]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/socket.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
socket: if we fail to create an instantiated service for a socket, don't put the...
[thirdparty/systemd.git] / src / socket.c
CommitLineData
d6c9574f 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
5cb5a6ff 2
a7334b09
LP		 3/***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
83c60c9f
LP		 22#include <sys/types.h>
23#include <sys/stat.h>
24#include <unistd.h>
25#include <errno.h>
26#include <fcntl.h>
f94ea366 27#include <sys/epoll.h>
034c6ed7 28#include <signal.h>
4f2d528d 29#include <arpa/inet.h>
916abb21 30#include <mqueue.h>
83c60c9f 31
87f0e418 32#include "unit.h"
5cb5a6ff 33#include "socket.h"
cebf8b20 34#include "netinet/tcp.h"
83c60c9f 35#include "log.h"
23a177ef
LP		 36#include "load-dropin.h"
37#include "load-fragment.h"
9e2f7c11 38#include "strv.h"
4f2d528d 39#include "unit-name.h"
4139c1b2 40#include "dbus-socket.h"
4fd5948e 41#include "missing.h"
a40eb732 42#include "special.h"
398ef8ba 43#include "bus-errors.h"
e51bc1a2 44#include "label.h"
9a57c629 45#include "exit-status.h"
f6a6225e 46#include "def.h"
83c60c9f 47
acbb0225 48static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
87f0e418
LP		 49 [SOCKET_DEAD] = UNIT_INACTIVE,
50 [SOCKET_START_PRE] = UNIT_ACTIVATING,
51 [SOCKET_START_POST] = UNIT_ACTIVATING,
52 [SOCKET_LISTENING] = UNIT_ACTIVE,
53 [SOCKET_RUNNING] = UNIT_ACTIVE,
54 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
55 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
56 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
57 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
80876c20
LP		 58 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
59 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
fdf20a31 60 [SOCKET_FAILED] = UNIT_FAILED
83c60c9f 61};
5cb5a6ff 62
a16e1123
LP		 63static void socket_init(Unit *u) {
64 Socket *s = SOCKET(u);
65
66 assert(u);
ac155bb8 67 assert(u->load_state == UNIT_STUB);
a16e1123 68
a16e1123
LP		 69 s->backlog = SOMAXCONN;
70 s->timeout_usec = DEFAULT_TIMEOUT_USEC;
71 s->directory_mode = 0755;
9131f660 72 s->socket_mode = 0666;
a16e1123 73
6cf6bbc2
LP		 74 s->max_connections = 64;
75
4fd5948e 76 s->priority = -1;
4fd5948e
LP		 77 s->ip_tos = -1;
78 s->ip_ttl = -1;
4fd5948e 79 s->mark = -1;
4fd5948e 80
a16e1123 81 exec_context_init(&s->exec_context);
ac155bb8
MS		 82 s->exec_context.std_output = u->manager->default_std_output;
83 s->exec_context.std_error = u->manager->default_std_error;
a16e1123
LP		 84
85 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
86}
acbb0225 87
5e94833f
LP		 88static void socket_unwatch_control_pid(Socket *s) {
89 assert(s);
90
91 if (s->control_pid <= 0)
92 return;
93
94 unit_unwatch_pid(UNIT(s), s->control_pid);
95 s->control_pid = 0;
96}
97
87f0e418
LP		 98static void socket_done(Unit *u) {
99 Socket *s = SOCKET(u);
034c6ed7
LP		 100 SocketPort *p;
101
102 assert(s);
103
104 while ((p = s->ports)) {
105 LIST_REMOVE(SocketPort, port, s->ports, p);
106
a16e1123
LP		 107 if (p->fd >= 0) {
108 unit_unwatch_fd(UNIT(s), &p->fd_watch);
109 close_nointr_nofail(p->fd);
110 }
111
034c6ed7
LP		 112 free(p->path);
113 free(p);
114 }
115
116 exec_context_done(&s->exec_context);
e537352b 117 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
034c6ed7
LP		 118 s->control_command = NULL;
119
5e94833f 120 socket_unwatch_control_pid(s);
034c6ed7 121
57020a3a 122 unit_ref_unset(&s->service);
034c6ed7 123
cebf8b20
TT		 124 free(s->tcp_congestion);
125 s->tcp_congestion = NULL;
126
acbb0225 127 free(s->bind_to_device);
e537352b 128 s->bind_to_device = NULL;
acbb0225
LP		 129
130 unit_unwatch_timer(u, &s->timer_watch);
5cb5a6ff
LP		 131}
132
b15bdda8
LP		 133static int socket_instantiate_service(Socket *s) {
134 char *prefix, *name;
135 int r;
136 Unit *u;
137
138 assert(s);
139
140 /* This fills in s->service if it isn't filled in yet. For
141 * Accept=yes sockets we create the next connection service
142 * here. For Accept=no this is mostly a NOP since the service
143 * is figured out at load time anyway. */
144
57020a3a 145 if (UNIT_DEREF(s->service))
b15bdda8
LP		 146 return 0;
147
148 assert(s->accept);
149
1124fe6f 150 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
b15bdda8
LP		 151 return -ENOMEM;
152
153 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
154 free(prefix);
155
156 if (r < 0)
157 return -ENOMEM;
158
1124fe6f 159 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
b15bdda8
LP		 160 free(name);
161
162 if (r < 0)
163 return r;
164
7b4bf06b
LP		 165#ifdef HAVE_SYSV_COMPAT
166 if (SERVICE(u)->sysv_path) {
167 log_error("Using SysV services for socket activation is not supported. Refusing.");
168 return -ENOENT;
169 }
170#endif
171
ac155bb8 172 u->no_gc = true;
57020a3a
LP		 173 unit_ref_set(&s->service, u);
174
175 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
b15bdda8
LP		 176}
177
4f2d528d
LP		 178static bool have_non_accept_socket(Socket *s) {
179 SocketPort *p;
180
181 assert(s);
182
183 if (!s->accept)
184 return true;
185
dd5ad9d4
LP		 186 LIST_FOREACH(port, p, s->ports) {
187
188 if (p->type != SOCKET_SOCKET)
189 return true;
190
4f2d528d
LP		 191 if (!socket_address_can_accept(&p->address))
192 return true;
dd5ad9d4 193 }
4f2d528d
LP		 194
195 return false;
196}
197
198static int socket_verify(Socket *s) {
199 assert(s);
200
1124fe6f 201 if (UNIT(s)->load_state != UNIT_LOADED)
4f2d528d
LP		 202 return 0;
203
204 if (!s->ports) {
1124fe6f 205 log_error("%s lacks Listen setting. Refusing.", UNIT(s)->id);
4f2d528d
LP		 206 return -EINVAL;
207 }
208
0009d2a6 209 if (s->accept && have_non_accept_socket(s)) {
1124fe6f 210 log_error("%s configured for accepting sockets, but sockets are non-accepting. Refusing.", UNIT(s)->id);
0009d2a6
LP		 211 return -EINVAL;
212 }
213
6cf6bbc2 214 if (s->accept && s->max_connections <= 0) {
1124fe6f 215 log_error("%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
4d0e5dbd
LP		 216 return -EINVAL;
217 }
218
57020a3a 219 if (s->accept && UNIT_DEREF(s->service)) {
1124fe6f 220 log_error("Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
d9ff321a
LP		 221 return -EINVAL;
222 }
223
2e22afe9 224 if (s->exec_context.pam_name && s->exec_context.kill_mode != KILL_CONTROL_GROUP) {
1124fe6f 225 log_error("%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
6cf6bbc2
LP		 226 return -EINVAL;
227 }
228
4f2d528d
LP		 229 return 0;
230}
231
6e2ef85b
LP		 232static bool socket_needs_mount(Socket *s, const char *prefix) {
233 SocketPort *p;
234
235 assert(s);
236
237 LIST_FOREACH(port, p, s->ports) {
238
239 if (p->type == SOCKET_SOCKET) {
240 if (socket_address_needs_mount(&p->address, prefix))
241 return true;
916abb21 242 } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
6e2ef85b
LP		 243 if (path_startswith(p->path, prefix))
244 return true;
245 }
246 }
247
248 return false;
249}
250
251int socket_add_one_mount_link(Socket *s, Mount *m) {
252 int r;
253
254 assert(s);
255 assert(m);
256
1124fe6f
MS		 257 if (UNIT(s)->load_state != UNIT_LOADED ||
258 UNIT(m)->load_state != UNIT_LOADED)
6e2ef85b
LP		 259 return 0;
260
261 if (!socket_needs_mount(s, m->where))
262 return 0;
263
2c966c03 264 if ((r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true)) < 0)
6e2ef85b
LP		 265 return r;
266
267 return 0;
268}
269
270static int socket_add_mount_links(Socket *s) {
ac155bb8 271 Unit *other;
6e2ef85b
LP		 272 int r;
273
274 assert(s);
275
1124fe6f 276 LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT])
595ed347 277 if ((r = socket_add_one_mount_link(s, MOUNT(other))) < 0)
6e2ef85b
LP		 278 return r;
279
280 return 0;
281}
282
283static int socket_add_device_link(Socket *s) {
284 char *t;
285 int r;
286
287 assert(s);
288
289 if (!s->bind_to_device)
290 return 0;
291
