1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include <stdio_ext.h>
27 #include <sys/epoll.h>
28 #include <sys/inotify.h>
29 #include <sys/ioctl.h>
30 #include <sys/reboot.h>
31 #include <sys/timerfd.h>
39 #include "sd-daemon.h"
40 #include "sd-messages.h"
43 #include "alloc-util.h"
45 #include "boot-timestamps.h"
46 #include "bus-common-errors.h"
47 #include "bus-error.h"
48 #include "bus-kernel.h"
50 #include "clean-ipc.h"
51 #include "clock-util.h"
53 #include "dbus-manager.h"
54 #include "dbus-unit.h"
56 #include "dirent-util.h"
59 #include "exec-util.h"
61 #include "exit-status.h"
68 #include "locale-setup.h"
74 #include "parse-util.h"
75 #include "path-lookup.h"
76 #include "path-util.h"
77 #include "process-util.h"
78 #include "ratelimit.h"
80 #include "signal-util.h"
82 #include "stat-util.h"
83 #include "string-table.h"
84 #include "string-util.h"
86 #include "terminal-util.h"
87 #include "time-util.h"
88 #include "transaction.h"
89 #include "umask-util.h"
90 #include "unit-name.h"
91 #include "user-util.h"
96 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
97 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
99 /* Initial delay and the interval for printing status messages about running jobs */
100 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
101 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
102 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
104 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
105 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
106 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
107 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
108 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
109 static int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
110 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
);
111 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
);
112 static int manager_dispatch_sigchld(sd_event_source
*source
, void *userdata
);
113 static int manager_run_environment_generators(Manager
*m
);
114 static int manager_run_generators(Manager
*m
);
116 static void manager_watch_jobs_in_progress(Manager
*m
) {
122 /* We do not want to show the cylon animation if the user
123 * needs to confirm service executions otherwise confirmation
124 * messages will be screwed by the cylon animation. */
125 if (!manager_is_confirm_spawn_disabled(m
))
128 if (m
->jobs_in_progress_event_source
)
131 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
;
132 r
= sd_event_add_time(
134 &m
->jobs_in_progress_event_source
,
137 manager_dispatch_jobs_in_progress
, m
);
141 (void) sd_event_source_set_description(m
->jobs_in_progress_event_source
, "manager-jobs-in-progress");
144 #define CYLON_BUFFER_EXTRA (2*STRLEN(ANSI_RED) + STRLEN(ANSI_HIGHLIGHT_RED) + 2*STRLEN(ANSI_NORMAL))
146 static void draw_cylon(char buffer
[], size_t buflen
, unsigned width
, unsigned pos
) {
149 assert(buflen
>= CYLON_BUFFER_EXTRA
+ width
+ 1);
150 assert(pos
<= width
+1); /* 0 or width+1 mean that the center light is behind the corner */
154 p
= mempset(p
, ' ', pos
-2);
155 if (log_get_show_color())
156 p
= stpcpy(p
, ANSI_RED
);
160 if (pos
> 0 && pos
<= width
) {
161 if (log_get_show_color())
162 p
= stpcpy(p
, ANSI_HIGHLIGHT_RED
);
166 if (log_get_show_color())
167 p
= stpcpy(p
, ANSI_NORMAL
);
170 if (log_get_show_color())
171 p
= stpcpy(p
, ANSI_RED
);
174 p
= mempset(p
, ' ', width
-1-pos
);
175 if (log_get_show_color())
176 strcpy(p
, ANSI_NORMAL
);
180 void manager_flip_auto_status(Manager
*m
, bool enable
) {
184 if (m
->show_status
== SHOW_STATUS_AUTO
)
185 manager_set_show_status(m
, SHOW_STATUS_TEMPORARY
);
187 if (m
->show_status
== SHOW_STATUS_TEMPORARY
)
188 manager_set_show_status(m
, SHOW_STATUS_AUTO
);
192 static void manager_print_jobs_in_progress(Manager
*m
) {
193 _cleanup_free_
char *job_of_n
= NULL
;
196 unsigned counter
= 0, print_nr
;
197 char cylon
[6 + CYLON_BUFFER_EXTRA
+ 1];
199 char time
[FORMAT_TIMESPAN_MAX
], limit
[FORMAT_TIMESPAN_MAX
] = "no limit";
203 assert(m
->n_running_jobs
> 0);
205 manager_flip_auto_status(m
, true);
207 print_nr
= (m
->jobs_in_progress_iteration
/ JOBS_IN_PROGRESS_PERIOD_DIVISOR
) % m
->n_running_jobs
;
209 HASHMAP_FOREACH(j
, m
->jobs
, i
)
210 if (j
->state
== JOB_RUNNING
&& counter
++ == print_nr
)
213 /* m->n_running_jobs must be consistent with the contents of m->jobs,
214 * so the above loop must have succeeded in finding j. */
215 assert(counter
== print_nr
+ 1);
218 cylon_pos
= m
->jobs_in_progress_iteration
% 14;
220 cylon_pos
= 14 - cylon_pos
;
221 draw_cylon(cylon
, sizeof(cylon
), 6, cylon_pos
);
223 m
->jobs_in_progress_iteration
++;
225 if (m
->n_running_jobs
> 1) {
226 if (asprintf(&job_of_n
, "(%u of %u) ", counter
, m
->n_running_jobs
) < 0)
230 format_timespan(time
, sizeof(time
), now(CLOCK_MONOTONIC
) - j
->begin_usec
, 1*USEC_PER_SEC
);
231 if (job_get_timeout(j
, &x
) > 0)
232 format_timespan(limit
, sizeof(limit
), x
- j
->begin_usec
, 1*USEC_PER_SEC
);
234 manager_status_printf(m
, STATUS_TYPE_EPHEMERAL
, cylon
,
235 "%sA %s job is running for %s (%s / %s)",
237 job_type_to_string(j
->type
),
238 unit_description(j
->unit
),
242 static int have_ask_password(void) {
243 _cleanup_closedir_
DIR *dir
;
246 dir
= opendir("/run/systemd/ask-password");
254 FOREACH_DIRENT_ALL(de
, dir
, return -errno
) {
255 if (startswith(de
->d_name
, "ask."))
261 static int manager_dispatch_ask_password_fd(sd_event_source
*source
,
262 int fd
, uint32_t revents
, void *userdata
) {
263 Manager
*m
= userdata
;
269 m
->have_ask_password
= have_ask_password();
270 if (m
->have_ask_password
< 0)
271 /* Log error but continue. Negative have_ask_password
272 * is treated as unknown status. */
273 log_error_errno(m
->have_ask_password
, "Failed to list /run/systemd/ask-password: %m");
278 static void manager_close_ask_password(Manager
*m
) {
281 m
->ask_password_event_source
= sd_event_source_unref(m
->ask_password_event_source
);
282 m
->ask_password_inotify_fd
= safe_close(m
->ask_password_inotify_fd
);
283 m
->have_ask_password
= -EINVAL
;
286 static int manager_check_ask_password(Manager
*m
) {
291 if (!m
->ask_password_event_source
) {
292 assert(m
->ask_password_inotify_fd
< 0);
294 mkdir_p_label("/run/systemd/ask-password", 0755);
296 m
->ask_password_inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
297 if (m
->ask_password_inotify_fd
< 0)
298 return log_error_errno(errno
, "inotify_init1() failed: %m");
300 if (inotify_add_watch(m
->ask_password_inotify_fd
, "/run/systemd/ask-password", IN_CREATE
|IN_DELETE
|IN_MOVE
) < 0) {
301 log_error_errno(errno
, "Failed to add watch on /run/systemd/ask-password: %m");
302 manager_close_ask_password(m
);
306 r
= sd_event_add_io(m
->event
, &m
->ask_password_event_source
,
307 m
->ask_password_inotify_fd
, EPOLLIN
,
308 manager_dispatch_ask_password_fd
, m
);
310 log_error_errno(errno
, "Failed to add event source for /run/systemd/ask-password: %m");
311 manager_close_ask_password(m
);
315 (void) sd_event_source_set_description(m
->ask_password_event_source
, "manager-ask-password");
317 /* Queries might have been added meanwhile... */
318 manager_dispatch_ask_password_fd(m
->ask_password_event_source
,
319 m
->ask_password_inotify_fd
, EPOLLIN
, m
);
322 return m
->have_ask_password
;
325 static int manager_watch_idle_pipe(Manager
*m
) {
330 if (m
->idle_pipe_event_source
)
333 if (m
->idle_pipe
[2] < 0)
336 r
= sd_event_add_io(m
->event
, &m
->idle_pipe_event_source
, m
->idle_pipe
[2], EPOLLIN
, manager_dispatch_idle_pipe_fd
, m
);
338 return log_error_errno(r
, "Failed to watch idle pipe: %m");
340 (void) sd_event_source_set_description(m
->idle_pipe_event_source
, "manager-idle-pipe");
345 static void manager_close_idle_pipe(Manager
*m
) {
348 m
->idle_pipe_event_source
= sd_event_source_unref(m
->idle_pipe_event_source
);
350 safe_close_pair(m
->idle_pipe
);
351 safe_close_pair(m
->idle_pipe
+ 2);
354 static int manager_setup_time_change(Manager
*m
) {
357 /* We only care for the cancellation event, hence we set the
358 * timeout to the latest possible value. */
359 struct itimerspec its
= {
360 .it_value
.tv_sec
= TIME_T_MAX
,
364 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX
));
366 if (m
->test_run_flags
)
369 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
370 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
372 m
->time_change_fd
= timerfd_create(CLOCK_REALTIME
, TFD_NONBLOCK
|TFD_CLOEXEC
);
373 if (m
->time_change_fd
< 0)
374 return log_error_errno(errno
, "Failed to create timerfd: %m");
376 if (timerfd_settime(m
->time_change_fd
, TFD_TIMER_ABSTIME
|TFD_TIMER_CANCEL_ON_SET
, &its
, NULL
) < 0) {
377 log_debug_errno(errno
, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
378 m
->time_change_fd
= safe_close(m
->time_change_fd
);
382 r
= sd_event_add_io(m
->event
, &m
->time_change_event_source
, m
->time_change_fd
, EPOLLIN
, manager_dispatch_time_change_fd
, m
);
384 return log_error_errno(r
, "Failed to create time change event source: %m");
386 (void) sd_event_source_set_description(m
->time_change_event_source
, "manager-time-change");
388 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
393 static int enable_special_signals(Manager
*m
) {
394 _cleanup_close_
int fd
= -1;
398 if (m
->test_run_flags
)
401 /* Enable that we get SIGINT on control-alt-del. In containers
402 * this will fail with EPERM (older) or EINVAL (newer), so
404 if (reboot(RB_DISABLE_CAD
) < 0 && !IN_SET(errno
, EPERM
, EINVAL
))
405 log_warning_errno(errno
, "Failed to enable ctrl-alt-del handling: %m");
407 fd
= open_terminal("/dev/tty0", O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
409 /* Support systems without virtual console */
411 log_warning_errno(errno
, "Failed to open /dev/tty0: %m");
413 /* Enable that we get SIGWINCH on kbrequest */
414 if (ioctl(fd
, KDSIGACCEPT
, SIGWINCH
) < 0)
415 log_warning_errno(errno
, "Failed to enable kbrequest handling: %m");
421 static int manager_setup_signals(Manager
*m
) {
422 struct sigaction sa
= {
423 .sa_handler
= SIG_DFL
,
424 .sa_flags
= SA_NOCLDSTOP
|SA_RESTART
,
431 assert_se(sigaction(SIGCHLD
, &sa
, NULL
) == 0);
433 /* We make liberal use of realtime signals here. On
434 * Linux/glibc we have 30 of them (with the exception of Linux
435 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
438 assert_se(sigemptyset(&mask
) == 0);
439 sigset_add_many(&mask
,
440 SIGCHLD
, /* Child died */
441 SIGTERM
, /* Reexecute daemon */
442 SIGHUP
, /* Reload configuration */
443 SIGUSR1
, /* systemd/upstart: reconnect to D-Bus */
444 SIGUSR2
, /* systemd: dump status */
445 SIGINT
, /* Kernel sends us this on control-alt-del */
446 SIGWINCH
, /* Kernel sends us this on kbrequest (alt-arrowup) */
447 SIGPWR
, /* Some kernel drivers and upsd send us this on power failure */
449 SIGRTMIN
+0, /* systemd: start default.target */
450 SIGRTMIN
+1, /* systemd: isolate rescue.target */
451 SIGRTMIN
+2, /* systemd: isolate emergency.target */
452 SIGRTMIN
+3, /* systemd: start halt.target */
453 SIGRTMIN
+4, /* systemd: start poweroff.target */
454 SIGRTMIN
+5, /* systemd: start reboot.target */
455 SIGRTMIN
+6, /* systemd: start kexec.target */
457 /* ... space for more special targets ... */
459 SIGRTMIN
+13, /* systemd: Immediate halt */
460 SIGRTMIN
+14, /* systemd: Immediate poweroff */
461 SIGRTMIN
+15, /* systemd: Immediate reboot */
462 SIGRTMIN
+16, /* systemd: Immediate kexec */
464 /* ... space for more immediate system state changes ... */
466 SIGRTMIN
+20, /* systemd: enable status messages */
467 SIGRTMIN
+21, /* systemd: disable status messages */
468 SIGRTMIN
+22, /* systemd: set log level to LOG_DEBUG */
469 SIGRTMIN
+23, /* systemd: set log level to LOG_INFO */
470 SIGRTMIN
+24, /* systemd: Immediate exit (--user only) */
472 /* .. one free signal here ... */
474 #if !defined(__hppa64__) && !defined(__hppa__)
475 /* Apparently Linux on hppa has fewer RT
476 * signals (SIGRTMAX is SIGRTMIN+25 there),
477 * hence let's not try to make use of them
478 * here. Since these commands are accessible
479 * by different means and only really a safety
480 * net, the missing functionality on hppa
481 * shouldn't matter. */
483 SIGRTMIN
+26, /* systemd: set log target to journal-or-kmsg */
484 SIGRTMIN
+27, /* systemd: set log target to console */
485 SIGRTMIN
+28, /* systemd: set log target to kmsg */
486 SIGRTMIN
+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
488 /* ... one free signal here SIGRTMIN+30 ... */
491 assert_se(sigprocmask(SIG_SETMASK
, &mask
, NULL
) == 0);
493 m
->signal_fd
= signalfd(-1, &mask
, SFD_NONBLOCK
|SFD_CLOEXEC
);
494 if (m
->signal_fd
< 0)
497 r
= sd_event_add_io(m
->event
, &m
->signal_event_source
, m
->signal_fd
, EPOLLIN
, manager_dispatch_signal_fd
, m
);
501 (void) sd_event_source_set_description(m
->signal_event_source
, "manager-signal");
503 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
504 * notify processing can still figure out to which process/service a message belongs, before we reap the
505 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
506 * status information before detecting that there's no process in a cgroup. */
507 r
= sd_event_source_set_priority(m
->signal_event_source
, SD_EVENT_PRIORITY_NORMAL
-6);
511 if (MANAGER_IS_SYSTEM(m
))
512 return enable_special_signals(m
);
517 static void manager_sanitize_environment(Manager
*m
) {
520 /* Let's remove some environment variables that we need ourselves to communicate with our clients */
540 /* Let's order the environment alphabetically, just to make it pretty */
541 strv_sort(m
->environment
);
544 static int manager_default_environment(Manager
*m
) {
547 if (MANAGER_IS_SYSTEM(m
)) {
548 /* The system manager always starts with a clean
549 * environment for its children. It does not import
550 * the kernel's or the parents' exported variables.
