1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2012 Holger Hans Peter Freyther
14 #include <sys/resource.h>
17 #include "alloc-util.h"
18 #include "all-units.h"
19 #include "bpf-firewall.h"
20 #include "bus-error.h"
21 #include "bus-internal.h"
24 #include "capability-util.h"
25 #include "cgroup-setup.h"
26 #include "conf-parser.h"
27 #include "cpu-set-util.h"
29 #include "errno-list.h"
33 #include "hexdecoct.h"
36 #include "ip-protocol-list.h"
37 #include "journal-util.h"
38 #include "limits-util.h"
39 #include "load-fragment.h"
41 #include "mountpoint-util.h"
42 #include "nulstr-util.h"
43 #include "parse-util.h"
44 #include "path-util.h"
45 #include "process-util.h"
47 #include "seccomp-util.h"
49 #include "securebits-util.h"
50 #include "signal-util.h"
51 #include "socket-netlink.h"
52 #include "stat-util.h"
53 #include "string-util.h"
55 #include "syslog-util.h"
56 #include "time-util.h"
57 #include "unit-name.h"
58 #include "unit-printf.h"
59 #include "user-util.h"
62 static int parse_socket_protocol(const char *s
) {
65 r
= parse_ip_protocol(s
);
68 if (!IN_SET(r
, IPPROTO_UDPLITE
, IPPROTO_SCTP
))
69 return -EPROTONOSUPPORT
;
74 int parse_crash_chvt(const char *value
, int *data
) {
77 if (safe_atoi(value
, data
) >= 0)
80 b
= parse_boolean(value
);
85 *data
= 0; /* switch to where kmsg goes */
87 *data
= -1; /* turn off switching */
92 int parse_confirm_spawn(const char *value
, char **console
) {
96 r
= value
? parse_boolean(value
) : 1;
100 } else if (r
> 0) /* on with default tty */
101 s
= strdup("/dev/console");
102 else if (is_path(value
)) /* on with fully qualified path */
104 else /* on with only a tty file name, not a fully qualified path */
105 s
= path_join("/dev/", value
);
113 DEFINE_CONFIG_PARSE(config_parse_socket_protocol
, parse_socket_protocol
, "Failed to parse socket protocol");
114 DEFINE_CONFIG_PARSE(config_parse_exec_secure_bits
, secure_bits_from_string
, "Failed to parse secure bits");
115 DEFINE_CONFIG_PARSE_ENUM(config_parse_collect_mode
, collect_mode
, CollectMode
, "Failed to parse garbage collection mode");
116 DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy
, cgroup_device_policy
, CGroupDevicePolicy
, "Failed to parse device policy");
117 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_keyring_mode
, exec_keyring_mode
, ExecKeyringMode
, "Failed to parse keyring mode");
118 DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode
, exec_utmp_mode
, ExecUtmpMode
, "Failed to parse utmp mode");
119 DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode
, job_mode
, JobMode
, "Failed to parse job mode");
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode
, kill_mode
, KillMode
, "Failed to parse kill mode");
121 DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access
, notify_access
, NotifyAccess
, "Failed to parse notify access specifier");
122 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_home
, protect_home
, ProtectHome
, "Failed to parse protect home value");
123 DEFINE_CONFIG_PARSE_ENUM(config_parse_protect_system
, protect_system
, ProtectSystem
, "Failed to parse protect system value");
124 DEFINE_CONFIG_PARSE_ENUM(config_parse_runtime_preserve_mode
, exec_preserve_mode
, ExecPreserveMode
, "Failed to parse runtime directory preserve mode");
125 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type
, service_type
, ServiceType
, "Failed to parse service type");
126 DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart
, service_restart
, ServiceRestart
, "Failed to parse service restart specifier");
127 DEFINE_CONFIG_PARSE_ENUM(config_parse_socket_bind
, socket_address_bind_ipv6_only_or_bool
, SocketAddressBindIPv6Only
, "Failed to parse bind IPv6 only value");
128 DEFINE_CONFIG_PARSE_ENUM(config_parse_oom_policy
, oom_policy
, OOMPolicy
, "Failed to parse OOM policy");
129 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_ip_tos
, ip_tos
, int, -1, "Failed to parse IP TOS value");
130 DEFINE_CONFIG_PARSE_PTR(config_parse_blockio_weight
, cg_blkio_weight_parse
, uint64_t, "Invalid block IO weight");
131 DEFINE_CONFIG_PARSE_PTR(config_parse_cg_weight
, cg_weight_parse
, uint64_t, "Invalid weight");
132 DEFINE_CONFIG_PARSE_PTR(config_parse_cpu_shares
, cg_cpu_shares_parse
, uint64_t, "Invalid CPU shares");
133 DEFINE_CONFIG_PARSE_PTR(config_parse_exec_mount_flags
, mount_propagation_flags_from_string
, unsigned long, "Failed to parse mount flag");
134 DEFINE_CONFIG_PARSE_ENUM_WITH_DEFAULT(config_parse_numa_policy
, mpol
, int, -1, "Invalid NUMA policy type");
135 DEFINE_CONFIG_PARSE_ENUM(config_parse_status_unit_format
, status_unit_format
, StatusUnitFormat
, "Failed to parse status unit format");
137 int config_parse_unit_deps(
139 const char *filename
,
142 unsigned section_line
,
149 UnitDependency d
= ltype
;
159 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
162 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_RETAIN_ESCAPE
);
168 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
172 r
= unit_name_printf(u
, word
, &k
);
174 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
178 r
= unit_add_dependency_by_name(u
, d
, k
, true, UNIT_DEPENDENCY_FILE
);
180 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
186 int config_parse_obsolete_unit_deps(
188 const char *filename
,
191 unsigned section_line
,
198 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
199 "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue
, unit_dependency_to_string(ltype
));
201 return config_parse_unit_deps(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
, data
, userdata
);
204 int config_parse_unit_string_printf(
206 const char *filename
,
209 unsigned section_line
,
216 _cleanup_free_
char *k
= NULL
;
217 const Unit
*u
= userdata
;
225 r
= unit_full_printf(u
, rvalue
, &k
);
227 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
231 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
234 int config_parse_unit_strv_printf(
236 const char *filename
,
239 unsigned section_line
,
246 const Unit
*u
= userdata
;
247 _cleanup_free_
char *k
= NULL
;
255 r
= unit_full_printf(u
, rvalue
, &k
);
257 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
261 return config_parse_strv(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
264 int config_parse_unit_path_printf(
266 const char *filename
,
269 unsigned section_line
,
276 _cleanup_free_
char *k
= NULL
;
277 const Unit
*u
= userdata
;
286 /* Let's not bother with anything that is too long */
287 if (strlen(rvalue
) >= PATH_MAX
) {
288 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
289 "%s value too long%s.",
290 lvalue
, fatal
? "" : ", ignoring");
291 return fatal
? -ENAMETOOLONG
: 0;
294 r
= unit_full_printf(u
, rvalue
, &k
);
296 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
297 "Failed to resolve unit specifiers in '%s'%s: %m",
298 rvalue
, fatal
? "" : ", ignoring");
299 return fatal
? -ENOEXEC
: 0;
302 return config_parse_path(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
305 int config_parse_unit_path_strv_printf(
307 const char *filename
,
310 unsigned section_line
,
318 const Unit
*u
= userdata
;
327 if (isempty(rvalue
)) {
333 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
335 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
341 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
342 "Invalid syntax, ignoring: %s", rvalue
);
346 r
= unit_full_printf(u
, word
, &k
);
348 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
349 "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
353 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
357 r
= strv_consume(x
, TAKE_PTR(k
));
363 static int patch_var_run(
365 const char *filename
,
373 e
= path_startswith(*path
, "/var/run/");
377 z
= path_join("/run/", e
);
381 log_syntax(unit
, LOG_NOTICE
, filename
, line
, 0,
382 "%s= references a path below legacy directory /var/run/, updating %s → %s; "
383 "please update the unit file accordingly.", lvalue
, *path
, z
);
385 free_and_replace(*path
, z
);
390 int config_parse_socket_listen(
392 const char *filename
,
395 unsigned section_line
,
402 _cleanup_free_ SocketPort
*p
= NULL
;
414 if (isempty(rvalue
)) {
415 /* An empty assignment removes all ports */
416 socket_free_ports(s
);
420 p
= new0(SocketPort
, 1);
424 if (ltype
!= SOCKET_SOCKET
) {
425 _cleanup_free_
char *k
= NULL
;
427 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
429 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
433 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
437 if (ltype
== SOCKET_FIFO
) {
438 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
443 free_and_replace(p
->path
, k
);
446 } else if (streq(lvalue
, "ListenNetlink")) {
447 _cleanup_free_
char *k
= NULL
;
449 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
451 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
455 r
= socket_address_parse_netlink(&p
->address
, k
);
457 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
461 p
->type
= SOCKET_SOCKET
;
464 _cleanup_free_
char *k
= NULL
;
466 r
= unit_full_printf(UNIT(s
), rvalue
, &k
);
468 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
472 if (k
[0] == '/') { /* Only for AF_UNIX file system sockets… */
473 r
= patch_var_run(unit
, filename
, line
, lvalue
, &k
);
478 r
= socket_address_parse_and_warn(&p
->address
, k
);
480 if (r
!= -EAFNOSUPPORT
)
481 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse address value in '%s', ignoring: %m", k
);
485 if (streq(lvalue
, "ListenStream"))
486 p
->address
.type
= SOCK_STREAM
;
487 else if (streq(lvalue
, "ListenDatagram"))
488 p
->address
.type
= SOCK_DGRAM
;
490 assert(streq(lvalue
, "ListenSequentialPacket"));
491 p
->address
.type
= SOCK_SEQPACKET
;
494 if (socket_address_family(&p
->address
) != AF_LOCAL
&& p
->address
.type
== SOCK_SEQPACKET
) {
495 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Address family not supported, ignoring: %s", rvalue
);
499 p
->type
= SOCKET_SOCKET
;
503 p
->auxiliary_fds
= NULL
;
504 p
->n_auxiliary_fds
= 0;
507 LIST_FIND_TAIL(port
, s
->ports
, tail
);
508 LIST_INSERT_AFTER(port
, s
->ports
, tail
, p
);
515 int config_parse_exec_nice(
517 const char *filename
,
520 unsigned section_line
,
527 ExecContext
*c
= data
;
535 if (isempty(rvalue
)) {
540 r
= parse_nice(rvalue
, &priority
);
543 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Nice priority out of range, ignoring: %s", rvalue
);
545 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse nice priority '%s', ignoring: %m", rvalue
);
555 int config_parse_exec_oom_score_adjust(
557 const char *filename
,
560 unsigned section_line
,
567 ExecContext
*c
= data
;
575 if (isempty(rvalue
)) {
576 c
->oom_score_adjust_set
= false;
580 r
= parse_oom_score_adjust(rvalue
, &oa
);
583 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "OOM score adjust value out of range, ignoring: %s", rvalue
);
585 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse the OOM score adjust value '%s', ignoring: %m", rvalue
);
589 c
->oom_score_adjust
= oa
;
590 c
->oom_score_adjust_set
= true;
595 int config_parse_exec(
597 const char *filename
,
600 unsigned section_line
,
607 ExecCommand
**e
= data
;
608 const Unit
*u
= userdata
;
620 if (isempty(rvalue
)) {
621 /* An empty assignment resets the list */
622 *e
= exec_command_free_list(*e
);
628 _cleanup_free_
char *path
= NULL
, *firstword
= NULL
;
629 ExecCommandFlags flags
= 0;
630 bool ignore
= false, separate_argv0
= false;
631 _cleanup_free_ ExecCommand
*nce
= NULL
;
632 _cleanup_strv_free_
char **n
= NULL
;
633 size_t nlen
= 0, nbufsize
= 0;
638 r
= extract_first_word_and_warn(&p
, &firstword
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
644 /* We accept an absolute path as first argument. If it's prefixed with - and the path doesn't
645 * exist, we ignore it instead of erroring out; if it's prefixed with @, we allow overriding of
646 * argv[0]; if it's prefixed with :, we will not do environment variable substitution;
647 * if it's prefixed with +, it will be run with full privileges and no sandboxing; if
648 * it's prefixed with '!' we apply sandboxing, but do not change user/group credentials; if
649 * it's prefixed with '!!', then we apply user/group credentials if the kernel supports ambient
650 * capabilities -- if it doesn't we don't apply the credentials themselves, but do apply most
651 * other sandboxing, with some special exceptions for changing UID.
