]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/manager.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add SPDX license identifiers to source files under the LGPL
[thirdparty/systemd.git] / src / core / manager.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
11
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
16
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
19 ***/
20
21 #include <errno.h>
22 #include <fcntl.h>
23 #include <linux/kd.h>
24 #include <signal.h>
25 #include <string.h>
26 #include <sys/epoll.h>
27 #include <sys/inotify.h>
28 #include <sys/ioctl.h>
29 #include <sys/reboot.h>
30 #include <sys/timerfd.h>
31 #include <sys/wait.h>
32 #include <unistd.h>
33
34 #if HAVE_AUDIT
35 #include <libaudit.h>
36 #endif
37
38 #include "sd-daemon.h"
39 #include "sd-messages.h"
40 #include "sd-path.h"
41
42 #include "alloc-util.h"
43 #include "audit-fd.h"
44 #include "boot-timestamps.h"
45 #include "bus-common-errors.h"
46 #include "bus-error.h"
47 #include "bus-kernel.h"
48 #include "bus-util.h"
49 #include "clean-ipc.h"
50 #include "dbus-job.h"
51 #include "dbus-manager.h"
52 #include "dbus-unit.h"
53 #include "dbus.h"
54 #include "dirent-util.h"
55 #include "env-util.h"
56 #include "escape.h"
57 #include "exec-util.h"
58 #include "execute.h"
59 #include "exit-status.h"
60 #include "fd-util.h"
61 #include "fileio.h"
62 #include "fs-util.h"
63 #include "hashmap.h"
64 #include "io-util.h"
65 #include "label.h"
66 #include "locale-setup.h"
67 #include "log.h"
68 #include "macro.h"
69 #include "manager.h"
70 #include "missing.h"
71 #include "mkdir.h"
72 #include "parse-util.h"
73 #include "path-lookup.h"
74 #include "path-util.h"
75 #include "process-util.h"
76 #include "ratelimit.h"
77 #include "rm-rf.h"
78 #include "signal-util.h"
79 #include "special.h"
80 #include "stat-util.h"
81 #include "string-table.h"
82 #include "string-util.h"
83 #include "strv.h"
84 #include "terminal-util.h"
85 #include "time-util.h"
86 #include "transaction.h"
87 #include "umask-util.h"
88 #include "unit-name.h"
89 #include "user-util.h"
90 #include "util.h"
91 #include "virt.h"
92 #include "watchdog.h"
93
94 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
95 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
96
97 /* Initial delay and the interval for printing status messages about running jobs */
98 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
99 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
100 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
101
102 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
103 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
104 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
105 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
106 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
107 static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
108 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
109 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
110 static int manager_run_environment_generators(Manager *m);
111 static int manager_run_generators(Manager *m);
112
113 static void manager_watch_jobs_in_progress(Manager *m) {
114 usec_t next;
115 int r;
116
117 assert(m);
118
119 /* We do not want to show the cylon animation if the user
120 * needs to confirm service executions otherwise confirmation
121 * messages will be screwed by the cylon animation. */
122 if (!manager_is_confirm_spawn_disabled(m))
123 return;
124
125 if (m->jobs_in_progress_event_source)
126 return;
127
128 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
129 r = sd_event_add_time(
130 m->event,
131 &m->jobs_in_progress_event_source,
132 CLOCK_MONOTONIC,
133 next, 0,
134 manager_dispatch_jobs_in_progress, m);
135 if (r < 0)
136 return;
137
138 (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
139 }
140
141 #define CYLON_BUFFER_EXTRA (2*(sizeof(ANSI_RED)-1) + sizeof(ANSI_HIGHLIGHT_RED)-1 + 2*(sizeof(ANSI_NORMAL)-1))
142
143 static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
144 char *p = buffer;
145
146 assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
147 assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
148
149 if (pos > 1) {
150 if (pos > 2)
151 p = mempset(p, ' ', pos-2);
152 if (log_get_show_color())
153 p = stpcpy(p, ANSI_RED);
154 *p++ = '*';
155 }
156
157 if (pos > 0 && pos <= width) {
158 if (log_get_show_color())
159 p = stpcpy(p, ANSI_HIGHLIGHT_RED);
160 *p++ = '*';
161 }
162
163 if (log_get_show_color())
164 p = stpcpy(p, ANSI_NORMAL);
165
166 if (pos < width) {
167 if (log_get_show_color())
168 p = stpcpy(p, ANSI_RED);
169 *p++ = '*';
170 if (pos < width-1)
171 p = mempset(p, ' ', width-1-pos);
172 if (log_get_show_color())
173 strcpy(p, ANSI_NORMAL);
174 }
175 }
176
177 void manager_flip_auto_status(Manager *m, bool enable) {
178 assert(m);
179
180 if (enable) {
181 if (m->show_status == SHOW_STATUS_AUTO)
182 manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
183 } else {
184 if (m->show_status == SHOW_STATUS_TEMPORARY)
185 manager_set_show_status(m, SHOW_STATUS_AUTO);
186 }
187 }
188
189 static void manager_print_jobs_in_progress(Manager *m) {
190 _cleanup_free_ char *job_of_n = NULL;
191 Iterator i;
192 Job *j;
193 unsigned counter = 0, print_nr;
194 char cylon[6 + CYLON_BUFFER_EXTRA + 1];
195 unsigned cylon_pos;
196 char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
197 uint64_t x;
198
199 assert(m);
200 assert(m->n_running_jobs > 0);
201
202 manager_flip_auto_status(m, true);
203
204 print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
205
206 HASHMAP_FOREACH(j, m->jobs, i)
207 if (j->state == JOB_RUNNING && counter++ == print_nr)
208 break;
209
210 /* m->n_running_jobs must be consistent with the contents of m->jobs,
211 * so the above loop must have succeeded in finding j. */
212 assert(counter == print_nr + 1);
213 assert(j);
214
215 cylon_pos = m->jobs_in_progress_iteration % 14;
216 if (cylon_pos >= 8)
217 cylon_pos = 14 - cylon_pos;
218 draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
219
220 m->jobs_in_progress_iteration++;
221
222 if (m->n_running_jobs > 1) {
223 if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
224 job_of_n = NULL;
225 }
226
227 format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
228 if (job_get_timeout(j, &x) > 0)
229 format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
230
231 manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
232 "%sA %s job is running for %s (%s / %s)",
233 strempty(job_of_n),
234 job_type_to_string(j->type),
235 unit_description(j->unit),
236 time, limit);
237 }
238
239 static int have_ask_password(void) {
240 _cleanup_closedir_ DIR *dir;
241 struct dirent *de;
242
243 dir = opendir("/run/systemd/ask-password");
244 if (!dir) {
245 if (errno == ENOENT)
246 return false;
247 else
248 return -errno;
249 }
250
251 FOREACH_DIRENT_ALL(de, dir, return -errno) {
252 if (startswith(de->d_name, "ask."))
253 return true;
254 }
255 return false;
256 }
257
258 static int manager_dispatch_ask_password_fd(sd_event_source *source,
259 int fd, uint32_t revents, void *userdata) {
260 Manager *m = userdata;
261
262 assert(m);
263
264 flush_fd(fd);
265
266 m->have_ask_password = have_ask_password();
267 if (m->have_ask_password < 0)
268 /* Log error but continue. Negative have_ask_password
269 * is treated as unknown status. */
270 log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
271
272 return 0;
273 }
274
275 static void manager_close_ask_password(Manager *m) {
276 assert(m);
277
278 m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
279 m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
280 m->have_ask_password = -EINVAL;
281 }
282
283 static int manager_check_ask_password(Manager *m) {
284 int r;
285
286 assert(m);
287
288 if (!m->ask_password_event_source) {
289 assert(m->ask_password_inotify_fd < 0);
290
291 mkdir_p_label("/run/systemd/ask-password", 0755);
292
293 m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
294 if (m->ask_password_inotify_fd < 0)
295 return log_error_errno(errno, "inotify_init1() failed: %m");
296
297 if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
298 log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
299 manager_close_ask_password(m);
300 return -errno;
301 }
302
303 r = sd_event_add_io(m->event, &m->ask_password_event_source,
304 m->ask_password_inotify_fd, EPOLLIN,
305 manager_dispatch_ask_password_fd, m);
306 if (r < 0) {
307 log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
308 manager_close_ask_password(m);
309 return -errno;
310 }
311
312 (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
313
314 /* Queries might have been added meanwhile... */
315 manager_dispatch_ask_password_fd(m->ask_password_event_source,
316 m->ask_password_inotify_fd, EPOLLIN, m);
317 }
318
319 return m->have_ask_password;
320 }
321
322 static int manager_watch_idle_pipe(Manager *m) {
323 int r;
324
325 assert(m);
326
327 if (m->idle_pipe_event_source)
328 return 0;
329
330 if (m->idle_pipe[2] < 0)
331 return 0;
332
333 r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
334 if (r < 0)
335 return log_error_errno(r, "Failed to watch idle pipe: %m");
336
337 (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
338
339 return 0;
340 }
341
342 static void manager_close_idle_pipe(Manager *m) {
343 assert(m);
344
345 m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
346
347 safe_close_pair(m->idle_pipe);
348 safe_close_pair(m->idle_pipe + 2);
349 }
350
351 static int manager_setup_time_change(Manager *m) {
352 int r;
353
354 /* We only care for the cancellation event, hence we set the
355 * timeout to the latest possible value. */
356 struct itimerspec its = {
357 .it_value.tv_sec = TIME_T_MAX,
358 };
359
360 assert(m);
361 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
362
363 if (m->test_run_flags)
364 return 0;
365
366 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
367 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
368
369 m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
370 if (m->time_change_fd < 0)
371 return log_error_errno(errno, "Failed to create timerfd: %m");
372
373 if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
374 log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
375 m->time_change_fd = safe_close(m->time_change_fd);
376 return 0;
377 }
378
379 r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
380 if (r < 0)
381 return log_error_errno(r, "Failed to create time change event source: %m");
382
383 (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
384
385 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
386
387 return 0;
388 }
389
390 static int enable_special_signals(Manager *m) {
391 _cleanup_close_ int fd = -1;
392
393 assert(m);
394
395 if (m->test_run_flags)
396 return 0;
397
398 /* Enable that we get SIGINT on control-alt-del. In containers
399 * this will fail with EPERM (older) or EINVAL (newer), so
400 * ignore that. */
401 if (reboot(RB_DISABLE_CAD) < 0 && !IN_SET(errno, EPERM, EINVAL))
402 log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
403
404 fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
405 if (fd < 0) {
406 /* Support systems without virtual console */
407 if (fd != -ENOENT)
408 log_warning_errno(errno, "Failed to open /dev/tty0: %m");
409 } else {
410 /* Enable that we get SIGWINCH on kbrequest */
411 if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
412 log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
413 }
414
415 return 0;
416 }
417
418 static int manager_setup_signals(Manager *m) {
419 struct sigaction sa = {
420 .sa_handler = SIG_DFL,
421 .sa_flags = SA_NOCLDSTOP|SA_RESTART,
422 };
423 sigset_t mask;
424 int r;
425
426 assert(m);
427
428 assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
429
430 /* We make liberal use of realtime signals here. On
431 * Linux/glibc we have 30 of them (with the exception of Linux
432 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
433 * (aka SIGRTMAX). */
434
435 assert_se(sigemptyset(&mask) == 0);
436 sigset_add_many(&mask,
437 SIGCHLD, /* Child died */
438 SIGTERM, /* Reexecute daemon */
439 SIGHUP, /* Reload configuration */
440 SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
441 SIGUSR2, /* systemd: dump status */
442 SIGINT, /* Kernel sends us this on control-alt-del */
443 SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
444 SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
445
446 SIGRTMIN+0, /* systemd: start default.target */
447 SIGRTMIN+1, /* systemd: isolate rescue.target */
448 SIGRTMIN+2, /* systemd: isolate emergency.target */
449 SIGRTMIN+3, /* systemd: start halt.target */
450 SIGRTMIN+4, /* systemd: start poweroff.target */
451 SIGRTMIN+5, /* systemd: start reboot.target */
452 SIGRTMIN+6, /* systemd: start kexec.target */
453
454 /* ... space for more special targets ... */
455
456 SIGRTMIN+13, /* systemd: Immediate halt */
457 SIGRTMIN+14, /* systemd: Immediate poweroff */
458 SIGRTMIN+15, /* systemd: Immediate reboot */
459 SIGRTMIN+16, /* systemd: Immediate kexec */
460
461 /* ... space for more immediate system state changes ... */
462
463 SIGRTMIN+20, /* systemd: enable status messages */
464 SIGRTMIN+21, /* systemd: disable status messages */
465 SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
466 SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
467 SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
468
469 /* .. one free signal here ... */
470
471 #if !defined(__hppa64__) && !defined(__hppa__)
472 /* Apparently Linux on hppa has fewer RT
473 * signals (SIGRTMAX is SIGRTMIN+25 there),
474 * hence let's not try to make use of them
475 * here. Since these commands are accessible
476 * by different means and only really a safety
477 * net, the missing functionality on hppa
478 * shouldn't matter. */
479
480 SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
481 SIGRTMIN+27, /* systemd: set log target to console */
482 SIGRTMIN+28, /* systemd: set log target to kmsg */
483 SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
484
485 /* ... one free signal here SIGRTMIN+30 ... */
486 #endif
487 -1);
488 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
489
490 m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
491 if (m->signal_fd < 0)
492 return -errno;
493
494 r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
495 if (r < 0)
496 return r;
497
498 (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
499
500 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
501 * notify processing can still figure out to which process/service a message belongs, before we reap the
502 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
503 * status information before detecting that there's no process in a cgroup. */
504 r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
505 if (r < 0)
506 return r;
507
508 if (MANAGER_IS_SYSTEM(m))
509 return enable_special_signals(m);
510
511 return 0;
512 }
513
514 static void manager_clean_environment(Manager *m) {
515 assert(m);
516
517 /* Let's remove some environment variables that we
518 * need ourselves to communicate with our clients */
519 strv_env_unset_many(
520 m->environment,
521 "NOTIFY_SOCKET",
522 "MAINPID",
523 "MANAGERPID",
524 "LISTEN_PID",
525 "LISTEN_FDS",
526 "LISTEN_FDNAMES",
527 "WATCHDOG_PID",
528 "WATCHDOG_USEC",
529 "INVOCATION_ID",
530 NULL);
531 }
532
533 static int manager_default_environment(Manager *m) {
534 assert(m);
535
536 if (MANAGER_IS_SYSTEM(m)) {
537 /* The system manager always starts with a clean
538 * environment for its children. It does not import
539 * the kernel's or the parents' exported variables.
