]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
update TODO
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
718db961 30#include <netinet/tcp.h>
916abb21 31#include <mqueue.h>
d2edfae0 32#include <sys/xattr.h>
83c60c9f 33
718db961 34#include "sd-event.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
41f9172f 42#include "unit-printf.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
e51bc1a2 45#include "label.h"
9a57c629 46#include "exit-status.h"
f6a6225e 47#include "def.h"
5a045dad 48#include "smack-util.h"
718db961
LP		 49#include "bus-util.h"
50#include "bus-error.h"
e821075a
LP		 51#include "dbus-socket.h"
52#include "unit.h"
53#include "socket.h"
83c60c9f 54
acbb0225 55static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
3900e5fd 58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
87f0e418
LP		 59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 68 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 69};
5cb5a6ff 70
718db961
LP		 71static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
73
a16e1123
LP		 74static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
76
77 assert(u);
ac155bb8 78 assert(u->load_state == UNIT_STUB);
a16e1123 79
a16e1123 80 s->backlog = SOMAXCONN;
1f19a534 81 s->timeout_usec = u->manager->default_timeout_start_usec;
a16e1123 82 s->directory_mode = 0755;
9131f660 83 s->socket_mode = 0666;
a16e1123 84
6cf6bbc2
LP		 85 s->max_connections = 64;
86
4fd5948e 87 s->priority = -1;
4fd5948e
LP		 88 s->ip_tos = -1;
89 s->ip_ttl = -1;
4fd5948e 90 s->mark = -1;
4fd5948e 91
ac155bb8
MS		 92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
085afe36 94
a16e1123
LP		 95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
96}
acbb0225 97
5e94833f
LP		 98static void socket_unwatch_control_pid(Socket *s) {
99 assert(s);
100
101 if (s->control_pid <= 0)
102 return;
103
104 unit_unwatch_pid(UNIT(s), s->control_pid);
105 s->control_pid = 0;
106}
107
74051b9b 108void socket_free_ports(Socket *s) {
034c6ed7
LP		 109 SocketPort *p;
110
111 assert(s);
112
113 while ((p = s->ports)) {
71fda00f 114 LIST_REMOVE(port, s->ports, p);
034c6ed7 115
718db961
LP		 116 sd_event_source_unref(p->event_source);
117
03e334a1 118 safe_close(p->fd);
034c6ed7
LP		 119 free(p->path);
120 free(p);
121 }
74051b9b
LP		 122}
123
124static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
126
127 assert(s);
128
129 socket_free_ports(s);
034c6ed7 130
613b411c 131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
e537352b 132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 133 s->control_command = NULL;
134
5e94833f 135 socket_unwatch_control_pid(s);
034c6ed7 136
57020a3a 137 unit_ref_unset(&s->service);
034c6ed7 138
cebf8b20
TT		 139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
141
acbb0225 142 free(s->bind_to_device);
e537352b 143 s->bind_to_device = NULL;
acbb0225 144
0eb59ccf
AK		 145 free(s->smack);
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
148
811ba7a0
LP		 149 strv_free(s->symlinks);
150
3900e5fd
LP		 151 free(s->user);
152 free(s->group);
153
718db961
LP		 154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
155}
156
157static int socket_arm_timer(Socket *s) {
158 int r;
159
160 assert(s);
161
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
164 return 0;
165 }
166
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
169 if (r < 0)
170 return r;
171
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
173 }
174
6a0f1f6d
LP		 175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
178 CLOCK_MONOTONIC,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
5cb5a6ff
LP		 181}
182
8b835fcc
ZJS		 183int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
b15bdda8
LP		 185 int r;
186 Unit *u;
187
188 assert(s);
189
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
194
8b835fcc 195 if (UNIT_DEREF(s->service) || !s->accept)
b15bdda8
LP		 196 return 0;
197
315db1a8
ZJS		 198 prefix = unit_name_to_prefix(UNIT(s)->id);
199 if (!prefix)
b15bdda8
LP		 200 return -ENOMEM;
201
315db1a8 202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
b15bdda8
LP		 203 return -ENOMEM;
204
1124fe6f 205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 206 if (r < 0)
207 return r;
208
ac155bb8 209 u->no_gc = true;
57020a3a
LP		 210 unit_ref_set(&s->service, u);
211
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 213}
214
4f2d528d
LP		 215static bool have_non_accept_socket(Socket *s) {
216 SocketPort *p;
217
218 assert(s);
219
220 if (!s->accept)
221 return true;
222
dd5ad9d4
LP		 223 LIST_FOREACH(port, p, s->ports) {
224
225 if (p->type != SOCKET_SOCKET)
226 return true;
227
4f2d528d
LP		 228 if (!socket_address_can_accept(&p->address))
229 return true;
dd5ad9d4 230 }
4f2d528d
LP		 231
232 return false;
233}
234
a57f7e2c 235static int socket_add_mount_links(Socket *s) {
6e2ef85b 236 SocketPort *p;
6e2ef85b
LP		 237 int r;
238
239 assert(s);
6e2ef85b 240
a57f7e2c
LP		 241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
6e2ef85b 243
a57f7e2c
LP		 244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
247 path = p->path;
6e2ef85b 248
a57f7e2c
LP		 249 if (!path)
250 continue;
6e2ef85b 251
a57f7e2c 252 r = unit_require_mounts_for(UNIT(s), path);
b87705cd 253 if (r < 0)
6e2ef85b 254 return r;
b87705cd 255 }
6e2ef85b
LP		 256
257 return 0;
258}
259
260static int socket_add_device_link(Socket *s) {
261 char *t;
6e2ef85b
LP		 262
263 assert(s);
264
7d0c710d 265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
6e2ef85b
LP		 266 return 0;
267
e821075a
LP		 268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
6e2ef85b
LP		 270}
271
a40eb732
LP		 272static int socket_add_default_dependencies(Socket *s) {
273 int r;
274 assert(s);
275
e3d84721
LP		 276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
277 if (r < 0)
278 return r;
2a77d31d 279
e3d84721
LP		 280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
282 if (r < 0)
a40eb732 283 return r;
2a77d31d 284 }
a40eb732 285
ead8e478 286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 287}
288
44a6b1b6 289_pure_ static bool socket_has_exec(Socket *s) {
4cfc6dbe
LP		 290 unsigned i;
291 assert(s);
292
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
295 return true;
296
297 return false;
298}
299
e821075a
LP		 300static int socket_add_extras(Socket *s) {
301 Unit *u = UNIT(s);
e537352b 302 int r;
44d8db9e 303
e821075a 304 assert(s);
57020a3a 305
e821075a 306 if (have_non_accept_socket(s)) {
23a177ef 307
e821075a
LP		 308 if (!UNIT_DEREF(s->service)) {
309 Unit *x;
57020a3a 310
e821075a 311 r = unit_load_related_unit(u, ".service", &x);
57020a3a 312 if (r < 0)
4f2d528d 313 return r;
e821075a
LP		 314
315 unit_ref_set(&s->service, x);
4f2d528d 316 }
44d8db9e 317
e821075a
LP		 318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
319 if (r < 0)
6e2ef85b 320 return r;
e821075a 321 }
6e2ef85b 322
e821075a
LP		 323 r = socket_add_mount_links(s);
324 if (r < 0)
325 return r;
6e2ef85b 326
e821075a
LP		 327 r = socket_add_device_link(s);
328 if (r < 0)
329 return r;
330
598459ce 331 r = unit_patch_contexts(u);
e821075a
LP		 332 if (r < 0)
333 return r;
334
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
337 if (r < 0)
338 return r;
23a177ef 339
598459ce 340 r = unit_add_default_slice(u, &s->cgroup_context);
a016b922
LP		 341 if (r < 0)
342 return r;
e821075a 343 }
a016b922 344
e821075a
LP		 345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
347 if (r < 0)
348 return r;
349 }
350
351 return 0;
352}
353
811ba7a0
LP		 354static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
356 SocketPort *p;
357
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
360
361 switch (p->type) {
362
363 case SOCKET_FIFO:
364 f = p->path;
365 break;
366
367 case SOCKET_SOCKET:
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
370 break;
371
372 default:
373 break;
374 }
375
376 if (f) {
377 if (found)
378 return NULL;
379
380 found = f;
381 }
382 }
383
384 return found;
385}
386
e821075a
LP		 387static int socket_verify(Socket *s) {
388 assert(s);
389
390 if (UNIT(s)->load_state != UNIT_LOADED)
391 return 0;
392
393 if (!s->ports) {
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
395 return -EINVAL;
396 }
397
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
400 UNIT(s)->id);
401 return -EINVAL;
402 }
403
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
406 return -EINVAL;
407 }
e06c73cc 408
e821075a
LP		 409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
411 return -EINVAL;
412 }
413
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
416 return -EINVAL;
417 }
418
811ba7a0
LP		 419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
421 return -EINVAL;
422 }
423
e821075a
LP		 424 return 0;
425}
426
427static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
