]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/dbus-unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
shared: split out polkit stuff from bus-util.c → bus-polkit.c
[thirdparty/systemd.git] / src / core / dbus-unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include "sd-bus.h"
4
5 #include "alloc-util.h"
6 #include "bpf-firewall.h"
7 #include "bus-common-errors.h"
8 #include "bus-polkit.h"
9 #include "cgroup-util.h"
10 #include "condition.h"
11 #include "dbus-job.h"
12 #include "dbus-unit.h"
13 #include "dbus-util.h"
14 #include "dbus.h"
15 #include "fd-util.h"
16 #include "install.h"
17 #include "locale-util.h"
18 #include "log.h"
19 #include "path-util.h"
20 #include "process-util.h"
21 #include "selinux-access.h"
22 #include "signal-util.h"
23 #include "special.h"
24 #include "string-table.h"
25 #include "string-util.h"
26 #include "strv.h"
27 #include "user-util.h"
28 #include "web-util.h"
29
30 static bool unit_can_start_refuse_manual(Unit *u) {
31 return unit_can_start(u) && !u->refuse_manual_start;
32 }
33
34 static bool unit_can_stop_refuse_manual(Unit *u) {
35 return unit_can_stop(u) && !u->refuse_manual_stop;
36 }
37
38 static bool unit_can_isolate_refuse_manual(Unit *u) {
39 return unit_can_isolate(u) && !u->refuse_manual_start;
40 }
41
42 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_collect_mode, collect_mode, CollectMode);
43 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_load_state, unit_load_state, UnitLoadState);
44 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_job_mode, job_mode, JobMode);
45 static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_emergency_action, emergency_action, EmergencyAction);
46 static BUS_DEFINE_PROPERTY_GET(property_get_description, "s", Unit, unit_description);
47 static BUS_DEFINE_PROPERTY_GET2(property_get_active_state, "s", Unit, unit_active_state, unit_active_state_to_string);
48 static BUS_DEFINE_PROPERTY_GET(property_get_sub_state, "s", Unit, unit_sub_state_to_string);
49 static BUS_DEFINE_PROPERTY_GET2(property_get_unit_file_state, "s", Unit, unit_get_unit_file_state, unit_file_state_to_string);
50 static BUS_DEFINE_PROPERTY_GET(property_get_can_reload, "b", Unit, unit_can_reload);
51 static BUS_DEFINE_PROPERTY_GET(property_get_can_start, "b", Unit, unit_can_start_refuse_manual);
52 static BUS_DEFINE_PROPERTY_GET(property_get_can_stop, "b", Unit, unit_can_stop_refuse_manual);
53 static BUS_DEFINE_PROPERTY_GET(property_get_can_isolate, "b", Unit, unit_can_isolate_refuse_manual);
54 static BUS_DEFINE_PROPERTY_GET(property_get_need_daemon_reload, "b", Unit, unit_need_daemon_reload);
55 static BUS_DEFINE_PROPERTY_GET_GLOBAL(property_get_empty_strv, "as", 0);
56
57 static int property_get_can_clean(
58 sd_bus *bus,
59 const char *path,
60 const char *interface,
61 const char *property,
62 sd_bus_message *reply,
63 void *userdata,
64 sd_bus_error *error) {
65
66 Unit *u = userdata;
67 ExecCleanMask mask;
68 int r;
69
70 assert(bus);
71 assert(reply);
72
73 r = unit_can_clean(u, &mask);
74 if (r < 0)
75 return r;
76
77 r = sd_bus_message_open_container(reply, 'a', "s");
78 if (r < 0)
79 return r;
80
81 for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++) {
82 if (!FLAGS_SET(mask, 1U << t))
83 continue;
84
85 r = sd_bus_message_append(reply, "s", exec_resource_type_to_string(t));
86 if (r < 0)
87 return r;
88 }
89
90 return sd_bus_message_close_container(reply);
91 }
92
93 static int property_get_names(
94 sd_bus *bus,
95 const char *path,
96 const char *interface,
97 const char *property,
98 sd_bus_message *reply,
99 void *userdata,
100 sd_bus_error *error) {
101
102 Set **s = userdata;
103 Iterator i;
104 const char *t;
105 int r;
106
107 assert(bus);
108 assert(reply);
109 assert(s);
110
111 r = sd_bus_message_open_container(reply, 'a', "s");
112 if (r < 0)
113 return r;
114
115 SET_FOREACH(t, *s, i) {
116 r = sd_bus_message_append(reply, "s", t);
117 if (r < 0)
118 return r;
119 }
120
121 return sd_bus_message_close_container(reply);
122 }
123
124 static int property_get_following(
125 sd_bus *bus,
126 const char *path,
127 const char *interface,
128 const char *property,
129 sd_bus_message *reply,
130 void *userdata,
131 sd_bus_error *error) {
132
133 Unit *u = userdata, *f;
134
135 assert(bus);
136 assert(reply);
137 assert(u);
138
139 f = unit_following(u);
140 return sd_bus_message_append(reply, "s", f ? f->id : NULL);
141 }
142
143 static int property_get_dependencies(
144 sd_bus *bus,
145 const char *path,
146 const char *interface,
147 const char *property,
148 sd_bus_message *reply,
149 void *userdata,
150 sd_bus_error *error) {
151
152 Hashmap **h = userdata;
153 Iterator j;
154 Unit *u;
155 void *v;
156 int r;
157
158 assert(bus);
159 assert(reply);
160 assert(h);
161
162 r = sd_bus_message_open_container(reply, 'a', "s");
163 if (r < 0)
164 return r;
165
166 HASHMAP_FOREACH_KEY(v, u, *h, j) {
167 r = sd_bus_message_append(reply, "s", u->id);
168 if (r < 0)
169 return r;
170 }
171
172 return sd_bus_message_close_container(reply);
173 }
174
175 static int property_get_requires_mounts_for(
176 sd_bus *bus,
177 const char *path,
178 const char *interface,
179 const char *property,
180 sd_bus_message *reply,
181 void *userdata,
182 sd_bus_error *error) {
183
184 Hashmap **h = userdata;
185 const char *p;
186 Iterator j;
187 void *v;
188 int r;
189
190 assert(bus);
191 assert(reply);
192 assert(h);
193
194 r = sd_bus_message_open_container(reply, 'a', "s");
195 if (r < 0)
196 return r;
197
198 HASHMAP_FOREACH_KEY(v, p, *h, j) {
199 r = sd_bus_message_append(reply, "s", p);
200 if (r < 0)
201 return r;
202 }
203
204 return sd_bus_message_close_container(reply);
205 }
206
207 static int property_get_unit_file_preset(
208 sd_bus *bus,
209 const char *path,
210 const char *interface,
211 const char *property,
212 sd_bus_message *reply,
213 void *userdata,
214 sd_bus_error *error) {
215
216 Unit *u = userdata;
217 int r;
218
219 assert(bus);
220 assert(reply);
221 assert(u);
222
223 r = unit_get_unit_file_preset(u);
224
225 return sd_bus_message_append(reply, "s",
226 r < 0 ? NULL:
227 r > 0 ? "enabled" : "disabled");
228 }
229
230 static int property_get_job(
231 sd_bus *bus,
232 const char *path,
233 const char *interface,
234 const char *property,
235 sd_bus_message *reply,
236 void *userdata,
237 sd_bus_error *error) {
238
239 _cleanup_free_ char *p = NULL;
240 Job **j = userdata;
241
242 assert(bus);
243 assert(reply);
244 assert(j);
245
246 if (!*j)
247 return sd_bus_message_append(reply, "(uo)", 0, "/");
248
249 p = job_dbus_path(*j);
250 if (!p)
251 return -ENOMEM;
252
253 return sd_bus_message_append(reply, "(uo)", (*j)->id, p);
254 }
255
256 static int property_get_conditions(
257 sd_bus *bus,
258 const char *path,
259 const char *interface,
260 const char *property,
261 sd_bus_message *reply,
262 void *userdata,
263 sd_bus_error *error) {
264
265 const char *(*to_string)(ConditionType type) = NULL;
266 Condition **list = userdata, *c;
267 int r;
268
269 assert(bus);
270 assert(reply);
271 assert(list);
272
273 to_string = streq(property, "Asserts") ? assert_type_to_string : condition_type_to_string;
274
275 r = sd_bus_message_open_container(reply, 'a', "(sbbsi)");
276 if (r < 0)
277 return r;
278
279 LIST_FOREACH(conditions, c, *list) {
280 int tristate;
281
282 tristate =
283 c->result == CONDITION_UNTESTED ? 0 :
284 c->result == CONDITION_SUCCEEDED ? 1 : -1;
285
286 r = sd_bus_message_append(reply, "(sbbsi)",
287 to_string(c->type),
288 c->trigger, c->negate,
289 c->parameter, tristate);
290 if (r < 0)
291 return r;
292
293 }
294
295 return sd_bus_message_close_container(reply);
296 }
297
298 static int property_get_load_error(
299 sd_bus *bus,
300 const char *path,
301 const char *interface,
302 const char *property,
303 sd_bus_message *reply,
304 void *userdata,
305 sd_bus_error *error) {
306
307 _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
308 Unit *u = userdata;
309 int r;
310
311 assert(bus);
312 assert(reply);
313 assert(u);
314
315 r = bus_unit_validate_load_state(u, &e);
316 if (r < 0)
317 return sd_bus_message_append(reply, "(ss)", e.name, e.message);
318
319 return sd_bus_message_append(reply, "(ss)", NULL, NULL);
320 }
321
322 static int bus_verify_manage_units_async_full(
323 Unit *u,
324 const char *verb,
325 int capability,
326 const char *polkit_message,
327 bool interactive,
328 sd_bus_message *call,
329 sd_bus_error *error) {
330
331 const char *details[9] = {
332 "unit", u->id,
333 "verb", verb,
334 };
335
336 if (polkit_message) {
337 details[4] = "polkit.message";
338 details[5] = polkit_message;
339 details[6] = "polkit.gettext_domain";
340 details[7] = GETTEXT_PACKAGE;
341 }
342
343 return bus_verify_polkit_async(
344 call,
345 capability,
346 "org.freedesktop.systemd1.manage-units",
347 details,
348 interactive,
349 UID_INVALID,
350 &u->manager->polkit_registry,
351 error);
352 }
353
354 static const char *const polkit_message_for_job[_JOB_TYPE_MAX] = {
