if (epoll_ctl(m->epoll_fd, EPOLL_CTL_ADD, m->udev_watch.fd, &ev) < 0)
return -errno;
- /* if (!(e = udev_enumerate_new(m->udev))) { */
- /* r = -ENOMEM; */
- /* goto fail; */
- /* } */
+ if (!(e = udev_enumerate_new(m->udev))) {
+ r = -ENOMEM;
+ goto fail;
+ }
- /* if (udev_enumerate_scan_devices(e) < 0) { */
- /* r = -EIO; */
- /* goto fail; */
- /* } */
+ if (udev_enumerate_scan_devices(e) < 0) {
+ r = -EIO;
+ goto fail;
+ }
- /* first = udev_enumerate_get_list_entry(e); */
- /* udev_list_entry_foreach(item, first) */
- /* device_process_path(m, udev_list_entry_get_name(item), false); */
+ first = udev_enumerate_get_list_entry(e);
+ udev_list_entry_foreach(item, first)
+ device_process_path(m, udev_list_entry_get_name(item), false);
- /* udev_enumerate_unref(e); */
+ udev_enumerate_unref(e);
return 0;
fail:
i == EXEC_INPUT_TTY_FAIL;
}
-static int setup_input(const ExecContext *context) {
+static int fixup_input(const ExecContext *context, int socket_fd) {
assert(context);
- switch (context->std_input) {
+ if (socket_fd < 0 && context->std_input == EXEC_INPUT_SOCKET)
+ return EXEC_INPUT_NULL;
+
+ return context->std_input;
+}
+
+static int fixup_output(const ExecContext *context, int socket_fd) {
+ assert(context);
+
+ if (socket_fd < 0 && context->std_output == EXEC_OUTPUT_SOCKET)
+ return EXEC_OUTPUT_INHERIT;
+
+ return context->std_output;
+}
+
+static int fixup_error(const ExecContext *context, int socket_fd) {
+ assert(context);
+
+ if (socket_fd < 0 && context->std_error == EXEC_OUTPUT_SOCKET)
+ return EXEC_OUTPUT_INHERIT;
+
+ return context->std_error;
+}
+
+static int setup_input(const ExecContext *context, int socket_fd) {
+ ExecInput i;
+
+ assert(context);
+
+ i = fixup_input(context, socket_fd);
+
+ switch (i) {
case EXEC_INPUT_NULL:
return open_null_as(O_RDONLY, STDIN_FILENO);
if ((fd = acquire_terminal(
tty_path(context),
- context->std_input == EXEC_INPUT_TTY_FAIL,
- context->std_input == EXEC_INPUT_TTY_FORCE)) < 0)
+ i == EXEC_INPUT_TTY_FAIL,
+ i == EXEC_INPUT_TTY_FORCE)) < 0)
return fd;
if (fd != STDIN_FILENO) {
return r;
}
+ case EXEC_INPUT_SOCKET:
+ return dup2(socket_fd, STDIN_FILENO) < 0 ? -errno : STDIN_FILENO;
+
default:
assert_not_reached("Unknown input type");
}
}
-static int setup_output(const ExecContext *context, const char *ident) {
+static int setup_output(const ExecContext *context, int socket_fd, const char *ident) {
+ ExecOutput o;
+ ExecInput i;
+
assert(context);
assert(ident);
+ i = fixup_input(context, socket_fd);
+ o = fixup_output(context, socket_fd);
+
/* This expects the input is already set up */
- switch (context->std_output) {
+ switch (o) {
case EXEC_OUTPUT_INHERIT:
/* If the input is connected to a terminal, inherit that... */
- if (is_terminal_input(context->std_input))
+ if (is_terminal_input(i) || i == EXEC_INPUT_SOCKET)
return dup2(STDIN_FILENO, STDOUT_FILENO) < 0 ? -errno : STDOUT_FILENO;
- return 0;
+ return STDIN_FILENO;
case EXEC_OUTPUT_NULL:
return open_null_as(O_WRONLY, STDOUT_FILENO);
- case EXEC_OUTPUT_TTY: {
- if (is_terminal_input(context->std_input))
