1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2012 Holger Hans Peter Freyther
15 #include <sys/resource.h>
19 #include "alloc-util.h"
20 #include "all-units.h"
21 #include "bus-error.h"
22 #include "bus-internal.h"
25 #include "capability-util.h"
27 #include "conf-parser.h"
28 #include "cpu-set-util.h"
30 #include "errno-list.h"
34 #include "hexdecoct.h"
37 #include "ip-protocol-list.h"
38 #include "journal-util.h"
39 #include "limits-util.h"
40 #include "load-fragment.h"
43 #include "mountpoint-util.h"
44 #include "nulstr-util.h"
45 #include "parse-util.h"
46 #include "path-util.h"
47 #include "process-util.h"
49 #include "seccomp-util.h"
51 #include "securebits-util.h"
52 #include "signal-util.h"
53 #include "stat-util.h"
54 #include "string-util.h"
56 #include "unit-name.h"
57 #include "unit-printf.h"
58 #include "user-util.h"
59 #include "time-util.h"
62 static int parse_socket_protocol(const char *s
) {
65 r
= parse_ip_protocol(s
);
68 if (!IN_SET(r
, IPPROTO_UDPLITE
, IPPROTO_SCTP
))
69 return -EPROTONOSUPPORT
;
74 DEFINE_CONFIG_PARSE(config_parse_socket_protocol
, parse_socket_protocol
, "Failed to parse socket protocol");
75 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits
, secure_bits_from_string
, "Failed to parse secure bits");
76 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode
, collect_mode
, CollectMode
, "Failed to parse garbage collection mode");
77 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy
, cgroup_device_policy
, CGroupDevicePolicy
, "Failed to parse device policy");
78 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode
, exec_keyring_mode
, ExecKeyringMode
, "Failed to parse keyring mode");
79 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode
, exec_utmp_mode
, ExecUtmpMode
, "Failed to parse utmp mode");
80 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode
, job_mode
, JobMode
, "Failed to parse job mode");
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode
, kill_mode
, KillMode
, "Failed to parse kill mode");
82 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access
, notify_access
, NotifyAccess
, "Failed to parse notify access specifier");
83 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home
, protect_home
, ProtectHome
, "Failed to parse protect home value");
84 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system
, protect_system
, ProtectSystem
, "Failed to parse protect system value");
85 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode
, exec_preserve_mode
, ExecPreserveMode
, "Failed to parse runtime directory preserve mode");
86 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type
, service_type
, ServiceType
, "Failed to parse service type");
87 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart
, service_restart
, ServiceRestart
, "Failed to parse service restart specifier");
88 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind
, socket_address_bind_ipv6_only_or_bool
, SocketAddressBindIPv6Only
, "Failed to parse bind IPv6 only value");
89 DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy
, oom_policy
, OOMPolicy
, "Failed to parse OOM policy");
90 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos
, ip_tos
, int, -1, "Failed to parse IP TOS value");
91 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight
, cg_blkio_weight_parse
, uint64_t, "Invalid block IO weight");
92 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight
, cg_weight_parse
, uint64_t, "Invalid weight");
93 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares
, cg_cpu_shares_parse
, uint64_t, "Invalid CPU shares");
94 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags
, mount_propagation_flags_from_string
, unsigned long, "Failed to parse mount flag");
96 int config_parse_unit_deps(
101 unsigned section_line
,
108 UnitDependency d
= ltype
;
118 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
121 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_RETAIN_ESCAPE
);
127 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
131 r
= unit_name_printf(u
, word
, &k
);
133 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
137 r
= unit_add_dependency_by_name(u
, d
, k
, true, UNIT_DEPENDENCY_FILE
);
139 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
145 int config_parse_obsolete_unit_deps(
147 const char *filename
,
150 unsigned section_line
,
157 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
158 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue
, unit_dependency_to_string(ltype
));
160 return config_parse_unit_deps(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, data
, userdata
);
163 int config_parse_unit_string_printf(
165 const char *filename
,
168 unsigned section_line
,
175 _cleanup_free_
char *k
= NULL
;
184 r
= unit_full_printf(u
, rvalue
, &k
);
186 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
190 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
193 int config_parse_unit_strv_printf(
195 const char *filename
,
198 unsigned section_line
,
206 _cleanup_free_
char *k
= NULL
;
214 r
= unit_full_printf(u
, rvalue
, &k
);
216 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
220 return config_parse_strv(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
223 int config_parse_unit_path_printf(
225 const char *filename
,
228 unsigned section_line
,
235 _cleanup_free_
char *k
= NULL
;
245 /* Let's not bother with anything that is too long */
246 if (strlen(rvalue
) >= PATH_MAX
) {
247 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
248 "%s value too long%s.",
249 lvalue
, fatal
? "" : ", ignoring");
250 return fatal
? -ENAMETOOLONG
: 0;
253 r
= unit_full_printf(u
, rvalue
, &k
);
255 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
256 "Failed to resolve unit specifiers in '%s'%s: %m",
257 rvalue
, fatal
? "" : ", ignoring");
258 return fatal
? -ENOEXEC
: 0;
261 return config_parse_path(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
264 int config_parse_unit_path_strv_printf(
266 const char *filename
,
269 unsigned section_line
,
286 if (isempty(rvalue
)) {
292 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
294 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
300 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
301 "Invalid syntax, ignoring: %s", rvalue
);
305 r
= unit_full_printf(u
, word
, &k
);
307 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
308 "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
312 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
316 r
= strv_consume(x
, TAKE_PTR(k
));
322 static int patch_var_run(
324 const char *filename
,
332 e
= path_startswith(*path
, "/var/run/");
336 z
= path_join("/run/", e
);
340 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
341 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
342 "please update the unit file accordingly.", lvalue
, *path
, z
);
344 free_and_replace(*path
, z
);
349 int config_parse_socket_listen(
351 const char *filename
,
354 unsigned section_line
,
361 _cleanup_free_ SocketPort
*p
= NULL
;
373 if (isempty(rvalue
)) {
374 /* An empty assignment removes all ports */
375 socket_free_ports(s
);
379 p
= new0(SocketPort
, 1);
383 if (ltype
!= SOCKET_SOCKET
) {
384 _cleanup_free_
char *k
= NULL
;
386 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
388 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
392 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
396 if (ltype
== SOCKET_FIFO
) {
397 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
402 free_and_replace(p
->path
, k
);
405 } else if (streq(lvalue
, "ListenNetlink")) {
406 _cleanup_free_
char *k
= NULL
;
408 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
410 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
414 r
= socket_address_parse_netlink(&p
->address
, k
);
416 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
420 p
->type
= SOCKET_SOCKET
;
423 _cleanup_free_
char *k
= NULL
;
425 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
427 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
431 if (k
[0] == '/') { /* Only for AF_UNIX file system sockets… */
432 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
437 r
= socket_address_parse_and_warn(&p
->address
, k
);
439 if (r
!= -EAFNOSUPPORT
)
440 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
444 if (streq(lvalue
, "ListenStream"))
445 p
->address
.type
= SOCK_STREAM
;
446 else if (streq(lvalue
, "ListenDatagram"))
447 p
->address
.type
= SOCK_DGRAM
;
449 assert(streq(lvalue
, "ListenSequentialPacket"));
450 p
->address
.type
= SOCK_SEQPACKET
;
453 if (socket_address_family(&p
->address
) != AF_LOCAL
&& p
->address
.type
== SOCK_SEQPACKET
) {
454 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Address family not supported, ignoring: %s", rvalue
);
458 p
->type
= SOCKET_SOCKET
;
462 p
->auxiliary_fds
= NULL
;
463 p
->n_auxiliary_fds
= 0;
466 LIST_FIND_TAIL(port
, s
->ports
, tail
);
467 LIST_INSERT_AFTER(port
, s
->ports
, tail
, p
);
474 int config_parse_exec_nice(
476 const char *filename
,
479 unsigned section_line
,
486 ExecContext
*c
= data
;
494 if (isempty(rvalue
)) {
499 r
= parse_nice(rvalue
, &priority
);
502 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Nice priority out of range, ignoring: %s", rvalue
);
504 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse nice priority '%s', ignoring: %m", rvalue
);
514 int config_parse_exec_oom_score_adjust(
516 const char *filename
,
519 unsigned section_line
,
526 ExecContext
*c
= data
;
534 if (isempty(rvalue
)) {
535 c
->oom_score_adjust_set
= false;
539 r
= parse_oom_score_adjust(rvalue
, &oa
);
542 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "OOM score adjust value out of range, ignoring: %s", rvalue
);
544 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue
);
548 c
->oom_score_adjust
= oa
;
549 c
->oom_score_adjust_set
= true;
554 int config_parse_exec(
556 const char *filename
,
559 unsigned section_line
,
566 ExecCommand
**e
= data
;
578 rvalue
+= strspn(rvalue
, WHITESPACE
);
580 if (isempty(rvalue
)) {
581 /* An empty assignment resets the list */
582 *e
= exec_command_free_list(*e
);
588 _cleanup_free_
char *path
= NULL
, *firstword
= NULL
;
589 ExecCommandFlags flags
= 0;
590 bool ignore
= false, separate_argv0
= false;
591 _cleanup_free_ ExecCommand
*nce
= NULL
;
592 _cleanup_strv_free_
char **n
= NULL
;
593 size_t nlen
= 0, nbufsize
= 0;
598 r
= extract_first_word_and_warn(&p
, &firstword
, NULL
, EXTRACT_QUOTES
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
604 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
605 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
606 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
607 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
608 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
609 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
610 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
611 * other sandboxing, with some special exceptions for changing UID.