552 * The initial passed environment is untouched to keep
553 * /proc/self/environ valid; it is used for tagging
554 * the init process inside containers. */
555 m
->environment
= strv_new("PATH=" DEFAULT_PATH
,
558 /* Import locale variables LC_*= from configuration */
559 locale_setup(&m
->environment
);
561 /* The user manager passes its own environment
562 * along to its children. */
563 m
->environment
= strv_copy(environ
);
568 manager_sanitize_environment(m
);
573 static int manager_setup_prefix(Manager
*m
) {
579 static const struct table_entry paths_system
[_EXEC_DIRECTORY_TYPE_MAX
] = {
580 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_SYSTEM_RUNTIME
, NULL
},
581 [EXEC_DIRECTORY_STATE
] = { SD_PATH_SYSTEM_STATE_PRIVATE
, NULL
},
582 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_SYSTEM_STATE_CACHE
, NULL
},
583 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_SYSTEM_STATE_LOGS
, NULL
},
584 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_SYSTEM_CONFIGURATION
, NULL
},
587 static const struct table_entry paths_user
[_EXEC_DIRECTORY_TYPE_MAX
] = {
588 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_USER_RUNTIME
, NULL
},
589 [EXEC_DIRECTORY_STATE
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
590 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_USER_STATE_CACHE
, NULL
},
591 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_USER_CONFIGURATION
, "log" },
592 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
595 const struct table_entry
*p
;
601 if (MANAGER_IS_SYSTEM(m
))
606 for (i
= 0; i
< _EXEC_DIRECTORY_TYPE_MAX
; i
++) {
607 r
= sd_path_home(p
[i
].type
, p
[i
].suffix
, &m
->prefix
[i
]);
615 static int manager_setup_run_queue(Manager
*m
) {
619 assert(!m
->run_queue_event_source
);
621 r
= sd_event_add_defer(m
->event
, &m
->run_queue_event_source
, manager_dispatch_run_queue
, m
);
625 r
= sd_event_source_set_priority(m
->run_queue_event_source
, SD_EVENT_PRIORITY_IDLE
);
629 r
= sd_event_source_set_enabled(m
->run_queue_event_source
, SD_EVENT_OFF
);
633 (void) sd_event_source_set_description(m
->run_queue_event_source
, "manager-run-queue");
638 static int manager_setup_sigchld_event_source(Manager
*m
) {
642 assert(!m
->sigchld_event_source
);
644 r
= sd_event_add_defer(m
->event
, &m
->sigchld_event_source
, manager_dispatch_sigchld
, m
);
648 r
= sd_event_source_set_priority(m
->sigchld_event_source
, SD_EVENT_PRIORITY_NORMAL
-7);
652 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_OFF
);
656 (void) sd_event_source_set_description(m
->sigchld_event_source
, "manager-sigchld");
661 int manager_new(UnitFileScope scope
, unsigned test_run_flags
, Manager
**_m
) {
666 assert(IN_SET(scope
, UNIT_FILE_SYSTEM
, UNIT_FILE_USER
));
668 m
= new0(Manager
, 1);
672 m
->unit_file_scope
= scope
;
673 m
->exit_code
= _MANAGER_EXIT_CODE_INVALID
;
674 m
->default_timer_accuracy_usec
= USEC_PER_MINUTE
;
675 m
->default_tasks_accounting
= true;
676 m
->default_tasks_max
= UINT64_MAX
;
677 m
->default_timeout_start_usec
= DEFAULT_TIMEOUT_USEC
;
678 m
->default_timeout_stop_usec
= DEFAULT_TIMEOUT_USEC
;
679 m
->default_restart_usec
= DEFAULT_RESTART_USEC
;
682 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0)
683 boot_timestamps(m
->timestamps
+ MANAGER_TIMESTAMP_USERSPACE
,
684 m
->timestamps
+ MANAGER_TIMESTAMP_FIRMWARE
,
685 m
->timestamps
+ MANAGER_TIMESTAMP_LOADER
);
688 /* Prepare log fields we can use for structured logging */
689 if (MANAGER_IS_SYSTEM(m
)) {
690 m
->unit_log_field
= "UNIT=";
691 m
->unit_log_format_string
= "UNIT=%s";
693 m
->invocation_log_field
= "INVOCATION_ID=";
694 m
->invocation_log_format_string
= "INVOCATION_ID=%s";
696 m
->unit_log_field
= "USER_UNIT=";
697 m
->unit_log_format_string
= "USER_UNIT=%s";
699 m
->invocation_log_field
= "USER_INVOCATION_ID=";
700 m
->invocation_log_format_string
= "USER_INVOCATION_ID=%s";
703 m
->idle_pipe
[0] = m
->idle_pipe
[1] = m
->idle_pipe
[2] = m
->idle_pipe
[3] = -1;
705 m
->pin_cgroupfs_fd
= m
->notify_fd
= m
->cgroups_agent_fd
= m
->signal_fd
= m
->time_change_fd
=
706 m
->dev_autofs_fd
= m
->private_listen_fd
= m
->cgroup_inotify_fd
=
707 m
->ask_password_inotify_fd
= -1;
709 m
->user_lookup_fds
[0] = m
->user_lookup_fds
[1] = -1;
711 m
->current_job_id
= 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
713 m
->have_ask_password
= -EINVAL
; /* we don't know */
716 m
->test_run_flags
= test_run_flags
;
718 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
719 RATELIMIT_INIT(m
->ctrl_alt_del_ratelimit
, 2 * USEC_PER_SEC
, 7);
721 r
= manager_default_environment(m
);
725 r
= hashmap_ensure_allocated(&m
->units
, &string_hash_ops
);
729 r
= hashmap_ensure_allocated(&m
->jobs
, NULL
);
733 r
= hashmap_ensure_allocated(&m
->cgroup_unit
, &string_hash_ops
);
737 r
= hashmap_ensure_allocated(&m
->watch_bus
, &string_hash_ops
);
741 r
= sd_event_default(&m
->event
);
745 r
= manager_setup_run_queue(m
);
749 r
= manager_setup_signals(m
);
753 r
= manager_setup_cgroup(m
);
757 r
= manager_setup_time_change(m
);
761 r
= manager_setup_sigchld_event_source(m
);
765 m
->udev
= udev_new();
771 r
= manager_setup_prefix(m
);
775 if (MANAGER_IS_SYSTEM(m
) && test_run_flags
== 0) {
776 r
= mkdir_label("/run/systemd/units", 0755);
777 if (r
< 0 && r
!= -EEXIST
)
783 dir_is_empty("/usr") > 0;
785 /* Note that we do not set up the notify fd here. We do that after deserialization,
786 * since they might have gotten serialized across the reexec. */
796 static int manager_setup_notify(Manager
*m
) {
799 if (m
->test_run_flags
)
802 if (m
->notify_fd
< 0) {
803 _cleanup_close_
int fd
= -1;
804 union sockaddr_union sa
= {
805 .sa
.sa_family
= AF_UNIX
,
807 static const int one
= 1;
809 /* First free all secondary fields */
810 m
->notify_socket
= mfree(m
->notify_socket
);
811 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
813 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
815 return log_error_errno(errno
, "Failed to allocate notification socket: %m");
817 fd_inc_rcvbuf(fd
, NOTIFY_RCVBUF_SIZE
);
819 m
->notify_socket
= strappend(m
->prefix
[EXEC_DIRECTORY_RUNTIME
], "/systemd/notify");
820 if (!m
->notify_socket
)
823 (void) mkdir_parents_label(m
->notify_socket
, 0755);
824 (void) unlink(m
->notify_socket
);
826 strncpy(sa
.un
.sun_path
, m
->notify_socket
, sizeof(sa
.un
.sun_path
)-1);
827 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
829 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
831 r
= setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
833 return log_error_errno(errno
, "SO_PASSCRED failed: %m");
838 log_debug("Using notification socket %s", m
->notify_socket
);
841 if (!m
->notify_event_source
) {
842 r
= sd_event_add_io(m
->event
, &m
->notify_event_source
, m
->notify_fd
, EPOLLIN
, manager_dispatch_notify_fd
, m
);
844 return log_error_errno(r
, "Failed to allocate notify event source: %m");
846 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
847 * service an exit message belongs. */
848 r
= sd_event_source_set_priority(m
->notify_event_source
, SD_EVENT_PRIORITY_NORMAL
-8);
850 return log_error_errno(r
, "Failed to set priority of notify event source: %m");
852 (void) sd_event_source_set_description(m
->notify_event_source
, "manager-notify");
858 static int manager_setup_cgroups_agent(Manager
*m
) {
860 static const union sockaddr_union sa
= {
861 .un
.sun_family
= AF_UNIX
,
862 .un
.sun_path
= "/run/systemd/cgroups-agent",
866 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
867 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
868 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
869 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
870 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
871 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
872 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
873 * we thus won't lose messages.