653 * The idea is that '!!' may be used to write services that can take benefit of systemd's
654 * UID/GID dropping if the kernel supports ambient creds, but provide an automatic fallback to
655 * privilege dropping within the daemon if the kernel does not offer that. */
657 if (*f
== '-' && !(flags
& EXEC_COMMAND_IGNORE_FAILURE
)) {
658 flags
|= EXEC_COMMAND_IGNORE_FAILURE
;
660 } else if (*f
== '@' && !separate_argv0
)
661 separate_argv0
= true;
662 else if (*f
== ':' && !(flags
& EXEC_COMMAND_NO_ENV_EXPAND
))
663 flags
|= EXEC_COMMAND_NO_ENV_EXPAND
;
664 else if (*f
== '+' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
665 flags
|= EXEC_COMMAND_FULLY_PRIVILEGED
;
666 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_NO_SETUID
|EXEC_COMMAND_AMBIENT_MAGIC
)))
667 flags
|= EXEC_COMMAND_NO_SETUID
;
668 else if (*f
== '!' && !(flags
& (EXEC_COMMAND_FULLY_PRIVILEGED
|EXEC_COMMAND_AMBIENT_MAGIC
))) {
669 flags
&= ~EXEC_COMMAND_NO_SETUID
;
670 flags
|= EXEC_COMMAND_AMBIENT_MAGIC
;
676 r
= unit_full_printf(u
, f
, &path
);
678 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
679 "Failed to resolve unit specifiers in '%s'%s: %m",
680 f
, ignore
? ", ignoring" : "");
681 return ignore
? 0 : -ENOEXEC
;
685 /* First word is either "-" or "@" with no command. */
686 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
687 "Empty path in command line%s: '%s'",
688 ignore
? ", ignoring" : "", rvalue
);
689 return ignore
? 0 : -ENOEXEC
;
691 if (!string_is_safe(path
)) {
692 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
693 "Executable name contains special characters%s: %s",
694 ignore
? ", ignoring" : "", path
);
695 return ignore
? 0 : -ENOEXEC
;
697 if (endswith(path
, "/")) {
698 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
699 "Executable path specifies a directory%s: %s",
700 ignore
? ", ignoring" : "", path
);
701 return ignore
? 0 : -ENOEXEC
;
704 if (!path_is_absolute(path
)) {
708 if (!filename_is_valid(path
)) {
709 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
710 "Neither a valid executable name nor an absolute path%s: %s",
711 ignore
? ", ignoring" : "", path
);
712 return ignore
? 0 : -ENOEXEC
;
715 /* Resolve a single-component name to a full path */
716 NULSTR_FOREACH(prefix
, DEFAULT_PATH_NULSTR
) {
717 _cleanup_free_
char *fullpath
= NULL
;
719 fullpath
= path_join(prefix
, path
);
723 if (access(fullpath
, F_OK
) >= 0) {
724 free_and_replace(path
, fullpath
);
731 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
732 "Executable \"%s\" not found in path \"%s\"%s",
733 path
, DEFAULT_PATH
, ignore
? ", ignoring" : "");
734 return ignore
? 0 : -ENOEXEC
;
738 if (!separate_argv0
) {
741 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
751 path_simplify(path
, false);
753 while (!isempty(p
)) {
754 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
756 /* Check explicitly for an unquoted semicolon as
757 * command separator token. */
758 if (p
[0] == ';' && (!p
[1] || strchr(WHITESPACE
, p
[1]))) {
760 p
+= strspn(p
, WHITESPACE
);
765 /* Check for \; explicitly, to not confuse it with \\; or "\;" or "\\;" etc.
766 * extract_first_word() would return the same for all of those. */
767 if (p
[0] == '\\' && p
[1] == ';' && (!p
[2] || strchr(WHITESPACE
, p
[2]))) {
771 p
+= strspn(p
, WHITESPACE
);
773 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
784 r
= extract_first_word_and_warn(&p
, &word
, NULL
, EXTRACT_UNQUOTE
|EXTRACT_CUNESCAPE
, unit
, filename
, line
, rvalue
);
788 return ignore
? 0 : -ENOEXEC
;
790 r
= unit_full_printf(u
, word
, &resolved
);
792 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
793 "Failed to resolve unit specifiers in %s%s: %m",
794 word
, ignore
? ", ignoring" : "");
795 return ignore
? 0 : -ENOEXEC
;
798 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
801 n
[nlen
++] = TAKE_PTR(resolved
);
806 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
807 "Empty executable name or zeroeth argument%s: %s",
808 ignore
? ", ignoring" : "", rvalue
);
809 return ignore
? 0 : -ENOEXEC
;
812 nce
= new0(ExecCommand
, 1);
816 nce
->argv
= TAKE_PTR(n
);
817 nce
->path
= TAKE_PTR(path
);
820 exec_command_append_list(e
, nce
);
822 /* Do not _cleanup_free_ these. */
831 int config_parse_socket_bindtodevice(
833 const char *filename
,
836 unsigned section_line
,
850 if (isempty(rvalue
) || streq(rvalue
, "*")) {
851 s
->bind_to_device
= mfree(s
->bind_to_device
);
855 if (!ifname_valid(rvalue
)) {
856 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid interface name, ignoring: %s", rvalue
);
860 if (free_and_strdup(&s
->bind_to_device
, rvalue
) < 0)
866 int config_parse_exec_input(
868 const char *filename
,
871 unsigned section_line
,
878 ExecContext
*c
= data
;
879 const Unit
*u
= userdata
;
889 n
= startswith(rvalue
, "fd:");
891 _cleanup_free_
char *resolved
= NULL
;
893 r
= unit_full_printf(u
, n
, &resolved
);
895 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
897 if (isempty(resolved
))
898 resolved
= mfree(resolved
);
899 else if (!fdname_is_valid(resolved
)) {
900 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
904 free_and_replace(c
->stdio_fdname
[STDIN_FILENO
], resolved
);
906 ei
= EXEC_INPUT_NAMED_FD
;
908 } else if ((n
= startswith(rvalue
, "file:"))) {
909 _cleanup_free_
char *resolved
= NULL
;
911 r
= unit_full_printf(u
, n
, &resolved
);
913 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", n
);
915 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
919 free_and_replace(c
->stdio_file
[STDIN_FILENO
], resolved
);
921 ei
= EXEC_INPUT_FILE
;
924 ei
= exec_input_from_string(rvalue
);
926 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse input specifier, ignoring: %s", rvalue
);
935 int config_parse_exec_input_text(
937 const char *filename
,
940 unsigned section_line
,
947 _cleanup_free_
char *unescaped
= NULL
, *resolved
= NULL
;
948 ExecContext
*c
= data
;
949 const Unit
*u
= userdata
;
959 if (isempty(rvalue
)) {
960 /* Reset if the empty string is assigned */
961 c
->stdin_data
= mfree(c
->stdin_data
);
962 c
->stdin_data_size
= 0;
966 r
= cunescape(rvalue
, 0, &unescaped
);
968 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode C escaped text '%s': %m", rvalue
);
970 r
= unit_full_printf(u
, unescaped
, &resolved
);
972 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s': %m", unescaped
);
974 sz
= strlen(resolved
);
975 if (c
->stdin_data_size
+ sz
+ 1 < c
->stdin_data_size
|| /* check for overflow */
976 c
->stdin_data_size
+ sz
+ 1 > EXEC_STDIN_DATA_MAX
) {
977 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
981 p
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
+ 1);
985 *((char*) mempcpy((char*) p
+ c
->stdin_data_size
, resolved
, sz
)) = '\n';
988 c
->stdin_data_size
+= sz
+ 1;
993 int config_parse_exec_input_data(
995 const char *filename
,
998 unsigned section_line
,
1005 _cleanup_free_
void *p
= NULL
;
1006 ExecContext
*c
= data
;
1016 if (isempty(rvalue
)) {
1017 /* Reset if the empty string is assigned */
1018 c
->stdin_data
= mfree(c
->stdin_data
);
1019 c
->stdin_data_size
= 0;
1023 r
= unbase64mem(rvalue
, (size_t) -1, &p
, &sz
);
1025 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to decode base64 data, ignoring: %s", rvalue
);
1029 if (c
->stdin_data_size
+ sz
< c
->stdin_data_size
|| /* check for overflow */
1030 c
->stdin_data_size
+ sz
> EXEC_STDIN_DATA_MAX
) {
1031 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard input data too large (%zu), maximum of %zu permitted, ignoring.", c
->stdin_data_size
+ sz
, (size_t) EXEC_STDIN_DATA_MAX
);
1035 q
= realloc(c
->stdin_data
, c
->stdin_data_size
+ sz
);
1039 memcpy((uint8_t*) q
+ c
->stdin_data_size
, p
, sz
);
1042 c
->stdin_data_size
+= sz
;
1047 int config_parse_exec_output(
1049 const char *filename
,
1051 const char *section
,
1052 unsigned section_line
,
1059 _cleanup_free_
char *resolved
= NULL
;
1061 ExecContext
*c
= data
;
1062 const Unit
*u
= userdata
;
1072 n
= startswith(rvalue
, "fd:");
1074 r
= unit_full_printf(u
, n
, &resolved
);
1076 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1078 if (isempty(resolved
))
1079 resolved
= mfree(resolved
);
1080 else if (!fdname_is_valid(resolved
)) {
1081 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name: %s", resolved
);
1085 eo
= EXEC_OUTPUT_NAMED_FD
;
1087 } else if ((n
= startswith(rvalue
, "file:"))) {
1089 r
= unit_full_printf(u
, n
, &resolved
);
1091 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1093 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1097 eo
= EXEC_OUTPUT_FILE
;
1099 } else if ((n
= startswith(rvalue
, "append:"))) {
1101 r
= unit_full_printf(u
, n
, &resolved
);
1103 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", n
);
1105 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
| PATH_CHECK_FATAL
, unit
, filename
, line
, lvalue
);
1109 eo
= EXEC_OUTPUT_FILE_APPEND
;
1111 eo
= exec_output_from_string(rvalue
);
1113 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output specifier, ignoring: %s", rvalue
);
1118 if (streq(lvalue
, "StandardOutput")) {
1119 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1120 free_and_replace(c
->stdio_fdname
[STDOUT_FILENO
], resolved
);
1122 free_and_replace(c
->stdio_file
[STDOUT_FILENO
], resolved
);
1127 assert(streq(lvalue
, "StandardError"));
1129 if (eo
== EXEC_OUTPUT_NAMED_FD
)
1130 free_and_replace(c
->stdio_fdname
[STDERR_FILENO
], resolved
);
1132 free_and_replace(c
->stdio_file
[STDERR_FILENO
], resolved
);
1140 int config_parse_exec_io_class(const char *unit
,
1141 const char *filename
,
1143 const char *section
,
1144 unsigned section_line
,
1151 ExecContext
*c
= data
;
1159 if (isempty(rvalue
)) {
1160 c
->ioprio_set
= false;
1161 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1165 x
= ioprio_class_from_string(rvalue
);
1167 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue
);
1171 c
->ioprio
= IOPRIO_PRIO_VALUE(x
, IOPRIO_PRIO_DATA(c
->ioprio
));
1172 c
->ioprio_set
= true;
1177 int config_parse_exec_io_priority(const char *unit
,
1178 const char *filename
,
1180 const char *section
,
1181 unsigned section_line
,
1188 ExecContext
*c
= data
;
1196 if (isempty(rvalue
)) {
1197 c
->ioprio_set
= false;
1198 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE
, 0);
1202 r
= ioprio_parse_priority(rvalue
, &i
);
1204 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse IO priority, ignoring: %s", rvalue
);
1208 c
->ioprio
= IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c
->ioprio
), i
);
1209 c
->ioprio_set
= true;
1214 int config_parse_exec_cpu_sched_policy(const char *unit
,
1215 const char *filename
,
1217 const char *section
,
1218 unsigned section_line
,
1225 ExecContext
*c
= data
;
1233 if (isempty(rvalue
)) {
1234 c
->cpu_sched_set
= false;
1235 c
->cpu_sched_policy
= SCHED_OTHER
;
1236 c
->cpu_sched_priority
= 0;
1240 x
= sched_policy_from_string(rvalue
);
1242 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue
);
1246 c
->cpu_sched_policy
= x
;
1247 /* Moving to or from real-time policy? We need to adjust the priority */
1248 c
->cpu_sched_priority
= CLAMP(c
->cpu_sched_priority
, sched_get_priority_min(x
), sched_get_priority_max(x
));
1249 c
->cpu_sched_set
= true;