613 * The idea is that '!!' may be used to write services that can take benefit of systemd's
614 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
615 * privilege dropping within the daemon if the kernel does not offer that. */
617 if (*f
== '-' && !(flags
& EXEC_COMMAND_IGNORE_FAILURE
)) {
618 flags
|= EXEC_COMMAND_IGNORE_FAILURE
;
620 } else if (*f
== '@' && !separate_argv0
)
621 separate_argv0
= true;
622 else if (*f
== ':' && !(flags
& EXEC_COMMAND_NO_ENV_EXPAND
))
623 flags
|= EXEC_COMMAND_NO_ENV_EXPAND
;
624 else if (*f
== '+' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
625 flags
|= EXEC_COMMAND_FULLY_PRIVILEGED
;
626 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
627 flags
|= EXEC_COMMAND_NO_SETUID
;
628 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_AMBIENT_MAGIC
))) {
629 flags
&= ~EXEC_COMMAND_NO_SETUID
;
630 flags
|= EXEC_COMMAND_AMBIENT_MAGIC
;
636 r
= unit_full_printf(u
, f
, &path
);
638 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
639 "Failed to resolve unit specifiers in '%s'%s: %m",
640 f
, ignore
? ", ignoring" : "");
641 return ignore
? 0 : -ENOEXEC
;
645 /* First word is either "-" or "@" with no command. */
646 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
647 "Empty path in command line%s: '%s'",
648 ignore
? ", ignoring" : "", rvalue
);
649 return ignore
? 0 : -ENOEXEC
;
651 if (!string_is_safe(path
)) {
652 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
653 "Executable name contains special characters%s: %s",
654 ignore
? ", ignoring" : "", path
);
655 return ignore
? 0 : -ENOEXEC
;
657 if (endswith(path
, "/")) {
658 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
659 "Executable path specifies a directory%s: %s",
660 ignore
? ", ignoring" : "", path
);
661 return ignore
? 0 : -ENOEXEC
;
664 if (!path_is_absolute(path
)) {
668 if (!filename_is_valid(path
)) {
669 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
670 "Neither a valid executable name nor an absolute path%s: %s",
671 ignore
? ", ignoring" : "", path
);
672 return ignore
? 0 : -ENOEXEC
;
675 /* Resolve a single-component name to a full path */
676 NULSTR_FOREACH(prefix
, DEFAULT_PATH_NULSTR
) {
677 _cleanup_free_
char *fullpath
= NULL
;
679 fullpath
= strjoin(prefix
, "/", path
);
683 if (access(fullpath
, F_OK
) >= 0) {
684 free_and_replace(path
, fullpath
);
691 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
692 "Executable \"%s\" not found in path \"%s\"%s",
693 path
, DEFAULT_PATH
, ignore
? ", ignoring" : "");
694 return ignore
? 0 : -ENOEXEC
;
698 if (!separate_argv0
) {
701 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
711 path_simplify(path
, false);
713 while (!isempty(p
)) {
714 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
716 /* Check explicitly for an unquoted semicolon as
717 * command separator token. */
718 if (p
[0] == ';' && (!p
[1] || strchr(WHITESPACE
, p
[1]))) {
720 p
+= strspn(p
, WHITESPACE
);
725 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
726 * extract_first_word() would return the same for all of those. */
727 if (p
[0] == '\\' && p
[1] == ';' && (!p
[2] || strchr(WHITESPACE
, p
[2]))) {
731 p
+= strspn(p
, WHITESPACE
);
733 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
744 r
= extract_first_word_and_warn(&p
, &word
, NULL
, EXTRACT_QUOTES
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
748 return ignore
? 0 : -ENOEXEC
;
750 r
= unit_full_printf(u
, word
, &resolved
);
752 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
753 "Failed to resolve unit specifiers in %s%s: %m",
754 word
, ignore
? ", ignoring" : "");
755 return ignore
? 0 : -ENOEXEC
;
758 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
761 n
[nlen
++] = TAKE_PTR(resolved
);
766 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
767 "Empty executable name or zeroeth argument%s: %s",
768 ignore
? ", ignoring" : "", rvalue
);
769 return ignore
? 0 : -ENOEXEC
;
772 nce
= new0(ExecCommand
, 1);
776 nce
->argv
= TAKE_PTR(n
);
777 nce
->path
= TAKE_PTR(path
);
780 exec_command_append_list(e
, nce
);
782 /* Do not _cleanup_free_ these. */
791 int config_parse_socket_bindtodevice(
793 const char *filename
,
796 unsigned section_line
,
810 if (isempty(rvalue
) || streq(rvalue
, "*")) {
811 s
->bind_to_device
= mfree(s
->bind_to_device
);
815 if (!ifname_valid(rvalue
)) {
816 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid interface name, ignoring: %s", rvalue
);
820 if (free_and_strdup(&s
->bind_to_device
, rvalue
) < 0)
826 int config_parse_exec_input(
828 const char *filename
,
831 unsigned section_line
,
838 ExecContext
*c
= data
;
849 n
= startswith(rvalue
, "fd:");
851 _cleanup_free_
char *resolved
= NULL
;
853 r
= unit_full_printf(u
, n
, &resolved
);
855 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
857 if (isempty(resolved
))
858 resolved
= mfree(resolved
);
859 else if (!fdname_is_valid(resolved
)) {
860 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
864 free_and_replace(c
->stdio_fdname
[STDIN_FILENO
], resolved
);
866 ei
= EXEC_INPUT_NAMED_FD
;
868 } else if ((n
= startswith(rvalue
, "file:"))) {
869 _cleanup_free_
char *resolved
= NULL
;
871 r
= unit_full_printf(u
, n
, &resolved
);
873 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
875 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
879 free_and_replace(c
->stdio_file
[STDIN_FILENO
], resolved
);
881 ei
= EXEC_INPUT_FILE
;
884 ei
= exec_input_from_string(rvalue
);
886 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse input specifier, ignoring: %s", rvalue
);
895 int config_parse_exec_input_text(
897 const char *filename
,
900 unsigned section_line
,
907 _cleanup_free_
char *unescaped
= NULL
, *resolved
= NULL
;
908 ExecContext
*c
= data
;
919 if (isempty(rvalue
)) {
920 /* Reset if the empty string is assigned */
921 c
->stdin_data
= mfree(c
->stdin_data
);
922 c
->stdin_data_size
= 0;
926 r
= cunescape(rvalue
, 0, &unescaped
);
928 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode C escaped text '%s': %m", rvalue
);
930 r
= unit_full_printf(u
, unescaped
, &resolved
);
932 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", unescaped
);
934 sz
= strlen(resolved
);
935 if (c
->stdin_data_size
+ sz
+ 1 < c
->stdin_data_size
|| /* check for overflow */
936 c
->stdin_data_size
+ sz
+ 1 > EXEC_STDIN_DATA_MAX
) {
937 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
941 p
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
+ 1);
945 *((char*) mempcpy((char*) p
+ c
->stdin_data_size
, resolved
, sz
)) = '\n';
948 c
->stdin_data_size
+= sz
+ 1;
953 int config_parse_exec_input_data(
955 const char *filename
,
958 unsigned section_line
,
965 _cleanup_free_
void *p
= NULL
;
966 ExecContext
*c
= data
;
976 if (isempty(rvalue
)) {
977 /* Reset if the empty string is assigned */
978 c
->stdin_data
= mfree(c
->stdin_data
);
979 c
->stdin_data_size
= 0;
983 r
= unbase64mem(rvalue
, (size_t) -1, &p
, &sz
);
985 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode base64 data, ignoring: %s", rvalue
);
989 if (c
->stdin_data_size
+ sz
< c
->stdin_data_size
|| /* check for overflow */
990 c
->stdin_data_size
+ sz
> EXEC_STDIN_DATA_MAX
) {
991 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
995 q
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
);
999 memcpy((uint8_t*) q
+ c
->stdin_data_size
, p
, sz
);
1002 c
->stdin_data_size
+= sz
;
1007 int config_parse_exec_output(
1009 const char *filename
,
1011 const char *section
,
1012 unsigned section_line
,
1019 _cleanup_free_
char *resolved
= NULL
;
1021 ExecContext
*c
= data
;
1032 n
= startswith(rvalue
, "fd:");
1034 r
= unit_full_printf(u
, n
, &resolved
);
1036 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1038 if (isempty(resolved
))
1039 resolved
= mfree(resolved
);
1040 else if (!fdname_is_valid(resolved
)) {
1041 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
1045 eo
= EXEC_OUTPUT_NAMED_FD
;
1047 } else if ((n
= startswith(rvalue
, "file:"))) {
1049 r
= unit_full_printf(u
, n
, &resolved
);
1051 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1053 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1057 eo
= EXEC_OUTPUT_FILE
;
1059 } else if ((n
= startswith(rvalue
, "append:"))) {
1061 r
= unit_full_printf(u
, n
, &resolved
);
1063 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1065 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1069 eo
= EXEC_OUTPUT_FILE_APPEND
;
1071 eo
= exec_output_from_string(rvalue
);
1073 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output specifier, ignoring: %s", rvalue
);
1078 if (streq(lvalue
, "StandardOutput")) {
1079 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1080 free_and_replace(c
->stdio_fdname
[STDOUT_FILENO
], resolved
);
1082 free_and_replace(c
->stdio_file
[STDOUT_FILENO
], resolved
);
1087 assert(streq(lvalue
, "StandardError"));
1089 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1090 free_and_replace(c
->stdio_fdname
[STDERR_FILENO
], resolved
);
1092 free_and_replace(c
->stdio_file
[STDERR_FILENO
], resolved
);
1100 int config_parse_exec_io_class(const char *unit
,
1101 const char *filename
,
1103 const char *section
,
1104 unsigned section_line
,
1111 ExecContext
*c
= data
;
1119 if (isempty(rvalue
)) {
1120 c
->ioprio_set
= false;
1121 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1125 x
= ioprio_class_from_string(rvalue
);
1127 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue
);
1131 c
->ioprio
= IOPRIO_PRIO_VALUE(x
, IOPRIO_PRIO_DATA(c
->ioprio
));
1132 c
->ioprio_set
= true;
1137 int config_parse_exec_io_priority(const char *unit
,
1138 const char *filename
,
1140 const char *section
,
1141 unsigned section_line
,
1148 ExecContext
*c
= data
;
1156 if (isempty(rvalue
)) {
1157 c
->ioprio_set
= false;
1158 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1162 r
= ioprio_parse_priority(rvalue
, &i
);
1164 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IO priority, ignoring: %s", rvalue
);
1168 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c
->ioprio
), i
);
1169 c
->ioprio_set
= true;
1174 int config_parse_exec_cpu_sched_policy(const char *unit
,
1175 const char *filename
,
1177 const char *section
,
1178 unsigned section_line
,
1185 ExecContext
*c
= data
;
1193 if (isempty(rvalue
)) {
1194 c
->cpu_sched_set
= false;
1195 c
