]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/core/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
unit: introduce %s specifier for the user shell
[thirdparty/systemd.git] / src / core / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
a7334b09
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
a7334b09 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
a7334b09
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
916abb21 30#include <mqueue.h>
83c60c9f 31
87f0e418 32#include "unit.h"
5cb5a6ff 33#include "socket.h"
cebf8b20 34#include "netinet/tcp.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
49e942b2 39#include "mkdir.h"
9eb977db 40#include "path-util.h"
4f2d528d 41#include "unit-name.h"
4139c1b2 42#include "dbus-socket.h"
4fd5948e 43#include "missing.h"
a40eb732 44#include "special.h"
398ef8ba 45#include "bus-errors.h"
e51bc1a2 46#include "label.h"
9a57c629 47#include "exit-status.h"
f6a6225e 48#include "def.h"
83c60c9f 49
acbb0225 50static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 51 [SOCKET_DEAD] = UNIT_INACTIVE,
52 [SOCKET_START_PRE] = UNIT_ACTIVATING,
53 [SOCKET_START_POST] = UNIT_ACTIVATING,
54 [SOCKET_LISTENING] = UNIT_ACTIVE,
55 [SOCKET_RUNNING] = UNIT_ACTIVE,
56 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
57 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
58 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
59 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 60 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
61 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 62 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 63};
5cb5a6ff 64
a16e1123
LP		 65static void socket_init(Unit *u) {
66 Socket *s = SOCKET(u);
67
68 assert(u);
ac155bb8 69 assert(u->load_state == UNIT_STUB);
a16e1123 70
a16e1123
LP		 71 s->backlog = SOMAXCONN;
72 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
73 s->directory_mode = 0755;
9131f660 74 s->socket_mode = 0666;
a16e1123 75
6cf6bbc2
LP		 76 s->max_connections = 64;
77
4fd5948e 78 s->priority = -1;
4fd5948e
LP		 79 s->ip_tos = -1;
80 s->ip_ttl = -1;
4fd5948e 81 s->mark = -1;
4fd5948e 82
a16e1123 83 exec_context_init(&s->exec_context);
ac155bb8
MS		 84 s->exec_context.std_output = u->manager->default_std_output;
85 s->exec_context.std_error = u->manager->default_std_error;
a16e1123
LP		 86
87 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
88}
acbb0225 89
5e94833f
LP		 90static void socket_unwatch_control_pid(Socket *s) {
91 assert(s);
92
93 if (s->control_pid <= 0)
94 return;
95
96 unit_unwatch_pid(UNIT(s), s->control_pid);
97 s->control_pid = 0;
98}
99
87f0e418
LP		 100static void socket_done(Unit *u) {
101 Socket *s = SOCKET(u);
034c6ed7
LP		 102 SocketPort *p;
103
104 assert(s);
105
106 while ((p = s->ports)) {
107 LIST_REMOVE(SocketPort, port, s->ports, p);
108
a16e1123
LP		 109 if (p->fd >= 0) {
110 unit_unwatch_fd(UNIT(s), &p->fd_watch);
111 close_nointr_nofail(p->fd);
112 }
113
034c6ed7
LP		 114 free(p->path);
115 free(p);
116 }
117
118 exec_context_done(&s->exec_context);
e537352b 119 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 120 s->control_command = NULL;
121
5e94833f 122 socket_unwatch_control_pid(s);
034c6ed7 123
57020a3a 124 unit_ref_unset(&s->service);
034c6ed7 125
cebf8b20
TT		 126 free(s->tcp_congestion);
127 s->tcp_congestion = NULL;
128
acbb0225 129 free(s->bind_to_device);
e537352b 130 s->bind_to_device = NULL;
acbb0225
LP		 131
132 unit_unwatch_timer(u, &s->timer_watch);
5cb5a6ff
LP		 133}
134
b15bdda8
LP		 135static int socket_instantiate_service(Socket *s) {
136 char *prefix, *name;
137 int r;
138 Unit *u;
139
140 assert(s);
141
142 /* This fills in s->service if it isn't filled in yet. For
143 * Accept=yes sockets we create the next connection service
144 * here. For Accept=no this is mostly a NOP since the service
145 * is figured out at load time anyway. */
146
57020a3a 147 if (UNIT_DEREF(s->service))
b15bdda8
LP		 148 return 0;
149
150 assert(s->accept);
151
1124fe6f 152 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
b15bdda8
LP		 153 return -ENOMEM;
154
155 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
156 free(prefix);
157
158 if (r < 0)
159 return -ENOMEM;
160
1124fe6f 161 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 162 free(name);
163
164 if (r < 0)
165 return r;
166
7b4bf06b 167#ifdef HAVE_SYSV_COMPAT
1b64d026 168 if (SERVICE(u)->is_sysv) {
7b4bf06b
LP		 169 log_error("Using SysV services for socket activation is not supported. Refusing.");
170 return -ENOENT;
171 }
172#endif
173
ac155bb8 174 u->no_gc = true;
57020a3a
LP		 175 unit_ref_set(&s->service, u);
176
177 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 178}
179
4f2d528d
LP		 180static bool have_non_accept_socket(Socket *s) {
181 SocketPort *p;
182
183 assert(s);
184
185 if (!s->accept)
186 return true;
187
dd5ad9d4
LP		 188 LIST_FOREACH(port, p, s->ports) {
189
190 if (p->type != SOCKET_SOCKET)
191 return true;
192
4f2d528d
LP		 193 if (!socket_address_can_accept(&p->address))
194 return true;
dd5ad9d4 195 }
4f2d528d
LP		 196
197 return false;
198}
199
200static int socket_verify(Socket *s) {
201 assert(s);
202
1124fe6f 203 if (UNIT(s)->load_state != UNIT_LOADED)
4f2d528d
LP		 204 return 0;
205
206 if (!s->ports) {
1124fe6f 207 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
4f2d528d
LP		 208 return -EINVAL;
209 }
210
0009d2a6 211 if (s->accept && have_non_accept_socket(s)) {
1124fe6f 212 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
0009d2a6
LP		 213 return -EINVAL;
214 }
215
6cf6bbc2 216 if (s->accept && s->max_connections <= 0) {
1124fe6f 217 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
4d0e5dbd
LP		 218 return -EINVAL;
219 }
220
57020a3a 221 if (s->accept && UNIT_DEREF(s->service)) {
1124fe6f 222 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
d9ff321a
LP		 223 return -EINVAL;
224 }
225
2e22afe9 226 if (s->exec_context.pam_name && s->exec_context.kill_mode != KILL_CONTROL_GROUP) {
1124fe6f 227 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
6cf6bbc2
LP		 228 return -EINVAL;
229 }
230
4f2d528d
LP		 231 return 0;
232}
233
6e2ef85b
LP		 234static bool socket_needs_mount(Socket *s, const char *prefix) {
235 SocketPort *p;
236
237 assert(s);
238
239 LIST_FOREACH(port, p, s->ports) {
240
241 if (p->type == SOCKET_SOCKET) {
242 if (socket_address_needs_mount(&p->address, prefix))
243 return true;
916abb21 244 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
6e2ef85b
LP		 245 if (path_startswith(p->path, prefix))
246 return true;
247 }
248 }
249
250 return false;
251}
252
253int socket_add_one_mount_link(Socket *s, Mount *m) {
254 int r;
255
256 assert(s);
257 assert(m);
258
1124fe6f
MS		 259 if (UNIT(s)->load_state != UNIT_LOADED ||
260 UNIT(m)->load_state != UNIT_LOADED)
6e2ef85b
LP		 261 return 0;
262
263 if (!socket_needs_mount(s, m->where))
264 return 0;
265
2c966c03 266 if ((r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true)) < 0)
6e2ef85b
LP		 267 return r;
268
269 return 0;
270}
271
272static int socket_add_mount_links(Socket *s) {
ac155bb8 273 Unit *other;
6e2ef85b
LP		 274 int r;
275
276 assert(s);
277
1124fe6f 278 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT])
595ed347 279 if ((r = socket_add_one_mount_link(s, MOUNT(other))) < 0)
6e2ef85b
LP		 280 return r;
281
282 return 0;
283}
284
285static int socket_add_device_link(Socket *s) {
286 char *t;
287 int r;
288
289 assert(s);
290
291 if (!s->bind_to_device)
292 return 0;
293
294 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
295 return -ENOMEM;
296
297 r = unit_add_node_link(UNIT(s), t, false);
298 free(t);
299
300 return r;
301}
302
a40eb732