292 if (asprintf(&t, "/sys/subsystem/net/devices/%s", s->bind_to_device) < 0)
293 return -ENOMEM;
294
295 r = unit_add_node_link(UNIT(s), t, false);
296 free(t);
297
298 return r;
299}
300
a40eb732
LP		 301static int socket_add_default_dependencies(Socket *s) {
302 int r;
303 assert(s);
304
1124fe6f 305 if (UNIT(s)->manager->running_as == MANAGER_SYSTEM) {
2a77d31d
LP		 306 if ((r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true)) < 0)
307 return r;
308
a40eb732
LP		 309 if ((r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true)) < 0)
310 return r;
2a77d31d 311 }
a40eb732 312
ead8e478 313 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
a40eb732
LP		 314}
315
4cfc6dbe
LP		 316static bool socket_has_exec(Socket *s) {
317 unsigned i;
318 assert(s);
319
320 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
321 if (s->exec_command[i])
322 return true;
323
324 return false;
325}
326
e537352b
LP		 327static int socket_load(Unit *u) {
328 Socket *s = SOCKET(u);
329 int r;
44d8db9e 330
e537352b 331 assert(u);
ac155bb8 332 assert(u->load_state == UNIT_STUB);
44d8db9e 333
e537352b 334 if ((r = unit_load_fragment_and_dropin(u)) < 0)
23a177ef 335 return r;
44d8db9e 336
23a177ef 337 /* This is a new unit? Then let's add in some extras */
ac155bb8 338 if (u->load_state == UNIT_LOADED) {
44d8db9e 339
4f2d528d 340 if (have_non_accept_socket(s)) {
d9ff321a 341
57020a3a
LP		 342 if (!UNIT_DEREF(s->service)) {
343 Unit *x;
344
345 r = unit_load_related_unit(u, ".service", &x);
346 if (r < 0)
d9ff321a 347 return r;
23a177ef 348
57020a3a
LP		 349 unit_ref_set(&s->service, x);
350 }
351
352 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
353 if (r < 0)
4f2d528d
LP		 354 return r;
355 }
44d8db9e 356
6e2ef85b
LP		 357 if ((r = socket_add_mount_links(s)) < 0)
358 return r;
359
360 if ((r = socket_add_device_link(s)) < 0)
361 return r;
362
4cfc6dbe
LP		 363 if (socket_has_exec(s))
364 if ((r = unit_add_exec_dependencies(u, &s->exec_context)) < 0)
365 return r;
23a177ef 366
d686d8a9 367 if ((r = unit_add_default_cgroups(u)) < 0)
23a177ef 368 return r;
a40eb732 369
1124fe6f 370 if (UNIT(s)->default_dependencies)
a40eb732
LP		 371 if ((r = socket_add_default_dependencies(s)) < 0)
372 return r;
23a177ef
LP		 373 }
374
4f2d528d 375 return socket_verify(s);
44d8db9e
LP		 376}
377
7a22745a
LP		 378static const char* listen_lookup(int family, int type) {
379
380 if (family == AF_NETLINK)
381 return "ListenNetlink";
542563ba
LP		 382
383 if (type == SOCK_STREAM)
384 return "ListenStream";
385 else if (type == SOCK_DGRAM)
386 return "ListenDatagram";
387 else if (type == SOCK_SEQPACKET)
388 return "ListenSequentialPacket";
389
034c6ed7 390 assert_not_reached("Unknown socket type");
542563ba
LP		 391 return NULL;
392}
393
87f0e418 394static void socket_dump(Unit *u, FILE *f, const char *prefix) {
5cb5a6ff 395
5cb5a6ff 396 SocketExecCommand c;
87f0e418 397 Socket *s = SOCKET(u);
542563ba 398 SocketPort *p;
82ba9f08
LP		 399 const char *prefix2;
400 char *p2;
5cb5a6ff
LP		 401
402 assert(s);
fa068367 403 assert(f);
5cb5a6ff 404
82ba9f08
LP		 405 p2 = strappend(prefix, "\t");
406 prefix2 = p2 ? p2 : prefix;
c43d20a0 407
5cb5a6ff
LP		 408 fprintf(f,
409 "%sSocket State: %s\n"
81a5c6d0 410 "%sResult: %s\n"
542563ba 411 "%sBindIPv6Only: %s\n"
b5a0699f
LP		 412 "%sBacklog: %u\n"
413 "%sSocketMode: %04o\n"
4fd5948e
LP		 414 "%sDirectoryMode: %04o\n"
415 "%sKeepAlive: %s\n"
cebf8b20 416 "%sFreeBind: %s\n"
6b6d2dee 417 "%sTransparent: %s\n"
ec6370a2 418 "%sBroadcast: %s\n"
ede3deb4 419 "%sPassCredentials: %s\n"
54ecda32 420 "%sPassSecurity: %s\n"
cebf8b20 421 "%sTCPCongestion: %s\n",
a16e1123 422 prefix, socket_state_to_string(s->state),
81a5c6d0 423 prefix, socket_result_to_string(s->result),
c0120d99 424 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
b5a0699f
LP		 425 prefix, s->backlog,
426 prefix, s->socket_mode,
4fd5948e
LP		 427 prefix, s->directory_mode,
428 prefix, yes_no(s->keep_alive),
cebf8b20 429 prefix, yes_no(s->free_bind),
6b6d2dee 430 prefix, yes_no(s->transparent),
ec6370a2 431 prefix, yes_no(s->broadcast),
d68af586 432 prefix, yes_no(s->pass_cred),
54ecda32 433 prefix, yes_no(s->pass_sec),
83a95334 434 prefix, strna(s->tcp_congestion));
542563ba 435
70123e68
LP		 436 if (s->control_pid > 0)
437 fprintf(f,
bb00e604
LP		 438 "%sControl PID: %lu\n",
439 prefix, (unsigned long) s->control_pid);
70123e68 440
acbb0225
LP		 441 if (s->bind_to_device)
442 fprintf(f,
443 "%sBindToDevice: %s\n",
444 prefix, s->bind_to_device);
445
4f2d528d
LP		 446 if (s->accept)
447 fprintf(f,
6cf6bbc2
LP		 448 "%sAccepted: %u\n"
449 "%sNConnections: %u\n"
450 "%sMaxConnections: %u\n",
451 prefix, s->n_accepted,
452 prefix, s->n_connections,
453 prefix, s->max_connections);
4f2d528d 454
4fd5948e
LP		 455 if (s->priority >= 0)
456 fprintf(f,
457 "%sPriority: %i\n",
458 prefix, s->priority);
459
460 if (s->receive_buffer > 0)
461 fprintf(f,
462 "%sReceiveBuffer: %zu\n",
463 prefix, s->receive_buffer);
464
465 if (s->send_buffer > 0)
466 fprintf(f,
467 "%sSendBuffer: %zu\n",
468 prefix, s->send_buffer);
469
470 if (s->ip_tos >= 0)
471 fprintf(f,
472 "%sIPTOS: %i\n",
473 prefix, s->ip_tos);
474
475 if (s->ip_ttl >= 0)
476 fprintf(f,
477 "%sIPTTL: %i\n",
478 prefix, s->ip_ttl);
479
480 if (s->pipe_size > 0)
481 fprintf(f,
482 "%sPipeSize: %zu\n",
483 prefix, s->pipe_size);
484
485 if (s->mark >= 0)
486 fprintf(f,
487 "%sMark: %i\n",
488 prefix, s->mark);
489
916abb21
LP		 490 if (s->mq_maxmsg > 0)
491 fprintf(f,
492 "%sMessageQueueMaxMessages: %li\n",
493 prefix, s->mq_maxmsg);
494
495 if (s->mq_msgsize > 0)
496 fprintf(f,
497 "%sMessageQueueMessageSize: %li\n",
498 prefix, s->mq_msgsize);
499
034c6ed7 500 LIST_FOREACH(port, p, s->ports) {
5cb5a6ff 501
542563ba
LP		 502 if (p->type == SOCKET_SOCKET) {
503 const char *t;
504 int r;
e364ad06 505 char *k = NULL;
542563ba
LP		 506
507 if ((r = socket_address_print(&p->address, &k)) < 0)
508 t = strerror(-r);
509 else
510 t = k;
511
7a22745a 512 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
542563ba 513 free(k);
b0a3f2bc
LP		 514 } else if (p->type == SOCKET_SPECIAL)
515 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
916abb21
LP		 516 else if (p->type == SOCKET_MQUEUE)
517 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
b0a3f2bc 518 else
542563ba
LP		 519 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
520 }
5cb5a6ff
LP		 521
522 exec_context_dump(&s->exec_context, f, prefix);
523
e537352b 524 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
c43d20a0
LP		 525 if (!s->exec_command[c])
526 continue;
5cb5a6ff 527
40d50879 528 fprintf(f, "%s-> %s:\n",
a16e1123 529 prefix, socket_exec_command_to_string(c));
c43d20a0
LP		 530
531 exec_command_dump_list(s->exec_command[c], f, prefix2);
5cb5a6ff 532 }
c43d20a0 533
82ba9f08 534 free(p2);
5cb5a6ff
LP		 535}
536
4f2d528d
LP		 537static int instance_from_socket(int fd, unsigned nr, char **instance) {
538 socklen_t l;
539 char *r;
540 union {
541 struct sockaddr sa;
542 struct sockaddr_un un;
543 struct sockaddr_in in;
544 struct sockaddr_in6 in6;
545 struct sockaddr_storage storage;
546 } local, remote;
547
548 assert(fd >= 0);
549 assert(instance);
550
551 l = sizeof(local);
552 if (getsockname(fd, &local.sa, &l) < 0)
553 return -errno;
554
555 l = sizeof(remote);
556 if (getpeername(fd, &remote.sa, &l) < 0)
557 return -errno;
558
559 switch (local.sa.sa_family) {
560
561 case AF_INET: {
562 uint32_t
563 a = ntohl(local.in.sin_addr.s_addr),
564 b = ntohl(remote.in.sin_addr.s_addr);
565
566 if (asprintf(&r,
b15bdda8 567 "%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
4f2d528d
LP		 568 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
569 ntohs(local.in.sin_port),
570 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
571 ntohs(remote.in.sin_port)) < 0)
572 return -ENOMEM;
573
574 break;
575 }
576
577 case AF_INET6: {
2b061f5a
