[thirdparty/systemd.git] / src / machine / machine.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#include <errno.h>
#include <string.h>
#include <unistd.h>
#include <sys/stat.h>

#include "sd-messages.h"

#include "alloc-util.h"
#include "bus-error.h"
#include "bus-util.h"
#include "env-file.h"
#include "escape.h"
#include "extract-word.h"
#include "fd-util.h"
#include "fileio.h"
#include "format-util.h"
#include "hashmap.h"
#include "machine-dbus.h"
#include "machine.h"
#include "mkdir.h"
#include "parse-util.h"
#include "process-util.h"
#include "serialize.h"
#include "special.h"
#include "stdio-util.h"
#include "string-table.h"
#include "terminal-util.h"
#include "tmpfile-util.h"
#include "unit-name.h"
#include "user-util.h"
#include "util.h"

Machine* machine_new(Manager *manager, MachineClass class, const char *name) {
        Machine *m;

        assert(manager);
        assert(class < _MACHINE_CLASS_MAX);
        assert(name);

        /* Passing class == _MACHINE_CLASS_INVALID here is fine. It
         * means as much as "we don't know yet", and that we'll figure
         * it out later when loading the state file. */

        m = new0(Machine, 1);
        if (!m)
                return NULL;

        m->name = strdup(name);
        if (!m->name)
                goto fail;

        if (class != MACHINE_HOST) {
                m->state_file = strappend("/run/systemd/machines/", m->name);
                if (!m->state_file)
                        goto fail;
        }

        m->class = class;

        if (hashmap_put(manager->machines, m->name, m) < 0)
                goto fail;

        m->manager = manager;

        return m;

fail:
        free(m->state_file);
        free(m->name);
        return mfree(m);
}

Machine* machine_free(Machine *m) {
        if (!m)
                return NULL;

        while (m->operations)
                operation_free(m->operations);

        if (m->in_gc_queue)
                LIST_REMOVE(gc_queue, m->manager->machine_gc_queue, m);

        machine_release_unit(m);

        free(m->scope_job);

        (void) hashmap_remove(m->manager->machines, m->name);

        if (m->manager->host_machine == m)
                m->manager->host_machine = NULL;

        if (m->leader > 0)
                (void) hashmap_remove_value(m->manager->machine_leaders, PID_TO_PTR(m->leader), m);

        sd_bus_message_unref(m->create_message);

        free(m->name);
        free(m->state_file);
        free(m->service);
        free(m->root_directory);
        free(m->netif);
        return mfree(m);
}

int machine_save(Machine *m) {
        _cleanup_free_ char *temp_path = NULL;
        _cleanup_fclose_ FILE *f = NULL;
        int r;

        assert(m);

        if (!m->state_file)
                return 0;

        if (!m->started)
                return 0;

        r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0, MKDIR_WARN_MODE);
        if (r < 0)
                goto fail;

        r = fopen_temporary(m->state_file, &f, &temp_path);
        if (r < 0)
                goto fail;

        (void) fchmod(fileno(f), 0644);

        fprintf(f,
                "# This is private data. Do not parse.\n"
                "NAME=%s\n",
                m->name);

        if (m->unit) {
                _cleanup_free_ char *escaped;

                escaped = cescape(m->unit);
                if (!escaped) {
                        r = -ENOMEM;
                        goto fail;
                }

                fprintf(f, "SCOPE=%s\n", escaped); /* We continue to call this "SCOPE=" because it is internal only, and we want to stay compatible with old files */
        }

        if (m->scope_job)
                fprintf(f, "SCOPE_JOB=%s\n", m->scope_job);

        if (m->service) {
                _cleanup_free_ char *escaped;

                escaped = cescape(m->service);
                if (!escaped) {
                        r = -ENOMEM;
                        goto fail;
                }
                fprintf(f, "SERVICE=%s\n", escaped);
        }

        if (m->root_directory) {
                _cleanup_free_ char *escaped;

                escaped = cescape(m->root_directory);
                if (!escaped) {
                        r = -ENOMEM;
                        goto fail;
                }
                fprintf(f, "ROOT=%s\n", escaped);
        }

        if (!sd_id128_is_null(m->id))
                fprintf(f, "ID=" SD_ID128_FORMAT_STR "\n", SD_ID128_FORMAT_VAL(m->id));

        if (m->leader != 0)
                fprintf(f, "LEADER="PID_FMT"\n", m->leader);

        if (m->class != _MACHINE_CLASS_INVALID)
                fprintf(f, "CLASS=%s\n", machine_class_to_string(m->class));

        if (dual_timestamp_is_set(&m->timestamp))
                fprintf(f,
                        "REALTIME="USEC_FMT"\n"
                        "MONOTONIC="USEC_FMT"\n",
                        m->timestamp.realtime,
                        m->timestamp.monotonic);

        if (m->n_netif > 0) {
                size_t i;

                fputs("NETIF=", f);

                for (i = 0; i < m->n_netif; i++) {
                        if (i != 0)
                                fputc(' ', f);