355 [JOB_START] = N_("Authentication is required to start '$(unit)'."),
356 [JOB_STOP] = N_("Authentication is required to stop '$(unit)'."),
357 [JOB_RELOAD] = N_("Authentication is required to reload '$(unit)'."),
358 [JOB_RESTART] = N_("Authentication is required to restart '$(unit)'."),
359 [JOB_TRY_RESTART] = N_("Authentication is required to restart '$(unit)'."),
360 };
361
362 int bus_unit_method_start_generic(
363 sd_bus_message *message,
364 Unit *u,
365 JobType job_type,
366 bool reload_if_possible,
367 sd_bus_error *error) {
368
369 const char *smode, *verb;
370 JobMode mode;
371 int r;
372
373 assert(message);
374 assert(u);
375 assert(job_type >= 0 && job_type < _JOB_TYPE_MAX);
376
377 r = mac_selinux_unit_access_check(
378 u, message,
379 job_type_to_access_method(job_type),
380 error);
381 if (r < 0)
382 return r;
383
384 r = sd_bus_message_read(message, "s", &smode);
385 if (r < 0)
386 return r;
387
388 mode = job_mode_from_string(smode);
389 if (mode < 0)
390 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
391
392 if (reload_if_possible)
393 verb = strjoina("reload-or-", job_type_to_string(job_type));
394 else
395 verb = job_type_to_string(job_type);
396
397 r = bus_verify_manage_units_async_full(
398 u,
399 verb,
400 CAP_SYS_ADMIN,
401 polkit_message_for_job[job_type],
402 true,
403 message,
404 error);
405 if (r < 0)
406 return r;
407 if (r == 0)
408 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
409
410 return bus_unit_queue_job(message, u, job_type, mode,
411 reload_if_possible ? BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE : 0, error);
412 }
413
414 static int method_start(sd_bus_message *message, void *userdata, sd_bus_error *error) {
415 return bus_unit_method_start_generic(message, userdata, JOB_START, false, error);
416 }
417
418 static int method_stop(sd_bus_message *message, void *userdata, sd_bus_error *error) {
419 return bus_unit_method_start_generic(message, userdata, JOB_STOP, false, error);
420 }
421
422 static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
423 return bus_unit_method_start_generic(message, userdata, JOB_RELOAD, false, error);
424 }
425
426 static int method_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
427 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, false, error);
428 }
429
430 static int method_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
431 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, false, error);
432 }
433
434 static int method_reload_or_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
435 return bus_unit_method_start_generic(message, userdata, JOB_RESTART, true, error);
436 }
437
438 static int method_reload_or_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
439 return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, true, error);
440 }
441
442 int bus_unit_method_enqueue_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
443 BusUnitQueueFlags flags = BUS_UNIT_QUEUE_VERBOSE_REPLY;
444 const char *jtype, *smode;
445 Unit *u = userdata;
446 JobType type;
447 JobMode mode;
448 int r;
449
450 assert(message);
451 assert(u);
452
453 r = sd_bus_message_read(message, "ss", &jtype, &smode);
454 if (r < 0)
455 return r;
456
457 /* Parse the two magic reload types "reload-or-…" manually */
458 if (streq(jtype, "reload-or-restart")) {
459 type = JOB_RESTART;
460 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
461 } else if (streq(jtype, "reload-or-try-restart")) {
462 type = JOB_TRY_RESTART;
463 flags |= BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE;
464 } else {
465 /* And the rest generically */
466 type = job_type_from_string(jtype);
467 if (type < 0)
468 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job type %s invalid", jtype);
469 }
470
471 mode = job_mode_from_string(smode);
472 if (mode < 0)
473 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
474
475 r = mac_selinux_unit_access_check(
476 u, message,
477 job_type_to_access_method(type),
478 error);
479 if (r < 0)
480 return r;
481
482 r = bus_verify_manage_units_async_full(
483 u,
484 jtype,
485 CAP_SYS_ADMIN,
486 polkit_message_for_job[type],
487 true,
488 message,
489 error);
490 if (r < 0)
491 return r;
492 if (r == 0)
493 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
494
495 return bus_unit_queue_job(message, u, type, mode, flags, error);
496 }
497
498 int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
499 Unit *u = userdata;
500 const char *swho;
501 int32_t signo;
502 KillWho who;
503 int r;
504
505 assert(message);
506 assert(u);
507
508 r = mac_selinux_unit_access_check(u, message, "stop", error);
509 if (r < 0)
510 return r;
511
512 r = sd_bus_message_read(message, "si", &swho, &signo);
513 if (r < 0)
514 return r;
515
516 if (isempty(swho))
517 who = KILL_ALL;
518 else {
519 who = kill_who_from_string(swho);
520 if (who < 0)
521 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument %s", swho);
522 }
523
524 if (!SIGNAL_VALID(signo))
525 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
526
527 r = bus_verify_manage_units_async_full(
528 u,
529 "kill",
530 CAP_KILL,
531 N_("Authentication is required to send a UNIX signal to the processes of '$(unit)'."),
532 true,
533 message,
534 error);
535 if (r < 0)
536 return r;
537 if (r == 0)
538 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
539
540 r = unit_kill(u, who, signo, error);
541 if (r < 0)
542 return r;
543
544 return sd_bus_reply_method_return(message, NULL);
545 }
546
547 int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
548 Unit *u = userdata;
549 int r;
550
551 assert(message);
552 assert(u);
553
554 r = mac_selinux_unit_access_check(u, message, "reload", error);
555 if (r < 0)
556 return r;
557
558 r = bus_verify_manage_units_async_full(
559 u,
560 "reset-failed",
561 CAP_SYS_ADMIN,
562 N_("Authentication is required to reset the \"failed\" state of '$(unit)'."),
563 true,
564 message,
565 error);
566 if (r < 0)
567 return r;
568 if (r == 0)
569 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
570
571 unit_reset_failed(u);
572
573 return sd_bus_reply_method_return(message, NULL);
574 }
575
576 int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
577 Unit *u = userdata;
578 int runtime, r;
579
580 assert(message);
581 assert(u);
582
583 r = mac_selinux_unit_access_check(u, message, "start", error);
584 if (r < 0)
585 return r;
586
587 r = sd_bus_message_read(message, "b", &runtime);
588 if (r < 0)
589 return r;
590
591 r = bus_verify_manage_units_async_full(
592 u,
593 "set-property",
594 CAP_SYS_ADMIN,
595 N_("Authentication is required to set properties on '$(unit)'."),
596 true,
597 message,
598 error);
599 if (r < 0)
600 return r;
601 if (r == 0)
602 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
603
604 r = bus_unit_set_properties(u, message, runtime ? UNIT_RUNTIME : UNIT_PERSISTENT, true, error);
605 if (r < 0)
606 return r;
607
608 return sd_bus_reply_method_return(message, NULL);
609 }
610
611 int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
612 Unit *u = userdata;
613 int r;
614
615 assert(message);
616 assert(u);
617
618 r = mac_selinux_unit_access_check(u, message, "start", error);
619 if (r < 0)
620 return r;
621
622 r = bus_verify_manage_units_async_full(
623 u,
624 "ref",
625 CAP_SYS_ADMIN,
626 NULL,
627 false,
628 message,
629 error);
630 if (r < 0)
631 return r;
632 if (r == 0)
633 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
634
635 r = bus_unit_track_add_sender(u, message);
636 if (r < 0)
637 return r;
638
639 return sd_bus_reply_method_return(message, NULL);
640 }
641
642 int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
643 Unit *u = userdata;
644 int r;
645
646 assert(message);
647 assert(u);
648
649 r = bus_unit_track_remove_sender(u, message);
650 if (r == -EUNATCH)
651 return sd_bus_error_setf(error, BUS_ERROR_NOT_REFERENCED, "Unit has not been referenced yet.");
652 if (r < 0)
653 return r;
654
655 return sd_bus_reply_method_return(message, NULL);
656 }
657
658 int bus_unit_method_clean(sd_bus_message *message, void *userdata, sd_bus_error *error) {
659 ExecCleanMask mask = 0;
660 Unit *u = userdata;
661 int r;
662
663 assert(message);
664 assert(u);
665
666 r = mac_selinux_unit_access_check(u, message, "stop", error);
667 if (r < 0)
668 return r;
669
670 r = sd_bus_message_enter_container(message, 'a', "s");
671 if (r < 0)
672 return r;
673
674 for (;;) {
675 const char *i;
676
677 r = sd_bus_message_read(message, "s", &i);
678 if (r < 0)
679 return r;
680 if (r == 0)
681 break;
682
683 if (streq(i, "all"))
684 mask |= EXEC_CLEAN_ALL;
685 else {
686 ExecDirectoryType t;
687
688 t = exec_resource_type_from_string(i);
689 if (t < 0)
690 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid resource type: %s", i);
691
692 mask |= 1U << t;
693 }
694 }
695
696 r = sd_bus_message_exit_container(message);
697 if (r < 0)
698 return r;
699
700 r = bus_verify_manage_units_async_full(
701 u,
702 "clean",