->cpu_sched_policy
= SCHED_OTHER
;
1196 c
->cpu_sched_priority
= 0;
1200 x
= sched_policy_from_string(rvalue
);
1202 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue
);
1206 c
->cpu_sched_policy
= x
;
1207 /* Moving to or from real-time policy? We need to adjust the priority */
1208 c
->cpu_sched_priority
= CLAMP(c
->cpu_sched_priority
, sched_get_priority_min(x
), sched_get_priority_max(x
));
1209 c
->cpu_sched_set
= true;
1214 int config_parse_exec_cpu_sched_prio(const char *unit
,
1215 const char *filename
,
1217 const char *section
,
1218 unsigned section_line
,
1225 ExecContext
*c
= data
;
1233 r
= safe_atoi(rvalue
, &i
);
1235 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue
);
1239 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1240 min
= sched_get_priority_min(c
->cpu_sched_policy
);
1241 max
= sched_get_priority_max(c
->cpu_sched_policy
);
1243 if (i
< min
|| i
> max
) {
1244 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue
);
1248 c
->cpu_sched_priority
= i
;
1249 c
->cpu_sched_set
= true;
1254 int config_parse_exec_cpu_affinity(const char *unit
,
1255 const char *filename
,
1257 const char *section
,
1258 unsigned section_line
,
1265 ExecContext
*c
= data
;
1266 _cleanup_cpu_free_ cpu_set_t
*cpuset
= NULL
;
1274 ncpus
= parse_cpu_set_and_warn(rvalue
, &cpuset
, unit
, filename
, line
, lvalue
);
1279 /* An empty assignment resets the CPU list */
1280 c
->cpuset
= cpu_set_mfree(c
->cpuset
);
1281 c
->cpuset_ncpus
= 0;
1286 c
->cpuset
= TAKE_PTR(cpuset
);
1287 c
->cpuset_ncpus
= (unsigned) ncpus
;
1291 if (c
->cpuset_ncpus
< (unsigned) ncpus
) {
1292 CPU_OR_S(CPU_ALLOC_SIZE(c
->cpuset_ncpus
), cpuset
, c
->cpuset
, cpuset
);
1293 CPU_FREE(c
->cpuset
);
1294 c
->cpuset
= TAKE_PTR(cpuset
);
1295 c
->cpuset_ncpus
= (unsigned) ncpus
;
1299 CPU_OR_S(CPU_ALLOC_SIZE((unsigned) ncpus
), c
->cpuset
, c
->cpuset
, cpuset
);
1304 int config_parse_capability_set(
1306 const char *filename
,
1308 const char *section
,
1309 unsigned section_line
,
1316 uint64_t *capability_set
= data
;
1317 uint64_t sum
= 0, initial
= 0;
1318 bool invert
= false;
1326 if (rvalue
[0] == '~') {
1331 if (streq(lvalue
, "CapabilityBoundingSet"))
1332 initial
= CAP_ALL
; /* initialized to all bits on */
1333 /* else "AmbientCapabilities" initialized to all bits off */
1335 r
= capability_set_from_string(rvalue
, &sum
);
1337 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue
, rvalue
);
1341 if (sum
== 0 || *capability_set
== initial
)
1342 /* "", "~" or uninitialized data -> replace */
1343 *capability_set
= invert
? ~sum
: sum
;
1345 /* previous data -> merge */
1347 *capability_set
&= ~sum
;
1349 *capability_set
|= sum
;
1355 int config_parse_exec_selinux_context(
1357 const char *filename
,
1359 const char *section
,
1360 unsigned section_line
,
1367 ExecContext
*c
= data
;
1378 if (isempty(rvalue
)) {
1379 c
->selinux_context
= mfree(c
->selinux_context
);
1380 c
->selinux_context_ignore
= false;
1384 if (rvalue
[0] == '-') {
1390 r
= unit_full_printf(u
, rvalue
, &k
);
1392 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1393 "Failed to resolve unit specifiers in '%s'%s: %m",
1394 rvalue
, ignore
? ", ignoring" : "");
1395 return ignore
? 0 : -ENOEXEC
;
1398 free_and_replace(c
->selinux_context
, k
);
1399 c
->selinux_context_ignore
= ignore
;
1404 int config_parse_exec_apparmor_profile(
1406 const char *filename
,
1408 const char *section
,
1409 unsigned section_line
,
1416 ExecContext
*c
= data
;
1427 if (isempty(rvalue
)) {
1428 c
->apparmor_profile
= mfree(c
->apparmor_profile
);
1429 c
->apparmor_profile_ignore
= false;
1433 if (rvalue
[0] == '-') {
1439 r
= unit_full_printf(u
, rvalue
, &k
);
1441 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1442 "Failed to resolve unit specifiers in '%s'%s: %m",
1443 rvalue
, ignore
? ", ignoring" : "");
1444 return ignore
? 0 : -ENOEXEC
;
1447 free_and_replace(c
->apparmor_profile
, k
);
1448 c
->apparmor_profile_ignore
= ignore
;
1453 int config_parse_exec_smack_process_label(
1455 const char *filename
,
1457 const char *section
,
1458 unsigned section_line
,
1465 ExecContext
*c
= data
;
1476 if (isempty(rvalue
)) {
1477 c
->smack_process_label
= mfree(c
->smack_process_label
);
1478 c
->smack_process_label_ignore
= false;
1482 if (rvalue
[0] == '-') {
1488 r
= unit_full_printf(u
, rvalue
, &k
);
1490 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1491 "Failed to resolve unit specifiers in '%s'%s: %m",
1492 rvalue
, ignore
? ", ignoring" : "");
1493 return ignore
? 0 : -ENOEXEC
;
1496 free_and_replace(c
->smack_process_label
, k
);
1497 c
->smack_process_label_ignore
= ignore
;
1502 int config_parse_timer(
1504 const char *filename
,
1506 const char *section
,
1507 unsigned section_line
,
1514 _cleanup_(calendar_spec_freep
) CalendarSpec
*c
= NULL
;
1515 _cleanup_free_
char *k
= NULL
;
1527 if (isempty(rvalue
)) {
1528 /* Empty assignment resets list */
1529 timer_free_values(t
);
1533 r
= unit_full_printf(u
, rvalue
, &k
);
1535 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1539 if (ltype
== TIMER_CALENDAR
) {
1540 r
= calendar_spec_from_string(k
, &c
);
1542 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse calendar specification, ignoring: %s", k
);
1546 r
= parse_sec(k
, &usec
);
1548 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse timer value, ignoring: %s", k
);
1553 v
= new(TimerValue
, 1);
1560 .calendar_spec
= TAKE_PTR(c
),
1563 LIST_PREPEND(value
, t
->values
, v
);
1568 int config_parse_trigger_unit(
1570 const char *filename
,
1572 const char *section
,
1573 unsigned section_line
,
1580 _cleanup_free_
char *p
= NULL
;
1590 if (!hashmap_isempty(u
->dependencies
[UNIT_TRIGGERS
])) {
1591 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Multiple units to trigger specified, ignoring: %s", rvalue
);
1595 r
= unit_name_printf(u
, rvalue
, &p
);
1597 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1601 type
= unit_name_to_type(p
);
1603 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit type not valid, ignoring: %s", rvalue
);
1606 if (unit_has_name(u
, p
)) {
1607 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Units cannot trigger themselves, ignoring: %s", rvalue
);
1611 r
= unit_add_two_dependencies_by_name(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, p
, true, UNIT_DEPENDENCY_FILE
);
1613 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add trigger on %s, ignoring: %m", p
);
1620 int config_parse_path_spec(const char *unit
,
1621 const char *filename
,
1623 const char *section
,
1624 unsigned section_line
,
1634 _cleanup_free_
char *k
= NULL
;
1642 if (isempty(rvalue
)) {
1643 /* Empty assignment clears list */
1648 b
= path_type_from_string(lvalue
);
1650 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse path type, ignoring: %s", lvalue
);
1654 r
= unit_full_printf(UNIT(p
), rvalue
, &k
);
1656 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1660 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
1664 s
= new0(PathSpec
, 1);
1669 s
->path
= TAKE_PTR(k
);
1673 LIST_PREPEND(spec
, p
->specs
, s
);
1678 int config_parse_socket_service(
1680 const char *filename
,
1682 const char *section
,
1683 unsigned section_line
,
1690 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1691 _cleanup_free_
char *p
= NULL
;
1701 r
= unit_name_printf(UNIT(s
), rvalue
, &p
);
1703 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
1707 if (!endswith(p
, ".service")) {
1708 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type service: %s", rvalue
);
1712 r
= manager_load_unit(UNIT(s
)->manager
, p
, NULL
, &error
, &x
);
1714 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load unit %s: %s", rvalue
, bus_error_message(&error
, r
));
1718 unit_ref_set(&s
->service
, UNIT(s
), x
);
1723 int config_parse_fdname(
1725 const char *filename
,
1727 const char *section
,
1728 unsigned section_line
,
1735 _cleanup_free_
char *p
= NULL
;
1744 if (isempty(rvalue
)) {
1745 s
->fdname
= mfree(s
->fdname
);
1749 r
= unit_full_printf(UNIT(s
), rvalue
, &p
);
1751 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1755 if (!fdname_is_valid(p
)) {
1756 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", p
);
1760 return free_and_replace(s
->fdname
, p
);
1763 int config_parse_service_sockets(
1765 const char *filename
,
1767 const char *section
,
1768 unsigned section_line
,
1786 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
1788 r
= extract_first_word(&p
, &word
, NULL
, 0);
1794 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Trailing garbage in sockets, ignoring: %s", rvalue
);
1798 r
= unit_name_printf(UNIT(s
), word
, &k
);
1800 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
1804 if (!endswith(k
, ".socket")) {
1805 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type socket, ignoring: %s", k
);
1809 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_WANTS
, UNIT_AFTER
, k
, true, UNIT_DEPENDENCY_FILE
);
1811 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1813 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_TRIGGERED_BY
, k
, true, UNIT_DEPENDENCY_FILE
);
1815 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1821 int config_parse_bus_name(
1823 const char *filename
,
1825 const char *section
,
1826 unsigned section_line
,
1833 _cleanup_free_
char *k
= NULL
;
1842 r
= unit_full_printf(u
, rvalue
, &k
);
1844 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1848 if (!service_name_is_valid(k
)) {
1849 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid bus name, ignoring: %s", k
);
1853 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
1856 int config_parse_service_timeout(
1858 const char *filename
,
1860 const char *section
,
1861 unsigned section_line
,
1868 Service
*s
= userdata
;
1877 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1879 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1880 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1881 * all other timeouts. */
1882 r
= parse_sec_fix_0(rvalue
, &usec
);
1884 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
1888 s
->start_timeout_defined
= true;
1889 s
->timeout_start_usec
= usec
;
1891 if (streq(lvalue
, "TimeoutSec"))
1892 s
->timeout_stop_usec
= usec
;
1897 int config_parse_sec_fix_0(
1899 const char *filename
,
1901 const char *section
,