1254 int config_parse_numa_mask(const char *unit
,
1255 const char *filename
,
1257 const char *section
,
1258 unsigned section_line
,
1265 NUMAPolicy
*p
= data
;
1272 r
= parse_cpu_set_extend(rvalue
, &p
->nodes
, true, unit
, filename
, line
, lvalue
);
1274 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse NUMA node mask, ignoring: %s", rvalue
);
1281 int config_parse_exec_cpu_sched_prio(const char *unit
,
1282 const char *filename
,
1284 const char *section
,
1285 unsigned section_line
,
1292 ExecContext
*c
= data
;
1300 r
= safe_atoi(rvalue
, &i
);
1302 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CPU scheduling priority, ignoring: %s", rvalue
);
1306 /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
1307 min
= sched_get_priority_min(c
->cpu_sched_policy
);
1308 max
= sched_get_priority_max(c
->cpu_sched_policy
);
1310 if (i
< min
|| i
> max
) {
1311 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue
);
1315 c
->cpu_sched_priority
= i
;
1316 c
->cpu_sched_set
= true;
1321 int config_parse_exec_cpu_affinity(const char *unit
,
1322 const char *filename
,
1324 const char *section
,
1325 unsigned section_line
,
1332 ExecContext
*c
= data
;
1339 return parse_cpu_set_extend(rvalue
, &c
->cpu_set
, true, unit
, filename
, line
, lvalue
);
1342 int config_parse_capability_set(
1344 const char *filename
,
1346 const char *section
,
1347 unsigned section_line
,
1354 uint64_t *capability_set
= data
;
1355 uint64_t sum
= 0, initial
= 0;
1356 bool invert
= false;
1364 if (rvalue
[0] == '~') {
1369 if (streq(lvalue
, "CapabilityBoundingSet"))
1370 initial
= CAP_ALL
; /* initialized to all bits on */
1371 /* else "AmbientCapabilities" initialized to all bits off */
1373 r
= capability_set_from_string(rvalue
, &sum
);
1375 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= specifier '%s', ignoring: %m", lvalue
, rvalue
);
1379 if (sum
== 0 || *capability_set
== initial
)
1380 /* "", "~" or uninitialized data -> replace */
1381 *capability_set
= invert
? ~sum
: sum
;
1383 /* previous data -> merge */
1385 *capability_set
&= ~sum
;
1387 *capability_set
|= sum
;
1393 int config_parse_exec_selinux_context(
1395 const char *filename
,
1397 const char *section
,
1398 unsigned section_line
,
1405 ExecContext
*c
= data
;
1406 const Unit
*u
= userdata
;
1416 if (isempty(rvalue
)) {
1417 c
->selinux_context
= mfree(c
->selinux_context
);
1418 c
->selinux_context_ignore
= false;
1422 if (rvalue
[0] == '-') {
1428 r
= unit_full_printf(u
, rvalue
, &k
);
1430 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1431 "Failed to resolve unit specifiers in '%s'%s: %m",
1432 rvalue
, ignore
? ", ignoring" : "");
1433 return ignore
? 0 : -ENOEXEC
;
1436 free_and_replace(c
->selinux_context
, k
);
1437 c
->selinux_context_ignore
= ignore
;
1442 int config_parse_exec_apparmor_profile(
1444 const char *filename
,
1446 const char *section
,
1447 unsigned section_line
,
1454 ExecContext
*c
= data
;
1455 const Unit
*u
= userdata
;
1465 if (isempty(rvalue
)) {
1466 c
->apparmor_profile
= mfree(c
->apparmor_profile
);
1467 c
->apparmor_profile_ignore
= false;
1471 if (rvalue
[0] == '-') {
1477 r
= unit_full_printf(u
, rvalue
, &k
);
1479 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1480 "Failed to resolve unit specifiers in '%s'%s: %m",
1481 rvalue
, ignore
? ", ignoring" : "");
1482 return ignore
? 0 : -ENOEXEC
;
1485 free_and_replace(c
->apparmor_profile
, k
);
1486 c
->apparmor_profile_ignore
= ignore
;
1491 int config_parse_exec_smack_process_label(
1493 const char *filename
,
1495 const char *section
,
1496 unsigned section_line
,
1503 ExecContext
*c
= data
;
1504 const Unit
*u
= userdata
;
1514 if (isempty(rvalue
)) {
1515 c
->smack_process_label
= mfree(c
->smack_process_label
);
1516 c
->smack_process_label_ignore
= false;
1520 if (rvalue
[0] == '-') {
1526 r
= unit_full_printf(u
, rvalue
, &k
);
1528 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
1529 "Failed to resolve unit specifiers in '%s'%s: %m",
1530 rvalue
, ignore
? ", ignoring" : "");
1531 return ignore
? 0 : -ENOEXEC
;
1534 free_and_replace(c
->smack_process_label
, k
);
1535 c
->smack_process_label_ignore
= ignore
;
1540 int config_parse_timer(
1542 const char *filename
,
1544 const char *section
,
1545 unsigned section_line
,
1552 _cleanup_(calendar_spec_freep
) CalendarSpec
*c
= NULL
;
1553 _cleanup_free_
char *k
= NULL
;
1554 const Unit
*u
= userdata
;
1565 if (isempty(rvalue
)) {
1566 /* Empty assignment resets list */
1567 timer_free_values(t
);
1571 r
= unit_full_printf(u
, rvalue
, &k
);
1573 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1577 if (ltype
== TIMER_CALENDAR
) {
1578 r
= calendar_spec_from_string(k
, &c
);
1580 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse calendar specification, ignoring: %s", k
);
1584 r
= parse_sec(k
, &usec
);
1586 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse timer value, ignoring: %s", k
);
1591 v
= new(TimerValue
, 1);
1598 .calendar_spec
= TAKE_PTR(c
),
1601 LIST_PREPEND(value
, t
->values
, v
);
1606 int config_parse_trigger_unit(
1608 const char *filename
,
1610 const char *section
,
1611 unsigned section_line
,
1618 _cleanup_free_
char *p
= NULL
;
1628 if (!hashmap_isempty(u
->dependencies
[UNIT_TRIGGERS
])) {
1629 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Multiple units to trigger specified, ignoring: %s", rvalue
);
1633 r
= unit_name_printf(u
, rvalue
, &p
);
1635 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1639 type
= unit_name_to_type(p
);
1641 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit type not valid, ignoring: %s", rvalue
);
1644 if (unit_has_name(u
, p
)) {
1645 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Units cannot trigger themselves, ignoring: %s", rvalue
);
1649 r
= unit_add_two_dependencies_by_name(u
, UNIT_BEFORE
, UNIT_TRIGGERS
, p
, true, UNIT_DEPENDENCY_FILE
);
1651 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add trigger on %s, ignoring: %m", p
);
1658 int config_parse_path_spec(const char *unit
,
1659 const char *filename
,
1661 const char *section
,
1662 unsigned section_line
,
1672 _cleanup_free_
char *k
= NULL
;
1680 if (isempty(rvalue
)) {
1681 /* Empty assignment clears list */
1686 b
= path_type_from_string(lvalue
);
1688 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse path type, ignoring: %s", lvalue
);
1692 r
= unit_full_printf(UNIT(p
), rvalue
, &k
);
1694 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1698 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
1702 s
= new0(PathSpec
, 1);
1707 s
->path
= TAKE_PTR(k
);
1711 LIST_PREPEND(spec
, p
->specs
, s
);
1716 int config_parse_socket_service(
1718 const char *filename
,
1720 const char *section
,
1721 unsigned section_line
,
1728 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1729 _cleanup_free_
char *p
= NULL
;
1739 r
= unit_name_printf(UNIT(s
), rvalue
, &p
);
1741 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
1745 if (!endswith(p
, ".service")) {
1746 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type service: %s", rvalue
);
1750 r
= manager_load_unit(UNIT(s
)->manager
, p
, NULL
, &error
, &x
);
1752 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load unit %s: %s", rvalue
, bus_error_message(&error
, r
));
1756 unit_ref_set(&s
->service
, UNIT(s
), x
);
1761 int config_parse_fdname(
1763 const char *filename
,
1765 const char *section
,
1766 unsigned section_line
,
1773 _cleanup_free_
char *p
= NULL
;
1782 if (isempty(rvalue
)) {
1783 s
->fdname
= mfree(s
->fdname
);
1787 r
= unit_full_printf(UNIT(s
), rvalue
, &p
);
1789 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
1793 if (!fdname_is_valid(p
)) {
1794 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid file descriptor name, ignoring: %s", p
);
1798 return free_and_replace(s
->fdname
, p
);
1801 int config_parse_service_sockets(
1803 const char *filename
,
1805 const char *section
,
1806 unsigned section_line
,
1824 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
1826 r
= extract_first_word(&p
, &word
, NULL
, 0);
1832 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Trailing garbage in sockets, ignoring: %s", rvalue
);
1836 r
= unit_name_printf(UNIT(s
), word
, &k
);
1838 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
1842 if (!endswith(k
, ".socket")) {
1843 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Unit must be of type socket, ignoring: %s", k
);
1847 r
= unit_add_two_dependencies_by_name(UNIT(s
), UNIT_WANTS
, UNIT_AFTER
, k
, true, UNIT_DEPENDENCY_FILE
);
1849 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1851 r
= unit_add_dependency_by_name(UNIT(s
), UNIT_TRIGGERED_BY
, k
, true, UNIT_DEPENDENCY_FILE
);
1853 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add dependency on %s, ignoring: %m", k
);
1859 int config_parse_bus_name(
1861 const char *filename
,
1863 const char *section
,
1864 unsigned section_line
,
1871 _cleanup_free_
char *k
= NULL
;
1872 const Unit
*u
= userdata
;
1880 r
= unit_full_printf(u
, rvalue
, &k
);
1882 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
1886 if (!service_name_is_valid(k
)) {
1887 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid bus name, ignoring: %s", k
);
1891 return config_parse_string(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, k
, data
, userdata
);
1894 int config_parse_service_timeout(
1896 const char *filename
,
1898 const char *section
,
1899 unsigned section_line
,
1906 Service
*s
= userdata
;
1915 /* This is called for two cases: TimeoutSec= and TimeoutStartSec=. */
1917 /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
1918 * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
1919 * all other timeouts. */
1920 r
= parse_sec_fix_0(rvalue
, &usec
);
1922 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
1926 s
->start_timeout_defined
= true;
1927 s
->timeout_start_usec
= usec
;
1929 if (streq(lvalue
, "TimeoutSec"))
1930 s
->timeout_stop_usec
= usec
;
1935 int config_parse_timeout_abort(
1937 const char *filename
,
1939 const char *section
,
1940 unsigned section_line
,
1955 /* Note: apart from setting the arg, this returns an extra bit of information in the return value. */
1957 if (isempty(rvalue
)) {
1959 return 0; /* "not set" */
1962 r
= parse_sec(rvalue
, ret
);
1964 return log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= setting, ignoring: %s", lvalue
, rvalue
);
1966 return 1; /* "set" */
1969 int config_parse_service_timeout_abort(
1971 const char *filename
,
1973 const char *section
,
1974 unsigned section_line
,
1981 Service
*s
= userdata
;
1986 r
= config_parse_timeout_abort(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
, rvalue
,
1987 &s
->timeout_abort_usec
, s
);
1989 s
->timeout_abort_set
= r
;
1993 int config_parse_sec_fix_0(
1995 const char *filename
,
1997 const char *section
,
1998 unsigned section_line
,
2005 usec_t
*usec
= data
;
2013 /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
2014 * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
2017 r
= parse_sec_fix_0(rvalue
, usec
);
2019 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s= parameter, ignoring: %s", lvalue
, rvalue
);
2026 int config_parse_user_group_compat(
2028 const char *filename
,
2030 const char *section
,