703 CAP_DAC_OVERRIDE,
704 N_("Authentication is required to delete files and directories associated with '$(unit)'."),
705 true,
706 message,
707 error);
708 if (r < 0)
709 return r;
710 if (r == 0)
711 return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
712
713 r = unit_clean(u, mask);
714 if (r == -EOPNOTSUPP)
715 return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Unit '%s' does not supporting cleaning.", u->id);
716 if (r == -EUNATCH)
717 return sd_bus_error_setf(error, BUS_ERROR_NOTHING_TO_CLEAN, "No matching resources found.");
718 if (r == -EBUSY)
719 return sd_bus_error_setf(error, BUS_ERROR_UNIT_BUSY, "Unit is not inactive or has pending job.");
720 if (r < 0)
721 return r;
722
723 return sd_bus_reply_method_return(message, NULL);
724 }
725
726 static int property_get_refs(
727 sd_bus *bus,
728 const char *path,
729 const char *interface,
730 const char *property,
731 sd_bus_message *reply,
732 void *userdata,
733 sd_bus_error *error) {
734
735 Unit *u = userdata;
736 const char *i;
737 int r;
738
739 assert(bus);
740 assert(reply);
741
742 r = sd_bus_message_open_container(reply, 'a', "s");
743 if (r < 0)
744 return r;
745
746 for (i = sd_bus_track_first(u->bus_track); i; i = sd_bus_track_next(u->bus_track)) {
747 int c, k;
748
749 c = sd_bus_track_count_name(u->bus_track, i);
750 if (c < 0)
751 return c;
752
753 /* Add the item multiple times if the ref count for each is above 1 */
754 for (k = 0; k < c; k++) {
755 r = sd_bus_message_append(reply, "s", i);
756 if (r < 0)
757 return r;
758 }
759 }
760
761 return sd_bus_message_close_container(reply);
762 }
763
764 const sd_bus_vtable bus_unit_vtable[] = {
765 SD_BUS_VTABLE_START(0),
766
767 SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Unit, id), SD_BUS_VTABLE_PROPERTY_CONST),
768 SD_BUS_PROPERTY("Names", "as", property_get_names, offsetof(Unit, names), SD_BUS_VTABLE_PROPERTY_CONST),
769 SD_BUS_PROPERTY("Following", "s", property_get_following, 0, 0),
770 SD_BUS_PROPERTY("Requires", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUIRES]), SD_BUS_VTABLE_PROPERTY_CONST),
771 SD_BUS_PROPERTY("Requisite", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUISITE]), SD_BUS_VTABLE_PROPERTY_CONST),
772 SD_BUS_PROPERTY("Wants", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_WANTS]), SD_BUS_VTABLE_PROPERTY_CONST),
773 SD_BUS_PROPERTY("BindsTo", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BINDS_TO]), SD_BUS_VTABLE_PROPERTY_CONST),
774 SD_BUS_PROPERTY("PartOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_PART_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
775 SD_BUS_PROPERTY("RequiredBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUIRED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
776 SD_BUS_PROPERTY("RequisiteOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUISITE_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
777 SD_BUS_PROPERTY("WantedBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_WANTED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
778 SD_BUS_PROPERTY("BoundBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BOUND_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
779 SD_BUS_PROPERTY("ConsistsOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONSISTS_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
780 SD_BUS_PROPERTY("Conflicts", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONFLICTS]), SD_BUS_VTABLE_PROPERTY_CONST),
781 SD_BUS_PROPERTY("ConflictedBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONFLICTED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
782 SD_BUS_PROPERTY("Before", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BEFORE]), SD_BUS_VTABLE_PROPERTY_CONST),
783 SD_BUS_PROPERTY("After", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_AFTER]), SD_BUS_VTABLE_PROPERTY_CONST),
784 SD_BUS_PROPERTY("OnFailure", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_ON_FAILURE]), SD_BUS_VTABLE_PROPERTY_CONST),
785 SD_BUS_PROPERTY("Triggers", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_TRIGGERS]), SD_BUS_VTABLE_PROPERTY_CONST),
786 SD_BUS_PROPERTY("TriggeredBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_TRIGGERED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
787 SD_BUS_PROPERTY("PropagatesReloadTo", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_PROPAGATES_RELOAD_TO]), SD_BUS_VTABLE_PROPERTY_CONST),
788 SD_BUS_PROPERTY("ReloadPropagatedFrom", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_RELOAD_PROPAGATED_FROM]), SD_BUS_VTABLE_PROPERTY_CONST),
789 SD_BUS_PROPERTY("JoinsNamespaceOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_JOINS_NAMESPACE_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
790 SD_BUS_PROPERTY("RequiresMountsFor", "as", property_get_requires_mounts_for, offsetof(Unit, requires_mounts_for), SD_BUS_VTABLE_PROPERTY_CONST),
791 SD_BUS_PROPERTY("Documentation", "as", NULL, offsetof(Unit, documentation), SD_BUS_VTABLE_PROPERTY_CONST),
792 SD_BUS_PROPERTY("Description", "s", property_get_description, 0, SD_BUS_VTABLE_PROPERTY_CONST),
793 SD_BUS_PROPERTY("LoadState", "s", property_get_load_state, offsetof(Unit, load_state), SD_BUS_VTABLE_PROPERTY_CONST),
794 SD_BUS_PROPERTY("ActiveState", "s", property_get_active_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
795 SD_BUS_PROPERTY("SubState", "s", property_get_sub_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
796 SD_BUS_PROPERTY("FragmentPath", "s", NULL, offsetof(Unit, fragment_path), SD_BUS_VTABLE_PROPERTY_CONST),
797 SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Unit, source_path), SD_BUS_VTABLE_PROPERTY_CONST),
798 SD_BUS_PROPERTY("DropInPaths", "as", NULL, offsetof(Unit, dropin_paths), SD_BUS_VTABLE_PROPERTY_CONST),
799 SD_BUS_PROPERTY("UnitFileState", "s", property_get_unit_file_state, 0, 0),
800 SD_BUS_PROPERTY("UnitFilePreset", "s", property_get_unit_file_preset, 0, 0),
801 BUS_PROPERTY_DUAL_TIMESTAMP("StateChangeTimestamp", offsetof(Unit, state_change_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
802 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveExitTimestamp", offsetof(Unit, inactive_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
803 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveEnterTimestamp", offsetof(Unit, active_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
804 BUS_PROPERTY_DUAL_TIMESTAMP("ActiveExitTimestamp", offsetof(Unit, active_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
805 BUS_PROPERTY_DUAL_TIMESTAMP("InactiveEnterTimestamp", offsetof(Unit, inactive_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
806 SD_BUS_PROPERTY("CanStart", "b", property_get_can_start, 0, SD_BUS_VTABLE_PROPERTY_CONST),
807 SD_BUS_PROPERTY("CanStop", "b", property_get_can_stop, 0, SD_BUS_VTABLE_PROPERTY_CONST),
808 SD_BUS_PROPERTY("CanReload", "b", property_get_can_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
809 SD_BUS_PROPERTY("CanIsolate", "b", property_get_can_isolate, 0, SD_BUS_VTABLE_PROPERTY_CONST),
810 SD_BUS_PROPERTY("CanClean", "as", property_get_can_clean, 0, SD_BUS_VTABLE_PROPERTY_CONST),
811 SD_BUS_PROPERTY("Job", "(uo)", property_get_job, offsetof(Unit, job), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
812 SD_BUS_PROPERTY("StopWhenUnneeded", "b", bus_property_get_bool, offsetof(Unit, stop_when_unneeded), SD_BUS_VTABLE_PROPERTY_CONST),
813 SD_BUS_PROPERTY("RefuseManualStart", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_start), SD_BUS_VTABLE_PROPERTY_CONST),
814 SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
815 SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
816 SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
817 SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
818 SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
819 SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
820 SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
821 SD_BUS_PROPERTY("JobRunningTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_running_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
822 SD_BUS_PROPERTY("JobTimeoutAction", "s", property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),
823 SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
824 SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
825 SD_BUS_PROPERTY("AssertResult", "b", bus_property_get_bool, offsetof(Unit, assert_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
826 BUS_PROPERTY_DUAL_TIMESTAMP("ConditionTimestamp", offsetof(Unit, condition_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
827 BUS_PROPERTY_DUAL_TIMESTAMP("AssertTimestamp", offsetof(Unit, assert_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
828 SD_BUS_PROPERTY("Conditions", "a(sbbsi)", property_get_conditions, offsetof(Unit, conditions), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
829 SD_BUS_PROPERTY("Asserts", "a(sbbsi)", property_get_conditions, offsetof(Unit, asserts), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