1902 unsigned section_line
,
1909 usec_t
*usec
= data
;
1917 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
1918 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
1921 r
= parse_sec_fix_0(rvalue
, usec
);
1923 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
1930 int config_parse_user_group(
1932 const char *filename
,
1934 const char *section
,
1935 unsigned section_line
,
1942 _cleanup_free_
char *k
= NULL
;
1952 if (isempty(rvalue
)) {
1953 *user
= mfree(*user
);
1957 r
= unit_full_printf(u
, rvalue
, &k
);
1959 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
1963 if (!valid_user_group_name_or_id(k
)) {
1964 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
1968 return free_and_replace(*user
, k
);
1971 int config_parse_user_group_strv(
1973 const char *filename
,
1975 const char *section
,
1976 unsigned section_line
,
1983 char ***users
= data
;
1985 const char *p
= rvalue
;
1993 if (isempty(rvalue
)) {
1994 *users
= strv_free(*users
);
1999 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2001 r
= extract_first_word(&p
, &word
, NULL
, 0);
2007 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax: %s", rvalue
);
2011 r
= unit_full_printf(u
, word
, &k
);
2013 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", word
);
2017 if (!valid_user_group_name_or_id(k
)) {
2018 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2022 r
= strv_push(users
, k
);
2032 int config_parse_working_directory(
2034 const char *filename
,
2036 const char *section
,
2037 unsigned section_line
,
2044 ExecContext
*c
= data
;
2055 if (isempty(rvalue
)) {
2056 c
->working_directory_home
= false;
2057 c
->working_directory
= mfree(c
->working_directory
);
2061 if (rvalue
[0] == '-') {
2067 if (streq(rvalue
, "~")) {
2068 c
->working_directory_home
= true;
2069 c
->working_directory
= mfree(c
->working_directory
);
2071 _cleanup_free_
char *k
= NULL
;
2073 r
= unit_full_printf(u
, rvalue
, &k
);
2075 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2076 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2077 rvalue
, missing_ok
? ", ignoring" : "");
2078 return missing_ok
? 0 : -ENOEXEC
;
2081 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
| (missing_ok
? 0 : PATH_CHECK_FATAL
), unit
, filename
, line
, lvalue
);
2083 return missing_ok
? 0 : -ENOEXEC
;
2085 c
->working_directory_home
= false;
2086 free_and_replace(c
->working_directory
, k
);
2089 c
->working_directory_missing_ok
= missing_ok
;
2093 int config_parse_unit_env_file(const char *unit
,
2094 const char *filename
,
2096 const char *section
,
2097 unsigned section_line
,
2106 _cleanup_free_
char *n
= NULL
;
2114 if (isempty(rvalue
)) {
2115 /* Empty assignment frees the list */
2116 *env
= strv_free(*env
);
2120 r
= unit_full_printf(u
, rvalue
, &n
);
2122 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2126 r
= path_simplify_and_warn(n
[0] == '-' ? n
+ 1 : n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2130 r
= strv_push(env
, n
);
2139 int config_parse_environ(
2141 const char *filename
,
2143 const char *section
,
2144 unsigned section_line
,
2161 if (isempty(rvalue
)) {
2162 /* Empty assignment resets the list */
2163 *env
= strv_free(*env
);
2167 for (p
= rvalue
;; ) {
2168 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2170 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_QUOTES
);
2176 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2177 "Invalid syntax, ignoring: %s", rvalue
);
2182 r
= unit_full_printf(u
, word
, &k
);
2184 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2185 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2191 if (!env_assignment_is_valid(k
)) {
2192 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2193 "Invalid environment assignment, ignoring: %s", k
);
2197 r
= strv_env_replace(env
, k
);
2205 int config_parse_pass_environ(
2207 const char *filename
,
2209 const char *section
,
2210 unsigned section_line
,
2217 _cleanup_strv_free_
char **n
= NULL
;
2218 size_t nlen
= 0, nbufsize
= 0;
2219 char*** passenv
= data
;
2220 const char *p
= rvalue
;
2229 if (isempty(rvalue
)) {
2230 /* Empty assignment resets the list */
2231 *passenv
= strv_free(*passenv
);
2236 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2238 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
2244 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2245 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2250 r
= unit_full_printf(u
, word
, &k
);
2252 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2253 "Failed to resolve specifiers in %s, ignoring: %m", word
);
2259 if (!env_name_is_valid(k
)) {
2260 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2261 "Invalid environment name for %s, ignoring: %s", lvalue
, k
);
2265 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2268 n
[nlen
++] = TAKE_PTR(k
);
2273 r
= strv_extend_strv(passenv
, n
, true);
2281 int config_parse_unset_environ(
2283 const char *filename
,
2285 const char *section
,
2286 unsigned section_line
,
2293 _cleanup_strv_free_
char **n
= NULL
;
2294 size_t nlen
= 0, nbufsize
= 0;
2295 char*** unsetenv
= data
;
2296 const char *p
= rvalue
;
2305 if (isempty(rvalue
)) {
2306 /* Empty assignment resets the list */
2307 *unsetenv
= strv_free(*unsetenv
);
2312 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2314 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_QUOTES
);
2320 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2321 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2326 r
= unit_full_printf(u
, word
, &k
);
2328 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2329 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2335 if (!env_assignment_is_valid(k
) && !env_name_is_valid(k
)) {
2336 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2337 "Invalid environment name or assignment %s, ignoring: %s", lvalue
, k
);
2341 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2344 n
[nlen
++] = TAKE_PTR(k
);
2349 r
= strv_extend_strv(unsetenv
, n
, true);
2357 int config_parse_log_extra_fields(
2359 const char *filename
,
2361 const char *section
,
2362 unsigned section_line
,
2369 ExecContext
*c
= data
;
2371 const char *p
= rvalue
;
2379 if (isempty(rvalue
)) {
2380 exec_context_free_log_extra_fields(c
);
2385 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2389 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_QUOTES
);
2395 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2399 r
= unit_full_printf(u
, word
, &k
);
2401 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2405 eq
= strchr(k
, '=');
2407 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field lacks '=' character, ignoring: %s", k
);
2411 if (!journal_field_valid(k
, eq
-k
, false)) {
2412 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field name is invalid, ignoring: %s", k
);
2416 t
= reallocarray(c
->log_extra_fields
, c
->n_log_extra_fields
+1, sizeof(struct iovec
));
2420 c
->log_extra_fields
= t
;
2421 c
->log_extra_fields
[c
->n_log_extra_fields
++] = IOVEC_MAKE_STRING(k
);
2427 int config_parse_unit_condition_path(
2429 const char *filename
,
2431 const char *section
,
2432 unsigned section_line
,
2439 _cleanup_free_
char *p
= NULL
;
2440 Condition
**list
= data
, *c
;
2441 ConditionType t
= ltype
;
2442 bool trigger
, negate
;
2451 if (isempty(rvalue
)) {
2452 /* Empty assignment resets the list */
2453 *list
= condition_free_list(*list
);
2457 trigger
= rvalue
[0] == '|';
2461 negate
= rvalue
[0] == '!';
2465 r
= unit_full_printf(u
, rvalue
, &p
);
2467 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2471 r
= path_simplify_and_warn(p
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2475 c
= condition_new(t
, p
, trigger
, negate
);
2479 LIST_PREPEND(conditions
, *list
, c
);
2483 int config_parse_unit_condition_string(
2485 const char *filename
,
2487 const char *section
,
2488 unsigned section_line
,
2495 _cleanup_free_
char *s
= NULL
;
2496 Condition
**list
= data
, *c
;
2497 ConditionType t
= ltype
;
2498 bool trigger
, negate
;
2507 if (isempty(rvalue
)) {
2508 /* Empty assignment resets the list */
2509 *list
= condition_free_list(*list
);
2513 trigger
= rvalue
[0] == '|';
2517 negate
= rvalue
[0] == '!';
2521 r
= unit_full_printf(u
, rvalue
, &s
);
2523 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2527 c
= condition_new(t
, s
, trigger
, negate
);
2531 LIST_PREPEND(conditions
, *list
, c
);
2535 int config_parse_unit_condition_null(
2537 const char *filename
,
2539 const char *section
,
2540 unsigned section_line
,
2547 Condition
**list
= data
, *c
;
2548 bool trigger
, negate
;
2556 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "%s= is deprecated, please do not use.", lvalue
);
2558 if (isempty(rvalue
)) {
2559 /* Empty assignment resets the list */
2560 *list
= condition_free_list(*list
);
2564 trigger
= rvalue
[0] == '|';
2568 negate
= rvalue
[0] == '!';
2572 b
= parse_boolean(rvalue
);
2574 log_syntax(unit
, LOG_ERR
, filename
, line
, b
, "Failed to parse boolean value in condition, ignoring: %s", rvalue
);
2581 c
= condition_new(CONDITION_NULL
, NULL
, trigger
, negate
);
2585 LIST_PREPEND(conditions
, *list
, c
);
2589 int config_parse_unit_requires_mounts_for(
2591 const char *filename
,
2593 const char *section
,
2594 unsigned section_line
,
2601 const char *p
= rvalue
;
2611 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
2613 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
2619 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2620 "Invalid syntax, ignoring: %s", rvalue
);
2624 r
= unit_full_printf(u
, word
, &resolved
);
2626 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
2630 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2634 r
= unit_require_mounts_for(u
, resolved
, UNIT_DEPENDENCY_FILE
);
2636 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add required mount '%s', ignoring: %m", resolved
);
2642 int config_parse_documentation(const char *unit
,
2643 const char *filename
,
2645 const char *section
,
2646 unsigned section_line
,
2662 if (isempty(rvalue
)) {
2663 /* Empty assignment resets the list */
2664 u
->documentation
= strv_free(u
->documentation
);
2668 r
= config_parse_unit_strv_printf(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
,
2669 rvalue
, data
, userdata
);
2673 for (a
= b
= u