                        fprintf(f, "%i", m->netif[i]);
                }

                fputc('\n', f);
        }

        r = fflush_and_check(f);
        if (r < 0)
                goto fail;

        if (rename(temp_path, m->state_file) < 0) {
                r = -errno;
                goto fail;
        }

        if (m->unit) {
                char *sl;

                /* Create a symlink from the unit name to the machine
                 * name, so that we can quickly find the machine for
                 * each given unit. Ignore error. */
                sl = strjoina("/run/systemd/machines/unit:", m->unit);
                (void) symlink(m->name, sl);
        }

        return 0;

fail:
        (void) unlink(m->state_file);

        if (temp_path)
                (void) unlink(temp_path);

        return log_error_errno(r, "Failed to save machine data %s: %m", m->state_file);
}

static void machine_unlink(Machine *m) {
        assert(m);

        if (m->unit) {
                char *sl;

                sl = strjoina("/run/systemd/machines/unit:", m->unit);
                (void) unlink(sl);
        }

        if (m->state_file)
                (void) unlink(m->state_file);
}

int machine_load(Machine *m) {
        _cleanup_free_ char *realtime = NULL, *monotonic = NULL, *id = NULL, *leader = NULL, *class = NULL, *netif = NULL;
        int r;

        assert(m);

        if (!m->state_file)
                return 0;

        r = parse_env_file(NULL, m->state_file,
                           "SCOPE",     &m->unit,
                           "SCOPE_JOB", &m->scope_job,
                           "SERVICE",   &m->service,
                           "ROOT",      &m->root_directory,
                           "ID",        &id,
                           "LEADER",    &leader,
                           "CLASS",     &class,
                           "REALTIME",  &realtime,
                           "MONOTONIC", &monotonic,
                           "NETIF",     &netif);
        if (r < 0) {
                if (r == -ENOENT)
                        return 0;

                return log_error_errno(r, "Failed to read %s: %m", m->state_file);
        }

        if (id)
                sd_id128_from_string(id, &m->id);

        if (leader)
                parse_pid(leader, &m->leader);

        if (class) {
                MachineClass c;

                c = machine_class_from_string(class);
                if (c >= 0)
                        m->class = c;
        }

        if (realtime)
                (void) deserialize_usec(realtime, &m->timestamp.realtime);
        if (monotonic)
                (void) deserialize_usec(monotonic, &m->timestamp.monotonic);

        if (netif) {
                size_t allocated = 0, nr = 0;
                const char *p;
                int *ni = NULL;

                p = netif;
                for (;;) {
                        _cleanup_free_ char *word = NULL;
                        int ifi;

                        r = extract_first_word(&p, &word, NULL, 0);
                        if (r == 0)
                                break;
                        if (r == -ENOMEM)
                                return log_oom();
                        if (r < 0) {
                                log_warning_errno(r, "Failed to parse NETIF: %s", netif);
                                break;
                        }

                        if (parse_ifindex(word, &ifi) < 0)
                                continue;

                        if (!GREEDY_REALLOC(ni, allocated, nr+1)) {
                                free(ni);
                                return log_oom();
                        }

                        ni[nr++] = ifi;
                }

                free(m->netif);
                m->netif = ni;
                m->n_netif = nr;
        }

        return r;
}

static int machine_start_scope(Machine *m, sd_bus_message *properties, sd_bus_error *error) {
        assert(m);
        assert(m->class != MACHINE_HOST);

        if (!m->unit) {
                _cleanup_free_ char *escaped = NULL, *scope = NULL;
                char *description, *job = NULL;
                int r;

                escaped = unit_name_escape(m->name);
                if (!escaped)
                        return log_oom();

                scope = strjoin("machine-", escaped, ".scope");
                if (!scope)
                        return log_oom();

                description = strjoina(m->class == MACHINE_VM ? "Virtual Machine " : "Container ", m->name);

                r = manager_start_scope(m->manager, scope, m->leader, SPECIAL_MACHINE_SLICE, description, properties, error, &job);
                if (r < 0)
                        return log_error_errno(r, "Failed to start machine scope: %s", bus_error_message(error, r));

                m->unit = TAKE_PTR(scope);
                free_and_replace(m->scope_job, job);
        }

        if (m->unit)
                hashmap_put(m->manager->machine_units, m->unit, m);

        return 0;
}

int machine_start(Machine *m, sd_bus_message *properties, sd_bus_error *error) {
        int r;

        assert(m);

        if (!IN_SET(m->class, MACHINE_CONTAINER, MACHINE_VM))
                return -EOPNOTSUPP;

        if (m->started)
                return 0;

        r = hashmap_put(m->manager->machine_leaders, PID_TO_PTR(m->leader), m);
        if (r < 0)
                return r;

        /* Create cgroup */
        r = machine_start_scope(m, properties, error);
        if (r < 0)
                return r;

        log_struct(LOG_INFO,
                   "MESSAGE_ID=" SD_MESSAGE_MACHINE_START_STR,
                   "NAME=%s", m->name,
                   "LEADER="PID_FMT, m->leader,
                   LOG_MESSAGE("New machine %s.", m->name));

        if (!dual_timestamp_is_set(&m->timestamp))
                dual_timestamp_get(&m->timestamp);

        m->started = true;