830 SD_BUS_PROPERTY("LoadError", "(ss)", property_get_load_error, 0, SD_BUS_VTABLE_PROPERTY_CONST),
831 SD_BUS_PROPERTY("Transient", "b", bus_property_get_bool, offsetof(Unit, transient), SD_BUS_VTABLE_PROPERTY_CONST),
832 SD_BUS_PROPERTY("Perpetual", "b", bus_property_get_bool, offsetof(Unit, perpetual), SD_BUS_VTABLE_PROPERTY_CONST),
833 SD_BUS_PROPERTY("StartLimitIntervalUSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
834 SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_ratelimit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
835 SD_BUS_PROPERTY("StartLimitAction", "s", property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST),
836 SD_BUS_PROPERTY("FailureAction", "s", property_get_emergency_action, offsetof(Unit, failure_action), SD_BUS_VTABLE_PROPERTY_CONST),
837 SD_BUS_PROPERTY("FailureActionExitStatus", "i", bus_property_get_int, offsetof(Unit, failure_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
838 SD_BUS_PROPERTY("SuccessAction", "s", property_get_emergency_action, offsetof(Unit, success_action), SD_BUS_VTABLE_PROPERTY_CONST),
839 SD_BUS_PROPERTY("SuccessActionExitStatus", "i", bus_property_get_int, offsetof(Unit, success_action_exit_status), SD_BUS_VTABLE_PROPERTY_CONST),
840 SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
841 SD_BUS_PROPERTY("InvocationID", "ay", bus_property_get_id128, offsetof(Unit, invocation_id), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
842 SD_BUS_PROPERTY("CollectMode", "s", property_get_collect_mode, offsetof(Unit, collect_mode), SD_BUS_VTABLE_PROPERTY_CONST),
843 SD_BUS_PROPERTY("Refs", "as", property_get_refs, 0, 0),
844
845 SD_BUS_METHOD("Start", "s", "o", method_start, SD_BUS_VTABLE_UNPRIVILEGED),
846 SD_BUS_METHOD("Stop", "s", "o", method_stop, SD_BUS_VTABLE_UNPRIVILEGED),
847 SD_BUS_METHOD("Reload", "s", "o", method_reload, SD_BUS_VTABLE_UNPRIVILEGED),
848 SD_BUS_METHOD("Restart", "s", "o", method_restart, SD_BUS_VTABLE_UNPRIVILEGED),
849 SD_BUS_METHOD("TryRestart", "s", "o", method_try_restart, SD_BUS_VTABLE_UNPRIVILEGED),
850 SD_BUS_METHOD("ReloadOrRestart", "s", "o", method_reload_or_restart, SD_BUS_VTABLE_UNPRIVILEGED),
851 SD_BUS_METHOD("ReloadOrTryRestart", "s", "o", method_reload_or_try_restart, SD_BUS_VTABLE_UNPRIVILEGED),
852 SD_BUS_METHOD("EnqueueJob", "ss", "uososa(uosos)", bus_unit_method_enqueue_job, SD_BUS_VTABLE_UNPRIVILEGED),
853 SD_BUS_METHOD("Kill", "si", NULL, bus_unit_method_kill, SD_BUS_VTABLE_UNPRIVILEGED),
854 SD_BUS_METHOD("ResetFailed", NULL, NULL, bus_unit_method_reset_failed, SD_BUS_VTABLE_UNPRIVILEGED),
855 SD_BUS_METHOD("SetProperties", "ba(sv)", NULL, bus_unit_method_set_properties, SD_BUS_VTABLE_UNPRIVILEGED),
856 SD_BUS_METHOD("Ref", NULL, NULL, bus_unit_method_ref, SD_BUS_VTABLE_UNPRIVILEGED),
857 SD_BUS_METHOD("Unref", NULL, NULL, bus_unit_method_unref, SD_BUS_VTABLE_UNPRIVILEGED),
858 SD_BUS_METHOD("Clean", "as", NULL, bus_unit_method_clean, SD_BUS_VTABLE_UNPRIVILEGED),
859
860 /* For dependency types we don't support anymore always return an empty array */
861 SD_BUS_PROPERTY("RequiresOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
862 SD_BUS_PROPERTY("RequisiteOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
863 SD_BUS_PROPERTY("RequiredByOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
864 SD_BUS_PROPERTY("RequisiteOfOverridable", "as", property_get_empty_strv, 0, SD_BUS_VTABLE_HIDDEN),
865 /* Obsolete alias names */
866 SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
867 SD_BUS_PROPERTY("StartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Unit, start_ratelimit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
868 SD_BUS_VTABLE_END
869 };
870
871 static int property_get_slice(
872 sd_bus *bus,
873 const char *path,
874 const char *interface,
875 const char *property,
876 sd_bus_message *reply,
877 void *userdata,
878 sd_bus_error *error) {
879
880 Unit *u = userdata;
881
882 assert(bus);
883 assert(reply);
884 assert(u);
885
886 return sd_bus_message_append(reply, "s", unit_slice_name(u));
887 }
888
889 static int property_get_current_memory(
890 sd_bus *bus,
891 const char *path,
892 const char *interface,
893 const char *property,
894 sd_bus_message *reply,
895 void *userdata,
896 sd_bus_error *error) {
897
898 uint64_t sz = (uint64_t) -1;
899 Unit *u = userdata;
900 int r;
901
902 assert(bus);
903 assert(reply);
904 assert(u);
905
906 r = unit_get_memory_current(u, &sz);
907 if (r < 0 && r != -ENODATA)
908 log_unit_warning_errno(u, r, "Failed to get memory.usage_in_bytes attribute: %m");
909
910 return sd_bus_message_append(reply, "t", sz);
911 }
912
913 static int property_get_current_tasks(
914 sd_bus *bus,
915 const char *path,
916 const char *interface,
917 const char *property,
918 sd_bus_message *reply,
919 void *userdata,
920 sd_bus_error *error) {
921
922 uint64_t cn = (uint64_t) -1;
923 Unit *u = userdata;
924 int r;
925
926 assert(bus);
927 assert(reply);
928 assert(u);
929
930 r = unit_get_tasks_current(u, &cn);
931 if (r < 0 && r != -ENODATA)
932 log_unit_warning_errno(u, r, "Failed to get pids.current attribute: %m");
933
934 return sd_bus_message_append(reply, "t", cn);
935 }
936
937 static int property_get_cpu_usage(
938 sd_bus *bus,
939 const char *path,
940 const char *interface,
941 const char *property,
942 sd_bus_message *reply,
943 void *userdata,
944 sd_bus_error *error) {
945
946 nsec_t ns = (nsec_t) -1;
947 Unit *u = userdata;
948 int r;
949
950 assert(bus);
951 assert(reply);
952 assert(u);
953
954 r = unit_get_cpu_usage(u, &ns);
955 if (r < 0 && r != -ENODATA)
956 log_unit_warning_errno(u, r, "Failed to get cpuacct.usage attribute: %m");
957
958 return sd_bus_message_append(reply, "t", ns);
959 }
960
961 static int property_get_cpuset_cpus(
962 sd_bus *bus,
963 const char *path,
964 const char *interface,
965 const char *property,
966 sd_bus_message *reply,
967 void *userdata,
968 sd_bus_error *error) {
969
970 Unit *u = userdata;
971 _cleanup_(cpu_set_reset) CPUSet cpus = {};
972 _cleanup_free_ uint8_t *array = NULL;
973 size_t allocated;
974
975 assert(bus);
976 assert(reply);
977 assert(u);
978
979 (void) unit_get_cpuset(u, &cpus, "cpuset.cpus.effective");
980 (void) cpu_set_to_dbus(&cpus, &array, &allocated);
981 return sd_bus_message_append_array(reply, 'y', array, allocated);
982 }
983
984 static int property_get_cpuset_mems(
985 sd_bus *bus,
986 const char *path,
987 const char *interface,
988 const char *property,
989 sd_bus_message *reply,
990 void *userdata,
991 sd_bus_error *error) {
992
993 Unit *u = userdata;
994 _cleanup_(cpu_set_reset) CPUSet mems = {};
995 _cleanup_free_ uint8_t *array = NULL;
996 size_t allocated;
997
998 assert(bus);
999 assert(reply);
1000 assert(u);
1001
1002 (void) unit_get_cpuset(u, &mems, "cpuset.mems.effective");
1003 (void) cpu_set_to_dbus(&mems, &array, &allocated);
1004 return sd_bus_message_append_array(reply, 'y', array, allocated);
1005 }
1006
1007 static int property_get_cgroup(
1008 sd_bus *bus,
1009 const char *path,
1010 const char *interface,
1011 const char *property,
1012 sd_bus_message *reply,
1013 void *userdata,
1014 sd_bus_error *error) {
1015
1016 Unit *u = userdata;
1017 const char *t = NULL;
1018
1019 assert(bus);
1020 assert(reply);
1021 assert(u);
1022
1023 /* Three cases: a) u->cgroup_path is NULL, in which case the
1024 * unit has no control group, which we report as the empty
1025 * string. b) u->cgroup_path is the empty string, which
1026 * indicates the root cgroup, which we report as "/". c) all
1027 * other cases we report as-is. */
1028
1029 if (u->cgroup_path)
1030 t = empty_to_root(u->cgroup_path);
1031
1032 return sd_bus_message_append(reply, "s", t);
1033 }
1034
1035 static int append_process(sd_bus_message *reply, const char *p, pid_t pid, Set *pids) {
1036 _cleanup_free_ char *buf = NULL, *cmdline = NULL;
1037 int r;
1038
1039 assert(reply);
1040 assert(pid > 0);
1041
1042 r = set_put(pids, PID_TO_PTR(pid));
1043 if (IN_SET(r, 0, -EEXIST))
1044 return 0;
1045 if (r < 0)
1046 return r;
1047
1048 if (!p) {
1049 r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &buf);
1050 if (r == -ESRCH)
1051 return 0;
1052 if (r < 0)
1053 return r;
1054
1055 p = buf;
1056 }
1057
1058 (void) get_process_cmdline(pid, SIZE_MAX, PROCESS_CMDLINE_COMM_FALLBACK, &cmdline);
1059
1060 return sd_bus_message_append(reply,
1061 "(sus)",
1062 p,
1063 (uint32_t) pid,
1064 cmdline);
1065 }
1066
1067 static int append_cgroup(sd_bus_message *reply, const char *p, Set *pids) {
1068 _cleanup_closedir_ DIR *d = NULL;
1069 _cleanup_fclose_ FILE *f = NULL;
1070 int r;
1071
1072 assert(reply);
1073 assert(p);
1074
1075 r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, p, &f);
1076 if (r == -ENOENT)
1077 return 0;
1078 if (r < 0)
1079 return r;
1080
1081 for (;;) {
1082 pid_t pid;
1083
1084 r = cg_read_pid(f, &pid);
1085 if (r < 0)
1086 return r;
1087 if (r == 0)
1088 break;
1089
1090 if (is_kernel_thread(pid) > 0)