429 int r;
430
431 assert(u);
432 assert(u->load_state == UNIT_STUB);
433
434 r = unit_load_fragment_and_dropin(u);
435 if (r < 0)
436 return r;
437
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
e06c73cc
LP		 441 if (r < 0)
442 return r;
23a177ef
LP		 443 }
444
4f2d528d 445 return socket_verify(s);
44d8db9e
LP		 446}
447
44a6b1b6 448_const_ static const char* listen_lookup(int family, int type) {
7a22745a
LP		 449
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
542563ba
LP		 452
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
459
034c6ed7 460 assert_not_reached("Unknown socket type");
542563ba
LP		 461 return NULL;
462}
463
87f0e418 464static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 465 SocketExecCommand c;
87f0e418 466 Socket *s = SOCKET(u);
542563ba 467 SocketPort *p;
82ba9f08 468 const char *prefix2;
5cb5a6ff
LP		 469
470 assert(s);
fa068367 471 assert(f);
5cb5a6ff 472
e821075a 473 prefix2 = strappenda(prefix, "\t");
c43d20a0 474
5cb5a6ff
LP		 475 fprintf(f,
476 "%sSocket State: %s\n"
81a5c6d0 477 "%sResult: %s\n"
542563ba 478 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 479 "%sBacklog: %u\n"
480 "%sSocketMode: %04o\n"
4fd5948e
LP		 481 "%sDirectoryMode: %04o\n"
482 "%sKeepAlive: %s\n"
4427c3f4 483 "%sNoDelay: %s\n"
cebf8b20 484 "%sFreeBind: %s\n"
6b6d2dee 485 "%sTransparent: %s\n"
ec6370a2 486 "%sBroadcast: %s\n"
ede3deb4 487 "%sPassCredentials: %s\n"
54ecda32 488 "%sPassSecurity: %s\n"
bd1fe7c7
LP		 489 "%sTCPCongestion: %s\n"
490 "%sRemoveOnStop: %s\n",
a16e1123 491 prefix, socket_state_to_string(s->state),
81a5c6d0 492 prefix, socket_result_to_string(s->result),
c0120d99 493 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 494 prefix, s->backlog,
495 prefix, s->socket_mode,
4fd5948e
LP		 496 prefix, s->directory_mode,
497 prefix, yes_no(s->keep_alive),
4427c3f4 498 prefix, yes_no(s->no_delay),
cebf8b20 499 prefix, yes_no(s->free_bind),
6b6d2dee 500 prefix, yes_no(s->transparent),
ec6370a2 501 prefix, yes_no(s->broadcast),
d68af586 502 prefix, yes_no(s->pass_cred),
54ecda32 503 prefix, yes_no(s->pass_sec),
bd1fe7c7
LP		 504 prefix, strna(s->tcp_congestion),
505 prefix, yes_no(s->remove_on_stop));
542563ba 506
70123e68
LP		 507 if (s->control_pid > 0)
508 fprintf(f,
de0671ee
ZJS		 509 "%sControl PID: "PID_FMT"\n",
510 prefix, s->control_pid);
70123e68 511
acbb0225
LP		 512 if (s->bind_to_device)
513 fprintf(f,
514 "%sBindToDevice: %s\n",
515 prefix, s->bind_to_device);
516
4f2d528d
LP		 517 if (s->accept)
518 fprintf(f,
6cf6bbc2
LP		 519 "%sAccepted: %u\n"
520 "%sNConnections: %u\n"
521 "%sMaxConnections: %u\n",
522 prefix, s->n_accepted,
523 prefix, s->n_connections,
524 prefix, s->max_connections);
4f2d528d 525
4fd5948e
LP		 526 if (s->priority >= 0)
527 fprintf(f,
528 "%sPriority: %i\n",
529 prefix, s->priority);
530
531 if (s->receive_buffer > 0)
532 fprintf(f,
533 "%sReceiveBuffer: %zu\n",
534 prefix, s->receive_buffer);
535
536 if (s->send_buffer > 0)
537 fprintf(f,
538 "%sSendBuffer: %zu\n",
539 prefix, s->send_buffer);
540
541 if (s->ip_tos >= 0)
542 fprintf(f,
543 "%sIPTOS: %i\n",
544 prefix, s->ip_tos);
545
546 if (s->ip_ttl >= 0)
547 fprintf(f,
548 "%sIPTTL: %i\n",
549 prefix, s->ip_ttl);
550
551 if (s->pipe_size > 0)
552 fprintf(f,
553 "%sPipeSize: %zu\n",
554 prefix, s->pipe_size);
555
556 if (s->mark >= 0)
557 fprintf(f,
558 "%sMark: %i\n",
559 prefix, s->mark);
560
916abb21
LP		 561 if (s->mq_maxmsg > 0)
562 fprintf(f,
563 "%sMessageQueueMaxMessages: %li\n",
564 prefix, s->mq_maxmsg);
565
566 if (s->mq_msgsize > 0)
567 fprintf(f,
568 "%sMessageQueueMessageSize: %li\n",
569 prefix, s->mq_msgsize);
570
718db961 571 if (s->reuse_port)
f7db7a69
SL		 572 fprintf(f,
573 "%sReusePort: %s\n",
718db961 574 prefix, yes_no(s->reuse_port));
f7db7a69 575
0eb59ccf
AK		 576 if (s->smack)
577 fprintf(f,
578 "%sSmackLabel: %s\n",
579 prefix, s->smack);
580
581 if (s->smack_ip_in)
582 fprintf(f,
583 "%sSmackLabelIPIn: %s\n",
584 prefix, s->smack_ip_in);
585
586 if (s->smack_ip_out)
587 fprintf(f,
588 "%sSmackLabelIPOut: %s\n",
589 prefix, s->smack_ip_out);
590
3900e5fd
LP		 591 if (!isempty(s->user) || !isempty(s->group))
592 fprintf(f,
593 "%sOwnerUser: %s\n"
594 "%sOwnerGroup: %s\n",
595 prefix, strna(s->user),
596 prefix, strna(s->group));
597
034c6ed7 598 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 599
542563ba
LP		 600 if (p->type == SOCKET_SOCKET) {
601 const char *t;
602 int r;
e364ad06 603 char *k = NULL;
542563ba
LP		 604
605 if ((r = socket_address_print(&p->address, &k)) < 0)
606 t = strerror(-r);
607 else
608 t = k;
609
7a22745a 610 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 611 free(k);
b0a3f2bc
LP		 612 } else if (p->type == SOCKET_SPECIAL)
613 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 614 else if (p->type == SOCKET_MQUEUE)
615 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 616 else
542563ba
LP		 617 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
618 }
5cb5a6ff
LP		 619
620 exec_context_dump(&s->exec_context, f, prefix);
4819ff03 621 kill_context_dump(&s->kill_context, f, prefix);
5cb5a6ff 622
e537352b 623 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 624 if (!s->exec_command[c])
625 continue;
5cb5a6ff 626
40d50879 627 fprintf(f, "%s-> %s:\n",
a16e1123 628 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 629
630 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff
LP		 631 }
632}
633
4f2d528d
LP		 634static int instance_from_socket(int fd, unsigned nr, char **instance) {
635 socklen_t l;
636 char *r;
9d16d0c7 637 union sockaddr_union local, remote;
4f2d528d
LP		 638
639 assert(fd >= 0);
640 assert(instance);
641
642 l = sizeof(local);
643 if (getsockname(fd, &local.sa, &l) < 0)
644 return -errno;
645
646 l = sizeof(remote);
647 if (getpeername(fd, &remote.sa, &l) < 0)
648 return -errno;
649
650 switch (local.sa.sa_family) {
651
652 case AF_INET: {
653 uint32_t
654 a = ntohl(local.in.sin_addr.s_addr),
655 b = ntohl(remote.in.sin_addr.s_addr);
656
657 if (asprintf(&r,
77b088c2
LP		 658 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
659 nr,
4f2d528d
LP		 660 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
661 ntohs(local.in.sin_port),
662 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
663 ntohs(remote.in.sin_port)) < 0)
664 return -ENOMEM;
665
666 break;
667 }
668
669 case AF_INET6: {
c65a0b14 670 static const unsigned char ipv4_prefix[] = {
2b061f5a
LP		 671 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
672 };
673
674 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
675 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
676 const uint8_t
677 *a = local.in6.sin6_addr.s6_addr+12,
678 *b = remote.in6.sin6_addr.s6_addr+12;
679
680 if (asprintf(&r,
77b088c2
LP		 681 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
682 nr,
2b061f5a
LP		 683 a[0], a[1], a[2], a[3],
684 ntohs(local.in6.sin6_port),
685 b[0], b[1], b[2], b[3],
686 ntohs(remote.in6.sin6_port)) < 0)
687 return -ENOMEM;
688 } else {
689 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
690
691 if (asprintf(&r,
77b088c2
LP		 692 "%u-%s:%u-%s:%u",
693 nr,
2b061f5a
LP		 694 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
695 ntohs(local.in6.sin6_port),
696 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
697 ntohs(remote.in6.sin6_port)) < 0)
698 return -ENOMEM;
699 }
4f2d528d
LP		 700
701 break;
702 }
703
704 case AF_UNIX: {
705 struct ucred ucred;
eff05270 706 int k;
4f2d528d 707
eff05270 708 k = getpeercred(fd, &ucred);
d38f6e34
ZJS		 709 if (k >= 0) {
710 if (asprintf(&r,
711 "%u-"PID_FMT"-"UID_FMT,
712 nr, ucred.pid, ucred.uid) < 0)
713 return -ENOMEM;
714 } else if (k == -ENODATA) {
715 /* This handles the case where somebody is
716 * connecting from another pid/uid namespace
717 * (e.g. from outside of our container). */
718 if (asprintf(&r,
719 "%u-unknown",
720 nr) < 0)
721 return -ENOMEM;
722 } else
eff05270 723 return k;
2f20a8eb 724
2f20a8eb 725 break;
4f2d528d
LP		 726 }
727
728 default:
729 assert_not_reached("Unhandled socket type.");
730 }
731
732 *instance = r;
733 return 0;
734}
735
034c6ed7 736static void socket_close_fds(Socket *s) {
83c60c9f 737 SocketPort *p;
811ba7a0 738 char **i;
83c60c9f
LP		 739
740 assert(s);
741
034c6ed7 742 LIST_FOREACH(port, p, s->ports) {
718db961
LP		 743
744 p->event_source = sd_event_source_unref(p->event_source);
745
83c60c9f
LP		 746 if (p->fd < 0)
747 continue;
748
03e334a1 749 p->fd = safe_close(p->fd);
a16e1123 750
bd1fe7c7
LP		 751 /* One little note: we should normally not delete any
752 * sockets in the file system here! After all some
753 * other process we spawned might still have a
754 * reference of this fd and wants to continue to use
755 * it. Therefore we delete sockets in the file system