        /* Save new machine data */
        machine_save(m);

        machine_send_signal(m, true);
        (void) manager_enqueue_nscd_cache_flush(m->manager);

        return 0;
}

static int machine_stop_scope(Machine *m) {
        _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
        char *job = NULL;
        int r, q;

        assert(m);
        assert(m->class != MACHINE_HOST);

        if (!m->unit)
                return 0;

        r = manager_stop_unit(m->manager, m->unit, &error, &job);
        if (r < 0) {
                log_error_errno(r, "Failed to stop machine scope: %s", bus_error_message(&error, r));
                sd_bus_error_free(&error);
        } else
                free_and_replace(m->scope_job, job);

        q = manager_unref_unit(m->manager, m->unit, &error);
        if (q < 0)
                log_warning_errno(q, "Failed to drop reference to machine scope, ignoring: %s", bus_error_message(&error, r));

        return r;
}

int machine_stop(Machine *m) {
        int r;
        assert(m);

        if (!IN_SET(m->class, MACHINE_CONTAINER, MACHINE_VM))
                return -EOPNOTSUPP;

        r = machine_stop_scope(m);

        m->stopping = true;

        machine_save(m);
        (void) manager_enqueue_nscd_cache_flush(m->manager);

        return r;
}

int machine_finalize(Machine *m) {
        assert(m);

        if (m->started)
                log_struct(LOG_INFO,
                           "MESSAGE_ID=" SD_MESSAGE_MACHINE_STOP_STR,
                           "NAME=%s", m->name,
                           "LEADER="PID_FMT, m->leader,
                           LOG_MESSAGE("Machine %s terminated.", m->name));

        machine_unlink(m);
        machine_add_to_gc_queue(m);

        if (m->started) {
                machine_send_signal(m, false);
                m->started = false;
        }

        return 0;
}

bool machine_may_gc(Machine *m, bool drop_not_started) {
        assert(m);

        if (m->class == MACHINE_HOST)
                return false;

        if (drop_not_started && !m->started)
                return true;

        if (m->scope_job && manager_job_is_active(m->manager, m->scope_job))
                return false;

        if (m->unit && manager_unit_is_active(m->manager, m->unit))
                return false;

        return true;
}

void machine_add_to_gc_queue(Machine *m) {
        assert(m);

        if (m->in_gc_queue)
                return;

        LIST_PREPEND(gc_queue, m->manager->machine_gc_queue, m);
        m->in_gc_queue = true;
}

MachineState machine_get_state(Machine *s) {
        assert(s);

        if (s->class == MACHINE_HOST)
                return MACHINE_RUNNING;

        if (s->stopping)
                return MACHINE_CLOSING;

        if (s->scope_job)
                return MACHINE_OPENING;

        return MACHINE_RUNNING;
}

int machine_kill(Machine *m, KillWho who, int signo) {
        assert(m);

        if (!IN_SET(m->class, MACHINE_VM, MACHINE_CONTAINER))
                return -EOPNOTSUPP;

        if (!m->unit)
                return -ESRCH;

        if (who == KILL_LEADER) {
                /* If we shall simply kill the leader, do so directly */

                if (kill(m->leader, signo) < 0)
                        return -errno;

                return 0;
        }

        /* Otherwise, make PID 1 do it for us, for the entire cgroup */
        return manager_kill_unit(m->manager, m->unit, signo, NULL);
}

int machine_openpt(Machine *m, int flags, char **ret_slave) {
        assert(m);

        switch (m->class) {

        case MACHINE_HOST:

                return openpt_allocate(flags, ret_slave);

        case MACHINE_CONTAINER:
                if (m->leader <= 0)
                        return -EINVAL;

                return openpt_allocate_in_namespace(m->leader, flags, ret_slave);

        default:
                return -EOPNOTSUPP;
        }
}

int machine_open_terminal(Machine *m, const char *path, int mode) {
        assert(m);

        switch (m->class) {

        case MACHINE_HOST:
                return open_terminal(path, mode);

        case MACHINE_CONTAINER:
                if (m->leader <= 0)
                        return -EINVAL;

                return open_terminal_in_namespace(m->leader, path, mode);

        default:
                return -EOPNOTSUPP;
        }
}

void machine_release_unit(Machine *m) {
        assert(m);

        if (!m->unit)
                return;

        (void) hashmap_remove(m->manager->machine_units, m->unit);
        m->unit = mfree(m->unit);
}

int machine_get_uid_shift(Machine *m, uid_t *ret) {
        char p[STRLEN("/proc//uid_map") + DECIMAL_STR_MAX(pid_t) + 1];
        uid_t uid_base, uid_shift, uid_range;
        gid_t gid_base, gid_shift, gid_range;
        _cleanup_fclose_ FILE *f = NULL;
        int k, r;

        assert(m);
        assert(ret);

