559 if (service->sysv_path) {
1560 log_error("Using SysV services for socket activation is not supported. Refusing.");
1561 return -ENOENT;
1562 }
1563 #endif
1564 }
1565
1566 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1567
1568 s->failure = false;
1569 socket_enter_start_pre(s);
1570 return 0;
1571 }
1572
1573 static int socket_stop(Unit *u) {
1574 Socket *s = SOCKET(u);
1575
1576 assert(s);
1577
1578 /* Already on it */
1579 if (s->state == SOCKET_STOP_PRE ||
1580 s->state == SOCKET_STOP_PRE_SIGTERM ||
1581 s->state == SOCKET_STOP_PRE_SIGKILL ||
1582 s->state == SOCKET_STOP_POST ||
1583 s->state == SOCKET_FINAL_SIGTERM ||
1584 s->state == SOCKET_FINAL_SIGKILL)
1585 return 0;
1586
1587 /* If there's already something running we go directly into
1588 * kill mode. */
1589 if (s->state == SOCKET_START_PRE ||
1590 s->state == SOCKET_START_POST) {
1591 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, true);
1592 return -EAGAIN;
1593 }
1594
1595 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1596
1597 socket_enter_stop_pre(s, true);
1598 return 0;
1599 }
1600
1601 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1602 Socket *s = SOCKET(u);
1603 SocketPort *p;
1604 int r;
1605
1606 assert(u);
1607 assert(f);
1608 assert(fds);
1609
1610 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1611 unit_serialize_item(u, f, "failure", yes_no(s->failure));
1612 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1613
1614 if (s->control_pid > 0)
1615 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1616
1617 if (s->control_command_id >= 0)
1618 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1619
1620 LIST_FOREACH(port, p, s->ports) {
1621 int copy;
1622
1623 if (p->fd < 0)
1624 continue;
1625
1626 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1627 return copy;
1628
1629 if (p->type == SOCKET_SOCKET) {
1630 char *t;
1631
1632 if ((r = socket_address_print(&p->address, &t)) < 0)
1633 return r;
1634
1635 if (socket_address_family(&p->address) == AF_NETLINK)
1636 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1637 else
1638 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1639 free(t);
1640 } else if (p->type == SOCKET_SPECIAL)
1641 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1642 else {
1643 assert(p->type == SOCKET_FIFO);
1644 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1645 }
1646 }
1647
1648 return 0;
1649 }
1650
1651 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1652 Socket *s = SOCKET(u);
1653
1654 assert(u);
1655 assert(key);
1656 assert(value);
1657 assert(fds);
1658
1659 if (streq(key, "state")) {
1660 SocketState state;
1661
1662 if ((state = socket_state_from_string(value)) < 0)
1663 log_debug("Failed to parse state value %s", value);
1664 else
1665 s->deserialized_state = state;
1666 } else if (streq(key, "failure")) {
1667 int b;
1668
1669 if ((b = parse_boolean(value)) < 0)
1670 log_debug("Failed to parse failure value %s", value);
1671 else
1672 s->failure = b || s->failure;
1673
1674 } else if (streq(key, "n-accepted")) {
1675 unsigned k;
1676
1677 if (safe_atou(value, &k) < 0)
1678 log_debug("Failed to parse n-accepted value %s", value);
1679 else
1680 s->n_accepted += k;
1681 } else if (streq(key, "control-pid")) {
1682 pid_t pid;
1683
1684 if (parse_pid(value, &pid) < 0)
1685 log_debug("Failed to parse control-pid value %s", value);
1686 else
1687 s->control_pid = pid;
1688 } else if (streq(key, "control-command")) {
1689 SocketExecCommand id;
1690
1691 if ((id = socket_exec_command_from_string(value)) < 0)
1692 log_debug("Failed to parse exec-command value %s", value);
1693 else {
1694 s->control_command_id = id;
1695 s->control_command = s->exec_command[id];
1696 }
1697 } else if (streq(key, "fifo")) {
1698 int fd, skip = 0;
1699 SocketPort *p;
1700
1701 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1702 log_debug("Failed to parse fifo value %s", value);