756 * before we create a new one, not after we stopped
757 * using one! */
758
759 if (s->remove_on_stop) {
760 switch (p->type) {
761
762 case SOCKET_FIFO:
763 unlink(p->path);
764 break;
765
766 case SOCKET_MQUEUE:
767 mq_unlink(p->path);
768 break;
769
770 case SOCKET_SOCKET:
771 socket_address_unlink(&p->address);
772 break;
773
774 default:
775 break;
776 }
777 }
83c60c9f 778 }
811ba7a0
LP		 779
780 if (s->remove_on_stop)
781 STRV_FOREACH(i, s->symlinks)
782 unlink(*i);
83c60c9f
LP		 783}
784
4fd5948e
LP		 785static void socket_apply_socket_options(Socket *s, int fd) {
786 assert(s);
787 assert(fd >= 0);
788
789 if (s->keep_alive) {
790 int b = s->keep_alive;
791 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
66870f90 792 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
4fd5948e
LP		 793 }
794
4427c3f4
SS		 795 if (s->no_delay) {
796 int b = s->no_delay;
797 if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
798 log_warning_unit(UNIT(s)->id, "TCP_NODELAY failed: %m");
799 }
800
ec6370a2
LP		 801 if (s->broadcast) {
802 int one = 1;
803 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
66870f90 804 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
ec6370a2
LP		 805 }
806
d68af586
MS		 807 if (s->pass_cred) {
808 int one = 1;
809 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
66870f90 810 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
d68af586
MS		 811 }
812
54ecda32
LP		 813 if (s->pass_sec) {
814 int one = 1;
815 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
66870f90 816 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
54ecda32
LP		 817 }
818
4fd5948e
LP		 819 if (s->priority >= 0)
820 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
66870f90 821 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
4fd5948e
LP		 822
823 if (s->receive_buffer > 0) {
824 int value = (int) s->receive_buffer;
7d9eaa84
LP		 825
826 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
827
b8cef44e 828 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 829 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
66870f90 830 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
4fd5948e
LP		 831 }
832
833 if (s->send_buffer > 0) {
834 int value = (int) s->send_buffer;
b8cef44e 835 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84 836 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
66870f90 837 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
4fd5948e
LP		 838 }
839
840 if (s->mark >= 0)
841 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
66870f90 842 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
4fd5948e
LP		 843
844 if (s->ip_tos >= 0)
845 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
66870f90 846 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
4fd5948e 847
46925ac5
LP		 848 if (s->ip_ttl >= 0) {
849 int r, x;
850
851 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 852
853 if (socket_ipv6_is_supported())
854 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
855 else {
856 x = -1;
857 errno = EAFNOSUPPORT;
858 }
46925ac5
LP		 859
860 if (r < 0 && x < 0)
66870f90
ZJS		 861 log_warning_unit(UNIT(s)->id,
862 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
46925ac5 863 }
cebf8b20
TT		 864
865 if (s->tcp_congestion)
866 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
66870f90 867 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
0eb59ccf 868
718db961
LP		 869 if (s->reuse_port) {
870 int b = s->reuse_port;
f0511bd7 871 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
f7db7a69
SL		 872 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
873 }
874
9a4e038c
KS		 875 if (s->smack_ip_in)
876 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
877 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
878
879 if (s->smack_ip_out)
880 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
881 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
4fd5948e
LP		 882}
883
b15bdda8 884static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 885 assert(s);
886 assert(fd >= 0);
887
888 if (s->pipe_size > 0)
889 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
66870f90
ZJS		 890 log_warning_unit(UNIT(s)->id,
891 "F_SETPIPE_SZ: %m");
0eb59ccf 892
9a4e038c
KS		 893 if (s->smack)
894 if (smack_label_fd(fd, s->smack) < 0)
895 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
4fd5948e
LP		 896}
897
b15bdda8
LP		 898static int fifo_address_create(
899 const char *path,
900 mode_t directory_mode,
901 mode_t socket_mode,
b15bdda8
LP		 902 int *_fd) {
903
7a58bfa4 904 int fd = -1, r = 0;
b15bdda8
LP		 905 struct stat st;
906 mode_t old_mask;
907
908 assert(path);
909 assert(_fd);
910
d2e54fae 911 mkdir_parents_label(path, directory_mode);
b15bdda8 912
e9a5ef7c
KS		 913 r = label_context_set(path, S_IFIFO);
914 if (r < 0)
56cf987f 915 goto fail;
b15bdda8
LP		 916
917 /* Enforce the right access mode for the fifo */
918 old_mask = umask(~ socket_mode);
919
920 /* Include the original umask in our mask */
921 umask(~socket_mode | old_mask);
922
923 r = mkfifo(path, socket_mode);
924 umask(old_mask);
925
94bc2731 926 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 927 r = -errno;
928 goto fail;
929 }
930
e4f44e73 931 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
b15bdda8
LP		 932 r = -errno;
933 goto fail;
934 }
935
e9a5ef7c 936 label_context_clear();
7a58bfa4 937
b15bdda8
LP		 938 if (fstat(fd, &st) < 0) {
939 r = -errno;
940 goto fail;
941 }
942
943 if (!S_ISFIFO(st.st_mode) ||
de0200fc 944 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
e4f44e73
DR		 945 st.st_uid != getuid() ||
946 st.st_gid != getgid()) {
b15bdda8
LP		 947
948 r = -EEXIST;
949 goto fail;
950 }
951
952 *_fd = fd;
953 return 0;
954
955fail:
e9a5ef7c 956 label_context_clear();
03e334a1 957 safe_close(fd);
b15bdda8
LP		 958
959 return r;
960}
961
b0a3f2bc
LP		 962static int special_address_create(
963 const char *path,
964 int *_fd) {
965
966 int fd = -1, r = 0;
967 struct stat st;
968
969 assert(path);
970 assert(_fd);
971
811ba7a0
LP		 972 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
973 if (fd < 0) {
b0a3f2bc
LP		 974 r = -errno;
975 goto fail;
976 }
977
978 if (fstat(fd, &st) < 0) {
979 r = -errno;
980 goto fail;
981 }
982
983 /* Check whether this is a /proc, /sys or /dev file or char device */
984 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
985 r = -EEXIST;
986 goto fail;
987 }
988
989 *_fd = fd;
990 return 0;
991
992fail:
03e334a1 993 safe_close(fd);
b0a3f2bc
LP		 994
995 return r;
996}
997
916abb21
LP		 998static int mq_address_create(
999 const char *path,
1000 mode_t mq_mode,
1001 long maxmsg,
1002 long msgsize,
1003 int *_fd) {
1004
1005 int fd = -1, r = 0;
1006 struct stat st;
1007 mode_t old_mask;
1008 struct mq_attr _attr, *attr = NULL;
1009
1010 assert(path);
1011 assert(_fd);
1012
1013 if (maxmsg > 0 && msgsize > 0) {
1014 zero(_attr);
1015 _attr.mq_flags = O_NONBLOCK;
1016 _attr.mq_maxmsg = maxmsg;
1017 _attr.mq_msgsize = msgsize;
1018 attr = &_attr;
1019 }
1020
1021 /* Enforce the right access mode for the mq */
1022 old_mask = umask(~ mq_mode);
1023
1024 /* Include the original umask in our mask */
1025 umask(~mq_mode | old_mask);
916abb21
LP		 1026 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1027 umask(old_mask);
1028
8ea913b2 1029 if (fd < 0) {
916abb21
LP		 1030 r = -errno;
1031 goto fail;
1032 }
1033
1034 if (fstat(fd, &st) < 0) {
1035 r = -errno;
1036 goto fail;
1037 }
1038
1039 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1040 st.st_uid != getuid() ||
1041 st.st_gid != getgid()) {
1042
1043 r = -EEXIST;
1044 goto fail;
1045 }
1046
1047 *_fd = fd;
1048 return 0;
1049
1050fail:
03e334a1 1051 safe_close(fd);
916abb21
LP		 1052 return r;
1053}
1054
811ba7a0
LP		 1055static int socket_symlink(Socket *s) {
1056 const char *p;
1057 char **i;
1058
1059 assert(s);
1060
1061 p = socket_find_symlink_target(s);
1062 if (!p)
1063 return 0;
1064
1065 STRV_FOREACH(i, s->symlinks)
1066 symlink(p, *i);
1067
1068 return 0;
1069}
1070
034c6ed7 1071static int socket_open_fds(Socket *s) {
83c60c9f
LP		 1072 SocketPort *p;
1073 int r;
56cf987f 1074 char *label = NULL;
049f8642 1075 bool know_label = false;
83c60c9f
LP		 1076
1077 assert(s);
1078
034c6ed7 1079 LIST_FOREACH(port, p, s->ports) {
83c60c9f 1080
034c6ed7
LP		 1081 if (p->fd >= 0)
1082 continue;
83c60c9f
LP		 1083
1084 if (p->type == SOCKET_SOCKET) {
1085
049f8642
LP		 1086 if (!know_label) {
1087
bd1fe7c7
LP		 1088 r = socket_instantiate_service(s);
1089 if (r < 0)
049f8642
LP		 1090 return r;
1091
9444b1f2 1092 if (UNIT_ISSET(s->service) &&
57020a3a
LP		 1093 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1094 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
bd1fe7c7
LP		 1095 if (r < 0 && r != -EPERM)
1096 return r;