        /* Return the base UID/GID of the specified machine. Note that this only works for containers with simple
         * mappings. In most cases setups should be simple like this, and administrators should only care about the
         * basic offset a container has relative to the host. This is what this function exposes.
         *
         * If we encounter any more complex mappings we politely refuse this with ENXIO. */

        if (m->class == MACHINE_HOST) {
                *ret = 0;
                return 0;
        }

        if (m->class != MACHINE_CONTAINER)
                return -EOPNOTSUPP;

        xsprintf(p, "/proc/" PID_FMT "/uid_map", m->leader);
        f = fopen(p, "re");
        if (!f) {
                if (errno == ENOENT) {
                        /* If the file doesn't exist, user namespacing is off in the kernel, return a zero mapping hence. */
                        *ret = 0;
                        return 0;
                }

                return -errno;
        }

        /* Read the first line. There's at least one. */
        errno = 0;
        k = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT "\n", &uid_base, &uid_shift, &uid_range);
        if (k != 3) {
                if (ferror(f))
                        return -errno;

                return -EBADMSG;
        }

        /* Not a mapping starting at 0? Then it's a complex mapping we can't expose here. */
        if (uid_base != 0)
                return -ENXIO;
        /* Insist that at least the nobody user is mapped, everything else is weird, and hence complex, and we don't support it */
        if (uid_range < UID_NOBODY)
                return -ENXIO;

        /* If there's more than one line, then we don't support this mapping. */
        r = safe_fgetc(f, NULL);
        if (r < 0)
                return r;
        if (r != 0) /* Insist on EOF */
                return -ENXIO;

        fclose(f);

        xsprintf(p, "/proc/" PID_FMT "/gid_map", m->leader);
        f = fopen(p, "re");
        if (!f)
                return -errno;

        /* Read the first line. There's at least one. */
        errno = 0;
        k = fscanf(f, GID_FMT " " GID_FMT " " GID_FMT "\n", &gid_base, &gid_shift, &gid_range);
        if (k != 3) {
                if (ferror(f))
                        return -errno;

                return -EBADMSG;
        }

        /* If there's more than one line, then we don't support this file. */
        r = safe_fgetc(f, NULL);
        if (r < 0)
                return r;
        if (r != 0) /* Insist on EOF */
                return -ENXIO;

        /* If the UID and GID mapping doesn't match, we don't support this mapping. */
        if (uid_base != (uid_t) gid_base)
                return -ENXIO;
        if (uid_shift != (uid_t) gid_shift)
                return -ENXIO;
        if (uid_range != (uid_t) gid_range)
                return -ENXIO;

        *ret = uid_shift;
        return 0;
}

static const char* const machine_class_table[_MACHINE_CLASS_MAX] = {
        [MACHINE_CONTAINER] = "container",
        [MACHINE_VM] = "vm",
        [MACHINE_HOST] = "host",
};

DEFINE_STRING_TABLE_LOOKUP(machine_class, MachineClass);

static const char* const machine_state_table[_MACHINE_STATE_MAX] = {
        [MACHINE_OPENING] = "opening",
        [MACHINE_RUNNING] = "running",
        [MACHINE_CLOSING] = "closing"
};

DEFINE_STRING_TABLE_LOOKUP(machine_state, MachineState);

static const char* const kill_who_table[_KILL_WHO_MAX] = {
        [KILL_LEADER] = "leader",
        [KILL_ALL] = "all"
};