540 *
541 * The initial passed environment is untouched to keep
542 * /proc/self/environ valid; it is used for tagging
543 * the init process inside containers. */
544 m->environment = strv_new("PATH=" DEFAULT_PATH,
545 NULL);
546
547 /* Import locale variables LC_*= from configuration */
548 locale_setup(&m->environment);
549 } else
550 /* The user manager passes its own environment
551 * along to its children. */
552 m->environment = strv_copy(environ);
553
554 if (!m->environment)
555 return -ENOMEM;
556
557 manager_clean_environment(m);
558 strv_sort(m->environment);
559
560 return 0;
561 }
562
563 static int manager_setup_prefix(Manager *m) {
564 struct table_entry {
565 uint64_t type;
566 const char *suffix;
567 };
568
569 static const struct table_entry paths_system[_EXEC_DIRECTORY_TYPE_MAX] = {
570 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_SYSTEM_RUNTIME, NULL },
571 [EXEC_DIRECTORY_STATE] = { SD_PATH_SYSTEM_STATE_PRIVATE, NULL },
572 [EXEC_DIRECTORY_CACHE] = { SD_PATH_SYSTEM_STATE_CACHE, NULL },
573 [EXEC_DIRECTORY_LOGS] = { SD_PATH_SYSTEM_STATE_LOGS, NULL },
574 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_SYSTEM_CONFIGURATION, NULL },
575 };
576
577 static const struct table_entry paths_user[_EXEC_DIRECTORY_TYPE_MAX] = {
578 [EXEC_DIRECTORY_RUNTIME] = { SD_PATH_USER_RUNTIME, NULL },
579 [EXEC_DIRECTORY_STATE] = { SD_PATH_USER_CONFIGURATION, NULL },
580 [EXEC_DIRECTORY_CACHE] = { SD_PATH_USER_STATE_CACHE, NULL },
581 [EXEC_DIRECTORY_LOGS] = { SD_PATH_USER_CONFIGURATION, "log" },
582 [EXEC_DIRECTORY_CONFIGURATION] = { SD_PATH_USER_CONFIGURATION, NULL },
583 };
584
585 const struct table_entry *p;
586 ExecDirectoryType i;
587 int r;
588
589 assert(m);
590
591 if (MANAGER_IS_SYSTEM(m))
592 p = paths_system;
593 else
594 p = paths_user;
595
596 for (i = 0; i < _EXEC_DIRECTORY_TYPE_MAX; i++) {
597 r = sd_path_home(p[i].type, p[i].suffix, &m->prefix[i]);
598 if (r < 0)
599 return r;
600 }
601
602 return 0;
603 }
604
605 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) {
606 Manager *m;
607 int r;
608
609 assert(_m);
610 assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
611
612 m = new0(Manager, 1);
613 if (!m)
614 return -ENOMEM;
615
616 m->unit_file_scope = scope;
617 m->exit_code = _MANAGER_EXIT_CODE_INVALID;
618 m->default_timer_accuracy_usec = USEC_PER_MINUTE;
619 m->default_tasks_accounting = true;
620 m->default_tasks_max = UINT64_MAX;
621 m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
622 m->default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
623 m->default_restart_usec = DEFAULT_RESTART_USEC;
624
625 #if ENABLE_EFI
626 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
627 boot_timestamps(&m->userspace_timestamp, &m->firmware_timestamp, &m->loader_timestamp);
628 #endif
629
630 /* Prepare log fields we can use for structured logging */
631 if (MANAGER_IS_SYSTEM(m)) {
632 m->unit_log_field = "UNIT=";
633 m->unit_log_format_string = "UNIT=%s";
634
635 m->invocation_log_field = "INVOCATION_ID=";
636 m->invocation_log_format_string = "INVOCATION_ID=%s";
637 } else {
638 m->unit_log_field = "USER_UNIT=";
639 m->unit_log_format_string = "USER_UNIT=%s";
640
641 m->invocation_log_field = "USER_INVOCATION_ID=";
642 m->invocation_log_format_string = "USER_INVOCATION_ID=%s";
643 }
644
645 m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
646
647 m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
648 m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
649 m->ask_password_inotify_fd = -1;
650
651 m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
652
653 m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
654
655 m->have_ask_password = -EINVAL; /* we don't know */
656 m->first_boot = -1;
657
658 m->test_run_flags = test_run_flags;
659
660 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
661 RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
662
663 r = manager_default_environment(m);
664 if (r < 0)
665 goto fail;
666
667 r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
668 if (r < 0)
669 goto fail;
670
671 r = hashmap_ensure_allocated(&m->jobs, NULL);
672 if (r < 0)
673 goto fail;
674
675 r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops);
676 if (r < 0)
677 goto fail;
678
679 r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
680 if (r < 0)
681 goto fail;
682
683 r = sd_event_default(&m->event);
684 if (r < 0)
685 goto fail;
686
687 r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
688 if (r < 0)
689 goto fail;
690
691 r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
692 if (r < 0)
693 goto fail;
694
695 r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
696 if (r < 0)
697 goto fail;
698
699 (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
700
701 r = manager_setup_signals(m);
702 if (r < 0)
703 goto fail;
704
705 r = manager_setup_cgroup(m);
706 if (r < 0)
707 goto fail;
708
709 r = manager_setup_time_change(m);
710 if (r < 0)
711 goto fail;
712
713 m->udev = udev_new();
714 if (!m->udev) {
715 r = -ENOMEM;
716 goto fail;
717 }
718
719 if (MANAGER_IS_SYSTEM(m)) {
720 r = mkdir_label("/run/systemd/units", 0755);
721 if (r < 0 && r != -EEXIST)
722 goto fail;
723 }
724
725 /* Note that we do not set up the notify fd here. We do that after deserialization,
726 * since they might have gotten serialized across the reexec. */
727
728 m->taint_usr = dir_is_empty("/usr") > 0;
729
730 r = manager_setup_prefix(m);
731 if (r < 0)
732 goto fail;
733
734 *_m = m;
735 return 0;
736
737 fail:
738 manager_free(m);
739 return r;
740 }
741
742 static int manager_setup_notify(Manager *m) {
743 int r;
744
745 if (m->test_run_flags)
746 return 0;
747
748 if (m->notify_fd < 0) {
749 _cleanup_close_ int fd = -1;
750 union sockaddr_union sa = {
751 .sa.sa_family = AF_UNIX,
752 };
753 static const int one = 1;
754
755 /* First free all secondary fields */
756 m->notify_socket = mfree(m->notify_socket);
757 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
758
759 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
760 if (fd < 0)
761 return log_error_errno(errno, "Failed to allocate notification socket: %m");
762
763 fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
764
765 m->notify_socket = strappend(m->prefix[EXEC_DIRECTORY_RUNTIME], "/systemd/notify");
766 if (!m->notify_socket)
767 return log_oom();
768
769 (void) mkdir_parents_label(m->notify_socket, 0755);
770 (void) unlink(m->notify_socket);
771
772 strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
773 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
774 if (r < 0)
775 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
776
777 r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
778 if (r < 0)
779 return log_error_errno(errno, "SO_PASSCRED failed: %m");
780
781 m->notify_fd = fd;
782 fd = -1;
783
784 log_debug("Using notification socket %s", m->notify_socket);
785 }
786
787 if (!m->notify_event_source) {
788 r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
789 if (r < 0)
790 return log_error_errno(r, "Failed to allocate notify event source: %m");
791
792 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
793 * service an exit message belongs. */
794 r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-7);
795 if (r < 0)
796 return log_error_errno(r, "Failed to set priority of notify event source: %m");
797
798 (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
799 }
800
801 return 0;
802 }
803
804 static int manager_setup_cgroups_agent(Manager *m) {
805
806 static const union sockaddr_union sa = {
807 .un.sun_family = AF_UNIX,
808 .un.sun_path = "/run/systemd/cgroups-agent",
809 };
810 int r;
811
812 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
813 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
814 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
815 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
816 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
817 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
818 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
819 * we thus won't lose messages.
820 *
821 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
822 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
823 * bus for these messages. */
824
825 if (m->test_run_flags)
826 return 0;
827
828 if (!MANAGER_IS_SYSTEM(m))
829 return 0;
830
831 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
832 if (r < 0)
833 return log_error_errno(r, "Failed to determine whether unified cgroups hierarchy is used: %m");
834 if (r > 0) /* We don't need this anymore on the unified hierarchy */
835 return 0;
836
837 if (m->cgroups_agent_fd < 0) {
838 _cleanup_close_ int fd = -1;
839
840 /* First free all secondary fields */
841 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
842
843 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
844 if (fd < 0)
845 return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
846
847 fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
848
849 (void) unlink(sa.un.sun_path);
850
851 /* Only allow root to connect to this socket */
852 RUN_WITH_UMASK(0077)
853 r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
854 if (r < 0)
855 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
856
857 m->cgroups_agent_fd = fd;
858 fd = -1;
859 }
860
861 if (!m->cgroups_agent_event_source) {
862 r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
863 if (r < 0)
864 return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
865
866 /* Process cgroups notifications early, but after having processed service notification messages or
867 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
868 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
869 * cgroup inotify for the unified cgroup stuff. */
870 r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-4);
871 if (r < 0)
872 return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
873
874 (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
875 }
876
877 return 0;
878 }
879
880 static int manager_setup_user_lookup_fd(Manager *m) {
881 int r;
882
883 assert(m);
884
885 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
886 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
887 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
888 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
889 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
890 * hence we establish this communication channel so that forked off processes can pass their UID/GID
891 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
892 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
893 * this purpose.