+ case EXEC_OUTPUT_TTY:
+ if (is_terminal_input(i))
return dup2(STDIN_FILENO, STDOUT_FILENO) < 0 ? -errno : STDOUT_FILENO;
/* We don't reset the terminal if this is just about output */
return open_terminal_as(tty_path(context), O_WRONLY, STDOUT_FILENO);
- }
case EXEC_OUTPUT_SYSLOG:
case EXEC_OUTPUT_KERNEL:
- return connect_logger_as(context, context->std_output, ident, STDOUT_FILENO);
+ return connect_logger_as(context, o, ident, STDOUT_FILENO);
+
+ case EXEC_OUTPUT_SOCKET:
+ assert(socket_fd >= 0);
+ return dup2(socket_fd, STDOUT_FILENO) < 0 ? -errno : STDOUT_FILENO;
default:
assert_not_reached("Unknown output type");
}
}
-static int setup_error(const ExecContext *context, const char *ident) {
+static int setup_error(const ExecContext *context, int socket_fd, const char *ident) {
+ ExecOutput o, e;
+ ExecInput i;
+
assert(context);
assert(ident);
+ i = fixup_input(context, socket_fd);
+ o = fixup_output(context, socket_fd);
+ e = fixup_error(context, socket_fd);
+
/* This expects the input and output are already set up */
/* Don't change the stderr file descriptor if we inherit all
* the way and are not on a tty */
- if (context->std_error == EXEC_OUTPUT_INHERIT &&
- context->std_output == EXEC_OUTPUT_INHERIT &&
- !is_terminal_input(context->std_input))
+ if (e == EXEC_OUTPUT_INHERIT &&
+ o == EXEC_OUTPUT_INHERIT &&
+ !is_terminal_input(i))
return STDERR_FILENO;
/* Duplicate form stdout if possible */
- if (context->std_error == context->std_output ||
- context->std_error == EXEC_OUTPUT_INHERIT)
+ if (e == o || e == EXEC_OUTPUT_INHERIT)
return dup2(STDOUT_FILENO, STDERR_FILENO) < 0 ? -errno : STDERR_FILENO;
- switch (context->std_error) {
+ switch (e) {
case EXEC_OUTPUT_NULL:
return open_null_as(O_WRONLY, STDERR_FILENO);
case EXEC_OUTPUT_TTY:
- if (is_terminal_input(context->std_input))
+ if (is_terminal_input(i))
return dup2(STDIN_FILENO, STDERR_FILENO) < 0 ? -errno : STDERR_FILENO;
/* We don't reset the terminal if this is just about output */
case EXEC_OUTPUT_SYSLOG:
case EXEC_OUTPUT_KERNEL:
- return connect_logger_as(context, context->std_error, ident, STDERR_FILENO);
+ return connect_logger_as(context, e, ident, STDERR_FILENO);
+
+ case EXEC_OUTPUT_SOCKET:
+ assert(socket_fd >= 0);
+ return dup2(socket_fd, STDERR_FILENO) < 0 ? -errno : STDERR_FILENO;
default:
assert_not_reached("Unknown error type");
pid_t pid;
int r;
char *line;
+ int socket_fd;
assert(command);
assert(context);
assert(ret);
assert(fds || n_fds <= 0);
+ if (context->std_input == EXEC_INPUT_SOCKET ||
+ context->std_output == EXEC_OUTPUT_SOCKET ||
+ context->std_error == EXEC_OUTPUT_SOCKET) {
+
+ if (n_fds != 1)
+ return -EINVAL;
+
+ socket_fd = fds[0];
+
+ fds = NULL;
+ n_fds = 0;
+ } else
+ socket_fd = -1;
+
if (!argv)
argv = command->argv;
}
if (!keep_stdin)
- if (setup_input(context) < 0) {
+ if (setup_input(context, socket_fd) < 0) {
r = EXIT_STDIN;
goto fail;
}
if (!keep_stdout)
- if (setup_output(context, file_name_from_path(command->path)) < 0) {
+ if (setup_output(context, socket_fd, file_name_from_path(command->path)) < 0) {