LP		 578 static const char ipv4_prefix[] = {
579 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
580 };
581
582 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
583 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
584 const uint8_t
585 *a = local.in6.sin6_addr.s6_addr+12,
586 *b = remote.in6.sin6_addr.s6_addr+12;
587
588 if (asprintf(&r,
b15bdda8 589 "%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
2b061f5a
LP		 590 a[0], a[1], a[2], a[3],
591 ntohs(local.in6.sin6_port),
592 b[0], b[1], b[2], b[3],
593 ntohs(remote.in6.sin6_port)) < 0)
594 return -ENOMEM;
595 } else {
596 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
597
598 if (asprintf(&r,
b15bdda8 599 "%s:%u-%s:%u",
2b061f5a
LP		 600 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
601 ntohs(local.in6.sin6_port),
602 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
603 ntohs(remote.in6.sin6_port)) < 0)
604 return -ENOMEM;
605 }
4f2d528d
LP		 606
607 break;
608 }
609
610 case AF_UNIX: {
611 struct ucred ucred;
612
613 l = sizeof(ucred);
614 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &l) < 0)
615 return -errno;
616
617 if (asprintf(&r,
bb00e604 618 "%u-%lu-%lu",
4f2d528d 619 nr,
bb00e604
LP		 620 (unsigned long) ucred.pid,
621 (unsigned long) ucred.uid) < 0)
4f2d528d
LP		 622 return -ENOMEM;
623
624 break;
625 }
626
627 default:
628 assert_not_reached("Unhandled socket type.");
629 }
630
631 *instance = r;
632 return 0;
633}
634
034c6ed7 635static void socket_close_fds(Socket *s) {
83c60c9f
LP		 636 SocketPort *p;
637
638 assert(s);
639
034c6ed7 640 LIST_FOREACH(port, p, s->ports) {
83c60c9f
LP		 641 if (p->fd < 0)
642 continue;
643
acbb0225 644 unit_unwatch_fd(UNIT(s), &p->fd_watch);
a16e1123
LP		 645 close_nointr_nofail(p->fd);
646
647 /* One little note: we should never delete any sockets
648 * in the file system here! After all some other
649 * process we spawned might still have a reference of
650 * this fd and wants to continue to use it. Therefore
651 * we delete sockets in the file system before we
652 * create a new one, not after we stopped using
653 * one! */
9152c765 654
83c60c9f
LP		 655 p->fd = -1;
656 }
657}
658
4fd5948e
LP		 659static void socket_apply_socket_options(Socket *s, int fd) {
660 assert(s);
661 assert(fd >= 0);
662
663 if (s->keep_alive) {
664 int b = s->keep_alive;
665 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
666 log_warning("SO_KEEPALIVE failed: %m");
667 }
668
ec6370a2
LP		 669 if (s->broadcast) {
670 int one = 1;
671 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
672 log_warning("SO_BROADCAST failed: %m");
673 }
674
d68af586
MS		 675 if (s->pass_cred) {
676 int one = 1;
677 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
678 log_warning("SO_PASSCRED failed: %m");
679 }
680
54ecda32
LP		 681 if (s->pass_sec) {
682 int one = 1;
683 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
684 log_warning("SO_PASSSEC failed: %m");
685 }
686
4fd5948e
LP		 687 if (s->priority >= 0)
688 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
689 log_warning("SO_PRIORITY failed: %m");
690
691 if (s->receive_buffer > 0) {
692 int value = (int) s->receive_buffer;
7d9eaa84
LP		 693
694 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
695
b8cef44e 696 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 697 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
698 log_warning("SO_RCVBUF failed: %m");
4fd5948e
LP		 699 }
700
701 if (s->send_buffer > 0) {
702 int value = (int) s->send_buffer;
b8cef44e 703 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
7d9eaa84
LP		 704 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
705 log_warning("SO_SNDBUF failed: %m");
4fd5948e
LP		 706 }
707
708 if (s->mark >= 0)
709 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
710 log_warning("SO_MARK failed: %m");
711
712 if (s->ip_tos >= 0)
713 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
714 log_warning("IP_TOS failed: %m");
715
46925ac5
LP		 716 if (s->ip_ttl >= 0) {
717 int r, x;
718
719 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
5bfcc1c6
FF		 720
721 if (socket_ipv6_is_supported())
722 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
723 else {
724 x = -1;
725 errno = EAFNOSUPPORT;
726 }
46925ac5
LP		 727
728 if (r < 0 && x < 0)
729 log_warning("IP_TTL/IPV6_UNICAST_HOPS failed: %m");
730 }
cebf8b20
TT		 731
732 if (s->tcp_congestion)
733 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
734 log_warning("TCP_CONGESTION failed: %m");
4fd5948e
LP		 735}
736
b15bdda8 737static void socket_apply_fifo_options(Socket *s, int fd) {
4fd5948e
LP		 738 assert(s);
739 assert(fd >= 0);
740
741 if (s->pipe_size > 0)
742 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
743 log_warning("F_SETPIPE_SZ: %m");
744}
745
b15bdda8
LP		 746static int fifo_address_create(
747 const char *path,
748 mode_t directory_mode,
749 mode_t socket_mode,
b15bdda8
LP		 750 int *_fd) {
751
7a58bfa4 752 int fd = -1, r = 0;
b15bdda8
LP		 753 struct stat st;
754 mode_t old_mask;
755
756 assert(path);
757 assert(_fd);
758
759 mkdir_parents(path, directory_mode);
760
c4e2ceae 761 if ((r = label_fifofile_set(path)) < 0)
56cf987f 762 goto fail;
b15bdda8
LP		 763
764 /* Enforce the right access mode for the fifo */
765 old_mask = umask(~ socket_mode);
766
767 /* Include the original umask in our mask */
768 umask(~socket_mode | old_mask);
769
770 r = mkfifo(path, socket_mode);
771 umask(old_mask);
772
94bc2731 773 if (r < 0 && errno != EEXIST) {
b15bdda8
LP		 774 r = -errno;
775 goto fail;
776 }
777
778 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
779 r = -errno;
780 goto fail;
781 }
782
56cf987f 783 label_file_clear();
7a58bfa4 784
b15bdda8
LP		 785 if (fstat(fd, &st) < 0) {
786 r = -errno;
787 goto fail;
788 }
789
790 if (!S_ISFIFO(st.st_mode) ||
de0200fc 791 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
b15bdda8
LP		 792 st.st_uid != getuid() ||
793 st.st_gid != getgid()) {
794
795 r = -EEXIST;
796 goto fail;
797 }
798
799 *_fd = fd;
800 return 0;
801
802fail:
56cf987f
DW		 803 label_file_clear();
804
b15bdda8
LP		 805 if (fd >= 0)
806 close_nointr_nofail(fd);
807
808 return r;
809}
810
b0a3f2bc
LP		 811static int special_address_create(
812 const char *path,
813 int *_fd) {
814
815 int fd = -1, r = 0;
816 struct stat st;
817
818 assert(path);
819 assert(_fd);
820
821 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
822 r = -errno;
823 goto fail;
824 }
825
826 if (fstat(fd, &st) < 0) {
827 r = -errno;
828 goto fail;
829 }
830
831 /* Check whether this is a /proc, /sys or /dev file or char device */
832 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
833 r = -EEXIST;
834 goto fail;
835 }
836
837 *_fd = fd;
838 return 0;
839
840fail:
841 if (fd >= 0)
842 close_nointr_nofail(fd);
843
844 return r;
845}
846
916abb21
LP		 847static int mq_address_create(
848 const char *path,
849 mode_t mq_mode,
850 long maxmsg,
851 long msgsize,
852 int *_fd) {
853
854 int fd = -1, r = 0;
855 struct stat st;
856 mode_t old_mask;
857 struct mq_attr _attr, *attr = NULL;
858
859 assert(path);
860 assert(_fd);
861
862 if (maxmsg > 0 && msgsize > 0) {
863 zero(_attr);
864 _attr.mq_flags = O_NONBLOCK;
865 _attr.mq_maxmsg = maxmsg;
866 _attr.mq_msgsize = msgsize;
867 attr = &_attr;
868 }
869
870 /* Enforce the right access mode for the mq */
871 old_mask = umask(~ mq_mode);
872
873 /* Include the original umask in our mask */
874 umask(~mq_mode | old_mask);
875
876 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
877 umask(old_mask);
878
8ea913b2 879 if (fd < 0) {
916abb21
LP		 880 r = -errno;
881 goto fail;
882 }
883
884 if (fstat(fd, &st) < 0) {
885 r = -errno;
886 goto fail;
887 }
888
889 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
890 st.st_uid != getuid() ||
891 st.st_gid != getgid()) {
892
893 r = -EEXIST;
894 goto fail;
895 }
896
897 *_fd = fd;