894 *
895 * You might wonder why we need a communication channel for this that is independent of the usual notification
896 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
897 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
898 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
899 *
900 * Note that this function is called under two circumstances: when we first initialize (in which case we
901 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
902 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
903
904 if (m->user_lookup_fds[0] < 0) {
905
906 /* Free all secondary fields */
907 safe_close_pair(m->user_lookup_fds);
908 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
909
910 if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
911 return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
912
913 (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
914 }
915
916 if (!m->user_lookup_event_source) {
917 r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
918 if (r < 0)
919 return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
920
921 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
922 * resolutions */
923 r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-8);
924 if (r < 0)
925 return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
926
927 (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
928 }
929
930 return 0;
931 }
932
933 static int manager_connect_bus(Manager *m, bool reexecuting) {
934 bool try_bus_connect;
935 Unit *u = NULL;
936
937 assert(m);
938
939 if (m->test_run_flags)
940 return 0;
941
942 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
943
944 try_bus_connect =
945 (u && SERVICE(u)->deserialized_state == SERVICE_RUNNING) &&
946 (reexecuting ||
947 (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")));
948
949 /* Try to connect to the buses, if possible. */
950 return bus_init(m, try_bus_connect);
951 }
952
953 static unsigned manager_dispatch_cleanup_queue(Manager *m) {
954 Unit *u;
955 unsigned n = 0;
956
957 assert(m);
958
959 while ((u = m->cleanup_queue)) {
960 assert(u->in_cleanup_queue);
961
962 unit_free(u);
963 n++;
964 }
965
966 return n;
967 }
968
969 enum {
970 GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
971 GC_OFFSET_UNSURE, /* No clue */
972 GC_OFFSET_GOOD, /* We still need this unit */
973 GC_OFFSET_BAD, /* We don't need this unit anymore */
974 _GC_OFFSET_MAX
975 };
976
977 static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
978 Unit *other;
979 Iterator i;
980 void *v;
981
982 u->gc_marker = gc_marker + GC_OFFSET_GOOD;
983
984 /* Recursively mark referenced units as GOOD as well */
985 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCES], i)
986 if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
987 unit_gc_mark_good(other, gc_marker);
988 }
989
990 static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
991 Unit *other;
992 bool is_bad;
993 Iterator i;
994 void *v;
995
996 assert(u);
997
998 if (IN_SET(u->gc_marker - gc_marker,
999 GC_OFFSET_GOOD, GC_OFFSET_BAD, GC_OFFSET_UNSURE, GC_OFFSET_IN_PATH))
1000 return;
1001
1002 if (u->in_cleanup_queue)
1003 goto bad;
1004
1005 if (unit_check_gc(u))
1006 goto good;
1007
1008 u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
1009
1010 is_bad = true;
1011
1012 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REFERENCED_BY], i) {
1013 unit_gc_sweep(other, gc_marker);
1014
1015 if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
1016 goto good;
1017
1018 if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
1019 is_bad = false;
1020 }
1021
1022 if (is_bad)
1023 goto bad;
1024
1025 /* We were unable to find anything out about this entry, so
1026 * let's investigate it later */
1027 u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
1028 unit_add_to_gc_queue(u);
1029 return;
1030
1031 bad:
1032 /* We definitely know that this one is not useful anymore, so
1033 * let's mark it for deletion */
1034 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1035 unit_add_to_cleanup_queue(u);
1036 return;
1037
1038 good:
1039 unit_gc_mark_good(u, gc_marker);
1040 }
1041
1042 static unsigned manager_dispatch_gc_unit_queue(Manager *m) {
1043 unsigned n = 0, gc_marker;
1044 Unit *u;
1045
1046 assert(m);
1047
1048 /* log_debug("Running GC..."); */
1049
1050 m->gc_marker += _GC_OFFSET_MAX;
1051 if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
1052 m->gc_marker = 1;
1053
1054 gc_marker = m->gc_marker;
1055
1056 while ((u = m->gc_unit_queue)) {
1057 assert(u->in_gc_queue);
1058
1059 unit_gc_sweep(u, gc_marker);
1060
1061 LIST_REMOVE(gc_queue, m->gc_unit_queue, u);
1062 u->in_gc_queue = false;
1063
1064 n++;
1065
1066 if (IN_SET(u->gc_marker - gc_marker,
1067 GC_OFFSET_BAD, GC_OFFSET_UNSURE)) {
1068 if (u->id)
1069 log_unit_debug(u, "Collecting.");
1070 u->gc_marker = gc_marker + GC_OFFSET_BAD;
1071 unit_add_to_cleanup_queue(u);
1072 }
1073 }
1074
1075 return n;
1076 }
1077
1078 static unsigned manager_dispatch_gc_job_queue(Manager *m) {
1079 unsigned n = 0;
1080 Job *j;
1081
1082 assert(m);
1083
1084 while ((j = m->gc_job_queue)) {
1085 assert(j->in_gc_queue);
1086
1087 LIST_REMOVE(gc_queue, m->gc_job_queue, j);
1088 j->in_gc_queue = false;
1089
1090 n++;
1091
1092 if (job_check_gc(j))
1093 continue;
1094
1095 log_unit_debug(j->unit, "Collecting job.");
1096 (void) job_finish_and_invalidate(j, JOB_COLLECTED, false, false);
1097 }
1098
1099 return n;
1100 }
1101
1102 static void manager_clear_jobs_and_units(Manager *m) {
1103 Unit *u;
1104
1105 assert(m);
1106
1107 while ((u = hashmap_first(m->units)))
1108 unit_free(u);
1109
1110 manager_dispatch_cleanup_queue(m);
1111
1112 assert(!m->load_queue);
1113 assert(!m->run_queue);
1114 assert(!m->dbus_unit_queue);
1115 assert(!m->dbus_job_queue);
1116 assert(!m->cleanup_queue);
1117 assert(!m->gc_unit_queue);
1118 assert(!m->gc_job_queue);
1119
1120 assert(hashmap_isempty(m->jobs));
1121 assert(hashmap_isempty(m->units));
1122
1123 m->n_on_console = 0;
1124 m->n_running_jobs = 0;
1125 }
1126
1127 Manager* manager_free(Manager *m) {
1128 UnitType c;
1129 int i;
1130 ExecDirectoryType dt;
1131
1132 if (!m)
1133 return NULL;
1134
1135 manager_clear_jobs_and_units(m);
1136
1137 for (c = 0; c < _UNIT_TYPE_MAX; c++)
1138 if (unit_vtable[c]->shutdown)
1139 unit_vtable[c]->shutdown(m);
1140
1141 /* If we reexecute ourselves, we keep the root cgroup around */
1142 manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
1143
1144 lookup_paths_flush_generator(&m->lookup_paths);
1145
1146 bus_done(m);
1147
1148 dynamic_user_vacuum(m, false);
1149 hashmap_free(m->dynamic_users);
1150
1151 hashmap_free(m->units);
1152 hashmap_free(m->units_by_invocation_id);
1153 hashmap_free(m->jobs);
1154 hashmap_free(m->watch_pids1);
1155 hashmap_free(m->watch_pids2);
1156 hashmap_free(m->watch_bus);
1157
1158 set_free(m->startup_units);
1159 set_free(m->failed_units);
1160
1161 sd_event_source_unref(m->signal_event_source);
1162 sd_event_source_unref(m->notify_event_source);
1163 sd_event_source_unref(m->cgroups_agent_event_source);
1164 sd_event_source_unref(m->time_change_event_source);
1165 sd_event_source_unref(m->jobs_in_progress_event_source);
1166 sd_event_source_unref(m->run_queue_event_source);
1167 sd_event_source_unref(m->user_lookup_event_source);
1168
1169 safe_close(m->signal_fd);
1170 safe_close(m->notify_fd);
1171 safe_close(m->cgroups_agent_fd);
1172 safe_close(m->time_change_fd);
1173 safe_close_pair(m->user_lookup_fds);
1174
1175 manager_close_ask_password(m);
1176
1177 manager_close_idle_pipe(m);
1178
1179 udev_unref(m->udev);
1180 sd_event_unref(m->event);
1181
1182 free(m->notify_socket);
1183
1184 lookup_paths_free(&m->lookup_paths);
1185 strv_free(m->environment);
1186
1187 hashmap_free(m->cgroup_unit);
1188 set_free_free(m->unit_path_cache);
1189
1190 free(m->switch_root);
1191 free(m->switch_root_init);
1192
1193 for (i = 0; i < _RLIMIT_MAX; i++)
1194 m->rlimit[i] = mfree(m->rlimit[i]);
1195
1196 assert(hashmap_isempty(m->units_requiring_mounts_for));
1197 hashmap_free(m->units_requiring_mounts_for);
1198
1199 hashmap_free(m->uid_refs);
1200 hashmap_free(m->gid_refs);
1201
1202 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++)
1203 m->prefix[dt] = mfree(m->prefix[dt]);
1204
1205 return mfree(m);
1206 }
1207
1208 void manager_enumerate(Manager *m) {
1209 UnitType c;
1210
1211 assert(m);
1212
1213 /* Let's ask every type to load all units from disk/kernel
1214 * that it might know */
1215 for (c = 0; c < _UNIT_TYPE_MAX; c++) {
1216 if (!unit_type_supported(c)) {
1217 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
1218 continue;
1219 }
1220
1221 if (!unit_vtable[c]->enumerate)
1222 continue;
1223
1224 unit_vtable[c]->enumerate(m);
1225 }
1226
1227 manager_dispatch_load_queue(m);
1228 }
1229
1230 static void manager_coldplug(Manager *m) {
1231 Iterator i;
1232 Unit *u;
1233 char *k;
1234 int r;
1235
1236 assert(m);
1237
1238 /* Then, let's set up their initial state. */
1239 HASHMAP_FOREACH_KEY(u, k, m->units, i) {
1240
1241 /* ignore aliases */
1242 if (u->id != k)
1243 continue;
1244
1245 r = unit_coldplug(u);
1246 if (r < 0)
1247 log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
1248 }
1249 }
1250
1251 static void manager_build_unit_path_cache(Manager *m) {
1252 char **i;
1253 int r;
1254
1255 assert(m);
1256
1257 set_free_free(m->unit_path_cache);
1258
1259 m->unit_path_cache = set_new(&string_hash_ops);
1260 if (!m->unit_path_cache) {
1261 r = -ENOMEM;
1262 goto fail;
1263 }
1264
1265 /* This simply builds a list of files we know exist, so that
1266 * we don't always have to go to disk */
1267
1268 STRV_FOREACH(i, m->lookup_paths.search_path) {
1269 _cleanup_closedir_ DIR *d = NULL;
1270 struct dirent *de;
1271
1272 d = opendir(*i);
1273 if (!d) {
1274 if (errno != ENOENT)
1275 log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
1276 continue;
1277 }
1278
1279 FOREACH_DIRENT(de, d, r = -errno; goto fail) {
1280 char *p;
1281
1282 p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name);
1283 if (!p) {
1284 r = -ENOMEM;
1285 goto fail;
1286 }
1287
1288 r = set_consume(m->unit_path_cache, p);
1289 if (r < 0)
1290 goto fail;
1291 }
1292 }
1293
1294 return;
1295
1296 fail:
1297 log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
1298 m->unit_path_cache = set_free_free(m->unit_path_cache);
1299 }
1300
1301 static void manager_distribute_fds(Manager *m, FDSet *fds) {
1302 Iterator i;
1303 Unit *u;
1304
1305 assert(m);
1306
1307 HASHMAP_FOREACH(u, m->units, i) {
1308
1309 if (fdset_size(fds) <= 0)
1310 break;
1311
1312 if (!UNIT_VTABLE(u)->distribute_fds)
1313 continue;
1314
1315 UNIT_VTABLE(u)->distribute_fds(u, fds);
1316 }
1317 }
1318
1319 int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
1320 int r;
1321
1322 assert(m);
1323
1324 /* If we are running in test mode, we still want to run the generators,
1325 * but we should not touch the real generator directories. */
1326 r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope,
1327 m->test_run_flags ? LOOKUP_PATHS_TEMPORARY_GENERATED : 0,
1328 NULL);
1329 if (r < 0)
1330 return r;
1331
1332 r = manager_run_environment_generators(m);
1333 if (r < 0)
1334 return r;
1335
1336 /* Make sure the transient directory always exists, so that it remains
1337 * in the search path */
1338 r = mkdir_p_label(m->lookup_paths.transient, 0755);
1339 if (r < 0)
1340 return log_error_errno(r, "Failed to create transient generator directory \"%s\": %m",
1341 m->lookup_paths.transient);
1342
1343 dual_timestamp_get(&m->generators_start_timestamp);
1344 r = manager_run_generators(m);
1345 dual_timestamp_get(&m->generators_finish_timestamp);
1346 if (r < 0)
1347 return r;
1348
1349 /* If this is the first boot, and we are in the host system, then preset everything */
1350 if (m->first_boot > 0 &&
1351 MANAGER_IS_SYSTEM(m) &&
1352 !m->test_run_flags) {
1353
1354 r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
1355 if (r < 0)
1356 log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r,
1357 "Failed to populate /etc with preset unit settings, ignoring: %m");
1358 else
1359 log_info("Populated /etc with preset unit settings.");
1360 }
1361
1362 lookup_paths_reduce(&m->lookup_paths);
1363 manager_build_unit_path_cache(m);
1364
1365 /* If we will deserialize make sure that during enumeration
1366 * this is already known, so we increase the counter here
1367 * already */
1368 if (serialization)
1369 m->n_reloading++;
1370
1371 /* First, enumerate what we can from all config files */
1372 dual_timestamp_get(&m->units_load_start_timestamp);
1373 manager_enumerate(m);
1374 dual_timestamp_get(&m->units_load_finish_timestamp);
1375
1376 /* Second, deserialize if there is something to deserialize */
1377 if (serialization) {
1378 r = manager_deserialize(m, serialization, fds);
1379 if (r < 0)
1380 return log_error_errno(r, "Deserialization failed: %m");
1381 }
1382
1383 /* Any fds left? Find some unit which wants them. This is
1384 * useful to allow container managers to pass some file
1385 * descriptors to us pre-initialized. This enables
1386 * socket-based activation of entire containers. */
1387 manager_distribute_fds(m, fds);
1388
1389 /* We might have deserialized the notify fd, but if we didn't
1390 * then let's create the bus now */
1391 r = manager_setup_notify(m);
1392 if (r < 0)
1393 /* No sense to continue without notifications, our children would fail anyway. */
1394 return r;
1395
1396 r = manager_setup_cgroups_agent(m);
1397 if (r < 0)
1398 /* Likewise, no sense to continue without empty cgroup notifications. */
1399 return r;
1400
1401 r = manager_setup_user_lookup_fd(m);
1402 if (r < 0)
1403 /* This shouldn't fail, except if things are really broken. */
1404 return r;
1405
1406 /* Let's connect to the bus now. */
1407 (void) manager_connect_bus(m, !!serialization);
1408
1409 (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
1410 m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