LP		 303static int socket_add_default_dependencies(Socket *s) {
304 int r;
305 assert(s);
306
1124fe6f 307 if (UNIT(s)->manager->running_as == MANAGER_SYSTEM) {
2a77d31d
LP		 308 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
309 return r;
310
a40eb732
LP		 311 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
312 return r;
2a77d31d 313 }
a40eb732 314
ead8e478 315 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 316}
317
4cfc6dbe
LP		 318static bool socket_has_exec(Socket *s) {
319 unsigned i;
320 assert(s);
321
322 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
323 if (s->exec_command[i])
324 return true;
325
326 return false;
327}
328
e537352b
LP		 329static int socket_load(Unit *u) {
330 Socket *s = SOCKET(u);
331 int r;
44d8db9e 332
e537352b 333 assert(u);
ac155bb8 334 assert(u->load_state == UNIT_STUB);
44d8db9e 335
e537352b 336 if ((r = unit_load_fragment_and_dropin(u)) < 0)
23a177ef 337 return r;
44d8db9e 338
23a177ef 339 /* This is a new unit? Then let's add in some extras */
ac155bb8 340 if (u->load_state == UNIT_LOADED) {
44d8db9e 341
4f2d528d 342 if (have_non_accept_socket(s)) {
d9ff321a 343
57020a3a
LP		 344 if (!UNIT_DEREF(s->service)) {
345 Unit *x;
346
347 r = unit_load_related_unit(u, ".service", &x);
348 if (r < 0)
d9ff321a 349 return r;
23a177ef 350
57020a3a
LP		 351 unit_ref_set(&s->service, x);
352 }
353
354 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
355 if (r < 0)
4f2d528d
LP		 356 return r;
357 }
44d8db9e 358
6e2ef85b
LP		 359 if ((r = socket_add_mount_links(s)) < 0)
360 return r;
361
362 if ((r = socket_add_device_link(s)) < 0)
363 return r;
364
4cfc6dbe
LP		 365 if (socket_has_exec(s))
366 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
367 return r;
23a177ef 368
d686d8a9 369 if ((r = unit_add_default_cgroups(u)) < 0)
23a177ef 370 return r;
a40eb732 371
1124fe6f 372 if (UNIT(s)->default_dependencies)
a40eb732
LP		 373 if ((r = socket_add_default_dependencies(s)) < 0)
374 return r;
23a177ef
LP		 375 }
376
4f2d528d 377 return socket_verify(s);
44d8db9e
LP		 378}
379
7a22745a
LP		 380static const char* listen_lookup(int family, int type) {
381
382 if (family == AF_NETLINK)
383 return "ListenNetlink";
542563ba
LP		 384
385 if (type == SOCK_STREAM)
386 return "ListenStream";
387 else if (type == SOCK_DGRAM)
388 return "ListenDatagram";
389 else if (type == SOCK_SEQPACKET)
390 return "ListenSequentialPacket";
391
034c6ed7 392 assert_not_reached("Unknown socket type");
542563ba
LP		 393 return NULL;
394}
395
87f0e418 396static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 397
5cb5a6ff 398 SocketExecCommand c;
87f0e418 399 Socket *s = SOCKET(u);
542563ba 400 SocketPort *p;
82ba9f08
LP		 401 const char *prefix2;
402 char *p2;
5cb5a6ff
LP		 403
404 assert(s);
fa068367 405 assert(f);
5cb5a6ff 406
82ba9f08
LP		 407 p2 = strappend(prefix, "\t");
408 prefix2 = p2 ? p2 : prefix;
c43d20a0 409
5cb5a6ff
LP		 410 fprintf(f,
411 "%sSocket State: %s\n"
81a5c6d0 412 "%sResult: %s\n"
542563ba 413 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 414 "%sBacklog: %u\n"
415 "%sSocketMode: %04o\n"
4fd5948e
LP		 416 "%sDirectoryMode: %04o\n"
417 "%sKeepAlive: %s\n"
cebf8b20 418 "%sFreeBind: %s\n"
6b6d2dee 419 "%sTransparent: %s\n"
ec6370a2 420 "%sBroadcast: %s\n"
ede3deb4 421 "%sPassCredentials: %s\n"
54ecda32 422 "%sPassSecurity: %s\n"
cebf8b20 423 "%sTCPCongestion: %s\n",
a16e1123 424 prefix, socket_state_to_string(s->state),
81a5c6d0 425 prefix, socket_result_to_string(s->result),
c0120d99 426 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 427 prefix, s->backlog,
428 prefix, s->socket_mode,
4fd5948e
LP		 429 prefix, s->directory_mode,
430 prefix, yes_no(s->keep_alive),
cebf8b20 431 prefix, yes_no(s->free_bind),
6b6d2dee 432 prefix, yes_no(s->transparent),
ec6370a2 433 prefix, yes_no(s->broadcast),
d68af586 434 prefix, yes_no(s->pass_cred),
54ecda32 435 prefix, yes_no(s->pass_sec),
83a95334 436 prefix, strna(s->tcp_congestion));
542563ba 437
70123e68
LP		 438 if (s->control_pid > 0)
439 fprintf(f,
bb00e604
LP		 440 "%sControl PID: %lu\n",
441 prefix, (unsigned long) s->control_pid);
70123e68 442
acbb0225
LP		 443 if (s->bind_to_device)
444 fprintf(f,
445 "%sBindToDevice: %s\n",
446 prefix, s->bind_to_device);
447
4f2d528d
LP		 448 if (s->accept)
449 fprintf(f,
6cf6bbc2
LP		 450 "%sAccepted: %u\n"
451 "%sNConnections: %u\n"
452 "%sMaxConnections: %u\n",
453 prefix, s->n_accepted,
454 prefix, s->n_connections,
455 prefix, s->max_connections);
4f2d528d 456
4fd5948e
LP		 457 if (s->priority >= 0)
458 fprintf(f,
459 "%sPriority: %i\n",
460 prefix, s->priority);
461
462 if (s->receive_buffer > 0)
463 fprintf(f,
464 "%sReceiveBuffer: %zu\n",
465 prefix, s->receive_buffer);
466
467 if (s->send_buffer > 0)
468 fprintf(f,
469 "%sSendBuffer: %zu\n",
470 prefix, s->send_buffer);
471
472 if (s->ip_tos >= 0)
473 fprintf(f,
474 "%sIPTOS: %i\n",
475 prefix, s->ip_tos);
476
477 if (s->ip_ttl >= 0)
478 fprintf(f,
479 "%sIPTTL: %i\n",
480 prefix, s->ip_ttl);
481
482 if (s->pipe_size > 0)
483 fprintf(f,
484 "%sPipeSize: %zu\n",
485 prefix, s->pipe_size);
486
487 if (s->mark >= 0)
488 fprintf(f,
489 "%sMark: %i\n",
490 prefix, s->mark);
491
916abb21
LP		 492 if (s->mq_maxmsg > 0)
493 fprintf(f,
494 "%sMessageQueueMaxMessages: %li\n",
495 prefix, s->mq_maxmsg);
496
497 if (s->mq_msgsize > 0)
498 fprintf(f,
499 "%sMessageQueueMessageSize: %li\n",
500 prefix, s->mq_msgsize);
501
034c6ed7 502 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 503
542563ba
LP		 504 if (p->type == SOCKET_SOCKET) {
505 const char *t;
506 int r;
e364ad06 507 char *k = NULL;
542563ba
LP		 508
509 if ((r = socket_address_print(&p->address, &k)) < 0)
510 t = strerror(-r);
511 else
512 t = k;
513
7a22745a 514 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 515 free(k);
b0a3f2bc
LP		 516 } else if (p->type == SOCKET_SPECIAL)
517 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 518 else if (p->type == SOCKET_MQUEUE)
519 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 520 else
542563ba
LP		 521 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
522 }
5cb5a6ff
LP		 523
524 exec_context_dump(&s->exec_context, f, prefix);
525
e537352b 526 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 527 if (!s->exec_command[c])
528 continue;
5cb5a6ff 529
40d50879 530 fprintf(f, "%s-> %s:\n",
a16e1123 531 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 532
533 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff 534 }
c43d20a0 535
82ba9f08 536 free(p2);
5cb5a6ff
LP		 537}
538
4f2d528d
LP		 539static int instance_from_socket(int fd, unsigned nr, char **instance) {
540 socklen_t l;
541 char *r;
542 union {
543 struct sockaddr sa;
544 struct sockaddr_un un;
545 struct sockaddr_in in;
546 struct sockaddr_in6 in6;
547 struct sockaddr_storage storage;
548 } local, remote;
549
550 assert(fd >= 0);
551 assert(instance);
552
553 l = sizeof(local);
554 if (getsockname(fd, &local.sa, &l) < 0)
555 return -errno;
556
557 l = sizeof(remote);
558 if (getpeername(fd, &remote.sa, &l) < 0)
559 return -errno;
560
561 switch (local.sa.sa_family) {
562
563 case AF_INET: {
564 uint32_t
565 a = ntohl(local.in.sin_addr.s_addr),
566 b = ntohl(remote.in.sin_addr.s_addr);
567
568 if (asprintf(&r,
77b088c2
LP		 569 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
570 nr,
4f2d528d
LP		 571 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
572 ntohs(local.in.sin_port),
573 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
574 ntohs(remote.in.sin_port)) < 0)
575 return -ENOMEM;
576
577 break;
578 }
579
580 case AF_INET6: {
2b061f5a
LP		 581 static const char ipv4_prefix[] = {
582 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
583 };
584