898 return 0;
899
900fail:
901 if (fd >= 0)
902 close_nointr_nofail(fd);
903
904 return r;
905}
906
034c6ed7 907static int socket_open_fds(Socket *s) {
83c60c9f
LP		 908 SocketPort *p;
909 int r;
56cf987f 910 char *label = NULL;
049f8642 911 bool know_label = false;
83c60c9f
LP		 912
913 assert(s);
914
034c6ed7 915 LIST_FOREACH(port, p, s->ports) {
83c60c9f 916
034c6ed7
LP		 917 if (p->fd >= 0)
918 continue;
83c60c9f
LP		 919
920 if (p->type == SOCKET_SOCKET) {
921
049f8642
LP		 922 if (!know_label) {
923
924 if ((r = socket_instantiate_service(s)) < 0)
925 return r;
926
57020a3a
LP		 927 if (UNIT_DEREF(s->service) &&
928 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
929 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
189583d7
LP		 930
931 if (r < 0) {
a7444eda
LP		 932 if (r != -EPERM)
933 return r;
934 }
189583d7 935 }
049f8642
LP		 936
937 know_label = true;
938 }
939
b5a0699f
LP		 940 if ((r = socket_address_listen(
941 &p->address,
942 s->backlog,
943 s->bind_ipv6_only,
944 s->bind_to_device,
4fd5948e 945 s->free_bind,
6b6d2dee 946 s->transparent,
b5a0699f
LP		 947 s->directory_mode,
948 s->socket_mode,
56cf987f 949 label,
b5a0699f 950 &p->fd)) < 0)
83c60c9f
LP		 951 goto rollback;
952
4fd5948e
LP		 953 socket_apply_socket_options(s, p->fd);
954
b0a3f2bc
LP		 955 } else if (p->type == SOCKET_SPECIAL) {
956
957 if ((r = special_address_create(
958 p->path,
959 &p->fd)) < 0)
960 goto rollback;
961
b15bdda8 962 } else if (p->type == SOCKET_FIFO) {
83c60c9f 963
b15bdda8
LP		 964 if ((r = fifo_address_create(
965 p->path,
966 s->directory_mode,
967 s->socket_mode,
b15bdda8 968 &p->fd)) < 0)
83c60c9f 969 goto rollback;
83c60c9f 970
b15bdda8 971 socket_apply_fifo_options(s, p->fd);
916abb21 972 } else if (p->type == SOCKET_MQUEUE) {
83c60c9f 973
916abb21
LP		 974 if ((r = mq_address_create(
975 p->path,
976 s->socket_mode,
977 s->mq_maxmsg,
978 s->mq_msgsize,
979 &p->fd)) < 0)
980 goto rollback;
b15bdda8
LP		 981 } else
982 assert_not_reached("Unknown port type");
034c6ed7
LP		 983 }
984
56cf987f 985 label_free(label);
034c6ed7
LP		 986 return 0;
987
988rollback:
989 socket_close_fds(s);
56cf987f 990 label_free(label);
034c6ed7
LP		 991 return r;
992}
993
994static void socket_unwatch_fds(Socket *s) {
995 SocketPort *p;
9152c765 996
034c6ed7
LP		 997 assert(s);
998
999 LIST_FOREACH(port, p, s->ports) {
1000 if (p->fd < 0)
1001 continue;
1002
acbb0225 1003 unit_unwatch_fd(UNIT(s), &p->fd_watch);
83c60c9f 1004 }
034c6ed7
LP		 1005}
1006
1007static int socket_watch_fds(Socket *s) {
1008 SocketPort *p;
1009 int r;
1010
1011 assert(s);
83c60c9f 1012
034c6ed7
LP		 1013 LIST_FOREACH(port, p, s->ports) {
1014 if (p->fd < 0)
1015 continue;
1016
cabab516 1017 p->fd_watch.socket_accept =
4f2d528d 1018 s->accept &&
dd5ad9d4 1019 p->type == SOCKET_SOCKET &&
4f2d528d
LP		 1020 socket_address_can_accept(&p->address);
1021
f94ea366 1022 if ((r = unit_watch_fd(UNIT(s), p->fd, EPOLLIN, &p->fd_watch)) < 0)
034c6ed7
LP		 1023 goto fail;
1024 }
83c60c9f 1025
542563ba 1026 return 0;
83c60c9f 1027
034c6ed7
LP		 1028fail:
1029 socket_unwatch_fds(s);
1030 return r;
1031}
1032
1033static void socket_set_state(Socket *s, SocketState state) {
1034 SocketState old_state;
1035 assert(s);
1036
1037 old_state = s->state;
1038 s->state = state;
1039
1040 if (state != SOCKET_START_PRE &&
1041 state != SOCKET_START_POST &&
1042 state != SOCKET_STOP_PRE &&
1043 state != SOCKET_STOP_PRE_SIGTERM &&
1044 state != SOCKET_STOP_PRE_SIGKILL &&
1045 state != SOCKET_STOP_POST &&
80876c20
LP		 1046 state != SOCKET_FINAL_SIGTERM &&
1047 state != SOCKET_FINAL_SIGKILL) {
acbb0225 1048 unit_unwatch_timer(UNIT(s), &s->timer_watch);
5e94833f 1049 socket_unwatch_control_pid(s);
034c6ed7 1050 s->control_command = NULL;
a16e1123 1051 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
e537352b 1052 }
034c6ed7 1053
a16e1123
LP		 1054 if (state != SOCKET_LISTENING)
1055 socket_unwatch_fds(s);
1056
034c6ed7
LP		 1057 if (state != SOCKET_START_POST &&
1058 state != SOCKET_LISTENING &&
1059 state != SOCKET_RUNNING &&
1060 state != SOCKET_STOP_PRE &&
1061 state != SOCKET_STOP_PRE_SIGTERM &&
1062 state != SOCKET_STOP_PRE_SIGKILL)
1063 socket_close_fds(s);
1064
e537352b 1065 if (state != old_state)
40d50879 1066 log_debug("%s changed %s -> %s",
1124fe6f 1067 UNIT(s)->id,
a16e1123
LP		 1068 socket_state_to_string(old_state),
1069 socket_state_to_string(state));
acbb0225 1070
e2f3b44c 1071 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
034c6ed7
LP		 1072}
1073
a16e1123
LP		 1074static int socket_coldplug(Unit *u) {
1075 Socket *s = SOCKET(u);
1076 int r;
1077
1078 assert(s);
1079 assert(s->state == SOCKET_DEAD);
1080
1081 if (s->deserialized_state != s->state) {
1082
1083 if (s->deserialized_state == SOCKET_START_PRE ||
1084 s->deserialized_state == SOCKET_START_POST ||
1085 s->deserialized_state == SOCKET_STOP_PRE ||
1086 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1087 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1088 s->deserialized_state == SOCKET_STOP_POST ||
1089 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1090 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1091
1092 if (s->control_pid <= 0)
1093 return -EBADMSG;
1094
1095 if ((r = unit_watch_pid(UNIT(s), s->control_pid)) < 0)
1096 return r;
1097
1098 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1099 return r;
1100 }
1101
1102 if (s->deserialized_state == SOCKET_START_POST ||
1103 s->deserialized_state == SOCKET_LISTENING ||
1104 s->deserialized_state == SOCKET_RUNNING ||
1105 s->deserialized_state == SOCKET_STOP_PRE ||
1106 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1107 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL)
1108 if ((r = socket_open_fds(s)) < 0)
1109 return r;
1110
1111 if (s->deserialized_state == SOCKET_LISTENING)
1112 if ((r = socket_watch_fds(s)) < 0)
1113 return r;
1114
1115 socket_set_state(s, s->deserialized_state);
1116 }
1117
1118 return 0;
1119}
1120
e537352b 1121static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
034c6ed7
LP		 1122 pid_t pid;
1123 int r;
9e2f7c11 1124 char **argv;
034c6ed7
LP		 1125
1126 assert(s);
1127 assert(c);
1128 assert(_pid);
1129
e537352b
LP		 1130 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1131 goto fail;
034c6ed7 1132
9e2f7c11
LP		 1133 if (!(argv = unit_full_printf_strv(UNIT(s), c->argv))) {
1134 r = -ENOMEM;
1135 goto fail;
1136 }
1137
1138 r = exec_spawn(c,
1139 argv,
1140 &s->exec_context,
1141 NULL, 0,
1124fe6f 1142 UNIT(s)->manager->environment,
9e2f7c11
LP		 1143 true,
1144 true,
1e3ad081 1145 true,
1124fe6f
MS		 1146 UNIT(s)->manager->confirm_spawn,
1147 UNIT(s)->cgroup_bondings,
1148 UNIT(s)->cgroup_attributes,
9e2f7c11
LP		 1149 &pid);
1150
1151 strv_free(argv);
1152 if (r < 0)
034c6ed7
LP		 1153 goto fail;
1154
87f0e418 1155 if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
034c6ed7
LP		 1156 /* FIXME: we need to do something here */
1157 goto fail;
83c60c9f 1158
034c6ed7
LP		 1159 *_pid = pid;
1160
1161 return 0;
1162
1163fail:
e537352b 1164 unit_unwatch_timer(UNIT(s), &s->timer_watch);
83c60c9f
LP		 1165
1166 return r;
542563ba
LP		 1167}
1168
cfc4eb4c 1169static void socket_enter_dead(Socket *s, SocketResult f) {
034c6ed7
LP		 1170 assert(s);
1171
cfc4eb4c
LP		 1172 if (f != SOCKET_SUCCESS)
1173 s->result = f;
034c6ed7 1174
cfc4eb4c 1175 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
034c6ed7
LP		 1176}
1177
cfc4eb4c 1178static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
80876c20 1179
cfc4eb4c 1180static void socket_enter_stop_post(Socket *s, SocketResult f) {
034c6ed7
LP		 1181 int r;
1182 assert(s);
1183
cfc4eb4c
LP		 1184 if (f != SOCKET_SUCCESS)
1185 s->result = f;
034c6ed7 1186
5e94833f
LP		 1187 socket_unwatch_control_pid(s);
1188
a16e1123
LP		 1189 s->control_command_id = SOCKET_EXEC_STOP_POST;
1190