r = EXIT_STDOUT;
goto fail;
}
- if (setup_error(context, file_name_from_path(command->path)) < 0) {
+ if (setup_error(context, socket_fd, file_name_from_path(command->path)) < 0) {
r = EXIT_STDERR;
goto fail;
}
[EXEC_INPUT_NULL] = "null",
[EXEC_INPUT_TTY] = "tty",
[EXEC_INPUT_TTY_FORCE] = "tty-force",
- [EXEC_INPUT_TTY_FAIL] = "tty-fail"
+ [EXEC_INPUT_TTY_FAIL] = "tty-fail",
+ [EXEC_INPUT_SOCKET] = "socket"
};
static const char* const exec_output_table[_EXEC_OUTPUT_MAX] = {
[EXEC_OUTPUT_NULL] = "null",
[EXEC_OUTPUT_TTY] = "tty",
[EXEC_OUTPUT_SYSLOG] = "syslog",
- [EXEC_OUTPUT_KERNEL] = "kernel"
+ [EXEC_OUTPUT_KERNEL] = "kernel",
+ [EXEC_OUTPUT_SOCKET] = "socket"
};
DEFINE_STRING_TABLE_LOOKUP(exec_output, ExecOutput);
EXEC_INPUT_TTY,
EXEC_INPUT_TTY_FORCE,
EXEC_INPUT_TTY_FAIL,
+ EXEC_INPUT_SOCKET,
_EXEC_INPUT_MAX,
_EXEC_INPUT_INVALID = -1
} ExecInput;
EXEC_OUTPUT_TTY,
EXEC_OUTPUT_SYSLOG,
EXEC_OUTPUT_KERNEL,
+ EXEC_OUTPUT_SOCKET,
_EXEC_OUTPUT_MAX,
_EXEC_OUTPUT_INVALID = -1
} ExecOutput;
{ "DirectoryMode", config_parse_mode, &u->socket.directory_mode, "Socket" },
{ "SocketMode", config_parse_mode, &u->socket.socket_mode, "Socket" },
{ "KillMode", config_parse_kill_mode, &u->socket.kill_mode, "Socket" },
+ { "Accept", config_parse_bool, &u->socket.accept, "Socket" },
EXEC_CONTEXT_CONFIG_ITEMS(u->socket.exec_context, "Socket"),
{ "What", config_parse_string, &u->mount.parameters_fragment.what, "Mount" },
union Unit *unit;
DBusWatch *bus_watch;
DBusTimeout *bus_timeout;
+ bool socket_accept;
} data;
};
s->main_pid = 0;
}
+static void service_close_socket_fd(Service *s) {
+ assert(s);
+
+ if (s->socket_fd < 0)
+ return;
+
+ close_nointr_nofail(s->socket_fd);
+ s->socket_fd = -1;
+}
+
static void service_done(Unit *u) {
Service *s = SERVICE(u);
service_unwatch_main_pid(s);
service_unwatch_control_pid(s);
+ service_close_socket_fd(s);
+
unit_unwatch_timer(u, &s->timer_watch);
}
s->main_pid_known = false;
s->failure = false;
+ s->socket_fd = -1;
+
RATELIMIT_INIT(s->ratelimit, 10*USEC_PER_SEC, 5);
}
return r;
}
-
static int service_notify_sockets_dead(Service *s) {
Iterator i;
Set *set;
assert(s);
/* Notifies all our sockets when we die */
-
if ((r = service_get_sockets(s, &set)) < 0)
return r;
state == SERVICE_AUTO_RESTART)
service_notify_sockets_dead(s);
+ if (state != SERVICE_START_PRE &&
+ state != SERVICE_START &&
+ !(state == SERVICE_DEAD && UNIT(s)->meta.job))
+ service_close_socket_fd(s);
+
if (old_state != state)
log_debug("%s changed %s → %s", UNIT(s)->meta.id, service_state_to_string(old_state), service_state_to_string(state));
assert(c);
assert(_pid);
- if (pass_fds)
- if ((r = service_collect_fds(s, &fds, &n_fds)) < 0)
+ if (pass_fds) {
+ if (s->socket_fd >= 0) {
+ fds = &s->socket_fd;
+ n_fds = 1;
+ } else if ((r = service_collect_fds(s, &fds, &n_fds)) < 0)
goto fail;
+ }
if (timeout) {
if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
if (r < 0)
goto fail;
+ if (fds) {
+ if (s->socket_fd >= 0)
+ service_close_socket_fd(s);
+ else
+ free(fds);
+ }
+