189583d7 1097 }
049f8642
LP		 1098
1099 know_label = true;
1100 }
1101
175a3d25
LP		 1102 r = socket_address_listen(
1103 &p->address,
1104 SOCK_CLOEXEC|SOCK_NONBLOCK,
1105 s->backlog,
1106 s->bind_ipv6_only,
1107 s->bind_to_device,
1108 s->free_bind,
1109 s->transparent,
1110 s->directory_mode,
1111 s->socket_mode,
1112 label);
1113 if (r < 0)
83c60c9f
LP		 1114 goto rollback;
1115
175a3d25 1116 p->fd = r;
4fd5948e 1117 socket_apply_socket_options(s, p->fd);
811ba7a0 1118 socket_symlink(s);
4fd5948e 1119
b0a3f2bc
LP		 1120 } else if (p->type == SOCKET_SPECIAL) {
1121
175a3d25
LP		 1122 r = special_address_create(
1123 p->path,
1124 &p->fd);
1125 if (r < 0)
b0a3f2bc
LP		 1126 goto rollback;
1127
b15bdda8 1128 } else if (p->type == SOCKET_FIFO) {
83c60c9f 1129
175a3d25
LP		 1130 r = fifo_address_create(
1131 p->path,
1132 s->directory_mode,
1133 s->socket_mode,
1134 &p->fd);
1135 if (r < 0)
83c60c9f 1136 goto rollback;
83c60c9f 1137
b15bdda8 1138 socket_apply_fifo_options(s, p->fd);
811ba7a0
LP		 1139 socket_symlink(s);
1140
916abb21 1141 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 1142
175a3d25
LP		 1143 r = mq_address_create(
1144 p->path,
1145 s->socket_mode,
1146 s->mq_maxmsg,
1147 s->mq_msgsize,
1148 &p->fd);
1149 if (r < 0)
916abb21 1150 goto rollback;
b15bdda8
LP		 1151 } else
1152 assert_not_reached("Unknown port type");
034c6ed7
LP		 1153 }
1154
56cf987f 1155 label_free(label);
034c6ed7
LP		 1156 return 0;
1157
1158rollback:
1159 socket_close_fds(s);
56cf987f 1160 label_free(label);
034c6ed7
LP		 1161 return r;
1162}
1163
1164static void socket_unwatch_fds(Socket *s) {
1165 SocketPort *p;
718db961 1166 int r;
9152c765 1167
034c6ed7
LP		 1168 assert(s);
1169
1170 LIST_FOREACH(port, p, s->ports) {
1171 if (p->fd < 0)
1172 continue;
1173
a4152e3f
LP		 1174 if (!p->event_source)
1175 continue;
1176
1177 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1178 if (r < 0)
1179 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
83c60c9f 1180 }
034c6ed7
LP		 1181}
1182
1183static int socket_watch_fds(Socket *s) {
1184 SocketPort *p;
1185 int r;
1186
1187 assert(s);
83c60c9f 1188
034c6ed7
LP		 1189 LIST_FOREACH(port, p, s->ports) {
1190 if (p->fd < 0)
1191 continue;
1192
718db961
LP		 1193 if (p->event_source)
1194 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1195 else
151b9b96 1196 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
4f2d528d 1197
718db961
LP		 1198 if (r < 0) {
1199 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
034c6ed7 1200 goto fail;
718db961 1201 }
034c6ed7 1202 }
83c60c9f 1203
542563ba 1204 return 0;
83c60c9f 1205
034c6ed7
LP		 1206fail:
1207 socket_unwatch_fds(s);
1208 return r;
1209}
1210
1211static void socket_set_state(Socket *s, SocketState state) {
1212 SocketState old_state;
1213 assert(s);
1214
1215 old_state = s->state;
1216 s->state = state;
1217
bd1fe7c7
LP		 1218 if (!IN_SET(state,
1219 SOCKET_START_PRE,
3900e5fd 1220 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1221 SOCKET_START_POST,
1222 SOCKET_STOP_PRE,
1223 SOCKET_STOP_PRE_SIGTERM,
1224 SOCKET_STOP_PRE_SIGKILL,
1225 SOCKET_STOP_POST,
1226 SOCKET_FINAL_SIGTERM,
1227 SOCKET_FINAL_SIGKILL)) {
718db961
LP		 1228
1229 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
5e94833f 1230 socket_unwatch_control_pid(s);
034c6ed7 1231 s->control_command = NULL;
a16e1123 1232 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1233 }
034c6ed7 1234
a16e1123
LP		 1235 if (state != SOCKET_LISTENING)
1236 socket_unwatch_fds(s);
1237
bd1fe7c7 1238 if (!IN_SET(state,
3900e5fd 1239 SOCKET_START_CHOWN,
bd1fe7c7
LP		 1240 SOCKET_START_POST,
1241 SOCKET_LISTENING,
1242 SOCKET_RUNNING,
1243 SOCKET_STOP_PRE,
1244 SOCKET_STOP_PRE_SIGTERM,
1245 SOCKET_STOP_PRE_SIGKILL))
034c6ed7
LP		 1246 socket_close_fds(s);
1247
e537352b 1248 if (state != old_state)
e821075a
LP		 1249 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1250 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
acbb0225 1251
e2f3b44c 1252 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1253}
1254
a16e1123
LP		 1255static int socket_coldplug(Unit *u) {
1256 Socket *s = SOCKET(u);
1257 int r;
1258
1259 assert(s);
1260 assert(s->state == SOCKET_DEAD);
1261
e821075a
LP		 1262 if (s->deserialized_state == s->state)
1263 return 0;
a16e1123 1264
3900e5fd
LP		 1265 if (IN_SET(s->deserialized_state,
1266 SOCKET_START_PRE,
1267 SOCKET_START_CHOWN,
1268 SOCKET_START_POST,
1269 SOCKET_STOP_PRE,
1270 SOCKET_STOP_PRE_SIGTERM,
1271 SOCKET_STOP_PRE_SIGKILL,
1272 SOCKET_STOP_POST,
1273 SOCKET_FINAL_SIGTERM,
1274 SOCKET_FINAL_SIGKILL)) {
a16e1123 1275
e821075a
LP		 1276 if (s->control_pid <= 0)
1277 return -EBADMSG;
a16e1123 1278
e821075a
LP		 1279 r = unit_watch_pid(UNIT(s), s->control_pid);
1280 if (r < 0)
1281 return r;
a16e1123 1282
e821075a
LP		 1283 r = socket_arm_timer(s);
1284 if (r < 0)
1285 return r;
1286 }
a16e1123 1287
3900e5fd
LP		 1288 if (IN_SET(s->deserialized_state,
1289 SOCKET_START_CHOWN,
1290 SOCKET_START_POST,
1291 SOCKET_LISTENING,
1292 SOCKET_RUNNING,
1293 SOCKET_STOP_PRE,
1294 SOCKET_STOP_PRE_SIGTERM,
1295 SOCKET_STOP_PRE_SIGKILL)) {
e821075a
LP		 1296 r = socket_open_fds(s);
1297 if (r < 0)
1298 return r;
1299 }
a16e1123 1300
e821075a
LP		 1301 if (s->deserialized_state == SOCKET_LISTENING) {
1302 r = socket_watch_fds(s);
1303 if (r < 0)
1304 return r;
a16e1123
LP		 1305 }
1306
e821075a 1307 socket_set_state(s, s->deserialized_state);
a16e1123
LP		 1308 return 0;
1309}
1310
e537352b 1311static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
3900e5fd 1312 _cleanup_free_ char **argv = NULL;
034c6ed7
LP		 1313 pid_t pid;
1314 int r;
1315
1316 assert(s);
1317 assert(c);
1318 assert(_pid);
1319
4ad49000
LP		 1320 unit_realize_cgroup(UNIT(s));
1321
613b411c
LP		 1322 r = unit_setup_exec_runtime(UNIT(s));
1323 if (r < 0)
1324 goto fail;
1325
718db961 1326 r = socket_arm_timer(s);
36697dc0 1327 if (r < 0)
e537352b 1328 goto fail;
034c6ed7 1329
19f6d710
LP		 1330 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1331 if (r < 0)
9e2f7c11 1332 goto fail;
9e2f7c11
LP		 1333
1334 r = exec_spawn(c,
1335 argv,
1336 &s->exec_context,
1337 NULL, 0,
1124fe6f 1338 UNIT(s)->manager->environment,
9e2f7c11
LP		 1339 true,
1340 true,
1e3ad081 1341 true,
1124fe6f 1342 UNIT(s)->manager->confirm_spawn,
13b84ec7 1343 UNIT(s)->manager->cgroup_supported,
4ad49000 1344 UNIT(s)->cgroup_path,
e66cf1a3 1345 manager_get_runtime_prefix(UNIT(s)->manager),
62bca2c6 1346 UNIT(s)->id,
09812eb7 1347 0,
f2b68789 1348 NULL,
613b411c 1349 s->exec_runtime,
9e2f7c11 1350 &pid);
cee288ad
TA		 1351 if (r < 0)
1352 goto fail;
9e2f7c11 1353
3900e5fd 1354 r = unit_watch_pid(UNIT(s), pid);
9e2f7c11 1355 if (r < 0)
3900e5fd 1356 /* FIXME: we need to do something here */
034c6ed7
LP		 1357 goto fail;
1358
3900e5fd
LP		 1359 *_pid = pid;
1360 return 0;
1361
1362fail:
1363 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1364 return r;
1365}
1366
1367static int socket_chown(Socket *s, pid_t *_pid) {
1368 pid_t pid;
1369 int r;
1370
1371 r = socket_arm_timer(s);
1372 if (r < 0)
1373 goto fail;
1374
1375 /* We have to resolve the user names out-of-process, hence
1376 * let's fork here. It's messy, but well, what can we do? */
1377
1378 pid = fork();
1379 if (pid < 0)
1380 return -errno;
1381
1382 if (pid == 0) {
1383 SocketPort *p;
1384 uid_t uid = (uid_t) -1;
1385 gid_t gid = (gid_t) -1;
1386 int ret;
1387
1388 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1389 ignore_signals(SIGPIPE, -1);
1390 log_forget_fds();
1391
1392 if (!isempty(s->user)) {
1393 const char *user = s->user;
1394
1395 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1396 if (r < 0) {
1397 ret = EXIT_USER;
1398 goto fail_child;
1399 }
1400 }
1401
1402 if (!isempty(s->group)) {
1403 const char *group = s->group;
1404
1405 r = get_group_creds(&group, &gid);
1406 if (r < 0) {
1407 ret = EXIT_GROUP;
1408 goto fail_child;
1409 }
1410 }
1411
1412 LIST_FOREACH(port, p, s->ports) {
e5a1c18d 1413 const char *path = NULL;
3900e5fd
LP		 1414
1415 if (p->type == SOCKET_SOCKET)
1416 path = socket_address_get_path(&p->address);
1417 else if (p->type == SOCKET_FIFO)
1418 path = p->path;
1419
1420 if (!path)
1421 continue;
1422
1423 if (chown(path, uid, gid) < 0) {
1424 r = -errno;
1425 ret = EXIT_CHOWN;
1426 goto fail_child;
1427 }
1428 }
1429
1430 _exit(0);
1431
1432 fail_child:
1433 log_open();
1434 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1435
1436 _exit(ret);
1437 }
1438
718db961
LP		 1439 r = unit_watch_pid(UNIT(s), pid);
1440 if (r < 0)
034c6ed7 1441 goto fail;
83c60c9f 1442
034c6ed7 1443 *_pid = pid;
034c6ed7
LP		 1444 return 0;
1445
1446fail:
718db961 1447 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
83c60c9f 1448 return r;
542563ba
LP		 1449}
1450