2031 unsigned section_line
,
2038 _cleanup_free_
char *k
= NULL
;
2040 const Unit
*u
= userdata
;
2048 if (isempty(rvalue
)) {
2049 *user
= mfree(*user
);
2053 r
= unit_full_printf(u
, rvalue
, &k
);
2055 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", rvalue
);
2059 if (!valid_user_group_name_or_id_compat(k
)) {
2060 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2064 return free_and_replace(*user
, k
);
2067 int config_parse_user_group_strv_compat(
2069 const char *filename
,
2071 const char *section
,
2072 unsigned section_line
,
2079 char ***users
= data
;
2080 const Unit
*u
= userdata
;
2081 const char *p
= rvalue
;
2089 if (isempty(rvalue
)) {
2090 *users
= strv_free(*users
);
2095 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2097 r
= extract_first_word(&p
, &word
, NULL
, 0);
2103 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax: %s", rvalue
);
2107 r
= unit_full_printf(u
, word
, &k
);
2109 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", word
);
2113 if (!valid_user_group_name_or_id_compat(k
)) {
2114 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid user/group name or numeric ID: %s", k
);
2118 r
= strv_push(users
, k
);
2128 int config_parse_working_directory(
2130 const char *filename
,
2132 const char *section
,
2133 unsigned section_line
,
2140 ExecContext
*c
= data
;
2141 const Unit
*u
= userdata
;
2151 if (isempty(rvalue
)) {
2152 c
->working_directory_home
= false;
2153 c
->working_directory
= mfree(c
->working_directory
);
2157 if (rvalue
[0] == '-') {
2163 if (streq(rvalue
, "~")) {
2164 c
->working_directory_home
= true;
2165 c
->working_directory
= mfree(c
->working_directory
);
2167 _cleanup_free_
char *k
= NULL
;
2169 r
= unit_full_printf(u
, rvalue
, &k
);
2171 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2172 "Failed to resolve unit specifiers in working directory path '%s'%s: %m",
2173 rvalue
, missing_ok
? ", ignoring" : "");
2174 return missing_ok
? 0 : -ENOEXEC
;
2177 r
= path_simplify_and_warn(k
, PATH_CHECK_ABSOLUTE
| (missing_ok
? 0 : PATH_CHECK_FATAL
), unit
, filename
, line
, lvalue
);
2179 return missing_ok
? 0 : -ENOEXEC
;
2181 c
->working_directory_home
= false;
2182 free_and_replace(c
->working_directory
, k
);
2185 c
->working_directory_missing_ok
= missing_ok
;
2189 int config_parse_unit_env_file(const char *unit
,
2190 const char *filename
,
2192 const char *section
,
2193 unsigned section_line
,
2201 const Unit
*u
= userdata
;
2202 _cleanup_free_
char *n
= NULL
;
2210 if (isempty(rvalue
)) {
2211 /* Empty assignment frees the list */
2212 *env
= strv_free(*env
);
2216 r
= unit_full_printf(u
, rvalue
, &n
);
2218 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2222 r
= path_simplify_and_warn(n
[0] == '-' ? n
+ 1 : n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2226 r
= strv_push(env
, n
);
2235 int config_parse_environ(
2237 const char *filename
,
2239 const char *section
,
2240 unsigned section_line
,
2247 const Unit
*u
= userdata
;
2257 if (isempty(rvalue
)) {
2258 /* Empty assignment resets the list */
2259 *env
= strv_free(*env
);
2263 for (p
= rvalue
;; ) {
2264 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2266 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2272 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2273 "Invalid syntax, ignoring: %s", rvalue
);
2278 r
= unit_full_printf(u
, word
, &k
);
2280 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2281 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2287 if (!env_assignment_is_valid(k
)) {
2288 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2289 "Invalid environment assignment, ignoring: %s", k
);
2293 r
= strv_env_replace(env
, k
);
2301 int config_parse_pass_environ(
2303 const char *filename
,
2305 const char *section
,
2306 unsigned section_line
,
2313 _cleanup_strv_free_
char **n
= NULL
;
2314 size_t nlen
= 0, nbufsize
= 0;
2315 char*** passenv
= data
;
2316 const char *p
= rvalue
;
2317 const Unit
*u
= userdata
;
2325 if (isempty(rvalue
)) {
2326 /* Empty assignment resets the list */
2327 *passenv
= strv_free(*passenv
);
2332 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2334 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2340 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2341 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2346 r
= unit_full_printf(u
, word
, &k
);
2348 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2349 "Failed to resolve specifiers in %s, ignoring: %m", word
);
2355 if (!env_name_is_valid(k
)) {
2356 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2357 "Invalid environment name for %s, ignoring: %s", lvalue
, k
);
2361 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2364 n
[nlen
++] = TAKE_PTR(k
);
2369 r
= strv_extend_strv(passenv
, n
, true);
2377 int config_parse_unset_environ(
2379 const char *filename
,
2381 const char *section
,
2382 unsigned section_line
,
2389 _cleanup_strv_free_
char **n
= NULL
;
2390 size_t nlen
= 0, nbufsize
= 0;
2391 char*** unsetenv
= data
;
2392 const char *p
= rvalue
;
2393 const Unit
*u
= userdata
;
2401 if (isempty(rvalue
)) {
2402 /* Empty assignment resets the list */
2403 *unsetenv
= strv_free(*unsetenv
);
2408 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2410 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2416 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2417 "Trailing garbage in %s, ignoring: %s", lvalue
, rvalue
);
2422 r
= unit_full_printf(u
, word
, &k
);
2424 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2425 "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2431 if (!env_assignment_is_valid(k
) && !env_name_is_valid(k
)) {
2432 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
2433 "Invalid environment name or assignment %s, ignoring: %s", lvalue
, k
);
2437 if (!GREEDY_REALLOC(n
, nbufsize
, nlen
+ 2))
2440 n
[nlen
++] = TAKE_PTR(k
);
2445 r
= strv_extend_strv(unsetenv
, n
, true);
2453 int config_parse_log_extra_fields(
2455 const char *filename
,
2457 const char *section
,
2458 unsigned section_line
,
2465 ExecContext
*c
= data
;
2466 const Unit
*u
= userdata
;
2467 const char *p
= rvalue
;
2475 if (isempty(rvalue
)) {
2476 exec_context_free_log_extra_fields(c
);
2481 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
2485 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_CUNESCAPE
|EXTRACT_UNQUOTE
);
2491 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2495 r
= unit_full_printf(u
, word
, &k
);
2497 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", word
);
2501 eq
= strchr(k
, '=');
2503 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field lacks '=' character, ignoring: %s", k
);
2507 if (!journal_field_valid(k
, eq
-k
, false)) {
2508 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Log field name is invalid, ignoring: %s", k
);
2512 t
= reallocarray(c
->log_extra_fields
, c
->n_log_extra_fields
+1, sizeof(struct iovec
));
2516 c
->log_extra_fields
= t
;
2517 c
->log_extra_fields
[c
->n_log_extra_fields
++] = IOVEC_MAKE_STRING(k
);
2523 int config_parse_log_namespace(
2525 const char *filename
,
2527 const char *section
,
2528 unsigned section_line
,
2535 _cleanup_free_
char *k
= NULL
;
2536 ExecContext
*c
= data
;
2537 const Unit
*u
= userdata
;
2545 if (isempty(rvalue
)) {
2546 c
->log_namespace
= mfree(c
->log_namespace
);
2550 r
= unit_full_printf(u
, rvalue
, &k
);
2552 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2556 if (!log_namespace_name_valid(k
)) {
2557 log_syntax(unit
, LOG_ERR
, filename
, line
, SYNTHETIC_ERRNO(EINVAL
), "Specified log namespace name is not valid: %s", k
);
2561 free_and_replace(c
->log_namespace
, k
);
2565 int config_parse_unit_condition_path(
2567 const char *filename
,
2569 const char *section
,
2570 unsigned section_line
,
2577 _cleanup_free_
char *p
= NULL
;
2578 Condition
**list
= data
, *c
;
2579 ConditionType t
= ltype
;
2580 bool trigger
, negate
;
2581 const Unit
*u
= userdata
;
2589 if (isempty(rvalue
)) {
2590 /* Empty assignment resets the list */
2591 *list
= condition_free_list(*list
);
2595 trigger
= rvalue
[0] == '|';
2599 negate
= rvalue
[0] == '!';
2603 r
= unit_full_printf(u
, rvalue
, &p
);
2605 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
2609 r
= path_simplify_and_warn(p
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2613 c
= condition_new(t
, p
, trigger
, negate
);
2617 LIST_PREPEND(conditions
, *list
, c
);
2621 int config_parse_unit_condition_string(
2623 const char *filename
,
2625 const char *section
,
2626 unsigned section_line
,
2633 _cleanup_free_
char *s
= NULL
;
2634 Condition
**list
= data
, *c
;
2635 ConditionType t
= ltype
;
2636 bool trigger
, negate
;
2637 const Unit
*u
= userdata
;
2645 if (isempty(rvalue
)) {
2646 /* Empty assignment resets the list */
2647 *list
= condition_free_list(*list
);
2651 trigger
= *rvalue
== '|';
2653 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
2655 negate
= *rvalue
== '!';
2657 rvalue
+= 1 + strspn(rvalue
+ 1, WHITESPACE
);
2659 r
= unit_full_printf(u
, rvalue
, &s
);
2661 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2662 "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
2666 c
= condition_new(t
, s
, trigger
, negate
);
2670 LIST_PREPEND(conditions
, *list
, c
);
2674 int config_parse_unit_condition_null(
2676 const char *filename
,
2678 const char *section
,
2679 unsigned section_line
,
2686 Condition
**list
= data
, *c
;
2687 bool trigger
, negate
;
2695 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0, "%s= is deprecated, please do not use.", lvalue
);
2697 if (isempty(rvalue
)) {
2698 /* Empty assignment resets the list */
2699 *list
= condition_free_list(*list
);
2703 trigger
= rvalue
[0] == '|';
2707 negate
= rvalue
[0] == '!';
2711 b
= parse_boolean(rvalue
);
2713 log_syntax(unit
, LOG_ERR
, filename
, line
, b
, "Failed to parse boolean value in condition, ignoring: %s", rvalue
);
2720 c
= condition_new(CONDITION_NULL
, NULL
, trigger
, negate
);
2724 LIST_PREPEND(conditions
, *list
, c
);
2728 int config_parse_unit_requires_mounts_for(
2730 const char *filename
,
2732 const char *section
,
2733 unsigned section_line
,
2740 const char *p
= rvalue
;
2750 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
;
2752 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2758 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2759 "Invalid syntax, ignoring: %s", rvalue
);
2763 r
= unit_full_printf(u
, word
, &resolved
);
2765 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", word
);
2769 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
2773 r
= unit_require_mounts_for(u
, resolved
, UNIT_DEPENDENCY_FILE
);
2775 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to add required mount '%s', ignoring: %m", resolved
);
2781 int config_parse_documentation(const char *unit
,
2782 const char *filename
,
2784 const char *section
,
2785 unsigned section_line
,
2801 if (isempty(rvalue
)) {
2802 /* Empty assignment resets the list */
2803 u
->documentation
= strv_free(u
->documentation
);
2807 r
= config_parse_unit_strv_printf(unit
, filename
, line
, section
, section_line
, lvalue
, ltype
,
2808 rvalue
, data
, userdata
);
2812 for (a
= b
= u
->documentation
; a
&& *a
; a
++) {
