#include "path-util.h"
#include "process-util.h"
#include "selinux-access.h"
+#include "service.h"
#include "signal-util.h"
#include "special.h"
#include "string-table.h"
return r;
}
+ if (FLAGS_SET(mask, EXEC_CLEAN_FDSTORE)) {
+ r = sd_bus_message_append(reply, "s", "fdstore");
+ if (r < 0)
+ return r;
+ }
+
return sd_bus_message_close_container(reply);
}
r = unit_get_unit_file_preset(u);
- return sd_bus_message_append(reply, "s",
- r < 0 ? NULL:
- r > 0 ? "enabled" : "disabled");
+ return sd_bus_message_append(reply, "s", preset_action_past_tense_to_string(r));
}
static int property_get_job(
int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
Unit *u = ASSERT_PTR(userdata);
+ int32_t value = 0;
const char *swho;
int32_t signo;
KillWho who;
- int r;
+ int r, code;
assert(message);
if (r < 0)
return r;
+ if (startswith(sd_bus_message_get_member(message), "QueueSignal")) {
+ r = sd_bus_message_read(message, "i", &value);
+ if (r < 0)
+ return r;
+
+ code = SI_QUEUE;
+ } else
+ code = SI_USER;
+
if (isempty(swho))
who = KILL_ALL;
else {
who = kill_who_from_string(swho);
if (who < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument %s", swho);
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument: %s", swho);
}
if (!SIGNAL_VALID(signo))
return sd_bus_error_set(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
+ if (code == SI_QUEUE && !((signo >= SIGRTMIN) && (signo <= SIGRTMAX)))
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
+ "Value parameter only accepted for realtime signals (SIGRTMIN…SIGRTMAX), refusing for signal SIG%s.", signal_to_string(signo));
+
r = bus_verify_manage_units_async_full(
u,
"kill",
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
- r = unit_kill(u, who, signo, error);
+ r = unit_kill(u, who, signo, code, value, error);
if (r < 0)
return r;
return r;
for (;;) {
+ ExecCleanMask m;
const char *i;
r = sd_bus_message_read(message, "s", &i);
if (r == 0)
break;
- if (streq(i, "all"))
- mask |= EXEC_CLEAN_ALL;
- else {
- ExecDirectoryType t;
-
- t = exec_resource_type_from_string(i);
- if (t < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
+ m = exec_clean_mask_from_string(i);
+ if (m < 0)
+ return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
- mask |= 1U << t;
- }
+ mask |= m;
}
r = sd_bus_message_exit_container(message);
if (r == 0)
reply_no_delay = true;
- assert(!u->pending_freezer_message);
+ if (u->pending_freezer_invocation) {
+ bus_unit_send_pending_freezer_message(u, true);
+ assert(!u->pending_freezer_invocation);
+ }
- r = sd_bus_message_new_method_return(message, &u->pending_freezer_message);
- if (r < 0)
- return r;
+ u->pending_freezer_invocation = sd_bus_message_ref(message);
if (reply_no_delay) {
- r = bus_unit_send_pending_freezer_message(u);
+ r = bus_unit_send_pending_freezer_message(u, false);
if (r < 0)
return r;
}
SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
+ SD_BUS_PROPERTY("SurviveFinalKillSignal", "b", bus_property_get_bool, offsetof(Unit, survive_final_kill_signal), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("OnSuccesJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), /* deprecated */
SD_BUS_PROPERTY("OnSuccessJobMode", "s", property_get_job_mode, offsetof(Unit, on_success_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_NO_RESULT,
bus_unit_method_kill,
SD_BUS_VTABLE_UNPRIVILEGED),
+ SD_BUS_METHOD_WITH_ARGS("QueueSignal",
+ SD_BUS_ARGS("s", whom, "i", signal, "i", value),
+ SD_BUS_NO_RESULT,
+ bus_unit_method_kill,
+ SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_METHOD("ResetFailed",
NULL,
NULL,
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_set_free_ Set *pids = NULL;
Unit *u = userdata;
- pid_t pid;
int r;
assert(message);
}
/* The main and control pids might live outside of the cgroup, hence fetch them separately */
- pid = unit_main_pid(u);
- if (pid > 0) {