cfc4eb4c 1451static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1452 assert(s);
1453
cfc4eb4c
LP		 1454 if (f != SOCKET_SUCCESS)
1455 s->result = f;
034c6ed7 1456
613b411c
LP		 1457 exec_runtime_destroy(s->exec_runtime);
1458 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1459
e66cf1a3
LP		 1460 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1461
cfc4eb4c 1462 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1463}
1464
cfc4eb4c 1465static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1466
cfc4eb4c 1467static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1468 int r;
1469 assert(s);
1470
cfc4eb4c
LP		 1471 if (f != SOCKET_SUCCESS)
1472 s->result = f;
034c6ed7 1473
5e94833f 1474 socket_unwatch_control_pid(s);
a16e1123 1475 s->control_command_id = SOCKET_EXEC_STOP_POST;
3900e5fd 1476 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
a16e1123 1477
3900e5fd
LP		 1478 if (s->control_command) {
1479 r = socket_spawn(s, s->control_command, &s->control_pid);
1480 if (r < 0)
034c6ed7
LP		 1481 goto fail;
1482
80876c20
LP		 1483 socket_set_state(s, SOCKET_STOP_POST);
1484 } else
cfc4eb4c 1485 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1486
1487 return;
1488
1489fail:
66870f90
ZJS		 1490 log_warning_unit(UNIT(s)->id,
1491 "%s failed to run 'stop-post' task: %s",
1492 UNIT(s)->id, strerror(-r));
cfc4eb4c 1493 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1494}
1495
cfc4eb4c 1496static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7
LP		 1497 int r;
1498
1499 assert(s);
1500
cfc4eb4c
LP		 1501 if (f != SOCKET_SUCCESS)
1502 s->result = f;
034c6ed7 1503
cd2086fe
LP		 1504 r = unit_kill_context(
1505 UNIT(s),
1506 &s->kill_context,
1507 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1508 -1,
1509 s->control_pid,
1510 false);
1511 if (r < 0)
1512 goto fail;
034c6ed7 1513
cd2086fe 1514 if (r > 0) {
718db961 1515 r = socket_arm_timer(s);
36697dc0 1516 if (r < 0)
80876c20 1517 goto fail;
d6ea93e3 1518
80876c20 1519 socket_set_state(s, state);
ac84d1fb
LP		 1520 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1521 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1522 else if (state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1523 socket_enter_stop_post(s, SOCKET_SUCCESS);
ac84d1fb
LP		 1524 else if (state == SOCKET_FINAL_SIGTERM)
1525 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
80876c20 1526 else
cfc4eb4c 1527 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1528
1529 return;
1530
1531fail:
e821075a 1532 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1533
1534 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1535 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1536 else
cfc4eb4c 1537 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1538}
1539
cfc4eb4c 1540static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1541 int r;
1542 assert(s);
1543
cfc4eb4c
LP		 1544 if (f != SOCKET_SUCCESS)
1545 s->result = f;
034c6ed7 1546
5e94833f 1547 socket_unwatch_control_pid(s);
a16e1123 1548 s->control_command_id = SOCKET_EXEC_STOP_PRE;
3900e5fd 1549 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
a16e1123 1550
3900e5fd
LP		 1551 if (s->control_command) {
1552 r = socket_spawn(s, s->control_command, &s->control_pid);
1553 if (r < 0)
034c6ed7
LP		 1554 goto fail;
1555
80876c20
LP		 1556 socket_set_state(s, SOCKET_STOP_PRE);
1557 } else
cfc4eb4c 1558 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1559
1560 return;
1561
1562fail:
e821075a 1563 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1564 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1565}
1566
e9af15c3
LP		 1567static void socket_enter_listening(Socket *s) {
1568 int r;
1569 assert(s);
1570
cfc4eb4c
LP		 1571 r = socket_watch_fds(s);
1572 if (r < 0) {
e821075a 1573 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1574 goto fail;
1575 }
1576
1577 socket_set_state(s, SOCKET_LISTENING);
1578 return;
1579
1580fail:
cfc4eb4c 1581 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1582}
1583
034c6ed7
LP		 1584static void socket_enter_start_post(Socket *s) {
1585 int r;
1586 assert(s);
1587
3900e5fd
LP		 1588 socket_unwatch_control_pid(s);
1589 s->control_command_id = SOCKET_EXEC_START_POST;
1590 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1591
1592 if (s->control_command) {
1593 r = socket_spawn(s, s->control_command, &s->control_pid);
1594 if (r < 0) {
1595 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1596 goto fail;
1597 }
1598
1599 socket_set_state(s, SOCKET_START_POST);
1600 } else
1601 socket_enter_listening(s);
1602
1603 return;
1604
1605fail:
1606 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1607}
1608
1609static void socket_enter_start_chown(Socket *s) {
1610 int r;
1611
1612 assert(s);
1613
cfc4eb4c
LP		 1614 r = socket_open_fds(s);
1615 if (r < 0) {
e821075a 1616 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1617 goto fail;
1618 }
1619
3900e5fd 1620 if (!isempty(s->user) || !isempty(s->group)) {
5e94833f 1621
3900e5fd
LP		 1622 socket_unwatch_control_pid(s);
1623 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1624 s->control_command = NULL;
a16e1123 1625
3900e5fd 1626 r = socket_chown(s, &s->control_pid);
cfc4eb4c 1627 if (r < 0) {
3900e5fd 1628 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1629 goto fail;
1630 }
1631
3900e5fd 1632 socket_set_state(s, SOCKET_START_CHOWN);
80876c20 1633 } else
3900e5fd 1634 socket_enter_start_post(s);
034c6ed7
LP		 1635
1636 return;
1637
1638fail:
cfc4eb4c 1639 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1640}
1641
1642static void socket_enter_start_pre(Socket *s) {
1643 int r;
1644 assert(s);
1645
5e94833f 1646 socket_unwatch_control_pid(s);
a16e1123 1647 s->control_command_id = SOCKET_EXEC_START_PRE;
3900e5fd 1648 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
a16e1123 1649
3900e5fd 1650 if (s->control_command) {
e821075a 1651 r = socket_spawn(s, s->control_command, &s->control_pid);
3900e5fd
LP		 1652 if (r < 0) {
1653 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7 1654 goto fail;
3900e5fd 1655 }
034c6ed7 1656
80876c20
LP		 1657 socket_set_state(s, SOCKET_START_PRE);
1658 } else
3900e5fd 1659 socket_enter_start_chown(s);
034c6ed7
LP		 1660
1661 return;
1662
1663fail:
cfc4eb4c 1664 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1665}
1666
4f2d528d 1667static void socket_enter_running(Socket *s, int cfd) {
718db961 1668 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
034c6ed7
LP		 1669 int r;
1670
1671 assert(s);
1672
ba3e67a7
LP		 1673 /* We don't take connections anymore if we are supposed to
1674 * shut down anyway */
31afa0a4 1675 if (unit_stop_pending(UNIT(s))) {
e821075a
LP		 1676
1677 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1678
7c610628 1679 if (cfd >= 0)
03e334a1 1680 safe_close(cfd);
7c610628
LP		 1681 else {
1682 /* Flush all sockets by closing and reopening them */
1683 socket_close_fds(s);
1684
16ac4014
LP		 1685 r = socket_open_fds(s);
1686 if (r < 0) {
1687 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1688 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1689 return;
1690 }
1691
1a710b43
MS		 1692 r = socket_watch_fds(s);
1693 if (r < 0) {
e821075a 1694 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1695 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1696 }
1697 }
1698
ba3e67a7
LP		 1699 return;
1700 }
1701
4f2d528d 1702 if (cfd < 0) {
57020a3a 1703 Iterator i;
e821075a 1704 Unit *other;
f976f3f6 1705 bool pending = false;
f976f3f6
LP		 1706
1707 /* If there's already a start pending don't bother to
1708 * do anything */
e821075a
LP		 1709 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1710 if (unit_active_or_pending(other)) {
57020a3a
LP		 1711 pending = true;
1712 break;
1713 }
f976f3f6 1714
1a710b43 1715 if (!pending) {
640ace4a
LP		 1716 if (!UNIT_ISSET(s->service)) {
1717 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1718 r = -ENOENT;
1719 goto fail;
1720 }
1721
1a710b43
MS		 1722 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1723 if (r < 0)
f976f3f6 1724 goto fail;
1a710b43 1725 }
4f2d528d
LP		 1726
1727 socket_set_state(s, SOCKET_RUNNING);
1728 } else {
e55001eb 1729 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
b15bdda8 1730 Service *service;
4f2d528d 1731
6cf6bbc2 1732 if (s->n_connections >= s->max_connections) {
e821075a 1733 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
03e334a1 1734 safe_close(cfd);
6cf6bbc2
LP		 1735 return;
1736 }
1737
1a710b43
MS		 1738 r = socket_instantiate_service(s);
1739 if (r < 0)
b15bdda8
LP		 1740 goto fail;
1741
1a710b43
MS		 1742 r = instance_from_socket(cfd, s->n_accepted, &instance);
1743 if (r < 0) {
1744 if (r != -ENOTCONN)
1745 goto fail;
1746
1747 /* ENOTCONN is legitimate if TCP RST was received.