2814 if (documentation_url_is_valid(*a
))
2817 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid URL, ignoring: %s", *a
);
2828 int config_parse_syscall_filter(
2830 const char *filename
,
2832 const char *section
,
2833 unsigned section_line
,
2840 ExecContext
*c
= data
;
2841 const Unit
*u
= userdata
;
2842 bool invert
= false;
2851 if (isempty(rvalue
)) {
2852 /* Empty assignment resets the list */
2853 c
->syscall_filter
= hashmap_free(c
->syscall_filter
);
2854 c
->syscall_whitelist
= false;
2858 if (rvalue
[0] == '~') {
2863 if (!c
->syscall_filter
) {
2864 c
->syscall_filter
= hashmap_new(NULL
);
2865 if (!c
->syscall_filter
)
2869 /* Allow everything but the ones listed */
2870 c
->syscall_whitelist
= false;
2872 /* Allow nothing but the ones listed */
2873 c
->syscall_whitelist
= true;
2875 /* Accept default syscalls if we are on a whitelist */
2876 r
= seccomp_parse_syscall_filter(
2877 "@default", -1, c
->syscall_filter
,
2878 SECCOMP_PARSE_PERMISSIVE
|SECCOMP_PARSE_WHITELIST
,
2888 _cleanup_free_
char *word
= NULL
, *name
= NULL
;
2891 r
= extract_first_word(&p
, &word
, NULL
, 0);
2897 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
2901 r
= parse_syscall_and_errno(word
, &name
, &num
);
2903 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
, "Failed to parse syscall:errno, ignoring: %s", word
);
2907 r
= seccomp_parse_syscall_filter(
2908 name
, num
, c
->syscall_filter
,
2909 SECCOMP_PARSE_LOG
|SECCOMP_PARSE_PERMISSIVE
|
2910 (invert
? SECCOMP_PARSE_INVERT
: 0)|
2911 (c
->syscall_whitelist
? SECCOMP_PARSE_WHITELIST
: 0),
2912 unit
, filename
, line
);
2918 int config_parse_syscall_archs(
2920 const char *filename
,
2922 const char *section
,
2923 unsigned section_line
,
2930 const char *p
= rvalue
;
2934 if (isempty(rvalue
)) {
2935 *archs
= set_free(*archs
);
2939 r
= set_ensure_allocated(archs
, NULL
);
2944 _cleanup_free_
char *word
= NULL
;
2947 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
2953 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
2954 "Invalid syntax, ignoring: %s", rvalue
);
2958 r
= seccomp_arch_from_string(word
, &a
);
2960 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
2961 "Failed to parse system call architecture \"%s\", ignoring: %m", word
);
2965 r
= set_put(*archs
, UINT32_TO_PTR(a
+ 1));
2971 int config_parse_syscall_errno(
2973 const char *filename
,
2975 const char *section
,
2976 unsigned section_line
,
2983 ExecContext
*c
= data
;
2990 if (isempty(rvalue
)) {
2991 /* Empty assignment resets to KILL */
2992 c
->syscall_errno
= 0;
2996 e
= parse_errno(rvalue
);
2998 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse error number, ignoring: %s", rvalue
);
3002 c
->syscall_errno
= e
;
3006 int config_parse_address_families(
3008 const char *filename
,
3010 const char *section
,
3011 unsigned section_line
,
3018 ExecContext
*c
= data
;
3019 bool invert
= false;
3027 if (isempty(rvalue
)) {
3028 /* Empty assignment resets the list */
3029 c
->address_families
= set_free(c
->address_families
);
3030 c
->address_families_whitelist
= false;
3034 if (rvalue
[0] == '~') {
3039 if (!c
->address_families
) {
3040 c
->address_families
= set_new(NULL
);
3041 if (!c
->address_families
)
3044 c
->address_families_whitelist
= !invert
;
3047 for (p
= rvalue
;;) {
3048 _cleanup_free_
char *word
= NULL
;
3051 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3057 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3058 "Invalid syntax, ignoring: %s", rvalue
);
3062 af
= af_from_name(word
);
3064 log_syntax(unit
, LOG_ERR
, filename
, line
, af
,
3065 "Failed to parse address family, ignoring: %s", word
);
3069 /* If we previously wanted to forbid an address family and now
3070 * we want to allow it, then just remove it from the list.
3072 if (!invert
== c
->address_families_whitelist
) {
3073 r
= set_put(c
->address_families
, INT_TO_PTR(af
));
3077 set_remove(c
->address_families
, INT_TO_PTR(af
));
3081 int config_parse_restrict_namespaces(
3083 const char *filename
,
3085 const char *section
,
3086 unsigned section_line
,
3093 ExecContext
*c
= data
;
3094 unsigned long flags
;
3095 bool invert
= false;
3098 if (isempty(rvalue
)) {
3099 /* Reset to the default. */
3100 c
->restrict_namespaces
= NAMESPACE_FLAGS_INITIAL
;
3104 /* Boolean parameter ignores the previous settings */
3105 r
= parse_boolean(rvalue
);
3107 c
->restrict_namespaces
= 0;
3109 } else if (r
== 0) {
3110 c
->restrict_namespaces
= NAMESPACE_FLAGS_ALL
;
3114 if (rvalue
[0] == '~') {
3119 /* Not a boolean argument, in this case it's a list of namespace types. */
3120 r
= namespace_flags_from_string(rvalue
, &flags
);
3122 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse namespace type string, ignoring: %s", rvalue
);
3126 if (c
->restrict_namespaces
== NAMESPACE_FLAGS_INITIAL
)
3127 /* Initial assignment. Just set the value. */
3128 c
->restrict_namespaces
= invert
? (~flags
) & NAMESPACE_FLAGS_ALL
: flags
;
3130 /* Merge the value with the previous one. */
3131 SET_FLAG(c
->restrict_namespaces
, flags
, !invert
);
3137 int config_parse_unit_slice(
3139 const char *filename
,
3141 const char *section
,
3142 unsigned section_line
,
3149 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
3150 _cleanup_free_
char *k
= NULL
;
3151 Unit
*u
= userdata
, *slice
;
3159 r
= unit_name_printf(u
, rvalue
, &k
);
3161 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue
);
3165 r
= manager_load_unit(u
->manager
, k
, NULL
, &error
, &slice
);
3167 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to load slice unit %s, ignoring: %s", k
, bus_error_message(&error
, r
));
3171 r
= unit_set_slice(u
, slice
);
3173 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to assign slice %s to unit %s, ignoring: %m", slice
->id
, u
->id
);
3180 int config_parse_cpu_quota(
3182 const char *filename
,
3184 const char *section
,
3185 unsigned section_line
,
3192 CGroupContext
*c
= data
;
3199 if (isempty(rvalue
)) {
3200 c
->cpu_quota_per_sec_usec
= USEC_INFINITY
;
3204 r
= parse_permille_unbounded(rvalue
);
3206 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid CPU quota '%s', ignoring.", rvalue
);
3210 c
->cpu_quota_per_sec_usec
= ((usec_t
) r
* USEC_PER_SEC
) / 1000U;
3214 int config_parse_allowed_cpus(
3216 const char *filename
,
3218 const char *section
,
3219 unsigned section_line
,
3226 CGroupContext
*c
= data
;
3228 (void) parse_cpu_set_extend(rvalue
, &c
->cpuset_cpus
, true, unit
, filename
, line
, lvalue
);
3233 int config_parse_allowed_mems(
3235 const char *filename
,
3237 const char *section
,
3238 unsigned section_line
,
3245 CGroupContext
*c
= data
;
3247 (void) parse_cpu_set_extend(rvalue
, &c
->cpuset_mems
, true, unit
, filename
, line
, lvalue
);
3252 int config_parse_memory_limit(
3254 const char *filename
,
3256 const char *section
,
3257 unsigned section_line
,
3264 CGroupContext
*c
= data
;
3265 uint64_t bytes
= CGROUP_LIMIT_MAX
;
3268 if (!isempty(rvalue
) && !streq(rvalue
, "infinity")) {
3270 r
= parse_permille(rvalue
);
3272 r
= parse_size(rvalue
, 1024, &bytes
);
3274 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid memory limit '%s', ignoring: %m", rvalue
);
3278 bytes
= physical_memory_scale(r
, 1000U);
3280 if (bytes
>= UINT64_MAX
||
3281 (bytes
<= 0 && !STR_IN_SET(lvalue
, "MemorySwapMax", "MemoryLow", "MemoryMin", "DefaultMemoryLow", "DefaultMemoryMin"))) {
3282 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Memory limit '%s' out of range, ignoring.", rvalue
);
3287 if (streq(lvalue
, "DefaultMemoryLow")) {
3288 c
->default_memory_low_set
= true;
3289 if (isempty(rvalue
))
3290 c
->default_memory_low
= CGROUP_LIMIT_MIN
;
3292 c
->default_memory_low
= bytes
;
3293 } else if (streq(lvalue
, "DefaultMemoryMin")) {
3294 c
->default_memory_min_set
= true;
3295 if (isempty(rvalue
))
3296 c
->default_memory_min
= CGROUP_LIMIT_MIN
;
3298 c
->default_memory_min
= bytes
;
3299 } else if (streq(lvalue
, "MemoryMin")) {
3300 c
->memory_min
= bytes
;
3301 c
->memory_min_set
= true;
3302 } else if (streq(lvalue
, "MemoryLow")) {
3303 c
->memory_low
= bytes
;
3304 c
->memory_low_set
= true;
3305 } else if (streq(lvalue
, "MemoryHigh"))
3306 c
->memory_high
= bytes
;
3307 else if (streq(lvalue
, "MemoryMax"))
3308 c
->memory_max
= bytes
;
3309 else if (streq(lvalue
, "MemorySwapMax"))
3310 c
->memory_swap_max
= bytes
;
3311 else if (streq(lvalue
, "MemoryLimit"))
3312 c
->memory_limit
= bytes
;
3319 int config_parse_tasks_max(
3321 const char *filename
,
3323 const char *section
,
3324 unsigned section_line
,
3331 const Unit
*u
= userdata
;
3332 TasksMax
*tasks_max
= data
;
3336 if (isempty(rvalue
)) {
3337 *tasks_max
= u
? u
->manager
->default_tasks_max
: TASKS_MAX_UNSET
;
3341 if (streq(rvalue
, "infinity")) {
3342 *tasks_max
= TASKS_MAX_UNSET
;
3346 r
= parse_permille(rvalue
);
3348 *tasks_max
= (TasksMax
) { r
, 1000U }; /* r‰ */
3350 r
= safe_atou64(rvalue
, &v
);
3352 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid maximum tasks value '%s', ignoring: %m", rvalue
);
3356 if (v
<= 0 || v
>= UINT64_MAX
) {
3357 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Maximum tasks value '%s' out of range, ignoring.", rvalue
);
3361 *tasks_max
= (TasksMax
) { v
};
3367 int config_parse_delegate(
3369 const char *filename
,
3371 const char *section
,
3372 unsigned section_line
,
3379 CGroupContext
*c
= data
;
3383 t
= unit_name_to_type(unit
);
3384 assert(t
!= _UNIT_TYPE_INVALID
);
3386 if (!unit_vtable
[t
]->can_delegate
) {
3387 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Delegate= setting not supported for this unit type, ignoring.");
3391 /* We either accept a boolean value, which may be used to turn on delegation for all controllers, or turn it
3392 * off for all. Or it takes a list of controller names, in which case we add the specified controllers to the
3393 * mask to delegate. */
3395 if (isempty(rvalue
)) {
3396 /* An empty string resets controllers and set Delegate=yes. */
3398 c
->delegate_controllers
= 0;
3402 r
= parse_boolean(rvalue
);
3404 const char *p
= rvalue
;
3405 CGroupMask mask
= 0;
3408 _cleanup_free_
char *word
= NULL
;
3409 CGroupController cc
;
3411 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3417 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid syntax, ignoring: %s", rvalue
);
3421 cc
= cgroup_controller_from_string(word
);
3423 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid controller name '%s', ignoring", word
);
3427 mask
|= CGROUP_CONTROLLER_TO_MASK(cc
);
3431 c
->delegate_controllers
|= mask
;
3435 c
->delegate_controllers
= _CGROUP_MASK_ALL
;
3437 c
->delegate
= false;
3438 c
->delegate_controllers
= 0;
3444 int config_parse_device_allow(
3446 const char *filename
,
3448 const char *section
,
3449 unsigned section_line
,
3456 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3457 CGroupContext
*c
= data
;
3458 const char *p
= rvalue
;
3461 if (isempty(rvalue
)) {
3462 while (c
->device_allow
)
3463 cgroup_context_free_device_allow(c
, c
->device_allow
);
3468 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3472 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3473 "Invalid syntax, ignoring: %s", rvalue
);
3477 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3478 "Failed to extract device path and rights from '%s', ignoring.", rvalue