585 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
586 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
587 const uint8_t
588 *a = local.in6.sin6_addr.s6_addr+12,
589 *b = remote.in6.sin6_addr.s6_addr+12;
590
591 if (asprintf(&r,
77b088c2
LP		 592 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
593 nr,
2b061f5a
LP		 594 a[0], a[1], a[2], a[3],
595 ntohs(local.in6.sin6_port),
596 b[0], b[1], b[2], b[3],
597 ntohs(remote.in6.sin6_port)) < 0)
598 return -ENOMEM;
599 } else {
600 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
601
602 if (asprintf(&r,
77b088c2
LP		 603 "%u-%s:%u-%s:%u",
604 nr,
2b061f5a
LP		 605 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
606 ntohs(local.in6.sin6_port),
607 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
608 ntohs(remote.in6.sin6_port)) < 0)
609 return -ENOMEM;
610 }
4f2d528d
LP		 611
612 break;
613 }
614
615 case AF_UNIX: {
616 struct ucred ucred;
617
618 l = sizeof(ucred);
619 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
620 return -errno;
621
622 if (asprintf(&r,
bb00e604 623 "%u-%lu-%lu",
4f2d528d 624 nr,
bb00e604
LP		 625 (unsigned long) ucred.pid,
626 (unsigned long) ucred.uid) < 0)
4f2d528d
LP		 627 return -ENOMEM;
628
629 break;
630 }
631
632 default:
633 assert_not_reached("Unhandled socket type.");
634 }
635
636 *instance = r;
637 return 0;
638}
639
034c6ed7 640static void socket_close_fds(Socket *s) {
83c60c9f
LP		 641 SocketPort *p;
642
643 assert(s);
644
034c6ed7 645 LIST_FOREACH(port, p, s->ports) {
83c60c9f
LP		 646 if (p->fd < 0)
647 continue;
648
acbb0225 649 unit_unwatch_fd(UNIT(s), &p->fd_watch);
a16e1123
LP		 650 close_nointr_nofail(p->fd);
651
652 /* One little note: we should never delete any sockets
653 * in the file system here! After all some other
654 * process we spawned might still have a reference of
655 * this fd and wants to continue to use it. Therefore
656 * we delete sockets in the file system before we
657 * create a new one, not after we stopped using
658 * one! */
9152c765 659
83c60c9f
LP		 660 p->fd = -1;
661 }
662}
663
4fd5948e
LP		 664static void socket_apply_socket_options(Socket *s, int fd) {
665 assert(s);
666 assert(fd >= 0);
667
668 if (s->keep_alive) {
669 int b = s->keep_alive;
670 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
671 log_warning("SO_KEEPALIVE failed: %m");
672 }
673
ec6370a2
LP		 674 if (s->broadcast) {
675 int one = 1;
676 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
677 log_warning("SO_BROADCAST failed: %m");
678 }
679
d68af586
MS		 680 if (s->pass_cred) {
681 int one = 1;
682 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
683 log_warning("SO_PASSCRED failed: %m");
684 }
685
54ecda32
LP		 686 if (s->pass_sec) {
687 int one = 1;
688 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
689 log_warning("SO_PASSSEC failed: %m");
690 }
691
4fd5948e
LP		 692 if (s->priority >= 0)
693 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
694 log_warning("SO_PRIORITY failed: %m");
695
696 if (s->receive_buffer > 0) {
697 int value = (int) s->receive_buffer;
7d9eaa84
LP		 698
699 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
700
b8cef44e 701 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 702 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
703 log_warning("SO_RCVBUF failed: %m");
4fd5948e
LP		 704 }
705
706 if (s->send_buffer > 0) {
707 int value = (int) s->send_buffer;
b8cef44e 708 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 709 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
710 log_warning("SO_SNDBUF failed: %m");
4fd5948e
LP		 711 }
712
713 if (s->mark >= 0)
714 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
715 log_warning("SO_MARK failed: %m");
716
717 if (s->ip_tos >= 0)
718 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
719 log_warning("IP_TOS failed: %m");
720
46925ac5
LP		 721 if (s->ip_ttl >= 0) {
722 int r, x;
723
724 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 725
726 if (socket_ipv6_is_supported())
727 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
728 else {
729 x = -1;
730 errno = EAFNOSUPPORT;
731 }
46925ac5
LP		 732
733 if (r < 0 && x < 0)
734 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
735 }
cebf8b20
TT		 736
737 if (s->tcp_congestion)
738 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
739 log_warning("TCP_CONGESTION failed: %m");
4fd5948e
LP		 740}
741
b15bdda8 742static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 743 assert(s);
744 assert(fd >= 0);
745
746 if (s->pipe_size > 0)
747 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
748 log_warning("F_SETPIPE_SZ: %m");
749}
750
b15bdda8
LP		 751static int fifo_address_create(
752 const char *path,
753 mode_t directory_mode,
754 mode_t socket_mode,
b15bdda8
LP		 755 int *_fd) {
756
7a58bfa4 757 int fd = -1, r = 0;
b15bdda8
LP		 758 struct stat st;
759 mode_t old_mask;
760
761 assert(path);
762 assert(_fd);
763
d2e54fae 764 mkdir_parents_label(path, directory_mode);
b15bdda8 765
e9a5ef7c
KS		 766 r = label_context_set(path, S_IFIFO);
767 if (r < 0)
56cf987f 768 goto fail;
b15bdda8
LP		 769
770 /* Enforce the right access mode for the fifo */
771 old_mask = umask(~ socket_mode);
772
773 /* Include the original umask in our mask */
774 umask(~socket_mode | old_mask);
775
776 r = mkfifo(path, socket_mode);
777 umask(old_mask);
778
94bc2731 779 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 780 r = -errno;
781 goto fail;
782 }
783
784 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
785 r = -errno;
786 goto fail;
787 }
788
e9a5ef7c 789 label_context_clear();
7a58bfa4 790
b15bdda8
LP		 791 if (fstat(fd, &st) < 0) {
792 r = -errno;
793 goto fail;
794 }
795
796 if (!S_ISFIFO(st.st_mode) ||
de0200fc 797 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
b15bdda8
LP		 798 st.st_uid != getuid() ||
799 st.st_gid != getgid()) {
800
801 r = -EEXIST;
802 goto fail;
803 }
804
805 *_fd = fd;
806 return 0;
807
808fail:
e9a5ef7c 809 label_context_clear();
56cf987f 810
b15bdda8
LP		 811 if (fd >= 0)
812 close_nointr_nofail(fd);
813
814 return r;
815}
816
b0a3f2bc
LP		 817static int special_address_create(
818 const char *path,
819 int *_fd) {
820
821 int fd = -1, r = 0;
822 struct stat st;
823
824 assert(path);
825 assert(_fd);
826
827 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
828 r = -errno;
829 goto fail;
830 }
831
832 if (fstat(fd, &st) < 0) {
833 r = -errno;
834 goto fail;
835 }
836
837 /* Check whether this is a /proc, /sys or /dev file or char device */
838 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
839 r = -EEXIST;
840 goto fail;
841 }
842
843 *_fd = fd;
844 return 0;
845
846fail:
847 if (fd >= 0)
848 close_nointr_nofail(fd);
849
850 return r;
851}
852
916abb21
LP		 853static int mq_address_create(
854 const char *path,
855 mode_t mq_mode,
856 long maxmsg,
857 long msgsize,
858 int *_fd) {
859
860 int fd = -1, r = 0;
861 struct stat st;
862 mode_t old_mask;
863 struct mq_attr _attr, *attr = NULL;
864
865 assert(path);
866 assert(_fd);
867
868 if (maxmsg > 0 && msgsize > 0) {
869 zero(_attr);
870 _attr.mq_flags = O_NONBLOCK;
871 _attr.mq_maxmsg = maxmsg;
872 _attr.mq_msgsize = msgsize;
873 attr = &_attr;
874 }
875
876 /* Enforce the right access mode for the mq */
877 old_mask = umask(~ mq_mode);
878
879 /* Include the original umask in our mask */
880 umask(~mq_mode | old_mask);
881
882 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
883 umask(old_mask);
884
8ea913b2 885 if (fd < 0) {
916abb21
LP		 886 r = -errno;
887 goto fail;
888 }
889
890 if (fstat(fd, &st) < 0) {
891 r = -errno;
892 goto fail;
893 }
894
895 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
896 st.st_uid != getuid() ||
897 st.st_gid != getgid()) {