1748 * This connection is over, but the socket unit lives on. */
03e334a1 1749 safe_close(cfd);
1a710b43
MS		 1750 return;
1751 }
4f2d528d 1752
1a710b43
MS		 1753 prefix = unit_name_to_prefix(UNIT(s)->id);
1754 if (!prefix) {
4f2d528d
LP		 1755 r = -ENOMEM;
1756 goto fail;
1757 }
1758
1759 name = unit_name_build(prefix, instance, ".service");
b6dbbe1c 1760 if (!name) {
4f2d528d 1761 r = -ENOMEM;
b6dbbe1c
LP		 1762 goto fail;
1763 }
4f2d528d 1764
1a710b43 1765 r = unit_add_name(UNIT_DEREF(s->service), name);
e55001eb 1766 if (r < 0)
4f2d528d 1767 goto fail;
b15bdda8 1768
57020a3a
LP		 1769 service = SERVICE(UNIT_DEREF(s->service));
1770 unit_ref_unset(&s->service);
b15bdda8 1771 s->n_accepted ++;
4f2d528d 1772
1124fe6f 1773 UNIT(service)->no_gc = false;
6c073082 1774
b15bdda8 1775 unit_choose_id(UNIT(service), name);
b15bdda8 1776
1a710b43
MS		 1777 r = service_set_socket_fd(service, cfd, s);
1778 if (r < 0)
4f2d528d
LP		 1779 goto fail;
1780
1781 cfd = -1;
6cf6bbc2
LP		 1782 s->n_connections ++;
1783
1a710b43
MS		 1784 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1785 if (r < 0)
4f2d528d 1786 goto fail;
c4e2ceae
LP		 1787
1788 /* Notify clients about changed counters */
1789 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1790 }
034c6ed7 1791
034c6ed7
LP		 1792 return;
1793
1794fail:
e821075a
LP		 1795 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1796 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
718db961 1797 bus_error_message(&error, r));
e821075a 1798
60089004 1799 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
03e334a1 1800 safe_close(cfd);
034c6ed7
LP		 1801}
1802
cfc4eb4c 1803static void socket_run_next(Socket *s) {
034c6ed7
LP		 1804 int r;
1805
1806 assert(s);
1807 assert(s->control_command);
1808 assert(s->control_command->command_next);
1809
5e94833f
LP		 1810 socket_unwatch_control_pid(s);
1811
034c6ed7
LP		 1812 s->control_command = s->control_command->command_next;
1813
e821075a
LP		 1814 r = socket_spawn(s, s->control_command, &s->control_pid);
1815 if (r < 0)
034c6ed7
LP		 1816 goto fail;
1817
1818 return;
1819
1820fail:
e821075a 1821 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1822
1823 if (s->state == SOCKET_START_POST)
cfc4eb4c 1824 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1825 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1826 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1827 else
cfc4eb4c 1828 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1829}
1830
87f0e418
LP		 1831static int socket_start(Unit *u) {
1832 Socket *s = SOCKET(u);
83c60c9f
LP		 1833
1834 assert(s);
1835
034c6ed7
LP		 1836 /* We cannot fulfill this request right now, try again later
1837 * please! */
3900e5fd
LP		 1838 if (IN_SET(s->state,
1839 SOCKET_STOP_PRE,
1840 SOCKET_STOP_PRE_SIGKILL,
1841 SOCKET_STOP_PRE_SIGTERM,
1842 SOCKET_STOP_POST,
1843 SOCKET_FINAL_SIGTERM,
1844 SOCKET_FINAL_SIGKILL))
034c6ed7
LP		 1845 return -EAGAIN;
1846
a4152e3f 1847 /* Already on it! */
3900e5fd
LP		 1848 if (IN_SET(s->state,
1849 SOCKET_START_PRE,
1850 SOCKET_START_CHOWN,
1851 SOCKET_START_POST))
034c6ed7 1852 return 0;
83c60c9f 1853
034c6ed7 1854 /* Cannot run this without the service being around */
9444b1f2 1855 if (UNIT_ISSET(s->service)) {
57020a3a
LP		 1856 Service *service;
1857
1858 service = SERVICE(UNIT_DEREF(s->service));
1859
1124fe6f 1860 if (UNIT(service)->load_state != UNIT_LOADED) {
e821075a 1861 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1862 return -ENOENT;
4ac9236f 1863 }
4f2d528d 1864
35b8ca3a 1865 /* If the service is already active we cannot start the
4f2d528d 1866 * socket */
57020a3a
LP		 1867 if (service->state != SERVICE_DEAD &&
1868 service->state != SERVICE_FAILED &&
1869 service->state != SERVICE_AUTO_RESTART) {
e821075a 1870 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1871 return -EBUSY;
4ac9236f 1872 }
4f2d528d 1873 }
e537352b 1874
fdf20a31 1875 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1876
cfc4eb4c 1877 s->result = SOCKET_SUCCESS;
034c6ed7 1878 socket_enter_start_pre(s);
e821075a 1879
034c6ed7
LP		 1880 return 0;
1881}
83c60c9f 1882
87f0e418
LP		 1883static int socket_stop(Unit *u) {
1884 Socket *s = SOCKET(u);
034c6ed7
LP		 1885
1886 assert(s);
1887
e537352b 1888 /* Already on it */
3900e5fd
LP		 1889 if (IN_SET(s->state,
1890 SOCKET_STOP_PRE,
1891 SOCKET_STOP_PRE_SIGTERM,
1892 SOCKET_STOP_PRE_SIGKILL,
1893 SOCKET_STOP_POST,
1894 SOCKET_FINAL_SIGTERM,
1895 SOCKET_FINAL_SIGKILL))
e537352b
LP		 1896 return 0;
1897
3f6c78dc
LP		 1898 /* If there's already something running we go directly into
1899 * kill mode. */
3900e5fd
LP		 1900 if (IN_SET(s->state,
1901 SOCKET_START_PRE,
1902 SOCKET_START_CHOWN,
1903 SOCKET_START_POST)) {
cfc4eb4c 1904 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1905 return -EAGAIN;
1906 }
1907
034c6ed7 1908 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1909
cfc4eb4c 1910 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1911 return 0;
1912}
1913
a16e1123
LP		 1914static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1915 Socket *s = SOCKET(u);
1916 SocketPort *p;
1917 int r;
1918
1919 assert(u);
1920 assert(f);
1921 assert(fds);
1922
1923 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1924 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1925 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1926
1927 if (s->control_pid > 0)
de0671ee 1928 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
a16e1123
LP		 1929
1930 if (s->control_command_id >= 0)
1931 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1932
1933 LIST_FOREACH(port, p, s->ports) {
1934 int copy;
1935
1936 if (p->fd < 0)
1937 continue;
1938
613b411c
LP		 1939 copy = fdset_put_dup(fds, p->fd);
1940 if (copy < 0)
a16e1123
LP		 1941 return copy;
1942
1943 if (p->type == SOCKET_SOCKET) {
613b411c 1944 _cleanup_free_ char *t = NULL;
a16e1123 1945
ee092817
LP		 1946 r = socket_address_print(&p->address, &t);
1947 if (r < 0)
a16e1123
LP		 1948 return r;
1949
7a22745a
LP		 1950 if (socket_address_family(&p->address) == AF_NETLINK)
1951 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1952 else
1953 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
613b411c 1954
b0a3f2bc
LP		 1955 } else if (p->type == SOCKET_SPECIAL)
1956 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
ee092817
LP		 1957 else if (p->type == SOCKET_MQUEUE)
1958 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
b0a3f2bc 1959 else {
a16e1123
LP		 1960 assert(p->type == SOCKET_FIFO);
1961 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1962 }
1963 }
1964
1965 return 0;
1966}
1967
1968static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1969 Socket *s = SOCKET(u);
a16e1123
LP		 1970
1971 assert(u);
1972 assert(key);
1973 assert(value);
a16e1123
LP		 1974
1975 if (streq(key, "state")) {
1976 SocketState state;
1977
ee092817
LP		 1978 state = socket_state_from_string(value);
1979 if (state < 0)
e821075a 1980 log_debug_unit(u->id, "Failed to parse state value %s", value);
a16e1123
LP		 1981 else
1982 s->deserialized_state = state;
cfc4eb4c
LP		 1983 } else if (streq(key, "result")) {
1984 SocketResult f;
a16e1123 1985
cfc4eb4c
LP		 1986 f = socket_result_from_string(value);
1987 if (f < 0)
e821075a 1988 log_debug_unit(u->id, "Failed to parse result value %s", value);
cfc4eb4c
LP		 1989 else if (f != SOCKET_SUCCESS)
1990 s->result = f;
a16e1123
LP		 1991
1992 } else if (streq(key, "n-accepted")) {
1993 unsigned k;
1994
e364ad06 1995 if (safe_atou(value, &k) < 0)
e821075a 1996 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
a16e1123
LP		 1997 else
1998 s->n_accepted += k;
1999 } else if (streq(key, "control-pid")) {
5925dd3c 2000 pid_t pid;
a16e1123 2001
e364ad06 2002 if (parse_pid(value, &pid) < 0)
e821075a 2003 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
a16e1123 2004 else
5925dd3c 2005 s->control_pid = pid;
a16e1123
LP		 2006 } else if (streq(key, "control-command")) {
2007 SocketExecCommand id;
2008
66870f90
ZJS		 2009 id = socket_exec_command_from_string(value);
2010 if (id < 0)
e821075a 2011 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
a16e1123
LP		 2012 else {
2013 s->control_command_id = id;
2014 s->control_command = s->exec_command[id];
2015 }
2016 } else if (streq(key, "fifo")) {
2017 int fd, skip = 0;
2018 SocketPort *p;
2019
2020 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2021 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
a16e1123
LP		 2022 else {
2023
2024 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 2025 if (p->type == SOCKET_FIFO &&
2026 streq_ptr(p->path, value+skip))
2027 break;
2028
2029 if (p) {
03e334a1 2030 safe_close(p->fd);
b0a3f2bc
LP		 2031 p->fd = fdset_remove(fds, fd);
2032 }
2033 }
2034
2035 } else if (streq(key, "special")) {
2036 int fd, skip = 0;
2037 SocketPort *p;
2038
2039 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2040 log_debug_unit(u->id, "Failed to parse special value %s", value);
b0a3f2bc
LP		 2041 else {
2042
2043 LIST_FOREACH(port, p, s->ports)
2044 if (p->type == SOCKET_SPECIAL &&
2045 streq_ptr(p->path, value+skip))
a16e1123