1091 continue;
1092
1093 r = append_process(reply, p, pid, pids);
1094 if (r < 0)
1095 return r;
1096 }
1097
1098 r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, p, &d);
1099 if (r == -ENOENT)
1100 return 0;
1101 if (r < 0)
1102 return r;
1103
1104 for (;;) {
1105 _cleanup_free_ char *g = NULL, *j = NULL;
1106
1107 r = cg_read_subgroup(d, &g);
1108 if (r < 0)
1109 return r;
1110 if (r == 0)
1111 break;
1112
1113 j = path_join(empty_to_root(p), g);
1114 if (!j)
1115 return -ENOMEM;
1116
1117 r = append_cgroup(reply, j, pids);
1118 if (r < 0)
1119 return r;
1120 }
1121
1122 return 0;
1123 }
1124
1125 int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1126 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1127 _cleanup_set_free_ Set *pids = NULL;
1128 Unit *u = userdata;
1129 pid_t pid;
1130 int r;
1131
1132 assert(message);
1133
1134 r = mac_selinux_unit_access_check(u, message, "status", error);
1135 if (r < 0)
1136 return r;
1137
1138 pids = set_new(NULL);
1139 if (!pids)
1140 return -ENOMEM;
1141
1142 r = sd_bus_message_new_method_return(message, &reply);
1143 if (r < 0)
1144 return r;
1145
1146 r = sd_bus_message_open_container(reply, 'a', "(sus)");
1147 if (r < 0)
1148 return r;
1149
1150 if (u->cgroup_path) {
1151 r = append_cgroup(reply, u->cgroup_path, pids);
1152 if (r < 0)
1153 return r;
1154 }
1155
1156 /* The main and control pids might live outside of the cgroup, hence fetch them separately */
1157 pid = unit_main_pid(u);
1158 if (pid > 0) {
1159 r = append_process(reply, NULL, pid, pids);
1160 if (r < 0)
1161 return r;
1162 }
1163
1164 pid = unit_control_pid(u);
1165 if (pid > 0) {
1166 r = append_process(reply, NULL, pid, pids);
1167 if (r < 0)
1168 return r;
1169 }
1170
1171 r = sd_bus_message_close_container(reply);
1172 if (r < 0)
1173 return r;
1174
1175 return sd_bus_send(NULL, reply, NULL);
1176 }
1177
1178 static int property_get_ip_counter(
1179 sd_bus *bus,
1180 const char *path,
1181 const char *interface,
1182 const char *property,
1183 sd_bus_message *reply,
1184 void *userdata,
1185 sd_bus_error *error) {
1186
1187 static const char *const table[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
1188 [CGROUP_IP_INGRESS_BYTES] = "IPIngressBytes",
1189 [CGROUP_IP_EGRESS_BYTES] = "IPEgressBytes",
1190 [CGROUP_IP_INGRESS_PACKETS] = "IPIngressPackets",
1191 [CGROUP_IP_EGRESS_PACKETS] = "IPEgressPackets",
1192 };
1193
1194 uint64_t value = UINT64_MAX;
1195 Unit *u = userdata;
1196 ssize_t metric;
1197
1198 assert(bus);
1199 assert(reply);
1200 assert(property);
1201 assert(u);
1202
1203 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1204 (void) unit_get_ip_accounting(u, metric, &value);
1205 return sd_bus_message_append(reply, "t", value);
1206 }
1207
1208 static int property_get_io_counter(
1209 sd_bus *bus,
1210 const char *path,
1211 const char *interface,
1212 const char *property,
1213 sd_bus_message *reply,
1214 void *userdata,
1215 sd_bus_error *error) {
1216
1217 static const char *const table[_CGROUP_IO_ACCOUNTING_METRIC_MAX] = {
1218 [CGROUP_IO_READ_BYTES] = "IOReadBytes",
1219 [CGROUP_IO_WRITE_BYTES] = "IOWriteBytes",
1220 [CGROUP_IO_READ_OPERATIONS] = "IOReadOperations",
1221 [CGROUP_IO_WRITE_OPERATIONS] = "IOWriteOperations",
1222 };
1223
1224 uint64_t value = UINT64_MAX;
1225 Unit *u = userdata;
1226 ssize_t metric;
1227
1228 assert(bus);
1229 assert(reply);
1230 assert(property);
1231 assert(u);
1232
1233 assert_se((metric = string_table_lookup(table, ELEMENTSOF(table), property)) >= 0);
1234 (void) unit_get_io_accounting(u, metric, false, &value);
1235 return sd_bus_message_append(reply, "t", value);
1236 }
1237
1238 int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
1239
1240 _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
1241 _cleanup_set_free_ Set *pids = NULL;
1242 Unit *u = userdata;
1243 const char *path;
1244 int r;
1245
1246 assert(message);
1247
1248 /* This migrates the processes with the specified PIDs into the cgroup of this unit, optionally below a
1249 * specified cgroup path. Obviously this only works for units that actually maintain a cgroup
1250 * representation. If a process is already in the cgroup no operation is executed – in this case the specified
1251 * subcgroup path has no effect! */
1252
1253 r = mac_selinux_unit_access_check(u, message, "start", error);
1254 if (r < 0)
1255 return r;
1256
1257 r = sd_bus_message_read(message, "s", &path);
1258 if (r < 0)
1259 return r;
1260
1261 path = empty_to_null(path);
1262 if (path) {
1263 if (!path_is_absolute(path))
1264 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", path);
1265
1266 if (!path_is_normalized(path))
1267 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", path);
1268 }
1269
1270 if (!unit_cgroup_delegate(u))
1271 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process migration not available on non-delegated units.");
1272
1273 if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)))
1274 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit is not active, refusing.");
1275
1276 r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds);
1277 if (r < 0)
1278 return r;
1279
1280 r = sd_bus_message_enter_container(message, 'a', "u");
1281 if (r < 0)
1282 return r;
1283 for (;;) {
1284 uid_t process_uid, sender_uid;
1285 uint32_t upid;
1286 pid_t pid;
1287
1288 r = sd_bus_message_read(message, "u", &upid);
1289 if (r < 0)
1290 return r;
1291 if (r == 0)
1292 break;
1293
1294 if (upid == 0) {
1295 r = sd_bus_creds_get_pid(creds, &pid);
1296 if (r < 0)
1297 return r;
1298 } else
1299 pid = (uid_t) upid;
1300
1301 /* Filter out duplicates */
1302 if (set_contains(pids, PID_TO_PTR(pid)))
1303 continue;
1304
1305 /* Check if this process is suitable for attaching to this unit */
1306 r = unit_pid_attachable(u, pid, error);
1307 if (r < 0)
1308 return r;
1309
1310 /* Let's query the sender's UID, so that we can make our security decisions */
1311 r = sd_bus_creds_get_euid(creds, &sender_uid);
1312 if (r < 0)
1313 return r;
1314
1315 /* Let's validate security: if the sender is root, then all is OK. If the sender is any other unit,
1316 * then the process' UID and the target unit's UID have to match the sender's UID */
1317 if (sender_uid != 0 && sender_uid != getuid()) {
1318 r = get_process_uid(pid, &process_uid);
1319 if (r < 0)
1320 return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m");
1321
1322 if (process_uid != sender_uid)
1323 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by client's UID. Refusing.", pid);
1324 if (process_uid != u->ref_uid)
1325 return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid);
1326 }
1327
1328 if (!pids) {
1329 pids = set_new(NULL);
1330 if (!pids)
1331 return -ENOMEM;
1332 }
1333
1334 r = set_put(pids, PID_TO_PTR(pid));
1335 if (r < 0)
1336 return r;
1337 }
1338
1339 r = sd_bus_message_exit_container(message);
1340 if (r < 0)
1341 return r;
1342
1343 r = unit_attach_pids_to_cgroup(u, pids, path);
1344 if (r < 0)
1345 return sd_bus_error_set_errnof(error, r, "Failed to attach processes to control group: %m");
1346
1347 return sd_bus_reply_method_return(message, NULL);
1348 }
1349
1350 const sd_bus_vtable bus_unit_cgroup_vtable[] = {
1351 SD_BUS_VTABLE_START(0),
1352 SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
1353 SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
1354 SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
1355 SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
1356 SD_BUS_PROPERTY("EffectiveCPUs", "ay", property_get_cpuset_cpus, 0, 0),
1357 SD_BUS_PROPERTY("EffectiveMemoryNodes", "ay", property_get_cpuset_mems, 0, 0),
1358 SD_BUS_PROPERTY("TasksCurrent", "t", property_get_current_tasks, 0, 0),
1359 SD_BUS_PROPERTY("IPIngressBytes", "t", property_get_ip_counter, 0, 0),
1360 SD_BUS_PROPERTY("IPIngressPackets", "t", property_get_ip_counter, 0, 0),
1361 SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0),
1362 SD_BUS_PROPERTY("IPEgressPackets", "t", property_get_ip_counter, 0, 0),
1363 SD_BUS_PROPERTY("IOReadBytes", "t", property_get_io_counter, 0, 0),
1364 SD_BUS_PROPERTY("IOReadOperations", "t", property_get_io_counter, 0, 0),
1365 SD_BUS_PROPERTY("IOWriteBytes", "t", property_get_io_counter, 0, 0),
1366 SD_BUS_PROPERTY("IOWriteOperations", "t", property_get_io_counter, 0, 0),
1367 SD_BUS_METHOD("GetProcesses", NULL, "a(sus)", bus_unit_method_get_processes, SD_BUS_VTABLE_UNPRIVILEGED),
1368 SD_BUS_METHOD("AttachProcesses", "sau", NULL, bus_unit_method_attach_processes, SD_BUS_VTABLE_UNPRIVILEGED),
1369 SD_BUS_VTABLE_END
1370 };
1371
1372 static int send_new_signal(sd_bus *bus, void *userdata) {
1373 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1374 _cleanup_free_ char *p = NULL;
1375 Unit *u = userdata;
1376 int r;
1377
1378 assert(bus);
1379 assert(u);
1380
1381 p = unit_dbus_path(u);
1382 if (!p)
1383 return -ENOMEM;
1384
1385 r = sd_bus_message_new_signal(
1386 bus,
1387 &m,
1388 "/org/freedesktop/systemd1",