- r = append_process(reply, NULL, pid, pids);
+ PidRef *pid = unit_main_pid(u);
+ if (pidref_is_set(pid)) {
+ r = append_process(reply, NULL, pid->pid, pids);
if (r < 0)
return r;
}
pid = unit_control_pid(u);
- if (pid > 0) {
- r = append_process(reply, NULL, pid, pids);
+ if (pidref_is_set(pid)) {
+ r = append_process(reply, NULL, pid->pid, pids);
if (r < 0)
return r;
}
}
int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
-
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
_cleanup_set_free_ Set *pids = NULL;
Unit *u = userdata;
if (r < 0)
return r;
for (;;) {
+ _cleanup_(pidref_freep) PidRef *pidref = NULL;
uid_t process_uid, sender_uid;
uint32_t upid;
pid_t pid;
} else
pid = (uid_t) upid;
+ r = pidref_new_from_pid(pid, &pidref);
+ if (r < 0)
+ return r;
+
/* Filter out duplicates */
- if (set_contains(pids, PID_TO_PTR(pid)))
+ if (set_contains(pids, pidref))
continue;
/* Check if this process is suitable for attaching to this unit */
- r = unit_pid_attachable(u, pid, error);
+ r = unit_pid_attachable(u, pidref, error);
if (r < 0)
return r;
/* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
* then the process' UID and the target unit's UID have to match the sender's UID */
if (sender_uid != 0 && sender_uid != getuid()) {
- r = get_process_uid(pid, &process_uid);
+ r = get_process_uid(pidref->pid, &process_uid);
if (r < 0)
return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid);
}
- if (!pids) {
- pids = set_new(NULL);
- if (!pids)
- return -ENOMEM;
- }
-
- r = set_put(pids, PID_TO_PTR(pid));
+ r = set_ensure_consume(&pids, &pidref_hash_ops, TAKE_PTR(pidref));
if (r < 0)
return r;
}
if (u->in_dbus_queue) {
LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
u->in_dbus_queue = false;
+
+ /* The unit might be good to be GC once its pending signals have been sent */
+ unit_add_to_gc_queue(u);
}
if (!u->id)
bus_unit_send_change_signal(u);
}
-int bus_unit_send_pending_freezer_message(Unit *u) {
+int bus_unit_send_pending_freezer_message(Unit *u, bool cancelled) {
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
int r;
assert(u);
- if (!u->pending_freezer_message)
+ if (!u->pending_freezer_invocation)
return 0;
- r = sd_bus_send(NULL, u->pending_freezer_message, NULL);
+ if (cancelled)
+ r = sd_bus_message_new_method_error(
+ u->pending_freezer_invocation,
+ &reply,
+ &SD_BUS_ERROR_MAKE_CONST(
+ BUS_ERROR_FREEZE_CANCELLED, "Freeze operation aborted"));
+ else
+ r = sd_bus_message_new_method_return(u->pending_freezer_invocation, &reply);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_send(NULL, reply, NULL);
if (r < 0)
log_warning_errno(r, "Failed to send queued message, ignoring: %m");
- u->pending_freezer_message = sd_bus_message_unref(u->pending_freezer_message);
+ u->pending_freezer_invocation = sd_bus_message_unref(u->pending_freezer_invocation);
return 0;
}
Job *j, *a;
int r;
+ if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
+ if (type == JOB_RESTART)
+ type = JOB_RELOAD_OR_START;
+ else if (type == JOB_TRY_RESTART)
+ type = JOB_TRY_RELOAD;
+ }
+
+ if (type == JOB_STOP &&
+ IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
+ unit_active_state(u) == UNIT_INACTIVE)
+ return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
+
+ if ((type == JOB_START && u->refuse_manual_start) ||
+ (type == JOB_STOP && u->refuse_manual_stop) ||
+ (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
+ (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
+ return sd_bus_error_setf(error,
+ BUS_ERROR_ONLY_BY_DEPENDENCY,
+ "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).",
+ u->id);
+
+ /* dbus-broker issues StartUnit for activation requests, and Type=dbus services automatically
+ * gain dependency on dbus.socket. Therefore, if dbus has a pending stop job, the new start
+ * job that pulls in dbus again would cause job type conflict. Let's avoid that by rejecting
+ * job enqueuing early.