898
899 r = -EEXIST;
900 goto fail;
901 }
902
903 *_fd = fd;
904 return 0;
905
906fail:
907 if (fd >= 0)
908 close_nointr_nofail(fd);
909
910 return r;
911}
912
034c6ed7 913static int socket_open_fds(Socket *s) {
83c60c9f
LP		 914 SocketPort *p;
915 int r;
56cf987f 916 char *label = NULL;
049f8642 917 bool know_label = false;
83c60c9f
LP		 918
919 assert(s);
920
034c6ed7 921 LIST_FOREACH(port, p, s->ports) {
83c60c9f 922
034c6ed7
LP		 923 if (p->fd >= 0)
924 continue;
83c60c9f
LP		 925
926 if (p->type == SOCKET_SOCKET) {
927
049f8642
LP		 928 if (!know_label) {
929
930 if ((r = socket_instantiate_service(s)) < 0)
931 return r;
932
57020a3a
LP		 933 if (UNIT_DEREF(s->service) &&
934 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
935 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
189583d7
LP		 936
937 if (r < 0) {
a7444eda
LP		 938 if (r != -EPERM)
939 return r;
940 }
189583d7 941 }
049f8642
LP		 942
943 know_label = true;
944 }
945
b5a0699f
LP		 946 if ((r = socket_address_listen(
947 &p->address,
948 s->backlog,
949 s->bind_ipv6_only,
950 s->bind_to_device,
4fd5948e 951 s->free_bind,
6b6d2dee 952 s->transparent,
b5a0699f
LP		 953 s->directory_mode,
954 s->socket_mode,
56cf987f 955 label,
b5a0699f 956 &p->fd)) < 0)
83c60c9f
LP		 957 goto rollback;
958
4fd5948e
LP		 959 socket_apply_socket_options(s, p->fd);
960
b0a3f2bc
LP		 961 } else if (p->type == SOCKET_SPECIAL) {
962
963 if ((r = special_address_create(
964 p->path,
965 &p->fd)) < 0)
966 goto rollback;
967
b15bdda8 968 } else if (p->type == SOCKET_FIFO) {
83c60c9f 969
b15bdda8
LP		 970 if ((r = fifo_address_create(
971 p->path,
972 s->directory_mode,
973 s->socket_mode,
b15bdda8 974 &p->fd)) < 0)
83c60c9f 975 goto rollback;
83c60c9f 976
b15bdda8 977 socket_apply_fifo_options(s, p->fd);
916abb21 978 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 979
916abb21
LP		 980 if ((r = mq_address_create(
981 p->path,
982 s->socket_mode,
983 s->mq_maxmsg,
984 s->mq_msgsize,
985 &p->fd)) < 0)
986 goto rollback;
b15bdda8
LP		 987 } else
988 assert_not_reached("Unknown port type");
034c6ed7
LP		 989 }
990
56cf987f 991 label_free(label);
034c6ed7
LP		 992 return 0;
993
994rollback:
995 socket_close_fds(s);
56cf987f 996 label_free(label);
034c6ed7
LP		 997 return r;
998}
999
1000static void socket_unwatch_fds(Socket *s) {
1001 SocketPort *p;
9152c765 1002
034c6ed7
LP		 1003 assert(s);
1004
1005 LIST_FOREACH(port, p, s->ports) {
1006 if (p->fd < 0)
1007 continue;
1008
acbb0225 1009 unit_unwatch_fd(UNIT(s), &p->fd_watch);
83c60c9f 1010 }
034c6ed7
LP		 1011}
1012
1013static int socket_watch_fds(Socket *s) {
1014 SocketPort *p;
1015 int r;
1016
1017 assert(s);
83c60c9f 1018
034c6ed7
LP		 1019 LIST_FOREACH(port, p, s->ports) {
1020 if (p->fd < 0)
1021 continue;
1022
cabab516 1023 p->fd_watch.socket_accept =
4f2d528d 1024 s->accept &&
dd5ad9d4 1025 p->type == SOCKET_SOCKET &&
4f2d528d
LP		 1026 socket_address_can_accept(&p->address);
1027
f94ea366 1028 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
034c6ed7
LP		 1029 goto fail;
1030 }
83c60c9f 1031
542563ba 1032 return 0;
83c60c9f 1033
034c6ed7
LP		 1034fail:
1035 socket_unwatch_fds(s);
1036 return r;
1037}
1038
1039static void socket_set_state(Socket *s, SocketState state) {
1040 SocketState old_state;
1041 assert(s);
1042
1043 old_state = s->state;
1044 s->state = state;
1045
1046 if (state != SOCKET_START_PRE &&
1047 state != SOCKET_START_POST &&
1048 state != SOCKET_STOP_PRE &&
1049 state != SOCKET_STOP_PRE_SIGTERM &&
1050 state != SOCKET_STOP_PRE_SIGKILL &&
1051 state != SOCKET_STOP_POST &&
80876c20
LP		 1052 state != SOCKET_FINAL_SIGTERM &&
1053 state != SOCKET_FINAL_SIGKILL) {
acbb0225 1054 unit_unwatch_timer(UNIT(s), &s->timer_watch);
5e94833f 1055 socket_unwatch_control_pid(s);
034c6ed7 1056 s->control_command = NULL;
a16e1123 1057 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1058 }
034c6ed7 1059
a16e1123
LP		 1060 if (state != SOCKET_LISTENING)
1061 socket_unwatch_fds(s);
1062
034c6ed7
LP		 1063 if (state != SOCKET_START_POST &&
1064 state != SOCKET_LISTENING &&
1065 state != SOCKET_RUNNING &&
1066 state != SOCKET_STOP_PRE &&
1067 state != SOCKET_STOP_PRE_SIGTERM &&
1068 state != SOCKET_STOP_PRE_SIGKILL)
1069 socket_close_fds(s);
1070
e537352b 1071 if (state != old_state)
40d50879 1072 log_debug("%s changed %s -> %s",
1124fe6f 1073 UNIT(s)->id,
a16e1123
LP		 1074 socket_state_to_string(old_state),
1075 socket_state_to_string(state));
acbb0225 1076
e2f3b44c 1077 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1078}
1079
a16e1123
LP		 1080static int socket_coldplug(Unit *u) {
1081 Socket *s = SOCKET(u);
1082 int r;
1083
1084 assert(s);
1085 assert(s->state == SOCKET_DEAD);
1086
1087 if (s->deserialized_state != s->state) {
1088
1089 if (s->deserialized_state == SOCKET_START_PRE ||
1090 s->deserialized_state == SOCKET_START_POST ||
1091 s->deserialized_state == SOCKET_STOP_PRE ||
1092 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1093 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1094 s->deserialized_state == SOCKET_STOP_POST ||
1095 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1096 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1097
1098 if (s->control_pid <= 0)
1099 return -EBADMSG;
1100
1101 if ((r = unit_watch_pid(UNIT(s), s->control_pid)) < 0)
1102 return r;
1103
1104 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1105 return r;
1106 }
1107
1108 if (s->deserialized_state == SOCKET_START_POST ||
1109 s->deserialized_state == SOCKET_LISTENING ||
1110 s->deserialized_state == SOCKET_RUNNING ||
1111 s->deserialized_state == SOCKET_STOP_PRE ||
1112 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1113 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1114 if ((r = socket_open_fds(s)) < 0)
1115 return r;
1116
1117 if (s->deserialized_state == SOCKET_LISTENING)
1118 if ((r = socket_watch_fds(s)) < 0)
1119 return r;
1120
1121 socket_set_state(s, s->deserialized_state);
1122 }
1123
1124 return 0;
1125}
1126
e537352b 1127static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
034c6ed7
LP		 1128 pid_t pid;
1129 int r;
9e2f7c11 1130 char **argv;
034c6ed7
LP		 1131
1132 assert(s);
1133 assert(c);
1134 assert(_pid);
1135
e537352b
LP		 1136 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1137 goto fail;
034c6ed7 1138
9e2f7c11
LP		 1139 if (!(argv = unit_full_printf_strv(UNIT(s), c->argv))) {
1140 r = -ENOMEM;
1141 goto fail;
1142 }
1143
1144 r = exec_spawn(c,
1145 argv,
1146 &s->exec_context,
1147 NULL, 0,
1124fe6f 1148 UNIT(s)->manager->environment,
9e2f7c11
LP		 1149 true,
1150 true,
1e3ad081 1151 true,
1124fe6f
MS		 1152 UNIT(s)->manager->confirm_spawn,
1153 UNIT(s)->cgroup_bondings,
1154 UNIT(s)->cgroup_attributes,
ecedd90f 1155 NULL,
62bca2c6 1156 UNIT(s)->id,
f2b68789 1157 NULL,
9e2f7c11
LP		 1158 &pid);
1159
1160 strv_free(argv);
1161 if (r < 0)
034c6ed7
LP		 1162 goto fail;
1163
87f0e418 1164 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
034c6ed7
LP		 1165 /* FIXME: we need to do something here */
1166 goto fail;
83c60c9f 1167
034c6ed7
LP		 1168 *_pid = pid;
1169
1170 return 0;
1171
1172fail:
e537352b 1173 unit_unwatch_timer(UNIT(s), &s->timer_watch);
83c60c9f
LP		 1174
1175 return r;
542563ba
LP		 1176}
1177
cfc4eb4c 1178static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1179 assert(s);
1180
cfc4eb4c
LP		 1181 if (f != SOCKET_SUCCESS)
1182 s->result = f;
034c6ed7 1183
cfc4eb4c 1184 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1185}
1186
cfc4eb4c 1187static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1188
cfc4eb4c 1189static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1190 int r;
1191 assert(s);
1192
cfc4eb4c