1411
1412 /* Third, fire things up! */
1413 manager_coldplug(m);
1414
1415 /* Release any dynamic users no longer referenced */
1416 dynamic_user_vacuum(m, true);
1417
1418 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1419 manager_vacuum_uid_refs(m);
1420 manager_vacuum_gid_refs(m);
1421
1422 if (serialization) {
1423 assert(m->n_reloading > 0);
1424 m->n_reloading--;
1425
1426 /* Let's wait for the UnitNew/JobNew messages being
1427 * sent, before we notify that the reload is
1428 * finished */
1429 m->send_reloading_done = true;
1430 }
1431
1432 return 0;
1433 }
1434
1435 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
1436 int r;
1437 Transaction *tr;
1438
1439 assert(m);
1440 assert(type < _JOB_TYPE_MAX);
1441 assert(unit);
1442 assert(mode < _JOB_MODE_MAX);
1443
1444 if (mode == JOB_ISOLATE && type != JOB_START)
1445 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
1446
1447 if (mode == JOB_ISOLATE && !unit->allow_isolate)
1448 return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
1449
1450 log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
1451
1452 type = job_type_collapse(type, unit);
1453
1454 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1455 if (!tr)
1456 return -ENOMEM;
1457
1458 r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
1459 IN_SET(mode, JOB_IGNORE_DEPENDENCIES, JOB_IGNORE_REQUIREMENTS),
1460 mode == JOB_IGNORE_DEPENDENCIES, e);
1461 if (r < 0)
1462 goto tr_abort;
1463
1464 if (mode == JOB_ISOLATE) {
1465 r = transaction_add_isolate_jobs(tr, m);
1466 if (r < 0)
1467 goto tr_abort;
1468 }
1469
1470 r = transaction_activate(tr, m, mode, e);
1471 if (r < 0)
1472 goto tr_abort;
1473
1474 log_unit_debug(unit,
1475 "Enqueued job %s/%s as %u", unit->id,
1476 job_type_to_string(type), (unsigned) tr->anchor_job->id);
1477
1478 if (_ret)
1479 *_ret = tr->anchor_job;
1480
1481 transaction_free(tr);
1482 return 0;
1483
1484 tr_abort:
1485 transaction_abort(tr);
1486 transaction_free(tr);
1487 return r;
1488 }
1489
1490 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
1491 Unit *unit = NULL; /* just to appease gcc, initialization is not really necessary */
1492 int r;
1493
1494 assert(m);
1495 assert(type < _JOB_TYPE_MAX);
1496 assert(name);
1497 assert(mode < _JOB_MODE_MAX);
1498
1499 r = manager_load_unit(m, name, NULL, NULL, &unit);
1500 if (r < 0)
1501 return r;
1502 assert(unit);
1503
1504 return manager_add_job(m, type, unit, mode, e, ret);
1505 }
1506
1507 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
1508 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1509 int r;
1510
1511 assert(m);
1512 assert(type < _JOB_TYPE_MAX);
1513 assert(name);
1514 assert(mode < _JOB_MODE_MAX);
1515
1516 r = manager_add_job_by_name(m, type, name, mode, &error, ret);
1517 if (r < 0)
1518 return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
1519
1520 return r;
1521 }
1522
1523 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e) {
1524 int r;
1525 Transaction *tr;
1526
1527 assert(m);
1528 assert(unit);
1529 assert(mode < _JOB_MODE_MAX);
1530 assert(mode != JOB_ISOLATE); /* Isolate is only valid for start */
1531
1532 tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
1533 if (!tr)
1534 return -ENOMEM;
1535
1536 /* We need an anchor job */
1537 r = transaction_add_job_and_dependencies(tr, JOB_NOP, unit, NULL, false, false, true, true, e);
1538 if (r < 0)
1539 goto tr_abort;
1540
1541 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1542 transaction_add_propagate_reload_jobs(tr, unit, tr->anchor_job, mode == JOB_IGNORE_DEPENDENCIES, e);
1543
1544 r = transaction_activate(tr, m, mode, e);
1545 if (r < 0)
1546 goto tr_abort;
1547
1548 transaction_free(tr);
1549 return 0;
1550
1551 tr_abort:
1552 transaction_abort(tr);
1553 transaction_free(tr);
1554 return r;
1555 }
1556
1557 Job *manager_get_job(Manager *m, uint32_t id) {
1558 assert(m);
1559
1560 return hashmap_get(m->jobs, UINT32_TO_PTR(id));
1561 }
1562
1563 Unit *manager_get_unit(Manager *m, const char *name) {
1564 assert(m);
1565 assert(name);
1566
1567 return hashmap_get(m->units, name);
1568 }
1569
1570 unsigned manager_dispatch_load_queue(Manager *m) {
1571 Unit *u;
1572 unsigned n = 0;
1573
1574 assert(m);
1575
1576 /* Make sure we are not run recursively */
1577 if (m->dispatching_load_queue)
1578 return 0;
1579
1580 m->dispatching_load_queue = true;
1581
1582 /* Dispatches the load queue. Takes a unit from the queue and
1583 * tries to load its data until the queue is empty */
1584
1585 while ((u = m->load_queue)) {
1586 assert(u->in_load_queue);
1587
1588 unit_load(u);
1589 n++;
1590 }
1591
1592 m->dispatching_load_queue = false;
1593 return n;
1594 }
1595
1596 int manager_load_unit_prepare(
1597 Manager *m,
1598 const char *name,
1599 const char *path,
1600 sd_bus_error *e,
1601 Unit **_ret) {
1602
1603 Unit *ret;
1604 UnitType t;
1605 int r;
1606
1607 assert(m);
1608 assert(name || path);
1609 assert(_ret);
1610
1611 /* This will prepare the unit for loading, but not actually
1612 * load anything from disk. */
1613
1614 if (path && !is_path(path))
1615 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
1616
1617 if (!name)
1618 name = basename(path);
1619
1620 t = unit_name_to_type(name);
1621
1622 if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
1623 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
1624 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
1625
1626 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
1627 }
1628
1629 ret = manager_get_unit(m, name);
1630 if (ret) {
1631 *_ret = ret;
1632 return 1;
1633 }
1634
1635 ret = unit_new(m, unit_vtable[t]->object_size);
1636 if (!ret)
1637 return -ENOMEM;
1638
1639 if (path) {
1640 ret->fragment_path = strdup(path);
1641 if (!ret->fragment_path) {
1642 unit_free(ret);
1643 return -ENOMEM;
1644 }
1645 }
1646
1647 r = unit_add_name(ret, name);
1648 if (r < 0) {
1649 unit_free(ret);
1650 return r;
1651 }
1652
1653 unit_add_to_load_queue(ret);
1654 unit_add_to_dbus_queue(ret);
1655 unit_add_to_gc_queue(ret);
1656
1657 *_ret = ret;
1658
1659 return 0;
1660 }
1661
1662 int manager_load_unit(
1663 Manager *m,
1664 const char *name,
1665 const char *path,
1666 sd_bus_error *e,
1667 Unit **_ret) {
1668
1669 int r;
1670
1671 assert(m);
1672 assert(_ret);
1673
1674 /* This will load the service information files, but not actually
1675 * start any services or anything. */
1676
1677 r = manager_load_unit_prepare(m, name, path, e, _ret);
1678 if (r != 0)
1679 return r;
1680
1681 manager_dispatch_load_queue(m);
1682
1683 *_ret = unit_follow_merge(*_ret);
1684
1685 return 0;
1686 }
1687
1688 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
1689 Iterator i;
1690 Job *j;
1691
1692 assert(s);
1693 assert(f);
1694
1695 HASHMAP_FOREACH(j, s->jobs, i)
1696 job_dump(j, f, prefix);
1697 }
1698
1699 void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
1700 Iterator i;
1701 Unit *u;
1702 const char *t;
1703
1704 assert(s);
1705 assert(f);
1706
1707 HASHMAP_FOREACH_KEY(u, t, s->units, i)
1708 if (u->id == t)
1709 unit_dump(u, f, prefix);
1710 }
1711
1712 void manager_clear_jobs(Manager *m) {
1713 Job *j;
1714
1715 assert(m);
1716
1717 while ((j = hashmap_first(m->jobs)))
1718 /* No need to recurse. We're cancelling all jobs. */
1719 job_finish_and_invalidate(j, JOB_CANCELED, false, false);
1720 }
1721
1722 static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
1723 Manager *m = userdata;
1724 Job *j;
1725
1726 assert(source);
1727 assert(m);
1728
1729 while ((j = m->run_queue)) {
1730 assert(j->installed);
1731 assert(j->in_run_queue);
1732
1733 job_run_and_invalidate(j);
1734 }
1735
1736 if (m->n_running_jobs > 0)
1737 manager_watch_jobs_in_progress(m);
1738
1739 if (m->n_on_console > 0)
1740 manager_watch_idle_pipe(m);
1741
1742 return 1;
1743 }
1744
1745 static unsigned manager_dispatch_dbus_queue(Manager *m) {
1746 Job *j;
1747 Unit *u;
1748 unsigned n = 0;
1749
1750 assert(m);
1751
1752 if (m->dispatching_dbus_queue)
1753 return 0;
1754
1755 m->dispatching_dbus_queue = true;
1756
1757 while ((u = m->dbus_unit_queue)) {
1758 assert(u->in_dbus_queue);
1759
1760 bus_unit_send_change_signal(u);
1761 n++;
1762 }
1763
1764 while ((j = m->dbus_job_queue)) {
1765 assert(j->in_dbus_queue);
1766
1767 bus_job_send_change_signal(j);
1768 n++;
1769 }
1770
1771 m->dispatching_dbus_queue = false;
1772
1773 if (m->send_reloading_done) {
1774 m->send_reloading_done = false;
1775
1776 bus_manager_send_reloading(m, false);
1777 }
1778
1779 if (m->queued_message)
1780 bus_send_queued_message(m);
1781
1782 return n;
1783 }
1784
1785 static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1786 Manager *m = userdata;
1787 char buf[PATH_MAX+1];
1788 ssize_t n;
1789
1790 n = recv(fd, buf, sizeof(buf), 0);
1791 if (n < 0)
1792 return log_error_errno(errno, "Failed to read cgroups agent message: %m");
1793 if (n == 0) {
1794 log_error("Got zero-length cgroups agent message, ignoring.");
1795 return 0;
1796 }
1797 if ((size_t) n >= sizeof(buf)) {
1798 log_error("Got overly long cgroups agent message, ignoring.");
1799 return 0;
1800 }
1801
1802 if (memchr(buf, 0, n)) {
1803 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1804 return 0;
1805 }
1806 buf[n] = 0;
1807
1808 manager_notify_cgroup_empty(m, buf);
1809 (void) bus_forward_agent_released(m, buf);
1810
1811 return 0;
1812 }
1813
1814 static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
1815 _cleanup_strv_free_ char **tags = NULL;
1816
1817 assert(m);
1818 assert(u);
1819 assert(buf);
1820
1821 tags = strv_split(buf, "\n\r");
1822 if (!tags) {
1823 log_oom();
1824 return;
1825 }
1826
1827 if (UNIT_VTABLE(u)->notify_message)
1828 UNIT_VTABLE(u)->notify_message(u, pid, tags, fds);
1829 else if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
1830 _cleanup_free_ char *x = NULL, *y = NULL;
1831
1832 x = cescape(buf);
1833 if (x)
1834 y = ellipsize(x, 20, 90);
1835 log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
1836 }
1837 }
1838
1839 static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
1840
1841 _cleanup_fdset_free_ FDSet *fds = NULL;
1842 Manager *m = userdata;
1843 char buf[NOTIFY_BUFFER_MAX+1];
1844 struct iovec iovec = {
1845 .iov_base = buf,
1846 .iov_len = sizeof(buf)-1,
1847 };
1848 union {
1849 struct cmsghdr cmsghdr;
1850 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1851 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
1852 } control = {};
1853 struct msghdr msghdr = {
1854 .msg_iov = &iovec,
1855 .msg_iovlen = 1,
1856 .msg_control = &control,
1857 .msg_controllen = sizeof(control),
1858 };
1859
1860 struct cmsghdr *cmsg;
1861 struct ucred *ucred = NULL;
1862 Unit *u1, *u2, *u3;
1863 int r, *fd_array = NULL;
1864 unsigned n_fds = 0;
1865 ssize_t n;
1866
1867 assert(m);
1868 assert(m->notify_fd == fd);
1869
1870 if (revents != EPOLLIN) {
1871 log_warning("Got unexpected poll event for notify fd.");
1872 return 0;
1873 }
1874
1875 n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
1876 if (n < 0) {
1877 if (IN_SET(errno, EAGAIN, EINTR))
1878 return 0; /* Spurious wakeup, try again */
1879
1880 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1881 * won't take notification messages anymore, but that's still better than busy looping around this:
1882 * being woken up over and over again but being unable to actually read the message off the socket. */
1883 return log_error_errno(errno, "Failed to receive notification message: %m");
1884 }
1885
1886 CMSG_FOREACH(cmsg, &msghdr) {
1887 if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
1888
1889 fd_array = (int*) CMSG_DATA(cmsg);
1890 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1891
1892 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1893 cmsg->cmsg_type == SCM_CREDENTIALS &&
1894 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
1895
1896 ucred = (struct ucred*) CMSG_DATA(cmsg);
1897 }
1898 }
1899
1900 if (n_fds > 0) {
1901 assert(fd_array);
1902
1903 r = fdset_new_array(&fds, fd_array, n_fds);
1904 if (r < 0) {
1905 close_many(fd_array, n_fds);
1906 log_oom();
1907 return 0;
1908 }
1909 }
1910
1911 if (!ucred || ucred->pid <= 0) {
1912 log_warning("Received notify message without valid credentials. Ignoring.");
1913 return 0;
1914 }
1915
1916 if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
1917 log_warning("Received notify message exceeded maximum size. Ignoring.");
1918 return 0;
1919 }
1920
1921 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
1922 * trailing NUL byte in the message, but don't expect it. */
1923 if (n > 1 && memchr(buf, 0, n-1)) {
1924 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
1925 return 0;
1926 }
1927
1928 /* Make sure it's NUL-terminated. */
1929 buf[n] = 0;
1930
1931 /* Notify every unit that might be interested, but try
1932 * to avoid notifying the same one multiple times. */
1933 u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
1934 if (u1)
1935 manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
1936
1937 u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
1938 if (u2 && u2 != u1)
1939 manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
1940
1941 u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
1942 if (u3 && u3 != u2 && u3 != u1)
1943 manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
1944
1945 if (!u1 && !u2 && !u3)
1946 log_warning("Cannot find unit for notify message of PID "PID_FMT".", ucred->pid);
1947
1948 if (fdset_size(fds) > 0)
1949 log_warning("Got extra auxiliary fds with notification message, closing them.");
1950
1951 return 0;
1952 }
1953
1954 static void invoke_sigchld_event(Manager *m, Unit *u, const siginfo_t *si) {
1955 uint64_t iteration;
1956
1957 assert(m);
1958 assert(u);
1959 assert(si);
1960
1961 sd_event_get_iteration(m->event, &iteration);
1962
1963 log_unit_debug(u, "Child "PID_FMT" belongs to %s", si->si_pid, u->id);
1964
1965 unit_unwatch_pid(u, si->si_pid);
1966
1967 if (UNIT_VTABLE(u)->sigchld_event) {