80876c20 1191 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
e537352b 1192 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1193 goto fail;
1194
80876c20
LP		 1195 socket_set_state(s, SOCKET_STOP_POST);
1196 } else
cfc4eb4c 1197 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
034c6ed7
LP		 1198
1199 return;
1200
1201fail:
1124fe6f 1202 log_warning("%s failed to run 'stop-post' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1203 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1204}
1205
cfc4eb4c 1206static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
034c6ed7 1207 int r;
ca949c9d
LP		 1208 Set *pid_set = NULL;
1209 bool wait_for_exit = false;
034c6ed7
LP		 1210
1211 assert(s);
1212
cfc4eb4c
LP		 1213 if (f != SOCKET_SUCCESS)
1214 s->result = f;
034c6ed7 1215
2e22afe9
LP		 1216 if (s->exec_context.kill_mode != KILL_NONE) {
1217 int sig = (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_FINAL_SIGTERM) ? s->exec_context.kill_signal : SIGKILL;
034c6ed7 1218
ca949c9d 1219 if (s->control_pid > 0) {
cd25cce9 1220 if (kill_and_sigcont(s->control_pid, sig) < 0 && errno != ESRCH)
50159e6a 1221
ca949c9d
LP		 1222 log_warning("Failed to kill control process %li: %m", (long) s->control_pid);
1223 else
1224 wait_for_exit = true;
034c6ed7 1225 }
50159e6a 1226
ca949c9d
LP		 1227 if (s->exec_context.kill_mode == KILL_CONTROL_GROUP) {
1228
1229 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func))) {
1230 r = -ENOMEM;
50159e6a
LP		 1231 goto fail;
1232 }
ca949c9d
LP		 1233
1234 /* Exclude the control pid from being killed via the cgroup */
1235 if (s->control_pid > 0)
1236 if ((r = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0)
1237 goto fail;
1238
1124fe6f 1239 if ((r = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, sig, true, pid_set)) < 0) {
ca949c9d
LP		 1240 if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
1241 log_warning("Failed to kill control group: %s", strerror(-r));
1242 } else if (r > 0)
1243 wait_for_exit = true;
1244
1245 set_free(pid_set);
da19d5c1 1246 pid_set = NULL;
ca949c9d 1247 }
d6ea93e3 1248 }
034c6ed7 1249
ca949c9d 1250 if (wait_for_exit) {
80876c20
LP		 1251 if ((r = unit_watch_timer(UNIT(s), s->timeout_usec, &s->timer_watch)) < 0)
1252 goto fail;
d6ea93e3 1253
80876c20
LP		 1254 socket_set_state(s, state);
1255 } else if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1256 socket_enter_stop_post(s, SOCKET_SUCCESS);
80876c20 1257 else
cfc4eb4c 1258 socket_enter_dead(s, SOCKET_SUCCESS);
034c6ed7
LP		 1259
1260 return;
1261
1262fail:
1124fe6f 1263 log_warning("%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1264
1265 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
cfc4eb4c 1266 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1267 else
cfc4eb4c 1268 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
ca949c9d
LP		 1269
1270 if (pid_set)
1271 set_free(pid_set);
034c6ed7
LP		 1272}
1273
cfc4eb4c 1274static void socket_enter_stop_pre(Socket *s, SocketResult f) {
034c6ed7
LP		 1275 int r;
1276 assert(s);
1277
cfc4eb4c
LP		 1278 if (f != SOCKET_SUCCESS)
1279 s->result = f;
034c6ed7 1280
5e94833f
LP		 1281 socket_unwatch_control_pid(s);
1282
a16e1123
LP		 1283 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1284
80876c20 1285 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
e537352b 1286 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1287 goto fail;
1288
80876c20
LP		 1289 socket_set_state(s, SOCKET_STOP_PRE);
1290 } else
cfc4eb4c 1291 socket_enter_stop_post(s, SOCKET_SUCCESS);
034c6ed7
LP		 1292
1293 return;
1294
1295fail:
1124fe6f 1296 log_warning("%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1297 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1298}
1299
e9af15c3
LP		 1300static void socket_enter_listening(Socket *s) {
1301 int r;
1302 assert(s);
1303
cfc4eb4c
LP		 1304 r = socket_watch_fds(s);
1305 if (r < 0) {
1124fe6f 1306 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
e9af15c3
LP		 1307 goto fail;
1308 }
1309
1310 socket_set_state(s, SOCKET_LISTENING);
1311 return;
1312
1313fail:
cfc4eb4c 1314 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
e9af15c3
LP		 1315}
1316
034c6ed7
LP		 1317static void socket_enter_start_post(Socket *s) {
1318 int r;
1319 assert(s);
1320
cfc4eb4c
LP		 1321 r = socket_open_fds(s);
1322 if (r < 0) {
1124fe6f 1323 log_warning("%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1324 goto fail;
1325 }
1326
5e94833f
LP		 1327 socket_unwatch_control_pid(s);
1328
a16e1123
LP		 1329 s->control_command_id = SOCKET_EXEC_START_POST;
1330
80876c20 1331 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
cfc4eb4c
LP		 1332 r = socket_spawn(s, s->control_command, &s->control_pid);
1333 if (r < 0) {
1124fe6f 1334 log_warning("%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
034c6ed7
LP		 1335 goto fail;
1336 }
1337
80876c20
LP		 1338 socket_set_state(s, SOCKET_START_POST);
1339 } else
e9af15c3 1340 socket_enter_listening(s);
034c6ed7
LP		 1341
1342 return;
1343
1344fail:
cfc4eb4c 1345 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1346}
1347
1348static void socket_enter_start_pre(Socket *s) {
1349 int r;
1350 assert(s);
1351
5e94833f
LP		 1352 socket_unwatch_control_pid(s);
1353
a16e1123
LP		 1354 s->control_command_id = SOCKET_EXEC_START_PRE;
1355
80876c20 1356 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
e537352b 1357 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1358 goto fail;
1359
80876c20
LP		 1360 socket_set_state(s, SOCKET_START_PRE);
1361 } else
034c6ed7
LP		 1362 socket_enter_start_post(s);
1363
1364 return;
1365
1366fail:
1124fe6f 1367 log_warning("%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1368 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1369}
1370
4f2d528d 1371static void socket_enter_running(Socket *s, int cfd) {
034c6ed7 1372 int r;
398ef8ba 1373 DBusError error;
034c6ed7
LP		 1374
1375 assert(s);
398ef8ba 1376 dbus_error_init(&error);
034c6ed7 1377
ba3e67a7
LP		 1378 /* We don't take connections anymore if we are supposed to
1379 * shut down anyway */
18ffdfda 1380 if (unit_pending_inactive(UNIT(s))) {
1124fe6f 1381 log_debug("Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
5d909e3e 1382
7c610628
LP		 1383 if (cfd >= 0)
1384 close_nointr_nofail(cfd);
1385 else {
1386 /* Flush all sockets by closing and reopening them */
1387 socket_close_fds(s);
1388
1a710b43
MS		 1389 r = socket_watch_fds(s);
1390 if (r < 0) {
1124fe6f 1391 log_warning("%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
cfc4eb4c 1392 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
7c610628
LP		 1393 }
1394 }
1395
ba3e67a7
LP		 1396 return;
1397 }
1398
4f2d528d 1399 if (cfd < 0) {
57020a3a
LP		 1400 Iterator i;
1401 Unit *u;
f976f3f6 1402 bool pending = false;
f976f3f6
LP		 1403
1404 /* If there's already a start pending don't bother to
1405 * do anything */
1124fe6f 1406 SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
57020a3a
LP		 1407 if (unit_pending_active(u)) {
1408 pending = true;
1409 break;
1410 }
f976f3f6 1411
1a710b43
MS		 1412 if (!pending) {
1413 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1414 if (r < 0)
f976f3f6 1415 goto fail;
1a710b43 1416 }
4f2d528d
LP		 1417
1418 socket_set_state(s, SOCKET_RUNNING);
1419 } else {
b4f10a5e 1420 char *prefix, *instance = NULL, *name;
b15bdda8 1421 Service *service;
4f2d528d 1422
6cf6bbc2
LP		 1423 if (s->n_connections >= s->max_connections) {
1424 log_warning("Too many incoming connections (%u)", s->n_connections);
1425 close_nointr_nofail(cfd);
1426 return;
1427 }
1428
1a710b43
MS		 1429 r = socket_instantiate_service(s);
1430 if (r < 0)
b15bdda8
LP		 1431 goto fail;
1432
1a710b43
MS		 1433 r = instance_from_socket(cfd, s->n_accepted, &instance);
1434 if (r < 0) {
1435 if (r != -ENOTCONN)
1436 goto fail;
1437
1438 /* ENOTCONN is legitimate if TCP RST was received.