875 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
876 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
877 * bus for these messages. */
879 if (m
->test_run_flags
)
882 if (!MANAGER_IS_SYSTEM(m
))
885 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
887 return log_error_errno(r
, "Failed to determine whether unified cgroups hierarchy is used: %m");
888 if (r
> 0) /* We don't need this anymore on the unified hierarchy */
891 if (m
->cgroups_agent_fd
< 0) {
892 _cleanup_close_
int fd
= -1;
894 /* First free all secondary fields */
895 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
897 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
899 return log_error_errno(errno
, "Failed to allocate cgroups agent socket: %m");
901 fd_inc_rcvbuf(fd
, CGROUPS_AGENT_RCVBUF_SIZE
);
903 (void) unlink(sa
.un
.sun_path
);
905 /* Only allow root to connect to this socket */
907 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
909 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
911 m
->cgroups_agent_fd
= fd
;
915 if (!m
->cgroups_agent_event_source
) {
916 r
= sd_event_add_io(m
->event
, &m
->cgroups_agent_event_source
, m
->cgroups_agent_fd
, EPOLLIN
, manager_dispatch_cgroups_agent_fd
, m
);
918 return log_error_errno(r
, "Failed to allocate cgroups agent event source: %m");
920 /* Process cgroups notifications early, but after having processed service notification messages or
921 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
922 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
923 * cgroup inotify for the unified cgroup stuff. */
924 r
= sd_event_source_set_priority(m
->cgroups_agent_event_source
, SD_EVENT_PRIORITY_NORMAL
-4);
926 return log_error_errno(r
, "Failed to set priority of cgroups agent event source: %m");
928 (void) sd_event_source_set_description(m
->cgroups_agent_event_source
, "manager-cgroups-agent");
934 static int manager_setup_user_lookup_fd(Manager
*m
) {
939 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
940 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
941 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
942 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
943 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
944 * hence we establish this communication channel so that forked off processes can pass their UID/GID
945 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
946 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
949 * You might wonder why we need a communication channel for this that is independent of the usual notification
950 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
951 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
952 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
954 * Note that this function is called under two circumstances: when we first initialize (in which case we
955 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
956 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
958 if (m
->user_lookup_fds
[0] < 0) {
960 /* Free all secondary fields */
961 safe_close_pair(m
->user_lookup_fds
);
962 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
964 if (socketpair(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
, 0, m
->user_lookup_fds
) < 0)
965 return log_error_errno(errno
, "Failed to allocate user lookup socket: %m");
967 (void) fd_inc_rcvbuf(m
->user_lookup_fds
[0], NOTIFY_RCVBUF_SIZE
);
970 if (!m
->user_lookup_event_source
) {
971 r
= sd_event_add_io(m
->event
, &m
->user_lookup_event_source
, m
->user_lookup_fds
[0], EPOLLIN
, manager_dispatch_user_lookup_fd
, m
);
973 return log_error_errno(errno
, "Failed to allocate user lookup event source: %m");
975 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
977 r
= sd_event_source_set_priority(m
->user_lookup_event_source
, SD_EVENT_PRIORITY_NORMAL
-11);
979 return log_error_errno(errno
, "Failed to set priority ot user lookup event source: %m");
981 (void) sd_event_source_set_description(m
->user_lookup_event_source
, "user-lookup");
987 static int manager_connect_bus(Manager
*m
, bool reexecuting
) {
988 bool try_bus_connect
;
993 if (m
->test_run_flags
)
996 u
= manager_get_unit(m
, SPECIAL_DBUS_SERVICE
);
999 (u
&& SERVICE(u
)->deserialized_state
== SERVICE_RUNNING
) &&
1001 (MANAGER_IS_USER(m
) && getenv("DBUS_SESSION_BUS_ADDRESS")));
1003 /* Try to connect to the buses, if possible. */
1004 return bus_init(m
, try_bus_connect
);
1007 static unsigned manager_dispatch_cleanup_queue(Manager
*m
) {
1013 while ((u
= m
->cleanup_queue
)) {
1014 assert(u
->in_cleanup_queue
);
1024 GC_OFFSET_IN_PATH
, /* This one is on the path we were traveling */
1025 GC_OFFSET_UNSURE
, /* No clue */
1026 GC_OFFSET_GOOD
, /* We still need this unit */
1027 GC_OFFSET_BAD
, /* We don't need this unit anymore */
1031 static void unit_gc_mark_good(Unit
*u
, unsigned gc_marker
) {
1036 u
->gc_marker
= gc_marker
+ GC_OFFSET_GOOD
;
1038 /* Recursively mark referenced units as GOOD as well */
1039 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCES
], i
)
1040 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_UNSURE
)
1041 unit_gc_mark_good(other
, gc_marker
);
1044 static void unit_gc_sweep(Unit
*u
, unsigned gc_marker
) {
1052 if (IN_SET(u
->gc_marker
- gc_marker
,
1053 GC_OFFSET_GOOD
, GC_OFFSET_BAD
, GC_OFFSET_UNSURE
, GC_OFFSET_IN_PATH
))
1056 if (u
->in_cleanup_queue
)
1059 if (unit_check_gc(u
))
1062 u
->gc_marker
= gc_marker
+ GC_OFFSET_IN_PATH
;
1066 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCED_BY
], i
) {
1067 unit_gc_sweep(other
, gc_marker
);
1069 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_GOOD
)
1072 if (other
->gc_marker
!= gc_marker
+ GC_OFFSET_BAD
)
1079 /* We were unable to find anything out about this entry, so
1080 * let's investigate it later */
1081 u
->gc_marker
= gc_marker
+ GC_OFFSET_UNSURE
;
1082 unit_add_to_gc_queue(u
);
1086 /* We definitely know that this one is not useful anymore, so
1087 * let's mark it for deletion */
1088 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1089 unit_add_to_cleanup_queue(u
);
1093 unit_gc_mark_good(u
, gc_marker
);
1096 static unsigned manager_dispatch_gc_unit_queue(Manager
*m
) {
1097 unsigned n
= 0, gc_marker
;
1102 /* log_debug("Running GC..."); */
1104 m
->gc_marker
+= _GC_OFFSET_MAX
;
1105 if (m
->gc_marker
+ _GC_OFFSET_MAX
<= _GC_OFFSET_MAX
)
1108 gc_marker
= m
->gc_marker
;
1110 while ((u
= m
->gc_unit_queue
)) {
1111 assert(u
->in_gc_queue
);
1113 unit_gc_sweep(u
, gc_marker
);
1115 LIST_REMOVE(gc_queue
, m
->gc_unit_queue
, u
);
1116 u
->in_gc_queue
= false;
1120 if (IN_SET(u
->gc_marker
- gc_marker
,
1121 GC_OFFSET_BAD
, GC_OFFSET_UNSURE
)) {
1123 log_unit_debug(u
, "Collecting.");
1124 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1125 unit_add_to_cleanup_queue(u
);
1132 static unsigned manager_dispatch_gc_job_queue(Manager
*m
) {
1138 while ((j
= m
->gc_job_queue
)) {
1139 assert(j
->in_gc_queue
);
1141 LIST_REMOVE(gc_queue
, m
->gc_job_queue
, j
);
1142 j
->in_gc_queue
= false;
1146 if (job_check_gc(j
))
1149 log_unit_debug(j
->unit
, "Collecting job.");
1150 (void) job_finish_and_invalidate(j
, JOB_COLLECTED
, false, false);
1156 static void manager_clear_jobs_and_units(Manager
*m
) {
1161 while ((u
= hashmap_first(m
->units
)))
1164 manager_dispatch_cleanup_queue(m
);
1166 assert(!m
->load_queue
);
1167 assert(!m
->run_queue
);
1168 assert(!m
->dbus_unit_queue
);
1169 assert(!m
->dbus_job_queue
);
1170 assert(!m
->cleanup_queue
);
1171 assert(!m
->gc_unit_queue
);
1172 assert(!m
->gc_job_queue
);
1174 assert(hashmap_isempty(m
->jobs
));
1175 assert(hashmap_isempty(m
->units
));
1177 m
->n_on_console
= 0;
1178 m
->n_running_jobs
= 0;
1181 Manager
* manager_free(Manager
*m
) {
1184 ExecDirectoryType dt
;
1189 manager_clear_jobs_and_units(m
);
1191 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++)
1192 if (unit_vtable
[c
]->shutdown
)
1193 unit_vtable
[c
]->shutdown(m
);
1195 /* If we reexecute ourselves, we keep the root cgroup around */
1196 manager_shutdown_cgroup(m
, m
->exit_code
!= MANAGER_REEXECUTE
);
1198 lookup_paths_flush_generator(&m
->lookup_paths
);
1202 dynamic_user_vacuum(m
, false);
1203 hashmap_free(m
->dynamic_users
);
1205 hashmap_free(m
->units
);
1206 hashmap_free(m
->units_by_invocation_id
);
1207 hashmap_free(m
->jobs
);
1208 hashmap_free(m
->watch_pids
);
1209 hashmap_free(m
->watch_bus
);
1211 set_free(m
->startup_units
);
1212 set_free(m
->failed_units
);
1214 sd_event_source_unref(m
->signal_event_source
);
1215 sd_event_source_unref(m
->sigchld_event_source
);
1216 sd_event_source_unref(m
->notify_event_source
);
1217 sd_event_source_unref(m
->cgroups_agent_event_source
);
1218 sd_event_source_unref(m
->time_change_event_source
);
1219 sd_event_source_unref(m
->jobs_in_progress_event_source
);
1220 sd_event_source_unref(m
->run_queue_event_source
);
1221 sd_event_source_unref(m
->user_lookup_event_source
);
1223 safe_close(m
->signal_fd
);
1224 safe_close(m
->notify_fd
);
1225 safe_close(m
->cgroups_agent_fd
);
1226 safe_close(m
->time_change_fd
);
1227 safe_close_pair(m
->user_lookup_fds
);
1229 manager_close_ask_password(m
);
1231 manager_close_idle_pipe(m
);
1233 udev_unref(m
->udev
);
1234 sd_event_unref(m
->event
);
1236 free(m
->notify_socket
);
1238 lookup_paths_free(&m
->lookup_paths
);
1239 strv_free(m
->environment
);
1241 hashmap_free(m
->cgroup_unit
);
1242 set_free_free(m
->unit_path_cache
);
1244 free(m
->switch_root
);
1245 free(m
->switch_root_init
);
1247 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
1248 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
1250 assert(hashmap_isempty(m
->units_requiring_mounts_for
));
1251 hashmap_free(m
->units_requiring_mounts_for
);
1253 hashmap_free(m
->uid_refs
);
1254 hashmap_free(m
->gid_refs
);
1256 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++)
1257 m
->prefix
[dt
] = mfree(m
->prefix
[dt
]);
1262 void manager_enumerate(Manager
*m
) {
1267 /* Let's ask every type to load all units from disk/kernel
1268 * that it might know */
1269 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++) {
1270 if (!unit_type_supported(c
)) {
1271 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c
));
1275 if (!unit_vtable
[c
]->enumerate
)
1278 unit_vtable
[c
]->enumerate(m
);
1281 manager_dispatch_load_queue(m
);
1284 static void manager_coldplug(Manager
*m
) {
1292 /* Then, let's set up their initial state. */
1293 HASHMAP_FOREACH_KEY(u
, k
, m
->units
, i
) {
1295 /* ignore aliases */
1299 r
= unit_coldplug(u
);
1301 log_warning_errno(r
, "We couldn't coldplug %s, proceeding anyway: %m", u
->id
);
1305 static void manager_build_unit_path_cache(Manager
*m
) {
1311 set_free_free(m
->unit_path_cache
);
1313 m
->unit_path_cache
= set_new(&string_hash_ops
);
1314 if (!m
->unit_path_cache
) {
1319 /* This simply builds a list of files we know exist, so that
1320 * we don't always have to go to disk */
1322 STRV_FOREACH(i
, m
->lookup_paths
.search_path
) {
1323 _cleanup_closedir_
DIR *d
= NULL
;
1328 if (errno
!= ENOENT
)
1329 log_warning_errno(errno
, "Failed to open directory %s, ignoring: %m", *i
);
1333 FOREACH_DIRENT(de
, d
, r
= -errno
; goto fail
) {
1336 p
= strjoin(streq(*i
, "/") ? "" : *i
, "/", de
->d_name
);
1342 r
= set_consume(m
->unit_path_cache
, p
);
1351 log_warning_errno(r
, "Failed to build unit path cache, proceeding without: %m");
1352 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
1355 static void manager_distribute_fds(Manager
*m
, FDSet
*fds
) {
1361 HASHMAP_FOREACH(u
, m
->units
, i
) {
1363 if (fdset_size(fds
) <= 0)
1366 if (!UNIT_VTABLE(u
)->distribute_fds
)
1369 UNIT_VTABLE(u
)->distribute_fds(u
, fds
);
1373 int manager_startup(Manager
*m
, FILE *serialization
, FDSet
*fds
) {
1378 /* If we are running in test mode, we still want to run the generators,
1379 * but we should not touch the real generator directories. */
1380 r
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
,
1381 m
->test_run_flags
? LOOKUP_PATHS_TEMPORARY_GENERATED
: 0,
1386 r
= manager_run_environment_generators(m
);
1390 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_GENERATORS_START
);
1391 r
= manager_run_generators(m
);
1392 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_GENERATORS_FINISH
);
1396 /* If this is the first boot, and we are in the host system, then preset everything */
1397 if (m
->first_boot
> 0 &&
1398 MANAGER_IS_SYSTEM(m
) &&
1399 !m
->test_run_flags
) {
1401 r
= unit_file_preset_all(UNIT_FILE_SYSTEM
, 0, NULL
, UNIT_FILE_PRESET_ENABLE_ONLY
, NULL
, 0);
1403 log_full_errno(r
== -EEXIST
? LOG_NOTICE
: LOG_WARNING
, r
,
1404 "Failed to populate /etc with preset unit settings, ignoring: %m");
1406 log_info("Populated /etc with preset unit settings.");
1409 lookup_paths_reduce(&m
->lookup_paths
);
1410 manager_build_unit_path_cache(m
);
1412 /* If we will deserialize make sure that during enumeration
1413 * this is already known, so we increase the counter here
1418 /* First, enumerate what we can from all config files */
1419 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_UNITS_LOAD_START
);
1420 manager_enumerate(m
);
1421 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_UNITS_LOAD_FINISH
);
1423 /* Second, deserialize if there is something to deserialize */
1424 if (serialization
) {