1968 if (set_size(u->pids) <= 1 ||
1969 iteration != u->sigchldgen ||
1970 unit_main_pid(u) == si->si_pid ||
1971 unit_control_pid(u) == si->si_pid) {
1972 UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
1973 u->sigchldgen = iteration;
1974 } else
1975 log_debug("%s already issued a sigchld this iteration %" PRIu64 ", skipping. Pids still being watched %d", u->id, iteration, set_size(u->pids));
1976 }
1977 }
1978
1979 static int manager_dispatch_sigchld(Manager *m) {
1980 assert(m);
1981
1982 for (;;) {
1983 siginfo_t si = {};
1984
1985 /* First we call waitd() for a PID and do not reap the
1986 * zombie. That way we can still access /proc/$PID for
1987 * it while it is a zombie. */
1988 if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
1989
1990 if (errno == ECHILD)
1991 break;
1992
1993 if (errno == EINTR)
1994 continue;
1995
1996 return -errno;
1997 }
1998
1999 if (si.si_pid <= 0)
2000 break;
2001
2002 if (IN_SET(si.si_code, CLD_EXITED, CLD_KILLED, CLD_DUMPED)) {
2003 _cleanup_free_ char *name = NULL;
2004 Unit *u1, *u2, *u3;
2005
2006 get_process_comm(si.si_pid, &name);
2007
2008 log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
2009 si.si_pid, strna(name),
2010 sigchld_code_to_string(si.si_code),
2011 si.si_status,
2012 strna(si.si_code == CLD_EXITED
2013 ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
2014 : signal_to_string(si.si_status)));
2015
2016 /* And now figure out the unit this belongs
2017 * to, it might be multiple... */
2018 u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
2019 if (u1)
2020 invoke_sigchld_event(m, u1, &si);
2021 u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(si.si_pid));
2022 if (u2 && u2 != u1)
2023 invoke_sigchld_event(m, u2, &si);
2024 u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(si.si_pid));
2025 if (u3 && u3 != u2 && u3 != u1)
2026 invoke_sigchld_event(m, u3, &si);
2027 }
2028
2029 /* And now, we actually reap the zombie. */
2030 if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
2031 if (errno == EINTR)
2032 continue;
2033
2034 return -errno;
2035 }
2036 }
2037
2038 return 0;
2039 }
2040
2041 static void manager_start_target(Manager *m, const char *name, JobMode mode) {
2042 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2043 int r;
2044
2045 log_debug("Activating special unit %s", name);
2046
2047 r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
2048 if (r < 0)
2049 log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
2050 }
2051
2052 static void manager_handle_ctrl_alt_del(Manager *m) {
2053 /* If the user presses C-A-D more than
2054 * 7 times within 2s, we reboot/shutdown immediately,
2055 * unless it was disabled in system.conf */
2056
2057 if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
2058 manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
2059 else
2060 emergency_action(m, m->cad_burst_action, NULL,
2061 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2062 }
2063
2064 static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2065 Manager *m = userdata;
2066 ssize_t n;
2067 struct signalfd_siginfo sfsi;
2068 bool sigchld = false;
2069 int r;
2070
2071 assert(m);
2072 assert(m->signal_fd == fd);
2073
2074 if (revents != EPOLLIN) {
2075 log_warning("Got unexpected events from signal file descriptor.");
2076 return 0;
2077 }
2078
2079 for (;;) {
2080 n = read(m->signal_fd, &sfsi, sizeof(sfsi));
2081 if (n != sizeof(sfsi)) {
2082 if (n >= 0) {
2083 log_warning("Truncated read from signal fd (%zu bytes)!", n);
2084 return 0;
2085 }
2086
2087 if (IN_SET(errno, EINTR, EAGAIN))
2088 break;
2089
2090 /* We return an error here, which will kill this handler,
2091 * to avoid a busy loop on read error. */
2092 return log_error_errno(errno, "Reading from signal fd failed: %m");
2093 }
2094
2095 log_received_signal(sfsi.ssi_signo == SIGCHLD ||
2096 (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
2097 ? LOG_DEBUG : LOG_INFO,
2098 &sfsi);
2099
2100 switch (sfsi.ssi_signo) {
2101
2102 case SIGCHLD:
2103 sigchld = true;
2104 break;
2105
2106 case SIGTERM:
2107 if (MANAGER_IS_SYSTEM(m)) {
2108 /* This is for compatibility with the
2109 * original sysvinit */
2110 r = verify_run_space_and_log("Refusing to reexecute");
2111 if (r >= 0)
2112 m->exit_code = MANAGER_REEXECUTE;
2113 break;
2114 }
2115
2116 /* Fall through */
2117
2118 case SIGINT:
2119 if (MANAGER_IS_SYSTEM(m))
2120 manager_handle_ctrl_alt_del(m);
2121 else
2122 manager_start_target(m, SPECIAL_EXIT_TARGET,
2123 JOB_REPLACE_IRREVERSIBLY);
2124 break;
2125
2126 case SIGWINCH:
2127 if (MANAGER_IS_SYSTEM(m))
2128 manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
2129
2130 /* This is a nop on non-init */
2131 break;
2132
2133 case SIGPWR:
2134 if (MANAGER_IS_SYSTEM(m))
2135 manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
2136
2137 /* This is a nop on non-init */
2138 break;
2139
2140 case SIGUSR1: {
2141 Unit *u;
2142
2143 u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
2144
2145 if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
2146 log_info("Trying to reconnect to bus...");
2147 bus_init(m, true);
2148 }
2149
2150 if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) {
2151 log_info("Loading D-Bus service...");
2152 manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
2153 }
2154
2155 break;
2156 }
2157
2158 case SIGUSR2: {
2159 _cleanup_free_ char *dump = NULL;
2160 _cleanup_fclose_ FILE *f = NULL;
2161 size_t size;
2162
2163 f = open_memstream(&dump, &size);
2164 if (!f) {
2165 log_warning_errno(errno, "Failed to allocate memory stream: %m");
2166 break;
2167 }
2168
2169 manager_dump_units(m, f, "\t");
2170 manager_dump_jobs(m, f, "\t");
2171
2172 r = fflush_and_check(f);
2173 if (r < 0) {
2174 log_warning_errno(r, "Failed to write status stream: %m");
2175 break;
2176 }
2177
2178 log_dump(LOG_INFO, dump);
2179 break;
2180 }
2181
2182 case SIGHUP:
2183 r = verify_run_space_and_log("Refusing to reload");
2184 if (r >= 0)
2185 m->exit_code = MANAGER_RELOAD;
2186 break;
2187
2188 default: {
2189
2190 /* Starting SIGRTMIN+0 */
2191 static const struct {
2192 const char *target;
2193 JobMode mode;
2194 } target_table[] = {
2195 [0] = { SPECIAL_DEFAULT_TARGET, JOB_ISOLATE },
2196 [1] = { SPECIAL_RESCUE_TARGET, JOB_ISOLATE },
2197 [2] = { SPECIAL_EMERGENCY_TARGET, JOB_ISOLATE },
2198 [3] = { SPECIAL_HALT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2199 [4] = { SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY },
2200 [5] = { SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY },
2201 [6] = { SPECIAL_KEXEC_TARGET, JOB_REPLACE_IRREVERSIBLY }
2202 };
2203
2204 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2205 static const ManagerExitCode code_table[] = {
2206 [0] = MANAGER_HALT,
2207 [1] = MANAGER_POWEROFF,
2208 [2] = MANAGER_REBOOT,
2209 [3] = MANAGER_KEXEC
2210 };
2211
2212 if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
2213 (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
2214 int idx = (int) sfsi.ssi_signo - SIGRTMIN;
2215 manager_start_target(m, target_table[idx].target,
2216 target_table[idx].mode);
2217 break;
2218 }
2219
2220 if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
2221 (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
2222 m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
2223 break;
2224 }
2225
2226 switch (sfsi.ssi_signo - SIGRTMIN) {
2227
2228 case 20:
2229 manager_set_show_status(m, SHOW_STATUS_YES);
2230 break;
2231
2232 case 21:
2233 manager_set_show_status(m, SHOW_STATUS_NO);
2234 break;
2235
2236 case 22:
2237 log_set_max_level(LOG_DEBUG);
2238 log_info("Setting log level to debug.");
2239 break;
2240
2241 case 23:
2242 log_set_max_level(LOG_INFO);
2243 log_info("Setting log level to info.");
2244 break;
2245
2246 case 24:
2247 if (MANAGER_IS_USER(m)) {
2248 m->exit_code = MANAGER_EXIT;
2249 return 0;
2250 }
2251
2252 /* This is a nop on init */
2253 break;
2254
2255 case 26:
2256 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2257 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
2258 log_notice("Setting log target to journal-or-kmsg.");
2259 break;
2260
2261 case 27:
2262 log_set_target(LOG_TARGET_CONSOLE);
2263 log_notice("Setting log target to console.");
2264 break;
2265
2266 case 28:
2267 log_set_target(LOG_TARGET_KMSG);
2268 log_notice("Setting log target to kmsg.");
2269 break;
2270
2271 default:
2272 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
2273 }
2274 }
2275 }
2276 }
2277
2278 if (sigchld)
2279 manager_dispatch_sigchld(m);
2280
2281 return 0;
2282 }
2283
2284 static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2285 Manager *m = userdata;
2286 Iterator i;
2287 Unit *u;
2288
2289 assert(m);
2290 assert(m->time_change_fd == fd);
2291
2292 log_struct(LOG_DEBUG,
2293 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR,
2294 LOG_MESSAGE("Time has been changed"),
2295 NULL);
2296
2297 /* Restart the watch */
2298 m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
2299 m->time_change_fd = safe_close(m->time_change_fd);
2300
2301 manager_setup_time_change(m);
2302
2303 HASHMAP_FOREACH(u, m->units, i)
2304 if (UNIT_VTABLE(u)->time_change)
2305 UNIT_VTABLE(u)->time_change(u);
2306
2307 return 0;
2308 }
2309
2310 static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2311 Manager *m = userdata;
2312
2313 assert(m);
2314 assert(m->idle_pipe[2] == fd);
2315
2316 m->no_console_output = m->n_on_console > 0;
2317
2318 manager_close_idle_pipe(m);
2319
2320 return 0;
2321 }
2322
2323 static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
2324 Manager *m = userdata;
2325 int r;
2326 uint64_t next;
2327
2328 assert(m);
2329 assert(source);
2330
2331 manager_print_jobs_in_progress(m);
2332
2333 next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
2334 r = sd_event_source_set_time(source, next);
2335 if (r < 0)
2336 return r;
2337
2338 return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
2339 }
2340
2341 int manager_loop(Manager *m) {
2342 int r;
2343
2344 RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
2345
2346 assert(m);
2347 m->exit_code = MANAGER_OK;
2348
2349 /* Release the path cache */
2350 m->unit_path_cache = set_free_free(m->unit_path_cache);
2351
2352 manager_check_finished(m);
2353
2354 /* There might still be some zombies hanging around from
2355 * before we were exec()'ed. Let's reap them. */
2356 r = manager_dispatch_sigchld(m);
2357 if (r < 0)
2358 return r;
2359
2360 while (m->exit_code == MANAGER_OK) {
2361 usec_t wait_usec;
2362
2363 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
2364 watchdog_ping();
2365
2366 if (!ratelimit_test(&rl)) {
2367 /* Yay, something is going seriously wrong, pause a little */
2368 log_warning("Looping too fast. Throttling execution a little.");
2369 sleep(1);
2370 }
2371
2372 if (manager_dispatch_load_queue(m) > 0)
2373 continue;
2374
2375 if (manager_dispatch_gc_job_queue(m) > 0)
2376 continue;
2377
2378 if (manager_dispatch_gc_unit_queue(m) > 0)
2379 continue;
2380
2381 if (manager_dispatch_cleanup_queue(m) > 0)
2382 continue;
2383
2384 if (manager_dispatch_cgroup_realize_queue(m) > 0)
2385 continue;
2386
2387 if (manager_dispatch_dbus_queue(m) > 0)
2388 continue;
2389
2390 /* Sleep for half the watchdog time */
2391 if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
2392 wait_usec = m->runtime_watchdog / 2;
2393 if (wait_usec <= 0)
2394 wait_usec = 1;
2395 } else
2396 wait_usec = USEC_INFINITY;
2397
2398 r = sd_event_run(m->event, wait_usec);
2399 if (r < 0)
2400 return log_error_errno(r, "Failed to run event loop: %m");
2401 }
2402
2403 return m->exit_code;
2404 }
2405
2406 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
2407 _cleanup_free_ char *n = NULL;
2408 sd_id128_t invocation_id;
2409 Unit *u;
2410 int r;
2411
2412 assert(m);
2413 assert(s);
2414 assert(_u);
2415
2416 r = unit_name_from_dbus_path(s, &n);
2417 if (r < 0)
2418 return r;
2419
2420 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2421 * as invocation ID. */
2422 r = sd_id128_from_string(n, &invocation_id);
2423 if (r >= 0) {
2424 u = hashmap_get(m->units_by_invocation_id, &invocation_id);
2425 if (u) {
2426 *_u = u;
2427 return 0;
2428 }
2429
2430 return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
2431 }
2432
2433 /* If this didn't work, we check if this is a unit name */
2434 if (!unit_name_is_valid(n, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
2435 return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is neither a valid invocation ID nor unit name.", n);
2436
2437 r = manager_load_unit(m, n, NULL, e, &u);
2438 if (r < 0)
2439 return r;
2440
2441 *_u = u;
2442 return 0;
2443 }
2444
2445 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
2446 const char *p;
2447 unsigned id;
2448 Job *j;
2449 int r;
2450
2451 assert(m);
2452 assert(s);
2453 assert(_j);
2454
2455 p = startswith(s, "/org/freedesktop/systemd1/job/");
2456 if (!p)
2457 return -EINVAL;
2458
2459 r = safe_atou(p, &id);
2460 if (r < 0)
2461 return r;
2462
2463 j = manager_get_job(m, id);
2464 if (!j)
2465 return -ENOENT;
2466
2467 *_j = j;
2468
2469 return 0;
2470 }
2471
2472 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
2473
2474 #if HAVE_AUDIT
2475 _cleanup_free_ char *p = NULL;
2476 const char *msg;
2477 int audit_fd, r;
2478
2479 if (!MANAGER_IS_SYSTEM(m))
2480 return;
2481
2482 audit_fd = get_audit_fd();
2483 if (audit_fd < 0)
2484 return;
2485
2486 /* Don't generate audit events if the service was already
2487 * started and we're just deserializing */
2488 if (MANAGER_IS_RELOADING(m))
2489 return;
2490
2491 if (u->type != UNIT_SERVICE)
2492 return;
2493
2494 r = unit_name_to_prefix_and_instance(u->id, &p);
2495 if (r < 0) {
2496 log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
2497 return;
2498 }
2499
2500 msg = strjoina("unit=", p);
2501 if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
2502 if (errno == EPERM)
2503 /* We aren't allowed to send audit messages?