1439 * This connection is over, but the socket unit lives on. */
1440 close_nointr_nofail(cfd);
1441 return;
1442 }
4f2d528d 1443
1a710b43
MS		 1444 prefix = unit_name_to_prefix(UNIT(s)->id);
1445 if (!prefix) {
4f2d528d
LP		 1446 free(instance);
1447 r = -ENOMEM;
1448 goto fail;
1449 }
1450
1451 name = unit_name_build(prefix, instance, ".service");
1452 free(prefix);
1453 free(instance);
1454
b6dbbe1c 1455 if (!name) {
4f2d528d 1456 r = -ENOMEM;
b6dbbe1c
LP		 1457 goto fail;
1458 }
4f2d528d 1459
1a710b43
MS		 1460 r = unit_add_name(UNIT_DEREF(s->service), name);
1461 if (r < 0) {
b15bdda8 1462 free(name);
4f2d528d 1463 goto fail;
b15bdda8
LP		 1464 }
1465
57020a3a
LP		 1466 service = SERVICE(UNIT_DEREF(s->service));
1467 unit_ref_unset(&s->service);
b15bdda8 1468 s->n_accepted ++;
4f2d528d 1469
1124fe6f 1470 UNIT(service)->no_gc = false;
6c073082 1471
b15bdda8
LP		 1472 unit_choose_id(UNIT(service), name);
1473 free(name);
1474
1a710b43
MS		 1475 r = service_set_socket_fd(service, cfd, s);
1476 if (r < 0)
4f2d528d
LP		 1477 goto fail;
1478
1479 cfd = -1;
6cf6bbc2
LP		 1480 s->n_connections ++;
1481
1a710b43
MS		 1482 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1483 if (r < 0)
4f2d528d 1484 goto fail;
c4e2ceae
LP		 1485
1486 /* Notify clients about changed counters */
1487 unit_add_to_dbus_queue(UNIT(s));
4f2d528d 1488 }
034c6ed7 1489
034c6ed7
LP		 1490 return;
1491
1492fail:
1124fe6f 1493 log_warning("%s failed to queue socket startup job: %s", UNIT(s)->id, bus_error(&error, r));
4f2d528d
LP		 1494
1495 if (cfd >= 0)
1496 close_nointr_nofail(cfd);
398ef8ba
LP		 1497
1498 dbus_error_free(&error);
034c6ed7
LP		 1499}
1500
cfc4eb4c 1501static void socket_run_next(Socket *s) {
034c6ed7
LP		 1502 int r;
1503
1504 assert(s);
1505 assert(s->control_command);
1506 assert(s->control_command->command_next);
1507
5e94833f
LP		 1508 socket_unwatch_control_pid(s);
1509
034c6ed7
LP		 1510 s->control_command = s->control_command->command_next;
1511
e537352b 1512 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
034c6ed7
LP		 1513 goto fail;
1514
1515 return;
1516
1517fail:
1124fe6f 1518 log_warning("%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
80876c20
LP		 1519
1520 if (s->state == SOCKET_START_POST)
cfc4eb4c 1521 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1522 else if (s->state == SOCKET_STOP_POST)
cfc4eb4c 1523 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
034c6ed7 1524 else
cfc4eb4c 1525 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
034c6ed7
LP		 1526}
1527
87f0e418
LP		 1528static int socket_start(Unit *u) {
1529 Socket *s = SOCKET(u);
83c60c9f
LP		 1530
1531 assert(s);
1532
034c6ed7
LP		 1533 /* We cannot fulfill this request right now, try again later
1534 * please! */
1535 if (s->state == SOCKET_STOP_PRE ||
1536 s->state == SOCKET_STOP_PRE_SIGKILL ||
1537 s->state == SOCKET_STOP_PRE_SIGTERM ||
1538 s->state == SOCKET_STOP_POST ||
80876c20
LP		 1539 s->state == SOCKET_FINAL_SIGTERM ||
1540 s->state == SOCKET_FINAL_SIGKILL)
034c6ed7
LP		 1541 return -EAGAIN;
1542
83c60c9f
LP		 1543 if (s->state == SOCKET_START_PRE ||
1544 s->state == SOCKET_START_POST)
034c6ed7 1545 return 0;
83c60c9f 1546
034c6ed7 1547 /* Cannot run this without the service being around */
57020a3a
LP		 1548 if (UNIT_DEREF(s->service)) {
1549 Service *service;
1550
1551 service = SERVICE(UNIT_DEREF(s->service));
1552
1124fe6f
MS		 1553 if (UNIT(service)->load_state != UNIT_LOADED) {
1554 log_error("Socket service %s not loaded, refusing.", UNIT(service)->id);
4f2d528d 1555 return -ENOENT;
4ac9236f 1556 }
4f2d528d 1557
35b8ca3a 1558 /* If the service is already active we cannot start the
4f2d528d 1559 * socket */
57020a3a
LP		 1560 if (service->state != SERVICE_DEAD &&
1561 service->state != SERVICE_FAILED &&
1562 service->state != SERVICE_AUTO_RESTART) {
1124fe6f 1563 log_error("Socket service %s already active, refusing.", UNIT(service)->id);
4f2d528d 1564 return -EBUSY;
4ac9236f 1565 }
7b4bf06b
LP		 1566
1567#ifdef HAVE_SYSV_COMPAT
57020a3a 1568 if (service->sysv_path) {
7b4bf06b
LP		 1569 log_error("Using SysV services for socket activation is not supported. Refusing.");
1570 return -ENOENT;
1571 }
1572#endif
4f2d528d 1573 }
e537352b 1574
fdf20a31 1575 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
83c60c9f 1576
cfc4eb4c 1577 s->result = SOCKET_SUCCESS;
034c6ed7
LP		 1578 socket_enter_start_pre(s);
1579 return 0;
1580}
83c60c9f 1581
87f0e418
LP		 1582static int socket_stop(Unit *u) {
1583 Socket *s = SOCKET(u);
034c6ed7
LP		 1584
1585 assert(s);
1586
e537352b
LP		 1587 /* Already on it */
1588 if (s->state == SOCKET_STOP_PRE ||
1589 s->state == SOCKET_STOP_PRE_SIGTERM ||
1590 s->state == SOCKET_STOP_PRE_SIGKILL ||
1591 s->state == SOCKET_STOP_POST ||
80876c20 1592 s->state == SOCKET_FINAL_SIGTERM ||
3f6c78dc 1593 s->state == SOCKET_FINAL_SIGKILL)
e537352b
LP		 1594 return 0;
1595
3f6c78dc
LP		 1596 /* If there's already something running we go directly into
1597 * kill mode. */
1598 if (s->state == SOCKET_START_PRE ||
1599 s->state == SOCKET_START_POST) {
cfc4eb4c 1600 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
3f6c78dc
LP		 1601 return -EAGAIN;
1602 }
1603
034c6ed7 1604 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
83c60c9f 1605
cfc4eb4c 1606 socket_enter_stop_pre(s, SOCKET_SUCCESS);
542563ba
LP		 1607 return 0;
1608}
1609
a16e1123
LP		 1610static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1611 Socket *s = SOCKET(u);
1612 SocketPort *p;
1613 int r;
1614
1615 assert(u);
1616 assert(f);
1617 assert(fds);
1618
1619 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
cfc4eb4c 1620 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
a16e1123
LP		 1621 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1622
1623 if (s->control_pid > 0)
5925dd3c 1624 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
a16e1123
LP		 1625
1626 if (s->control_command_id >= 0)
1627 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1628
1629 LIST_FOREACH(port, p, s->ports) {
1630 int copy;
1631
1632 if (p->fd < 0)
1633 continue;
1634
1635 if ((copy = fdset_put_dup(fds, p->fd)) < 0)
1636 return copy;
1637
1638 if (p->type == SOCKET_SOCKET) {
1639 char *t;
1640
1641 if ((r = socket_address_print(&p->address, &t)) < 0)
1642 return r;
1643
7a22745a
LP		 1644 if (socket_address_family(&p->address) == AF_NETLINK)
1645 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1646 else
1647 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
a16e1123 1648 free(t);
b0a3f2bc
LP		 1649 } else if (p->type == SOCKET_SPECIAL)
1650 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1651 else {
a16e1123
LP		 1652 assert(p->type == SOCKET_FIFO);
1653 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1654 }
1655 }
1656
1657 return 0;
1658}
1659
1660static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1661 Socket *s = SOCKET(u);
a16e1123
LP		 1662
1663 assert(u);
1664 assert(key);
1665 assert(value);
1666 assert(fds);
1667
1668 if (streq(key, "state")) {
1669 SocketState state;
1670
1671 if ((state = socket_state_from_string(value)) < 0)
1672 log_debug("Failed to parse state value %s", value);
1673 else
1674 s->deserialized_state = state;
cfc4eb4c
LP		 1675 } else if (streq(key, "result")) {
1676 SocketResult f;
a16e1123 1677
cfc4eb4c
LP		 1678 f = socket_result_from_string(value);
1679 if (f < 0)
1680 log_debug("Failed to parse result value %s", value);
1681 else if (f != SOCKET_SUCCESS)
1682 s->result = f;
a16e1123
LP		 1683
1684 } else if (streq(key, "n-accepted")) {
1685 unsigned k;
1686
e364ad06 1687 if (safe_atou(value, &k) < 0)
a16e1123
LP		 1688 log_debug("Failed to parse n-accepted value %s", value);
1689 else
1690 s->n_accepted += k;
1691 } else if (streq(key, "control-pid")) {
5925dd3c 1692 pid_t pid;
a16e1123 1693
e364ad06 1694 if (parse_pid(value, &pid) < 0)
a16e1123
LP		 1695 log_debug("Failed to parse control-pid value %s", value);
1696 else
5925dd3c 1697 s->control_pid = pid;