1425 r
= manager_deserialize(m
, serialization
, fds
);
1427 return log_error_errno(r
, "Deserialization failed: %m");
1430 /* Any fds left? Find some unit which wants them. This is
1431 * useful to allow container managers to pass some file
1432 * descriptors to us pre-initialized. This enables
1433 * socket-based activation of entire containers. */
1434 manager_distribute_fds(m
, fds
);
1436 /* We might have deserialized the notify fd, but if we didn't
1437 * then let's create the bus now */
1438 r
= manager_setup_notify(m
);
1440 /* No sense to continue without notifications, our children would fail anyway. */
1443 r
= manager_setup_cgroups_agent(m
);
1445 /* Likewise, no sense to continue without empty cgroup notifications. */
1448 r
= manager_setup_user_lookup_fd(m
);
1450 /* This shouldn't fail, except if things are really broken. */
1453 /* Let's connect to the bus now. */
1454 (void) manager_connect_bus(m
, !!serialization
);
1456 (void) bus_track_coldplug(m
, &m
->subscribed
, false, m
->deserialized_subscribed
);
1457 m
->deserialized_subscribed
= strv_free(m
->deserialized_subscribed
);
1459 /* Third, fire things up! */
1460 manager_coldplug(m
);
1462 /* Release any dynamic users no longer referenced */
1463 dynamic_user_vacuum(m
, true);
1465 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1466 manager_vacuum_uid_refs(m
);
1467 manager_vacuum_gid_refs(m
);
1469 if (serialization
) {
1470 assert(m
->n_reloading
> 0);
1473 /* Let's wait for the UnitNew/JobNew messages being
1474 * sent, before we notify that the reload is
1476 m
->send_reloading_done
= true;
1482 int manager_add_job(Manager
*m
, JobType type
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
, Job
**_ret
) {
1487 assert(type
< _JOB_TYPE_MAX
);
1489 assert(mode
< _JOB_MODE_MAX
);
1491 if (mode
== JOB_ISOLATE
&& type
!= JOB_START
)
1492 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Isolate is only valid for start.");
1494 if (mode
== JOB_ISOLATE
&& !unit
->allow_isolate
)
1495 return sd_bus_error_setf(e
, BUS_ERROR_NO_ISOLATION
, "Operation refused, unit may not be isolated.");
1497 log_unit_debug(unit
, "Trying to enqueue job %s/%s/%s", unit
->id
, job_type_to_string(type
), job_mode_to_string(mode
));
1499 type
= job_type_collapse(type
, unit
);
1501 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1505 r
= transaction_add_job_and_dependencies(tr
, type
, unit
, NULL
, true, false,
1506 IN_SET(mode
, JOB_IGNORE_DEPENDENCIES
, JOB_IGNORE_REQUIREMENTS
),
1507 mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1511 if (mode
== JOB_ISOLATE
) {
1512 r
= transaction_add_isolate_jobs(tr
, m
);
1517 r
= transaction_activate(tr
, m
, mode
, e
);
1521 log_unit_debug(unit
,
1522 "Enqueued job %s/%s as %u", unit
->id
,
1523 job_type_to_string(type
), (unsigned) tr
->anchor_job
->id
);
1526 *_ret
= tr
->anchor_job
;
1528 transaction_free(tr
);
1532 transaction_abort(tr
);
1533 transaction_free(tr
);
1537 int manager_add_job_by_name(Manager
*m
, JobType type
, const char *name
, JobMode mode
, sd_bus_error
*e
, Job
**ret
) {
1538 Unit
*unit
= NULL
; /* just to appease gcc, initialization is not really necessary */
1542 assert(type
< _JOB_TYPE_MAX
);
1544 assert(mode
< _JOB_MODE_MAX
);
1546 r
= manager_load_unit(m
, name
, NULL
, NULL
, &unit
);
1551 return manager_add_job(m
, type
, unit
, mode
, e
, ret
);
1554 int manager_add_job_by_name_and_warn(Manager
*m
, JobType type
, const char *name
, JobMode mode
, Job
**ret
) {
1555 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1559 assert(type
< _JOB_TYPE_MAX
);
1561 assert(mode
< _JOB_MODE_MAX
);
1563 r
= manager_add_job_by_name(m
, type
, name
, mode
, &error
, ret
);
1565 return log_warning_errno(r
, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode
), name
, bus_error_message(&error
, r
));
1570 int manager_propagate_reload(Manager
*m
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
) {
1576 assert(mode
< _JOB_MODE_MAX
);
1577 assert(mode
!= JOB_ISOLATE
); /* Isolate is only valid for start */
1579 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1583 /* We need an anchor job */
1584 r
= transaction_add_job_and_dependencies(tr
, JOB_NOP
, unit
, NULL
, false, false, true, true, e
);
1588 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1589 transaction_add_propagate_reload_jobs(tr
, unit
, tr
->anchor_job
, mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1591 r
= transaction_activate(tr
, m
, mode
, e
);
1595 transaction_free(tr
);
1599 transaction_abort(tr
);
1600 transaction_free(tr
);
1604 Job
*manager_get_job(Manager
*m
, uint32_t id
) {
1607 return hashmap_get(m
->jobs
, UINT32_TO_PTR(id
));
1610 Unit
*manager_get_unit(Manager
*m
, const char *name
) {
1614 return hashmap_get(m
->units
, name
);
1617 unsigned manager_dispatch_load_queue(Manager
*m
) {
1623 /* Make sure we are not run recursively */
1624 if (m
->dispatching_load_queue
)
1627 m
->dispatching_load_queue
= true;
1629 /* Dispatches the load queue. Takes a unit from the queue and
1630 * tries to load its data until the queue is empty */
1632 while ((u
= m
->load_queue
)) {
1633 assert(u
->in_load_queue
);
1639 m
->dispatching_load_queue
= false;
1643 int manager_load_unit_prepare(
1655 assert(name
|| path
);
1658 /* This will prepare the unit for loading, but not actually
1659 * load anything from disk. */
1661 if (path
&& !is_path(path
))
1662 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Path %s is not absolute.", path
);
1665 name
= basename(path
);
1667 t
= unit_name_to_type(name
);
1669 if (t
== _UNIT_TYPE_INVALID
|| !unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
)) {
1670 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
))
1671 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is missing the instance name.", name
);
1673 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is not valid.", name
);
1676 ret
= manager_get_unit(m
, name
);
1682 ret
= unit_new(m
, unit_vtable
[t
]->object_size
);
1687 ret
->fragment_path
= strdup(path
);
1688 if (!ret
->fragment_path
) {
1694 r
= unit_add_name(ret
, name
);
1700 unit_add_to_load_queue(ret
);
1701 unit_add_to_dbus_queue(ret
);
1702 unit_add_to_gc_queue(ret
);
1709 int manager_load_unit(
1721 /* This will load the service information files, but not actually
1722 * start any services or anything. */
1724 r
= manager_load_unit_prepare(m
, name
, path
, e
, _ret
);
1728 manager_dispatch_load_queue(m
);
1730 *_ret
= unit_follow_merge(*_ret
);
1735 void manager_dump_jobs(Manager
*s
, FILE *f
, const char *prefix
) {
1742 HASHMAP_FOREACH(j
, s
->jobs
, i
)
1743 job_dump(j
, f
, prefix
);
1746 void manager_dump_units(Manager
*s
, FILE *f
, const char *prefix
) {
1754 HASHMAP_FOREACH_KEY(u
, t
, s
->units
, i
)
1756 unit_dump(u
, f
, prefix
);
1759 void manager_dump(Manager
*m
, FILE *f
, const char *prefix
) {
1765 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
1766 char buf
[FORMAT_TIMESTAMP_MAX
];
1768 if (dual_timestamp_is_set(m
->timestamps
+ q
))
1769 fprintf(f
, "%sTimestamp %s: %s\n",
1771 manager_timestamp_to_string(q
),
1772 format_timestamp(buf
, sizeof(buf
), m
->timestamps
[q
].realtime
));
1775 manager_dump_units(m
, f
, prefix
);
1776 manager_dump_jobs(m
, f
, prefix
);
1779 int manager_get_dump_string(Manager
*m
, char **ret
) {
1780 _cleanup_free_
char *dump
= NULL
;
1781 _cleanup_fclose_
FILE *f
= NULL
;
1788 f
= open_memstream(&dump
, &size
);
1792 (void) __fsetlocking(f
, FSETLOCKING_BYCALLER
);
1794 manager_dump(m
, f
, NULL
);
1796 r
= fflush_and_check(f
);
1808 void manager_clear_jobs(Manager
*m
) {
1813 while ((j
= hashmap_first(m
->jobs
)))
1814 /* No need to recurse. We're cancelling all jobs. */
1815 job_finish_and_invalidate(j
, JOB_CANCELED
, false, false);
1818 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
) {
1819 Manager
*m
= userdata
;
1825 while ((j
= m
->run_queue
)) {
1826 assert(j
->installed
);
1827 assert(j
->in_run_queue
);
1829 job_run_and_invalidate(j
);
1832 if (m
->n_running_jobs
> 0)
1833 manager_watch_jobs_in_progress(m
);
1835 if (m
->n_on_console
> 0)
1836 manager_watch_idle_pipe(m
);
1841 static unsigned manager_dispatch_dbus_queue(Manager
*m
) {
1848 if (m
->dispatching_dbus_queue
)
1851 m
->dispatching_dbus_queue
= true;
1853 while ((u
= m
->dbus_unit_queue
)) {
1854 assert(u
->in_dbus_queue
);
1856 bus_unit_send_change_signal(u
);
1860 while ((j
= m
->dbus_job_queue
)) {
1861 assert(j
->in_dbus_queue
);
1863 bus_job_send_change_signal(j
);
1867 m
->dispatching_dbus_queue
= false;
1869 if (m
->send_reloading_done
) {
1870 m
->send_reloading_done
= false;
1872 bus_manager_send_reloading(m
, false);
1875 if (m
->queued_message
)
1876 bus_send_queued_message(m
);
1881 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
1882 Manager
*m
= userdata
;
1883 char buf
[PATH_MAX
+1];
1886 n
= recv(fd
, buf
, sizeof(buf
), 0);
1888 return log_error_errno(errno
, "Failed to read cgroups agent message: %m");
1890 log_error("Got zero-length cgroups agent message, ignoring.");
1893 if ((size_t) n
>= sizeof(buf
)) {
1894 log_error("Got overly long cgroups agent message, ignoring.");
1898 if (memchr(buf
, 0, n
)) {
1899 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1904 manager_notify_cgroup_empty(m
, buf
);
1905 (void) bus_forward_agent_released(m
, buf
);
1910 static void manager_invoke_notify_message(
1913 const struct ucred
*ucred
,
1922 if (u
->notifygen
== m
->notifygen
) /* Already invoked on this same unit in this same iteration? */
1924 u
->notifygen
= m
->notifygen
;
1926 if (UNIT_VTABLE(u
)->notify_message
) {
1927 _cleanup_strv_free_
char **tags
= NULL
;
1929 tags
= strv_split(buf
, NEWLINE
);
1935 UNIT_VTABLE(u
)->notify_message(u
, ucred
, tags
, fds
);
1937 } else if (DEBUG_LOGGING
) {
1938 _cleanup_free_
char *x
= NULL
, *y
= NULL
;
1940 x
= ellipsize(buf
, 20, 90);
1944 log_unit_debug(u
, "Got notification message \"%s\", ignoring.", strnull(y
));
1948 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
1950 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1951 Manager
*m
= userdata
;
1952 char buf
[NOTIFY_BUFFER_MAX
+1];
1953 struct iovec iovec
= {
1955 .iov_len
= sizeof(buf
)-1,
1958 struct cmsghdr cmsghdr
;
1959 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1960 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX
)];
1962 struct msghdr msghdr
= {
1965 .msg_control
= &control
,
1966 .msg_controllen
= sizeof(control
),
1969 struct cmsghdr
*cmsg
;
1970 struct ucred
*ucred
= NULL
;
1971 _cleanup_free_ Unit
**array_copy
= NULL
;
1972 Unit
*u1
, *u2
, **array
;
1973 int r
, *fd_array
= NULL
;
1979 assert(m
->notify_fd
== fd
);
1981 if (revents
!= EPOLLIN
) {
1982 log_warning("Got unexpected poll event for notify fd.");
1986 n
= recvmsg(m
->notify_fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
|MSG_TRUNC
);
1988 if (IN_SET(errno
, EAGAIN
, EINTR
))
1989 return 0; /* Spurious wakeup, try again */
1991 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1992 * won't take notification messages anymore, but that's still better than busy looping around this:
1993 * being woken up over and over again but being unable to actually read the message off the socket. */
1994 return log_error_errno(errno
, "Failed to receive notification message: %m");
1997 CMSG_FOREACH(cmsg
, &msghdr
) {
1998 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
2000 fd_array
= (int*) CMSG_DATA(cmsg
);
2001 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
2003 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2004 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
2005 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
))) {
2007 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
2014 r
= fdset_new_array(&fds
, fd_array
, n_fds
);
2016 close_many(fd_array
, n_fds
);
2022 if (!ucred
|| !pid_is_valid(ucred
->pid
)) {
2023 log_warning("Received notify message without valid credentials. Ignoring.");
2027 if ((size_t) n
>= sizeof(buf
) || (msghdr
.msg_flags
& MSG_TRUNC
)) {
2028 log_warning("Received notify message exceeded maximum size. Ignoring.");
2032 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
2033 * trailing NUL byte in the message, but don't expect it. */
2034 if (n
> 1 && memchr(buf
, 0, n
-1)) {
2035 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
2039 /* Make sure it's NUL-terminated. */
2042 /* Increase the generation counter used for filtering out duplicate unit invocations. */
2045 /* Notify every unit that might be interested, which might be multiple. */
2046 u1
= manager_get_unit_by_pid_cgroup(m
, ucred
->pid
);
2047 u2
= hashmap_get(m
->watch_pids
, PID_TO_PTR(ucred
->pid
));
2048 array
= hashmap_get(m
->watch_pids
, PID_TO_PTR(-ucred
->pid
));
2055 array_copy
= newdup(Unit
*, array
, k
+1);
2059 /* And now invoke the per-unit callbacks. Note that manager_invoke_notify_message() will handle duplicate units
2060 * make sure we only invoke each unit's handler once. */
2062 manager_invoke_notify_message(m
, u1
, ucred
, buf
, fds
);
2066 manager_invoke_notify_message(m
, u2
, ucred
, buf
, fds
);
2070 for (size_t i
= 0; array_copy
[i
]; i
++) {
2071 manager_invoke_notify_message(m
, array_copy
[i
], ucred
, buf
, fds
);
2076 log_warning("Cannot find unit for notify message of PID "PID_FMT
", ignoring.", ucred
->pid
);