DEFINE_STRING_TABLE_LOOKUP(kill_who, KillWho);
Commit	Line	Data
	1	/* SPDX-License-Identifier: LGPL-2.1+ */
	2
	3	#include <errno.h>
	4	#include <string.h>
	5	#include <unistd.h>
	6	#include <sys/stat.h>
	7
	8	#include "sd-messages.h"
	9
	10	#include "alloc-util.h"
	11	#include "bus-error.h"
	12	#include "bus-util.h"
	13	#include "env-file.h"
	14	#include "escape.h"
	15	#include "extract-word.h"
	16	#include "fd-util.h"
	17	#include "fileio.h"
	18	#include "format-util.h"
	19	#include "hashmap.h"
	20	#include "machine-dbus.h"
	21	#include "machine.h"
	22	#include "mkdir.h"
	23	#include "parse-util.h"
	24	#include "process-util.h"
	25	#include "serialize.h"
	26	#include "special.h"
	27	#include "stdio-util.h"
	28	#include "string-table.h"
	29	#include "terminal-util.h"
	30	#include "tmpfile-util.h"
	31	#include "unit-name.h"
	32	#include "user-util.h"
	33	#include "util.h"
	34
	35	Machine* machine_new(Manager manager, MachineClass class, const char name) {
	36	Machine *m;
	37
	38	assert(manager);
	39	assert(class < _MACHINE_CLASS_MAX);
	40	assert(name);
	41
	42	/* Passing class == _MACHINE_CLASS_INVALID here is fine. It
	43	* means as much as "we don't know yet", and that we'll figure
	44	* it out later when loading the state file. */
	45
	46	m = new0(Machine, 1);
	47	if (!m)
	48	return NULL;
	49
	50	m->name = strdup(name);
	51	if (!m->name)
	52	goto fail;
	53
	54	if (class != MACHINE_HOST) {
	55	m->state_file = strappend("/run/systemd/machines/", m->name);
	56	if (!m->state_file)
	57	goto fail;
	58	}
	59
	60	m->class = class;
	61
	62	if (hashmap_put(manager->machines, m->name, m) < 0)
	63	goto fail;
	64
	65	m->manager = manager;
	66
	67	return m;
	68
	69	fail:
	70	free(m->state_file);
	71	free(m->name);
	72	return mfree(m);
	73	}
	74
	75	Machine* machine_free(Machine *m) {
	76	if (!m)
	77	return NULL;
	78
	79	while (m->operations)
	80	operation_free(m->operations);
	81
	82	if (m->in_gc_queue)
	83	LIST_REMOVE(gc_queue, m->manager->machine_gc_queue, m);
	84
	85	machine_release_unit(m);
	86
	87	free(m->scope_job);
	88
	89	(void) hashmap_remove(m->manager->machines, m->name);
	90
	91	if (m->manager->host_machine == m)
	92	m->manager->host_machine = NULL;
	93
	94	if (m->leader > 0)
	95	(void) hashmap_remove_value(m->manager->machine_leaders, PID_TO_PTR(m->leader), m);
	96
	97	sd_bus_message_unref(m->create_message);
	98
	99	free(m->name);
	100	free(m->state_file);
	101	free(m->service);
	102	free(m->root_directory);
	103	free(m->netif);
	104	return mfree(m);
	105	}
	106
	107	int machine_save(Machine *m) {
	108	_cleanup_free_ char *temp_path = NULL;
	109	_cleanup_fclose_ FILE *f = NULL;
	110	int r;
	111
	112	assert(m);
	113
	114	if (!m->state_file)
	115	return 0;
	116
	117	if (!m->started)
	118	return 0;
	119
	120	r = mkdir_safe_label("/run/systemd/machines", 0755, 0, 0, MKDIR_WARN_MODE);
	121	if (r < 0)
	122	goto fail;
	123
	124	r = fopen_temporary(m->state_file, &f, &temp_path);
	125	if (r < 0)
	126	goto fail;
	127
	128	(void) fchmod(fileno(f), 0644);
	129
	130	fprintf(f,
	131	"# This is private data. Do not parse.\n"
	132	"NAME=%s\n",
	133	m->name);
	134
	135	if (m->unit) {
	136	_cleanup_free_ char *escaped;
	137
	138	escaped = cescape(m->unit);
	139	if (!escaped) {
	140	r = -ENOMEM;
	141	goto fail;
	142	}
	143
	144	fprintf(f, "SCOPE=%s\n", escaped); /* We continue to call this "SCOPE=" because it is internal only, and we want to stay compatible with old files */
	145	}
	146
	147	if (m->scope_job)
	148	fprintf(f, "SCOPE_JOB=%s\n", m->scope_job);
	149
	150	if (m->service) {
	151	_cleanup_free_ char *escaped;
	152
	153	escaped = cescape(m->service);
	154	if (!escaped) {
	155	r = -ENOMEM;
	156	goto fail;
	157	}
	158	fprintf(f, "SERVICE=%s\n", escaped);
	159	}
	160
	161	if (m->root_directory) {
	162	_cleanup_free_ char *escaped;
	163
	164	escaped = cescape(m->root_directory);
	165	if (!escaped) {
	166	r = -ENOMEM;
	167	goto fail;
	168	}
	169	fprintf(f, "ROOT=%s\n", escaped);
	170	}
	171
	172	if (!sd_id128_is_null(m->id))
	173	fprintf(f, "ID=" SD_ID128_FORMAT_STR "\n", SD_ID128_FORMAT_VAL(m->id));
	174
	175	if (m->leader != 0)
	176	fprintf(f, "LEADER="PID_FMT"\n", m->leader);
	177
	178	if (m->class != _MACHINE_CLASS_INVALID)
	179	fprintf(f, "CLASS=%s\n", machine_class_to_string(m->class));
	180