if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
/* FIXME: we need to do something here */
goto fail;
- free(fds);
*_pid = pid;
return 0;
return r;
}
+int service_set_socket_fd(Service *s, int fd) {
+ assert(s);
+ assert(fd >= 0);
+
+ /* This is called by the socket code when instantiating a new
+ * service for a stream socket and the socket needs to be
+ * configured. */
+
+ if (UNIT(s)->meta.load_state != UNIT_LOADED)
+ return -EINVAL;
+
+ if (s->socket_fd >= 0)
+ return -EBUSY;
+
+ if (s->state != SERVICE_DEAD)
+ return -EAGAIN;
+
+ s->socket_fd = fd;
+ return 0;
+}
+
static const char* const service_state_table[_SERVICE_STATE_MAX] = {
[SERVICE_DEAD] = "dead",
[SERVICE_START_PRE] = "start-pre",
RateLimit ratelimit;
+ int socket_fd;
+
Watch timer_watch;
};
extern const UnitVTable service_vtable;
+int service_set_socket_fd(Service *s, int fd);
+
const char* service_state_to_string(ServiceState i);
ServiceState service_state_from_string(const char *s);
if ((r = socket_address_verify(a)) < 0)
return r;
- if ((fd = socket(socket_address_family(a), a->type | SOCK_NONBLOCK | SOCK_CLOEXEC, 0)) < 0)
+ if ((fd = socket(socket_address_family(a), a->type | SOCK_NONBLOCK, 0)) < 0)
return -errno;
if (socket_address_family(a) == AF_INET6 && only != SOCKET_ADDRESS_DEFAULT) {
close_nointr(fd);
return r;
}
+
+bool socket_address_can_accept(const SocketAddress *a) {
+ assert(a);
+
+ return
+ a->type == SOCK_STREAM ||
+ a->type == SOCK_SEQPACKET;
+}
int socket_address_print(const SocketAddress *a, char **p);
int socket_address_verify(const SocketAddress *a);
+bool socket_address_can_accept(const SocketAddress *a);
+
int socket_address_listen(
const SocketAddress *a,
int backlog,
#include <fcntl.h>
#include <sys/epoll.h>
#include <signal.h>
+#include <arpa/inet.h>
#include "unit.h"
#include "socket.h"
#include "load-dropin.h"
#include "load-fragment.h"
#include "strv.h"
+#include "unit-name.h"
static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
[SOCKET_DEAD] = UNIT_INACTIVE,
s->failure = false;
s->control_pid = 0;
s->service = NULL;
+ s->accept = false;
+ s->n_accepted = 0;
exec_context_init(&s->exec_context);
}
+static bool have_non_accept_socket(Socket *s) {
+ SocketPort *p;
+
+ assert(s);
+
+ if (!s->accept)
+ return true;
+
+ LIST_FOREACH(port, p, s->ports)
+ if (!socket_address_can_accept(&p->address))
+ return true;
+
+ return false;
+}
+
+static int socket_verify(Socket *s) {
+ assert(s);
+
+ if (UNIT(s)->meta.load_state != UNIT_LOADED)
+ return 0;
+
+ if (!s->ports) {
+ log_error("%s lacks Listen setting. Refusing.", UNIT(s)->meta.id);
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
static int socket_load(Unit *u) {
Socket *s = SOCKET(u);
int r;
/* This is a new unit? Then let's add in some extras */
if (u->meta.load_state == UNIT_LOADED) {
- if ((r = unit_load_related_unit(u, ".service", (Unit**) &s->service)))
- return r;
+ if (have_non_accept_socket(s)) {
+ if ((r = unit_load_related_unit(u, ".service", (Unit**) &s->service)))
+ return r;
- if ((r = unit_add_dependency(u, UNIT_BEFORE, UNIT(s->service))) < 0)