2504 * Then let's not retry again. */
2505 close_audit_fd();
2506 else
2507 log_warning_errno(errno, "Failed to send audit message: %m");
2508 }
2509 #endif
2510
2511 }
2512
2513 void manager_send_unit_plymouth(Manager *m, Unit *u) {
2514 static const union sockaddr_union sa = PLYMOUTH_SOCKET;
2515 _cleanup_free_ char *message = NULL;
2516 _cleanup_close_ int fd = -1;
2517 int n = 0;
2518
2519 /* Don't generate plymouth events if the service was already
2520 * started and we're just deserializing */
2521 if (MANAGER_IS_RELOADING(m))
2522 return;
2523
2524 if (!MANAGER_IS_SYSTEM(m))
2525 return;
2526
2527 if (detect_container() > 0)
2528 return;
2529
2530 if (!IN_SET(u->type, UNIT_SERVICE, UNIT_MOUNT, UNIT_SWAP))
2531 return;
2532
2533 /* We set SOCK_NONBLOCK here so that we rather drop the
2534 * message then wait for plymouth */
2535 fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2536 if (fd < 0) {
2537 log_error_errno(errno, "socket() failed: %m");
2538 return;
2539 }
2540
2541 if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
2542
2543 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2544 log_error_errno(errno, "connect() failed: %m");
2545 return;
2546 }
2547
2548 if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
2549 log_oom();
2550 return;
2551 }
2552
2553 errno = 0;
2554 if (write(fd, message, n + 1) != n + 1)
2555 if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
2556 log_error_errno(errno, "Failed to write Plymouth message: %m");
2557 }
2558
2559 int manager_open_serialization(Manager *m, FILE **_f) {
2560 int fd;
2561 FILE *f;
2562
2563 assert(_f);
2564
2565 fd = open_serialization_fd("systemd-state");
2566 if (fd < 0)
2567 return fd;
2568
2569 f = fdopen(fd, "w+");
2570 if (!f) {
2571 safe_close(fd);
2572 return -errno;
2573 }
2574
2575 *_f = f;
2576 return 0;
2577 }
2578
2579 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
2580 Iterator i;
2581 Unit *u;
2582 const char *t;
2583 int r;
2584
2585 assert(m);
2586 assert(f);
2587 assert(fds);
2588
2589 m->n_reloading++;
2590
2591 fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
2592 fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
2593 fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
2594 fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
2595 fprintf(f, "ready-sent=%s\n", yes_no(m->ready_sent));
2596
2597 dual_timestamp_serialize(f, "firmware-timestamp", &m->firmware_timestamp);
2598 dual_timestamp_serialize(f, "loader-timestamp", &m->loader_timestamp);
2599 dual_timestamp_serialize(f, "kernel-timestamp", &m->kernel_timestamp);
2600 dual_timestamp_serialize(f, "initrd-timestamp", &m->initrd_timestamp);
2601
2602 if (!in_initrd()) {
2603 dual_timestamp_serialize(f, "userspace-timestamp", &m->userspace_timestamp);
2604 dual_timestamp_serialize(f, "finish-timestamp", &m->finish_timestamp);
2605 dual_timestamp_serialize(f, "security-start-timestamp", &m->security_start_timestamp);
2606 dual_timestamp_serialize(f, "security-finish-timestamp", &m->security_finish_timestamp);
2607 dual_timestamp_serialize(f, "generators-start-timestamp", &m->generators_start_timestamp);
2608 dual_timestamp_serialize(f, "generators-finish-timestamp", &m->generators_finish_timestamp);
2609 dual_timestamp_serialize(f, "units-load-start-timestamp", &m->units_load_start_timestamp);
2610 dual_timestamp_serialize(f, "units-load-finish-timestamp", &m->units_load_finish_timestamp);
2611 }
2612
2613 if (!switching_root)
2614 (void) serialize_environment(f, m->environment);
2615
2616 if (m->notify_fd >= 0) {
2617 int copy;
2618
2619 copy = fdset_put_dup(fds, m->notify_fd);
2620 if (copy < 0)
2621 return copy;
2622
2623 fprintf(f, "notify-fd=%i\n", copy);
2624 fprintf(f, "notify-socket=%s\n", m->notify_socket);
2625 }
2626
2627 if (m->cgroups_agent_fd >= 0) {
2628 int copy;
2629
2630 copy = fdset_put_dup(fds, m->cgroups_agent_fd);
2631 if (copy < 0)
2632 return copy;
2633
2634 fprintf(f, "cgroups-agent-fd=%i\n", copy);
2635 }
2636
2637 if (m->user_lookup_fds[0] >= 0) {
2638 int copy0, copy1;
2639
2640 copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
2641 if (copy0 < 0)
2642 return copy0;
2643
2644 copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
2645 if (copy1 < 0)
2646 return copy1;
2647
2648 fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
2649 }
2650
2651 bus_track_serialize(m->subscribed, f, "subscribed");
2652
2653 r = dynamic_user_serialize(m, f, fds);
2654 if (r < 0)
2655 return r;
2656
2657 manager_serialize_uid_refs(m, f);
2658 manager_serialize_gid_refs(m, f);
2659
2660 fputc_unlocked('\n', f);
2661
2662 HASHMAP_FOREACH_KEY(u, t, m->units, i) {
2663 if (u->id != t)
2664 continue;
2665
2666 /* Start marker */
2667 fputs_unlocked(u->id, f);
2668 fputc_unlocked('\n', f);
2669
2670 r = unit_serialize(u, f, fds, !switching_root);
2671 if (r < 0) {
2672 m->n_reloading--;
2673 return r;
2674 }
2675 }
2676
2677 assert(m->n_reloading > 0);
2678 m->n_reloading--;
2679
2680 if (ferror(f))
2681 return -EIO;
2682
2683 r = bus_fdset_add_all(m, fds);
2684 if (r < 0)
2685 return r;
2686
2687 return 0;
2688 }
2689
2690 int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
2691 int r = 0;
2692
2693 assert(m);
2694 assert(f);
2695
2696 log_debug("Deserializing state...");
2697
2698 m->n_reloading++;
2699
2700 for (;;) {
2701 char line[LINE_MAX];
2702 const char *val, *l;
2703
2704 if (!fgets(line, sizeof(line), f)) {
2705 if (feof(f))
2706 r = 0;
2707 else
2708 r = -errno;
2709
2710 goto finish;
2711 }
2712
2713 char_array_0(line);
2714 l = strstrip(line);
2715
2716 if (l[0] == 0)
2717 break;
2718
2719 if ((val = startswith(l, "current-job-id="))) {
2720 uint32_t id;
2721
2722 if (safe_atou32(val, &id) < 0)
2723 log_notice("Failed to parse current job id value %s", val);
2724 else
2725 m->current_job_id = MAX(m->current_job_id, id);
2726
2727 } else if ((val = startswith(l, "n-installed-jobs="))) {
2728 uint32_t n;
2729
2730 if (safe_atou32(val, &n) < 0)
2731 log_notice("Failed to parse installed jobs counter %s", val);
2732 else
2733 m->n_installed_jobs += n;
2734
2735 } else if ((val = startswith(l, "n-failed-jobs="))) {
2736 uint32_t n;
2737
2738 if (safe_atou32(val, &n) < 0)
2739 log_notice("Failed to parse failed jobs counter %s", val);
2740 else
2741 m->n_failed_jobs += n;
2742
2743 } else if ((val = startswith(l, "taint-usr="))) {
2744 int b;
2745
2746 b = parse_boolean(val);
2747 if (b < 0)
2748 log_notice("Failed to parse taint /usr flag %s", val);
2749 else
2750 m->taint_usr = m->taint_usr || b;
2751
2752 } else if ((val = startswith(l, "ready-sent="))) {
2753 int b;
2754
2755 b = parse_boolean(val);
2756 if (b < 0)
2757 log_notice("Failed to parse ready-sent flag %s", val);
2758 else
2759 m->ready_sent = m->ready_sent || b;
2760
2761 } else if ((val = startswith(l, "firmware-timestamp=")))
2762 dual_timestamp_deserialize(val, &m->firmware_timestamp);
2763 else if ((val = startswith(l, "loader-timestamp=")))
2764 dual_timestamp_deserialize(val, &m->loader_timestamp);
2765 else if ((val = startswith(l, "kernel-timestamp=")))
2766 dual_timestamp_deserialize(val, &m->kernel_timestamp);
2767 else if ((val = startswith(l, "initrd-timestamp=")))
2768 dual_timestamp_deserialize(val, &m->initrd_timestamp);
2769 else if ((val = startswith(l, "userspace-timestamp=")))
2770 dual_timestamp_deserialize(val, &m->userspace_timestamp);
2771 else if ((val = startswith(l, "finish-timestamp=")))
2772 dual_timestamp_deserialize(val, &m->finish_timestamp);
2773 else if ((val = startswith(l, "security-start-timestamp=")))
2774 dual_timestamp_deserialize(val, &m->security_start_timestamp);
2775 else if ((val = startswith(l, "security-finish-timestamp=")))
2776 dual_timestamp_deserialize(val, &m->security_finish_timestamp);
2777 else if ((val = startswith(l, "generators-start-timestamp=")))
2778 dual_timestamp_deserialize(val, &m->generators_start_timestamp);
2779 else if ((val = startswith(l, "generators-finish-timestamp=")))
2780 dual_timestamp_deserialize(val, &m->generators_finish_timestamp);
2781 else if ((val = startswith(l, "units-load-start-timestamp=")))
2782 dual_timestamp_deserialize(val, &m->units_load_start_timestamp);
2783 else if ((val = startswith(l, "units-load-finish-timestamp=")))
2784 dual_timestamp_deserialize(val, &m->units_load_finish_timestamp);
2785 else if (startswith(l, "env=")) {
2786 r = deserialize_environment(&m->environment, l);
2787 if (r == -ENOMEM)
2788 goto finish;
2789 if (r < 0)
2790 log_notice_errno(r, "Failed to parse environment entry: \"%s\": %m", l);
2791
2792 } else if ((val = startswith(l, "notify-fd="))) {
2793 int fd;
2794
2795 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2796 log_notice("Failed to parse notify fd: \"%s\"", val);
2797 else {
2798 m->notify_event_source = sd_event_source_unref(m->notify_event_source);
2799 safe_close(m->notify_fd);
2800 m->notify_fd = fdset_remove(fds, fd);
2801 }
2802
2803 } else if ((val = startswith(l, "notify-socket="))) {
2804 char *n;
2805
2806 n = strdup(val);
2807 if (!n) {
2808 r = -ENOMEM;
2809 goto finish;
2810 }
2811
2812 free(m->notify_socket);
2813 m->notify_socket = n;
2814
2815 } else if ((val = startswith(l, "cgroups-agent-fd="))) {
2816 int fd;
2817
2818 if (safe_atoi(val, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2819 log_notice("Failed to parse cgroups agent fd: %s", val);
2820 else {
2821 m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
2822 safe_close(m->cgroups_agent_fd);
2823 m->cgroups_agent_fd = fdset_remove(fds, fd);
2824 }
2825
2826 } else if ((val = startswith(l, "user-lookup="))) {
2827 int fd0, fd1;
2828
2829 if (sscanf(val, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
2830 log_notice("Failed to parse user lookup fd: %s", val);
2831 else {
2832 m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
2833 safe_close_pair(m->user_lookup_fds);
2834 m->user_lookup_fds[0] = fdset_remove(fds, fd0);
2835 m->user_lookup_fds[1] = fdset_remove(fds, fd1);
2836 }
2837
2838 } else if ((val = startswith(l, "dynamic-user=")))
2839 dynamic_user_deserialize_one(m, val, fds);
2840 else if ((val = startswith(l, "destroy-ipc-uid=")))
2841 manager_deserialize_uid_refs_one(m, val);
2842 else if ((val = startswith(l, "destroy-ipc-gid=")))
2843 manager_deserialize_gid_refs_one(m, val);
2844 else if ((val = startswith(l, "subscribed="))) {
2845
2846 if (strv_extend(&m->deserialized_subscribed, val) < 0)
2847 log_oom();
2848
2849 } else if (!startswith(l, "kdbus-fd=")) /* ignore this one */
2850 log_notice("Unknown serialization item '%s'", l);
2851 }
2852
2853 for (;;) {
2854 Unit *u;
2855 char name[UNIT_NAME_MAX+2];
2856 const char* unit_name;
2857
2858 /* Start marker */
2859 if (!fgets(name, sizeof(name), f)) {
2860 if (feof(f))
2861 r = 0;
2862 else
2863 r = -errno;
2864
2865 goto finish;
2866 }
2867
2868 char_array_0(name);
2869 unit_name = strstrip(name);
2870
2871 r = manager_load_unit(m, unit_name, NULL, NULL, &u);
2872 if (r < 0) {
2873 log_notice_errno(r, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name);
2874 if (r == -ENOMEM)
2875 goto finish;
2876 unit_deserialize_skip(f);
2877 continue;
2878 }
2879
2880 r = unit_deserialize(u, f, fds);
2881 if (r < 0) {
2882 log_notice_errno(r, "Failed to deserialize unit \"%s\": %m", unit_name);
2883 if (r == -ENOMEM)
2884 goto finish;
2885 }
2886 }
2887
2888 finish:
2889 if (ferror(f))
2890 r = -EIO;
2891
2892 assert(m->n_reloading > 0);
2893 m->n_reloading--;
2894
2895 return r;
2896 }
2897
2898 int manager_reload(Manager *m) {
2899 int r, q;
2900 _cleanup_fclose_ FILE *f = NULL;
2901 _cleanup_fdset_free_ FDSet *fds = NULL;
2902
2903 assert(m);
2904
2905 r = manager_open_serialization(m, &f);
2906 if (r < 0)
2907 return r;
2908
2909 m->n_reloading++;
2910 bus_manager_send_reloading(m, true);
2911
2912 fds = fdset_new();
2913 if (!fds) {
2914 m->n_reloading--;
2915 return -ENOMEM;
2916 }
2917
2918 r = manager_serialize(m, f, fds, false);
2919 if (r < 0) {
2920 m->n_reloading--;
2921 return r;
2922 }
2923
2924 if (fseeko(f, 0, SEEK_SET) < 0) {
2925 m->n_reloading--;
2926 return -errno;
2927 }
2928
2929 /* From here on there is no way back. */
2930 manager_clear_jobs_and_units(m);
2931 lookup_paths_flush_generator(&m->lookup_paths);
2932 lookup_paths_free(&m->lookup_paths);
2933 dynamic_user_vacuum(m, false);
2934 m->uid_refs = hashmap_free(m->uid_refs);
2935 m->gid_refs = hashmap_free(m->gid_refs);
2936
2937 q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