1389 "org.freedesktop.systemd1.Manager",
1390 "UnitNew");
1391 if (r < 0)
1392 return r;
1393
1394 r = sd_bus_message_append(m, "so", u->id, p);
1395 if (r < 0)
1396 return r;
1397
1398 return sd_bus_send(bus, m, NULL);
1399 }
1400
1401 static int send_changed_signal(sd_bus *bus, void *userdata) {
1402 _cleanup_free_ char *p = NULL;
1403 Unit *u = userdata;
1404 int r;
1405
1406 assert(bus);
1407 assert(u);
1408
1409 p = unit_dbus_path(u);
1410 if (!p)
1411 return -ENOMEM;
1412
1413 /* Send a properties changed signal. First for the specific
1414 * type, then for the generic unit. The clients may rely on
1415 * this order to get atomic behavior if needed. */
1416
1417 r = sd_bus_emit_properties_changed_strv(
1418 bus, p,
1419 unit_dbus_interface_from_type(u->type),
1420 NULL);
1421 if (r < 0)
1422 return r;
1423
1424 return sd_bus_emit_properties_changed_strv(
1425 bus, p,
1426 "org.freedesktop.systemd1.Unit",
1427 NULL);
1428 }
1429
1430 void bus_unit_send_change_signal(Unit *u) {
1431 int r;
1432 assert(u);
1433
1434 if (u->in_dbus_queue) {
1435 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
1436 u->in_dbus_queue = false;
1437 }
1438
1439 if (!u->id)
1440 return;
1441
1442 r = bus_foreach_bus(u->manager, u->bus_track, u->sent_dbus_new_signal ? send_changed_signal : send_new_signal, u);
1443 if (r < 0)
1444 log_unit_debug_errno(u, r, "Failed to send unit change signal for %s: %m", u->id);
1445
1446 u->sent_dbus_new_signal = true;
1447 }
1448
1449 void bus_unit_send_pending_change_signal(Unit *u, bool including_new) {
1450
1451 /* Sends out any pending change signals, but only if they really are pending. This call is used when we are
1452 * about to change state in order to force out a PropertiesChanged signal beforehand if there was one pending
1453 * so that clients can follow the full state transition */
1454
1455 if (!u->in_dbus_queue) /* If not enqueued, don't bother */
1456 return;
1457
1458 if (!u->sent_dbus_new_signal && !including_new) /* If the unit was never announced, don't bother, it's fine if
1459 * the unit appears in the new state right-away (except if the
1460 * caller explicitly asked us to send it anyway) */
1461 return;
1462
1463 if (MANAGER_IS_RELOADING(u->manager)) /* Don't generate unnecessary PropertiesChanged signals for the same unit
1464 * when we are reloading. */
1465 return;
1466
1467 bus_unit_send_change_signal(u);
1468 }
1469
1470 static int send_removed_signal(sd_bus *bus, void *userdata) {
1471 _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
1472 _cleanup_free_ char *p = NULL;
1473 Unit *u = userdata;
1474 int r;
1475
1476 assert(bus);
1477 assert(u);
1478
1479 p = unit_dbus_path(u);
1480 if (!p)
1481 return -ENOMEM;
1482
1483 r = sd_bus_message_new_signal(
1484 bus,
1485 &m,
1486 "/org/freedesktop/systemd1",
1487 "org.freedesktop.systemd1.Manager",
1488 "UnitRemoved");
1489 if (r < 0)
1490 return r;
1491
1492 r = sd_bus_message_append(m, "so", u->id, p);
1493 if (r < 0)
1494 return r;
1495
1496 return sd_bus_send(bus, m, NULL);
1497 }
1498
1499 void bus_unit_send_removed_signal(Unit *u) {
1500 int r;
1501 assert(u);
1502
1503 if (!u->sent_dbus_new_signal || u->in_dbus_queue)
1504 bus_unit_send_change_signal(u);
1505
1506 if (!u->id)
1507 return;
1508
1509 r = bus_foreach_bus(u->manager, u->bus_track, send_removed_signal, u);
1510 if (r < 0)
1511 log_unit_debug_errno(u, r, "Failed to send unit remove signal for %s: %m", u->id);
1512 }
1513
1514 int bus_unit_queue_job(
1515 sd_bus_message *message,
1516 Unit *u,
1517 JobType type,
1518 JobMode mode,
1519 BusUnitQueueFlags flags,
1520 sd_bus_error *error) {
1521
1522 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
1523 _cleanup_free_ char *job_path = NULL, *unit_path = NULL;
1524 _cleanup_(set_freep) Set *affected = NULL;
1525 Iterator i;
1526 Job *j, *a;
1527 int r;
1528
1529 assert(message);
1530 assert(u);
1531 assert(type >= 0 && type < _JOB_TYPE_MAX);
1532 assert(mode >= 0 && mode < _JOB_MODE_MAX);
1533
1534 r = mac_selinux_unit_access_check(
1535 u, message,
1536 job_type_to_access_method(type),
1537 error);
1538 if (r < 0)
1539 return r;
1540
1541 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_RELOAD_IF_POSSIBLE) && unit_can_reload(u)) {
1542 if (type == JOB_RESTART)
1543 type = JOB_RELOAD_OR_START;
1544 else if (type == JOB_TRY_RESTART)
1545 type = JOB_TRY_RELOAD;
1546 }
1547
1548 if (type == JOB_STOP &&
1549 IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_ERROR, UNIT_BAD_SETTING) &&
1550 unit_active_state(u) == UNIT_INACTIVE)
1551 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
1552
1553 if ((type == JOB_START && u->refuse_manual_start) ||
1554 (type == JOB_STOP && u->refuse_manual_stop) ||
1555 (IN_SET(type, JOB_RESTART, JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
1556 (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
1557 return sd_bus_error_setf(error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, unit %s may be requested by dependency only (it is configured to refuse manual start/stop).", u->id);
1558
1559 if (FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY)) {
1560 affected = set_new(NULL);
1561 if (!affected)
1562 return -ENOMEM;
1563 }
1564
1565 r = manager_add_job(u->manager, type, u, mode, affected, error, &j);
1566 if (r < 0)
1567 return r;
1568
1569 r = bus_job_track_sender(j, message);
1570 if (r < 0)
1571 return r;
1572
1573 /* Before we send the method reply, force out the announcement JobNew for this job */
1574 bus_job_send_pending_change_signal(j, true);
1575
1576 job_path = job_dbus_path(j);
1577 if (!job_path)
1578 return -ENOMEM;
1579
1580 /* The classic response is just a job object path */
1581 if (!FLAGS_SET(flags, BUS_UNIT_QUEUE_VERBOSE_REPLY))
1582 return sd_bus_reply_method_return(message, "o", job_path);
1583
1584 /* In verbose mode respond with the anchor job plus everything that has been affected */
1585 r = sd_bus_message_new_method_return(message, &reply);
1586 if (r < 0)
1587 return r;
1588
1589 unit_path = unit_dbus_path(j->unit);
1590 if (!unit_path)
1591 return -ENOMEM;
1592
1593 r = sd_bus_message_append(reply, "uosos",
1594 j->id, job_path,
1595 j->unit->id, unit_path,
1596 job_type_to_string(j->type));
1597 if (r < 0)
1598 return r;
1599
1600 r = sd_bus_message_open_container(reply, 'a', "(uosos)");
1601 if (r < 0)
1602 return r;
1603
1604 SET_FOREACH(a, affected, i) {
1605
1606 if (a->id == j->id)
1607 continue;
1608
1609 /* Free paths from previous iteration */
1610 job_path = mfree(job_path);
1611 unit_path = mfree(unit_path);
1612
1613 job_path = job_dbus_path(a);
1614 if (!job_path)
1615 return -ENOMEM;
1616
1617 unit_path = unit_dbus_path(a->unit);
1618 if (!unit_path)
1619 return -ENOMEM;
1620
1621 r = sd_bus_message_append(reply, "(uosos)",
1622 a->id, job_path,
1623 a->unit->id, unit_path,
1624 job_type_to_string(a->type));
1625 if (r < 0)
1626 return r;
1627 }
1628
1629 r = sd_bus_message_close_container(reply);
1630 if (r < 0)
1631 return r;
1632
1633 return sd_bus_send(NULL, reply, NULL);
1634 }
1635
1636 static int bus_unit_set_live_property(
1637 Unit *u,
1638 const char *name,
1639 sd_bus_message *message,
1640 UnitWriteFlags flags,
1641 sd_bus_error *error) {
1642
1643 int r;
1644
1645 assert(u);
1646 assert(name);
1647 assert(message);
1648
1649 /* Handles setting properties both "live" (i.e. at any time during runtime), and during creation (for transient
1650 * units that are being created). */
1651
1652 if (streq(name, "Description")) {
1653 const char *d;
1654
1655 r = sd_bus_message_read(message, "s", &d);
1656 if (r < 0)
1657 return r;
1658
1659 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1660 r = unit_set_description(u, d);
1661 if (r < 0)
1662 return r;
1663
1664 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name, "Description=%s", d);
1665 }
1666
1667 return 1;
1668 }
1669
1670 return 0;
1671 }
1672
1673 static int bus_set_transient_emergency_action(
1674 Unit *u,
1675 const char *name,
1676 EmergencyAction *p,
1677 sd_bus_message *message,
1678 UnitWriteFlags flags,
1679 sd_bus_error *error) {
1680
1681 const char *s;
1682 EmergencyAction v;
1683 int r;
1684 bool system;
1685
1686 assert(p);
1687
1688 r = sd_bus_message_read(message, "s", &s);
1689 if (r < 0)
1690 return r;
1691
1692 system = MANAGER_IS_SYSTEM(u->manager);
1693 r = parse_emergency_action(s, system, &v);
1694 if (r < 0)
1695 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
1696 r == -EOPNOTSUPP ? "%s setting invalid for manager type: %s"
1697 : "Invalid %s setting: %s",
1698 name, s);
1699
1700 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1701 *p = v;
1702 unit_write_settingf(u, flags, name,
1703 "%s=%s", name, s);
1704 }
1705
1706 return 1;
1707 }
1708
1709 static int bus_set_transient_exit_status(
1710 Unit *u,
1711 const char *name,
1712 int *p,
1713 sd_bus_message *message,
1714 UnitWriteFlags flags,
1715 sd_bus_error *error) {
1716
1717 int32_t k;
1718 int r;
1719