->documentation
; a
&& *a
; a
++) {
2675 if (documentation_url_is_valid(*a
))
2678 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid URL, ignoring: %s", *a
);
2689 int config_parse_syscall_filter(
2691 const char *filename
,
2693 const char *section
,
2694 unsigned section_line
,
2701 ExecContext
*c
= data
;
2703 bool invert
= false;
2712 if (isempty(rvalue
)) {
2713 /* Empty assignment resets the list */
2714 c
->syscall_filter
= hashmap_free(c
->syscall_filter
);
2715 c
->syscall_whitelist
= false;
2719 if (rvalue
[0] == '~') {
2724 if (!c
->syscall_filter
) {
2725 c
->syscall_filter
= hashmap_new(NULL
);
2726 if (!c
->syscall_filter
)
2730 /* Allow everything but the ones listed */
2731 c
->syscall_whitelist
= false;
2733 /* Allow nothing but the ones listed */
2734 c
->syscall_whitelist
= true;
2736 /* Accept default syscalls if we are on a whitelist */
2737 r
= seccomp_parse_syscall_filter(
2738 "@default", -1, c
->syscall_filter
,
2739 SECCOMP_PARSE_PERMISSIVE
|SECCOMP_PARSE_WHITELIST
,
2749 _cleanup_free_
char *word
= NULL
, *name
= NULL
;
2752 r
= extract_first_word(&p
, &word
, NULL
, 0);
2758 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2762 r
= parse_syscall_and_errno(word
, &name
, &num
);
2764 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse syscall:errno, ignoring: %s", word
);
2768 r
= seccomp_parse_syscall_filter(
2769 name
, num
, c
->syscall_filter
,
2770 SECCOMP_PARSE_LOG
|SECCOMP_PARSE_PERMISSIVE
|
2771 (invert
? SECCOMP_PARSE_INVERT
: 0)|
2772 (c
->syscall_whitelist
? SECCOMP_PARSE_WHITELIST
: 0),
2773 unit
, filename
, line
);
2779 int config_parse_syscall_archs(
2781 const char *filename
,
2783 const char *section
,
2784 unsigned section_line
,
2791 const char *p
= rvalue
;
2795 if (isempty(rvalue
)) {
2796 *archs
= set_free(*archs
);
2800 r
= set_ensure_allocated(archs
, NULL
);
2805 _cleanup_free_
char *word
= NULL
;
2808 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
2814 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2815 "Invalid syntax, ignoring: %s", rvalue
);
2819 r
= seccomp_arch_from_string(word
, &a
);
2821 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2822 "Failed to parse system call architecture \"%s\", ignoring: %m", word
);
2826 r
= set_put(*archs
, UINT32_TO_PTR(a
+ 1));
2832 int config_parse_syscall_errno(
2834 const char *filename
,
2836 const char *section
,
2837 unsigned section_line
,
2844 ExecContext
*c
= data
;
2851 if (isempty(rvalue
)) {
2852 /* Empty assignment resets to KILL */
2853 c
->syscall_errno
= 0;
2857 e
= parse_errno(rvalue
);
2859 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse error number, ignoring: %s", rvalue
);
2863 c
->syscall_errno
= e
;
2867 int config_parse_address_families(
2869 const char *filename
,
2871 const char *section
,
2872 unsigned section_line
,
2879 ExecContext
*c
= data
;
2880 bool invert
= false;
2888 if (isempty(rvalue
)) {
2889 /* Empty assignment resets the list */
2890 c
->address_families
= set_free(c
->address_families
);
2891 c
->address_families_whitelist
= false;
2895 if (rvalue
[0] == '~') {
2900 if (!c
->address_families
) {
2901 c
->address_families
= set_new(NULL
);
2902 if (!c
->address_families
)
2905 c
->address_families_whitelist
= !invert
;
2908 for (p
= rvalue
;;) {
2909 _cleanup_free_
char *word
= NULL
;
2912 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
2918 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2919 "Invalid syntax, ignoring: %s", rvalue
);
2923 af
= af_from_name(word
);
2925 log_syntax(unit
, LOG_ERR
, filename
, line
, af
,
2926 "Failed to parse address family, ignoring: %s", word
);
2930 /* If we previously wanted to forbid an address family and now
2931 * we want to allow it, then just remove it from the list.
2933 if (!invert
== c
->address_families_whitelist
) {
2934 r
= set_put(c
->address_families
, INT_TO_PTR(af
));
2938 set_remove(c
->address_families
, INT_TO_PTR(af
));
2942 int config_parse_restrict_namespaces(
2944 const char *filename
,
2946 const char *section
,
2947 unsigned section_line
,
2954 ExecContext
*c
= data
;
2955 unsigned long flags
;
2956 bool invert
= false;
2959 if (isempty(rvalue
)) {
2960 /* Reset to the default. */
2961 c
->restrict_namespaces
= NAMESPACE_FLAGS_INITIAL
;
2965 /* Boolean parameter ignores the previous settings */
2966 r
= parse_boolean(rvalue
);
2968 c
->restrict_namespaces
= 0;
2970 } else if (r
== 0) {
2971 c
->restrict_namespaces
= NAMESPACE_FLAGS_ALL
;
2975 if (rvalue
[0] == '~') {
2980 /* Not a boolean argument, in this case it's a list of namespace types. */
2981 r
= namespace_flags_from_string(rvalue
, &flags
);
2983 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse namespace type string, ignoring: %s", rvalue
);
2987 if (c
->restrict_namespaces
== NAMESPACE_FLAGS_INITIAL
)
2988 /* Initial assignment. Just set the value. */
2989 c
->restrict_namespaces
= invert
? (~flags
) & NAMESPACE_FLAGS_ALL
: flags
;
2991 /* Merge the value with the previous one. */
2992 SET_FLAG(c
->restrict_namespaces
, flags
, !invert
);
2998 int config_parse_unit_slice(
3000 const char *filename
,
3002 const char *section
,
3003 unsigned section_line
,
3010 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
3011 _cleanup_free_
char *k
= NULL
;
3012 Unit
*u
= userdata
, *slice
= NULL
;
3020 r
= unit_name_printf(u
, rvalue
, &k
);
3022 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
3026 r
= manager_load_unit(u
->manager
, k
, NULL
, &error
, &slice
);
3028 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load slice unit %s, ignoring: %s", k
, bus_error_message(&error
, r
));
3032 r
= unit_set_slice(u
, slice
);
3034 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to assign slice %s to unit %s, ignoring: %m", slice
->id
, u
->id
);
3041 int config_parse_cpu_quota(
3043 const char *filename
,
3045 const char *section
,
3046 unsigned section_line
,
3053 CGroupContext
*c
= data
;
3060 if (isempty(rvalue
)) {
3061 c
->cpu_quota_per_sec_usec
= USEC_INFINITY
;
3065 r
= parse_permille_unbounded(rvalue
);
3067 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid CPU quota '%s', ignoring.", rvalue
);
3071 c
->cpu_quota_per_sec_usec
= ((usec_t
) r
* USEC_PER_SEC
) / 1000U;
3075 int config_parse_memory_limit(
3077 const char *filename
,
3079 const char *section
,
3080 unsigned section_line
,
3087 CGroupContext
*c
= data
;
3088 uint64_t bytes
= CGROUP_LIMIT_MAX
;
3091 if (!isempty(rvalue
) && !streq(rvalue
, "infinity")) {
3093 r
= parse_permille(rvalue
);
3095 r
= parse_size(rvalue
, 1024, &bytes
);
3097 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid memory limit '%s', ignoring: %m", rvalue
);
3101 bytes
= physical_memory_scale(r
, 1000U);
3103 if (bytes
>= UINT64_MAX
||
3104 (bytes
<= 0 && !streq(lvalue
, "MemorySwapMax"))) {
3105 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Memory limit '%s' out of range, ignoring.", rvalue
);
3110 if (streq(lvalue
, "DefaultMemoryLow")) {
3111 c
->default_memory_low_set
= true;
3112 if (isempty(rvalue
))
3113 c
->default_memory_low
= CGROUP_LIMIT_MIN
;
3115 c
->default_memory_low
= bytes
;
3116 } else if (streq(lvalue
, "MemoryMin"))
3117 c
->memory_min
= bytes
;
3118 else if (streq(lvalue
, "MemoryLow")) {
3119 c
->memory_low
= bytes
;
3120 c
->memory_low_set
= true;
3121 } else if (streq(lvalue
, "MemoryHigh"))
3122 c
->memory_high
= bytes
;
3123 else if (streq(lvalue
, "MemoryMax"))
3124 c
->memory_max
= bytes
;
3125 else if (streq(lvalue
, "MemorySwapMax"))
3126 c
->memory_swap_max
= bytes
;
3127 else if (streq(lvalue
, "MemoryLimit"))
3128 c
->memory_limit
= bytes
;
3135 int config_parse_tasks_max(
3137 const char *filename
,
3139 const char *section
,
3140 unsigned section_line
,
3147 uint64_t *tasks_max
= data
, v
;
3151 if (isempty(rvalue
)) {
3152 *tasks_max
= u
? u
->manager
->default_tasks_max
: UINT64_MAX
;
3156 if (streq(rvalue
, "infinity")) {
3157 *tasks_max
= CGROUP_LIMIT_MAX
;
3161 r
= parse_permille(rvalue
);
3163 r
= safe_atou64(rvalue
, &v
);
3165 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid maximum tasks value '%s', ignoring: %m", rvalue
);
3169 v
= system_tasks_max_scale(r
, 1000U);
3171 if (v
<= 0 || v
>= UINT64_MAX
) {
3172 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue
);
3180 int config_parse_delegate(
3182 const char *filename
,
3184 const char *section
,
3185 unsigned section_line
,
3192 CGroupContext
*c
= data
;
3196 t
= unit_name_to_type(unit
);
3197 assert(t
!= _UNIT_TYPE_INVALID
);
3199 if (!unit_vtable
[t
]->can_delegate
) {
3200 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Delegate= setting not supported for this unit type, ignoring.");
3204 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3205 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3206 * mask to delegate. */
3208 if (isempty(rvalue
)) {
3209 /* An empty string resets controllers and set Delegate=yes. */
3211 c
->delegate_controllers
= 0;
3215 r
= parse_boolean(rvalue
);
3217 const char *p
= rvalue
;
3218 CGroupMask mask
= 0;
3221 _cleanup_free_
char *word
= NULL
;
3222 CGroupController cc
;
3224 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
3230 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3234 cc
= cgroup_controller_from_string(word
);
3236 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid controller name '%s', ignoring", word
);
3240 mask
|= CGROUP_CONTROLLER_TO_MASK(cc
);
3244 c
->delegate_controllers
|= mask
;
3248 c
->delegate_controllers
= _CGROUP_MASK_ALL
;
3250 c
->delegate
= false;
3251 c
->delegate_controllers
= 0;
3257 int config_parse_device_allow(
3259 const char *filename
,
3261 const char *section
,
3262 unsigned section_line
,
3269 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3270 CGroupContext
*c
= data
;
3271 const char *p
= rvalue
;
3274 if (isempty(rvalue
)) {
3275 while (c
->device_allow
)
3276 cgroup_context_free_device_allow(c
, c
->device_allow
);
3281 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3285 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3286 "Invalid syntax, ignoring: %s", rvalue
);
3290 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3291 "Failed to extract device path and rights from '%s', ignoring.", rvalue
);
3295 r
= unit_full_printf(userdata
, path
, &resolved
);