LP		 1193 if (f != SOCKET_SUCCESS)
1194 s->result = f;
034c6ed7 1195
5e94833f
LP		 1196 socket_unwatch_control_pid(s);
1197
a16e1123
LP		 1198 s->control_command_id = SOCKET_EXEC_STOP_POST;
1199
80876c20 1200 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
e537352b 1201 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1202 goto fail;
1203
80876c20
LP		 1204 socket_set_state(s, SOCKET_STOP_POST);
1205 } else
cfc4eb4c 1206 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1207
1208 return;
1209
1210fail:
1124fe6f 1211 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1212 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1213}
1214
cfc4eb4c 1215static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7 1216 int r;
ca949c9d
LP		 1217 Set *pid_set = NULL;
1218 bool wait_for_exit = false;
034c6ed7
LP		 1219
1220 assert(s);
1221
cfc4eb4c
LP		 1222 if (f != SOCKET_SUCCESS)
1223 s->result = f;
034c6ed7 1224
2e22afe9
LP		 1225 if (s->exec_context.kill_mode != KILL_NONE) {
1226 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->exec_context.kill_signal : SIGKILL;
034c6ed7 1227
ca949c9d 1228 if (s->control_pid > 0) {
cd25cce9 1229 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
50159e6a 1230
ca949c9d
LP		 1231 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1232 else
1233 wait_for_exit = true;
034c6ed7 1234 }
50159e6a 1235
ca949c9d
LP		 1236 if (s->exec_context.kill_mode == KILL_CONTROL_GROUP) {
1237
1238 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1239 r = -ENOMEM;
50159e6a
LP		 1240 goto fail;
1241 }
ca949c9d
LP		 1242
1243 /* Exclude the control pid from being killed via the cgroup */
1244 if (s->control_pid > 0)
1245 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1246 goto fail;
1247
88f3e0c9 1248 r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, false, pid_set, NULL);
ecedd90f 1249 if (r < 0) {
ca949c9d
LP		 1250 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1251 log_warning("Failed to kill control group: %s", strerror(-r));
1252 } else if (r > 0)
1253 wait_for_exit = true;
1254
1255 set_free(pid_set);
da19d5c1 1256 pid_set = NULL;
ca949c9d 1257 }
d6ea93e3 1258 }
034c6ed7 1259
ca949c9d 1260 if (wait_for_exit) {
80876c20
LP		 1261 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1262 goto fail;
d6ea93e3 1263
80876c20
LP		 1264 socket_set_state(s, state);
1265 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1266 socket_enter_stop_post(s, SOCKET_SUCCESS);
80876c20 1267 else
cfc4eb4c 1268 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1269
1270 return;
1271
1272fail:
1124fe6f 1273 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1274
1275 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1276 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1277 else
cfc4eb4c 1278 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
ca949c9d
LP		 1279
1280 if (pid_set)
1281 set_free(pid_set);
034c6ed7
LP		 1282}
1283
cfc4eb4c 1284static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1285 int r;
1286 assert(s);
1287
cfc4eb4c
LP		 1288 if (f != SOCKET_SUCCESS)
1289 s->result = f;
034c6ed7 1290
5e94833f
LP		 1291 socket_unwatch_control_pid(s);
1292
a16e1123
LP		 1293 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1294
80876c20 1295 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
e537352b 1296 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1297 goto fail;
1298
80876c20
LP		 1299 socket_set_state(s, SOCKET_STOP_PRE);
1300 } else
cfc4eb4c 1301 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1302
1303 return;
1304
1305fail:
1124fe6f 1306 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1307 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1308}
1309
e9af15c3
LP		 1310static void socket_enter_listening(Socket *s) {
1311 int r;
1312 assert(s);
1313
cfc4eb4c
LP		 1314 r = socket_watch_fds(s);
1315 if (r < 0) {
1124fe6f 1316 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1317 goto fail;
1318 }
1319
1320 socket_set_state(s, SOCKET_LISTENING);
1321 return;
1322
1323fail:
cfc4eb4c 1324 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1325}
1326
034c6ed7
LP		 1327static void socket_enter_start_post(Socket *s) {
1328 int r;
1329 assert(s);
1330
cfc4eb4c
LP		 1331 r = socket_open_fds(s);
1332 if (r < 0) {
1124fe6f 1333 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1334 goto fail;
1335 }
1336
5e94833f
LP		 1337 socket_unwatch_control_pid(s);
1338
a16e1123
LP		 1339 s->control_command_id = SOCKET_EXEC_START_POST;
1340
80876c20 1341 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
cfc4eb4c
LP		 1342 r = socket_spawn(s, s->control_command, &s->control_pid);
1343 if (r < 0) {
1124fe6f 1344 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1345 goto fail;
1346 }
1347
80876c20
LP		 1348 socket_set_state(s, SOCKET_START_POST);
1349 } else
e9af15c3 1350 socket_enter_listening(s);
034c6ed7
LP		 1351
1352 return;
1353
1354fail:
cfc4eb4c 1355 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1356}
1357
1358static void socket_enter_start_pre(Socket *s) {
1359 int r;
1360 assert(s);
1361
5e94833f
LP		 1362 socket_unwatch_control_pid(s);
1363
a16e1123
LP		 1364 s->control_command_id = SOCKET_EXEC_START_PRE;
1365
80876c20 1366 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
e537352b 1367 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1368 goto fail;
1369
80876c20
LP		 1370 socket_set_state(s, SOCKET_START_PRE);
1371 } else
034c6ed7
LP		 1372 socket_enter_start_post(s);
1373
1374 return;
1375
1376fail:
1124fe6f 1377 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1378 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1379}
1380
4f2d528d 1381static void socket_enter_running(Socket *s, int cfd) {
034c6ed7 1382 int r;
398ef8ba 1383 DBusError error;
034c6ed7
LP		 1384
1385 assert(s);
398ef8ba 1386 dbus_error_init(&error);
034c6ed7 1387
ba3e67a7
LP		 1388 /* We don't take connections anymore if we are supposed to
1389 * shut down anyway */
18ffdfda 1390 if (unit_pending_inactive(UNIT(s))) {
1124fe6f 1391 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1392
7c610628
LP		 1393 if (cfd >= 0)
1394 close_nointr_nofail(cfd);
1395 else {
1396 /* Flush all sockets by closing and reopening them */
1397 socket_close_fds(s);
1398
1a710b43
MS		 1399 r = socket_watch_fds(s);
1400 if (r < 0) {
1124fe6f 1401 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1402 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1403 }
1404 }
1405
ba3e67a7
LP		 1406 return;
1407 }
1408
4f2d528d 1409 if (cfd < 0) {
57020a3a
LP		 1410 Iterator i;
1411 Unit *u;
f976f3f6 1412 bool pending = false;
f976f3f6
LP		 1413
1414 /* If there's already a start pending don't bother to
1415 * do anything */
1124fe6f 1416 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
57020a3a
LP		 1417 if (unit_pending_active(u)) {
1418 pending = true;
1419 break;
1420 }
f976f3f6 1421
1a710b43
MS		 1422 if (!pending) {
1423 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1424 if (r < 0)
f976f3f6 1425 goto fail;
1a710b43 1426 }
4f2d528d
LP		 1427
1428 socket_set_state(s, SOCKET_RUNNING);
1429 } else {
b4f10a5e 1430 char *prefix, *instance = NULL, *name;
b15bdda8 1431 Service *service;
4f2d528d 1432
6cf6bbc2
LP		 1433 if (s->n_connections >= s->max_connections) {
1434 log_warning("Too many incoming connections (%u)", s->n_connections);
1435 close_nointr_nofail(cfd);
1436 return;
1437 }
1438
1a710b43
MS		 1439 r = socket_instantiate_service(s);
1440 if (r < 0)
b15bdda8
LP		 1441 goto fail;
1442
1a710b43
MS		 1443 r = instance_from_socket(cfd, s->n_accepted, &instance);
1444 if (r < 0) {
1445 if (r != -ENOTCONN)
1446 goto fail;
1447
1448 /* ENOTCONN is legitimate if TCP RST was received.