LP		 2046 break;
2047
2048 if (p) {
03e334a1 2049 safe_close(p->fd);
a16e1123
LP		 2050 p->fd = fdset_remove(fds, fd);
2051 }
2052 }
2053
ee092817
LP		 2054 } else if (streq(key, "mqueue")) {
2055 int fd, skip = 0;
2056 SocketPort *p;
2057
2058 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2059 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
ee092817
LP		 2060 else {
2061
2062 LIST_FOREACH(port, p, s->ports)
2063 if (p->type == SOCKET_MQUEUE &&
2064 streq_ptr(p->path, value+skip))
2065 break;
2066
2067 if (p) {
03e334a1 2068 safe_close(p->fd);
ee092817
LP		 2069 p->fd = fdset_remove(fds, fd);
2070 }
2071 }
2072
a16e1123 2073 } else if (streq(key, "socket")) {
27ca8d7a 2074 int fd, type, skip = 0;
a16e1123
LP		 2075 SocketPort *p;
2076
27ca8d7a 2077 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
e821075a 2078 log_debug_unit(u->id, "Failed to parse socket value %s", value);
a16e1123
LP		 2079 else {
2080
2081 LIST_FOREACH(port, p, s->ports)
27ca8d7a 2082 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 2083 break;
2084
2085 if (p) {
03e334a1 2086 safe_close(p->fd);
a16e1123
LP		 2087 p->fd = fdset_remove(fds, fd);
2088 }
2089 }
2090
7a22745a
LP		 2091 } else if (streq(key, "netlink")) {
2092 int fd, skip = 0;
2093 SocketPort *p;
2094
2095 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
e821075a 2096 log_debug_unit(u->id, "Failed to parse socket value %s", value);
7a22745a
LP		 2097 else {
2098
2099 LIST_FOREACH(port, p, s->ports)
2100 if (socket_address_is_netlink(&p->address, value+skip))
2101 break;
2102
2103 if (p) {
03e334a1 2104 safe_close(p->fd);
7a22745a
LP		 2105 p->fd = fdset_remove(fds, fd);
2106 }
2107 }
a16e1123 2108 } else
e821075a 2109 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
a16e1123
LP		 2110
2111 return 0;
2112}
2113
01e10de3
LP		 2114static int socket_distribute_fds(Unit *u, FDSet *fds) {
2115 Socket *s = SOCKET(u);
2116 SocketPort *p;
2117
2118 assert(u);
2119
2120 LIST_FOREACH(port, p, s->ports) {
2121 Iterator i;
2122 int fd;
2123
2124 if (p->type != SOCKET_SOCKET)
2125 continue;
2126
2127 if (p->fd >= 0)
2128 continue;
2129
2130 FDSET_FOREACH(fd, fds, i) {
2131 if (socket_address_matches_fd(&p->address, fd)) {
2132 p->fd = fdset_remove(fds, fd);
2133 s->deserialized_state = SOCKET_LISTENING;
2134 break;
2135 }
2136 }
2137 }
2138
2139 return 0;
2140}
2141
44a6b1b6 2142_pure_ static UnitActiveState socket_active_state(Unit *u) {
87f0e418 2143 assert(u);
5cb5a6ff 2144
acbb0225 2145 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 2146}
2147
44a6b1b6 2148_pure_ static const char *socket_sub_state_to_string(Unit *u) {
10a94420
LP		 2149 assert(u);
2150
a16e1123 2151 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 2152}
2153
67419600
OS		 2154const char* socket_port_type_to_string(SocketPort *p) {
2155
2156 assert(p);
2157
2158 switch (p->type) {
718db961
LP		 2159
2160 case SOCKET_SOCKET:
2161
2162 switch (p->address.type) {
2163
2164 case SOCK_STREAM:
2165 return "Stream";
2166
2167 case SOCK_DGRAM:
2168 return "Datagram";
2169
2170 case SOCK_SEQPACKET:
2171 return "SequentialPacket";
2172
2173 case SOCK_RAW:
2174 if (socket_address_family(&p->address) == AF_NETLINK)
2175 return "Netlink";
2176
2177 default:
2178 return NULL;
2179 }
2180
2181 case SOCKET_SPECIAL:
2182 return "Special";
2183
2184 case SOCKET_MQUEUE:
2185 return "MessageQueue";
2186
2187 case SOCKET_FIFO:
2188 return "FIFO";
2189
2190 default:
2191 return NULL;
67419600
OS		 2192 }
2193}
2194
44a6b1b6 2195_pure_ static bool socket_check_gc(Unit *u) {
6cf6bbc2
LP		 2196 Socket *s = SOCKET(u);
2197
2198 assert(u);
2199
2200 return s->n_connections > 0;
2201}
2202
718db961
LP		 2203static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2204 SocketPort *p = userdata;
4f2d528d 2205 int cfd = -1;
9152c765 2206
718db961 2207 assert(p);
8d567588 2208 assert(fd >= 0);
9152c765 2209
718db961
LP		 2210 if (p->socket->state != SOCKET_LISTENING)
2211 return 0;
871d7de4 2212
718db961 2213 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
9152c765 2214
718db961 2215 if (revents != EPOLLIN) {
641e01dc 2216
718db961 2217 if (revents & EPOLLHUP)
e821075a 2218 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
718db961 2219 UNIT(p->socket)->id);
641e01dc 2220 else
e821075a 2221 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
718db961 2222 UNIT(p->socket)->id, revents);
641e01dc 2223
8d567588 2224 goto fail;
4f2d528d
LP		 2225 }
2226
718db961
LP		 2227 if (p->socket->accept &&
2228 p->type == SOCKET_SOCKET &&
2229 socket_address_can_accept(&p->address)) {
2230
4f2d528d
LP		 2231 for (;;) {
2232
b14eda96
LP		 2233 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2234 if (cfd < 0) {
4f2d528d
LP		 2235
2236 if (errno == EINTR)
2237 continue;
2238
718db961 2239 log_error_unit(UNIT(p->socket)->id,
66870f90 2240 "Failed to accept socket: %m");
8d567588 2241 goto fail;
4f2d528d
LP		 2242 }
2243
2244 break;
2245 }
4fd5948e 2246
718db961 2247 socket_apply_socket_options(p->socket, cfd);
4f2d528d 2248 }
9152c765 2249
718db961
LP		 2250 socket_enter_running(p->socket, cfd);
2251 return 0;
8d567588
LP		 2252
2253fail:
718db961
LP		 2254 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2255 return 0;
9152c765
LP		 2256}
2257
87f0e418
LP		 2258static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2259 Socket *s = SOCKET(u);
cfc4eb4c 2260 SocketResult f;
5cb5a6ff
LP		 2261
2262 assert(s);
034c6ed7 2263 assert(pid >= 0);
5cb5a6ff 2264
8c47c732
LP		 2265 if (pid != s->control_pid)
2266 return;
542563ba 2267
034c6ed7
LP		 2268 s->control_pid = 0;
2269
96342de6 2270 if (is_clean_exit(code, status, NULL))
cfc4eb4c
LP		 2271 f = SOCKET_SUCCESS;
2272 else if (code == CLD_EXITED)
2273 f = SOCKET_FAILURE_EXIT_CODE;
2274 else if (code == CLD_KILLED)
2275 f = SOCKET_FAILURE_SIGNAL;
2276 else if (code == CLD_DUMPED)
2277 f = SOCKET_FAILURE_CORE_DUMP;
2278 else
a4152e3f 2279 assert_not_reached("Unknown sigchld code");
8c47c732 2280
b708e7ce 2281 if (s->control_command) {
6ea832a2 2282 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 2283
b708e7ce 2284 if (s->control_command->ignore)
cfc4eb4c 2285 f = SOCKET_SUCCESS;
b708e7ce
LP		 2286 }
2287
66870f90
ZJS		 2288 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2289 u->id,
2290 "%s control process exited, code=%s status=%i",
2291 u->id, sigchld_code_to_string(code), status);
034c6ed7 2292
cfc4eb4c
LP		 2293 if (f != SOCKET_SUCCESS)
2294 s->result = f;
2295
2296 if (s->control_command &&
2297 s->control_command->command_next &&
2298 f == SOCKET_SUCCESS) {
2299
66870f90
ZJS		 2300 log_debug_unit(u->id,
2301 "%s running next command for state %s",
2302 u->id, socket_state_to_string(s->state));
cfc4eb4c 2303 socket_run_next(s);
acbb0225 2304 } else {
a16e1123
LP		 2305 s->control_command = NULL;
2306 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2307
034c6ed7
LP		 2308 /* No further commands for this step, so let's figure
2309 * out what to do next */
5cb5a6ff 2310
66870f90
ZJS		 2311 log_debug_unit(u->id,
2312 "%s got final SIGCHLD for state %s",
2313 u->id, socket_state_to_string(s->state));
acbb0225 2314
034c6ed7
LP		 2315 switch (s->state) {
2316
2317 case SOCKET_START_PRE:
cfc4eb4c 2318 if (f == SOCKET_SUCCESS)
3900e5fd 2319 socket_enter_start_chown(s);
034c6ed7 2320 else
cfc4eb4c 2321 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 2322 break;
2323
3900e5fd
LP		 2324 case SOCKET_START_CHOWN:
2325 if (f == SOCKET_SUCCESS)
2326 socket_enter_start_post(s);
2327 else
2328 socket_enter_stop_pre(s, f);
2329 break;
2330
034c6ed7 2331 case SOCKET_START_POST:
cfc4eb4c 2332 if (f == SOCKET_SUCCESS)
e9af15c3 2333 socket_enter_listening(s);
034c6ed7 2334 else
cfc4eb4c 2335 socket_enter_stop_pre(s, f);
034c6ed7
LP		 2336 break;
2337
2338 case SOCKET_STOP_PRE:
2339 case SOCKET_STOP_PRE_SIGTERM:
2340 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 2341 socket_enter_stop_post(s, f);
034c6ed7
LP		 2342 break;
2343
2344 case SOCKET_STOP_POST:
80876c20
LP		 2345 case SOCKET_FINAL_SIGTERM:
2346 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 2347 socket_enter_dead(s, f);
034c6ed7
LP		 2348 break;
2349
2350 default:
2351 assert_not_reached("Uh, control process died at wrong time.");
2352 }
2353 }
c4e2ceae
LP		 2354
2355 /* Notify clients about changed exit status */
2356 unit_add_to_dbus_queue(u);
034c6ed7 2357}
5cb5a6ff 2358
718db961
LP		 2359static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2360 Socket *s = SOCKET(userdata);
5cb5a6ff 2361
034c6ed7 2362 assert(s);
718db961 2363 assert(s->timer_event_source == source);
034c6ed7
LP		 2364
2365 switch (s->state) {
2366
2367 case SOCKET_START_PRE:
3900e5fd 2368 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2369 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 2370 break;
80876c20 2371
3900e5fd 2372 case SOCKET_START_CHOWN:
034c6ed7 2373 case SOCKET_START_POST:
3900e5fd 2374 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
cfc4eb4c 2375 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2376 break;
2377
2378 case SOCKET_STOP_PRE:
3900e5fd 2379 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