2078 if (fdset_size(fds
) > 0)
2079 log_warning("Got extra auxiliary fds with notification message, closing them.");
2084 static void manager_invoke_sigchld_event(
2087 const siginfo_t
*si
) {
2093 /* Already invoked the handler of this unit in this iteration? Then don't process this again */
2094 if (u
->sigchldgen
== m
->sigchldgen
)
2096 u
->sigchldgen
= m
->sigchldgen
;
2098 log_unit_debug(u
, "Child "PID_FMT
" belongs to %s.", si
->si_pid
, u
->id
);
2099 unit_unwatch_pid(u
, si
->si_pid
);
2101 if (UNIT_VTABLE(u
)->sigchld_event
)
2102 UNIT_VTABLE(u
)->sigchld_event(u
, si
->si_pid
, si
->si_code
, si
->si_status
);
2105 static int manager_dispatch_sigchld(sd_event_source
*source
, void *userdata
) {
2106 Manager
*m
= userdata
;
2113 /* First we call waitd() for a PID and do not reap the zombie. That way we can still access /proc/$PID for it
2114 * while it is a zombie. */
2116 if (waitid(P_ALL
, 0, &si
, WEXITED
|WNOHANG
|WNOWAIT
) < 0) {
2118 if (errno
== ECHILD
)
2121 log_error_errno(errno
, "Failed to peek for child with waitid(), ignoring: %m");
2128 if (IN_SET(si
.si_code
, CLD_EXITED
, CLD_KILLED
, CLD_DUMPED
)) {
2129 _cleanup_free_ Unit
**array_copy
= NULL
;
2130 _cleanup_free_
char *name
= NULL
;
2131 Unit
*u1
, *u2
, **array
;
2133 (void) get_process_comm(si
.si_pid
, &name
);
2135 log_debug("Child "PID_FMT
" (%s) died (code=%s, status=%i/%s)",
2136 si
.si_pid
, strna(name
),
2137 sigchld_code_to_string(si
.si_code
),
2139 strna(si
.si_code
== CLD_EXITED
2140 ? exit_status_to_string(si
.si_status
, EXIT_STATUS_FULL
)
2141 : signal_to_string(si
.si_status
)));
2143 /* Increase the generation counter used for filtering out duplicate unit invocations */
2146 /* And now figure out the unit this belongs to, it might be multiple... */
2147 u1
= manager_get_unit_by_pid_cgroup(m
, si
.si_pid
);
2148 u2
= hashmap_get(m
->watch_pids
, PID_TO_PTR(si
.si_pid
));
2149 array
= hashmap_get(m
->watch_pids
, PID_TO_PTR(-si
.si_pid
));
2153 /* Cound how many entries the array has */
2157 /* Make a copy of the array so that we don't trip up on the array changing beneath us */
2158 array_copy
= newdup(Unit
*, array
, n
+1);
2163 /* Finally, execute them all. Note that u1, u2 and the array might contain duplicates, but
2164 * that's fine, manager_invoke_sigchld_event() will ensure we only invoke the handlers once for
2165 * each iteration. */
2167 manager_invoke_sigchld_event(m
, u1
, &si
);
2169 manager_invoke_sigchld_event(m
, u2
, &si
);
2171 for (size_t i
= 0; array_copy
[i
]; i
++)
2172 manager_invoke_sigchld_event(m
, array_copy
[i
], &si
);
2175 /* And now, we actually reap the zombie. */
2176 if (waitid(P_PID
, si
.si_pid
, &si
, WEXITED
) < 0) {
2177 log_error_errno(errno
, "Failed to dequeue child, ignoring: %m");
2184 /* All children processed for now, turn off event source */
2186 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_OFF
);
2188 return log_error_errno(r
, "Failed to disable SIGCHLD event source: %m");
2193 static void manager_start_target(Manager
*m
, const char *name
, JobMode mode
) {
2194 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2197 log_debug("Activating special unit %s", name
);
2199 r
= manager_add_job_by_name(m
, JOB_START
, name
, mode
, &error
, NULL
);
2201 log_error("Failed to enqueue %s job: %s", name
, bus_error_message(&error
, r
));
2204 static void manager_handle_ctrl_alt_del(Manager
*m
) {
2205 /* If the user presses C-A-D more than
2206 * 7 times within 2s, we reboot/shutdown immediately,
2207 * unless it was disabled in system.conf */
2209 if (ratelimit_test(&m
->ctrl_alt_del_ratelimit
) || m
->cad_burst_action
== EMERGENCY_ACTION_NONE
)
2210 manager_start_target(m
, SPECIAL_CTRL_ALT_DEL_TARGET
, JOB_REPLACE_IRREVERSIBLY
);
2212 emergency_action(m
, m
->cad_burst_action
, NULL
,
2213 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2216 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2217 Manager
*m
= userdata
;
2219 struct signalfd_siginfo sfsi
;
2223 assert(m
->signal_fd
== fd
);
2225 if (revents
!= EPOLLIN
) {
2226 log_warning("Got unexpected events from signal file descriptor.");
2230 n
= read(m
->signal_fd
, &sfsi
, sizeof(sfsi
));
2231 if (n
!= sizeof(sfsi
)) {
2233 log_warning("Truncated read from signal fd (%zu bytes), ignoring!", n
);
2237 if (IN_SET(errno
, EINTR
, EAGAIN
))
2240 /* We return an error here, which will kill this handler,
2241 * to avoid a busy loop on read error. */
2242 return log_error_errno(errno
, "Reading from signal fd failed: %m");
2245 log_received_signal(sfsi
.ssi_signo
== SIGCHLD
||
2246 (sfsi
.ssi_signo
== SIGTERM
&& MANAGER_IS_USER(m
))
2247 ? LOG_DEBUG
: LOG_INFO
,
2250 switch (sfsi
.ssi_signo
) {
2253 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_ON
);
2255 log_warning_errno(r
, "Failed to enable SIGCHLD even source, ignoring: %m");
2260 if (MANAGER_IS_SYSTEM(m
)) {
2261 /* This is for compatibility with the
2262 * original sysvinit */
2263 r
= verify_run_space_and_log("Refusing to reexecute");
2265 m
->exit_code
= MANAGER_REEXECUTE
;
2271 if (MANAGER_IS_SYSTEM(m
))
2272 manager_handle_ctrl_alt_del(m
);
2274 manager_start_target(m
, SPECIAL_EXIT_TARGET
,
2275 JOB_REPLACE_IRREVERSIBLY
);
2279 if (MANAGER_IS_SYSTEM(m
))
2280 manager_start_target(m
, SPECIAL_KBREQUEST_TARGET
, JOB_REPLACE
);
2282 /* This is a nop on non-init */
2286 if (MANAGER_IS_SYSTEM(m
))
2287 manager_start_target(m
, SPECIAL_SIGPWR_TARGET
, JOB_REPLACE
);
2289 /* This is a nop on non-init */
2295 u
= manager_get_unit(m
, SPECIAL_DBUS_SERVICE
);
2297 if (!u
|| UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
))) {
2298 log_info("Trying to reconnect to bus...");
2302 if (!u
|| !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
))) {
2303 log_info("Loading D-Bus service...");
2304 manager_start_target(m
, SPECIAL_DBUS_SERVICE
, JOB_REPLACE
);
2311 _cleanup_free_
char *dump
= NULL
;
2313 r
= manager_get_dump_string(m
, &dump
);
2315 log_warning_errno(errno
, "Failed to acquire manager dump: %m");
2319 log_dump(LOG_INFO
, dump
);
2324 r
= verify_run_space_and_log("Refusing to reload");
2326 m
->exit_code
= MANAGER_RELOAD
;
2331 /* Starting SIGRTMIN+0 */
2332 static const struct {
2335 } target_table
[] = {
2336 [0] = { SPECIAL_DEFAULT_TARGET
, JOB_ISOLATE
},
2337 [1] = { SPECIAL_RESCUE_TARGET
, JOB_ISOLATE
},
2338 [2] = { SPECIAL_EMERGENCY_TARGET
, JOB_ISOLATE
},
2339 [3] = { SPECIAL_HALT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2340 [4] = { SPECIAL_POWEROFF_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2341 [5] = { SPECIAL_REBOOT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2342 [6] = { SPECIAL_KEXEC_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2345 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2346 static const ManagerExitCode code_table
[] = {
2348 [1] = MANAGER_POWEROFF
,
2349 [2] = MANAGER_REBOOT
,
2350 [3] = MANAGER_KEXEC
,
2353 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+0 &&
2354 (int) sfsi
.ssi_signo
< SIGRTMIN
+(int) ELEMENTSOF(target_table
)) {
2355 int idx
= (int) sfsi
.ssi_signo
- SIGRTMIN
;
2356 manager_start_target(m
, target_table
[idx
].target
,
2357 target_table
[idx
].mode
);
2361 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+13 &&
2362 (int) sfsi
.ssi_signo
< SIGRTMIN
+13+(int) ELEMENTSOF(code_table
)) {
2363 m
->exit_code
= code_table
[sfsi
.ssi_signo
- SIGRTMIN
- 13];
2367 switch (sfsi
.ssi_signo
- SIGRTMIN
) {
2370 manager_set_show_status(m
, SHOW_STATUS_YES
);
2374 manager_set_show_status(m
, SHOW_STATUS_NO
);
2378 log_set_max_level(LOG_DEBUG
);
2379 log_info("Setting log level to debug.");
2383 log_set_max_level(LOG_INFO
);
2384 log_info("Setting log level to info.");
2388 if (MANAGER_IS_USER(m
)) {
2389 m
->exit_code
= MANAGER_EXIT
;
2393 /* This is a nop on init */
2397 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2398 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG
);
2399 log_notice("Setting log target to journal-or-kmsg.");
2403 log_set_target(LOG_TARGET_CONSOLE
);
2404 log_notice("Setting log target to console.");
2408 log_set_target(LOG_TARGET_KMSG
);
2409 log_notice("Setting log target to kmsg.");
2413 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi
.ssi_signo
));
2420 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2421 Manager
*m
= userdata
;
2426 assert(m
->time_change_fd
== fd
);
2428 log_struct(LOG_DEBUG
,
2429 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR
,
2430 LOG_MESSAGE("Time has been changed"),
2433 /* Restart the watch */
2434 m
->time_change_event_source
= sd_event_source_unref(m
->time_change_event_source
);
2435 m
->time_change_fd
= safe_close(m
->time_change_fd
);
2437 manager_setup_time_change(m
);
2439 HASHMAP_FOREACH(u
, m
->units
, i
)
2440 if (UNIT_VTABLE(u
)->time_change
)
2441 UNIT_VTABLE(u
)->time_change(u
);
2446 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2447 Manager
*m
= userdata
;
2450 assert(m
->idle_pipe
[2] == fd
);
2452 /* There's at least one Type=idle child that just gave up on us waiting for the boot process to complete. Let's
2453 * now turn off any further console output if there's at least one service that needs console access, so that
2454 * from now on our own output should not spill into that service's output anymore. After all, we support
2455 * Type=idle only to beautify console output and it generally is set on services that want to own the console
2456 * exclusively without our interference. */
2457 m
->no_console_output
= m
->n_on_console
> 0;
2459 /* Acknowledge the child's request, and let all all other children know too that they shouldn't wait any longer
2460 * by closing the pipes towards them, which is what they are waiting for. */
2461 manager_close_idle_pipe(m
);
2466 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
) {
2467 Manager
*m
= userdata
;
2474 manager_print_jobs_in_progress(m
);
2476 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_PERIOD_USEC
;
2477 r
= sd_event_source_set_time(source
, next
);
2481 return sd_event_source_set_enabled(source
, SD_EVENT_ONESHOT
);
2484 int manager_loop(Manager
*m
) {
2487 RATELIMIT_DEFINE(rl
, 1*USEC_PER_SEC
, 50000);
2490 m
->exit_code
= MANAGER_OK
;
2492 /* Release the path cache */
2493 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
2495 manager_check_finished(m
);
2497 /* There might still be some zombies hanging around from before we were exec()'ed. Let's reap them. */
2498 r
= sd_event_source_set_enabled(m
->sigchld_event_source
, SD_EVENT_ON
);
2500 return log_error_errno(r
, "Failed to enable SIGCHLD event source: %m");
2502 while (m
->exit_code
== MANAGER_OK
) {
2505 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
))
2508 if (!ratelimit_test(&rl
)) {
2509 /* Yay, something is going seriously wrong, pause a little */
2510 log_warning("Looping too fast. Throttling execution a little.");
2514 if (manager_dispatch_load_queue(m
) > 0)
2517 if (manager_dispatch_gc_job_queue(m
) > 0)
2520 if (manager_dispatch_gc_unit_queue(m
) > 0)
2523 if (manager_dispatch_cleanup_queue(m
) > 0)
2526 if (manager_dispatch_cgroup_realize_queue(m
) > 0)
2529 if (manager_dispatch_dbus_queue(m
) > 0)
2532 /* Sleep for half the watchdog time */
2533 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
)) {
2534 wait_usec
= m
->runtime_watchdog
/ 2;
2538 wait_usec
= USEC_INFINITY
;
2540 r
= sd_event_run(m
->event
, wait_usec
);
2542 return log_error_errno(r
, "Failed to run event loop: %m");
2545 return m
->exit_code
;
2548 int manager_load_unit_from_dbus_path(Manager
*m
, const char *s
, sd_bus_error
*e
, Unit
**_u
) {
2549 _cleanup_free_
char *n
= NULL
;
2550 sd_id128_t invocation_id
;
2558 r
= unit_name_from_dbus_path(s
, &n
);
2562 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2563 * as invocation ID. */
2564 r
= sd_id128_from_string(n
, &invocation_id
);
2566 u
= hashmap_get(m
->units_by_invocation_id
, &invocation_id
);
2572 return sd_bus_error_setf(e
, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID
, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR
" known.", SD_ID128_FORMAT_VAL(invocation_id
));
2575 /* If this didn't work, we check if this is a unit name */
2576 if (!unit_name_is_valid(n
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
2577 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is neither a valid invocation ID nor unit name.", n
);
2579 r
= manager_load_unit(m
, n
, NULL
, e
, &u
);
2587 int manager_get_job_from_dbus_path(Manager
*m
, const char *s
, Job
**_j
) {
2597 p
= startswith(s
, "/org/freedesktop/systemd1/job/");
2601 r
= safe_atou(p
, &id
);
2605 j
= manager_get_job(m
, id
);
2614 void manager_send_unit_audit(Manager
*m
, Unit
*u
, int type
, bool success
) {
2617 _cleanup_free_
char *p
= NULL
;
2621 if (!MANAGER_IS_SYSTEM(m
))
2624 audit_fd
= get_audit_fd();
2628 /* Don't generate audit events if the service was already
2629 * started and we're just deserializing */
2630 if (MANAGER_IS_RELOADING(m
))
2633 if (u
->type
!= UNIT_SERVICE
)
2636 r
= unit_name_to_prefix_and_instance(u
->id
, &p
);
2638 log_error_errno(r
, "Failed to extract prefix and instance of unit name: %m");
2642 msg
= strjoina("unit=", p
);
2643 if (audit_log_user_comm_message(audit_fd
, type
, msg
, "systemd", NULL
, NULL
, NULL
, success
) < 0) {
2645 /* We aren't allowed to send audit messages?