1449 * This connection is over, but the socket unit lives on. */
1450 close_nointr_nofail(cfd);
1451 return;
1452 }
4f2d528d 1453
1a710b43
MS		 1454 prefix = unit_name_to_prefix(UNIT(s)->id);
1455 if (!prefix) {
4f2d528d
LP		 1456 free(instance);
1457 r = -ENOMEM;
1458 goto fail;
1459 }
1460
1461 name = unit_name_build(prefix, instance, ".service");
1462 free(prefix);
1463 free(instance);
1464
b6dbbe1c 1465 if (!name) {
4f2d528d 1466 r = -ENOMEM;
b6dbbe1c
LP		 1467 goto fail;
1468 }
4f2d528d 1469
1a710b43
MS		 1470 r = unit_add_name(UNIT_DEREF(s->service), name);
1471 if (r < 0) {
b15bdda8 1472 free(name);
4f2d528d 1473 goto fail;
b15bdda8
LP		 1474 }
1475
57020a3a
LP		 1476 service = SERVICE(UNIT_DEREF(s->service));
1477 unit_ref_unset(&s->service);
b15bdda8 1478 s->n_accepted ++;
4f2d528d 1479
1124fe6f 1480 UNIT(service)->no_gc = false;
6c073082 1481
b15bdda8
LP		 1482 unit_choose_id(UNIT(service), name);
1483 free(name);
1484
1a710b43
MS		 1485 r = service_set_socket_fd(service, cfd, s);
1486 if (r < 0)
4f2d528d
LP		 1487 goto fail;
1488
1489 cfd = -1;
6cf6bbc2
LP		 1490 s->n_connections ++;
1491
1a710b43
MS		 1492 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1493 if (r < 0)
4f2d528d 1494 goto fail;
c4e2ceae
LP		 1495
1496 /* Notify clients about changed counters */
1497 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1498 }
034c6ed7 1499
034c6ed7
LP		 1500 return;
1501
1502fail:
1124fe6f 1503 log_warning("%s failed to queue socket startup job: %s", UNIT(s)->id, bus_error(&error, r));
60089004 1504 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
4f2d528d
LP		 1505
1506 if (cfd >= 0)
1507 close_nointr_nofail(cfd);
398ef8ba
LP		 1508
1509 dbus_error_free(&error);
034c6ed7
LP		 1510}
1511
cfc4eb4c 1512static void socket_run_next(Socket *s) {
034c6ed7
LP		 1513 int r;
1514
1515 assert(s);
1516 assert(s->control_command);
1517 assert(s->control_command->command_next);
1518
5e94833f
LP		 1519 socket_unwatch_control_pid(s);
1520
034c6ed7
LP		 1521 s->control_command = s->control_command->command_next;
1522
e537352b 1523 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1524 goto fail;
1525
1526 return;
1527
1528fail:
1124fe6f 1529 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1530
1531 if (s->state == SOCKET_START_POST)
cfc4eb4c 1532 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1533 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1534 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1535 else
cfc4eb4c 1536 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1537}
1538
87f0e418
LP		 1539static int socket_start(Unit *u) {
1540 Socket *s = SOCKET(u);
83c60c9f
LP		 1541
1542 assert(s);
1543
034c6ed7
LP		 1544 /* We cannot fulfill this request right now, try again later
1545 * please! */
1546 if (s->state == SOCKET_STOP_PRE ||
1547 s->state == SOCKET_STOP_PRE_SIGKILL ||
1548 s->state == SOCKET_STOP_PRE_SIGTERM ||
1549 s->state == SOCKET_STOP_POST ||
80876c20
LP		 1550 s->state == SOCKET_FINAL_SIGTERM ||
1551 s->state == SOCKET_FINAL_SIGKILL)
034c6ed7
LP		 1552 return -EAGAIN;
1553
83c60c9f
LP		 1554 if (s->state == SOCKET_START_PRE ||
1555 s->state == SOCKET_START_POST)
034c6ed7 1556 return 0;
83c60c9f 1557
034c6ed7 1558 /* Cannot run this without the service being around */
57020a3a
LP		 1559 if (UNIT_DEREF(s->service)) {
1560 Service *service;
1561
1562 service = SERVICE(UNIT_DEREF(s->service));
1563
1124fe6f
MS		 1564 if (UNIT(service)->load_state != UNIT_LOADED) {
1565 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1566 return -ENOENT;
4ac9236f 1567 }
4f2d528d 1568
35b8ca3a 1569 /* If the service is already active we cannot start the
4f2d528d 1570 * socket */
57020a3a
LP		 1571 if (service->state != SERVICE_DEAD &&
1572 service->state != SERVICE_FAILED &&
1573 service->state != SERVICE_AUTO_RESTART) {
1124fe6f 1574 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1575 return -EBUSY;
4ac9236f 1576 }
7b4bf06b
LP		 1577
1578#ifdef HAVE_SYSV_COMPAT
1b64d026 1579 if (service->is_sysv) {
7b4bf06b
LP		 1580 log_error("Using SysV services for socket activation is not supported. Refusing.");
1581 return -ENOENT;
1582 }
1583#endif
4f2d528d 1584 }
e537352b 1585
fdf20a31 1586 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1587
cfc4eb4c 1588 s->result = SOCKET_SUCCESS;
034c6ed7
LP		 1589 socket_enter_start_pre(s);
1590 return 0;
1591}
83c60c9f 1592
87f0e418
LP		 1593static int socket_stop(Unit *u) {
1594 Socket *s = SOCKET(u);
034c6ed7
LP		 1595
1596 assert(s);
1597
e537352b
LP		 1598 /* Already on it */
1599 if (s->state == SOCKET_STOP_PRE ||
1600 s->state == SOCKET_STOP_PRE_SIGTERM ||
1601 s->state == SOCKET_STOP_PRE_SIGKILL ||
1602 s->state == SOCKET_STOP_POST ||
80876c20 1603 s->state == SOCKET_FINAL_SIGTERM ||
3f6c78dc 1604 s->state == SOCKET_FINAL_SIGKILL)
e537352b
LP		 1605 return 0;
1606
3f6c78dc
LP		 1607 /* If there's already something running we go directly into
1608 * kill mode. */
1609 if (s->state == SOCKET_START_PRE ||
1610 s->state == SOCKET_START_POST) {
cfc4eb4c 1611 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1612 return -EAGAIN;
1613 }
1614
034c6ed7 1615 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1616
cfc4eb4c 1617 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1618 return 0;
1619}
1620
a16e1123
LP		 1621static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1622 Socket *s = SOCKET(u);
1623 SocketPort *p;
1624 int r;
1625
1626 assert(u);
1627 assert(f);
1628 assert(fds);
1629
1630 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1631 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1632 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1633
1634 if (s->control_pid > 0)
5925dd3c 1635 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
a16e1123
LP		 1636
1637 if (s->control_command_id >= 0)
1638 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1639
1640 LIST_FOREACH(port, p, s->ports) {
1641 int copy;
1642
1643 if (p->fd < 0)
1644 continue;
1645
1646 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1647 return copy;
1648
1649 if (p->type == SOCKET_SOCKET) {
1650 char *t;
1651
1652 if ((r = socket_address_print(&p->address, &t)) < 0)
1653 return r;
1654
7a22745a
LP		 1655 if (socket_address_family(&p->address) == AF_NETLINK)
1656 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1657 else
1658 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
a16e1123 1659 free(t);
b0a3f2bc
LP		 1660 } else if (p->type == SOCKET_SPECIAL)
1661 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1662 else {
a16e1123
LP		 1663 assert(p->type == SOCKET_FIFO);
1664 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1665 }
1666 }
1667
1668 return 0;
1669}
1670
1671static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1672 Socket *s = SOCKET(u);
a16e1123
LP		 1673
1674 assert(u);
1675 assert(key);
1676 assert(value);
1677 assert(fds);
1678
1679 if (streq(key, "state")) {
1680 SocketState state;
1681
1682 if ((state = socket_state_from_string(value)) < 0)
1683 log_debug("Failed to parse state value %s", value);
1684 else
1685 s->deserialized_state = state;
cfc4eb4c
LP		 1686 } else if (streq(key, "result")) {
1687 SocketResult f;
a16e1123 1688
cfc4eb4c
LP		 1689 f = socket_result_from_string(value);
1690 if (f < 0)
1691 log_debug("Failed to parse result value %s", value);
1692 else if (f != SOCKET_SUCCESS)
1693 s->result = f;
a16e1123
LP		 1694
1695 } else if (streq(key, "n-accepted")) {
1696 unsigned k;
1697
e364ad06 1698 if (safe_atou(value, &k) < 0)
a16e1123
LP		 1699 log_debug("Failed to parse n-accepted value %s", value);
1700 else
1701 s->n_accepted += k;
1702 } else if (streq(key, "control-pid")) {
5925dd3c 1703 pid_t pid;
a16e1123 1704
e364ad06 1705 if (parse_pid(value, &pid) < 0)
a16e1123
LP		 1706 log_debug("Failed to parse control-pid value %s", value);
1707 else
5925dd3c 1708 s->control_pid = pid;
a16e1123
LP		 1709 } else if (streq(key, "control-command")) {