- return r;
+ if ((r = unit_add_dependency(u, UNIT_BEFORE, UNIT(s->service))) < 0)
+ return r;
+ }
if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
return r;
return r;
}
- return 0;
+ return socket_verify(s);
}
static const char* listen_lookup(int type) {
"%sBindToDevice: %s\n",
prefix, s->bind_to_device);
+ if (s->accept)
+ fprintf(f,
+ "%sAccepted: %u\n",
+ prefix, s->n_accepted);
+
LIST_FOREACH(port, p, s->ports) {
if (p->type == SOCKET_SOCKET) {
free(p2);
}
+static int instance_from_socket(int fd, unsigned nr, char **instance) {
+ socklen_t l;
+ char *r;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_un un;
+ struct sockaddr_in in;
+ struct sockaddr_in6 in6;
+ struct sockaddr_storage storage;
+ } local, remote;
+
+ assert(fd >= 0);
+ assert(instance);
+
+ l = sizeof(local);
+ if (getsockname(fd, &local.sa, &l) < 0)
+ return -errno;
+
+ l = sizeof(remote);
+ if (getpeername(fd, &remote.sa, &l) < 0)
+ return -errno;
+
+ switch (local.sa.sa_family) {
+
+ case AF_INET: {
+ uint32_t
+ a = ntohl(local.in.sin_addr.s_addr),
+ b = ntohl(remote.in.sin_addr.s_addr);
+
+ if (asprintf(&r,
+ "%u-%u.%u.%u.%u-%u-%u.%u.%u.%u-%u",
+ nr,
+ a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
+ ntohs(local.in.sin_port),
+ b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
+ ntohs(remote.in.sin_port)) < 0)
+ return -ENOMEM;
+
+ break;
+ }
+
+ case AF_INET6: {
+ char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
+
+ if (asprintf(&r,
+ "%u-%s-%u-%s-%u",
+ nr,
+ inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
+ ntohs(local.in6.sin6_port),
+ inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
+ ntohs(remote.in6.sin6_port)) < 0)
+ return -ENOMEM;
+
+ break;
+ }
+
+ case AF_UNIX: {
+ struct ucred ucred;
+
+ l = sizeof(ucred);
+ if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
+ return -errno;
+
+ if (asprintf(&r,
+ "%u-%llu-%llu",
+ nr,
+ (unsigned long long) ucred.pid,
+ (unsigned long long) ucred.uid) < 0)
+ return -ENOMEM;
+
+ break;
+ }
+
+ default:
+ assert_not_reached("Unhandled socket type.");
+ }
+
+ *instance = r;
+ return 0;
+}
+
static void socket_close_fds(Socket *s) {
SocketPort *p;
if (p->fd < 0)
continue;
+ p->fd_watch.data.socket_accept =
+ s->accept &&
+ socket_address_can_accept(&p->address);
+
if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
goto fail;
}
socket_enter_dead(s, false);
}
-static void socket_enter_running(Socket *s) {
+static void socket_enter_running(Socket *s, int cfd) {
int r;
assert(s);
- if ((r = manager_add_job(UNIT(s)->meta.manager, JOB_START, UNIT(s->service), JOB_REPLACE, true, NULL)) < 0)
- goto fail;
+ if (cfd < 0) {
+ if ((r = manager_add_job(UNIT(s)->meta.manager, JOB_START, UNIT(s->service), JOB_REPLACE, true, NULL)) < 0)
+ goto fail;
+
+ socket_set_state(s, SOCKET_RUNNING);
+ } else {
+ Unit *u;
+ char *prefix, *instance, *name;
+
+ if ((r = instance_from_socket(cfd, s->n_accepted++, &instance)))
+ goto fail;
+
+ if (!(prefix = unit_name_to_prefix(UNIT(s)->meta.id))) {
+ free(instance);