3297 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3298 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3302 if (!STARTSWITH_SET(resolved
, "block-", "char-")) {
3304 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3308 if (!valid_device_node_path(resolved
)) {
3309 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device node path '%s', ignoring.", resolved
);
3314 if (!isempty(p
) && !in_charset(p
, "rwm")) {
3315 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device rights '%s', ignoring.", p
);
3319 return cgroup_add_device_allow(c
, resolved
, p
);
3322 int config_parse_io_device_weight(
3324 const char *filename
,
3326 const char *section
,
3327 unsigned section_line
,
3334 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3335 CGroupIODeviceWeight
*w
;
3336 CGroupContext
*c
= data
;
3337 const char *p
= rvalue
;
3345 if (isempty(rvalue
)) {
3346 while (c
->io_device_weights
)
3347 cgroup_context_free_io_device_weight(c
, c
->io_device_weights
);
3352 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3356 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3357 "Invalid syntax, ignoring: %s", rvalue
);
3360 if (r
== 0 || isempty(p
)) {
3361 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3362 "Failed to extract device path and weight from '%s', ignoring.", rvalue
);
3366 r
= unit_full_printf(userdata
, path
, &resolved
);
3368 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3369 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3373 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3377 r
= cg_weight_parse(p
, &u
);
3379 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IO weight '%s' invalid, ignoring: %m", p
);
3383 assert(u
!= CGROUP_WEIGHT_INVALID
);
3385 w
= new0(CGroupIODeviceWeight
, 1);
3389 w
->path
= TAKE_PTR(resolved
);
3392 LIST_PREPEND(device_weights
, c
->io_device_weights
, w
);
3396 int config_parse_io_device_latency(
3398 const char *filename
,
3400 const char *section
,
3401 unsigned section_line
,
3408 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3409 CGroupIODeviceLatency
*l
;
3410 CGroupContext
*c
= data
;
3411 const char *p
= rvalue
;
3419 if (isempty(rvalue
)) {
3420 while (c
->io_device_latencies
)
3421 cgroup_context_free_io_device_latency(c
, c
->io_device_latencies
);
3426 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3430 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3431 "Invalid syntax, ignoring: %s", rvalue
);
3434 if (r
== 0 || isempty(p
)) {
3435 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3436 "Failed to extract device path and latency from '%s', ignoring.", rvalue
);
3440 r
= unit_full_printf(userdata
, path
, &resolved
);
3442 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3443 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3447 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3451 if (parse_sec(p
, &usec
) < 0) {
3452 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse timer value, ignoring: %s", p
);
3456 l
= new0(CGroupIODeviceLatency
, 1);
3460 l
->path
= TAKE_PTR(resolved
);
3461 l
->target_usec
= usec
;
3463 LIST_PREPEND(device_latencies
, c
->io_device_latencies
, l
);
3467 int config_parse_io_limit(
3469 const char *filename
,
3471 const char *section
,
3472 unsigned section_line
,
3479 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3480 CGroupIODeviceLimit
*l
= NULL
, *t
;
3481 CGroupContext
*c
= data
;
3482 CGroupIOLimitType type
;
3483 const char *p
= rvalue
;
3491 type
= cgroup_io_limit_type_from_string(lvalue
);
3494 if (isempty(rvalue
)) {
3495 LIST_FOREACH(device_limits
, l
, c
->io_device_limits
)
3496 l
->limits
[type
] = cgroup_io_limit_defaults
[type
];
3500 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3504 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3505 "Invalid syntax, ignoring: %s", rvalue
);
3508 if (r
== 0 || isempty(p
)) {
3509 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3510 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3514 r
= unit_full_printf(userdata
, path
, &resolved
);
3516 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3517 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3521 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3525 if (streq("infinity", p
))
3526 num
= CGROUP_LIMIT_MAX
;
3528 r
= parse_size(p
, 1000, &num
);
3529 if (r
< 0 || num
<= 0) {
3530 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid IO limit '%s', ignoring.", p
);
3535 LIST_FOREACH(device_limits
, t
, c
->io_device_limits
) {
3536 if (path_equal(resolved
, t
->path
)) {
3543 CGroupIOLimitType ttype
;
3545 l
= new0(CGroupIODeviceLimit
, 1);
3549 l
->path
= TAKE_PTR(resolved
);
3550 for (ttype
= 0; ttype
< _CGROUP_IO_LIMIT_TYPE_MAX
; ttype
++)
3551 l
->limits
[ttype
] = cgroup_io_limit_defaults
[ttype
];
3553 LIST_PREPEND(device_limits
, c
->io_device_limits
, l
);
3556 l
->limits
[type
] = num
;
3561 int config_parse_blockio_device_weight(
3563 const char *filename
,
3565 const char *section
,
3566 unsigned section_line
,
3573 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3574 CGroupBlockIODeviceWeight
*w
;
3575 CGroupContext
*c
= data
;
3576 const char *p
= rvalue
;
3584 if (isempty(rvalue
)) {
3585 while (c
->blockio_device_weights
)
3586 cgroup_context_free_blockio_device_weight(c
, c
->blockio_device_weights
);
3591 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3595 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3596 "Invalid syntax, ignoring: %s", rvalue
);
3599 if (r
== 0 || isempty(p
)) {
3600 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3601 "Failed to extract device node and weight from '%s', ignoring.", rvalue
);
3605 r
= unit_full_printf(userdata
, path
, &resolved
);
3607 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3608 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3612 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3616 r
= cg_blkio_weight_parse(p
, &u
);
3618 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid block IO weight '%s', ignoring: %m", p
);
3622 assert(u
!= CGROUP_BLKIO_WEIGHT_INVALID
);
3624 w
= new0(CGroupBlockIODeviceWeight
, 1);
3628 w
->path
= TAKE_PTR(resolved
);
3631 LIST_PREPEND(device_weights
, c
->blockio_device_weights
, w
);
3635 int config_parse_blockio_bandwidth(
3637 const char *filename
,
3639 const char *section
,
3640 unsigned section_line
,
3647 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3648 CGroupBlockIODeviceBandwidth
*b
= NULL
, *t
;
3649 CGroupContext
*c
= data
;
3650 const char *p
= rvalue
;
3659 read
= streq("BlockIOReadBandwidth", lvalue
);
3661 if (isempty(rvalue
)) {
3662 LIST_FOREACH(device_bandwidths
, b
, c
->blockio_device_bandwidths
) {
3663 b
->rbps
= CGROUP_LIMIT_MAX
;
3664 b
->wbps
= CGROUP_LIMIT_MAX
;
3669 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_QUOTES
);
3673 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3674 "Invalid syntax, ignoring: %s", rvalue
);
3677 if (r
== 0 || isempty(p
)) {
3678 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3679 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3683 r
= unit_full_printf(userdata
, path
, &resolved
);
3685 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3686 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3690 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3694 r
= parse_size(p
, 1000, &bytes
);
3695 if (r
< 0 || bytes
<= 0) {
3696 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid Block IO Bandwidth '%s', ignoring.", p
);
3700 LIST_FOREACH(device_bandwidths
, t
, c
->blockio_device_bandwidths
) {
3701 if (path_equal(resolved
, t
->path
)) {
3708 b
= new0(CGroupBlockIODeviceBandwidth
, 1);
3712 b
->path
= TAKE_PTR(resolved
);
3713 b
->rbps
= CGROUP_LIMIT_MAX
;
3714 b
->wbps
= CGROUP_LIMIT_MAX
;
3716 LIST_PREPEND(device_bandwidths
, c
->blockio_device_bandwidths
, b
);
3727 int config_parse_job_mode_isolate(
3729 const char *filename
,
3731 const char *section
,
3732 unsigned section_line
,
3746 r
= parse_boolean(rvalue
);
3748 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse boolean, ignoring: %s", rvalue
);
3752 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue
);
3754 *m
= r
? JOB_ISOLATE
: JOB_REPLACE
;
3758 int config_parse_exec_directories(
3760 const char *filename
,
3762 const char *section
,
3763 unsigned section_line
,
3780 if (isempty(rvalue
)) {
3781 /* Empty assignment resets the list */
3782 *rt
= strv_free(*rt
);
3786 for (p
= rvalue
;;) {
3787 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
3789 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
3793 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3794 "Invalid syntax, ignoring: %s", rvalue
);
3800 r
= unit_full_printf(u
, word
, &k
);
3802 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
3803 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
3807 r
= path_simplify_and_warn(k
, PATH_CHECK_RELATIVE
, unit
, filename
, line
, lvalue
);
3811 if (path_startswith(k
, "private")) {
3812 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
3813 "%s= path can't be 'private', ignoring assignment: %s", lvalue
, word
);
3817 r
= strv_push(rt
, k
);
3824 int config_parse_set_status(
3826 const char *filename
,
3828 const char *section
,
3829 unsigned section_line
,
3837 const char *word
, *state
;
3839 ExitStatusSet
*status_set
= data
;
3846 /* Empty assignment resets the list */
3847 if (isempty(rvalue
)) {
3848 exit_status_set_free(status_set
);
3852 FOREACH_WORD(word
, l
, rvalue
, state
) {
3853 _cleanup_free_
char *temp
;
3857 temp
= strndup(word
, l
);
3861 r
= safe_atoi(temp
, &val
);
3863 val
= signal_from_string(temp
);
3866 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse value, ignoring: %s", word
);
3869 set
= &status_set
->signal
;
3871 if (val
< 0 || val
> 255) {
3872 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Value %d is outside range 0-255, ignoring", val
);
3875 set
= &status_set
->status
;
3878 r
= set_ensure_allocated(set
, NULL
);
3882 r
= set_put(*set
, INT_TO_PTR(val
));
3886 if (!isempty(state
))
3887 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Trailing garbage, ignoring.");
3892 int config_parse_namespace_path_strv(
3894 const char *filename
,
3896 const char *section
,
3897 unsigned section_line
,
3906 const char *p
= rvalue
;
3914 if (isempty(rvalue
)) {
3915 /* Empty assignment resets the list */
3916 *sv