a16e1123
LP		 1698 } else if (streq(key, "control-command")) {
1699 SocketExecCommand id;
1700
1701 if ((id = socket_exec_command_from_string(value)) < 0)
1702 log_debug("Failed to parse exec-command value %s", value);
1703 else {
1704 s->control_command_id = id;
1705 s->control_command = s->exec_command[id];
1706 }
1707 } else if (streq(key, "fifo")) {
1708 int fd, skip = 0;
1709 SocketPort *p;
1710
1711 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1712 log_debug("Failed to parse fifo value %s", value);
1713 else {
1714
1715 LIST_FOREACH(port, p, s->ports)
b0a3f2bc
LP		 1716 if (p->type == SOCKET_FIFO &&
1717 streq_ptr(p->path, value+skip))
1718 break;
1719
1720 if (p) {
1721 if (p->fd >= 0)
1722 close_nointr_nofail(p->fd);
1723 p->fd = fdset_remove(fds, fd);
1724 }
1725 }
1726
1727 } else if (streq(key, "special")) {
1728 int fd, skip = 0;
1729 SocketPort *p;
1730
1731 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1732 log_debug("Failed to parse special value %s", value);
1733 else {
1734
1735 LIST_FOREACH(port, p, s->ports)
1736 if (p->type == SOCKET_SPECIAL &&
1737 streq_ptr(p->path, value+skip))
a16e1123
LP		 1738 break;
1739
1740 if (p) {
1741 if (p->fd >= 0)
1742 close_nointr_nofail(p->fd);
1743 p->fd = fdset_remove(fds, fd);
1744 }
1745 }
1746
1747 } else if (streq(key, "socket")) {
27ca8d7a 1748 int fd, type, skip = 0;
a16e1123
LP		 1749 SocketPort *p;
1750
27ca8d7a 1751 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
a16e1123
LP		 1752 log_debug("Failed to parse socket value %s", value);
1753 else {
1754
1755 LIST_FOREACH(port, p, s->ports)
27ca8d7a 1756 if (socket_address_is(&p->address, value+skip, type))
a16e1123
LP		 1757 break;
1758
1759 if (p) {
1760 if (p->fd >= 0)
1761 close_nointr_nofail(p->fd);
1762 p->fd = fdset_remove(fds, fd);
1763 }
1764 }
1765
7a22745a
LP		 1766 } else if (streq(key, "netlink")) {
1767 int fd, skip = 0;
1768 SocketPort *p;
1769
1770 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1771 log_debug("Failed to parse socket value %s", value);
1772 else {
1773
1774 LIST_FOREACH(port, p, s->ports)
1775 if (socket_address_is_netlink(&p->address, value+skip))
1776 break;
1777
1778 if (p) {
1779 if (p->fd >= 0)
1780 close_nointr_nofail(p->fd);
1781 p->fd = fdset_remove(fds, fd);
1782 }
1783 }
1784
a16e1123
LP		 1785 } else
1786 log_debug("Unknown serialization key '%s'", key);
1787
1788 return 0;
1789}
1790
87f0e418
LP		 1791static UnitActiveState socket_active_state(Unit *u) {
1792 assert(u);
5cb5a6ff 1793
acbb0225 1794 return state_translation_table[SOCKET(u)->state];
5cb5a6ff
LP		 1795}
1796
10a94420
LP		 1797static const char *socket_sub_state_to_string(Unit *u) {
1798 assert(u);
1799
a16e1123 1800 return socket_state_to_string(SOCKET(u)->state);
10a94420
LP		 1801}
1802
6cf6bbc2
LP		 1803static bool socket_check_gc(Unit *u) {
1804 Socket *s = SOCKET(u);
1805
1806 assert(u);
1807
1808 return s->n_connections > 0;
1809}
1810
acbb0225 1811static void socket_fd_event(Unit *u, int fd, uint32_t events, Watch *w) {
87f0e418 1812 Socket *s = SOCKET(u);
4f2d528d 1813 int cfd = -1;
9152c765 1814
034c6ed7 1815 assert(s);
8d567588 1816 assert(fd >= 0);
9152c765 1817
871d7de4
LP		 1818 if (s->state != SOCKET_LISTENING)
1819 return;
1820
ac155bb8 1821 log_debug("Incoming traffic on %s", u->id);
9152c765 1822
4f2d528d 1823 if (events != EPOLLIN) {
641e01dc
LP		 1824
1825 if (events & EPOLLHUP)
ac155bb8 1826 log_error("%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.", u->id);
641e01dc 1827 else
ac155bb8 1828 log_error("%s: Got unexpected poll event (0x%x) on socket.", u->id, events);
641e01dc 1829
8d567588 1830 goto fail;
4f2d528d
LP		 1831 }
1832
cabab516 1833 if (w->socket_accept) {
4f2d528d
LP		 1834 for (;;) {
1835
1836 if ((cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK)) < 0) {
1837
1838 if (errno == EINTR)
1839 continue;
1840
1841 log_error("Failed to accept socket: %m");
8d567588 1842 goto fail;
4f2d528d
LP		 1843 }
1844
1845 break;
1846 }
4fd5948e
LP		 1847
1848 socket_apply_socket_options(s, cfd);
4f2d528d 1849 }
9152c765 1850
4f2d528d 1851 socket_enter_running(s, cfd);
8d567588
LP		 1852 return;
1853
1854fail:
cfc4eb4c 1855 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
9152c765
LP		 1856}
1857
87f0e418
LP		 1858static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
1859 Socket *s = SOCKET(u);
cfc4eb4c 1860 SocketResult f;
5cb5a6ff
LP		 1861
1862 assert(s);
034c6ed7 1863 assert(pid >= 0);
5cb5a6ff 1864
8c47c732
LP		 1865 if (pid != s->control_pid)
1866 return;
542563ba 1867
034c6ed7
LP		 1868 s->control_pid = 0;
1869
cfc4eb4c
LP		 1870 if (is_clean_exit(code, status))
1871 f = SOCKET_SUCCESS;
1872 else if (code == CLD_EXITED)
1873 f = SOCKET_FAILURE_EXIT_CODE;
1874 else if (code == CLD_KILLED)
1875 f = SOCKET_FAILURE_SIGNAL;
1876 else if (code == CLD_DUMPED)
1877 f = SOCKET_FAILURE_CORE_DUMP;
1878 else
1879 assert_not_reached("Unknown code");
8c47c732 1880
b708e7ce 1881 if (s->control_command) {
6ea832a2 1882 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
a16e1123 1883
b708e7ce 1884 if (s->control_command->ignore)
cfc4eb4c 1885 f = SOCKET_SUCCESS;
b708e7ce
LP		 1886 }
1887
cfc4eb4c 1888 log_full(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
ac155bb8 1889 "%s control process exited, code=%s status=%i", u->id, sigchld_code_to_string(code), status);
034c6ed7 1890
cfc4eb4c
LP		 1891 if (f != SOCKET_SUCCESS)
1892 s->result = f;
1893
1894 if (s->control_command &&
1895 s->control_command->command_next &&
1896 f == SOCKET_SUCCESS) {
1897
ac155bb8 1898 log_debug("%s running next command for state %s", u->id, socket_state_to_string(s->state));
cfc4eb4c 1899 socket_run_next(s);
acbb0225 1900 } else {
a16e1123
LP		 1901 s->control_command = NULL;
1902 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1903
034c6ed7
LP		 1904 /* No further commands for this step, so let's figure
1905 * out what to do next */
5cb5a6ff 1906
ac155bb8 1907 log_debug("%s got final SIGCHLD for state %s", u->id, socket_state_to_string(s->state));
acbb0225 1908
034c6ed7
LP		 1909 switch (s->state) {
1910
1911 case SOCKET_START_PRE:
cfc4eb4c 1912 if (f == SOCKET_SUCCESS)
acbb0225 1913 socket_enter_start_post(s);
034c6ed7 1914 else
cfc4eb4c 1915 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
034c6ed7
LP		 1916 break;
1917
1918 case SOCKET_START_POST:
cfc4eb4c 1919 if (f == SOCKET_SUCCESS)
e9af15c3 1920 socket_enter_listening(s);
034c6ed7 1921 else
cfc4eb4c 1922 socket_enter_stop_pre(s, f);
034c6ed7
LP		 1923 break;
1924
1925 case SOCKET_STOP_PRE:
1926 case SOCKET_STOP_PRE_SIGTERM:
1927 case SOCKET_STOP_PRE_SIGKILL:
cfc4eb4c 1928 socket_enter_stop_post(s, f);
034c6ed7
LP		 1929 break;
1930
1931 case SOCKET_STOP_POST:
80876c20
LP		 1932 case SOCKET_FINAL_SIGTERM:
1933 case SOCKET_FINAL_SIGKILL:
cfc4eb4c 1934 socket_enter_dead(s, f);
034c6ed7
LP		 1935 break;
1936
1937 default:
1938 assert_not_reached("Uh, control process died at wrong time.");
1939 }
1940 }
c4e2ceae
LP		 1941
1942 /* Notify clients about changed exit status */
1943 unit_add_to_dbus_queue(u);
034c6ed7 1944}
5cb5a6ff 1945
acbb0225 1946static void socket_timer_event(Unit *u, uint64_t elapsed, Watch *w) {
87f0e418 1947 Socket *s = SOCKET(u);
5cb5a6ff 1948
034c6ed7
LP		 1949 assert(s);
1950 assert(elapsed == 1);
acbb0225 1951 assert(w == &s->timer_watch);
034c6ed7
LP		 1952
1953 switch (s->state) {
1954
1955 case SOCKET_START_PRE:
ac155bb8 1956 log_warning("%s starting timed out. Terminating.", u->id);
cfc4eb4c 1957 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
da19d5c1 1958 break;
80876c20 1959
034c6ed7 1960 case SOCKET_START_POST:
ac155bb8 1961 log_warning("%s starting timed out. Stopping.", u->id);
cfc4eb4c 1962 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1963 break;
1964
1965 case SOCKET_STOP_PRE:
ac155bb8 1966 log_warning("%s stopping timed out. Terminating.", u->id);
cfc4eb4c 1967 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1968 break;
1969