1720 assert(p);
1721
1722 r = sd_bus_message_read(message, "i", &k);
1723 if (r < 0)
1724 return r;
1725
1726 if (k > 255)
1727 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Exit status must be in range 0…255 or negative.");
1728
1729 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1730 *p = k < 0 ? -1 : k;
1731
1732 if (k < 0)
1733 unit_write_settingf(u, flags, name, "%s=", name);
1734 else
1735 unit_write_settingf(u, flags, name, "%s=%i", name, k);
1736 }
1737
1738 return 1;
1739 }
1740
1741 static BUS_DEFINE_SET_TRANSIENT_PARSE(collect_mode, CollectMode, collect_mode_from_string);
1742 static BUS_DEFINE_SET_TRANSIENT_PARSE(job_mode, JobMode, job_mode_from_string);
1743
1744 static int bus_set_transient_conditions(
1745 Unit *u,
1746 const char *name,
1747 Condition **list,
1748 bool is_condition,
1749 sd_bus_message *message,
1750 UnitWriteFlags flags,
1751 sd_bus_error *error) {
1752
1753 const char *type_name, *param;
1754 int trigger, negate, r;
1755 bool empty = true;
1756
1757 assert(list);
1758
1759 r = sd_bus_message_enter_container(message, 'a', "(sbbs)");
1760 if (r < 0)
1761 return r;
1762
1763 while ((r = sd_bus_message_read(message, "(sbbs)", &type_name, &trigger, &negate, &param)) > 0) {
1764 ConditionType t;
1765
1766 t = is_condition ? condition_type_from_string(type_name) : assert_type_from_string(type_name);
1767 if (t < 0)
1768 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid condition type: %s", type_name);
1769
1770 if (t != CONDITION_NULL) {
1771 if (isempty(param))
1772 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Condition parameter in %s is empty", type_name);
1773
1774 if (condition_takes_path(t) && !path_is_absolute(param))
1775 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path in condition %s is not absolute: %s", type_name, param);
1776 } else
1777 param = NULL;
1778
1779 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1780 Condition *c;
1781
1782 c = condition_new(t, param, trigger, negate);
1783 if (!c)
1784 return -ENOMEM;
1785
1786 LIST_PREPEND(conditions, *list, c);
1787
1788 if (t != CONDITION_NULL)
1789 unit_write_settingf(u, flags|UNIT_ESCAPE_SPECIFIERS, name,
1790 "%s=%s%s%s", type_name,
1791 trigger ? "|" : "", negate ? "!" : "", param);
1792 else
1793 unit_write_settingf(u, flags, name,
1794 "%s=%s%s", type_name,
1795 trigger ? "|" : "", yes_no(!negate));
1796 }
1797
1798 empty = false;
1799 }
1800 if (r < 0)
1801 return r;
1802
1803 r = sd_bus_message_exit_container(message);
1804 if (r < 0)
1805 return r;
1806
1807 if (!UNIT_WRITE_FLAGS_NOOP(flags) && empty) {
1808 *list = condition_free_list(*list);
1809 unit_write_settingf(u, flags, name, "%sNull=", is_condition ? "Condition" : "Assert");
1810 }
1811
1812 return 1;
1813 }
1814
1815 static int bus_unit_set_transient_property(
1816 Unit *u,
1817 const char *name,
1818 sd_bus_message *message,
1819 UnitWriteFlags flags,
1820 sd_bus_error *error) {
1821
1822 UnitDependency d = _UNIT_DEPENDENCY_INVALID;
1823 int r;
1824
1825 assert(u);
1826 assert(name);
1827 assert(message);
1828
1829 /* Handles settings when transient units are created. This settings cannot be altered anymore after the unit
1830 * has been created. */
1831
1832 if (streq(name, "SourcePath"))
1833 return bus_set_transient_path(u, name, &u->source_path, message, flags, error);
1834
1835 if (streq(name, "StopWhenUnneeded"))
1836 return bus_set_transient_bool(u, name, &u->stop_when_unneeded, message, flags, error);
1837
1838 if (streq(name, "RefuseManualStart"))
1839 return bus_set_transient_bool(u, name, &u->refuse_manual_start, message, flags, error);
1840
1841 if (streq(name, "RefuseManualStop"))
1842 return bus_set_transient_bool(u, name, &u->refuse_manual_stop, message, flags, error);
1843
1844 if (streq(name, "AllowIsolate"))
1845 return bus_set_transient_bool(u, name, &u->allow_isolate, message, flags, error);
1846
1847 if (streq(name, "DefaultDependencies"))
1848 return bus_set_transient_bool(u, name, &u->default_dependencies, message, flags, error);
1849
1850 if (streq(name, "OnFailureJobMode"))
1851 return bus_set_transient_job_mode(u, name, &u->on_failure_job_mode, message, flags, error);
1852
1853 if (streq(name, "IgnoreOnIsolate"))
1854 return bus_set_transient_bool(u, name, &u->ignore_on_isolate, message, flags, error);
1855
1856 if (streq(name, "JobTimeoutUSec")) {
1857 r = bus_set_transient_usec_fix_0(u, name, &u->job_timeout, message, flags, error);
1858 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags) && !u->job_running_timeout_set)
1859 u->job_running_timeout = u->job_timeout;
1860 }
1861
1862 if (streq(name, "JobRunningTimeoutUSec")) {
1863 r = bus_set_transient_usec_fix_0(u, name, &u->job_running_timeout, message, flags, error);
1864 if (r >= 0 && !UNIT_WRITE_FLAGS_NOOP(flags))
1865 u->job_running_timeout_set = true;
1866
1867 return r;
1868 }
1869
1870 if (streq(name, "JobTimeoutAction"))
1871 return bus_set_transient_emergency_action(u, name, &u->job_timeout_action, message, flags, error);
1872
1873 if (streq(name, "JobTimeoutRebootArgument"))
1874 return bus_set_transient_string(u, name, &u->job_timeout_reboot_arg, message, flags, error);
1875
1876 if (streq(name, "StartLimitIntervalUSec"))
1877 return bus_set_transient_usec(u, name, &u->start_ratelimit.interval, message, flags, error);
1878
1879 if (streq(name, "StartLimitBurst"))
1880 return bus_set_transient_unsigned(u, name, &u->start_ratelimit.burst, message, flags, error);
1881
1882 if (streq(name, "StartLimitAction"))
1883 return bus_set_transient_emergency_action(u, name, &u->start_limit_action, message, flags, error);
1884
1885 if (streq(name, "FailureAction"))
1886 return bus_set_transient_emergency_action(u, name, &u->failure_action, message, flags, error);
1887
1888 if (streq(name, "SuccessAction"))
1889 return bus_set_transient_emergency_action(u, name, &u->success_action, message, flags, error);
1890
1891 if (streq(name, "FailureActionExitStatus"))
1892 return bus_set_transient_exit_status(u, name, &u->failure_action_exit_status, message, flags, error);
1893
1894 if (streq(name, "SuccessActionExitStatus"))
1895 return bus_set_transient_exit_status(u, name, &u->success_action_exit_status, message, flags, error);
1896
1897 if (streq(name, "RebootArgument"))
1898 return bus_set_transient_string(u, name, &u->reboot_arg, message, flags, error);
1899
1900 if (streq(name, "CollectMode"))
1901 return bus_set_transient_collect_mode(u, name, &u->collect_mode, message, flags, error);
1902
1903 if (streq(name, "Conditions"))
1904 return bus_set_transient_conditions(u, name, &u->conditions, true, message, flags, error);
1905
1906 if (streq(name, "Asserts"))
1907 return bus_set_transient_conditions(u, name, &u->asserts, false, message, flags, error);
1908
1909 if (streq(name, "Documentation")) {
1910 _cleanup_strv_free_ char **l = NULL;
1911 char **p;
1912
1913 r = sd_bus_message_read_strv(message, &l);
1914 if (r < 0)
1915 return r;
1916
1917 STRV_FOREACH(p, l) {
1918 if (!documentation_url_is_valid(*p))
1919 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid URL in %s: %s", name, *p);
1920 }
1921
1922 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1923 if (strv_isempty(l)) {
1924 u->documentation = strv_free(u->documentation);
1925 unit_write_settingf(u, flags, name, "%s=", name);
1926 } else {
1927 strv_extend_strv(&u->documentation, l, false);
1928
1929 STRV_FOREACH(p, l)
1930 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
1931 }
1932 }
1933
1934 return 1;
1935
1936 } else if (streq(name, "Slice")) {
1937 Unit *slice;
1938 const char *s;
1939
1940 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1941 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "The slice property is only available for units with control groups.");
1942 if (u->type == UNIT_SLICE)
1943 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Slice may not be set for slice units.");
1944 if (unit_has_name(u, SPECIAL_INIT_SCOPE))
1945 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot set slice for init.scope");
1946
1947 r = sd_bus_message_read(message, "s", &s);
1948 if (r < 0)
1949 return r;
1950
1951 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
1952 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s);
1953
1954 /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be
1955 * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare()
1956 * instead of manager_load_unit() on purpose, here. */
1957 r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice);
1958 if (r < 0)
1959 return r;
1960
1961 if (slice->type != UNIT_SLICE)
1962 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit name '%s' is not a slice", s);
1963
1964 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1965 r = unit_set_slice(u, slice);
1966 if (r < 0)
1967 return r;
1968
1969 unit_write_settingf(u, flags|UNIT_PRIVATE, name, "Slice=%s", s);
1970 }
1971
1972 return 1;
1973
1974 } else if (streq(name, "RequiresMountsFor")) {