+ *
+ * Note that unlike signal_activation_request(), we can't use unit_inactive_or_pending()
+ * here. StartUnit is a more generic interface, and thus users are allowed to use e.g. systemctl
+ * to start Type=dbus services even when dbus is inactive. */
+ if (type == JOB_START && u->type == UNIT_SERVICE && SERVICE(u)->type == SERVICE_DBUS)
+ FOREACH_STRING(dbus_unit, SPECIAL_DBUS_SOCKET, SPECIAL_DBUS_SERVICE) {
+ Unit *dbus;
+
+ dbus = manager_get_unit(u->manager, dbus_unit);
+ if (dbus && unit_stop_pending(dbus))
+ return sd_bus_error_setf(error,
+ BUS_ERROR_SHUTTING_DOWN,
+ "Operation for unit %s refused, D-Bus is shutting down.",
+ u->id);
+ }
+
if (FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY)) {
affected = set_new(NULL);
if (!affected)
if (r < 0)
return r;
- if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
- if (type == JOB_RESTART)
- type = JOB_RELOAD_OR_START;
- else if (type == JOB_TRY_RESTART)
- type = JOB_TRY_RELOAD;
- }
-
- if (type == JOB_STOP &&
- IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
- unit_active_state(u) == UNIT_INACTIVE)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
-
- if ((type == JOB_START && u->refuse_manual_start) ||
- (type == JOB_STOP && u->refuse_manual_stop) ||
- (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
- (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
- return sd_bus_error_setf(error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).", u->id);
-
r = sd_bus_message_new_method_return(message, &reply);
if (r < 0)
return r;
const char *s;
EmergencyAction v;
int r;
- bool system;
assert(p);
if (r < 0)
return r;
- system = MANAGER_IS_SYSTEM(u->manager);
- r = parse_emergency_action(s, system, &v);
+ r = parse_emergency_action(s, u->manager->runtime_scope, &v);
if (r < 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
r == -EOPNOTSUPP ? "%s setting invalid for manager type: %s"
if (streq(name, "DefaultDependencies"))
return bus_set_transient_bool(u, name, &u->default_dependencies, message, flags, error);
+ if (streq(name, "SurviveFinalKillSignal"))
+ return bus_set_transient_bool(u, name, &u->survive_final_kill_signal, message, flags, error);
+
if (streq(name, "OnSuccessJobMode"))
return bus_set_transient_job_mode(u, name, &u->on_success_job_mode, message, flags, error);
assert(u);
assert(message);
- /* We iterate through the array twice. First run we just check
- * if all passed data is valid, second run actually applies
- * it. This is to implement transaction-like behaviour without
- * actually providing full transactions. */
+ /* We iterate through the array twice. First run just checks if all passed data is valid, second run
+ * actually applies it. This implements transaction-like behaviour without actually providing full
+ * transactions. */
r = sd_bus_message_enter_container(message, 'a', "(sv)");
if (r < 0)
- return r;
+ goto error;
for (;;) {
const char *name;
r = sd_bus_message_enter_container(message, 'r', "sv");
if (r < 0)
- return r;
+ goto error;
if (r == 0) {
if (for_real || UNIT_WRITE_FLAGS_NOOP(flags))
break;
/* Reached EOF. Let's try again, and this time for realz... */
r = sd_bus_message_rewind(message, false);
if (r < 0)
- return r;
+ goto error;
for_real = true;
continue;
r = sd_bus_message_read(message, "s", &name);
if (r < 0)
- return r;
+ goto error;
r = sd_bus_message_enter_container(message, 'v', NULL);
if (r < 0)
- return r;
+ goto error;
/* If not for real, then mask out the two target flags */
f = for_real ? flags : (flags & ~(UNIT_RUNTIME|UNIT_PERSISTENT));
if (r == 0)
r = bus_unit_set_live_property(u, name, message, f, error);
if (r < 0)
- return r;
+ goto error;
if (r == 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY,
r = sd_bus_message_exit_container(message);
if (r < 0)
- return r;
+ goto error;
r = sd_bus_message_exit_container(message);
if (r < 0)
- return r;
+ goto error;
n += for_real;
}
r = sd_bus_message_exit_container(message);
if (r < 0)
- return r;
+ goto error;
if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
UNIT_VTABLE(u)->bus_commit_properties(u);
return n;
+
+ error:
+ /* Pretty much any of the calls above can fail if the message is not formed properly
+ * or if it has unexpected contents. Fill in a more informative error message here. */
+ if (sd_bus_error_is_set(error))
+ return r;
+ return sd_bus_error_set_errnof(error, r,
+ r == -ENXIO ? "Failed to set unit properties: Unexpected message contents"
+ : "Failed to set unit properties: %m");
}
int bus_unit_validate_load_state(Unit *u, sd_bus_error *error) {
projects / thirdparty / systemd.git / blobdiff