1970 case SOCKET_STOP_PRE_SIGTERM:
ba035df2 1971 if (s->exec_context.send_sigkill) {
ac155bb8 1972 log_warning("%s stopping timed out. Killing.", u->id);
cfc4eb4c 1973 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1974 } else {
ac155bb8 1975 log_warning("%s stopping timed out. Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 1976 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 1977 }
034c6ed7
LP		 1978 break;
1979
1980 case SOCKET_STOP_PRE_SIGKILL:
ac155bb8 1981 log_warning("%s still around after SIGKILL. Ignoring.", u->id);
cfc4eb4c 1982 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1983 break;
1984
1985 case SOCKET_STOP_POST:
ac155bb8 1986 log_warning("%s stopping timed out (2). Terminating.", u->id);
cfc4eb4c 1987 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 1988 break;
1989
80876c20 1990 case SOCKET_FINAL_SIGTERM:
ba035df2 1991 if (s->exec_context.send_sigkill) {
ac155bb8 1992 log_warning("%s stopping timed out (2). Killing.", u->id);
cfc4eb4c 1993 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
ba035df2 1994 } else {
ac155bb8 1995 log_warning("%s stopping timed out (2). Skipping SIGKILL. Ignoring.", u->id);
cfc4eb4c 1996 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
ba035df2 1997 }
034c6ed7
LP		 1998 break;
1999
80876c20 2000 case SOCKET_FINAL_SIGKILL:
ac155bb8 2001 log_warning("%s still around after SIGKILL (2). Entering failed mode.", u->id);
cfc4eb4c 2002 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
034c6ed7
LP		 2003 break;
2004
2005 default:
2006 assert_not_reached("Timeout at wrong time.");
2007 }
5cb5a6ff
LP		 2008}
2009
44d8db9e
LP		 2010int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2011 int *rfds;
2012 unsigned rn_fds, k;
2013 SocketPort *p;
2014
2015 assert(s);
2016 assert(fds);
2017 assert(n_fds);
2018
2019 /* Called from the service code for requesting our fds */
2020
2021 rn_fds = 0;
2022 LIST_FOREACH(port, p, s->ports)
2023 if (p->fd >= 0)
2024 rn_fds++;
2025
de3756ab
LP		 2026 if (rn_fds <= 0) {
2027 *fds = NULL;
2028 *n_fds = 0;
2029 return 0;
2030 }
2031
e364ad06 2032 if (!(rfds = new(int, rn_fds)))
44d8db9e
LP		 2033 return -ENOMEM;
2034
2035 k = 0;
2036 LIST_FOREACH(port, p, s->ports)
2037 if (p->fd >= 0)
2038 rfds[k++] = p->fd;
2039
2040 assert(k == rn_fds);
2041
2042 *fds = rfds;
2043 *n_fds = rn_fds;
2044
2045 return 0;
2046}
2047
6bda96a0 2048void socket_notify_service_dead(Socket *s, bool failed_permanent) {
ceee3d82
LP		 2049 assert(s);
2050
6cf6bbc2
LP		 2051 /* The service is dead. Dang!
2052 *
2053 * This is strictly for one-instance-for-all-connections
2054 * services. */
ceee3d82
LP		 2055
2056 if (s->state == SOCKET_RUNNING) {
6bda96a0
LP		 2057 log_debug("%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2058 if (failed_permanent)
2059 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
c2f34808
MS		 2060 else
2061 socket_enter_listening(s);
ceee3d82
LP		 2062 }
2063}
2064
6cf6bbc2
LP		 2065void socket_connection_unref(Socket *s) {
2066 assert(s);
2067
2068 /* The service is dead. Yay!
2069 *
35b8ca3a 2070 * This is strictly for one-instance-per-connection
6cf6bbc2
LP		 2071 * services. */
2072
2073 assert(s->n_connections > 0);
2074 s->n_connections--;
2075
1124fe6f 2076 log_debug("%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
6cf6bbc2
LP		 2077}
2078
fdf20a31 2079static void socket_reset_failed(Unit *u) {
5632e374
LP		 2080 Socket *s = SOCKET(u);
2081
2082 assert(s);
2083
fdf20a31 2084 if (s->state == SOCKET_FAILED)
5632e374
LP		 2085 socket_set_state(s, SOCKET_DEAD);
2086
cfc4eb4c 2087 s->result = SOCKET_SUCCESS;
5632e374
LP		 2088}
2089
8a0867d6
LP		 2090static int socket_kill(Unit *u, KillWho who, KillMode mode, int signo, DBusError *error) {
2091 Socket *s = SOCKET(u);
2092 int r = 0;
2093 Set *pid_set = NULL;
2094
2095 assert(s);
2096
2097 if (who == KILL_MAIN) {
2098 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "Socket units have no main processes");
a17204af 2099 return -ESRCH;
8a0867d6
LP		 2100 }
2101
2102 if (s->control_pid <= 0 && who == KILL_CONTROL) {
2103 dbus_set_error(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
a17204af 2104 return -ESRCH;
8a0867d6
LP		 2105 }
2106
3611581e
LP		 2107 if (who == KILL_CONTROL || who == KILL_ALL)
2108 if (s->control_pid > 0)
2109 if (kill(s->control_pid, signo) < 0)
2110 r = -errno;
8a0867d6 2111
3611581e 2112 if (who == KILL_ALL && mode == KILL_CONTROL_GROUP) {
8a0867d6
LP		 2113 int q;
2114
2115 if (!(pid_set = set_new(trivial_hash_func, trivial_compare_func)))
2116 return -ENOMEM;
2117
2118 /* Exclude the control pid from being killed via the cgroup */
2119 if (s->control_pid > 0)
2120 if ((q = set_put(pid_set, LONG_TO_PTR(s->control_pid))) < 0) {
2121 r = q;
2122 goto finish;
2123 }
2124
1124fe6f 2125 if ((q = cgroup_bonding_kill_list(UNIT(s)->cgroup_bondings, signo, false, pid_set)) < 0)
3611581e 2126 if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
8a0867d6
LP		 2127 r = q;
2128 }
2129
2130finish:
2131 if (pid_set)
2132 set_free(pid_set);
2133
2134 return r;
2135}
2136
a16e1123
LP		 2137static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2138 [SOCKET_DEAD] = "dead",
2139 [SOCKET_START_PRE] = "start-pre",
2140 [SOCKET_START_POST] = "start-post",
2141 [SOCKET_LISTENING] = "listening",
2142 [SOCKET_RUNNING] = "running",
2143 [SOCKET_STOP_PRE] = "stop-pre",
2144 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2145 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2146 [SOCKET_STOP_POST] = "stop-post",
2147 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2148 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
fdf20a31 2149 [SOCKET_FAILED] = "failed"
a16e1123
LP		 2150};
2151
2152DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2153
2154static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2155 [SOCKET_EXEC_START_PRE] = "StartPre",
2156 [SOCKET_EXEC_START_POST] = "StartPost",
2157 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2158 [SOCKET_EXEC_STOP_POST] = "StopPost"
2159};
2160
2161DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2162
cfc4eb4c
LP		 2163static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2164 [SOCKET_SUCCESS] = "success",
2165 [SOCKET_FAILURE_RESOURCES] = "resources",
2166 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2167 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2168 [SOCKET_FAILURE_SIGNAL] = "signal",
c2f34808 2169 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
6bda96a0 2170 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
cfc4eb4c
LP		 2171};
2172
2173DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2174
87f0e418 2175const UnitVTable socket_vtable = {
5cb5a6ff 2176 .suffix = ".socket",
7d17cfbc 2177 .object_size = sizeof(Socket),
f975e971
LP		 2178 .sections =
2179 "Unit\0"
2180 "Socket\0"
2181 "Install\0",
5cb5a6ff 2182
034c6ed7
LP		 2183 .init = socket_init,
2184 .done = socket_done,
a16e1123
LP		 2185 .load = socket_load,
2186
8a0867d6
LP		 2187 .kill = socket_kill,
2188
a16e1123 2189 .coldplug = socket_coldplug,
034c6ed7 2190
5cb5a6ff
LP		 2191 .dump = socket_dump,
2192
542563ba
LP		 2193 .start = socket_start,
2194 .stop = socket_stop,
5cb5a6ff 2195
a16e1123
LP		 2196 .serialize = socket_serialize,
2197 .deserialize_item = socket_deserialize_item,
2198
5cb5a6ff 2199 .active_state = socket_active_state,
10a94420 2200 .sub_state_to_string = socket_sub_state_to_string,
5cb5a6ff 2201
6cf6bbc2
LP		 2202 .check_gc = socket_check_gc,
2203
9152c765 2204 .fd_event = socket_fd_event,
034c6ed7 2205 .sigchld_event = socket_sigchld_event,
4139c1b2
LP		 2206 .timer_event = socket_timer_event,
2207
fdf20a31 2208 .reset_failed = socket_reset_failed,
5632e374 2209
c4e2ceae
LP		 2210 .bus_interface = "org.freedesktop.systemd1.Socket",
2211 .bus_message_handler = bus_socket_message_handler,
2212 .bus_invalidating_properties = bus_socket_invalidating_properties
5cb5a6ff 2213};
Unnamed repository; edit this file 'description' to name the repository.