= strv_free(*sv
);
3921 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
, *joined
= NULL
;
3923 bool ignore_enoent
= false, shall_prefix
= false;
3925 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
3931 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
3936 if (startswith(w
, "-")) {
3937 ignore_enoent
= true;
3940 if (startswith(w
, "+")) {
3941 shall_prefix
= true;
3945 r
= unit_full_printf(u
, w
, &resolved
);
3947 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", w
);
3951 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
3955 joined
= strjoin(ignore_enoent
? "-" : "",
3956 shall_prefix
? "+" : "",
3959 r
= strv_push(sv
, joined
);
3969 int config_parse_temporary_filesystems(
3971 const char *filename
,
3973 const char *section
,
3974 unsigned section_line
,
3982 ExecContext
*c
= data
;
3983 const char *p
= rvalue
;
3991 if (isempty(rvalue
)) {
3992 /* Empty assignment resets the list */
3993 temporary_filesystem_free_many(c
->temporary_filesystems
, c
->n_temporary_filesystems
);
3994 c
->temporary_filesystems
= NULL
;
3995 c
->n_temporary_filesystems
= 0;
4000 _cleanup_free_
char *word
= NULL
, *path
= NULL
, *resolved
= NULL
;
4003 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_QUOTES
);
4009 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4014 r
= extract_first_word(&w
, &path
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4018 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", word
);
4022 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid syntax, ignoring: %s", word
);
4026 r
= unit_full_printf(u
, path
, &resolved
);
4028 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", path
);
4032 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4036 r
= temporary_filesystem_add(&c
->temporary_filesystems
, &c
->n_temporary_filesystems
, resolved
, w
);
4042 int config_parse_bind_paths(
4044 const char *filename
,
4046 const char *section
,
4047 unsigned section_line
,
4054 ExecContext
*c
= data
;
4064 if (isempty(rvalue
)) {
4065 /* Empty assignment resets the list */
4066 bind_mount_free_many(c
->bind_mounts
, c
->n_bind_mounts
);
4067 c
->bind_mounts
= NULL
;
4068 c
->n_bind_mounts
= 0;
4074 _cleanup_free_
char *source
= NULL
, *destination
= NULL
;
4075 _cleanup_free_
char *sresolved
= NULL
, *dresolved
= NULL
;
4076 char *s
= NULL
, *d
= NULL
;
4077 bool rbind
= true, ignore_enoent
= false;
4079 r
= extract_first_word(&p
, &source
, ":" WHITESPACE
, EXTRACT_QUOTES
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4085 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4089 r
= unit_full_printf(u
, source
, &sresolved
);
4091 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4092 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source
);
4098 ignore_enoent
= true;
4102 r
= path_simplify_and_warn(s
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4106 /* Optionally, the destination is specified. */
4107 if (p
&& p
[-1] == ':') {
4108 r
= extract_first_word(&p
, &destination
, ":" WHITESPACE
, EXTRACT_QUOTES
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4112 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4116 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Missing argument after ':', ignoring: %s", s
);
4120 r
= unit_full_printf(u
, destination
, &dresolved
);
4122 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4123 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination
);
4127 r
= path_simplify_and_warn(dresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4133 /* Optionally, there's also a short option string specified */
4134 if (p
&& p
[-1] == ':') {
4135 _cleanup_free_
char *options
= NULL
;
4137 r
= extract_first_word(&p
, &options
, NULL
, EXTRACT_QUOTES
);
4141 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s: %s", lvalue
, rvalue
);
4145 if (isempty(options
) || streq(options
, "rbind"))
4147 else if (streq(options
, "norbind"))
4150 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid option string, ignoring setting: %s", options
);
4157 r
= bind_mount_add(&c
->bind_mounts
, &c
->n_bind_mounts
,
4161 .read_only
= !!strstr(lvalue
, "ReadOnly"),
4163 .ignore_enoent
= ignore_enoent
,
4172 int config_parse_job_timeout_sec(
4174 const char *filename
,
4176 const char *section
,
4177 unsigned section_line
,
4193 r
= parse_sec_fix_0(rvalue
, &usec
);
4195 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue
);
4199 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4200 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4203 if (!u
->job_running_timeout_set
)
4204 u
->job_running_timeout
= usec
;
4206 u
->job_timeout
= usec
;
4211 int config_parse_job_running_timeout_sec(
4213 const char *filename
,
4215 const char *section
,
4216 unsigned section_line
,
4232 r
= parse_sec_fix_0(rvalue
, &usec
);
4234 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue
);
4238 u
->job_running_timeout
= usec
;
4239 u
->job_running_timeout_set
= true;
4244 int config_parse_emergency_action(
4246 const char *filename
,
4248 const char *section
,
4249 unsigned section_line
,
4257 EmergencyAction
*x
= data
;
4266 m
= ((Unit
*) userdata
)->manager
;
4270 r
= parse_emergency_action(rvalue
, MANAGER_IS_SYSTEM(m
), x
);
4272 if (r
== -EOPNOTSUPP
&& MANAGER_IS_USER(m
)) {
4273 /* Compat mode: remove for systemd 241. */
4275 log_syntax(unit
, LOG_INFO
, filename
, line
, r
,
4276 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
4278 *x
= EMERGENCY_ACTION_EXIT_FORCE
;
4282 if (r
== -EOPNOTSUPP
)
4283 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4284 "%s= specified as %s mode action, ignoring: %s",
4285 lvalue
, MANAGER_IS_SYSTEM(m
) ? "user" : "system", rvalue
);
4287 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4288 "Failed to parse %s=, ignoring: %s", lvalue
, rvalue
);
4295 int config_parse_pid_file(
4297 const char *filename
,
4299 const char *section
,
4300 unsigned section_line
,
4307 _cleanup_free_
char *k
= NULL
, *n
= NULL
;
4317 if (isempty(rvalue
)) {
4318 /* An empty assignment removes already set value. */
4323 r
= unit_full_printf(u
, rvalue
, &k
);
4325 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
4329 /* If this is a relative path make it absolute by prefixing the /run */
4330 n
= path_make_absolute(k
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
4334 /* Check that the result is a sensible path */
4335 r
= path_simplify_and_warn(n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4339 r
= patch_var_run(unit
, filename
, line
, lvalue
, &n
);
4343 free_and_replace(*s
, n
);
4347 int config_parse_exit_status(
4349 const char *filename
,
4351 const char *section
,
4352 unsigned section_line
,
4359 int *exit_status
= data
, r
;
4365 assert(exit_status
);
4367 if (isempty(rvalue
)) {
4372 r
= safe_atou8(rvalue
, &u
);
4374 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse exit status '%s', ignoring: %m", rvalue
);
4382 int config_parse_disable_controllers(
4384 const char *filename
,
4386 const char *section
,
4387 unsigned section_line
,
4395 CGroupContext
*c
= data
;
4396 CGroupMask disabled_mask
;
4398 /* 1. If empty, make all controllers eligible for use again.
4399 * 2. If non-empty, merge all listed controllers, space separated. */
4401 if (isempty(rvalue
)) {
4402 c
->disable_controllers
= 0;
4406 r
= cg_mask_from_string(rvalue
, &disabled_mask
);
4407 if (r
< 0 || disabled_mask
<= 0) {
4408 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid cgroup string: %s, ignoring", rvalue
);
4412 c
->disable_controllers
|= disabled_mask
;
4417 #define FOLLOW_MAX 8
4419 static int open_follow(char **filename
, FILE **_f
, Set
*names
, char **_final
) {
4430 /* This will update the filename pointer if the loaded file is
4431 * reached by a symlink. The old string will be freed. */
4434 char *target
, *name
;
4436 if (c
++ >= FOLLOW_MAX
)
4439 path_simplify(*filename
, false);
4441 /* Add the file name we are currently looking at to
4442 * the names of this unit, but only if it is a valid
4444 name
= basename(*filename
);
4445 if (unit_name_is_valid(name
, UNIT_NAME_ANY
)) {
4447 id
= set_get(names
, name
);
4453 r
= set_consume(names
, id
);
4459 /* Try to open the file name, but don't if its a symlink */
4460 fd
= open(*filename
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
4467 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
4468 r
= readlink_and_make_absolute(*filename
, &target
);
4472 free_and_replace(*filename
, target
);
4475 f
= fdopen(fd
, "r");
4487 static int merge_by_names(Unit
**u
, Set
*names
, const char *id
) {
4495 /* Let's try to add in all symlink names we found */
4496 while ((k
= set_steal_first(names
))) {
4498 /* First try to merge in the other name into our
4500 r
= unit_merge_by_name(*u
, k
);
4504 /* Hmm, we couldn't merge the other unit into
4505 * ours? Then let's try it the other way
4508 /* If the symlink name we are looking at is unit template, then
4509 we must search for instance of this template */
4510 if (unit_name_is_valid(k
, UNIT_NAME_TEMPLATE
) && (*u
)->instance
) {
4511 _cleanup_free_
char *instance
= NULL
;
4513 r
= unit_name_replace_instance(k
, (*u
)->instance
, &instance
);
4517 other
= manager_get_unit((*u
)->manager
, instance
);
4519 other
= manager_get_unit((*u
)->manager
, k
);
4524 r
= unit_merge(other
, *u
);
4527 return merge_by_names(u
, names
, NULL
);
4535 unit_choose_id(*u
, id
);
4543 static int load_from_path(Unit
*u
, const char *path
) {
4544 _cleanup_set_free_free_ Set
*symlink_names
= NULL
;
4545 _cleanup_fclose_
FILE *f
= NULL
;
4546 _cleanup_free_
char *filename
= NULL
;
4555 symlink_names
= set_new(&string_hash_ops
);
4559 if (path_is_absolute(path
)) {
4561 filename
= strdup(path
);
4565 r
= open_follow(&filename
, &f
, symlink_names
, &id
);
4567 filename
= mfree(filename
);
4575 STRV_FOREACH(p
, u
->manager
->lookup_paths
.search_path
) {
4577 /* Instead of opening the path right away, we manually
4578 * follow all symlinks and add their name to our unit
4579 * name set while doing so */
4580 filename
= path_make_absolute(path
, *p
);
4584 if (u
->manager
->unit_path_cache
&&
4585 !set_get(u
->manager
->unit_path_cache
, filename
))
4588 r
= open_follow(&filename
, &f
, symlink_names
, &id
);
4592 /* ENOENT means that the file is missing or is a dangling symlink.