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ name = unit_name_build(prefix, instance, ".service");
+ free(prefix);
+ free(instance);
+
+ if (!name)
+ r = -ENOMEM;
+
+ r = manager_load_unit(UNIT(s)->meta.manager, name, NULL, &u);
+ free(name);
+
+ if (r < 0)
+ goto fail;
+
+ if ((r = service_set_socket_fd(SERVICE(u), cfd) < 0))
+ goto fail;
+
+ cfd = -1;
+
+ if ((r = manager_add_job(u->meta.manager, JOB_START, u, JOB_REPLACE, true, NULL)) < 0)
+ goto fail;
+ }
- socket_set_state(s, SOCKET_RUNNING);
return;
fail:
log_warning("%s failed to queue socket startup job: %s", s->meta.id, strerror(-r));
socket_enter_stop_pre(s, false);
+
+ if (cfd >= 0)
+ close_nointr_nofail(cfd);
}
static void socket_run_next(Socket *s, bool success) {
return 0;
/* Cannot run this without the service being around */
- if (s->service->meta.load_state != UNIT_LOADED)
- return -ENOENT;
-
- /* If the service is alredy actvie we cannot start the
- * socket */
- if (s->service->state != SERVICE_DEAD &&
- s->service->state != SERVICE_MAINTAINANCE &&
- s->service->state != SERVICE_AUTO_RESTART)
- return -EBUSY;
+ if (s->service) {
+ if (s->service->meta.load_state != UNIT_LOADED)
+ return -ENOENT;
+
+ /* If the service is alredy actvie we cannot start the
+ * socket */
+ if (s->service->state != SERVICE_DEAD &&
+ s->service->state != SERVICE_MAINTAINANCE &&
+ s->service->state != SERVICE_AUTO_RESTART)
+ return -EBUSY;
+ }
assert(s->state == SOCKET_DEAD || s->state == SOCKET_MAINTAINANCE);
static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
Socket *s = SOCKET(u);
+ int cfd = -1;
assert(s);
log_debug("Incoming traffic on %s", u->meta.id);
- if (events != EPOLLIN)
+ if (events != EPOLLIN) {
+ log_error("Got invalid poll event on socket.");
socket_enter_stop_pre(s, false);
+ return;
+ }
+
+ if (w->data.socket_accept) {
+ for (;;) {
+
+ if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
+
+ if (errno == EINTR)
+ continue;
+
+ log_error("Failed to accept socket: %m");
+ socket_enter_stop_pre(s, false);
+ return;
+ }
+
+ break;
+ }
+ }
- socket_enter_running(s);
+ socket_enter_running(s, cfd);
}
static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
mode_t directory_mode;
mode_t socket_mode;
+ bool accept;
+ unsigned n_accepted;
+
bool failure;
Watch timer_watch;
};
"0123456789" \
"abcdefghijklmnopqrstuvwxyz" \
"ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
- "-_.\\"
+ ":-_.\\"
UnitType unit_name_to_type(const char *n) {
UnitType t;
static char *default_cgroup_path(Unit *u) {
char *p;
+ int r;
assert(u);
- if (asprintf(&p, "%s/%s", u->meta.manager->cgroup_hierarchy, u->meta.id) < 0)
- return NULL;
+ if (u->meta.instance) {
+ char *t;
- return p;
+ if (!(t = unit_name_template(u->meta.id)))
+ return NULL;
+
+ r = asprintf(&p, "%s/%s/%s", u->meta.manager->cgroup_hierarchy, t, u->meta.instance);
+ free(t);
+ } else
+ r = asprintf(&p, "%s/%s", u->meta.manager->cgroup_hierarchy, u->meta.id);
+
+ return r < 0 ? NULL : p;
}
int unit_add_cgroup_from_text(Unit *u, const char *name) {
projects / people / ms / systemd.git / commitdiff