2646 * Then let's not retry again. */
2649 log_warning_errno(errno
, "Failed to send audit message: %m");
2655 void manager_send_unit_plymouth(Manager
*m
, Unit
*u
) {
2656 static const union sockaddr_union sa
= PLYMOUTH_SOCKET
;
2657 _cleanup_free_
char *message
= NULL
;
2658 _cleanup_close_
int fd
= -1;
2661 /* Don't generate plymouth events if the service was already
2662 * started and we're just deserializing */
2663 if (MANAGER_IS_RELOADING(m
))
2666 if (!MANAGER_IS_SYSTEM(m
))
2669 if (detect_container() > 0)
2672 if (!IN_SET(u
->type
, UNIT_SERVICE
, UNIT_MOUNT
, UNIT_SWAP
))
2675 /* We set SOCK_NONBLOCK here so that we rather drop the
2676 * message then wait for plymouth */
2677 fd
= socket(AF_UNIX
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2679 log_error_errno(errno
, "socket() failed: %m");
2683 if (connect(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
)) < 0) {
2685 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2686 log_error_errno(errno
, "connect() failed: %m");
2690 if (asprintf(&message
, "U\002%c%s%n", (int) (strlen(u
->id
) + 1), u
->id
, &n
) < 0) {
2696 if (write(fd
, message
, n
+ 1) != n
+ 1)
2697 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2698 log_error_errno(errno
, "Failed to write Plymouth message: %m");
2701 int manager_open_serialization(Manager
*m
, FILE **_f
) {
2707 fd
= open_serialization_fd("systemd-state");
2711 f
= fdopen(fd
, "w+");
2721 int manager_serialize(Manager
*m
, FILE *f
, FDSet
*fds
, bool switching_root
) {
2734 fprintf(f
, "current-job-id=%"PRIu32
"\n", m
->current_job_id
);
2735 fprintf(f
, "n-installed-jobs=%u\n", m
->n_installed_jobs
);
2736 fprintf(f
, "n-failed-jobs=%u\n", m
->n_failed_jobs
);
2737 fprintf(f
, "taint-usr=%s\n", yes_no(m
->taint_usr
));
2738 fprintf(f
, "ready-sent=%s\n", yes_no(m
->ready_sent
));
2739 fprintf(f
, "taint-logged=%s\n", yes_no(m
->taint_logged
));
2740 fprintf(f
, "service-watchdogs=%s\n", yes_no(m
->service_watchdogs
));
2742 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
2743 /* The userspace and finish timestamps only apply to the host system, hence only serialize them there */
2744 if (in_initrd() && IN_SET(q
, MANAGER_TIMESTAMP_USERSPACE
, MANAGER_TIMESTAMP_FINISH
))
2747 t
= manager_timestamp_to_string(q
);
2749 char field
[strlen(t
) + STRLEN("-timestamp") + 1];
2750 strcpy(stpcpy(field
, t
), "-timestamp");
2751 dual_timestamp_serialize(f
, field
, m
->timestamps
+ q
);
2755 if (!switching_root
)
2756 (void) serialize_environment(f
, m
->environment
);
2758 if (m
->notify_fd
>= 0) {
2761 copy
= fdset_put_dup(fds
, m
->notify_fd
);
2765 fprintf(f
, "notify-fd=%i\n", copy
);
2766 fprintf(f
, "notify-socket=%s\n", m
->notify_socket
);
2769 if (m
->cgroups_agent_fd
>= 0) {
2772 copy
= fdset_put_dup(fds
, m
->cgroups_agent_fd
);
2776 fprintf(f
, "cgroups-agent-fd=%i\n", copy
);
2779 if (m
->user_lookup_fds
[0] >= 0) {
2782 copy0
= fdset_put_dup(fds
, m
->user_lookup_fds
[0]);
2786 copy1
= fdset_put_dup(fds
, m
->user_lookup_fds
[1]);
2790 fprintf(f
, "user-lookup=%i %i\n", copy0
, copy1
);
2793 bus_track_serialize(m
->subscribed
, f
, "subscribed");
2795 r
= dynamic_user_serialize(m
, f
, fds
);
2799 manager_serialize_uid_refs(m
, f
);
2800 manager_serialize_gid_refs(m
, f
);
2802 (void) fputc('\n', f
);
2804 HASHMAP_FOREACH_KEY(u
, t
, m
->units
, i
) {
2812 r
= unit_serialize(u
, f
, fds
, !switching_root
);
2819 assert(m
->n_reloading
> 0);
2825 r
= bus_fdset_add_all(m
, fds
);
2832 int manager_deserialize(Manager
*m
, FILE *f
, FDSet
*fds
) {
2838 log_debug("Deserializing state...");
2843 char line
[LINE_MAX
];
2844 const char *val
, *l
;
2846 if (!fgets(line
, sizeof(line
), f
)) {
2861 if ((val
= startswith(l
, "current-job-id="))) {
2864 if (safe_atou32(val
, &id
) < 0)
2865 log_notice("Failed to parse current job id value %s", val
);
2867 m
->current_job_id
= MAX(m
->current_job_id
, id
);
2869 } else if ((val
= startswith(l
, "n-installed-jobs="))) {
2872 if (safe_atou32(val
, &n
) < 0)
2873 log_notice("Failed to parse installed jobs counter %s", val
);
2875 m
->n_installed_jobs
+= n
;
2877 } else if ((val
= startswith(l
, "n-failed-jobs="))) {
2880 if (safe_atou32(val
, &n
) < 0)
2881 log_notice("Failed to parse failed jobs counter %s", val
);
2883 m
->n_failed_jobs
+= n
;
2885 } else if ((val
= startswith(l
, "taint-usr="))) {
2888 b
= parse_boolean(val
);
2890 log_notice("Failed to parse taint /usr flag %s", val
);
2892 m
->taint_usr
= m
->taint_usr
|| b
;
2894 } else if ((val
= startswith(l
, "ready-sent="))) {
2897 b
= parse_boolean(val
);
2899 log_notice("Failed to parse ready-sent flag %s", val
);
2901 m
->ready_sent
= m
->ready_sent
|| b
;
2903 } else if ((val
= startswith(l
, "taint-logged="))) {
2906 b
= parse_boolean(val
);
2908 log_notice("Failed to parse taint-logged flag %s", val
);
2910 m
->taint_logged
= m
->taint_logged
|| b
;
2912 } else if ((val
= startswith(l
, "service-watchdogs="))) {
2915 b
= parse_boolean(val
);
2917 log_notice("Failed to parse service-watchdogs flag %s", val
);
2919 m
->service_watchdogs
= b
;
2921 } else if (startswith(l
, "env=")) {
2922 r
= deserialize_environment(&m
->environment
, l
);
2926 log_notice_errno(r
, "Failed to parse environment entry: \"%s\": %m", l
);
2928 } else if ((val
= startswith(l
, "notify-fd="))) {
2931 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
2932 log_notice("Failed to parse notify fd: \"%s\"", val
);
2934 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
2935 safe_close(m
->notify_fd
);
2936 m
->notify_fd
= fdset_remove(fds
, fd
);
2939 } else if ((val
= startswith(l
, "notify-socket="))) {
2948 free(m
->notify_socket
);
2949 m
->notify_socket
= n
;
2951 } else if ((val
= startswith(l
, "cgroups-agent-fd="))) {
2954 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
2955 log_notice("Failed to parse cgroups agent fd: %s", val
);
2957 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
2958 safe_close(m
->cgroups_agent_fd
);
2959 m
->cgroups_agent_fd
= fdset_remove(fds
, fd
);
2962 } else if ((val
= startswith(l
, "user-lookup="))) {
2965 if (sscanf(val
, "%i %i", &fd0
, &fd1
) != 2 || fd0
< 0 || fd1
< 0 || fd0
== fd1
|| !fdset_contains(fds
, fd0
) || !fdset_contains(fds
, fd1
))
2966 log_notice("Failed to parse user lookup fd: %s", val
);
2968 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
2969 safe_close_pair(m
->user_lookup_fds
);
2970 m
->user_lookup_fds
[0] = fdset_remove(fds
, fd0
);
2971 m
->user_lookup_fds
[1] = fdset_remove(fds
, fd1
);
2974 } else if ((val
= startswith(l
, "dynamic-user=")))
2975 dynamic_user_deserialize_one(m
, val
, fds
);
2976 else if ((val
= startswith(l
, "destroy-ipc-uid=")))
2977 manager_deserialize_uid_refs_one(m
, val
);
2978 else if ((val
= startswith(l
, "destroy-ipc-gid=")))
2979 manager_deserialize_gid_refs_one(m
, val
);
2980 else if ((val
= startswith(l
, "subscribed="))) {
2982 if (strv_extend(&m
->deserialized_subscribed
, val
) < 0)
2987 for (q
= 0; q
< _MANAGER_TIMESTAMP_MAX
; q
++) {
2988 val
= startswith(l
, manager_timestamp_to_string(q
));
2992 val
= startswith(val
, "-timestamp=");
2997 if (q
< _MANAGER_TIMESTAMP_MAX
) /* found it */
2998 dual_timestamp_deserialize(val
, m
->timestamps
+ q
);
2999 else if (!startswith(l
, "kdbus-fd=")) /* ignore kdbus */
3000 log_notice("Unknown serialization item '%s'", l
);
3006 char name
[UNIT_NAME_MAX
+2];
3007 const char* unit_name
;
3010 if (!fgets(name
, sizeof(name
), f
)) {
3020 unit_name
= strstrip(name
);
3022 r
= manager_load_unit(m
, unit_name
, NULL
, NULL
, &u
);
3024 log_notice_errno(r
, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name
);
3027 unit_deserialize_skip(f
);
3031 r
= unit_deserialize(u
, f
, fds
);
3033 log_notice_errno(r
, "Failed to deserialize unit \"%s\": %m", unit_name
);
3043 assert(m
->n_reloading
> 0);
3049 int manager_reload(Manager
*m
) {
3051 _cleanup_fclose_
FILE *f
= NULL
;
3052 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
3056 r
= manager_open_serialization(m
, &f
);
3061 bus_manager_send_reloading(m
, true);
3069 r
= manager_serialize(m
, f
, fds
, false);
3075 if (fseeko(f
, 0, SEEK_SET
) < 0) {
3080 /* From here on there is no way back. */
3081 manager_clear_jobs_and_units(m
);
3082 lookup_paths_flush_generator(&m
->lookup_paths
);
3083 lookup_paths_free(&m
->lookup_paths
);
3084 dynamic_user_vacuum(m
, false);
3085 m
->uid_refs
= hashmap_free(m
->uid_refs
);
3086 m
->gid_refs
= hashmap_free(m
->gid_refs
);
3088 q
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
, 0, NULL
);
3089 if (q
< 0 && r
>= 0)
3092 q
= manager_run_environment_generators(m
);
3093 if (q
< 0 && r
>= 0)
3096 /* Find new unit paths */
3097 q
= manager_run_generators(m
);
3098 if (q
< 0 && r
>= 0)
3101 lookup_paths_reduce(&m
->lookup_paths
);
3102 manager_build_unit_path_cache(m
);
3104 /* First, enumerate what we can from all config files */
3105 manager_enumerate(m
);
3107 /* Second, deserialize our stored data */
3108 q
= manager_deserialize(m
, f
, fds
);
3110 log_error_errno(q
, "Deserialization failed: %m");
3119 /* Re-register notify_fd as event source */
3120 q
= manager_setup_notify(m
);
3121 if (q
< 0 && r
>= 0)
3124 q
= manager_setup_cgroups_agent(m
);
3125 if (q
< 0 && r
>= 0)
3128 q
= manager_setup_user_lookup_fd(m
);
3129 if (q
< 0 && r
>= 0)
3132 /* Third, fire things up! */
3133 manager_coldplug(m
);
3135 /* Release any dynamic users no longer referenced */
3136 dynamic_user_vacuum(m
, true);
3138 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
3139 manager_vacuum_uid_refs(m
);
3140 manager_vacuum_gid_refs(m
);
3142 /* It might be safe to log to the journal now. */
3143 manager_recheck_journal(m
);
3145 /* Sync current state of bus names with our set of listening units */
3147 manager_sync_bus_names(m
, m
->api_bus
);
3149 assert(m
->n_reloading
> 0);
3152 m
->send_reloading_done
= true;
3157 void manager_reset_failed(Manager
*m
) {
3163 HASHMAP_FOREACH(u
, m
->units
, i
)
3164 unit_reset_failed(u
);
3167 bool manager_unit_inactive_or_pending(Manager
*m
, const char *name
) {
3173 /* Returns true if the unit is inactive or going down */
3174 u
= manager_get_unit(m
, name
);
3178 return unit_inactive_or_pending(u
);
3181 static void log_taint_string(Manager
*m
) {
3182 _cleanup_free_
char *taint
= NULL
;
3186 if (MANAGER_IS_USER(m
) || m
->taint_logged
)
3189 m
->taint_logged
= true; /* only check for taint once */
3191 taint
= manager_taint_string(m
);
3195 log_struct(LOG_NOTICE
,
3196 LOG_MESSAGE("System is tainted: %s", taint
),
3198 "MESSAGE_ID=" SD_MESSAGE_TAINTED_STR
,
3202 static void manager_notify_finished(Manager
*m
) {
3203 char userspace
[FORMAT_TIMESPAN_MAX
], initrd