1710 SocketExecCommand id;
1711
1712 if ((id = socket_exec_command_from_string(value)) < 0)
1713 log_debug("Failed to parse exec-command value %s", value);
1714 else {
1715 s->control_command_id = id;
1716 s->control_command = s->exec_command[id];
1717 }
1718 } else if (streq(key, "fifo")) {
1719 int fd, skip = 0;
1720 SocketPort *p;
1721
1722 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1723 log_debug("Failed to parse fifo value %s", value);
1724 else {
1725
1726 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 1727 if (p->type == SOCKET_FIFO &&
1728 streq_ptr(p->path, value+skip))
1729 break;
1730
1731 if (p) {
1732 if (p->fd >= 0)
1733 close_nointr_nofail(p->fd);
1734 p->fd = fdset_remove(fds, fd);
1735 }
1736 }
1737
1738 } else if (streq(key, "special")) {
1739 int fd, skip = 0;
1740 SocketPort *p;
1741
1742 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1743 log_debug("Failed to parse special value %s", value);
1744 else {
1745
1746 LIST_FOREACH(port, p, s->ports)
1747 if (p->type == SOCKET_SPECIAL &&
1748 streq_ptr(p->path, value+skip))
a16e1123
LP		 1749 break;
1750
1751 if (p) {
1752 if (p->fd >= 0)
1753 close_nointr_nofail(p->fd);
1754 p->fd = fdset_remove(fds, fd);
1755 }
1756 }
1757
1758 } else if (streq(key, "socket")) {
27ca8d7a 1759 int fd, type, skip = 0;
a16e1123
LP		 1760 SocketPort *p;
1761
27ca8d7a 1762 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
a16e1123
LP		 1763 log_debug("Failed to parse socket value %s", value);
1764 else {
1765
1766 LIST_FOREACH(port, p, s->ports)
27ca8d7a 1767 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 1768 break;
1769
1770 if (p) {
1771 if (p->fd >= 0)
1772 close_nointr_nofail(p->fd);
1773 p->fd = fdset_remove(fds, fd);
1774 }
1775 }
1776
7a22745a
LP		 1777 } else if (streq(key, "netlink")) {
1778 int fd, skip = 0;
1779 SocketPort *p;
1780
1781 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1782 log_debug("Failed to parse socket value %s", value);
1783 else {
1784
1785 LIST_FOREACH(port, p, s->ports)
1786 if (socket_address_is_netlink(&p->address, value+skip))
1787 break;
1788
1789 if (p) {
1790 if (p->fd >= 0)
1791 close_nointr_nofail(p->fd);
1792 p->fd = fdset_remove(fds, fd);
1793 }
1794 }
1795
a16e1123
LP		 1796 } else
1797 log_debug("Unknown serialization key '%s'", key);
1798
1799 return 0;
1800}
1801
87f0e418
LP		 1802static UnitActiveState socket_active_state(Unit *u) {
1803 assert(u);
5cb5a6ff 1804
acbb0225 1805 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 1806}
1807
10a94420
LP		 1808static const char *socket_sub_state_to_string(Unit *u) {
1809 assert(u);
1810
a16e1123 1811 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 1812}
1813
6cf6bbc2
LP		 1814static bool socket_check_gc(Unit *u) {
1815 Socket *s = SOCKET(u);
1816
1817 assert(u);
1818
1819 return s->n_connections > 0;
1820}
1821
acbb0225 1822static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
87f0e418 1823 Socket *s = SOCKET(u);
4f2d528d 1824 int cfd = -1;
9152c765 1825
034c6ed7 1826 assert(s);
8d567588 1827 assert(fd >= 0);
9152c765 1828
871d7de4
LP		 1829 if (s->state != SOCKET_LISTENING)
1830 return;
1831
ac155bb8 1832 log_debug("Incoming traffic on %s", u->id);
9152c765 1833
4f2d528d 1834 if (events != EPOLLIN) {
641e01dc
LP		 1835
1836 if (events & EPOLLHUP)
ac155bb8 1837 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
641e01dc 1838 else
ac155bb8 1839 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
641e01dc 1840
8d567588 1841 goto fail;
4f2d528d
LP		 1842 }
1843
cabab516 1844 if (w->socket_accept) {
4f2d528d
LP		 1845 for (;;) {
1846
1847 if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
1848
1849 if (errno == EINTR)
1850 continue;
1851
1852 log_error("Failed to accept socket: %m");
8d567588 1853 goto fail;
4f2d528d
LP		 1854 }
1855
1856 break;
1857 }
4fd5948e
LP		 1858
1859 socket_apply_socket_options(s, cfd);
4f2d528d 1860 }
9152c765 1861
4f2d528d 1862 socket_enter_running(s, cfd);
8d567588
LP		 1863 return;
1864
1865fail:
cfc4eb4c 1866 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
9152c765
LP		 1867}
1868
87f0e418
LP		 1869static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1870 Socket *s = SOCKET(u);
cfc4eb4c 1871 SocketResult f;
5cb5a6ff
LP		 1872
1873 assert(s);
034c6ed7 1874 assert(pid >= 0);
5cb5a6ff 1875
8c47c732
LP		 1876 if (pid != s->control_pid)
1877 return;
542563ba 1878
034c6ed7
LP		 1879 s->control_pid = 0;
1880
cfc4eb4c
LP		 1881 if (is_clean_exit(code, status))
1882 f = SOCKET_SUCCESS;
1883 else if (code == CLD_EXITED)
1884 f = SOCKET_FAILURE_EXIT_CODE;
1885 else if (code == CLD_KILLED)
1886 f = SOCKET_FAILURE_SIGNAL;
1887 else if (code == CLD_DUMPED)
1888 f = SOCKET_FAILURE_CORE_DUMP;
1889 else
1890 assert_not_reached("Unknown code");
8c47c732 1891
b708e7ce 1892 if (s->control_command) {
6ea832a2 1893 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 1894
b708e7ce 1895 if (s->control_command->ignore)
cfc4eb4c 1896 f = SOCKET_SUCCESS;
b708e7ce
LP		 1897 }
1898
cfc4eb4c 1899 log_full(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
ac155bb8 1900 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
034c6ed7 1901
cfc4eb4c
LP		 1902 if (f != SOCKET_SUCCESS)
1903 s->result = f;
1904
1905 if (s->control_command &&
1906 s->control_command->command_next &&
1907 f == SOCKET_SUCCESS) {
1908
ac155bb8 1909 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
cfc4eb4c 1910 socket_run_next(s);
acbb0225 1911 } else {
a16e1123
LP		 1912 s->control_command = NULL;
1913 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1914
034c6ed7
LP		 1915 /* No further commands for this step, so let's figure
1916 * out what to do next */
5cb5a6ff 1917
ac155bb8 1918 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
acbb0225 1919
034c6ed7
LP		 1920 switch (s->state) {
1921
1922 case SOCKET_START_PRE:
cfc4eb4c 1923 if (f == SOCKET_SUCCESS)
acbb0225 1924 socket_enter_start_post(s);
034c6ed7 1925 else
cfc4eb4c 1926 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 1927 break;
1928
1929 case SOCKET_START_POST:
cfc4eb4c 1930 if (f == SOCKET_SUCCESS)
e9af15c3 1931 socket_enter_listening(s);
034c6ed7 1932 else
cfc4eb4c 1933 socket_enter_stop_pre(s, f);
034c6ed7
LP		 1934 break;
1935
1936 case SOCKET_STOP_PRE:
1937 case SOCKET_STOP_PRE_SIGTERM:
1938 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 1939 socket_enter_stop_post(s, f);
034c6ed7
LP		 1940 break;
1941
1942 case SOCKET_STOP_POST:
80876c20
LP		 1943 case SOCKET_FINAL_SIGTERM:
1944 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 1945 socket_enter_dead(s, f);
034c6ed7
LP		 1946 break;
1947
1948 default:
1949 assert_not_reached("Uh, control process died at wrong time.");
1950 }
1951 }
c4e2ceae
LP		 1952
1953 /* Notify clients about changed exit status */
1954 unit_add_to_dbus_queue(u);
034c6ed7 1955}
5cb5a6ff 1956
acbb0225 1957static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
87f0e418 1958 Socket *s = SOCKET(u);
5cb5a6ff 1959
034c6ed7
LP		 1960 assert(s);
1961 assert(elapsed == 1);
acbb0225 1962 assert(w == &s->timer_watch);
034c6ed7
LP		 1963
1964 switch (s->state) {
1965
1966 case SOCKET_START_PRE:
ac155bb8 1967 log_warning("%s starting timed out. Terminating.", u->id);
cfc4eb4c 1968 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 1969 break;
80876c20 1970
034c6ed7 1971 case SOCKET_START_POST:
ac155bb8 1972 log_warning("%s starting timed out. Stopping.", u->id);
cfc4eb4c 1973 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1974 break;
1975
1976 case SOCKET_STOP_PRE:
ac155bb8 1977 log_warning("%s stopping timed out. Terminating.", u->id);
cfc4eb4c 1978 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1979 break;
1980
1981 case SOCKET_STOP_PRE_SIGTERM:
ba035df2 1982 if (s->exec_context.send_sigkill) {
ac155bb8 1983 log_warning("%s stopping timed out. Killing.", u->id);
cfc4eb4c 1984 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1985 } else {