cfc4eb4c 2380 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2381 break;
2382
2383 case SOCKET_STOP_PRE_SIGTERM:
4819ff03 2384 if (s->kill_context.send_sigkill) {
3900e5fd 2385 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
cfc4eb4c 2386 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2387 } else {
3900e5fd 2388 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2389 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2390 }
034c6ed7
LP		 2391 break;
2392
2393 case SOCKET_STOP_PRE_SIGKILL:
3900e5fd 2394 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2395 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2396 break;
2397
2398 case SOCKET_STOP_POST:
3900e5fd 2399 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
cfc4eb4c 2400 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2401 break;
2402
80876c20 2403 case SOCKET_FINAL_SIGTERM:
4819ff03 2404 if (s->kill_context.send_sigkill) {
3900e5fd 2405 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
cfc4eb4c 2406 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2407 } else {
3900e5fd 2408 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
cfc4eb4c 2409 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2410 }
034c6ed7
LP		 2411 break;
2412
80876c20 2413 case SOCKET_FINAL_SIGKILL:
3900e5fd 2414 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
cfc4eb4c 2415 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2416 break;
2417
2418 default:
2419 assert_not_reached("Timeout at wrong time.");
2420 }
718db961
LP		 2421
2422 return 0;
5cb5a6ff
LP		 2423}
2424
44d8db9e
LP		 2425int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2426 int *rfds;
2427 unsigned rn_fds, k;
2428 SocketPort *p;
2429
2430 assert(s);
2431 assert(fds);
2432 assert(n_fds);
2433
2434 /* Called from the service code for requesting our fds */
2435
2436 rn_fds = 0;
2437 LIST_FOREACH(port, p, s->ports)
2438 if (p->fd >= 0)
2439 rn_fds++;
2440
de3756ab
LP		 2441 if (rn_fds <= 0) {
2442 *fds = NULL;
2443 *n_fds = 0;
2444 return 0;
2445 }
2446
e364ad06 2447 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2448 return -ENOMEM;
2449
2450 k = 0;
2451 LIST_FOREACH(port, p, s->ports)
2452 if (p->fd >= 0)
2453 rfds[k++] = p->fd;
2454
2455 assert(k == rn_fds);
2456
2457 *fds = rfds;
2458 *n_fds = rn_fds;
2459
2460 return 0;
2461}
2462
e821075a
LP		 2463static void socket_reset_failed(Unit *u) {
2464 Socket *s = SOCKET(u);
2465
2466 assert(s);
2467
2468 if (s->state == SOCKET_FAILED)
2469 socket_set_state(s, SOCKET_DEAD);
2470
2471 s->result = SOCKET_SUCCESS;
2472}
2473
d137a488 2474static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2475 assert(s);
2476
6cf6bbc2
LP		 2477 /* The service is dead. Dang!
2478 *
2479 * This is strictly for one-instance-for-all-connections
2480 * services. */
ceee3d82
LP		 2481
2482 if (s->state == SOCKET_RUNNING) {
e821075a 2483 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
6bda96a0
LP		 2484 if (failed_permanent)
2485 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2486 else
2487 socket_enter_listening(s);
ceee3d82
LP		 2488 }
2489}
2490
6cf6bbc2
LP		 2491void socket_connection_unref(Socket *s) {
2492 assert(s);
2493
2494 /* The service is dead. Yay!
2495 *
35b8ca3a 2496 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2497 * services. */
2498
2499 assert(s->n_connections > 0);
2500 s->n_connections--;
2501
e821075a 2502 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
5632e374
LP		 2503}
2504
d137a488
UTL		 2505static void socket_trigger_notify(Unit *u, Unit *other) {
2506 Socket *s = SOCKET(u);
e821075a 2507 Service *se;
d137a488
UTL		 2508
2509 assert(u);
2510 assert(other);
2511
2512 /* Don't propagate state changes from the service if we are
2513 already down or accepting connections */
2514 if ((s->state != SOCKET_RUNNING &&
2515 s->state != SOCKET_LISTENING) ||
2516 s->accept)
2517 return;
2518
2519 if (other->load_state != UNIT_LOADED ||
2520 other->type != UNIT_SERVICE)
2521 return;
2522
e821075a
LP		 2523 se = SERVICE(other);
2524
d137a488
UTL		 2525 if (se->state == SERVICE_FAILED)
2526 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2527
2528 if (se->state == SERVICE_DEAD ||
2529 se->state == SERVICE_STOP ||
2530 se->state == SERVICE_STOP_SIGTERM ||
2531 se->state == SERVICE_STOP_SIGKILL ||
2532 se->state == SERVICE_STOP_POST ||
2533 se->state == SERVICE_FINAL_SIGTERM ||
2534 se->state == SERVICE_FINAL_SIGKILL ||
2535 se->state == SERVICE_AUTO_RESTART)
2536 socket_notify_service_dead(s, false);
2537
2538 if (se->state == SERVICE_RUNNING)
2539 socket_set_state(s, SOCKET_RUNNING);
2540}
2541
718db961 2542static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
814cc562 2543 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
8a0867d6
LP		 2544}
2545
68db7a3b
ZJS		 2546static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2547 Socket *s = SOCKET(u);
2548 int r;
2549
2550 if (!s->timer_event_source)
2551 return 0;
2552
2553 r = sd_event_source_get_time(s->timer_event_source, timeout);
2554 if (r < 0)
2555 return r;
2556
2557 return 1;
2558}
2559
a16e1123
LP		 2560static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2561 [SOCKET_DEAD] = "dead",
2562 [SOCKET_START_PRE] = "start-pre",
3900e5fd 2563 [SOCKET_START_CHOWN] = "start-chown",
a16e1123
LP		 2564 [SOCKET_START_POST] = "start-post",
2565 [SOCKET_LISTENING] = "listening",
2566 [SOCKET_RUNNING] = "running",
2567 [SOCKET_STOP_PRE] = "stop-pre",
2568 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2569 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2570 [SOCKET_STOP_POST] = "stop-post",
2571 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2572 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2573 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2574};
2575
2576DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2577
2578static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2579 [SOCKET_EXEC_START_PRE] = "StartPre",
3900e5fd 2580 [SOCKET_EXEC_START_CHOWN] = "StartChown",
a16e1123
LP		 2581 [SOCKET_EXEC_START_POST] = "StartPost",
2582 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2583 [SOCKET_EXEC_STOP_POST] = "StopPost"
2584};
2585
2586DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2587
cfc4eb4c
LP		 2588static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2589 [SOCKET_SUCCESS] = "success",
2590 [SOCKET_FAILURE_RESOURCES] = "resources",
2591 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2592 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2593 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2594 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2595 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2596};
2597
2598DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2599
87f0e418 2600const UnitVTable socket_vtable = {
7d17cfbc 2601 .object_size = sizeof(Socket),
718db961
LP		 2602 .exec_context_offset = offsetof(Socket, exec_context),
2603 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2604 .kill_context_offset = offsetof(Socket, kill_context),
613b411c 2605 .exec_runtime_offset = offsetof(Socket, exec_runtime),
3ef63c31 2606
f975e971
LP		 2607 .sections =
2608 "Unit\0"
2609 "Socket\0"
2610 "Install\0",
4ad49000 2611 .private_section = "Socket",
71645aca 2612
034c6ed7
LP		 2613 .init = socket_init,
2614 .done = socket_done,
a16e1123
LP		 2615 .load = socket_load,
2616
2617 .coldplug = socket_coldplug,
034c6ed7 2618
5cb5a6ff
LP		 2619 .dump = socket_dump,
2620
542563ba
LP		 2621 .start = socket_start,
2622 .stop = socket_stop,
5cb5a6ff 2623
718db961
LP		 2624 .kill = socket_kill,
2625
68db7a3b
ZJS		 2626 .get_timeout = socket_get_timeout,
2627
a16e1123
LP		 2628 .serialize = socket_serialize,
2629 .deserialize_item = socket_deserialize_item,
01e10de3 2630 .distribute_fds = socket_distribute_fds,
a16e1123 2631
5cb5a6ff 2632 .active_state = socket_active_state,
10a94420 2633 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2634
6cf6bbc2
LP		 2635 .check_gc = socket_check_gc,
2636
034c6ed7 2637 .sigchld_event = socket_sigchld_event,
4139c1b2 2638
d137a488
UTL		 2639 .trigger_notify = socket_trigger_notify,
2640
fdf20a31 2641 .reset_failed = socket_reset_failed,
5632e374 2642
c4e2ceae 2643 .bus_interface = "org.freedesktop.systemd1.Socket",
718db961 2644 .bus_vtable = bus_socket_vtable,
74c964d3
LP		 2645 .bus_set_property = bus_socket_set_property,
2646 .bus_commit_properties = bus_socket_commit_properties,
c6918296
MS		 2647
2648 .status_message_formats = {
2649 /*.starting_stopping = {
2650 [0] = "Starting socket %s...",
2651 [1] = "Stopping socket %s...",
2652 },*/
2653 .finished_start_job = {
2654 [JOB_DONE] = "Listening on %s.",
2655 [JOB_FAILED] = "Failed to listen on %s.",
2656 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2657 [JOB_TIMEOUT] = "Timed out starting %s.",
2658 },
2659 .finished_stop_job = {
2660 [JOB_DONE] = "Closed %s.",
2661 [JOB_FAILED] = "Failed stopping %s.",
2662 [JOB_TIMEOUT] = "Timed out stopping %s.",
2663 },
2664 },
5cb5a6ff 2665};
Unnamed repository; edit this file 'description' to name the repository.