2938 if (q < 0 && r >= 0)
2939 r = q;
2940
2941 q = manager_run_environment_generators(m);
2942 if (q < 0 && r >= 0)
2943 r = q;
2944
2945 /* Find new unit paths */
2946 q = manager_run_generators(m);
2947 if (q < 0 && r >= 0)
2948 r = q;
2949
2950 lookup_paths_reduce(&m->lookup_paths);
2951 manager_build_unit_path_cache(m);
2952
2953 /* First, enumerate what we can from all config files */
2954 manager_enumerate(m);
2955
2956 /* Second, deserialize our stored data */
2957 q = manager_deserialize(m, f, fds);
2958 if (q < 0) {
2959 log_error_errno(q, "Deserialization failed: %m");
2960
2961 if (r >= 0)
2962 r = q;
2963 }
2964
2965 fclose(f);
2966 f = NULL;
2967
2968 /* Re-register notify_fd as event source */
2969 q = manager_setup_notify(m);
2970 if (q < 0 && r >= 0)
2971 r = q;
2972
2973 q = manager_setup_cgroups_agent(m);
2974 if (q < 0 && r >= 0)
2975 r = q;
2976
2977 q = manager_setup_user_lookup_fd(m);
2978 if (q < 0 && r >= 0)
2979 r = q;
2980
2981 /* Third, fire things up! */
2982 manager_coldplug(m);
2983
2984 /* Release any dynamic users no longer referenced */
2985 dynamic_user_vacuum(m, true);
2986
2987 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
2988 manager_vacuum_uid_refs(m);
2989 manager_vacuum_gid_refs(m);
2990
2991 /* Sync current state of bus names with our set of listening units */
2992 if (m->api_bus)
2993 manager_sync_bus_names(m, m->api_bus);
2994
2995 assert(m->n_reloading > 0);
2996 m->n_reloading--;
2997
2998 m->send_reloading_done = true;
2999
3000 return r;
3001 }
3002
3003 void manager_reset_failed(Manager *m) {
3004 Unit *u;
3005 Iterator i;
3006
3007 assert(m);
3008
3009 HASHMAP_FOREACH(u, m->units, i)
3010 unit_reset_failed(u);
3011 }
3012
3013 bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
3014 Unit *u;
3015
3016 assert(m);
3017 assert(name);
3018
3019 /* Returns true if the unit is inactive or going down */
3020 u = manager_get_unit(m, name);
3021 if (!u)
3022 return true;
3023
3024 return unit_inactive_or_pending(u);
3025 }
3026
3027 static void manager_notify_finished(Manager *m) {
3028 char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
3029 usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
3030
3031 if (m->test_run_flags)
3032 return;
3033
3034 if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
3035
3036 /* Note that m->kernel_usec.monotonic is always at 0,
3037 * and m->firmware_usec.monotonic and
3038 * m->loader_usec.monotonic should be considered
3039 * negative values. */
3040
3041 firmware_usec = m->firmware_timestamp.monotonic - m->loader_timestamp.monotonic;
3042 loader_usec = m->loader_timestamp.monotonic - m->kernel_timestamp.monotonic;
3043 userspace_usec = m->finish_timestamp.monotonic - m->userspace_timestamp.monotonic;
3044 total_usec = m->firmware_timestamp.monotonic + m->finish_timestamp.monotonic;
3045
3046 if (dual_timestamp_is_set(&m->initrd_timestamp)) {
3047
3048 kernel_usec = m->initrd_timestamp.monotonic - m->kernel_timestamp.monotonic;
3049 initrd_usec = m->userspace_timestamp.monotonic - m->initrd_timestamp.monotonic;
3050
3051 log_struct(LOG_INFO,
3052 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3053 "KERNEL_USEC="USEC_FMT, kernel_usec,
3054 "INITRD_USEC="USEC_FMT, initrd_usec,
3055 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3056 LOG_MESSAGE("Startup finished in %s (kernel) + %s (initrd) + %s (userspace) = %s.",
3057 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3058 format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
3059 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3060 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3061 NULL);
3062 } else {
3063 kernel_usec = m->userspace_timestamp.monotonic - m->kernel_timestamp.monotonic;
3064 initrd_usec = 0;
3065
3066 log_struct(LOG_INFO,
3067 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR,
3068 "KERNEL_USEC="USEC_FMT, kernel_usec,
3069 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3070 LOG_MESSAGE("Startup finished in %s (kernel) + %s (userspace) = %s.",
3071 format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
3072 format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
3073 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3074 NULL);
3075 }
3076 } else {
3077 firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
3078 total_usec = userspace_usec = m->finish_timestamp.monotonic - m->userspace_timestamp.monotonic;
3079
3080 log_struct(LOG_INFO,
3081 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR,
3082 "USERSPACE_USEC="USEC_FMT, userspace_usec,
3083 LOG_MESSAGE("Startup finished in %s.",
3084 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
3085 NULL);
3086 }
3087
3088 bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
3089
3090 sd_notifyf(false,
3091 m->ready_sent ? "STATUS=Startup finished in %s."
3092 : "READY=1\n"
3093 "STATUS=Startup finished in %s.",
3094 format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
3095 m->ready_sent = true;
3096 }
3097
3098 void manager_check_finished(Manager *m) {
3099 assert(m);
3100
3101 if (MANAGER_IS_RELOADING(m))
3102 return;
3103
3104 /* Verify that we are actually running currently. Initially
3105 * the exit code is set to invalid, and during operation it is
3106 * then set to MANAGER_OK */
3107 if (m->exit_code != MANAGER_OK)
3108 return;
3109
3110 /* For user managers, send out READY=1 as soon as we reach basic.target */
3111 if (MANAGER_IS_USER(m) && !m->ready_sent) {
3112 Unit *u;
3113
3114 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3115 if (u && !u->job) {
3116 sd_notifyf(false,
3117 "READY=1\n"
3118 "STATUS=Reached " SPECIAL_BASIC_TARGET ".");
3119 m->ready_sent = true;
3120 }
3121 }
3122
3123 if (hashmap_size(m->jobs) > 0) {
3124 if (m->jobs_in_progress_event_source)
3125 /* Ignore any failure, this is only for feedback */
3126 (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
3127
3128 return;
3129 }
3130
3131 manager_flip_auto_status(m, false);
3132
3133 /* Notify Type=idle units that we are done now */
3134 manager_close_idle_pipe(m);
3135
3136 /* Turn off confirm spawn now */
3137 m->confirm_spawn = NULL;
3138
3139 /* No need to update ask password status when we're going non-interactive */
3140 manager_close_ask_password(m);
3141
3142 /* This is no longer the first boot */
3143 manager_set_first_boot(m, false);
3144
3145 if (dual_timestamp_is_set(&m->finish_timestamp))
3146 return;
3147
3148 dual_timestamp_get(&m->finish_timestamp);
3149
3150 manager_notify_finished(m);
3151
3152 manager_invalidate_startup_units(m);
3153 }
3154
3155 static bool generator_path_any(const char* const* paths) {
3156 char **path;
3157 bool found = false;
3158
3159 /* Optimize by skipping the whole process by not creating output directories
3160 * if no generators are found. */
3161 STRV_FOREACH(path, (char**) paths)
3162 if (access(*path, F_OK) == 0)
3163 found = true;
3164 else if (errno != ENOENT)
3165 log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
3166
3167 return found;
3168 }
3169
3170 static const char* system_env_generator_binary_paths[] = {
3171 "/run/systemd/system-environment-generators",
3172 "/etc/systemd/system-environment-generators",
3173 "/usr/local/lib/systemd/system-environment-generators",
3174 SYSTEM_ENV_GENERATOR_PATH,
3175 NULL
3176 };
3177
3178 static const char* user_env_generator_binary_paths[] = {
3179 "/run/systemd/user-environment-generators",
3180 "/etc/systemd/user-environment-generators",
3181 "/usr/local/lib/systemd/user-environment-generators",
3182 USER_ENV_GENERATOR_PATH,
3183 NULL
3184 };
3185
3186 static int manager_run_environment_generators(Manager *m) {
3187 char **tmp = NULL; /* this is only used in the forked process, no cleanup here */
3188 const char **paths;
3189 void* args[] = {&tmp, &tmp, &m->environment};
3190
3191 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_ENV_GENERATORS))
3192 return 0;
3193
3194 paths = MANAGER_IS_SYSTEM(m) ? system_env_generator_binary_paths : user_env_generator_binary_paths;
3195
3196 if (!generator_path_any(paths))
3197 return 0;
3198
3199 return execute_directories(paths, DEFAULT_TIMEOUT_USEC, gather_environment, args, NULL);
3200 }
3201
3202 static int manager_run_generators(Manager *m) {
3203 _cleanup_strv_free_ char **paths = NULL;
3204 const char *argv[5];
3205 int r;
3206
3207 assert(m);
3208
3209 if (m->test_run_flags && !(m->test_run_flags & MANAGER_TEST_RUN_GENERATORS))
3210 return 0;
3211
3212 paths = generator_binary_paths(m->unit_file_scope);
3213 if (!paths)
3214 return log_oom();
3215
3216 if (!generator_path_any((const char* const*) paths))
3217 return 0;
3218
3219 r = lookup_paths_mkdir_generator(&m->lookup_paths);
3220 if (r < 0)
3221 goto finish;
3222
3223 argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
3224 argv[1] = m->lookup_paths.generator;
3225 argv[2] = m->lookup_paths.generator_early;
3226 argv[3] = m->lookup_paths.generator_late;
3227 argv[4] = NULL;
3228
3229 RUN_WITH_UMASK(0022)
3230 execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC,
3231 NULL, NULL, (char**) argv);
3232
3233 finish:
3234 lookup_paths_trim_generator(&m->lookup_paths);
3235 return r;
3236 }
3237
3238 int manager_environment_add(Manager *m, char **minus, char **plus) {
3239 char **a = NULL, **b = NULL, **l;
3240 assert(m);
3241
3242 l = m->environment;
3243
3244 if (!strv_isempty(minus)) {
3245 a = strv_env_delete(l, 1, minus);
3246 if (!a)
3247 return -ENOMEM;
3248
3249 l = a;
3250 }
3251
3252 if (!strv_isempty(plus)) {
3253 b = strv_env_merge(2, l, plus);
3254 if (!b) {
3255 strv_free(a);
3256 return -ENOMEM;
3257 }
3258
3259 l = b;
3260 }
3261
3262 if (m->environment != l)
3263 strv_free(m->environment);
3264 if (a != l)
3265 strv_free(a);
3266 if (b != l)
3267 strv_free(b);
3268
3269 m->environment = l;
3270 manager_clean_environment(m);
3271 strv_sort(m->environment);
3272
3273 return 0;
3274 }
3275
3276 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
3277 int i;
3278
3279 assert(m);
3280
3281 for (i = 0; i < _RLIMIT_MAX; i++) {
3282 m->rlimit[i] = mfree(m->rlimit[i]);
3283
3284 if (!default_rlimit[i])
3285 continue;
3286
3287 m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
3288 if (!m->rlimit[i])
3289 return log_oom();
3290 }
3291
3292 return 0;
3293 }
3294
3295 void manager_recheck_journal(Manager *m) {
3296 Unit *u;
3297
3298 assert(m);
3299
3300 if (!MANAGER_IS_SYSTEM(m))
3301 return;
3302
3303 u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
3304 if (u && SOCKET(u)->state != SOCKET_RUNNING) {
3305 log_close_journal();
3306 return;
3307 }
3308
3309 u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
3310 if (u && SERVICE(u)->state != SERVICE_RUNNING) {
3311 log_close_journal();
3312 return;
3313 }
3314
3315 /* Hmm, OK, so the socket is fully up and the service is up
3316 * too, then let's make use of the thing. */
3317 log_open();
3318 }
3319
3320 void manager_set_show_status(Manager *m, ShowStatus mode) {
3321 assert(m);
3322 assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
3323
3324 if (!MANAGER_IS_SYSTEM(m))
3325 return;
3326
3327 if (m->show_status != mode)
3328 log_debug("%s showing of status.",
3329 mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
3330 m->show_status = mode;
3331
3332 if (mode > 0)
3333 (void) touch("/run/systemd/show-status");
3334 else
3335 (void) unlink("/run/systemd/show-status");
3336 }
3337
3338 static bool manager_get_show_status(Manager *m, StatusType type) {
3339 assert(m);
3340
3341 if (!MANAGER_IS_SYSTEM(m))
3342 return false;
3343
3344 if (m->no_console_output)
3345 return false;
3346
3347 if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
3348 return false;
3349
3350 /* If we cannot find out the status properly, just proceed. */
3351 if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
3352 return false;
3353
3354 if (m->show_status > 0)
3355 return true;
3356
3357 return false;
3358 }
3359
3360 const char *manager_get_confirm_spawn(Manager *m) {
3361 static int last_errno = 0;
3362 const char *vc = m->confirm_spawn;
3363 struct stat st;
3364 int r;
3365
3366 /* Here's the deal: we want to test the validity of the console but don't want
3367 * PID1 to go through the whole console process which might block. But we also
3368 * want to warn the user only once if something is wrong with the console so we
3369 * cannot do the sanity checks after spawning our children. So here we simply do
3370 * really basic tests to hopefully trap common errors.