1703 else {
1704
1705 LIST_FOREACH(port, p, s->ports)
1706 if (p->type == SOCKET_FIFO &&
1707 streq_ptr(p->path, value+skip))
1708 break;
1709
1710 if (p) {
1711 if (p->fd >= 0)
1712 close_nointr_nofail(p->fd);
1713 p->fd = fdset_remove(fds, fd);
1714 }
1715 }
1716
1717 } else if (streq(key, "special")) {
1718 int fd, skip = 0;
1719 SocketPort *p;
1720
1721 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1722 log_debug("Failed to parse special value %s", value);
1723 else {
1724
1725 LIST_FOREACH(port, p, s->ports)
1726 if (p->type == SOCKET_SPECIAL &&
1727 streq_ptr(p->path, value+skip))
1728 break;
1729
1730 if (p) {
1731 if (p->fd >= 0)
1732 close_nointr_nofail(p->fd);
1733 p->fd = fdset_remove(fds, fd);
1734 }
1735 }
1736
1737 } else if (streq(key, "socket")) {
1738 int fd, type, skip = 0;
1739 SocketPort *p;
1740
1741 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1742 log_debug("Failed to parse socket value %s", value);
1743 else {
1744
1745 LIST_FOREACH(port, p, s->ports)
1746 if (socket_address_is(&p->address, value+skip, type))
1747 break;
1748
1749 if (p) {
1750 if (p->fd >= 0)
1751 close_nointr_nofail(p->fd);
1752 p->fd = fdset_remove(fds, fd);
1753 }
1754 }
1755
1756 } else if (streq(key, "netlink")) {
1757 int fd, skip = 0;
1758 SocketPort *p;
1759
1760 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1761 log_debug("Failed to parse socket value %s", value);
1762 else {
1763
1764 LIST_FOREACH(port, p, s->ports)
1765 if (socket_address_is_netlink(&p->address, value+skip))
1766 break;
1767
1768 if (p) {
1769 if (p->fd >= 0)
1770 close_nointr_nofail(p->fd);
1771 p->fd = fdset_remove(fds, fd);
1772 }
1773 }
1774
1775 } else
1776 log_debug("Unknown serialization key '%s'", key);
1777
1778 return 0;
1779 }
1780
1781 static UnitActiveState socket_active_state(Unit *u) {
1782 assert(u);
1783
1784 return state_translation_table[SOCKET(u)->state];
1785 }
1786
1787 static const char *socket_sub_state_to_string(Unit *u) {
1788 assert(u);
1789
1790 return socket_state_to_string(SOCKET(u)->state);
1791 }
1792
1793 static bool socket_check_gc(Unit *u) {
1794 Socket *s = SOCKET(u);
1795
1796 assert(u);
1797
1798 return s->n_connections > 0;
1799 }
1800
1801 static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
1802 Socket *s = SOCKET(u);
1803 int cfd = -1;
1804
1805 assert(s);
1806 assert(fd >= 0);
1807
1808 if (s->state != SOCKET_LISTENING)
1809 return;
1810
1811 log_debug("Incoming traffic on %s", u->id);
1812
1813 if (events != EPOLLIN) {
1814
1815 if (events & EPOLLHUP)
1816 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
1817 else
1818 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
1819
1820 goto fail;
1821 }
1822
1823 if (w->socket_accept) {
1824 for (;;) {
1825
1826 if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
1827
1828 if (errno == EINTR)
1829 continue;
1830
1831 log_error("Failed to accept socket: %m");
1832 goto fail;
1833 }
1834
1835 break;
1836 }
1837
1838 socket_apply_socket_options(s, cfd);
1839 }
1840
1841 socket_enter_running(s, cfd);
1842 return;
1843
1844 fail:
1845 socket_enter_stop_pre(s, false);
1846 }
1847
1848 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1849 Socket *s = SOCKET(u);
1850 bool success;
1851
1852 assert(s);
1853 assert(pid >= 0);
1854
1855 if (pid != s->control_pid)
1856 return;
1857
1858 s->control_pid = 0;
1859
1860 success = is_clean_exit(code, status);
1861
1862 if (s->control_command) {
1863 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
1864
1865 if (s->control_command->ignore)
1866 success = true;
1867 }
1868
1869 log_full(success ? LOG_DEBUG : LOG_NOTICE,
1870 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
1871 s->failure = s->failure || !success;
1872
1873 if (s->control_command && s->control_command->command_next && success) {
1874 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