	181	if (dual_timestamp_is_set(&m->timestamp))
	182	fprintf(f,
	183	"REALTIME="USEC_FMT"\n"
	184	"MONOTONIC="USEC_FMT"\n",
	185	m->timestamp.realtime,
	186	m->timestamp.monotonic);
	187
	188	if (m->n_netif > 0) {
	189	size_t i;
	190
	191	fputs("NETIF=", f);
	192
	193	for (i = 0; i < m->n_netif; i++) {
	194	if (i != 0)
	195	fputc(' ', f);
	196
	197	fprintf(f, "%i", m->netif[i]);
	198	}
	199
	200	fputc('\n', f);
	201	}
	202
	203	r = fflush_and_check(f);
	204	if (r < 0)
	205	goto fail;
	206
	207	if (rename(temp_path, m->state_file) < 0) {
	208	r = -errno;
	209	goto fail;
	210	}
	211
	212	if (m->unit) {
	213	char *sl;
	214
	215	/* Create a symlink from the unit name to the machine
	216	* name, so that we can quickly find the machine for
	217	* each given unit. Ignore error. */
	218	sl = strjoina("/run/systemd/machines/unit:", m->unit);
	219	(void) symlink(m->name, sl);
	220	}
	221
	222	return 0;
	223
	224	fail:
	225	(void) unlink(m->state_file);
	226
	227	if (temp_path)
	228	(void) unlink(temp_path);
	229
	230	return log_error_errno(r, "Failed to save machine data %s: %m", m->state_file);
	231	}
	232
	233	static void machine_unlink(Machine *m) {
	234	assert(m);
	235
	236	if (m->unit) {
	237	char *sl;
	238
	239	sl = strjoina("/run/systemd/machines/unit:", m->unit);
	240	(void) unlink(sl);
	241	}
	242
	243	if (m->state_file)
	244	(void) unlink(m->state_file);
	245	}
	246
	247	int machine_load(Machine *m) {
	248	_cleanup_free_ char realtime = NULL, monotonic = NULL, id = NULL, leader = NULL, class = NULL, netif = NULL;
	249	int r;
	250
	251	assert(m);
	252
	253	if (!m->state_file)
	254	return 0;
	255
	256	r = parse_env_file(NULL, m->state_file,
	257	"SCOPE", &m->unit,
	258	"SCOPE_JOB", &m->scope_job,
	259	"SERVICE", &m->service,
	260	"ROOT", &m->root_directory,
	261	"ID", &id,
	262	"LEADER", &leader,
	263	"CLASS", &class,
	264	"REALTIME", &realtime,
	265	"MONOTONIC", &monotonic,
	266	"NETIF", &netif);
	267	if (r < 0) {
	268	if (r == -ENOENT)
	269	return 0;
	270
	271	return log_error_errno(r, "Failed to read %s: %m", m->state_file);
	272	}
	273
	274	if (id)
	275	sd_id128_from_string(id, &m->id);
	276
	277	if (leader)
	278	parse_pid(leader, &m->leader);
	279
	280	if (class) {
	281	MachineClass c;
	282
	283	c = machine_class_from_string(class);
	284	if (c >= 0)
	285	m->class = c;
	286	}
	287
	288	if (realtime)
	289	(void) deserialize_usec(realtime, &m->timestamp.realtime);
	290	if (monotonic)
	291	(void) deserialize_usec(monotonic, &m->timestamp.monotonic);
	292
	293	if (netif) {
	294	size_t allocated = 0, nr = 0;
	295	const char *p;
	296	int *ni = NULL;
	297
	298	p = netif;
	299	for (;;) {
	300	_cleanup_free_ char *word = NULL;
	301	int ifi;
	302
	303	r = extract_first_word(&p, &word, NULL, 0);
	304	if (r == 0)
	305	break;
	306	if (r == -ENOMEM)
	307	return log_oom();
	308	if (r < 0) {
	309	log_warning_errno(r, "Failed to parse NETIF: %s", netif);
	310	break;
	311	}
	312
	313	if (parse_ifindex(word, &ifi) < 0)
	314	continue;
	315
	316	if (!GREEDY_REALLOC(ni, allocated, nr+1)) {
	317	free(ni);
	318	return log_oom();
	319	}
	320
	321	ni[nr++] = ifi;
	322	}
	323
	324	free(m->netif);
	325	m->netif = ni;
	326	m->n_netif = nr;
	327	}
	328
	329	return r;
	330	}
	331
	332	static int machine_start_scope(Machine m, sd_bus_message properties, sd_bus_error *error) {
	333	assert(m);
	334	assert(m->class != MACHINE_HOST);
	335
	336	if (!m->unit) {
	337	_cleanup_free_ char escaped = NULL, scope = NULL;
	338	char description, job = NULL;
	339	int r;
	340
	341	escaped = unit_name_escape(m->name);
	342	if (!escaped)
	343	return log_oom();
	344
	345	scope = strjoin("machine-", escaped, ".scope");
	346	if (!scope)
	347	return log_oom();
	348
	349	description = strjoina(m->class == MACHINE_VM ? "Virtual Machine " : "Container ", m->name);
	350
	351	r = manager_start_scope(m->manager, scope, m->leader, SPECIAL_MACHINE_SLICE, description, properties, error, &job);
	352	if (r < 0)
	353	return log_error_errno(r, "Failed to start machine scope: %s", bus_error_message(error, r));
	354
	355	m->unit = TAKE_PTR(scope);
	356	free_and_replace(m->scope_job, job);
	357	}
	358
	359	if (m->unit)
	360	hashmap_put(m->manager->machine_units, m->unit, m);
	361
	362	return 0;
	363	}
	364
	365	int machine_start(Machine m, sd_bus_message properties, sd_bus_error *error) {