);
3482 r
= unit_full_printf(userdata
, path
, &resolved
);
3484 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3485 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3489 if (!STARTSWITH_SET(resolved
, "block-", "char-")) {
3491 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3495 if (!valid_device_node_path(resolved
)) {
3496 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device node path '%s', ignoring.", resolved
);
3501 if (!isempty(p
) && !in_charset(p
, "rwm")) {
3502 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid device rights '%s', ignoring.", p
);
3506 return cgroup_add_device_allow(c
, resolved
, p
);
3509 int config_parse_io_device_weight(
3511 const char *filename
,
3513 const char *section
,
3514 unsigned section_line
,
3521 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3522 CGroupIODeviceWeight
*w
;
3523 CGroupContext
*c
= data
;
3524 const char *p
= rvalue
;
3532 if (isempty(rvalue
)) {
3533 while (c
->io_device_weights
)
3534 cgroup_context_free_io_device_weight(c
, c
->io_device_weights
);
3539 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3543 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3544 "Invalid syntax, ignoring: %s", rvalue
);
3547 if (r
== 0 || isempty(p
)) {
3548 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3549 "Failed to extract device path and weight from '%s', ignoring.", rvalue
);
3553 r
= unit_full_printf(userdata
, path
, &resolved
);
3555 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3556 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3560 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3564 r
= cg_weight_parse(p
, &u
);
3566 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "IO weight '%s' invalid, ignoring: %m", p
);
3570 assert(u
!= CGROUP_WEIGHT_INVALID
);
3572 w
= new0(CGroupIODeviceWeight
, 1);
3576 w
->path
= TAKE_PTR(resolved
);
3579 LIST_PREPEND(device_weights
, c
->io_device_weights
, w
);
3583 int config_parse_io_device_latency(
3585 const char *filename
,
3587 const char *section
,
3588 unsigned section_line
,
3595 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3596 CGroupIODeviceLatency
*l
;
3597 CGroupContext
*c
= data
;
3598 const char *p
= rvalue
;
3606 if (isempty(rvalue
)) {
3607 while (c
->io_device_latencies
)
3608 cgroup_context_free_io_device_latency(c
, c
->io_device_latencies
);
3613 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3617 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3618 "Invalid syntax, ignoring: %s", rvalue
);
3621 if (r
== 0 || isempty(p
)) {
3622 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3623 "Failed to extract device path and latency from '%s', ignoring.", rvalue
);
3627 r
= unit_full_printf(userdata
, path
, &resolved
);
3629 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3630 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3634 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3638 if (parse_sec(p
, &usec
) < 0) {
3639 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse timer value, ignoring: %s", p
);
3643 l
= new0(CGroupIODeviceLatency
, 1);
3647 l
->path
= TAKE_PTR(resolved
);
3648 l
->target_usec
= usec
;
3650 LIST_PREPEND(device_latencies
, c
->io_device_latencies
, l
);
3654 int config_parse_io_limit(
3656 const char *filename
,
3658 const char *section
,
3659 unsigned section_line
,
3666 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3667 CGroupIODeviceLimit
*l
= NULL
, *t
;
3668 CGroupContext
*c
= data
;
3669 CGroupIOLimitType type
;
3670 const char *p
= rvalue
;
3678 type
= cgroup_io_limit_type_from_string(lvalue
);
3681 if (isempty(rvalue
)) {
3682 LIST_FOREACH(device_limits
, l
, c
->io_device_limits
)
3683 l
->limits
[type
] = cgroup_io_limit_defaults
[type
];
3687 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3691 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3692 "Invalid syntax, ignoring: %s", rvalue
);
3695 if (r
== 0 || isempty(p
)) {
3696 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3697 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3701 r
= unit_full_printf(userdata
, path
, &resolved
);
3703 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3704 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3708 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3712 if (streq("infinity", p
))
3713 num
= CGROUP_LIMIT_MAX
;
3715 r
= parse_size(p
, 1000, &num
);
3716 if (r
< 0 || num
<= 0) {
3717 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid IO limit '%s', ignoring.", p
);
3722 LIST_FOREACH(device_limits
, t
, c
->io_device_limits
) {
3723 if (path_equal(resolved
, t
->path
)) {
3730 CGroupIOLimitType ttype
;
3732 l
= new0(CGroupIODeviceLimit
, 1);
3736 l
->path
= TAKE_PTR(resolved
);
3737 for (ttype
= 0; ttype
< _CGROUP_IO_LIMIT_TYPE_MAX
; ttype
++)
3738 l
->limits
[ttype
] = cgroup_io_limit_defaults
[ttype
];
3740 LIST_PREPEND(device_limits
, c
->io_device_limits
, l
);
3743 l
->limits
[type
] = num
;
3748 int config_parse_blockio_device_weight(
3750 const char *filename
,
3752 const char *section
,
3753 unsigned section_line
,
3760 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3761 CGroupBlockIODeviceWeight
*w
;
3762 CGroupContext
*c
= data
;
3763 const char *p
= rvalue
;
3771 if (isempty(rvalue
)) {
3772 while (c
->blockio_device_weights
)
3773 cgroup_context_free_blockio_device_weight(c
, c
->blockio_device_weights
);
3778 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3782 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3783 "Invalid syntax, ignoring: %s", rvalue
);
3786 if (r
== 0 || isempty(p
)) {
3787 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3788 "Failed to extract device node and weight from '%s', ignoring.", rvalue
);
3792 r
= unit_full_printf(userdata
, path
, &resolved
);
3794 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3795 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3799 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3803 r
= cg_blkio_weight_parse(p
, &u
);
3805 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid block IO weight '%s', ignoring: %m", p
);
3809 assert(u
!= CGROUP_BLKIO_WEIGHT_INVALID
);
3811 w
= new0(CGroupBlockIODeviceWeight
, 1);
3815 w
->path
= TAKE_PTR(resolved
);
3818 LIST_PREPEND(device_weights
, c
->blockio_device_weights
, w
);
3822 int config_parse_blockio_bandwidth(
3824 const char *filename
,
3826 const char *section
,
3827 unsigned section_line
,
3834 _cleanup_free_
char *path
= NULL
, *resolved
= NULL
;
3835 CGroupBlockIODeviceBandwidth
*b
= NULL
, *t
;
3836 CGroupContext
*c
= data
;
3837 const char *p
= rvalue
;
3846 read
= streq("BlockIOReadBandwidth", lvalue
);
3848 if (isempty(rvalue
)) {
3849 LIST_FOREACH(device_bandwidths
, b
, c
->blockio_device_bandwidths
) {
3850 b
->rbps
= CGROUP_LIMIT_MAX
;
3851 b
->wbps
= CGROUP_LIMIT_MAX
;
3856 r
= extract_first_word(&p
, &path
, NULL
, EXTRACT_UNQUOTE
);
3860 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3861 "Invalid syntax, ignoring: %s", rvalue
);
3864 if (r
== 0 || isempty(p
)) {
3865 log_syntax(unit
, LOG_WARNING
, filename
, line
, 0,
3866 "Failed to extract device node and bandwidth from '%s', ignoring.", rvalue
);
3870 r
= unit_full_printf(userdata
, path
, &resolved
);
3872 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3873 "Failed to resolve unit specifiers in '%s', ignoring: %m", path
);
3877 r
= path_simplify_and_warn(resolved
, 0, unit
, filename
, line
, lvalue
);
3881 r
= parse_size(p
, 1000, &bytes
);
3882 if (r
< 0 || bytes
<= 0) {
3883 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid Block IO Bandwidth '%s', ignoring.", p
);
3887 LIST_FOREACH(device_bandwidths
, t
, c
->blockio_device_bandwidths
) {
3888 if (path_equal(resolved
, t
->path
)) {
3895 b
= new0(CGroupBlockIODeviceBandwidth
, 1);
3899 b
->path
= TAKE_PTR(resolved
);
3900 b
->rbps
= CGROUP_LIMIT_MAX
;
3901 b
->wbps
= CGROUP_LIMIT_MAX
;
3903 LIST_PREPEND(device_bandwidths
, c
->blockio_device_bandwidths
, b
);
3914 int config_parse_job_mode_isolate(
3916 const char *filename
,
3918 const char *section
,
3919 unsigned section_line
,
3933 r
= parse_boolean(rvalue
);
3935 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse boolean, ignoring: %s", rvalue
);
3939 log_notice("%s is deprecated. Please use OnFailureJobMode= instead", lvalue
);
3941 *m
= r
? JOB_ISOLATE
: JOB_REPLACE
;
3945 int config_parse_exec_directories(
3947 const char *filename
,
3949 const char *section
,
3950 unsigned section_line
,
3958 const Unit
*u
= userdata
;
3967 if (isempty(rvalue
)) {
3968 /* Empty assignment resets the list */
3969 *rt
= strv_free(*rt
);
3973 for (p
= rvalue
;;) {
3974 _cleanup_free_
char *word
= NULL
, *k
= NULL
;
3976 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
3980 log_syntax(unit
, LOG_WARNING
, filename
, line
, r
,
3981 "Invalid syntax, ignoring: %s", rvalue
);
3987 r
= unit_full_printf(u
, word
, &k
);
3989 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
3990 "Failed to resolve unit specifiers in \"%s\", ignoring: %m", word
);
3994 r
= path_simplify_and_warn(k
, PATH_CHECK_RELATIVE
, unit
, filename
, line
, lvalue
);
3998 if (path_startswith(k
, "private")) {
3999 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
4000 "%s= path can't be 'private', ignoring assignment: %s", lvalue
, word
);
4004 r
= strv_push(rt
, k
);
4011 int config_parse_set_status(
4013 const char *filename
,
4015 const char *section
,
4016 unsigned section_line
,
4024 const char *word
, *state
;
4026 ExitStatusSet
*status_set
= data
;
4033 /* Empty assignment resets the list */
4034 if (isempty(rvalue
)) {
4035 exit_status_set_free(status_set
);
4039 FOREACH_WORD(word
, l
, rvalue
, state
) {
4040 _cleanup_free_
char *temp
;
4043 temp
= strndup(word
, l
);
4047 /* We need to call exit_status_from_string() first, because we want
4048 * to parse numbers as exit statuses, not signals. */
4050 r
= exit_status_from_string(temp
);
4052 assert(r
>= 0 && r
< 256);
4053 bitmap
= &status_set
->status
;
4055 r
= signal_from_string(temp
);
4058 log_syntax(unit
, LOG_ERR
, filename
, line
, 0,
4059 "Failed to parse value, ignoring: %s", word
);
4062 bitmap
= &status_set
->signal
;
4065 r
= bitmap_set(bitmap
, r
);
4067 return log_error_errno(r
, "Failed to set signal or status %s: %m", word
);
4069 if (!isempty(state
))
4070 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Trailing garbage, ignoring.");
4075 int config_parse_namespace_path_strv(
4077 const char *filename
,
4079 const char *section
,
4080 unsigned section_line
,
4087 const Unit
*u
= userdata
;
4089 const char *p
= rvalue
;
4097 if (isempty(rvalue
)) {
4098 /* Empty assignment resets the list */
4099 *sv
= strv_free(*sv
);
4104 _cleanup_free_
char *word
= NULL
, *resolved
= NULL
, *joined
= NULL
;
4106 bool ignore_enoent
= false, shall_prefix
= false;
4108 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4114 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4119 if (startswith(w
, "-")) {
4120 ignore_enoent
= true;
4123 if (startswith(w
, "+")) {
4124 shall_prefix
= true;
4128 r
= unit_full_printf(u
, w
, &resolved
);
4130 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s: %m", w
);