1875 socket_run_next(s, success);
1876 } else {
1877 s->control_command = NULL;
1878 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1879
1880 /* No further commands for this step, so let's figure
1881 * out what to do next */
1882
1883 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
1884
1885 switch (s->state) {
1886
1887 case SOCKET_START_PRE:
1888 if (success)
1889 socket_enter_start_post(s);
1890 else
1891 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, false);
1892 break;
1893
1894 case SOCKET_START_POST:
1895 if (success)
1896 socket_enter_listening(s);
1897 else
1898 socket_enter_stop_pre(s, false);
1899 break;
1900
1901 case SOCKET_STOP_PRE:
1902 case SOCKET_STOP_PRE_SIGTERM:
1903 case SOCKET_STOP_PRE_SIGKILL:
1904 socket_enter_stop_post(s, success);
1905 break;
1906
1907 case SOCKET_STOP_POST:
1908 case SOCKET_FINAL_SIGTERM:
1909 case SOCKET_FINAL_SIGKILL:
1910 socket_enter_dead(s, success);
1911 break;
1912
1913 default:
1914 assert_not_reached("Uh, control process died at wrong time.");
1915 }
1916 }
1917
1918 /* Notify clients about changed exit status */
1919 unit_add_to_dbus_queue(u);
1920 }
1921
1922 static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
1923 Socket *s = SOCKET(u);
1924
1925 assert(s);
1926 assert(elapsed == 1);
1927 assert(w == &s->timer_watch);
1928
1929 switch (s->state) {
1930
1931 case SOCKET_START_PRE:
1932 log_warning("%s starting timed out. Terminating.", u->id);
1933 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, false);
1934 break;
1935
1936 case SOCKET_START_POST:
1937 log_warning("%s starting timed out. Stopping.", u->id);
1938 socket_enter_stop_pre(s, false);
1939 break;
1940
1941 case SOCKET_STOP_PRE:
1942 log_warning("%s stopping timed out. Terminating.", u->id);
1943 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, false);
1944 break;
1945
1946 case SOCKET_STOP_PRE_SIGTERM:
1947 if (s->exec_context.send_sigkill) {
1948 log_warning("%s stopping timed out. Killing.", u->id);
1949 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, false);
1950 } else {
1951 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
1952 socket_enter_stop_post(s, false);
1953 }
1954 break;
1955
1956 case SOCKET_STOP_PRE_SIGKILL:
1957 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
1958 socket_enter_stop_post(s, false);
1959 break;
1960
1961 case SOCKET_STOP_POST:
1962 log_warning("%s stopping timed out (2). Terminating.", u->id);
1963 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, false);
1964 break;
1965
1966 case SOCKET_FINAL_SIGTERM:
1967 if (s->exec_context.send_sigkill) {
1968 log_warning("%s stopping timed out (2). Killing.", u->id);
1969 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, false);
1970 } else {
1971 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
1972 socket_enter_dead(s, false);
1973 }
1974 break;
1975
1976 case SOCKET_FINAL_SIGKILL:
1977 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
1978 socket_enter_dead(s, false);
1979 break;
1980
1981 default:
1982 assert_not_reached("Timeout at wrong time.");
1983 }
1984 }
1985
1986 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
1987 int *rfds;
1988 unsigned rn_fds, k;
1989 SocketPort *p;
1990
1991 assert(s);
1992 assert(fds);
1993 assert(n_fds);
1994
1995 /* Called from the service code for requesting our fds */
1996
1997 rn_fds = 0;
1998 LIST_FOREACH(port, p, s->ports)
1999 if (p->fd >= 0)
2000 rn_fds++;
2001
2002 if (rn_fds <= 0) {
2003 *fds = NULL;
2004 *n_fds = 0;
2005 return 0;
2006 }
2007
2008 if (!(rfds = new(int, rn_fds)))
2009 return -ENOMEM;
2010
2011 k = 0;
2012 LIST_FOREACH(port, p, s->ports)
2013 if (p->fd >= 0)
2014 rfds[k++] = p->fd;
2015
2016 assert(k == rn_fds);
2017
2018 *fds = rfds;
2019 *n_fds = rn_fds;
2020
2021 return 0;
2022 }
2023
2024 void socket_notify_service_dead(Socket *s) {
2025 assert(s);
2026
2027 /* The service is dead. Dang!