3371 *
3372 * If the console suddenly disappear at the time our children will really it
3373 * then they will simply fail to acquire it and a positive answer will be
3374 * assumed. New children will fallback to /dev/console though.
3375 *
3376 * Note: TTYs are devices that can come and go any time, and frequently aren't
3377 * available yet during early boot (consider a USB rs232 dongle...). If for any
3378 * reason the configured console is not ready, we fallback to the default
3379 * console. */
3380
3381 if (!vc || path_equal(vc, "/dev/console"))
3382 return vc;
3383
3384 r = stat(vc, &st);
3385 if (r < 0)
3386 goto fail;
3387
3388 if (!S_ISCHR(st.st_mode)) {
3389 errno = ENOTTY;
3390 goto fail;
3391 }
3392
3393 last_errno = 0;
3394 return vc;
3395 fail:
3396 if (last_errno != errno) {
3397 last_errno = errno;
3398 log_warning_errno(errno, "Failed to open %s: %m, using default console", vc);
3399 }
3400 return "/dev/console";
3401 }
3402
3403 void manager_set_first_boot(Manager *m, bool b) {
3404 assert(m);
3405
3406 if (!MANAGER_IS_SYSTEM(m))
3407 return;
3408
3409 if (m->first_boot != (int) b) {
3410 if (b)
3411 (void) touch("/run/systemd/first-boot");
3412 else
3413 (void) unlink("/run/systemd/first-boot");
3414 }
3415
3416 m->first_boot = b;
3417 }
3418
3419 void manager_disable_confirm_spawn(void) {
3420 (void) touch("/run/systemd/confirm_spawn_disabled");
3421 }
3422
3423 bool manager_is_confirm_spawn_disabled(Manager *m) {
3424 if (!m->confirm_spawn)
3425 return true;
3426
3427 return access("/run/systemd/confirm_spawn_disabled", F_OK) >= 0;
3428 }
3429
3430 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
3431 va_list ap;
3432
3433 /* If m is NULL, assume we're after shutdown and let the messages through. */
3434
3435 if (m && !manager_get_show_status(m, type))
3436 return;
3437
3438 /* XXX We should totally drop the check for ephemeral here
3439 * and thus effectively make 'Type=idle' pointless. */
3440 if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
3441 return;
3442
3443 va_start(ap, format);
3444 status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
3445 va_end(ap);
3446 }
3447
3448 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
3449 char p[strlen(path)+1];
3450
3451 assert(m);
3452 assert(path);
3453
3454 strcpy(p, path);
3455 path_kill_slashes(p);
3456
3457 return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
3458 }
3459
3460 void manager_set_exec_params(Manager *m, ExecParameters *p) {
3461 assert(m);
3462 assert(p);
3463
3464 p->environment = m->environment;
3465 p->confirm_spawn = manager_get_confirm_spawn(m);
3466 p->cgroup_supported = m->cgroup_supported;
3467 p->prefix = m->prefix;
3468
3469 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m));
3470 }
3471
3472 int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
3473 unsigned size;
3474 int r;
3475
3476 assert(m);
3477 assert(u->manager == m);
3478
3479 size = set_size(m->failed_units);
3480
3481 if (failed) {
3482 r = set_ensure_allocated(&m->failed_units, NULL);
3483 if (r < 0)
3484 return log_oom();
3485
3486 if (set_put(m->failed_units, u) < 0)
3487 return log_oom();
3488 } else
3489 (void) set_remove(m->failed_units, u);
3490
3491 if (set_size(m->failed_units) != size)
3492 bus_manager_send_change_signal(m);
3493
3494 return 0;
3495 }
3496
3497 ManagerState manager_state(Manager *m) {
3498 Unit *u;
3499
3500 assert(m);
3501
3502 /* Did we ever finish booting? If not then we are still starting up */
3503 if (!dual_timestamp_is_set(&m->finish_timestamp)) {
3504
3505 u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
3506 if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
3507 return MANAGER_INITIALIZING;
3508
3509 return MANAGER_STARTING;
3510 }
3511
3512 /* Is the special shutdown target queued? If so, we are in shutdown state */
3513 u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
3514 if (u && u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))
3515 return MANAGER_STOPPING;
3516
3517 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3518 u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
3519 if (u && (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)) ||
3520 (u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))))
3521 return MANAGER_MAINTENANCE;
3522
3523 u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
3524 if (u && (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)) ||
3525 (u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))))
3526 return MANAGER_MAINTENANCE;
3527
3528 /* Are there any failed units? If so, we are in degraded mode */
3529 if (set_size(m->failed_units) > 0)
3530 return MANAGER_DEGRADED;
3531
3532 return MANAGER_RUNNING;
3533 }
3534
3535 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3536
3537 static void manager_unref_uid_internal(
3538 Manager *m,
3539 Hashmap **uid_refs,
3540 uid_t uid,
3541 bool destroy_now,
3542 int (*_clean_ipc)(uid_t uid)) {
3543
3544 uint32_t c, n;
3545
3546 assert(m);
3547 assert(uid_refs);
3548 assert(uid_is_valid(uid));
3549 assert(_clean_ipc);
3550
3551 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3552 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3553 *
3554 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3555 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3556 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3557 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3558
3559 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3560 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3561
3562 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3563 return;
3564
3565 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3566
3567 n = c & ~DESTROY_IPC_FLAG;
3568 assert(n > 0);
3569 n--;
3570
3571 if (destroy_now && n == 0) {
3572 hashmap_remove(*uid_refs, UID_TO_PTR(uid));
3573
3574 if (c & DESTROY_IPC_FLAG) {
3575 log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
3576 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3577 uid);
3578 (void) _clean_ipc(uid);
3579 }
3580 } else {
3581 c = n | (c & DESTROY_IPC_FLAG);
3582 assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
3583 }
3584 }
3585
3586 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
3587 manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
3588 }
3589
3590 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
3591 manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
3592 }
3593
3594 static int manager_ref_uid_internal(
3595 Manager *m,
3596 Hashmap **uid_refs,
3597 uid_t uid,
3598 bool clean_ipc) {
3599
3600 uint32_t c, n;
3601 int r;
3602
3603 assert(m);
3604 assert(uid_refs);
3605 assert(uid_is_valid(uid));
3606
3607 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3608 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3609
3610 assert_cc(sizeof(uid_t) == sizeof(gid_t));
3611 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
3612
3613 if (uid == 0) /* We don't keep track of root, and will never destroy it */
3614 return 0;
3615
3616 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3617 if (r < 0)
3618 return r;
3619
3620 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3621
3622 n = c & ~DESTROY_IPC_FLAG;
3623 n++;
3624
3625 if (n & DESTROY_IPC_FLAG) /* check for overflow */
3626 return -EOVERFLOW;
3627
3628 c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
3629
3630 return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3631 }
3632
3633 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
3634 return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
3635 }
3636
3637 int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
3638 return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
3639 }
3640
3641 static void manager_vacuum_uid_refs_internal(
3642 Manager *m,
3643 Hashmap **uid_refs,
3644 int (*_clean_ipc)(uid_t uid)) {
3645
3646 Iterator i;
3647 void *p, *k;
3648
3649 assert(m);
3650 assert(uid_refs);
3651 assert(_clean_ipc);
3652
3653 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3654 uint32_t c, n;
3655 uid_t uid;
3656
3657 uid = PTR_TO_UID(k);
3658 c = PTR_TO_UINT32(p);
3659
3660 n = c & ~DESTROY_IPC_FLAG;
3661 if (n > 0)
3662 continue;
3663
3664 if (c & DESTROY_IPC_FLAG) {
3665 log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
3666 _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
3667 uid);
3668 (void) _clean_ipc(uid);
3669 }
3670
3671 assert_se(hashmap_remove(*uid_refs, k) == p);
3672 }
3673 }
3674
3675 void manager_vacuum_uid_refs(Manager *m) {
3676 manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
3677 }
3678
3679 void manager_vacuum_gid_refs(Manager *m) {
3680 manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
3681 }
3682
3683 static void manager_serialize_uid_refs_internal(
3684 Manager *m,
3685 FILE *f,
3686 Hashmap **uid_refs,
3687 const char *field_name) {
3688
3689 Iterator i;
3690 void *p, *k;
3691
3692 assert(m);
3693 assert(f);
3694 assert(uid_refs);
3695 assert(field_name);
3696
3697 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3698 * of it is better rebuild after a reload/reexec. */
3699
3700 HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
3701 uint32_t c;
3702 uid_t uid;
3703
3704 uid = PTR_TO_UID(k);
3705 c = PTR_TO_UINT32(p);
3706
3707 if (!(c & DESTROY_IPC_FLAG))
3708 continue;
3709
3710 fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
3711 }
3712 }
3713
3714 void manager_serialize_uid_refs(Manager *m, FILE *f) {
3715 manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
3716 }
3717
3718 void manager_serialize_gid_refs(Manager *m, FILE *f) {
3719 manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
3720 }
3721
3722 static void manager_deserialize_uid_refs_one_internal(
3723 Manager *m,
3724 Hashmap** uid_refs,
3725 const char *value) {
3726
3727 uid_t uid;
3728 uint32_t c;
3729 int r;
3730
3731 assert(m);
3732 assert(uid_refs);
3733 assert(value);
3734
3735 r = parse_uid(value, &uid);
3736 if (r < 0 || uid == 0) {
3737 log_debug("Unable to parse UID reference serialization");
3738 return;
3739 }
3740
3741 r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
3742 if (r < 0) {
3743 log_oom();
3744 return;
3745 }
3746
3747 c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
3748 if (c & DESTROY_IPC_FLAG)
3749 return;
3750
3751 c |= DESTROY_IPC_FLAG;
3752
3753 r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
3754 if (r < 0) {
3755 log_debug("Failed to add UID reference entry");
3756 return;
3757 }
3758 }
3759
3760 void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
3761 manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
3762 }
3763
3764 void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
3765 manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
3766 }
3767
3768 int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
3769 struct buffer {
3770 uid_t uid;
3771 gid_t gid;
3772 char unit_name[UNIT_NAME_MAX+1];
3773 } _packed_ buffer;
3774
3775 Manager *m = userdata;
3776 ssize_t l;
3777 size_t n;
3778 Unit *u;
3779
3780 assert_se(source);
3781 assert_se(m);
3782
3783 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
3784 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
3785 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
3786
3787 l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
3788 if (l < 0) {
3789 if (IN_SET(errno, EINTR, EAGAIN))
3790 return 0;
3791
3792 return log_error_errno(errno, "Failed to read from user lookup fd: %m");
3793 }
3794
3795 if ((size_t) l <= offsetof(struct buffer, unit_name)) {
3796 log_warning("Received too short user lookup message, ignoring.");
3797 return 0;
3798 }
3799
3800 if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
3801 log_warning("Received too long user lookup message, ignoring.");
3802 return 0;
3803 }
3804
3805 if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
3806 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
3807 return 0;
3808 }
3809
3810 n = (size_t) l - offsetof(struct buffer, unit_name);
3811 if (memchr(buffer.unit_name, 0, n)) {
3812 log_warning("Received lookup message with embedded NUL character, ignoring.");
3813 return 0;
3814 }
3815
3816 buffer.unit_name[n] = 0;
3817 u = manager_get_unit(m, buffer.unit_name);
3818 if (!u) {
3819 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
3820 return 0;
3821 }
3822
3823 log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
3824
3825 unit_notify_user_lookup(u, buffer.uid, buffer.gid);
3826 return 0;
3827 }
3828
3829 static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
3830 [MANAGER_INITIALIZING] = "initializing",
3831 [MANAGER_STARTING] = "starting",
3832 [MANAGER_RUNNING] = "running",
3833 [MANAGER_DEGRADED] = "degraded",
3834 [MANAGER_MAINTENANCE] = "maintenance",
3835 [MANAGER_STOPPING] = "stopping",
3836 };
3837
3838 DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
Unnamed repository; edit this file 'description' to name the repository.