4134 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4138 joined
= strjoin(ignore_enoent
? "-" : "",
4139 shall_prefix
? "+" : "",
4142 r
= strv_push(sv
, joined
);
4152 int config_parse_temporary_filesystems(
4154 const char *filename
,
4156 const char *section
,
4157 unsigned section_line
,
4164 const Unit
*u
= userdata
;
4165 ExecContext
*c
= data
;
4166 const char *p
= rvalue
;
4174 if (isempty(rvalue
)) {
4175 /* Empty assignment resets the list */
4176 temporary_filesystem_free_many(c
->temporary_filesystems
, c
->n_temporary_filesystems
);
4177 c
->temporary_filesystems
= NULL
;
4178 c
->n_temporary_filesystems
= 0;
4183 _cleanup_free_
char *word
= NULL
, *path
= NULL
, *resolved
= NULL
;
4186 r
= extract_first_word(&p
, &word
, NULL
, EXTRACT_UNQUOTE
);
4192 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", rvalue
);
4197 r
= extract_first_word(&w
, &path
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
4201 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to extract first word, ignoring: %s", word
);
4205 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid syntax, ignoring: %s", word
);
4209 r
= unit_full_printf(u
, path
, &resolved
);
4211 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in %s, ignoring: %m", path
);
4215 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4219 r
= temporary_filesystem_add(&c
->temporary_filesystems
, &c
->n_temporary_filesystems
, resolved
, w
);
4225 int config_parse_bind_paths(
4227 const char *filename
,
4229 const char *section
,
4230 unsigned section_line
,
4237 ExecContext
*c
= data
;
4238 const Unit
*u
= userdata
;
4247 if (isempty(rvalue
)) {
4248 /* Empty assignment resets the list */
4249 bind_mount_free_many(c
->bind_mounts
, c
->n_bind_mounts
);
4250 c
->bind_mounts
= NULL
;
4251 c
->n_bind_mounts
= 0;
4257 _cleanup_free_
char *source
= NULL
, *destination
= NULL
;
4258 _cleanup_free_
char *sresolved
= NULL
, *dresolved
= NULL
;
4259 char *s
= NULL
, *d
= NULL
;
4260 bool rbind
= true, ignore_enoent
= false;
4262 r
= extract_first_word(&p
, &source
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4268 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4272 r
= unit_full_printf(u
, source
, &sresolved
);
4274 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4275 "Failed to resolved unit specifiers in \"%s\", ignoring: %m", source
);
4281 ignore_enoent
= true;
4285 r
= path_simplify_and_warn(s
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4289 /* Optionally, the destination is specified. */
4290 if (p
&& p
[-1] == ':') {
4291 r
= extract_first_word(&p
, &destination
, ":" WHITESPACE
, EXTRACT_UNQUOTE
|EXTRACT_DONT_COALESCE_SEPARATORS
);
4295 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s, ignoring: %s", lvalue
, rvalue
);
4299 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Missing argument after ':', ignoring: %s", s
);
4303 r
= unit_full_printf(u
, destination
, &dresolved
);
4305 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4306 "Failed to resolved specifiers in \"%s\", ignoring: %m", destination
);
4310 r
= path_simplify_and_warn(dresolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4316 /* Optionally, there's also a short option string specified */
4317 if (p
&& p
[-1] == ':') {
4318 _cleanup_free_
char *options
= NULL
;
4320 r
= extract_first_word(&p
, &options
, NULL
, EXTRACT_UNQUOTE
);
4324 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse %s: %s", lvalue
, rvalue
);
4328 if (isempty(options
) || streq(options
, "rbind"))
4330 else if (streq(options
, "norbind"))
4333 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Invalid option string, ignoring setting: %s", options
);
4340 r
= bind_mount_add(&c
->bind_mounts
, &c
->n_bind_mounts
,
4344 .read_only
= !!strstr(lvalue
, "ReadOnly"),
4346 .ignore_enoent
= ignore_enoent
,
4355 int config_parse_job_timeout_sec(
4357 const char *filename
,
4359 const char *section
,
4360 unsigned section_line
,
4376 r
= parse_sec_fix_0(rvalue
, &usec
);
4378 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue
);
4382 /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
4383 * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the user picked should
4386 if (!u
->job_running_timeout_set
)
4387 u
->job_running_timeout
= usec
;
4389 u
->job_timeout
= usec
;
4394 int config_parse_job_running_timeout_sec(
4396 const char *filename
,
4398 const char *section
,
4399 unsigned section_line
,
4415 r
= parse_sec_fix_0(rvalue
, &usec
);
4417 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue
);
4421 u
->job_running_timeout
= usec
;
4422 u
->job_running_timeout_set
= true;
4427 int config_parse_emergency_action(
4429 const char *filename
,
4431 const char *section
,
4432 unsigned section_line
,
4440 EmergencyAction
*x
= data
;
4449 m
= ((Unit
*) userdata
)->manager
;
4453 r
= parse_emergency_action(rvalue
, MANAGER_IS_SYSTEM(m
), x
);
4455 if (r
== -EOPNOTSUPP
&& MANAGER_IS_USER(m
)) {
4456 /* Compat mode: remove for systemd 241. */
4458 log_syntax(unit
, LOG_INFO
, filename
, line
, r
,
4459 "%s= in user mode specified as \"%s\", using \"exit-force\" instead.",
4461 *x
= EMERGENCY_ACTION_EXIT_FORCE
;
4465 if (r
== -EOPNOTSUPP
)
4466 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4467 "%s= specified as %s mode action, ignoring: %s",
4468 lvalue
, MANAGER_IS_SYSTEM(m
) ? "user" : "system", rvalue
);
4470 log_syntax(unit
, LOG_ERR
, filename
, line
, r
,
4471 "Failed to parse %s=, ignoring: %s", lvalue
, rvalue
);
4478 int config_parse_pid_file(
4480 const char *filename
,
4482 const char *section
,
4483 unsigned section_line
,
4490 _cleanup_free_
char *k
= NULL
, *n
= NULL
;
4491 const Unit
*u
= userdata
;
4500 if (isempty(rvalue
)) {
4501 /* An empty assignment removes already set value. */
4506 r
= unit_full_printf(u
, rvalue
, &k
);
4508 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
4512 /* If this is a relative path make it absolute by prefixing the /run */
4513 n
= path_make_absolute(k
, u
->manager
->prefix
[EXEC_DIRECTORY_RUNTIME
]);
4517 /* Check that the result is a sensible path */
4518 r
= path_simplify_and_warn(n
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4522 r
= patch_var_run(unit
, filename
, line
, lvalue
, &n
);
4526 free_and_replace(*s
, n
);
4530 int config_parse_exit_status(
4532 const char *filename
,
4534 const char *section
,
4535 unsigned section_line
,
4542 int *exit_status
= data
, r
;
4548 assert(exit_status
);
4550 if (isempty(rvalue
)) {
4555 r
= safe_atou8(rvalue
, &u
);
4557 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse exit status '%s', ignoring: %m", rvalue
);
4565 int config_parse_disable_controllers(
4567 const char *filename
,
4569 const char *section
,
4570 unsigned section_line
,
4578 CGroupContext
*c
= data
;
4579 CGroupMask disabled_mask
;
4581 /* 1. If empty, make all controllers eligible for use again.
4582 * 2. If non-empty, merge all listed controllers, space separated. */
4584 if (isempty(rvalue
)) {
4585 c
->disable_controllers
= 0;
4589 r
= cg_mask_from_string(rvalue
, &disabled_mask
);
4590 if (r
< 0 || disabled_mask
<= 0) {
4591 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid cgroup string: %s, ignoring", rvalue
);
4595 c
->disable_controllers
|= disabled_mask
;
4600 int config_parse_ip_filter_bpf_progs(
4602 const char *filename
,
4604 const char *section
,
4605 unsigned section_line
,
4612 _cleanup_free_
char *resolved
= NULL
;
4613 const Unit
*u
= userdata
;
4614 char ***paths
= data
;
4622 if (isempty(rvalue
)) {
4623 *paths
= strv_free(*paths
);
4627 r
= unit_full_printf(u
, rvalue
, &resolved
);
4629 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to resolve unit specifiers in '%s', ignoring: %m", rvalue
);
4633 r
= path_simplify_and_warn(resolved
, PATH_CHECK_ABSOLUTE
, unit
, filename
, line
, lvalue
);
4637 if (strv_contains(*paths
, resolved
))
4640 r
= strv_extend(paths
, resolved
);
4644 r
= bpf_firewall_supported();
4647 if (r
!= BPF_FIREWALL_SUPPORTED_WITH_MULTI
) {
4648 static bool warned
= false;
4650 log_full(warned
? LOG_DEBUG
: LOG_WARNING
,
4651 "File %s:%u configures an IP firewall with BPF programs (%s=%s), but the local system does not support BPF/cgroup based firewalling with multiple filters.\n"
4652 "Starting this unit will fail! (This warning is only shown for the first loaded unit using IP firewalling.)", filename
, line
, lvalue
, rvalue
);
4660 static int merge_by_names(Unit
**u
, Set
*names
, const char *id
) {
4667 /* Let's try to add in all names that are aliases of this unit */
4668 while ((k
= set_steal_first(names
))) {
4669 _cleanup_free_ _unused_
char *free_k
= k
;
4671 /* First try to merge in the other name into our unit */
4672 r
= unit_merge_by_name(*u
, k
);
4676 /* Hmm, we couldn't merge the other unit into ours? Then let's try it the other way
4679 other
= manager_get_unit((*u
)->manager
, k
);
4681 return r
; /* return previous failure */
4683 r
= unit_merge(other
, *u
);
4688 return merge_by_names(u
, names
, NULL
);
4691 if (streq_ptr(id
, k
))
4692 unit_choose_id(*u
, id
);
4698 int unit_load_fragment(Unit
*u
) {
4699 const char *fragment
;
4700 _cleanup_set_free_free_ Set
*names
= NULL
;
4705 assert(u
->load_state
== UNIT_STUB
);
4709 u
->load_state
= UNIT_LOADED
;
4713 /* Possibly rebuild the fragment map to catch new units */
4714 r
= unit_file_build_name_map(&u
->manager
->lookup_paths
,
4715 &u
->manager
->unit_cache_mtime
,
4716 &u
->manager
->unit_id_map
,
4717 &u
->manager
->unit_name_map
,
4718 &u
->manager
->unit_path_cache
);
4720 log_error_errno(r
, "Failed to rebuild name map: %m");
4722 r
= unit_file_find_fragment(u
->manager
->unit_id_map
,
4723 u
->manager
->unit_name_map
,
4727 if (r
< 0 && r
!= -ENOENT
)
4731 /* Open the file, check if this is a mask, otherwise read. */
4732 _cleanup_fclose_
FILE *f
= NULL
;
4734 /* Try to open the file name. A symlink is OK, for example for linked files or masks. We
4735 * expect that all symlinks within the lookup paths have been already resolved, but we don't
4736 * verify this here. */
4737 f
= fopen(fragment
, "re");
4739 return log_unit_notice_errno(u
, errno
, "Failed to open %s: %m", fragment
);
4741 if (fstat(fileno(f
), &st
) < 0)
4744 r
= free_and_strdup(&u
->fragment_path
, fragment
);
4748 if (null_or_empty(&st
)) {
4749 /* Unit file is masked */
4751 u
->load_state
= u
->perpetual
? UNIT_LOADED
: UNIT_MASKED
; /* don't allow perpetual units to ever be masked */
4752 u
->fragment_mtime
= 0;
4754 u
->load_state
= UNIT_LOADED
;
4755 u
->fragment_mtime
= timespec_load(&st
.st_mtim
);
4757 /* Now, parse the file contents */
4758 r
= config_parse(u
->id
, fragment
, f
,
4759 UNIT_VTABLE(u
)->sections
,
4760 config_item_perf_lookup
, load_fragment_gperf_lookup
,
4761 CONFIG_PARSE_ALLOW_INCLUDE
, u
);
4763 log_unit_notice_errno(u
, r
, "Unit configuration has fatal error, unit will not be started.");
4769 if (u
->source_path
) {
4770 if (stat(u
->source_path
, &st
) >= 0)
4771 u
->source_mtime
= timespec_load(&st
.st_mtim
);
4773 u
->source_mtime
= 0;
4776 /* We do the merge dance here because for some unit types, the unit might have aliases which are not
4777 * declared in the file system. In particular, this is true (and frequent) for device and swap units.