[FORMAT_TIMESPAN_MAX
], kernel
[FORMAT_TIMESPAN_MAX
], sum
[FORMAT_TIMESPAN_MAX
];
3204 usec_t firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
;
3206 if (m
->test_run_flags
)
3209 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0) {
3211 /* Note that MANAGER_TIMESTAMP_KERNEL's monotonic value is always at 0, and
3212 * MANAGER_TIMESTAMP_FIRMWARE's and MANAGER_TIMESTAMP_LOADER's monotonic value should be considered
3213 * negative values. */
3215 firmware_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FIRMWARE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_LOADER
].monotonic
;
3216 loader_usec
= m
->timestamps
[MANAGER_TIMESTAMP_LOADER
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3217 userspace_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
;
3218 total_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FIRMWARE
].monotonic
+ m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
;
3220 if (dual_timestamp_is_set(&m
->timestamps
[MANAGER_TIMESTAMP_INITRD
])) {
3222 /* The initrd case on bare-metal*/
3223 kernel_usec
= m
->timestamps
[MANAGER_TIMESTAMP_INITRD
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3224 initrd_usec
= m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_INITRD
].monotonic
;
3226 log_struct(LOG_INFO
,
3227 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3228 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3229 "INITRD_USEC="USEC_FMT
, initrd_usec
,
3230 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3231 LOG_MESSAGE("Startup finished in %s (kernel) + %s (initrd) + %s (userspace) = %s.",
3232 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3233 format_timespan(initrd
, sizeof(initrd
), initrd_usec
, USEC_PER_MSEC
),
3234 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3235 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3238 /* The initrd-less case on bare-metal*/
3240 kernel_usec
= m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_KERNEL
].monotonic
;
3243 log_struct(LOG_INFO
,
3244 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3245 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3246 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3247 LOG_MESSAGE("Startup finished in %s (kernel) + %s (userspace) = %s.",
3248 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3249 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3250 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3254 /* The container and --user case */
3255 firmware_usec
= loader_usec
= initrd_usec
= kernel_usec
= 0;
3256 total_usec
= userspace_usec
= m
->timestamps
[MANAGER_TIMESTAMP_FINISH
].monotonic
- m
->timestamps
[MANAGER_TIMESTAMP_USERSPACE
].monotonic
;
3258 log_struct(LOG_INFO
,
3259 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR
,
3260 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3261 LOG_MESSAGE("Startup finished in %s.",
3262 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3266 bus_manager_send_finished(m
, firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
);
3269 m
->ready_sent
? "STATUS=Startup finished in %s."
3271 "STATUS=Startup finished in %s.",
3272 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
));
3273 m
->ready_sent
= true;
3275 log_taint_string(m
);
3278 static void manager_send_ready(Manager
*m
) {
3281 /* We send READY=1 on reaching basic.target only when running in --user mode. */
3282 if (!MANAGER_IS_USER(m
) || m
->ready_sent
)
3285 m
->ready_sent
= true;
3289 "STATUS=Reached " SPECIAL_BASIC_TARGET
".");
3292 static void manager_check_basic_target(Manager
*m
) {
3297 /* Small shortcut */
3298 if (m
->ready_sent
&& m
->taint_logged
)
3301 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3302 if (!u
|| !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
3305 /* For user managers, send out READY=1 as soon as we reach basic.target */
3306 manager_send_ready(m
);
3308 /* Log the taint string as soon as we reach basic.target */
3309 log_taint_string(m
);
3312 void manager_check_finished(Manager
*m
) {
3315 if (MANAGER_IS_RELOADING(m
))
3318 /* Verify that we have entered the event loop already, and not left it again. */
3319 if (!MANAGER_IS_RUNNING(m
))
3322 manager_check_basic_target(m
);
3324 if (hashmap_size(m
->jobs
) > 0) {
3325 if (m
->jobs_in_progress_event_source
)
3326 /* Ignore any failure, this is only for feedback */
3327 (void) sd_event_source_set_time(m
->jobs_in_progress_event_source
, now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
);
3332 manager_flip_auto_status(m
, false);
3334 /* Notify Type=idle units that we are done now */
3335 manager_close_idle_pipe(m
);
3337 /* Turn off confirm spawn now */
3338 m
->confirm_spawn
= NULL
;
3340 /* No need to update ask password status when we're going non-interactive */
3341 manager_close_ask_password(m
);
3343 /* This is no longer the first boot */
3344 manager_set_first_boot(m
, false);
3346 if (MANAGER_IS_FINISHED(m
))
3349 dual_timestamp_get(m
->timestamps
+ MANAGER_TIMESTAMP_FINISH
);
3351 manager_notify_finished(m
);
3353 manager_invalidate_startup_units(m
);
3356 static bool generator_path_any(const char* const* paths
) {
3360 /* Optimize by skipping the whole process by not creating output directories
3361 * if no generators are found. */
3362 STRV_FOREACH(path
, (char**) paths
)
3363 if (access(*path
, F_OK
) == 0)
3365 else if (errno
!= ENOENT
)
3366 log_warning_errno(errno
, "Failed to open generator directory %s: %m", *path
);
3371 static const char* system_env_generator_binary_paths
[] = {
3372 "/run/systemd/system-environment-generators",
3373 "/etc/systemd/system-environment-generators",
3374 "/usr/local/lib/systemd/system-environment-generators",
3375 SYSTEM_ENV_GENERATOR_PATH
,
3379 static const char* user_env_generator_binary_paths
[] = {
3380 "/run/systemd/user-environment-generators",
3381 "/etc/systemd/user-environment-generators",
3382 "/usr/local/lib/systemd/user-environment-generators",
3383 USER_ENV_GENERATOR_PATH
,
3387 static int manager_run_environment_generators(Manager
*m
) {
3388 char **tmp
= NULL
; /* this is only used in the forked process, no cleanup here */
3390 void* args
[] = {&tmp
, &tmp
, &m
->environment
};
3392 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_ENV_GENERATORS
))
3395 paths
= MANAGER_IS_SYSTEM(m
) ? system_env_generator_binary_paths
: user_env_generator_binary_paths
;
3397 if (!generator_path_any(paths
))
3400 return execute_directories(paths
, DEFAULT_TIMEOUT_USEC
, gather_environment
, args
, NULL
);
3403 static int manager_run_generators(Manager
*m
) {
3404 _cleanup_strv_free_
char **paths
= NULL
;
3405 const char *argv
[5];
3410 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_GENERATORS
))
3413 paths
= generator_binary_paths(m
->unit_file_scope
);
3417 if (!generator_path_any((const char* const*) paths
))
3420 r
= lookup_paths_mkdir_generator(&m
->lookup_paths
);
3424 argv
[0] = NULL
; /* Leave this empty, execute_directory() will fill something in */
3425 argv
[1] = m
->lookup_paths
.generator
;
3426 argv
[2] = m
->lookup_paths
.generator_early
;
3427 argv
[3] = m
->lookup_paths
.generator_late
;
3430 RUN_WITH_UMASK(0022)
3431 execute_directories((const char* const*) paths
, DEFAULT_TIMEOUT_USEC
,
3432 NULL
, NULL
, (char**) argv
);
3435 lookup_paths_trim_generator(&m
->lookup_paths
);
3439 int manager_environment_add(Manager
*m
, char **minus
, char **plus
) {
3440 char **a
= NULL
, **b
= NULL
, **l
;
3445 if (!strv_isempty(minus
)) {
3446 a
= strv_env_delete(l
, 1, minus
);
3453 if (!strv_isempty(plus
)) {
3454 b
= strv_env_merge(2, l
, plus
);
3463 if (m
->environment
!= l
)
3464 strv_free(m
->environment
);
3471 manager_sanitize_environment(m
);
3476 int manager_set_default_rlimits(Manager
*m
, struct rlimit
**default_rlimit
) {
3481 for (i
= 0; i
< _RLIMIT_MAX
; i
++) {
3482 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
3484 if (!default_rlimit
[i
])
3487 m
->rlimit
[i
] = newdup(struct rlimit
, default_rlimit
[i
], 1);
3495 static bool manager_journal_is_running(Manager
*m
) {
3500 /* If we are the user manager we can safely assume that the journal is up */
3501 if (!MANAGER_IS_SYSTEM(m
))
3504 /* Check that the socket is not only up, but in RUNNING state */
3505 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SOCKET
);
3508 if (SOCKET(u
)->state
!= SOCKET_RUNNING
)
3511 /* Similar, check if the daemon itself is fully up, too */
3512 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SERVICE
);
3515 if (SERVICE(u
)->state
!= SERVICE_RUNNING
)
3521 void manager_recheck_journal(Manager
*m
) {
3525 /* Don't bother with this unless we are in the special situation of being PID 1 */
3526 if (getpid_cached() != 1)
3529 if (manager_journal_is_running(m
)) {
3531 /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. */
3532 log_set_prohibit_ipc(false);
3536 /* If the journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we
3537 * might trigger an activation ourselves we can't fulfill */
3538 log_set_prohibit_ipc(true);
3539 log_close_journal();
3543 void manager_set_show_status(Manager
*m
, ShowStatus mode
) {
3545 assert(IN_SET(mode
, SHOW_STATUS_AUTO
, SHOW_STATUS_NO
, SHOW_STATUS_YES
, SHOW_STATUS_TEMPORARY
));
3547 if (!MANAGER_IS_SYSTEM(m
))
3550 if (m
->show_status
!= mode
)
3551 log_debug("%s showing of status.",
3552 mode
== SHOW_STATUS_NO
? "Disabling" : "Enabling");
3553 m
->show_status
= mode
;
3556 (void) touch("/run/systemd/show-status");
3558 (void) unlink("/run/systemd/show-status");
3561 static bool manager_get_show_status(Manager
*m
, StatusType type
) {
3564 if (!MANAGER_IS_SYSTEM(m
))
3567 if (m
->no_console_output
)
3570 if (!IN_SET(manager_state(m
), MANAGER_INITIALIZING
, MANAGER_STARTING
, MANAGER_STOPPING
))
3573 /* If we cannot find out the status properly, just proceed. */
3574 if (type
!= STATUS_TYPE_EMERGENCY
&& manager_check_ask_password(m
) > 0)
3577 return m
->show_status
> 0;
3580 const char *manager_get_confirm_spawn(Manager
*m
) {
3581 static int last_errno
= 0;
3582 const char *vc
= m
->confirm_spawn
;
3586 /* Here's the deal: we want to test the validity of the console but don't want
3587 * PID1 to go through the whole console process which might block. But we also
3588 * want to warn the user only once if something is wrong with the console so we
3589 * cannot do the sanity checks after spawning our children. So here we simply do
3590 * really basic tests to hopefully trap common errors.
3592 * If the console suddenly disappear at the time our children will really it
3593 * then they will simply fail to acquire it and a positive answer will be
3594 * assumed. New children will fallback to /dev/console though.