4593 * ENOTDIR means that one of paths we expect to be is a directory
4594 * is not a directory, we should just ignore that.
4595 * EACCES means that the directory or file permissions are wrong.
4598 log_debug_errno(r
, "Cannot access \"%s\": %m", filename
);
4599 else if (!IN_SET(r
, -ENOENT
, -ENOTDIR
))
4602 filename
= mfree(filename
);
4603 /* Empty the symlink names for the next run */
4604 set_clear_free(symlink_names
);
4609 /* Hmm, no suitable file found? */
4612 if (!unit_type_may_alias(u
->type
) && set_size(symlink_names
) > 1) {
4613 log_unit_warning(u
, "Unit type of %s does not support alias names, refusing loading via symlink.", u
->id
);
4618 r
= merge_by_names(&merged
, symlink_names
, id
);
4623 u
->load_state
= UNIT_MERGED
;
4627 if (fstat(fileno(f
), &st
) < 0)
4630 if (null_or_empty(&st
)) {
4631 u
->load_state
= UNIT_MASKED
;
4632 u
->fragment_mtime
= 0;
4634 u
->load_state
= UNIT_LOADED
;
4635 u
->fragment_mtime
= timespec_load(&st
.st_mtim
);
4637 /* Now, parse the file contents */
4638 r
= config_parse(u
->id
, filename
, f
,
4639 UNIT_VTABLE(u
)->sections
,
4640 config_item_perf_lookup
, load_fragment_gperf_lookup
,
4641 CONFIG_PARSE_ALLOW_INCLUDE
, u
);
4646 free_and_replace(u
->fragment_path
, filename
);
4648 if (u
->source_path
) {
4649 if (stat(u
->source_path
, &st
) >= 0)
4650 u
->source_mtime
= timespec_load(&st
.st_mtim
);
4652 u
->source_mtime
= 0;
4658 int unit_load_fragment(Unit
*u
) {
4664 assert(u
->load_state
== UNIT_STUB
);
4668 u
->load_state
= UNIT_LOADED
;
4672 /* First, try to find the unit under its id. We always look
4673 * for unit files in the default directories, to make it easy
4674 * to override things by placing things in /etc/systemd/system */
4675 r
= load_from_path(u
, u
->id
);
4679 /* Try to find an alias we can load this with */
4680 if (u
->load_state
== UNIT_STUB
) {
4681 SET_FOREACH(t
, u
->names
, i
) {
4686 r
= load_from_path(u
, t
);
4690 if (u
->load_state
!= UNIT_STUB
)
4695 /* And now, try looking for it under the suggested (originally linked) path */
4696 if (u
->load_state
== UNIT_STUB
&& u
->fragment_path
) {
4698 r
= load_from_path(u
, u
->fragment_path
);
4702 if (u
->load_state
== UNIT_STUB
)
4703 /* Hmm, this didn't work? Then let's get rid
4704 * of the fragment path stored for us, so that
4705 * we don't point to an invalid location. */
4706 u
->fragment_path
= mfree(u
->fragment_path
);
4709 /* Look for a template */
4710 if (u
->load_state
== UNIT_STUB
&& u
->instance
) {
4711 _cleanup_free_
char *k
= NULL
;
4713 r
= unit_name_template(u
->id
, &k
);
4717 r
= load_from_path(u
, k
);
4720 log_unit_notice(u
, "Unit configuration has fatal error, unit will not be started.");
4724 if (u
->load_state
== UNIT_STUB
) {
4725 SET_FOREACH(t
, u
->names
, i
) {
4726 _cleanup_free_
char *z
= NULL
;
4731 r
= unit_name_template(t
, &z
);
4735 r
= load_from_path(u
, z
);
4739 if (u
->load_state
!= UNIT_STUB
)
4748 void unit_dump_config_items(FILE *f
) {
4749 static const struct {
4750 const ConfigParserCallback callback
;
4753 { config_parse_warn_compat
, "NOTSUPPORTED" },
4754 { config_parse_int
, "INTEGER" },
4755 { config_parse_unsigned
, "UNSIGNED" },
4756 { config_parse_iec_size
, "SIZE" },
4757 { config_parse_iec_uint64
, "SIZE" },
4758 { config_parse_si_size
, "SIZE" },
4759 { config_parse_bool
, "BOOLEAN" },
4760 { config_parse_string
, "STRING" },
4761 { config_parse_path
, "PATH" },
4762 { config_parse_unit_path_printf
, "PATH" },
4763 { config_parse_strv
, "STRING [...]" },
4764 { config_parse_exec_nice
, "NICE" },
4765 { config_parse_exec_oom_score_adjust
, "OOMSCOREADJUST" },
4766 { config_parse_exec_io_class
, "IOCLASS" },
4767 { config_parse_exec_io_priority
, "IOPRIORITY" },
4768 { config_parse_exec_cpu_sched_policy
, "CPUSCHEDPOLICY" },
4769 { config_parse_exec_cpu_sched_prio
, "CPUSCHEDPRIO" },
4770 { config_parse_exec_cpu_affinity
, "CPUAFFINITY" },
4771 { config_parse_mode
, "MODE" },
4772 { config_parse_unit_env_file
, "FILE" },
4773 { config_parse_exec_output
, "OUTPUT" },
4774 { config_parse_exec_input
, "INPUT" },
4775 { config_parse_log_facility
, "FACILITY" },
4776 { config_parse_log_level
, "LEVEL" },
4777 { config_parse_exec_secure_bits
, "SECUREBITS" },
4778 { config_parse_capability_set
, "BOUNDINGSET" },
4779 { config_parse_rlimit
, "LIMIT" },
4780 { config_parse_unit_deps
, "UNIT [...]" },
4781 { config_parse_exec
, "PATH [ARGUMENT [...]]" },
4782 { config_parse_service_type
, "SERVICETYPE" },
4783 { config_parse_service_restart
, "SERVICERESTART" },
4784 { config_parse_kill_mode
, "KILLMODE" },
4785 { config_parse_signal
, "SIGNAL" },
4786 { config_parse_socket_listen
, "SOCKET [...]" },
4787 { config_parse_socket_bind
, "SOCKETBIND" },
4788 { config_parse_socket_bindtodevice
, "NETWORKINTERFACE" },
4789 { config_parse_sec
, "SECONDS" },
4790 { config_parse_nsec
, "NANOSECONDS" },
4791 { config_parse_namespace_path_strv
, "PATH [...]" },
4792 { config_parse_bind_paths
, "PATH[:PATH[:OPTIONS]] [...]" },
4793 { config_parse_unit_requires_mounts_for
, "PATH [...]" },
4794 { config_parse_exec_mount_flags
, "MOUNTFLAG [...]" },
4795 { config_parse_unit_string_printf
, "STRING" },
4796 { config_parse_trigger_unit
, "UNIT" },
4797 { config_parse_timer
, "TIMER" },
4798 { config_parse_path_spec
, "PATH" },
4799 { config_parse_notify_access
, "ACCESS" },
4800 { config_parse_ip_tos
, "TOS" },
4801 { config_parse_unit_condition_path
, "CONDITION" },
4802 { config_parse_unit_condition_string
, "CONDITION" },
4803 { config_parse_unit_condition_null
, "CONDITION" },
4804 { config_parse_unit_slice
, "SLICE" },
4805 { config_parse_documentation
, "URL" },
4806 { config_parse_service_timeout
, "SECONDS" },
4807 { config_parse_emergency_action
, "ACTION" },
4808 { config_parse_set_status
, "STATUS" },
4809 { config_parse_service_sockets
, "SOCKETS" },
4810 { config_parse_environ
, "ENVIRON" },
4812 { config_parse_syscall_filter
, "SYSCALLS" },
4813 { config_parse_syscall_archs
, "ARCHS" },
4814 { config_parse_syscall_errno
, "ERRNO" },
4815 { config_parse_address_families
, "FAMILIES" },
4816 { config_parse_restrict_namespaces
, "NAMESPACES" },
4818 { config_parse_cpu_shares
, "SHARES" },
4819 { config_parse_cg_weight
, "WEIGHT" },
4820 { config_parse_memory_limit
, "LIMIT" },
4821 { config_parse_device_allow
, "DEVICE" },
4822 { config_parse_device_policy
, "POLICY" },
4823 { config_parse_io_limit
, "LIMIT" },
4824 { config_parse_io_device_weight
, "DEVICEWEIGHT" },
4825 { config_parse_io_device_latency
, "DEVICELATENCY" },
4826 { config_parse_blockio_bandwidth
, "BANDWIDTH" },
4827 { config_parse_blockio_weight
, "WEIGHT" },
4828 { config_parse_blockio_device_weight
, "DEVICEWEIGHT" },
4829 { config_parse_long
, "LONG" },
4830 { config_parse_socket_service
, "SERVICE" },
4832 { config_parse_exec_selinux_context
, "LABEL" },
4834 { config_parse_job_mode
, "MODE" },
4835 { config_parse_job_mode_isolate
, "BOOLEAN" },
4836 { config_parse_personality
, "PERSONALITY" },
4839 const char *prev
= NULL
;
4844 NULSTR_FOREACH(i
, load_fragment_gperf_nulstr
) {
4845 const char *rvalue
= "OTHER", *lvalue
;
4846 const ConfigPerfItem
*p
;
4851 assert_se(p
= load_fragment_gperf_lookup(i
, strlen(i
)));
4853 /* Hide legacy settings */
4854 if (p
->parse
== config_parse_warn_compat
&&
4855 p
->ltype
== DISABLED_LEGACY
)
4858 for (j
= 0; j
< ELEMENTSOF(table
); j
++)
4859 if (p
->parse
== table
[j
].callback
) {
4860 rvalue
= table
[j
].rvalue
;
4864 dot
= strchr(i
, '.');
4865 lvalue
= dot
? dot
+ 1 : i
;
4869 if (!prev
|| !strneq(prev
, i
, prefix_len
+1)) {
4873 fprintf(f
, "[%.*s]\n", (int) prefix_len
, i
);
4876 fprintf(f
, "%s=%s\n", lvalue
, rvalue
);