	366	int r;
	367
	368	assert(m);
	369
	370	if (!IN_SET(m->class, MACHINE_CONTAINER, MACHINE_VM))
	371	return -EOPNOTSUPP;
	372
	373	if (m->started)
	374	return 0;
	375
	376	r = hashmap_put(m->manager->machine_leaders, PID_TO_PTR(m->leader), m);
	377	if (r < 0)
	378	return r;
	379
	380	/* Create cgroup */
	381	r = machine_start_scope(m, properties, error);
	382	if (r < 0)
	383	return r;
	384
	385	log_struct(LOG_INFO,
	386	"MESSAGE_ID=" SD_MESSAGE_MACHINE_START_STR,
	387	"NAME=%s", m->name,
	388	"LEADER="PID_FMT, m->leader,
	389	LOG_MESSAGE("New machine %s.", m->name));
	390
	391	if (!dual_timestamp_is_set(&m->timestamp))
	392	dual_timestamp_get(&m->timestamp);
	393
	394	m->started = true;
	395
	396	/* Save new machine data */
	397	machine_save(m);
	398
	399	machine_send_signal(m, true);
	400	(void) manager_enqueue_nscd_cache_flush(m->manager);
	401
	402	return 0;
	403	}
	404
	405	static int machine_stop_scope(Machine *m) {
	406	_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
	407	char *job = NULL;
	408	int r, q;
	409
	410	assert(m);
	411	assert(m->class != MACHINE_HOST);
	412
	413	if (!m->unit)
	414	return 0;
	415
	416	r = manager_stop_unit(m->manager, m->unit, &error, &job);
	417	if (r < 0) {
	418	log_error_errno(r, "Failed to stop machine scope: %s", bus_error_message(&error, r));
	419	sd_bus_error_free(&error);
	420	} else
	421	free_and_replace(m->scope_job, job);
	422
	423	q = manager_unref_unit(m->manager, m->unit, &error);
	424	if (q < 0)
	425	log_warning_errno(q, "Failed to drop reference to machine scope, ignoring: %s", bus_error_message(&error, r));
	426
	427	return r;
	428	}
	429
	430	int machine_stop(Machine *m) {
	431	int r;
	432	assert(m);
	433
	434	if (!IN_SET(m->class, MACHINE_CONTAINER, MACHINE_VM))
	435	return -EOPNOTSUPP;
	436
	437	r = machine_stop_scope(m);
	438
	439	m->stopping = true;
	440
	441	machine_save(m);
	442	(void) manager_enqueue_nscd_cache_flush(m->manager);
	443
	444	return r;
	445	}
	446
	447	int machine_finalize(Machine *m) {
	448	assert(m);
	449
	450	if (m->started)
	451	log_struct(LOG_INFO,
	452	"MESSAGE_ID=" SD_MESSAGE_MACHINE_STOP_STR,
	453	"NAME=%s", m->name,
	454	"LEADER="PID_FMT, m->leader,
	455	LOG_MESSAGE("Machine %s terminated.", m->name));
	456
	457	machine_unlink(m);
	458	machine_add_to_gc_queue(m);
	459
	460	if (m->started) {
	461	machine_send_signal(m, false);
	462	m->started = false;
	463	}
	464
	465	return 0;
	466	}
	467
	468	bool machine_may_gc(Machine *m, bool drop_not_started) {
	469	assert(m);
	470
	471	if (m->class == MACHINE_HOST)
	472	return false;
	473
	474	if (drop_not_started && !m->started)
	475	return true;
	476
	477	if (m->scope_job && manager_job_is_active(m->manager, m->scope_job))
	478	return false;
	479
	480	if (m->unit && manager_unit_is_active(m->manager, m->unit))
	481	return false;
	482
	483	return true;
	484	}
	485
	486	void machine_add_to_gc_queue(Machine *m) {
	487	assert(m);
	488
	489	if (m->in_gc_queue)
	490	return;
	491
	492	LIST_PREPEND(gc_queue, m->manager->machine_gc_queue, m);
	493	m->in_gc_queue = true;
	494	}
	495
	496	MachineState machine_get_state(Machine *s) {
	497	assert(s);
	498
	499	if (s->class == MACHINE_HOST)
	500	return MACHINE_RUNNING;
	501
	502	if (s->stopping)
	503	return MACHINE_CLOSING;
	504
	505	if (s->scope_job)
	506	return MACHINE_OPENING;
	507
	508	return MACHINE_RUNNING;
	509	}
	510
	511	int machine_kill(Machine *m, KillWho who, int signo) {
	512	assert(m);
	513
	514	if (!IN_SET(m->class, MACHINE_VM, MACHINE_CONTAINER))
	515	return -EOPNOTSUPP;
	516
	517	if (!m->unit)
	518	return -ESRCH;
	519
	520	if (who == KILL_LEADER) {
	521	/* If we shall simply kill the leader, do so directly */
	522
	523	if (kill(m->leader, signo) < 0)
	524	return -errno;
	525
	526	return 0;
	527	}
	528
	529	/* Otherwise, make PID 1 do it for us, for the entire cgroup */
	530	return manager_kill_unit(m->manager, m->unit, signo, NULL);
	531	}
	532
	533	int machine_openpt(Machine m, int flags, char *ret_slave) {
	534	assert(m);
	535
	536	switch (m->class) {
	537
	538	case MACHINE_HOST:
	539
	540	return openpt_allocate(flags, ret_slave);
	541
	542	case MACHINE_CONTAINER:
	543	if (m->leader <= 0)
	544	return -EINVAL;
	545
	546	return openpt_allocate_in_namespace(m->leader, flags, ret_slave);