ac155bb8 1986 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 1987 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 1988 }
034c6ed7
LP		 1989 break;
1990
1991 case SOCKET_STOP_PRE_SIGKILL:
ac155bb8 1992 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
cfc4eb4c 1993 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1994 break;
1995
1996 case SOCKET_STOP_POST:
ac155bb8 1997 log_warning("%s stopping timed out (2). Terminating.", u->id);
cfc4eb4c 1998 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1999 break;
2000
80876c20 2001 case SOCKET_FINAL_SIGTERM:
ba035df2 2002 if (s->exec_context.send_sigkill) {
ac155bb8 2003 log_warning("%s stopping timed out (2). Killing.", u->id);
cfc4eb4c 2004 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 2005 } else {
ac155bb8 2006 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 2007 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 2008 }
034c6ed7
LP		 2009 break;
2010
80876c20 2011 case SOCKET_FINAL_SIGKILL:
ac155bb8 2012 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
cfc4eb4c 2013 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2014 break;
2015
2016 default:
2017 assert_not_reached("Timeout at wrong time.");
2018 }
5cb5a6ff
LP		 2019}
2020
44d8db9e
LP		 2021int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2022 int *rfds;
2023 unsigned rn_fds, k;
2024 SocketPort *p;
2025
2026 assert(s);
2027 assert(fds);
2028 assert(n_fds);
2029
2030 /* Called from the service code for requesting our fds */
2031
2032 rn_fds = 0;
2033 LIST_FOREACH(port, p, s->ports)
2034 if (p->fd >= 0)
2035 rn_fds++;
2036
de3756ab
LP		 2037 if (rn_fds <= 0) {
2038 *fds = NULL;
2039 *n_fds = 0;
2040 return 0;
2041 }
2042
e364ad06 2043 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2044 return -ENOMEM;
2045
2046 k = 0;
2047 LIST_FOREACH(port, p, s->ports)
2048 if (p->fd >= 0)
2049 rfds[k++] = p->fd;
2050
2051 assert(k == rn_fds);
2052
2053 *fds = rfds;
2054 *n_fds = rn_fds;
2055
2056 return 0;
2057}
2058
6bda96a0 2059void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2060 assert(s);
2061
6cf6bbc2
LP		 2062 /* The service is dead. Dang!
2063 *
2064 * This is strictly for one-instance-for-all-connections
2065 * services. */
ceee3d82
LP		 2066
2067 if (s->state == SOCKET_RUNNING) {
6bda96a0
LP		 2068 log_debug("%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2069 if (failed_permanent)
2070 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2071 else
2072 socket_enter_listening(s);
ceee3d82
LP		 2073 }
2074}
2075
6cf6bbc2
LP		 2076void socket_connection_unref(Socket *s) {
2077 assert(s);
2078
2079 /* The service is dead. Yay!
2080 *
35b8ca3a 2081 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2082 * services. */
2083
2084 assert(s->n_connections > 0);
2085 s->n_connections--;
2086
1124fe6f 2087 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 2088}
2089
fdf20a31 2090static void socket_reset_failed(Unit *u) {
5632e374
LP		 2091 Socket *s = SOCKET(u);
2092
2093 assert(s);
2094
fdf20a31 2095 if (s->state == SOCKET_FAILED)
5632e374
LP		 2096 socket_set_state(s, SOCKET_DEAD);
2097
cfc4eb4c 2098 s->result = SOCKET_SUCCESS;
5632e374
LP		 2099}
2100
8a0867d6
LP		 2101static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError *error) {
2102 Socket *s = SOCKET(u);
2103 int r = 0;
2104 Set *pid_set = NULL;
2105
2106 assert(s);
2107
2108 if (who == KILL_MAIN) {
2109 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
a17204af 2110 return -ESRCH;
8a0867d6
LP		 2111 }
2112
2113 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2114 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
a17204af 2115 return -ESRCH;
8a0867d6
LP		 2116 }
2117
3611581e
LP		 2118 if (who == KILL_CONTROL || who == KILL_ALL)
2119 if (s->control_pid > 0)
2120 if (kill(s->control_pid, signo) < 0)
2121 r = -errno;
8a0867d6 2122
3611581e 2123 if (who == KILL_ALL && mode == KILL_CONTROL_GROUP) {
8a0867d6
LP		 2124 int q;
2125
2126 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func)))
2127 return -ENOMEM;
2128
2129 /* Exclude the control pid from being killed via the cgroup */
2130 if (s->control_pid > 0)
2131 if ((q = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0) {
2132 r = q;
2133 goto finish;
2134 }
2135
88f3e0c9 2136 q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, false, pid_set, NULL);
ecedd90f 2137 if (q < 0)
3611581e 2138 if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
8a0867d6
LP		 2139 r = q;
2140 }
2141
2142finish:
2143 if (pid_set)
2144 set_free(pid_set);
2145
2146 return r;
2147}
2148
a16e1123
LP		 2149static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2150 [SOCKET_DEAD] = "dead",
2151 [SOCKET_START_PRE] = "start-pre",
2152 [SOCKET_START_POST] = "start-post",
2153 [SOCKET_LISTENING] = "listening",
2154 [SOCKET_RUNNING] = "running",
2155 [SOCKET_STOP_PRE] = "stop-pre",
2156 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2157 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2158 [SOCKET_STOP_POST] = "stop-post",
2159 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2160 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2161 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2162};
2163
2164DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2165
2166static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2167 [SOCKET_EXEC_START_PRE] = "StartPre",
2168 [SOCKET_EXEC_START_POST] = "StartPost",
2169 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2170 [SOCKET_EXEC_STOP_POST] = "StopPost"
2171};
2172
2173DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2174
cfc4eb4c
LP		 2175static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2176 [SOCKET_SUCCESS] = "success",
2177 [SOCKET_FAILURE_RESOURCES] = "resources",
2178 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2179 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2180 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2181 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2182 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2183};
2184
2185DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2186
87f0e418 2187const UnitVTable socket_vtable = {
7d17cfbc 2188 .object_size = sizeof(Socket),
f975e971
LP		 2189 .sections =
2190 "Unit\0"
2191 "Socket\0"
2192 "Install\0",
5cb5a6ff 2193
034c6ed7
LP		 2194 .init = socket_init,
2195 .done = socket_done,
a16e1123
LP		 2196 .load = socket_load,
2197
8a0867d6
LP		 2198 .kill = socket_kill,
2199
a16e1123 2200 .coldplug = socket_coldplug,
034c6ed7 2201
5cb5a6ff
LP		 2202 .dump = socket_dump,
2203
542563ba
LP		 2204 .start = socket_start,
2205 .stop = socket_stop,
5cb5a6ff 2206
a16e1123
LP		 2207 .serialize = socket_serialize,
2208 .deserialize_item = socket_deserialize_item,
2209
5cb5a6ff 2210 .active_state = socket_active_state,
10a94420 2211 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2212
6cf6bbc2
LP		 2213 .check_gc = socket_check_gc,
2214
9152c765 2215 .fd_event = socket_fd_event,
034c6ed7 2216 .sigchld_event = socket_sigchld_event,
4139c1b2
LP		 2217 .timer_event = socket_timer_event,
2218
fdf20a31 2219 .reset_failed = socket_reset_failed,
5632e374 2220
c4e2ceae
LP		 2221 .bus_interface = "org.freedesktop.systemd1.Socket",
2222 .bus_message_handler = bus_socket_message_handler,
c6918296
MS		 2223 .bus_invalidating_properties = bus_socket_invalidating_properties,
2224
2225 .status_message_formats = {
2226 /*.starting_stopping = {
2227 [0] = "Starting socket %s...",
2228 [1] = "Stopping socket %s...",
2229 },*/
2230 .finished_start_job = {
2231 [JOB_DONE] = "Listening on %s.",
2232 [JOB_FAILED] = "Failed to listen on %s.",
2233 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2234 [JOB_TIMEOUT] = "Timed out starting %s.",
2235 },
2236 .finished_stop_job = {
2237 [JOB_DONE] = "Closed %s.",
2238 [JOB_FAILED] = "Failed stopping %s.",
2239 [JOB_TIMEOUT] = "Timed out stopping %s.",
2240 },
2241 },
5cb5a6ff 2242};
Unnamed repository; edit this file 'description' to name the repository.