4780 const char *id
= u
->id
;
4781 _cleanup_free_
char *free_id
= NULL
;
4784 id
= basename(fragment
);
4785 if (unit_name_is_valid(id
, UNIT_NAME_TEMPLATE
)) {
4786 assert(u
->instance
); /* If we're not trying to use a template for non-instanced unit,
4787 * this must be set. */
4789 r
= unit_name_replace_instance(id
, u
->instance
, &free_id
);
4791 return log_debug_errno(r
, "Failed to build id (%s + %s): %m", id
, u
->instance
);
4797 r
= merge_by_names(&merged
, names
, id
);
4802 u
->load_state
= UNIT_MERGED
;
4807 void unit_dump_config_items(FILE *f
) {
4808 static const struct {
4809 const ConfigParserCallback callback
;
4812 { config_parse_warn_compat
, "NOTSUPPORTED" },
4813 { config_parse_int
, "INTEGER" },
4814 { config_parse_unsigned
, "UNSIGNED" },
4815 { config_parse_iec_size
, "SIZE" },
4816 { config_parse_iec_uint64
, "SIZE" },
4817 { config_parse_si_uint64
, "SIZE" },
4818 { config_parse_bool
, "BOOLEAN" },
4819 { config_parse_string
, "STRING" },
4820 { config_parse_path
, "PATH" },
4821 { config_parse_unit_path_printf
, "PATH" },
4822 { config_parse_strv
, "STRING [...]" },
4823 { config_parse_exec_nice
, "NICE" },
4824 { config_parse_exec_oom_score_adjust
, "OOMSCOREADJUST" },
4825 { config_parse_exec_io_class
, "IOCLASS" },
4826 { config_parse_exec_io_priority
, "IOPRIORITY" },
4827 { config_parse_exec_cpu_sched_policy
, "CPUSCHEDPOLICY" },
4828 { config_parse_exec_cpu_sched_prio
, "CPUSCHEDPRIO" },
4829 { config_parse_exec_cpu_affinity
, "CPUAFFINITY" },
4830 { config_parse_mode
, "MODE" },
4831 { config_parse_unit_env_file
, "FILE" },
4832 { config_parse_exec_output
, "OUTPUT" },
4833 { config_parse_exec_input
, "INPUT" },
4834 { config_parse_log_facility
, "FACILITY" },
4835 { config_parse_log_level
, "LEVEL" },
4836 { config_parse_exec_secure_bits
, "SECUREBITS" },
4837 { config_parse_capability_set
, "BOUNDINGSET" },
4838 { config_parse_rlimit
, "LIMIT" },
4839 { config_parse_unit_deps
, "UNIT [...]" },
4840 { config_parse_exec
, "PATH [ARGUMENT [...]]" },
4841 { config_parse_service_type
, "SERVICETYPE" },
4842 { config_parse_service_restart
, "SERVICERESTART" },
4843 { config_parse_kill_mode
, "KILLMODE" },
4844 { config_parse_signal
, "SIGNAL" },
4845 { config_parse_socket_listen
, "SOCKET [...]" },
4846 { config_parse_socket_bind
, "SOCKETBIND" },
4847 { config_parse_socket_bindtodevice
, "NETWORKINTERFACE" },
4848 { config_parse_sec
, "SECONDS" },
4849 { config_parse_nsec
, "NANOSECONDS" },
4850 { config_parse_namespace_path_strv
, "PATH [...]" },
4851 { config_parse_bind_paths
, "PATH[:PATH[:OPTIONS]] [...]" },
4852 { config_parse_unit_requires_mounts_for
, "PATH [...]" },
4853 { config_parse_exec_mount_flags
, "MOUNTFLAG [...]" },
4854 { config_parse_unit_string_printf
, "STRING" },
4855 { config_parse_trigger_unit
, "UNIT" },
4856 { config_parse_timer
, "TIMER" },
4857 { config_parse_path_spec
, "PATH" },
4858 { config_parse_notify_access
, "ACCESS" },
4859 { config_parse_ip_tos
, "TOS" },
4860 { config_parse_unit_condition_path
, "CONDITION" },
4861 { config_parse_unit_condition_string
, "CONDITION" },
4862 { config_parse_unit_condition_null
, "CONDITION" },
4863 { config_parse_unit_slice
, "SLICE" },
4864 { config_parse_documentation
, "URL" },
4865 { config_parse_service_timeout
, "SECONDS" },
4866 { config_parse_emergency_action
, "ACTION" },
4867 { config_parse_set_status
, "STATUS" },
4868 { config_parse_service_sockets
, "SOCKETS" },
4869 { config_parse_environ
, "ENVIRON" },
4871 { config_parse_syscall_filter
, "SYSCALLS" },
4872 { config_parse_syscall_archs
, "ARCHS" },
4873 { config_parse_syscall_errno
, "ERRNO" },
4874 { config_parse_address_families
, "FAMILIES" },
4875 { config_parse_restrict_namespaces
, "NAMESPACES" },
4877 { config_parse_cpu_shares
, "SHARES" },
4878 { config_parse_cg_weight
, "WEIGHT" },
4879 { config_parse_memory_limit
, "LIMIT" },
4880 { config_parse_device_allow
, "DEVICE" },
4881 { config_parse_device_policy
, "POLICY" },
4882 { config_parse_io_limit
, "LIMIT" },
4883 { config_parse_io_device_weight
, "DEVICEWEIGHT" },
4884 { config_parse_io_device_latency
, "DEVICELATENCY" },
4885 { config_parse_blockio_bandwidth
, "BANDWIDTH" },
4886 { config_parse_blockio_weight
, "WEIGHT" },
4887 { config_parse_blockio_device_weight
, "DEVICEWEIGHT" },
4888 { config_parse_long
, "LONG" },
4889 { config_parse_socket_service
, "SERVICE" },
4891 { config_parse_exec_selinux_context
, "LABEL" },
4893 { config_parse_job_mode
, "MODE" },
4894 { config_parse_job_mode_isolate
, "BOOLEAN" },
4895 { config_parse_personality
, "PERSONALITY" },
4898 const char *prev
= NULL
;
4903 NULSTR_FOREACH(i
, load_fragment_gperf_nulstr
) {
4904 const char *rvalue
= "OTHER", *lvalue
;
4905 const ConfigPerfItem
*p
;
4910 assert_se(p
= load_fragment_gperf_lookup(i
, strlen(i
)));
4912 /* Hide legacy settings */
4913 if (p
->parse
== config_parse_warn_compat
&&
4914 p
->ltype
== DISABLED_LEGACY
)
4917 for (j
= 0; j
< ELEMENTSOF(table
); j
++)
4918 if (p
->parse
== table
[j
].callback
) {
4919 rvalue
= table
[j
].rvalue
;
4923 dot
= strchr(i
, '.');
4924 lvalue
= dot
? dot
+ 1 : i
;
4928 if (!prev
|| !strneq(prev
, i
, prefix_len
+1)) {
4932 fprintf(f
, "[%.*s]\n", (int) prefix_len
, i
);
4935 fprintf(f
, "%s=%s\n", lvalue
, rvalue
);
4940 int config_parse_cpu_affinity2(
4942 const char *filename
,
4944 const char *section
,
4945 unsigned section_line
,
4952 CPUSet
*affinity
= data
;
4956 (void) parse_cpu_set_extend(rvalue
, affinity
, true, unit
, filename
, line
, lvalue
);
4961 int config_parse_show_status(
4963 const char *filename
,
4965 const char *section
,
4966 unsigned section_line
,
4974 ShowStatus
*b
= data
;
4981 k
= parse_show_status(rvalue
, b
);
4983 log_syntax(unit
, LOG_ERR
, filename
, line
, k
, "Failed to parse show status setting, ignoring: %s", rvalue
);
4990 int config_parse_output_restricted(
4992 const char *filename
,
4994 const char *section
,
4995 unsigned section_line
,
5002 ExecOutput t
, *eo
= data
;
5009 t
= exec_output_from_string(rvalue
);
5011 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Failed to parse output type, ignoring: %s", rvalue
);
5015 if (IN_SET(t
, EXEC_OUTPUT_SOCKET
, EXEC_OUTPUT_NAMED_FD
, EXEC_OUTPUT_FILE
, EXEC_OUTPUT_FILE_APPEND
)) {
5016 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Standard output types socket, fd:, file:, append: are not supported as defaults, ignoring: %s", rvalue
);
5024 int config_parse_crash_chvt(
5026 const char *filename
,
5028 const char *section
,
5029 unsigned section_line
,
5043 r
= parse_crash_chvt(rvalue
, data
);
5045 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue
);
5052 int config_parse_swap_priority(
5054 const char *filename
,
5056 const char *section
,
5057 unsigned section_line
,
5073 if (isempty(rvalue
)) {
5074 s
->parameters_fragment
.priority
= -1;
5075 s
->parameters_fragment
.priority_set
= false;
5079 r
= safe_atoi(rvalue
, &priority
);
5081 log_syntax(unit
, LOG_ERR
, filename
, line
, r
, "Invalid swap pririty '%s', ignoring.", rvalue
);
5085 if (priority
< -1) {
5086 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Sorry, swap priorities smaller than -1 may only be assigned by the kernel itself, ignoring: %s", rvalue
);
5090 if (priority
> 32767) {
5091 log_syntax(unit
, LOG_ERR
, filename
, line
, 0, "Swap priority out of range, ignoring: %s", rvalue
);
5095 s
->parameters_fragment
.priority
= priority
;
5096 s
->parameters_fragment
.priority_set
= true;