	547
	548	default:
	549	return -EOPNOTSUPP;
	550	}
	551	}
	552
	553	int machine_open_terminal(Machine m, const char path, int mode) {
	554	assert(m);
	555
	556	switch (m->class) {
	557
	558	case MACHINE_HOST:
	559	return open_terminal(path, mode);
	560
	561	case MACHINE_CONTAINER:
	562	if (m->leader <= 0)
	563	return -EINVAL;
	564
	565	return open_terminal_in_namespace(m->leader, path, mode);
	566
	567	default:
	568	return -EOPNOTSUPP;
	569	}
	570	}
	571
	572	void machine_release_unit(Machine *m) {
	573	assert(m);
	574
	575	if (!m->unit)
	576	return;
	577
	578	(void) hashmap_remove(m->manager->machine_units, m->unit);
	579	m->unit = mfree(m->unit);
	580	}
	581
	582	int machine_get_uid_shift(Machine m, uid_t ret) {
	583	char p[STRLEN("/proc//uid_map") + DECIMAL_STR_MAX(pid_t) + 1];
	584	uid_t uid_base, uid_shift, uid_range;
	585	gid_t gid_base, gid_shift, gid_range;
	586	_cleanup_fclose_ FILE *f = NULL;
	587	int k, r;
	588
	589	assert(m);
	590	assert(ret);
	591
	592	/* Return the base UID/GID of the specified machine. Note that this only works for containers with simple
	593	* mappings. In most cases setups should be simple like this, and administrators should only care about the
	594	* basic offset a container has relative to the host. This is what this function exposes.
	595	*
	596	* If we encounter any more complex mappings we politely refuse this with ENXIO. */
	597
	598	if (m->class == MACHINE_HOST) {
	599	*ret = 0;
	600	return 0;
	601	}
	602
	603	if (m->class != MACHINE_CONTAINER)
	604	return -EOPNOTSUPP;
	605
	606	xsprintf(p, "/proc/" PID_FMT "/uid_map", m->leader);
	607	f = fopen(p, "re");
	608	if (!f) {
	609	if (errno == ENOENT) {
	610	/* If the file doesn't exist, user namespacing is off in the kernel, return a zero mapping hence. */
	611	*ret = 0;
	612	return 0;
	613	}
	614
	615	return -errno;
	616	}
	617
	618	/* Read the first line. There's at least one. */
	619	errno = 0;
	620	k = fscanf(f, UID_FMT " " UID_FMT " " UID_FMT "\n", &uid_base, &uid_shift, &uid_range);
	621	if (k != 3) {
	622	if (ferror(f))
	623	return -errno;
	624
	625	return -EBADMSG;
	626	}
	627
	628	/* Not a mapping starting at 0? Then it's a complex mapping we can't expose here. */
	629	if (uid_base != 0)
	630	return -ENXIO;
	631	/* Insist that at least the nobody user is mapped, everything else is weird, and hence complex, and we don't support it */
	632	if (uid_range < UID_NOBODY)
	633	return -ENXIO;
	634
	635	/* If there's more than one line, then we don't support this mapping. */
	636	r = safe_fgetc(f, NULL);
	637	if (r < 0)
	638	return r;
	639	if (r != 0) /* Insist on EOF */
	640	return -ENXIO;
	641
	642	fclose(f);
	643
	644	xsprintf(p, "/proc/" PID_FMT "/gid_map", m->leader);
	645	f = fopen(p, "re");
	646	if (!f)
	647	return -errno;
	648
	649	/* Read the first line. There's at least one. */
	650	errno = 0;
	651	k = fscanf(f, GID_FMT " " GID_FMT " " GID_FMT "\n", &gid_base, &gid_shift, &gid_range);
	652	if (k != 3) {
	653	if (ferror(f))
	654	return -errno;
	655
	656	return -EBADMSG;
	657	}
	658
	659	/* If there's more than one line, then we don't support this file. */
	660	r = safe_fgetc(f, NULL);
	661	if (r < 0)
	662	return r;
	663	if (r != 0) /* Insist on EOF */
	664	return -ENXIO;
	665
	666	/* If the UID and GID mapping doesn't match, we don't support this mapping. */
	667	if (uid_base != (uid_t) gid_base)
	668	return -ENXIO;
	669	if (uid_shift != (uid_t) gid_shift)
	670	return -ENXIO;
	671	if (uid_range != (uid_t) gid_range)
	672	return -ENXIO;
	673
	674	*ret = uid_shift;
	675	return 0;
	676	}
	677
	678	static const char* const machine_class_table[_MACHINE_CLASS_MAX] = {
	679	[MACHINE_CONTAINER] = "container",
	680	[MACHINE_VM] = "vm",
	681	[MACHINE_HOST] = "host",
	682	};
	683
	684	DEFINE_STRING_TABLE_LOOKUP(machine_class, MachineClass);
	685
	686	static const char* const machine_state_table[_MACHINE_STATE_MAX] = {
	687	[MACHINE_OPENING] = "opening",
	688	[MACHINE_RUNNING] = "running",
	689	[MACHINE_CLOSING] = "closing"
	690	};
	691
	692	DEFINE_STRING_TABLE_LOOKUP(machine_state, MachineState);
	693
	694	static const char* const kill_who_table[_KILL_WHO_MAX] = {
	695	[KILL_LEADER] = "leader",
	696	[KILL_ALL] = "all"
	697	};
	698
	699	DEFINE_STRING_TABLE_LOOKUP(kill_who, KillWho);