2028 *
2029 * This is strictly for one-instance-for-all-connections
2030 * services. */
2031
2032 if (s->state == SOCKET_RUNNING) {
2033 log_debug("%s got notified about service death.", UNIT(s)->id);
2034 socket_enter_listening(s);
2035 }
2036 }
2037
2038 void socket_connection_unref(Socket *s) {
2039 assert(s);
2040
2041 /* The service is dead. Yay!
2042 *
2043 * This is strictly for one-instance-per-connection
2044 * services. */
2045
2046 assert(s->n_connections > 0);
2047 s->n_connections--;
2048
2049 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2050 }
2051
2052 static void socket_reset_failed(Unit *u) {
2053 Socket *s = SOCKET(u);
2054
2055 assert(s);
2056
2057 if (s->state == SOCKET_FAILED)
2058 socket_set_state(s, SOCKET_DEAD);
2059
2060 s->failure = false;
2061 }
2062
2063 static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError *error) {
2064 Socket *s = SOCKET(u);
2065 int r = 0;
2066 Set *pid_set = NULL;
2067
2068 assert(s);
2069
2070 if (who == KILL_MAIN) {
2071 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
2072 return -ESRCH;
2073 }
2074
2075 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2076 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
2077 return -ESRCH;
2078 }
2079
2080 if (who == KILL_CONTROL || who == KILL_ALL)
2081 if (s->control_pid > 0)
2082 if (kill(s->control_pid, signo) < 0)
2083 r = -errno;
2084
2085 if (who == KILL_ALL && mode == KILL_CONTROL_GROUP) {
2086 int q;
2087
2088 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func)))
2089 return -ENOMEM;
2090
2091 /* Exclude the control pid from being killed via the cgroup */
2092 if (s->control_pid > 0)
2093 if ((q = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0) {
2094 r = q;
2095 goto finish;
2096 }
2097
2098 if ((q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, pid_set)) < 0)
2099 if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
2100 r = q;
2101 }
2102
2103 finish:
2104 if (pid_set)
2105 set_free(pid_set);
2106
2107 return r;
2108 }
2109
2110 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2111 [SOCKET_DEAD] = "dead",
2112 [SOCKET_START_PRE] = "start-pre",
2113 [SOCKET_START_POST] = "start-post",
2114 [SOCKET_LISTENING] = "listening",
2115 [SOCKET_RUNNING] = "running",
2116 [SOCKET_STOP_PRE] = "stop-pre",
2117 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2118 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2119 [SOCKET_STOP_POST] = "stop-post",
2120 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2121 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2122 [SOCKET_FAILED] = "failed"
2123 };
2124
2125 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2126
2127 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2128 [SOCKET_EXEC_START_PRE] = "StartPre",
2129 [SOCKET_EXEC_START_POST] = "StartPost",
2130 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2131 [SOCKET_EXEC_STOP_POST] = "StopPost"
2132 };
2133
2134 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2135
2136 const UnitVTable socket_vtable = {
2137 .suffix = ".socket",
2138 .object_size = sizeof(Socket),
2139 .sections =
2140 "Unit\0"
2141 "Socket\0"
2142 "Install\0",
2143
2144 .init = socket_init,
2145 .done = socket_done,
2146 .load = socket_load,
2147
2148 .kill = socket_kill,
2149
2150 .coldplug = socket_coldplug,
2151
2152 .dump = socket_dump,
2153
2154 .start = socket_start,
2155 .stop = socket_stop,
2156
2157 .serialize = socket_serialize,
2158 .deserialize_item = socket_deserialize_item,
2159
2160 .active_state = socket_active_state,
2161 .sub_state_to_string = socket_sub_state_to_string,
2162
2163 .check_gc = socket_check_gc,
2164
2165 .fd_event = socket_fd_event,
2166 .sigchld_event = socket_sigchld_event,
2167 .timer_event = socket_timer_event,
2168
2169 .reset_failed = socket_reset_failed,
2170
2171 .bus_interface = "org.freedesktop.systemd1.Socket",
2172 .bus_message_handler = bus_socket_message_handler,
2173 .bus_invalidating_properties = bus_socket_invalidating_properties
2174 };
Unnamed repository; edit this file 'description' to name the repository.