1975 _cleanup_strv_free_ char **l = NULL;
1976 char **p;
1977
1978 r = sd_bus_message_read_strv(message, &l);
1979 if (r < 0)
1980 return r;
1981
1982 STRV_FOREACH(p, l) {
1983 path_simplify(*p, true);
1984
1985 if (!path_is_absolute(*p))
1986 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not absolute: %s", name, *p);
1987
1988 if (!path_is_valid(*p))
1989 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s has invalid length: %s", name, *p);
1990
1991 if (!path_is_normalized(*p))
1992 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Path specified in %s is not normalized: %s", name, *p);
1993
1994 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
1995 r = unit_require_mounts_for(u, *p, UNIT_DEPENDENCY_FILE);
1996 if (r < 0)
1997 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to add required mount \"%s\": %m", *p);
1998
1999 unit_write_settingf(u, flags, name, "%s=%s", name, *p);
2000 }
2001 }
2002
2003 return 1;
2004 }
2005
2006 if (streq(name, "RequiresOverridable"))
2007 d = UNIT_REQUIRES; /* redirect for obsolete unit dependency type */
2008 else if (streq(name, "RequisiteOverridable"))
2009 d = UNIT_REQUISITE; /* same here */
2010 else
2011 d = unit_dependency_from_string(name);
2012
2013 if (d >= 0) {
2014 const char *other;
2015
2016 if (!IN_SET(d,
2017 UNIT_REQUIRES,
2018 UNIT_REQUISITE,
2019 UNIT_WANTS,
2020 UNIT_BINDS_TO,
2021 UNIT_PART_OF,
2022 UNIT_CONFLICTS,
2023 UNIT_BEFORE,
2024 UNIT_AFTER,
2025 UNIT_ON_FAILURE,
2026 UNIT_PROPAGATES_RELOAD_TO,
2027 UNIT_RELOAD_PROPAGATED_FROM,
2028 UNIT_JOINS_NAMESPACE_OF))
2029 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Dependency type %s may not be created transiently.", unit_dependency_to_string(d));
2030
2031 r = sd_bus_message_enter_container(message, 'a', "s");
2032 if (r < 0)
2033 return r;
2034
2035 while ((r = sd_bus_message_read(message, "s", &other)) > 0) {
2036 if (!unit_name_is_valid(other, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2037 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name %s", other);
2038
2039 if (!UNIT_WRITE_FLAGS_NOOP(flags)) {
2040 _cleanup_free_ char *label = NULL;
2041
2042 r = unit_add_dependency_by_name(u, d, other, true, UNIT_DEPENDENCY_FILE);
2043 if (r < 0)
2044 return r;
2045
2046 label = strjoin(name, "-", other);
2047 if (!label)
2048 return -ENOMEM;
2049
2050 unit_write_settingf(u, flags, label, "%s=%s", unit_dependency_to_string(d), other);
2051 }
2052
2053 }
2054 if (r < 0)
2055 return r;
2056
2057 r = sd_bus_message_exit_container(message);
2058 if (r < 0)
2059 return r;
2060
2061 return 1;
2062
2063 } else if (streq(name, "AddRef")) {
2064
2065 int b;
2066
2067 /* Why is this called "AddRef" rather than just "Ref", or "Reference"? There's already a "Ref()" method
2068 * on the Unit interface, and it's probably not a good idea to expose a property and a method on the
2069 * same interface (well, strictly speaking AddRef isn't exposed as full property, we just read it for
2070 * transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
2071 * dependency type, hence let's not confuse things with that.
2072 *
2073 * Note that we don't actually add the reference to the bus track. We do that only after the setup of
2074 * the transient unit is complete, so that setting this property multiple times in the same transient
2075 * unit creation call doesn't count as individual references. */
2076
2077 r = sd_bus_message_read(message, "b", &b);
2078 if (r < 0)
2079 return r;
2080
2081 if (!UNIT_WRITE_FLAGS_NOOP(flags))
2082 u->bus_track_add = b;
2083
2084 return 1;
2085 }
2086
2087 return 0;
2088 }
2089
2090 int bus_unit_set_properties(
2091 Unit *u,
2092 sd_bus_message *message,
2093 UnitWriteFlags flags,
2094 bool commit,
2095 sd_bus_error *error) {
2096
2097 bool for_real = false;
2098 unsigned n = 0;
2099 int r;
2100
2101 assert(u);
2102 assert(message);
2103
2104 /* We iterate through the array twice. First run we just check
2105 * if all passed data is valid, second run actually applies
2106 * it. This is to implement transaction-like behaviour without
2107 * actually providing full transactions. */
2108
2109 r = sd_bus_message_enter_container(message, 'a', "(sv)");
2110 if (r < 0)
2111 return r;
2112
2113 for (;;) {
2114 const char *name;
2115 UnitWriteFlags f;
2116
2117 r = sd_bus_message_enter_container(message, 'r', "sv");
2118 if (r < 0)
2119 return r;
2120 if (r == 0) {
2121 if (for_real || UNIT_WRITE_FLAGS_NOOP(flags))
2122 break;
2123
2124 /* Reached EOF. Let's try again, and this time for realz... */
2125 r = sd_bus_message_rewind(message, false);
2126 if (r < 0)
2127 return r;
2128
2129 for_real = true;
2130 continue;
2131 }
2132
2133 r = sd_bus_message_read(message, "s", &name);
2134 if (r < 0)
2135 return r;
2136
2137 if (!UNIT_VTABLE(u)->bus_set_property)
2138 return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Objects of this type do not support setting properties.");
2139
2140 r = sd_bus_message_enter_container(message, 'v', NULL);
2141 if (r < 0)
2142 return r;
2143
2144 /* If not for real, then mask out the two target flags */
2145 f = for_real ? flags : (flags & ~(UNIT_RUNTIME|UNIT_PERSISTENT));
2146
2147 r = UNIT_VTABLE(u)->bus_set_property(u, name, message, f, error);
2148 if (r == 0 && u->transient && u->load_state == UNIT_STUB)
2149 r = bus_unit_set_transient_property(u, name, message, f, error);
2150 if (r == 0)
2151 r = bus_unit_set_live_property(u, name, message, f, error);
2152 if (r < 0)
2153 return r;
2154
2155 if (r == 0)
2156 return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Cannot set property %s, or unknown property.", name);
2157
2158 r = sd_bus_message_exit_container(message);
2159 if (r < 0)
2160 return r;
2161
2162 r = sd_bus_message_exit_container(message);
2163 if (r < 0)
2164 return r;
2165
2166 n += for_real;
2167 }
2168
2169 r = sd_bus_message_exit_container(message);
2170 if (r < 0)
2171 return r;
2172
2173 if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
2174 UNIT_VTABLE(u)->bus_commit_properties(u);
2175
2176 return n;
2177 }
2178
2179 int bus_unit_validate_load_state(Unit *u, sd_bus_error *error) {
2180 assert(u);
2181
2182 /* Generates a pretty error if a unit isn't properly loaded. */
2183
2184 switch (u->load_state) {
2185
2186 case UNIT_LOADED:
2187 return 0;
2188
2189 case UNIT_NOT_FOUND:
2190 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not found.", u->id);
2191
2192 case UNIT_BAD_SETTING:
2193 return sd_bus_error_setf(error, BUS_ERROR_BAD_UNIT_SETTING, "Unit %s has a bad unit file setting.", u->id);
2194
2195 case UNIT_ERROR: /* Only show .load_error in UNIT_ERROR state */
2196 return sd_bus_error_set_errnof(error, u->load_error, "Unit %s failed to load properly: %m.", u->id);
2197
2198 case UNIT_MASKED:
2199 return sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED, "Unit %s is masked.", u->id);
2200
2201 case UNIT_STUB:
2202 case UNIT_MERGED:
2203 default:
2204 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unexpected load state of unit %s", u->id);
2205 }
2206 }
2207
2208 static int bus_unit_track_handler(sd_bus_track *t, void *userdata) {
2209 Unit *u = userdata;
2210
2211 assert(t);
2212 assert(u);
2213
2214 u->bus_track = sd_bus_track_unref(u->bus_track); /* make sure we aren't called again */
2215
2216 /* If the client that tracks us disappeared, then there's reason to believe that the cgroup is empty now too,
2217 * let's see */
2218 unit_add_to_cgroup_empty_queue(u);
2219
2220 /* Also add the unit to the GC queue, after all if the client left it might be time to GC this unit */
2221 unit_add_to_gc_queue(u);
2222
2223 return 0;
2224 }
2225
2226 static int bus_unit_allocate_bus_track(Unit *u) {
2227 int r;
2228
2229 assert(u);
2230
2231 if (u->bus_track)
2232 return 0;
2233
2234 r = sd_bus_track_new(u->manager->api_bus, &u->bus_track, bus_unit_track_handler, u);
2235 if (r < 0)
2236 return r;
2237
2238 r = sd_bus_track_set_recursive(u->bus_track, true);
2239 if (r < 0) {
2240 u->bus_track = sd_bus_track_unref(u->bus_track);
2241 return r;
2242 }
2243
2244 return 0;
2245 }
2246
2247 int bus_unit_track_add_name(Unit *u, const char *name) {
2248 int r;
2249
2250 assert(u);
2251
2252 r = bus_unit_allocate_bus_track(u);
2253 if (r < 0)
2254 return r;
2255
2256 return sd_bus_track_add_name(u->bus_track, name);
2257 }
2258
2259 int bus_unit_track_add_sender(Unit *u, sd_bus_message *m) {
2260 int r;
2261
2262 assert(u);
2263
2264 r = bus_unit_allocate_bus_track(u);
2265 if (r < 0)
2266 return r;
2267
2268 return sd_bus_track_add_sender(u->bus_track, m);
2269 }
2270
2271 int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m) {
2272 assert(u);
2273
2274 /* If we haven't allocated the bus track object yet, then there's definitely no reference taken yet, return an
2275 * error */
2276 if (!u->bus_track)
2277 return -EUNATCH;
2278
2279 return sd_bus_track_remove_sender(u->bus_track, m);
2280 }
Unnamed repository; edit this file 'description' to name the repository.