3596 * Note: TTYs are devices that can come and go any time, and frequently aren't
3597 * available yet during early boot (consider a USB rs232 dongle...). If for any
3598 * reason the configured console is not ready, we fallback to the default
3601 if (!vc
|| path_equal(vc
, "/dev/console"))
3608 if (!S_ISCHR(st
.st_mode
)) {
3616 if (last_errno
!= errno
) {
3618 log_warning_errno(errno
, "Failed to open %s: %m, using default console", vc
);
3620 return "/dev/console";
3623 void manager_set_first_boot(Manager
*m
, bool b
) {
3626 if (!MANAGER_IS_SYSTEM(m
))
3629 if (m
->first_boot
!= (int) b
) {
3631 (void) touch("/run/systemd/first-boot");
3633 (void) unlink("/run/systemd/first-boot");
3639 void manager_disable_confirm_spawn(void) {
3640 (void) touch("/run/systemd/confirm_spawn_disabled");
3643 bool manager_is_confirm_spawn_disabled(Manager
*m
) {
3644 if (!m
->confirm_spawn
)
3647 return access("/run/systemd/confirm_spawn_disabled", F_OK
) >= 0;
3650 void manager_status_printf(Manager
*m
, StatusType type
, const char *status
, const char *format
, ...) {
3653 /* If m is NULL, assume we're after shutdown and let the messages through. */
3655 if (m
&& !manager_get_show_status(m
, type
))
3658 /* XXX We should totally drop the check for ephemeral here
3659 * and thus effectively make 'Type=idle' pointless. */
3660 if (type
== STATUS_TYPE_EPHEMERAL
&& m
&& m
->n_on_console
> 0)
3663 va_start(ap
, format
);
3664 status_vprintf(status
, true, type
== STATUS_TYPE_EPHEMERAL
, format
, ap
);
3668 Set
*manager_get_units_requiring_mounts_for(Manager
*m
, const char *path
) {
3669 char p
[strlen(path
)+1];
3675 path_kill_slashes(p
);
3677 return hashmap_get(m
->units_requiring_mounts_for
, streq(p
, "/") ? "" : p
);
3680 void manager_set_exec_params(Manager
*m
, ExecParameters
*p
) {
3684 p
->environment
= m
->environment
;
3685 p
->confirm_spawn
= manager_get_confirm_spawn(m
);
3686 p
->cgroup_supported
= m
->cgroup_supported
;
3687 p
->prefix
= m
->prefix
;
3689 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(m
));
3692 int manager_update_failed_units(Manager
*m
, Unit
*u
, bool failed
) {
3697 assert(u
->manager
== m
);
3699 size
= set_size(m
->failed_units
);
3702 r
= set_ensure_allocated(&m
->failed_units
, NULL
);
3706 if (set_put(m
->failed_units
, u
) < 0)
3709 (void) set_remove(m
->failed_units
, u
);
3711 if (set_size(m
->failed_units
) != size
)
3712 bus_manager_send_change_signal(m
);
3717 ManagerState
manager_state(Manager
*m
) {
3722 /* Did we ever finish booting? If not then we are still starting up */
3723 if (!MANAGER_IS_FINISHED(m
)) {
3725 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3726 if (!u
|| !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
3727 return MANAGER_INITIALIZING
;
3729 return MANAGER_STARTING
;
3732 /* Is the special shutdown target active or queued? If so, we are in shutdown state */
3733 u
= manager_get_unit(m
, SPECIAL_SHUTDOWN_TARGET
);
3734 if (u
&& unit_active_or_pending(u
))
3735 return MANAGER_STOPPING
;
3737 if (MANAGER_IS_SYSTEM(m
)) {
3738 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3739 u
= manager_get_unit(m
, SPECIAL_RESCUE_TARGET
);
3740 if (u
&& unit_active_or_pending(u
))
3741 return MANAGER_MAINTENANCE
;
3743 u
= manager_get_unit(m
, SPECIAL_EMERGENCY_TARGET
);
3744 if (u
&& unit_active_or_pending(u
))
3745 return MANAGER_MAINTENANCE
;
3748 /* Are there any failed units? If so, we are in degraded mode */
3749 if (set_size(m
->failed_units
) > 0)
3750 return MANAGER_DEGRADED
;
3752 return MANAGER_RUNNING
;
3755 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3757 static void manager_unref_uid_internal(
3762 int (*_clean_ipc
)(uid_t uid
)) {
3768 assert(uid_is_valid(uid
));
3771 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3772 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3774 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3775 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3776 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3777 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3779 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3780 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3782 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3785 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3787 n
= c
& ~DESTROY_IPC_FLAG
;
3791 if (destroy_now
&& n
== 0) {
3792 hashmap_remove(*uid_refs
, UID_TO_PTR(uid
));
3794 if (c
& DESTROY_IPC_FLAG
) {
3795 log_debug("%s " UID_FMT
" is no longer referenced, cleaning up its IPC.",
3796 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3798 (void) _clean_ipc(uid
);
3801 c
= n
| (c
& DESTROY_IPC_FLAG
);
3802 assert_se(hashmap_update(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
)) >= 0);
3806 void manager_unref_uid(Manager
*m
, uid_t uid
, bool destroy_now
) {
3807 manager_unref_uid_internal(m
, &m
->uid_refs
, uid
, destroy_now
, clean_ipc_by_uid
);
3810 void manager_unref_gid(Manager
*m
, gid_t gid
, bool destroy_now
) {
3811 manager_unref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, destroy_now
, clean_ipc_by_gid
);
3814 static int manager_ref_uid_internal(
3825 assert(uid_is_valid(uid
));
3827 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3828 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3830 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3831 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3833 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3836 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
3840 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3842 n
= c
& ~DESTROY_IPC_FLAG
;
3845 if (n
& DESTROY_IPC_FLAG
) /* check for overflow */
3848 c
= n
| (c
& DESTROY_IPC_FLAG
) | (clean_ipc
? DESTROY_IPC_FLAG
: 0);
3850 return hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
3853 int manager_ref_uid(Manager
*m
, uid_t uid
, bool clean_ipc
) {
3854 return manager_ref_uid_internal(m
, &m
->uid_refs
, uid
, clean_ipc
);
3857 int manager_ref_gid(Manager
*m
, gid_t gid
, bool clean_ipc
) {
3858 return manager_ref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, clean_ipc
);
3861 static void manager_vacuum_uid_refs_internal(
3864 int (*_clean_ipc
)(uid_t uid
)) {
3873 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
3877 uid
= PTR_TO_UID(k
);
3878 c
= PTR_TO_UINT32(p
);
3880 n
= c
& ~DESTROY_IPC_FLAG
;
3884 if (c
& DESTROY_IPC_FLAG
) {
3885 log_debug("Found unreferenced %s " UID_FMT
" after reload/reexec. Cleaning up.",
3886 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3888 (void) _clean_ipc(uid
);
3891 assert_se(hashmap_remove(*uid_refs
, k
) == p
);
3895 void manager_vacuum_uid_refs(Manager
*m
) {
3896 manager_vacuum_uid_refs_internal(m
, &m
->uid_refs
, clean_ipc_by_uid
);
3899 void manager_vacuum_gid_refs(Manager
*m
) {
3900 manager_vacuum_uid_refs_internal(m
, &m
->gid_refs
, clean_ipc_by_gid
);
3903 static void manager_serialize_uid_refs_internal(
3907 const char *field_name
) {
3917 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3918 * of it is better rebuild after a reload/reexec. */
3920 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
3924 uid
= PTR_TO_UID(k
);
3925 c
= PTR_TO_UINT32(p
);
3927 if (!(c
& DESTROY_IPC_FLAG
))
3930 fprintf(f
, "%s=" UID_FMT
"\n", field_name
, uid
);
3934 void manager_serialize_uid_refs(Manager
*m
, FILE *f
) {
3935 manager_serialize_uid_refs_internal(m
, f
, &m
->uid_refs
, "destroy-ipc-uid");
3938 void manager_serialize_gid_refs(Manager
*m
, FILE *f
) {
3939 manager_serialize_uid_refs_internal(m
, f
, &m
->gid_refs
, "destroy-ipc-gid");
3942 static void manager_deserialize_uid_refs_one_internal(
3945 const char *value
) {
3955 r
= parse_uid(value
, &uid
);
3956 if (r
< 0 || uid
== 0) {
3957 log_debug("Unable to parse UID reference serialization");
3961 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
3967 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3968 if (c
& DESTROY_IPC_FLAG
)
3971 c
|= DESTROY_IPC_FLAG
;
3973 r
= hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
3975 log_debug("Failed to add UID reference entry");
3980 void manager_deserialize_uid_refs_one(Manager
*m
, const char *value
) {
3981 manager_deserialize_uid_refs_one_internal(m
, &m
->uid_refs
, value
);
3984 void manager_deserialize_gid_refs_one(Manager
*m
, const char *value
) {
3985 manager_deserialize_uid_refs_one_internal(m
, &m
->gid_refs
, value
);
3988 int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
3992 char unit_name
[UNIT_NAME_MAX
+1];
3995 Manager
*m
= userdata
;
4003 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
4004 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
4005 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
4007 l
= recv(fd
, &buffer
, sizeof(buffer
), MSG_DONTWAIT
);
4009 if (IN_SET(errno
, EINTR
, EAGAIN
))
4012 return log_error_errno(errno
, "Failed to read from user lookup fd: %m");
4015 if ((size_t) l
<= offsetof(struct buffer
, unit_name
)) {
4016 log_warning("Received too short user lookup message, ignoring.");
4020 if ((size_t) l
> offsetof(struct buffer
, unit_name
) + UNIT_NAME_MAX
) {
4021 log_warning("Received too long user lookup message, ignoring.");
4025 if (!uid_is_valid(buffer
.uid
) && !gid_is_valid(buffer
.gid
)) {
4026 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
4030 n
= (size_t) l
- offsetof(struct buffer
, unit_name
);
4031 if (memchr(buffer
.unit_name
, 0, n
)) {
4032 log_warning("Received lookup message with embedded NUL character, ignoring.");
4036 buffer
.unit_name
[n
] = 0;
4037 u
= manager_get_unit(m
, buffer
.unit_name
);
4039 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
4043 log_unit_debug(u
, "User lookup succeeded: uid=" UID_FMT
" gid=" GID_FMT
, buffer
.uid
, buffer
.gid
);
4045 unit_notify_user_lookup(u
, buffer
.uid
, buffer
.gid
);
4049 char *manager_taint_string(Manager
*m
) {
4050 _cleanup_free_
char *destination
= NULL
, *overflowuid
= NULL
, *overflowgid
= NULL
;
4054 /* Returns a "taint string", e.g. "local-hwclock:var-run-bad".
4055 * Only things that are detected at runtime should be tagged
4056 * here. For stuff that is set during compilation, emit a warning
4057 * in the configuration phase. */
4061 buf
= new(char, sizeof("split-usr:"
4065 "overflowuid-not-65534:"
4066 "overflowgid-not-65534:"));
4074 e
= stpcpy(e
, "split-usr:");
4076 if (access("/proc/cgroups", F_OK
) < 0)
4077 e
= stpcpy(e
, "cgroups-missing:");
4079 if (clock_is_localtime(NULL
) > 0)
4080 e
= stpcpy(e
, "local-hwclock:");
4082 r
= readlink_malloc("/var/run", &destination
);
4083 if (r
< 0 || !PATH_IN_SET(destination
, "../run", "/run"))
4084 e
= stpcpy(e
, "var-run-bad:");
4086 r
= read_one_line_file("/proc/sys/kernel/overflowuid", &overflowuid
);
4087 if (r
>= 0 && !streq(overflowuid
, "65534"))
4088 e
= stpcpy(e
, "overflowuid-not-65534:");
4090 r
= read_one_line_file("/proc/sys/kernel/overflowgid", &overflowgid
);
4091 if (r
>= 0 && !streq(overflowgid
, "65534"))
4092 e
= stpcpy(e
, "overflowgid-not-65534:");
4094 /* remove the last ':' */
4101 void manager_ref_console(Manager
*m
) {
4107 void manager_unref_console(Manager
*m
) {
4109 assert(m
->n_on_console
> 0);
4112 if (m
->n_on_console
== 0)
4113 m
->no_console_output
= false; /* unset no_console_output flag, since the console is definitely free now */
4116 static const char *const manager_state_table
[_MANAGER_STATE_MAX
] = {
4117 [MANAGER_INITIALIZING
] = "initializing",
4118 [MANAGER_STARTING
] = "starting",
4119 [MANAGER_RUNNING
] = "running",
4120 [MANAGER_DEGRADED
] = "degraded",
4121 [MANAGER_MAINTENANCE
] = "maintenance",
4122 [MANAGER_STOPPING
] = "stopping",
4125 DEFINE_STRING_TABLE_LOOKUP(manager_state
, ManagerState
);
4127 static const char *const manager_timestamp_table
[_MANAGER_TIMESTAMP_MAX
] = {
4128 [MANAGER_TIMESTAMP_FIRMWARE
] = "firmware",
4129 [MANAGER_TIMESTAMP_LOADER
] = "loader",
4130 [MANAGER_TIMESTAMP_KERNEL
] = "kernel",
4131 [MANAGER_TIMESTAMP_INITRD
] = "initrd",
4132 [MANAGER_TIMESTAMP_USERSPACE
] = "userspace",
4133 [MANAGER_TIMESTAMP_FINISH
] = "finish",
4134 [MANAGER_TIMESTAMP_SECURITY_START
] = "security-start",
4135 [MANAGER_TIMESTAMP_SECURITY_FINISH
] = "security-finish",
4136 [MANAGER_TIMESTAMP_GENERATORS_START
] = "generators-start",
4137 [MANAGER_TIMESTAMP_GENERATORS_FINISH
] = "generators-finish",
4138 [MANAGER_TIMESTAMP_UNITS_LOAD_START
] = "units-load-start",
4139 [MANAGER_TIMESTAMP_UNITS_LOAD_FINISH
] = "units-load-finish",
4142 DEFINE_STRING_TABLE_LOOKUP(manager_timestamp
, ManagerTimestamp
);